fixes on merge account

2024-06-10 17:49:49 +03:00 · 2024-06-10 17:49:49 +03:00 · 081e0fca11
parent 6d5b6f4859
commit 081e0fca11
6 changed files with 30 additions and 41 deletions
--- a/backend/core/src/main/java/org/opencdmp/service/user/UserServiceImpl.java
+++ b/backend/core/src/main/java/org/opencdmp/service/user/UserServiceImpl.java
@ -611,7 +611,28 @@ public class UserServiceImpl implements UserService {
    }

    public boolean doesTokenBelongToLoggedInUser(String token) throws IOException, InvalidApplicationException {
-        UserEntity userToBeMerge = this.getUserEntityFromToken(token);
+        ActionConfirmationEntity action;
+        try {
+            this.entityManager.disableTenantFilters();
+            action = this.queryFactory.query(ActionConfirmationQuery.class).disableTracking().tokens(token).types(ActionConfirmationType.MergeAccount).isActive(IsActive.Active).first();
+        } finally {
+            this.entityManager.reloadTenantFilters();
+        }
+        if (action == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{token, ActionConfirmationEntity.class.getSimpleName()}, LocaleContextHolder.getLocale()));
+
+        this.checkActionState(action);
+
+        MergeAccountConfirmationEntity mergeAccountConfirmationEntity = this.xmlHandlingService.fromXmlSafe(MergeAccountConfirmationEntity.class, action.getData());
+        if (mergeAccountConfirmationEntity == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{action.getId(), MergeAccountConfirmationEntity.class.getSimpleName()}, LocaleContextHolder.getLocale()));
+
+        UserContactInfoEntity userContactInfoEntity = this.queryFactory.query(UserContactInfoQuery.class).disableTracking().values(mergeAccountConfirmationEntity.getEmail()).types(ContactInfoType.Email).first();
+        if (userContactInfoEntity == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{mergeAccountConfirmationEntity.getEmail(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
+
+        UserEntity userToBeMerge = this.queryFactory.query(UserQuery.class).disableTracking().ids(userContactInfoEntity.getUserId()).isActive(IsActive.Active).first();
+
+        if (userToBeMerge == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{userContactInfoEntity.getUserId(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
+
+        if (!this.userScope.getUserIdSafe().equals(userToBeMerge.getId())) throw new MyForbiddenException("Only requested user can approve");

        return this.userScope.getUserIdSafe().equals(userToBeMerge.getId());
    }
@ -879,29 +900,4 @@ public class UserServiceImpl implements UserService {
            throw new MyApplicationException("Token has expired!");
        }
    }
-
-    private UserEntity getUserEntityFromToken(String token) throws MyForbiddenException, MyNotFoundException, InvalidApplicationException {
-        ActionConfirmationEntity action;
-        try {
-            this.entityManager.disableTenantFilters();
-            action = this.queryFactory.query(ActionConfirmationQuery.class).tokens(token).types(ActionConfirmationType.MergeAccount).isActive(IsActive.Active).first();
-        } finally {
-            this.entityManager.reloadTenantFilters();
-        }
-        if (action == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{token, ActionConfirmationEntity.class.getSimpleName()}, LocaleContextHolder.getLocale()));
-        
-        this.checkActionState(action);
-
-        MergeAccountConfirmationEntity mergeAccountConfirmationEntity = this.xmlHandlingService.fromXmlSafe(MergeAccountConfirmationEntity.class, action.getData());
-        if (mergeAccountConfirmationEntity == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{action.getId(), MergeAccountConfirmationEntity.class.getSimpleName()}, LocaleContextHolder.getLocale()));
-
-        UserContactInfoEntity userContactInfoEntity = this.queryFactory.query(UserContactInfoQuery.class).values(mergeAccountConfirmationEntity.getEmail()).types(ContactInfoType.Email).first();
-        if (userContactInfoEntity == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{mergeAccountConfirmationEntity.getEmail(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
-
-        UserEntity userToBeMerge = this.queryFactory.query(UserQuery.class).ids(userContactInfoEntity.getUserId()).isActive(IsActive.Active).first();
-
-        if (userToBeMerge == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{userContactInfoEntity.getUserId(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
-
-        return userToBeMerge;
-    }
 }
--- a/backend/web/src/main/java/org/opencdmp/controllers/UserController.java
+++ b/backend/web/src/main/java/org/opencdmp/controllers/UserController.java
@ -297,8 +297,7 @@ public class UserController {
        return true;
    }

