MaDgiK-CITE
/
argos
13
0
Fork 0
Code Issues Pull Requests Projects Releases 3 Wiki Activity

add description template authz

This commit is contained in:
Efstratios Giannopoulos 2024-06-19 16:36:30 +03:00
parent de3b5e1472
commit 95cd4bf35b
72 changed files with 583 additions and 410 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/core/src/main/java/org/opencdmp/authorization/AffiliatedAuthorizationRequirement.java
View File

@ -31,10 +31,10 @@ public class AffiliatedAuthorizationRequirement implements AuthorizationRequirem
}
public Set<String> getRequiredPermissions() {
return requiredPermissions;
return this.requiredPermissions;
}
public boolean getMatchAll() {
return matchAll;
return this.matchAll;
}
}

26
backend/core/src/main/java/org/opencdmp/authorization/AffiliatedResource.java
View File

@ -1,31 +1,33 @@
package org.opencdmp.authorization;
import org.opencdmp.commons.enums.DmpUserRole;
import gr.cite.commons.web.authz.policy.AuthorizationResource;
import org.opencdmp.commons.enums.DmpUserRole;
import org.opencdmp.commons.enums.UserDescriptionTemplateRole;
import java.util.HashSet;
import java.util.List;
public class AffiliatedResource extends AuthorizationResource {
private HashSet<DmpUserRole> dmpUserRoles;
private HashSet<UserDescriptionTemplateRole> userDescriptionTemplateRoles;
public AffiliatedResource() {
dmpUserRoles = new HashSet<>();
}
public AffiliatedResource(DmpUserRole dmpUserRole) {
this(List.of(dmpUserRole));
}
public AffiliatedResource(List<DmpUserRole> dmpUserRoles) {
this.dmpUserRoles = new HashSet<>(dmpUserRoles);
this.dmpUserRoles = new HashSet<>();
this.userDescriptionTemplateRoles = new HashSet<>();
}
public HashSet<DmpUserRole> getDmpUserRoles() {
return dmpUserRoles;
return this.dmpUserRoles;
}
public void setDmpUserRoles(HashSet<DmpUserRole> dmpUserRoles) {
this.dmpUserRoles = dmpUserRoles;
}
public HashSet<UserDescriptionTemplateRole> getUserDescriptionTemplateRoles() {
return this.userDescriptionTemplateRoles;
}
public void setUserDescriptionTemplateRoles(HashSet<UserDescriptionTemplateRole> userDescriptionTemplateRoles) {
this.userDescriptionTemplateRoles = userDescriptionTemplateRoles;
}
}

9
backend/core/src/main/java/org/opencdmp/authorization/AuthorizationConfiguration.java
View File

@ -6,4 +6,13 @@ import org.springframework.context.annotation.Configuration;
@Configuration("AppAuthorizationConfiguration")
@EnableConfigurationProperties(AuthorizationProperties.class)
public class AuthorizationConfiguration {
private final AuthorizationProperties authorizationProperties;
public AuthorizationConfiguration(AuthorizationProperties authorizationProperties) {
this.authorizationProperties = authorizationProperties;
}
public AuthorizationProperties getAuthorizationProperties() {
return this.authorizationProperties;
}
}

6
backend/core/src/main/java/org/opencdmp/authorization/AuthorizationFlags.java
View File

@ -3,7 +3,7 @@ package org.opencdmp.authorization;
import java.util.EnumSet;
public enum AuthorizationFlags {
None, Permission, DmpAssociated, Public, Owner;
public static final EnumSet<AuthorizationFlags> OwnerOrDmpAssociatedOrPermission = EnumSet.of(DmpAssociated, Permission, Owner);
public static final EnumSet<AuthorizationFlags> OwnerOrDmpAssociatedOrPermissionOrPublic = EnumSet.of(DmpAssociated, Permission, Owner, Public);
None, Permission, DmpAssociated, Public, Owner, DescriptionTemplateAssociated;
public static final EnumSet<AuthorizationFlags> AllExceptPublic = EnumSet.of(DmpAssociated, Permission, Owner, DescriptionTemplateAssociated);
public static final EnumSet<AuthorizationFlags> All = EnumSet.of(DmpAssociated, Permission, Owner, Public);
}

