Merge branch 'dmp-refactoring' of https://code-repo.d4science.org/MaDgiK-CITE/argos into dmp-refactoring
This commit is contained in:
commit
601b748388
|
@ -4,27 +4,24 @@ permissions:
|
|||
roles:
|
||||
- TenantAdmin
|
||||
- TenantUser
|
||||
- TenantManager
|
||||
- TenantDescriptionTemplateEditor
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
# Tenants
|
||||
BrowseTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: [ ]
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
EditTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: [ ]
|
||||
claims: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -32,6 +29,7 @@ permissions:
|
|||
AllowNoTenant:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
claims: [ ]
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
|
@ -39,19 +37,17 @@ permissions:
|
|||
# Users
|
||||
BrowseUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
EditUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
roles: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
roles: [ ]
|
||||
claims: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -59,6 +55,10 @@ permissions:
|
|||
#Annotation
|
||||
BrowseAnnotation:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
- TenantAdmin
|
||||
entityAffiliated: true
|
||||
clients: [ ]
|
||||
|
@ -66,6 +66,10 @@ permissions:
|
|||
allowAuthenticated: false
|
||||
NewAnnotation:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
- TenantAdmin
|
||||
entityAffiliated: true
|
||||
clients: [ ]
|
||||
|
@ -73,12 +77,20 @@ permissions:
|
|||
allowAuthenticated: false
|
||||
EditAnnotation:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
- TenantAdmin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
DeleteAnnotation:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
- TenantAdmin
|
||||
entityAffiliated: false
|
||||
clients: [ ]
|
||||
|
@ -87,12 +99,14 @@ permissions:
|
|||
#Tenant Configuration
|
||||
BrowseTenantConfiguration:
|
||||
roles:
|
||||
- Admin
|
||||
- TenantAdmin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
EditTenantConfiguration:
|
||||
roles:
|
||||
- Admin
|
||||
- TenantAdmin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
|
|
|
@ -40,12 +40,6 @@ public class UserCredentialEntity {
|
|||
|
||||
public static final String _updatedAt = "updatedAt";
|
||||
|
||||
@Column(name = "\"is_active\"", nullable = false)
|
||||
@Convert(converter = IsActiveConverter.class)
|
||||
private IsActive isActive;
|
||||
|
||||
public static final String _isActive = "isActive";
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
@ -86,12 +80,4 @@ public class UserCredentialEntity {
|
|||
this.updatedAt = updatedAt;
|
||||
}
|
||||
|
||||
public IsActive getIsActive() {
|
||||
return isActive;
|
||||
}
|
||||
|
||||
public void setIsActive(IsActive isActive) {
|
||||
this.isActive = isActive;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -27,10 +27,6 @@ public class UserCredential {
|
|||
|
||||
public static final String _updatedAt = "updatedAt";
|
||||
|
||||
private IsActive isActive;
|
||||
|
||||
public static final String _isActive = "isActive";
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
@ -70,12 +66,4 @@ public class UserCredential {
|
|||
public void setUpdatedAt(Instant updatedAt) {
|
||||
this.updatedAt = updatedAt;
|
||||
}
|
||||
|
||||
public IsActive getIsActive() {
|
||||
return isActive;
|
||||
}
|
||||
|
||||
public void setIsActive(IsActive isActive) {
|
||||
this.isActive = isActive;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -62,12 +62,10 @@ public class UserCredentialDeleter implements Deleter {
|
|||
Instant now = Instant.now();
|
||||
|
||||