-    @GetMapping("mine/get-permission/token/{token}")
-    @Transactional
+    @GetMapping("mine/allow-merge-account/token/{token}")
    public Boolean getUserTokenPermission(@PathVariable("token") String token) throws InvalidApplicationException, IOException {
        logger.debug(new MapLogEntry("confirm merge account to user").And("token", token));

--- a/dmp-frontend/src/app/core/services/user/user.service.ts
+++ b/dmp-frontend/src/app/core/services/user/user.service.ts
@ -118,7 +118,7 @@ export class UserService {
 	}

 	getUserTokenPermission(token: Guid): Observable<boolean> {
-		const url = `${this.apiBase}/mine/get-permission/token/${token}`;
+		const url = `${this.apiBase}/mine/allow-merge-account/token/${token}`;

 		return this.http
 			.get<boolean>(url).pipe(
--- a/dmp-frontend/src/app/ui/auth/login/merge-email-confirmation/merge-email-confirmation.component.html
+++ b/dmp-frontend/src/app/ui/auth/login/merge-email-confirmation/merge-email-confirmation.component.html
@ -4,7 +4,7 @@
 			<div class="col merge-account-title">{{'MERGE-ACCOUNT.TITLE' | translate}}</div>
 		</div>
    <div *ngIf="showForm" class="row merge-account-content">
-      <div *ngIf="isTokenValid" class="col">
+      <div class="col">
        <div class="row justify-content-center">
          <div class="col-auto">
            <span>
@ -20,9 +20,6 @@
          </div>
        </div>
      </div>
-      <div *ngIf="!isTokenValid" class="col">
-        <span>{{'MERGE-ACCOUNT.MESSAGES.INVALID-TOKEN' | translate}}</span>
-      </div>
    </div>
 		<ng-template #loading>
 		</ng-template>
--- a/dmp-frontend/src/app/ui/auth/login/merge-email-confirmation/merge-email-confirmation.component.ts
+++ b/dmp-frontend/src/app/ui/auth/login/merge-email-confirmation/merge-email-confirmation.component.ts
@ -43,15 +43,12 @@ export class MergeEmailConfirmation extends BaseComponent implements OnInit {
 					.subscribe(result => {
 						this.isTokenValid = result
 						this.token = token;
+					}, error => {
+						this.token = Guid.createEmpty();
+						this.onCallbackError(error);
 					});
 				}
-			},
-			error => {
-				this.isTokenValid = false;
-				this.token = Guid.createEmpty();
-				this.onCallbackError(error);
-			});
-		
+			});		
 	}

 	onConfirm(): void {
--- a/dmp-frontend/src/assets/i18n/en.json
+++ b/dmp-frontend/src/assets/i18n/en.json
@ -28,7 +28,7 @@
 			"UNSUCCESSFUL-REMOVE-TEMPLATE": "Failed to remove template, one or more Descriptions of this Plan use this template",
 			"UNSUCCESSFUL-FINALIZE": "Unsuccessful Finalize",
 			"SUCCESSFUL-RESET": "Successful Reset",
-			"NOT-FOUND": "The page you are looking for doesn't exist.",
+			"NOT-FOUND": "Not found.",
 			"GENERIC-ERROR": "Something unexpected occurred. Please try again later.",
 			"REDIRECT": "You're being redirected.",
 			"BAD-REQUEST": "There was a problem with your request. Please try again.",