4
backend/core/src/main/java/org/opencdmp/authorization/AuthorizationProperties.java
View File

@ -18,7 +18,7 @@ public class AuthorizationProperties {
private List<String> allowedGlobalRoles;
public List<String> getGlobalAdminRoles() {
return globalAdminRoles;
return this.globalAdminRoles;
}
public void setGlobalAdminRoles(List<String> globalAdminRoles) {
@ -26,7 +26,7 @@ public class AuthorizationProperties {
}
public String getAdminRole() {
return adminRole;
return this.adminRole;
}
public void setAdminRole(String adminRole) {

6
backend/core/src/main/java/org/opencdmp/authorization/authorizationcontentresolver/AuthorizationContentResolver.java
View File

@ -13,6 +13,12 @@ public interface AuthorizationContentResolver {
Map<UUID, AffiliatedResource> dmpsAffiliation(List<UUID> ids);
AffiliatedResource descriptionTemplateAffiliation(UUID id);
Map<UUID, AffiliatedResource> descriptionTemplateAffiliation(List<UUID> ids);
boolean hasAtLeastOneDescriptionTemplateAffiliation();
AffiliatedResource descriptionAffiliation(UUID id);
Map<UUID, AffiliatedResource> descriptionsAffiliation(List<UUID> ids);

43
backend/core/src/main/java/org/opencdmp/authorization/authorizationcontentresolver/AuthorizationContentResolverImpl.java
View File

@ -7,16 +7,15 @@ import org.opencdmp.authorization.PermissionNameProvider;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.commons.scope.tenant.TenantScope;
import org.opencdmp.commons.scope.user.UserScope;
import org.opencdmp.data.DescriptionEntity;
import org.opencdmp.data.DmpDescriptionTemplateEntity;
import org.opencdmp.data.DmpEntity;
import org.opencdmp.data.DmpUserEntity;
import org.opencdmp.data.*;
import org.opencdmp.model.DmpDescriptionTemplate;
import org.opencdmp.model.DmpUser;
import org.opencdmp.model.UserDescriptionTemplate;
import org.opencdmp.model.description.Description;
import org.opencdmp.query.DescriptionQuery;
import org.opencdmp.query.DmpDescriptionTemplateQuery;
import org.opencdmp.query.DmpUserQuery;
import org.opencdmp.query.UserDescriptionTemplateQuery;
import org.springframework.stereotype.Service;
import org.springframework.web.context.annotation.RequestScope;
@ -71,6 +70,42 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
return affiliatedResources;
}
@Override
public AffiliatedResource descriptionTemplateAffiliation(UUID id) {
return this.descriptionTemplateAffiliation(List.of(id)).getOrDefault(id, new AffiliatedResource());
}
@Override
public Map<UUID, AffiliatedResource> descriptionTemplateAffiliation(List<UUID> ids){
UUID userId = this.userScope.getUserIdSafe();
Map<UUID, AffiliatedResource> affiliatedResources = new HashMap<>();
for (UUID id : ids){
affiliatedResources.put(id, new AffiliatedResource());
}
if (userId == null || !this.userScope.isSet()) return affiliatedResources;
List<UUID> idsToResolve = this.getAffiliatedFromCache(ids, userId, affiliatedResources, DescriptionTemplateEntity.class.getSimpleName());
if (idsToResolve.isEmpty()) return affiliatedResources;
List<UserDescriptionTemplateEntity> userDescriptionTemplates = this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().descriptionTemplateIds(ids).userIds(userId).isActive(IsActive.Active).collectAs(new BaseFieldSet().ensure(UserDescriptionTemplate._role).ensure(UserDescriptionTemplate._descriptionTemplate));
for (UserDescriptionTemplateEntity dmpUser : userDescriptionTemplates){
affiliatedResources.get(dmpUser.getDescriptionTemplateId()).getUserDescriptionTemplateRoles().add(dmpUser.getRole());
}
this.ensureAffiliatedInCache(idsToResolve, userId, affiliatedResources, DmpEntity.class.getSimpleName());
return affiliatedResources;
}
@Override
public boolean hasAtLeastOneDescriptionTemplateAffiliation(){
UUID userId = this.userScope.getUserIdSafe();
if (userId == null || !this.userScope.isSet()) return false;
//TODO: investigate if we want to use cache
return this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().userIds(userId).isActive(IsActive.Active).count() > 0;
}
@Override
public AffiliatedResource descriptionAffiliation(UUID id) {
return this.descriptionsAffiliation(List.of(id)).getOrDefault(id, new AffiliatedResource());