for (UserCredentialEntity item : data) {
|
||||
logger.trace("deleting item {}", item);
|
||||
item.setIsActive(IsActive.Inactive);
|
||||
item.setUpdatedAt(now);
|
||||
logger.trace("updating item");
|
||||
this.entityManager.merge(item);
|
||||
logger.trace("updated item");
|
||||
logger.trace("deleting item {}", item.getId());
|
||||
logger.trace("deleting item");
|
||||
this.entityManager.remove(item);
|
||||
logger.trace("deleted item");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -182,9 +182,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
inClause.value(item);
|
||||
predicates.add(inClause);
|
||||
}
|
||||
if (this.isActives != null) {
|
||||
predicates.add(queryContext.Root.get(UserCredentialEntity._isActive).in(isActives));
|
||||
}
|
||||
if (this.userIds != null) {
|
||||
CriteriaBuilder.In<UUID> inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(UserCredentialEntity._userId));
|
||||
for (UUID item : this.userIds)
|
||||
|
@ -225,8 +222,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
return UserCredentialEntity._createdAt;
|
||||
else if (item.match(UserCredential._updatedAt))
|
||||
return UserCredentialEntity._updatedAt;
|
||||
else if (item.match(UserCredential._isActive))
|
||||
return UserCredentialEntity._isActive;
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
@ -239,7 +234,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
item.setUserId(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._userId, UUID.class));
|
||||
item.setCreatedAt(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._createdAt, Instant.class));
|
||||
item.setUpdatedAt(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._updatedAt, Instant.class));
|
||||
item.setIsActive(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._createdAt, IsActive.class));
|
||||
return item;
|
||||
}
|
||||
|
||||
|
|
|
@ -153,7 +153,6 @@ public class UserServiceImpl implements UserService {
|
|||
data.setExternalId(model.getSubjectId());
|
||||
data.setCreatedAt(Instant.now());
|
||||
data.setUpdatedAt(Instant.now());
|
||||
data.setIsActive(IsActive.Active);
|
||||
entityManager.persist(data);
|
||||
}
|
||||
updatedCreatedIds.add(data.getId());
|
||||
|
|
|
@ -8,7 +8,7 @@ import java.util.List;
|
|||
@ConfigurationProperties(prefix = "authorization")
|
||||
public class AuthorizationProperties {
|
||||
|
||||
private String globalAdminRole;
|
||||
private List<String> globalAdminRoles;
|
||||
private String tenantAdminRole;
|
||||
private String globalUserRole;
|
||||
private String tenantUserRole;
|
||||
|
@ -16,12 +16,12 @@ public class AuthorizationProperties {
|
|||
private List<String> allowedTenantRoles;
|
||||
private List<String> allowedGlobalRoles;
|
||||
|
||||
public String getGlobalAdminRole() {
|
||||
return this.globalAdminRole;
|
||||
public List<String> getGlobalAdminRoles() {
|
||||
return globalAdminRoles;
|
||||
}
|
||||
|
||||
public void setGlobalAdminRole(String globalAdminRole) {
|
||||
this.globalAdminRole = globalAdminRole;
|
||||
public void setGlobalAdminRoles(List<String> globalAdminRoles) {
|
||||
this.globalAdminRoles = globalAdminRoles;
|
||||
}
|
||||
|
||||
public String getTenantAdminRole() {
|
||||
|
|
|
@ -244,4 +244,15 @@ public class ErrorThesaurusProperties {
|
|||
public void setTenantCodeExists(ErrorDescription tenantCodeExists) {
|
||||
this.tenantCodeExists = tenantCodeExists;
|
||||
}
|
||||
|
||||
|
||||
private ErrorDescription dmpNewVersionAlreadyCreatedDraft;
|
||||
|
||||
public ErrorDescription getDmpNewVersionAlreadyCreatedDraft() {
|
||||
return dmpNewVersionAlreadyCreatedDraft;
|
||||
}
|
||||
|
||||
