From 42a1fbf6918696ca500f960bf984e3255046ed97 Mon Sep 17 00:00:00 2001
From: Sofia Papacharalampous <spapacharalampous@cite.gr>
Date: Tue, 2 Jul 2024 14:37:46 +0300
Subject: [PATCH] changed export-xml-permission for an invited user in a
 description template

---
 .../DescriptionTemplateServiceImpl.java                |  7 ++++---
 backend/web/src/main/resources/config/permissions.yml  |  3 +++
 .../description-template-listing.component.html        |  2 +-
 .../listing/description-template-listing.component.ts  | 10 +++++++---
 4 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java b/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
index a3aa983f0..7f7b83f85 100644
--- a/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
+++ b/backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
@@ -167,7 +167,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
         Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
         if (isUpdate) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.descriptionTemplateAffiliation(model.getId())), Permission.EditDescriptionTemplate);
         else this.authorizationService.authorizeForce(Permission.EditDescriptionTemplate);
-        
+
         DescriptionTemplateEntity data;
         if (isUpdate) {
             data = this.entityManager.find(DescriptionTemplateEntity.class, model.getId());
@@ -869,7 +869,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
     public DescriptionTemplateImportExport exportXmlEntity(UUID id, boolean ignoreAuthorize) throws MyForbiddenException, MyNotFoundException, JAXBException, ParserConfigurationException, IOException, InstantiationException, IllegalAccessException, SAXException {
         logger.debug(new MapLogEntry("exportXml").And("id", id));
 
-        if (!ignoreAuthorize) this.authorizationService.authorizeForce(Permission.ExportDescriptionTemplate);
+        if (!ignoreAuthorize) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.descriptionTemplateAffiliation(id)), Permission.ExportDescriptionTemplate);
         DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).first();
         if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
 
@@ -882,7 +882,8 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
     public ResponseEntity<byte[]> exportXml(UUID id) throws MyForbiddenException, MyNotFoundException, JAXBException, ParserConfigurationException, IOException, InstantiationException, IllegalAccessException, SAXException, InvalidApplicationException {
         logger.debug(new MapLogEntry("exportXml").And("id", id));
 
-        this.authorizationService.authorizeForce(Permission.ExportDescriptionTemplate);
+        this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.descriptionTemplateAffiliation(id)), Permission.ExportDescriptionTemplate);
+
         DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).first();
         if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
 
diff --git a/backend/web/src/main/resources/config/permissions.yml b/backend/web/src/main/resources/config/permissions.yml
index a0922bd7c..a872ce4b7 100644
--- a/backend/web/src/main/resources/config/permissions.yml
+++ b/backend/web/src/main/resources/config/permissions.yml
@@ -468,6 +468,9 @@ permissions:
         - Admin
         - TenantAdmin
         - TenantPlanManager
+      descriptionTemplate:
+        roles:
+          - Owner
       claims: [ ]
       clients: [ ]
       allowAnonymous: false
diff --git a/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.html b/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.html
index d426f0628..e8089c464 100644
--- a/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.html
+++ b/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.html
@@ -5,7 +5,7 @@
 				<div class="col">
 					<app-navigation-breadcrumb />
 				</div>
-				<div class="col-auto">
+				<div class="col-auto" *ngIf="canCreateNew()">
 					<button mat-raised-button class="import-btn" (click)="import()">
 						<span class="button-text">
 							{{'DESCRIPTION-TEMPLATE-LISTING.IMPORT.UPLOAD-XML' | translate}}
diff --git a/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.ts b/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.ts
index 7420d1f91..29ede3744 100644
--- a/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.ts
+++ b/dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.ts
@@ -202,8 +202,12 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
 		return descriptionTemplate.status !== DescriptionTemplateStatus.Finalized && this.hasPermission(AppPermission.EditDescriptionTemplate, descriptionTemplate);
 	}
 
+	public canCreateNew(): boolean {
+		return this.hasExplicitPermission(AppPermission.EditDescriptionTemplate);
+	}
+
 	public canAddNewVersion(descriptionTemplate: DescriptionTemplate): boolean {	
-		return descriptionTemplate.belongsToCurrentTenant != false && this.hasExplicitPermission(AppPermission.EditDescriptionTemplate);
+		return descriptionTemplate.belongsToCurrentTenant != false && this.canCreateNew();
 	}
 
 	public canClone(descriptionTemplate: DescriptionTemplate): boolean {
@@ -211,11 +215,11 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
 	}
 
 	public canViewVersions(descriptionTemplate: DescriptionTemplate): boolean {
-		return descriptionTemplate.belongsToCurrentTenant != false && this.hasExplicitPermission(AppPermission.EditDescriptionTemplate);
+		return descriptionTemplate.belongsToCurrentTenant != false && this.canCreateNew();
 	}
 
 	public canDownloadXml(descriptionTemplate: DescriptionTemplate): boolean {
-		return descriptionTemplate.belongsToCurrentTenant != false && this.hasPermission(AppPermission.ExportDescriptionTemplate, descriptionTemplate);
+		return descriptionTemplate.belongsToCurrentTenant != false;
 	}
 
 	public canDelete(descriptionTemplate: DescriptionTemplate): boolean {