18
backend/core/src/main/java/org/opencdmp/data/DmpUserEntity.java
View File

@ -1,11 +1,11 @@
package org.opencdmp.data;
import jakarta.persistence.*;
import org.opencdmp.commons.enums.DmpUserRole;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.data.converters.enums.DmpUserRoleConverter;
import org.opencdmp.data.converters.enums.IsActiveConverter;
import org.opencdmp.data.tenant.TenantScopedBaseEntity;
import jakarta.persistence.*;
import java.time.Instant;
import java.util.UUID;
@ -57,7 +57,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
public static final String _isActive = "isActive";
public UUID getId() {
return id;
return this.id;
}
public void setId(UUID id) {
@ -65,7 +65,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public UUID getDmpId() {
return dmpId;
return this.dmpId;
}
public void setDmpId(UUID dmpId) {
@ -73,7 +73,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public UUID getUserId() {
return userId;
return this.userId;
}
public void setUserId(UUID userId) {
@ -81,7 +81,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public DmpUserRole getRole() {
return role;
return this.role;
}
public void setRole(DmpUserRole role) {
@ -89,7 +89,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public UUID getSectionId() {
return sectionId;
return this.sectionId;
}
public void setSectionId(UUID sectionId) {
@ -97,7 +97,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public Instant getCreatedAt() {
return createdAt;
return this.createdAt;
}
public void setCreatedAt(Instant createdAt) {
@ -105,7 +105,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public Instant getUpdatedAt() {
return updatedAt;
return this.updatedAt;
}
public void setUpdatedAt(Instant updatedAt) {
@ -113,7 +113,7 @@ public class DmpUserEntity extends TenantScopedBaseEntity {
}
public IsActive getIsActive() {
return isActive;
return this.isActive;
}
public void setIsActive(IsActive isActive) {

12
backend/core/src/main/java/org/opencdmp/model/builder/UserBuilder.java
View File

@ -8,8 +8,8 @@ import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import gr.cite.tools.logging.DataLogEntry;
import gr.cite.tools.logging.LoggerService;
import org.opencdmp.authorization.AuthorizationConfiguration;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.authorization.AuthorizationProperties;
import org.opencdmp.commons.JsonHandlingService;
import org.opencdmp.commons.scope.tenant.TenantScope;
import org.opencdmp.commons.types.user.AdditionalInfoEntity;
@ -43,7 +43,7 @@ public class UserBuilder extends BaseBuilder<User, UserEntity> {
private final BuilderFactory builderFactory;
private final JsonHandlingService jsonHandlingService;
private final AuthorizationProperties authorizationProperties;
private final AuthorizationConfiguration authorizationConfiguration;
private final TenantScope tenantScope;
@ -52,12 +52,12 @@ public class UserBuilder extends BaseBuilder<User, UserEntity> {
@Autowired
public UserBuilder(ConventionService conventionService,
QueryFactory queryFactory,
BuilderFactory builderFactory, JsonHandlingService jsonHandlingService, AuthorizationProperties authorizationProperties, TenantScope tenantScope) {
BuilderFactory builderFactory, JsonHandlingService jsonHandlingService, AuthorizationConfiguration authorizationConfiguration, TenantScope tenantScope) {
super(conventionService, new LoggerService(LoggerFactory.getLogger(UserBuilder.class)));
this.queryFactory = queryFactory;
this.builderFactory = builderFactory;
this.jsonHandlingService = jsonHandlingService;
this.authorizationProperties = authorizationProperties;
this.authorizationConfiguration = authorizationConfiguration;
this.tenantScope = tenantScope;
}
@ -139,7 +139,7 @@ public class UserBuilder extends BaseBuilder<User, UserEntity> {
Map<UUID, List<UserRole>> itemMap;
FieldSet clone = new BaseFieldSet(fields.getFields()).ensure(this.asIndexer(UserRole._user, User._id));
UserRoleQuery query = this.queryFactory.query(UserRoleQuery.class).disableTracking().authorize(this.authorize).tenantIsSet(false).roles(this.authorizationProperties.getAllowedGlobalRoles()).userIds(data.stream().map(UserEntity::getId).distinct().collect(Collectors.toList()));
UserRoleQuery query = this.queryFactory.query(UserRoleQuery.class).disableTracking().authorize(this.authorize).tenantIsSet(false).roles(this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()).userIds(data.stream().map(UserEntity::getId).distinct().collect(Collectors.toList()));
itemMap = this.builderFactory.builder(UserRoleBuilder.class).authorize(this.authorize).asMasterKey(query, clone, x -> x.getUser().getId());
if (!fields.hasField(this.asIndexer(UserRole._user, User._id))) {
@ -159,7 +159,7 @@ public class UserBuilder extends BaseBuilder<User, UserEntity> {
if (!this.tenantScope.isSet()) throw new MyForbiddenException("tenant scope required");
UserRoleQuery query = this.queryFactory.query(UserRoleQuery.class).disableTracking().authorize(this.authorize).roles(this.authorizationProperties.getAllowedTenantRoles()).userIds(data.stream().map(UserEntity::getId).distinct().collect(Collectors.toList()));
UserRoleQuery query = this.queryFactory.query(UserRoleQuery.class).disableTracking().authorize(this.authorize).roles(this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()).userIds(data.stream().map(UserEntity::getId).distinct().collect(Collectors.toList()));
if (this.tenantScope.isDefaultTenant()) query.tenantIsSet(false);
else {
try {