public void setDmpNewVersionAlreadyCreatedDraft(ErrorDescription dmpNewVersionAlreadyCreatedDraft) {
|
||||
this.dmpNewVersionAlreadyCreatedDraft = dmpNewVersionAlreadyCreatedDraft;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -408,7 +408,7 @@ public class DmpServiceImpl implements DmpService {
|
|||
.groupIds(oldDmpEntity.getGroupId())
|
||||
.isActive(IsActive.Active)
|
||||
.count();
|
||||
if (notFinalizedCount > 0) throw new MyValidationException(this.errors.getModelValidation().getCode(), "Already created draft for this template");
|
||||
if (notFinalizedCount > 0) throw new MyValidationException(this.errors.getDmpNewVersionAlreadyCreatedDraft().getCode(), this.errors.getDmpNewVersionAlreadyCreatedDraft().getMessage());
|
||||
|
||||
DmpEntity newDmp = new DmpEntity();
|
||||
newDmp.setId(UUID.randomUUID());
|
||||
|
|
|
@ -165,7 +165,7 @@ public class TenantServiceImpl implements TenantService {
|
|||
try {
|
||||
this.entityManager.disableTenantFilters();
|
||||
|
||||
existingItems = this.queryFactory.query(UserRoleQuery.class).disableTracking().tenantIsSet(false).roles(this.authorizationProperties.getGlobalAdminRole()).collect();
|
||||
existingItems = this.queryFactory.query(UserRoleQuery.class).disableTracking().tenantIsSet(false).roles(this.authorizationProperties.getGlobalAdminRoles()).collect();
|
||||
userCredentialEntities = this.queryFactory.query(UserCredentialQuery.class).disableTracking().userIds(existingItems.stream().map(UserRoleEntity::getUserId).distinct().toList()).collect();
|
||||
|
||||
List<String> keycloakIdsToAddToTenantGroup = new ArrayList<>();
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
authorization:
|
||||
globalAdminRole: Admin
|
||||
globalAdminRoles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
tenantAdminRole: TenantAdmin
|
||||
globalUserRole: User
|
||||
tenantUserRole: TenantUser
|
||||
|
@ -7,8 +9,9 @@ authorization:
|
|||
allowedTenantRoles:
|
||||
- TenantAdmin
|
||||
- TenantUser
|
||||
- TenantManager
|
||||
- TenantDescriptionTemplateEditor
|
||||
- TenantPlanManager
|
||||
- TenantConfigManager
|
||||
allowedGlobalRoles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
- User
|
|
@ -80,3 +80,6 @@ error-thesaurus:
|
|||
tenant-code-exists:
|
||||
code: 130
|
||||
message: Tenant code exists
|
||||
dmp-new-version-already-created-draft:
|
||||
code: 131
|
||||
message: Already created draft for this dmp
|
|
@ -6,6 +6,8 @@ keycloak-resources:
|
|||
groupId: a04fd333-f127-449e-8fc2-0626570a3899
|
||||
Admin:
|
||||
groupId: 299f18fe-e271-4625-a4c1-9c3eb313b2ea
|
||||
InstallationAdmin:
|
||||
groupId: 88a65fff-dffe-474a-a461-252ff4230203
|
||||
tenantAuthorities:
|
||||
TenantAdmin:
|
||||
parent: 1e650f57-8b7c-4f32-bf5b-e1a9147c597b
|
||||
|
@ -13,9 +15,9 @@ keycloak-resources:
|
|||
TenantUser:
|
||||
parent: c7057c4d-e7dc-49ef-aa5d-02ad3a22bff8
|
||||
roleAttributeValueStrategy: 'TenantUser:{tenantCode}'
|
||||
TenantManager:
|
||||
parent: d111bb2f-b4a6-4de7-ad22-5151ee1a508b
|
||||
roleAttributeValueStrategy: 'TenantManager:{tenantCode}'
|
||||
TenantDescriptionTemplateEditor:
|
||||
parent: 55cf7b17-c025-4065-8906-49f9f430f038
|
||||
roleAttributeValueStrategy: 'TenantDescriptionTemplateEditor:{tenantCode}'
|
||||
TenantConfigManager:
|
||||
parent: 09a6977b-719e-4e90-b3fc-3b394d82e05f
|
||||
roleAttributeValueStrategy: 'TenantConfigManager:{tenantCode}'
|
||||
TenantPlanManager:
|
||||
parent: 37d1fb0e-5e03-47bf-aefc-365c0670f84e
|
||||
roleAttributeValueStrategy: 'TenantPlanManager:{tenantCode}'
|
File diff suppressed because it is too large
Load Diff
|
@ -11,7 +11,6 @@ CREATE TABLE IF NOT EXISTS public."ntf_UserCredential"
|
|||
