description template authz fixes

2024-06-25 17:14:29 +03:00 · 2024-06-25 17:14:29 +03:00 · 15abebff2d
parent 70d7c383e0
commit 15abebff2d
4 changed files with 31 additions and 3 deletions
--- a/backend/core/src/main/java/org/opencdmp/query/UserQuery.java
+++ b/backend/core/src/main/java/org/opencdmp/query/UserQuery.java
@ -174,6 +174,7 @@ public class UserQuery extends QueryBase<UserEntity> {
        UUID userId;
        if (this.authorize.contains(AuthorizationFlags.Owner)) userId = this.userScope.getUserIdSafe();
        if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
+        if (this.authorize.contains(AuthorizationFlags.DescriptionTemplateAssociated)) userId = this.userScope.getUserIdSafe();
        else  userId = null;

        List<Predicate> predicates = new ArrayList<>();
@ -189,6 +190,14 @@ public class UserQuery extends QueryBase<UserEntity> {
                            .filterFunc((subQueryRoot, cb) ->
                                    cb.in(subQueryRoot.get(DmpUserEntity._dmpId)).value(this.queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, finalUserId, usePublic))
                            )
+                    ))),
+                    queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(this.queryUtilsService.buildSubQuery(new BuildSubQueryInput<>(new BuildSubQueryInput.Builder<>(UserDescriptionTemplateEntity.class, UUID.class)
+                            .query(queryContext.Query)
+                            .criteriaBuilder(queryContext.CriteriaBuilder)
+                            .keyPathFunc((subQueryRoot) -> subQueryRoot.get(UserDescriptionTemplateEntity._userId))
+                            .filterFunc((subQueryRoot, cb) ->
+                                    cb.in(subQueryRoot.get(UserDescriptionTemplateEntity._descriptionTemplateId)).value(this.queryUtilsService.buildUserDescriptionTemplateEntityAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, finalUserId))
+                            )
                    )))
            ));
        }
--- a/backend/core/src/main/java/org/opencdmp/query/utils/QueryUtilsService.java
+++ b/backend/core/src/main/java/org/opencdmp/query/utils/QueryUtilsService.java
@ -9,6 +9,8 @@ public interface QueryUtilsService {

    Subquery<UUID> buildDmpAuthZSubQuery(AbstractQuery<?> query, CriteriaBuilder criteriaBuilder, UUID userId, Boolean usePublic);

+    Subquery<UUID> buildUserDescriptionTemplateEntityAuthZSubQuery(AbstractQuery<?> query, CriteriaBuilder criteriaBuilder, UUID userId);
+
    Subquery<UUID> buildDescriptionAuthZSubQuery(AbstractQuery<?> query, CriteriaBuilder criteriaBuilder, UUID userId, Boolean usePublic);

    Subquery<UUID> buildPublicDmpAuthZSubQuery(AbstractQuery<?> query,
--- a/backend/core/src/main/java/org/opencdmp/query/utils/QueryUtilsServiceImpl.java
+++ b/backend/core/src/main/java/org/opencdmp/query/utils/QueryUtilsServiceImpl.java
@ -1,5 +1,7 @@
 package org.opencdmp.query.utils;

+import jakarta.persistence.criteria.*;
+import org.hibernate.query.criteria.HibernateCriteriaBuilder;
 import org.opencdmp.commons.enums.DescriptionStatus;
 import org.opencdmp.commons.enums.DmpAccessType;
 import org.opencdmp.commons.enums.DmpStatus;
@ -7,8 +9,7 @@ import org.opencdmp.commons.enums.IsActive;
 import org.opencdmp.data.DescriptionEntity;
 import org.opencdmp.data.DmpEntity;
 import org.opencdmp.data.DmpUserEntity;
-import jakarta.persistence.criteria.*;
-import org.hibernate.query.criteria.HibernateCriteriaBuilder;
+import org.opencdmp.data.UserDescriptionTemplateEntity;
 import org.springframework.stereotype.Component;

 import java.util.UUID;
@ -43,6 +44,22 @@ public class QueryUtilsServiceImpl implements QueryUtilsService {
        ));
    }

+
+    @Override
+    public Subquery<UUID> buildUserDescriptionTemplateEntityAuthZSubQuery(AbstractQuery<?> query, CriteriaBuilder criteriaBuilder, UUID userId){
+        return this.buildSubQuery(new BuildSubQueryInput<>(new BuildSubQueryInput.Builder<>(UserDescriptionTemplateEntity.class, UUID.class)
+                .query(query)
+                .criteriaBuilder(criteriaBuilder)
+                .keyPathFunc((subQueryRoot) -> subQueryRoot.get(UserDescriptionTemplateEntity._descriptionTemplateId))
+                .filterFunc((subQueryRoot, cb) ->
+                        userId != null ? cb.and(
+                                cb.equal(subQueryRoot.get(DmpUserEntity._userId), userId),
+                                cb.equal(subQueryRoot.get(DmpUserEntity._isActive), IsActive.Active)
+                        ) : cb.or() //Creates a false query
+                )
+        ));
+    }
+
    @Override
    public Subquery<UUID> buildDescriptionAuthZSubQuery(AbstractQuery<?> query, CriteriaBuilder criteriaBuilder, UUID userId, Boolean usePublic) {
        return this.buildSubQuery(new BuildSubQueryInput<>(
--- a/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
+++ b/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
@ -165,7 +165,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
        logger.debug(new MapLogEntry("persisting data descriptionTemplate").And("model", model).And("fields", fields));

        Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
-        if (isUpdate) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getId())), Permission.EditDescriptionTemplate);
+        if (isUpdate) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.descriptionTemplateAffiliation(model.getId())), Permission.EditDescriptionTemplate);
        else this.authorizationService.authorizeForce(Permission.EditDescriptionTemplate);
        
        DescriptionTemplateEntity data;