2
backend/core/src/main/java/org/opencdmp/model/builder/commonmodels/description/FieldCommonModelBuilder.java
View File

@ -161,7 +161,7 @@ public class FieldCommonModelBuilder extends BaseCommonModelBuilder<FieldModel,
this.logger.debug("checking related - {}", TagEntity.class.getSimpleName());
List<UUID> tagIds = data.stream().map(FieldEntity::getTextListValue).filter(Objects::nonNull).flatMap(List::stream).filter(x-> !this.conventionService.isNullOrEmpty(x)).map(UUID::fromString).distinct().collect(Collectors.toList());
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).disableTracking().ids(tagIds).collectAs(new BaseFieldSet().ensure(Tag._id).ensure(Tag._label));
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).authorize(AuthorizationFlags.AllExceptPublic).disableTracking().ids(tagIds).collectAs(new BaseFieldSet().ensure(Tag._id).ensure(Tag._label));
Map<UUID, String> itemMap = new HashMap<>();
for (UUID tag : tagIds){

26
backend/core/src/main/java/org/opencdmp/model/builder/descriptiontemplate/DescriptionTemplateBuilder.java
View File

@ -1,5 +1,6 @@
package org.opencdmp.model.builder.descriptiontemplate;
import gr.cite.commons.web.authz.service.AuthorizationService;
import gr.cite.tools.data.builder.BuilderFactory;
import gr.cite.tools.data.query.QueryFactory;
import gr.cite.tools.exception.MyApplicationException;
@ -7,7 +8,9 @@ import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import gr.cite.tools.logging.DataLogEntry;
import gr.cite.tools.logging.LoggerService;
import org.opencdmp.authorization.AffiliatedResource;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import org.opencdmp.commons.XmlHandlingService;
import org.opencdmp.commons.scope.tenant.TenantScope;
import org.opencdmp.commons.types.descriptiontemplate.DefinitionEntity;
@ -19,6 +22,7 @@ import org.opencdmp.model.builder.BaseBuilder;
import org.opencdmp.model.builder.DescriptionTemplateTypeBuilder;
import org.opencdmp.model.builder.UserDescriptionTemplateBuilder;
import org.opencdmp.model.descriptiontemplate.DescriptionTemplate;
import org.opencdmp.model.dmp.Dmp;
import org.opencdmp.query.DescriptionTemplateTypeQuery;
import org.opencdmp.query.UserDescriptionTemplateQuery;
import org.slf4j.LoggerFactory;
@ -42,15 +46,19 @@ public class DescriptionTemplateBuilder extends BaseBuilder<DescriptionTemplate,
private final XmlHandlingService xmlHandlingService;
private final TenantScope tenantScope;
private final AuthorizationService authorizationService;
private final AuthorizationContentResolver authorizationContentResolver;
@Autowired
public DescriptionTemplateBuilder(
ConventionService conventionService, QueryFactory queryFactory, BuilderFactory builderFactory, XmlHandlingService xmlHandlingService, TenantScope tenantScope) {
ConventionService conventionService, QueryFactory queryFactory, BuilderFactory builderFactory, XmlHandlingService xmlHandlingService, TenantScope tenantScope, AuthorizationService authorizationService, AuthorizationContentResolver authorizationContentResolver) {
super(conventionService, new LoggerService(LoggerFactory.getLogger(DescriptionTemplateBuilder.class)));
this.queryFactory = queryFactory;
this.builderFactory = builderFactory;
this.xmlHandlingService = xmlHandlingService;
this.tenantScope = tenantScope;
this.authorizationService = authorizationService;