"external_id" character varying(512) COLLATE pg_catalog."default" NOT NULL,
|
||||
"created_at" timestamp without time zone NOT NULL,
|
||||
"updated_at" timestamp without time zone NOT NULL,
|
||||
"is_active" smallint NOT NULL DEFAULT 1,
|
||||
"data" character varying COLLATE pg_catalog."default",
|
||||
CONSTRAINT "ntf_UserCredential_pkey" PRIMARY KEY (id),
|
||||
CONSTRAINT "ntf_UserCredential_user_fkey" FOREIGN KEY ("user")
|
||||
|
|
|
@ -11,7 +11,6 @@ CREATE TABLE IF NOT EXISTS public."ant_UserCredential"
|
|||
"external_id" character varying(512) COLLATE pg_catalog."default" NOT NULL,
|
||||
"created_at" timestamp without time zone NOT NULL,
|
||||
"updated_at" timestamp without time zone NOT NULL,
|
||||
"is_active" smallint NOT NULL DEFAULT 1,
|
||||
"data" character varying COLLATE pg_catalog."default",
|
||||
CONSTRAINT "ant_UserCredential_pkey" PRIMARY KEY (id),
|
||||
CONSTRAINT "ant_UserCredential_user_fkey" FOREIGN KEY ("user")
|
||||
|
|
|
@ -4,22 +4,22 @@ BEGIN
|
|||
PERFORM * FROM "DBVersion" WHERE version = this_version;
|
||||
IF FOUND THEN RETURN; END IF;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS public."ant_UserContactInfo"
|
||||
(
|
||||
"id" uuid NOT NULL,
|
||||
"user" uuid NOT NULL,
|
||||
"ordinal" integer NOT NULL DEFAULT 0,
|
||||
"type" smallint NOT NULL,
|
||||
"value" character varying(512) COLLATE pg_catalog."default" NOT NULL,
|
||||
"created_at" timestamp without time zone NOT NULL,
|
||||
"updated_at" timestamp without time zone NOT NULL,
|
||||
"is_active" smallint NOT NULL DEFAULT 1,
|
||||
CONSTRAINT "ant_UserContactInfo_pkey" PRIMARY KEY (id),
|
||||
CONSTRAINT "ant_UserContactInfo_user_fkey" FOREIGN KEY ("user")
|
||||
REFERENCES public."ant_User" (id) MATCH SIMPLE
|
||||
ON UPDATE NO ACTION
|
||||
ON DELETE NO ACTION
|
||||
);
|
||||
-- CREATE TABLE IF NOT EXISTS public."ant_UserContactInfo"
|
||||
-- (
|
||||
-- "id" uuid NOT NULL,
|
||||
-- "user" uuid NOT NULL,
|
||||
-- "ordinal" integer NOT NULL DEFAULT 0,
|
||||
-- "type" smallint NOT NULL,
|
||||
-- "value" character varying(512) COLLATE pg_catalog."default" NOT NULL,
|
||||
-- "created_at" timestamp without time zone NOT NULL,
|
||||
-- "updated_at" timestamp without time zone NOT NULL,
|
||||
-- "is_active" smallint NOT NULL DEFAULT 1,
|
||||
-- CONSTRAINT "ant_UserContactInfo_pkey" PRIMARY KEY (id),
|
||||
-- CONSTRAINT "ant_UserContactInfo_user_fkey" FOREIGN KEY ("user")
|
||||
-- REFERENCES public."ant_User" (id) MATCH SIMPLE
|
||||
-- ON UPDATE NO ACTION
|
||||
-- ON DELETE NO ACTION
|
||||
-- );
|
||||
|
||||
INSERT INTO public."DBVersion" VALUES ('DMPDB', '00.01.058', '2024-02-28 12:00:00.000000+02', now(), 'Add table ant_UserContactInfo.');
|
||||
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
export enum AppRole {
|
||||
Admin = "Admin",
|
||||
InstallationAdmin = "InstallationAdmin",
|
||||
User = "User",
|
||||
TenantAdmin = "TenantAdmin",
|
||||
TenantUser = "TenantUser",
|
||||
TenantManager = "TenantManager",
|
||||
TenantDescriptionTemplateEditor = "TenantDescriptionTemplateEditor"
|
||||
// TenantManager = "TenantManager",
|
||||
// TenantDescriptionTemplateEditor = "TenantDescriptionTemplateEditor"
|
||||
TenantPlanManager = "TenantPlanManager",
|
||||
TenantConfigManager = "TenantConfigManager"
|
||||
}
|
||||
|
|
|
@ -25,4 +25,5 @@ export enum ResponseErrorCode {
|
|||
TenantConfigurationTypeCanNotChange = 128,
|
||||
MultipleTenantConfigurationTypeNotAllowed = 129,
|
||||
TenantCodeExists = 130,
|
||||
DmpNewVersionAlreadyCreatedDraft = 131
|
||||
}
|
||||
|
|
|
@ -58,11 +58,12 @@ export class EnumUtils {
|
|||
toAppRoleString(status: AppRole): string {
|
||||
switch (status) {
|
||||