this.authorizationContentResolver = authorizationContentResolver;
}
public DescriptionTemplateBuilder authorize(EnumSet<AuthorizationFlags> values) {
@ -71,6 +79,9 @@ public class DescriptionTemplateBuilder extends BaseBuilder<DescriptionTemplate,
FieldSet usersFields = fields.extractPrefixed(this.asPrefix(DescriptionTemplate._users));
Map<UUID, List<UserDescriptionTemplate>> usersMap = this.collectUserDescriptionTemplates(usersFields, data);
Set<String> authorizationFlags = this.extractAuthorizationFlags(fields, Dmp._authorizationFlags, this.authorizationContentResolver.getPermissionNames());
Map<UUID, AffiliatedResource> affiliatedResourceMap = authorizationFlags == null || authorizationFlags.isEmpty() ? null : this.authorizationContentResolver.descriptionTemplateAffiliation(data.stream().map(DescriptionTemplateEntity::getId).collect(Collectors.toList()));
FieldSet definitionFields = fields.extractPrefixed(this.asPrefix(DescriptionTemplate._definition));
List<DescriptionTemplate> models = new ArrayList<>();
for (DescriptionTemplateEntity d : data) {
@ -108,6 +119,7 @@ public class DescriptionTemplateBuilder extends BaseBuilder<DescriptionTemplate,
m.setUsers(usersMap.get(d.getId()));
if (!descriptionTemplateTypeFields.isEmpty() && descriptionTemplateTypeMap != null && descriptionTemplateTypeMap.containsKey(d.getTypeId()))
m.setType(descriptionTemplateTypeMap.get(d.getTypeId()));
if (affiliatedResourceMap != null && !authorizationFlags.isEmpty()) m.setAuthorizationFlags(this.evaluateAuthorizationFlags(this.authorizationService, authorizationFlags, affiliatedResourceMap.getOrDefault(d.getId(), null)));
models.add(m);
}
this.logger.debug("build {} items", Optional.of(models).map(List::size).orElse(0));
@ -128,17 +140,16 @@ public class DescriptionTemplateBuilder extends BaseBuilder<DescriptionTemplate,
item.setId(x);
return item;
},
x -> x.getId());
DescriptionTemplateType::getId);
} else {
FieldSet clone = new BaseFieldSet(fields.getFields()).ensure(DescriptionTemplateType._id);
DescriptionTemplateTypeQuery q = this.queryFactory.query(DescriptionTemplateTypeQuery.class).disableTracking().ids(data.stream().map(DescriptionTemplateEntity::getTypeId).distinct().collect(Collectors.toList()));
itemMap = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).asForeignKey(q, clone, DescriptionTemplateType::getId);
}
if (!fields.hasField(DescriptionTemplateType._id)) {
itemMap.values().stream().filter(Objects::nonNull).map(x -> {
itemMap.values().stream().filter(Objects::nonNull).forEach(x -> {
x.setId(null);
return x;
}).collect(Collectors.toList());
});
}
return itemMap;
@ -155,10 +166,9 @@ public class DescriptionTemplateBuilder extends BaseBuilder<DescriptionTemplate,
itemMap = this.builderFactory.builder(UserDescriptionTemplateBuilder.class).authorize(this.authorize).authorize(this.authorize).asMasterKey(query, clone, x -> x.getDescriptionTemplate().getId());
if (!fields.hasField(this.asIndexer(UserDescriptionTemplate._descriptionTemplate, DescriptionTemplate._id))) {
itemMap.values().stream().flatMap(List::stream).filter(x -> x != null && x.getDescriptionTemplate() != null).map(x -> {
itemMap.values().stream().flatMap(List::stream).filter(x -> x != null && x.getDescriptionTemplate() != null).forEach(x -> {
x.getDescriptionTemplate().setId(null);
return x;
}).collect(Collectors.toList());
});
}
return itemMap;
}