case AppRole.Admin: return this.language.instant('TYPES.APP-ROLE.ADMIN');
|
||||
case AppRole.InstallationAdmin: return this.language.instant('TYPES.APP-ROLE.INSTALLATION-ADMIN');
|
||||
case AppRole.User: return this.language.instant('TYPES.APP-ROLE.USER');
|
||||
case AppRole.TenantAdmin: return this.language.instant('TYPES.APP-ROLE.TENANT-ADMIN');
|
||||
case AppRole.TenantUser: return this.language.instant('TYPES.APP-ROLE.TENANT-USER');
|
||||
case AppRole.TenantManager: return this.language.instant('TYPES.APP-ROLE.TENANT-MANAGER');
|
||||
case AppRole.TenantDescriptionTemplateEditor: return this.language.instant('TYPES.APP-ROLE.TENANT-DESCRIPTION-TEMPLATE-EDITOR');
|
||||
case AppRole.TenantPlanManager: return this.language.instant('TYPES.APP-ROLE.TENANT-PLAN-MANAGER');
|
||||
case AppRole.TenantConfigManager: return this.language.instant('TYPES.APP-ROLE.TENANT-CONFIG-MANAGER');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
<div *ngIf="!this.nowEditing"class="roles col-8">
|
||||
<div *ngFor="let role of this.formGroup.get('roles').value" class="row">
|
||||
<div class="col-auto p-0">
|
||||
<span class="user-role" [ngClass]="{'user': role == appRole.User, 'tenant-manager': role == appRole.TenantManager, 'admin': role == appRole.Admin, 'tenant-description-template-editor': role == appRole.TenantDescriptionTemplateEditor, 'tenant-admin': role == appRole.TenantAdmin, 'tenant-user': role == appRole.TenantUser}">
|
||||
<span class="user-role" [ngClass]="{'user': role == appRole.User, 'tenant-plan-manager': role == appRole.TenantPlanManager, 'admin': role == appRole.Admin, 'installation-admin': role == appRole.InstallationAdmin, 'tenant-config-manager': role == appRole.TenantConfigManager, 'tenant-admin': role == appRole.TenantAdmin, 'tenant-user': role == appRole.TenantUser}">
|
||||
{{enumUtils.toAppRoleString(role)}}
|
||||
</span>
|
||||
</div>
|
||||
|
|
|
@ -49,12 +49,12 @@
|
|||
padding-right: 10px;
|
||||
}
|
||||
|
||||
.tenant-manager {
|
||||
.tenant-plan-manager {
|
||||
// display: flex;
|
||||
// justify-content: center;
|
||||
// align-items: center;
|
||||
min-width: 90px;
|
||||
height: 28px;
|
||||
min-width: 77px;
|
||||
min-height: 28px;
|
||||
color: #568b5a;
|
||||
background: #9dd1a1 0% 0% no-repeat padding-box;
|
||||
border-radius: 44px;
|
||||
|
@ -85,6 +85,24 @@
|
|||
padding-right: 10px;
|
||||
}
|
||||
|
||||
.installation-admin {
|
||||
// display: flex;
|
||||
// justify-content: center;
|
||||
// align-items: center;
|
||||
min-width: 67px;
|
||||
min-height: 28px;
|
||||
color: #e75d01;
|
||||
background: #dbaa4e3a 0% 0% no-repeat padding-box;
|
||||
border-radius: 44px;
|
||||
letter-spacing: 0.11px;
|
||||
font-weight: 400;
|
||||
opacity: 1;
|
||||
margin-top: 0.5em;
|
||||
margin-bottom: 0.5em;
|
||||
padding-left: 10px;
|
||||
padding-right: 10px;
|
||||
}
|
||||
|
||||
.tenant-admin {
|
||||
// display: flex;
|
||||
// justify-content: center;
|
||||
|
@ -103,7 +121,7 @@
|
|||
padding-right: 10px;
|
||||
}
|
||||
|
||||
.tenant-description-template-editor {
|
||||
.tenant-config-manager {
|
||||
// display: flex;
|
||||
// justify-content: center;
|
||||
// align-items: center;
|
||||
|
|
|
@ -54,7 +54,8 @@
|
|||
"TENANT-TAMPERING": "This operation affects data from a Tenant different than your selected. Please reselect your Tenant.",
|
||||
"TENANT-CONFIGURATION-TYPE-CAN-NOT-CHANGE": "The configuration type for this Tenant cannot be changed.",
|
||||
"MULTIPLE-TENANT-CONFIGURATION-TYPE-NOT-ALLOWED": "Tenant Configuration already exists for this Tenant.",
|
||||
"TENANT-CODE-EXISTS": "The Tenant code you provided already exists. Please choose a different code."
|
||||
"TENANT-CODE-EXISTS": "The Tenant code you provided already exists. Please choose a different code.",
|
||||
"DMP-NEW-VERSION-ALREADY-CREATED-DRAFT": "You have already created a new draft version for this plan."
|
||||
},
|
||||
"FORM-VALIDATION-DISPLAY-DIALOG": {
|
||||
"WARNING": "Warning!",
|
||||
|
@ -1787,11 +1788,12 @@
|
|||
},
|
||||
"APP-ROLE": {
|
||||
"ADMIN": "Admin",
|
||||
"INSTALLATION-ADMIN": "Installation Admin",
|
||||
"USER": "User",
|
||||
"TENANT-ADMIN": "Tenant Admin",
|
||||
"TENANT-USER": "Tenant User",
|
||||
"TENANT-MANAGER": "Manager",
|
||||
"TENANT-DESCRIPTION-TEMPLATE-EDITOR": "Description Template Editor"
|
||||
"TENANT-PLAN-MANAGER": "Tenant Plan Manager",
|
||||
"TENANT-CONFIG-MANAGER": "Tenant Configuration Manager"
|
||||
},
|
||||
"IS-ACTIVE": {
|
||||
"ACTIVE": "Active",
|
||||
|
|
|
@ -88,6 +88,9 @@ export class HttpErrorHandlingService {
|
|||
else if(errorResponse.error.code === ResponseErrorCode.TenantCodeExists){
|
||||
this.uiNotificationService.snackBarNotification(this.language.instant("GENERAL.BACKEND-ERRORS.TENANT-CODE-EXISTS"), SnackBarNotificationLevel.Error);
|
||||
}
|
||||
else if(errorResponse.error.code === ResponseErrorCode.DmpNewVersionAlreadyCreatedDraft){
|
||||
this.uiNotificationService.snackBarNotification(this.language.instant("GENERAL.BACKEND-ERRORS.DMP-NEW-VERSION-ALREADY-CREATED-DRAFT"), SnackBarNotificationLevel.Error);
|
||||
}
|
||||
else if (error.statusCode === 302 || error.statusCode === 400 || error.statusCode === 404) {
|
||||
errorMessage ??= this.language.instant('GENERAL.SNACK-BAR.NOT-FOUND');
|
||||
this.uiNotificationService.snackBarNotification(errorMessage, SnackBarNotificationLevel.Warning);
|
||||
|
|
|
@ -4,20 +4,17 @@ permissions:
|
|||
|
||||
# Tenants
|
||||
BrowseTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: []
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
EditTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: []
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteTenant:
|
||||
roles:
|
||||
- Admin
|
||||
roles: []
|
||||
claims: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -25,6 +22,7 @@ permissions:
|
|||
AllowNoTenant:
|
||||
roles:
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
claims: [ ]
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
|
@ -32,19 +30,17 @@ permissions:
|
|||
# Users
|
||||
BrowseUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
EditUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
roles: []
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteUser:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
roles: []
|
||||
claims: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -52,19 +48,22 @@ permissions:
|
|||
# UserContactInfo
|
||||
BrowseUserContactInfo:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
EditUserContactInfo:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteUserContactInfo:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- InstallationAdmin
|
||||
claims: [ ]
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -72,25 +71,26 @@ permissions:
|
|||
#Notification
|
||||
BrowseNotification:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
EditNotification:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
DeleteNotification:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
# TenantConfiguration
|
||||
BrowseTenantConfiguration:
|
||||
roles:
|
||||
- Admin
|
||||
- TenantAdmin
|
||||
claims: [ ]
|
||||
clients: [ ]
|
||||
|
@ -98,12 +98,14 @@ permissions:
|
|||
allowAuthenticated: false
|
||||
EditTenantConfiguration:
|
||||
roles:
|
||||
- Admin
|
||||
- TenantAdmin
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteTenantConfiguration:
|
||||
roles:
|
||||
- Admin
|
||||
- TenantAdmin
|
||||
clients: [ "opencdmp-api-dev" ]
|
||||
allowAnonymous: false
|
||||
|
@ -111,13 +113,13 @@ permissions:
|
|||
#User Notification Preference
|
||||
BrowseUserNotificationPreference:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: true
|
||||
allowAuthenticated: false
|
||||
EditUserNotificationPreference:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
|
@ -125,25 +127,26 @@ permissions:
|
|||
# ViewPage Permissions
|
||||
ViewNotificationPage:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
ViewNotificationEventRulePage:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
ViewInAppNotificationPage:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
ViewNotificationTemplatePage:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- TenantConfigManager
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
|
@ -151,19 +154,22 @@ permissions:
|
|||
# Notification Template Permissions
|
||||
BrowseNotificationTemplate:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- TenantConfigManager
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
EditNotificationTemplate:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- TenantConfigManager
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteNotificationTemplate:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
- TenantConfigManager
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
|
@ -171,13 +177,13 @@ permissions:
|
|||
# In App Notification Permissions
|
||||
BrowseInAppNotification:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
||||
DeleteInAppNotification:
|
||||
roles:
|
||||
- TenantAdmin
|
||||
- Admin
|
||||
clients: [ ]
|
||||
allowAnonymous: false
|
||||
allowAuthenticated: false
|
|
@ -40,12 +40,6 @@ public class UserCredentialEntity {
|
|||
|
||||
public static final String _updatedAt = "updatedAt";
|
||||
|
||||
@Column(name = "\"is_active\"", nullable = false)
|
||||
@Convert(converter = IsActiveConverter.class)
|
||||
private IsActive isActive;
|
||||
|
||||
public static final String _isActive = "isActive";
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
@ -85,13 +79,4 @@ public class UserCredentialEntity {
|
|||
public void setUpdatedAt(Instant updatedAt) {
|
||||
this.updatedAt = updatedAt;
|
||||
}
|
||||
|
||||
public IsActive getIsActive() {
|
||||
return isActive;
|
||||
}
|
||||
|
||||
public void setIsActive(IsActive isActive) {
|
||||
this.isActive = isActive;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -27,10 +27,6 @@ public class UserCredential {
|
|||
|
||||
public static final String _updatedAt = "updatedAt";
|
||||
|
||||
private IsActive isActive;
|
||||
|
||||
public static final String _isActive = "isActive";
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
@ -70,12 +66,4 @@ public class UserCredential {
|
|||
public void setUpdatedAt(Instant updatedAt) {
|
||||
this.updatedAt = updatedAt;
|
||||
}
|
||||
|
||||
public IsActive getIsActive() {
|
||||
return isActive;
|
||||
}
|
||||
|
||||
public void setIsActive(IsActive isActive) {
|
||||
this.isActive = isActive;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,6 +4,8 @@ import gr.cite.commons.web.authz.service.AuthorizationService;
|
|||
import gr.cite.notification.authorization.OwnedResource;
|
||||
import gr.cite.notification.authorization.Permission;
|
||||
import gr.cite.notification.convention.ConventionService;
|
||||
import gr.cite.notification.model.InAppNotification;
|
||||
import gr.cite.tools.data.censor.CensorFactory;
|
||||
import gr.cite.tools.fieldset.FieldSet;
|
||||
import gr.cite.tools.logging.DataLogEntry;
|
||||
import gr.cite.tools.logging.LoggerService;
|
||||
|
@ -21,16 +23,20 @@ import java.util.UUID;
|
|||
public class InAppNotificationCensor extends BaseCensor {
|
||||
private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(InAppNotificationCensor.class));
|
||||
private final AuthorizationService authService;
|
||||
protected final CensorFactory censorFactory;
|
||||
|
||||
@Autowired
|
||||
public InAppNotificationCensor(ConventionService conventionService, AuthorizationService authService) {
|
||||
public InAppNotificationCensor(ConventionService conventionService, AuthorizationService authService, CensorFactory censorFactory) {
|
||||
super(conventionService);
|
||||
this.authService = authService;
|
||||
this.censorFactory = censorFactory;
|
||||
}
|
||||
|
||||
public void censor(FieldSet fields, UUID userId) {
|
||||
logger.debug(new DataLogEntry("censoring fields", fields));
|
||||
if (this.isEmpty(fields)) return;
|
||||
this.authService.authorizeAtLeastOneForce(userId != null ? List.of(new OwnedResource(userId)) : null, Permission.BrowseInAppNotification);
|
||||
FieldSet userFields = fields.extractPrefixed(this.asIndexerPrefix(InAppNotification.Field.USER));
|
||||
this.censorFactory.censor(UserCensor.class).censor(userFields, userId);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -62,12 +62,10 @@ public class UserCredentialDeleter implements Deleter {
|
|||
Instant now = Instant.now();
|
||||
|
||||
for (UserCredentialEntity item : data) {
|
||||
logger.trace("deleting item {}", item);
|
||||
item.setIsActive(IsActive.Inactive);
|
||||
item.setUpdatedAt(now);
|
||||
logger.trace("updating item");
|
||||
this.entityManager.merge(item);
|
||||
logger.trace("updated item");
|
||||
logger.trace("deleting item {}", item.getId());
|
||||
logger.trace("deleting item");
|
||||
this.entityManager.remove(item);
|
||||
logger.trace("deleted item");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -28,8 +28,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
|
||||
private Collection<UUID> excludedIds;
|
||||
|
||||
private Collection<IsActive> isActives;
|
||||
|
||||
private Collection<UUID> userIds;
|
||||
|
||||
private Collection<String> externalIds;
|
||||
|
@ -75,21 +73,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
return this;
|
||||
}
|
||||
|
||||
public UserCredentialQuery isActive(IsActive value) {
|
||||
this.isActives = List.of(value);
|
||||
return this;
|
||||
}
|
||||
|
||||
public UserCredentialQuery isActive(IsActive... value) {
|
||||
this.isActives = Arrays.asList(value);
|
||||
return this;
|
||||
}
|
||||
|
||||
public UserCredentialQuery isActive(Collection<IsActive> values) {
|
||||
this.isActives = values;
|
||||
return this;
|
||||
}
|
||||
|
||||
public UserCredentialQuery userIds(UUID value) {
|
||||
this.userIds = List.of(value);
|
||||
return this;
|
||||
|
@ -182,9 +165,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
inClause.value(item);
|
||||
predicates.add(inClause);
|
||||
}
|
||||
if (this.isActives != null) {
|
||||
predicates.add(queryContext.Root.get(UserCredentialEntity._isActive).in(isActives));
|
||||
}
|
||||
if (this.userIds != null) {
|
||||
CriteriaBuilder.In<UUID> inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(UserCredentialEntity._userId));
|
||||
for (UUID item : this.userIds)
|
||||
|
@ -225,8 +205,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
return UserCredentialEntity._createdAt;
|
||||
else if (item.match(UserCredential._updatedAt))
|
||||
return UserCredentialEntity._updatedAt;
|
||||
else if (item.match(UserCredential._isActive))
|
||||
return UserCredentialEntity._isActive;
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
@ -239,7 +217,6 @@ public class UserCredentialQuery extends QueryBase<UserCredentialEntity> {
|
|||
item.setUserId(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._userId, UUID.class));
|
||||
item.setCreatedAt(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._createdAt, Instant.class));
|
||||
item.setUpdatedAt(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._updatedAt, Instant.class));
|
||||
item.setIsActive(QueryBase.convertSafe(tuple, columns, UserCredentialEntity._createdAt, IsActive.class));
|
||||
return item;
|
||||
}
|
||||
|
||||
|
|
|
@ -183,7 +183,6 @@ public class UserServiceImpl implements UserService {
|
|||
private void persistUserCredential(List<UserTouchedIntegrationEvent.UserCredential> models, UUID userId) throws InvalidApplicationException {
|
||||
List<UserCredentialEntity> items = this.queryFactory.query(UserCredentialQuery.class)
|
||||
.userIds(userId)
|
||||
.isActive(IsActive.Active)
|
||||
.collect();
|
||||
List<UUID> updatedCreatedIds = new ArrayList<>();
|
||||
if (models != null) {
|
||||
|
@ -196,7 +195,6 @@ public class UserServiceImpl implements UserService {
|
|||
data.setExternalId(model.getSubjectId());
|
||||
data.setCreatedAt(Instant.now());
|
||||
data.setUpdatedAt(Instant.now());
|
||||
data.setIsActive(IsActive.Active);
|
||||
entityManager.persist(data);
|
||||
}
|
||||
updatedCreatedIds.add(data.getId());
|
||||
|
|
Loading…
Reference in New Issue