24
backend/core/src/main/java/org/opencdmp/model/deleter/DmpDeleter.java
View File

@ -1,21 +1,21 @@
package org.opencdmp.model.deleter;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.commons.enums.DmpVersionStatus;
import org.opencdmp.commons.enums.EntityType;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.data.*;
import org.opencdmp.model.description.Description;
import org.opencdmp.model.DmpDescriptionTemplate;
import org.opencdmp.model.dmpreference.DmpReference;
import org.opencdmp.query.*;
import org.opencdmp.service.elastic.ElasticService;
import gr.cite.tools.data.deleter.Deleter;
import gr.cite.tools.data.deleter.DeleterFactory;
import gr.cite.tools.data.query.QueryFactory;
import gr.cite.tools.exception.MyApplicationException;
import gr.cite.tools.logging.LoggerService;
import gr.cite.tools.logging.MapLogEntry;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.commons.enums.DmpVersionStatus;
import org.opencdmp.commons.enums.EntityType;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.data.*;
import org.opencdmp.model.DmpDescriptionTemplate;
import org.opencdmp.model.description.Description;
import org.opencdmp.model.dmpreference.DmpReference;
import org.opencdmp.query.*;
import org.opencdmp.service.elastic.ElasticService;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
@ -30,7 +30,7 @@ import java.util.Optional;
import java.util.UUID;
@Component
@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE)
@Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE)
public class DmpDeleter implements Deleter {
private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(DmpDeleter.class));
@ -104,7 +104,7 @@ public class DmpDeleter implements Deleter {
for (DmpEntity item : data) {
logger.trace("deleting item {}", item.getId());
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).types(EntityType.DMP).entityIds(item.getId());
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.AllExceptPublic).types(EntityType.DMP).entityIds(item.getId());
if (entityDoiQuery.count() > 0) throw new MyApplicationException("DMP is deposited can not deleted");
if(item.getVersionStatus().equals(DmpVersionStatus.Current)) throw new MyApplicationException("DMP is current can not deleted");
item.setIsActive(IsActive.Inactive);

44
backend/core/src/main/java/org/opencdmp/model/descriptiontemplate/DescriptionTemplate.java
View File

@ -5,7 +5,6 @@ import org.opencdmp.commons.enums.DescriptionTemplateVersionStatus;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.model.DescriptionTemplateType;
import org.opencdmp.model.UserDescriptionTemplate;
import org.opencdmp.model.descriptiontemplate.Definition;
import java.time.Instant;
import java.util.List;
@ -58,11 +57,14 @@ public class DescriptionTemplate {
public final static String _hash = "hash";
private String hash;
private List<String> authorizationFlags;
public static final String _authorizationFlags = "authorizationFlags";
private Boolean belongsToCurrentTenant;
public static final String _belongsToCurrentTenant = "belongsToCurrentTenant";
public UUID getId() {
return id;
return this.id;
}
public void setId(UUID id) {
@ -70,7 +72,7 @@ public class DescriptionTemplate {
}
public String getLabel() {
return label;
return this.label;
}
public void setLabel(String label) {
@ -78,7 +80,7 @@ public class DescriptionTemplate {
}
public String getDescription() {
return description;
return this.description;
}
public void setDescription(String description) {
@ -86,7 +88,7 @@ public class DescriptionTemplate {
}
public UUID getGroupId() {
return groupId;
return this.groupId;
}
public void setGroupId(UUID groupId) {
@ -94,7 +96,7 @@ public class DescriptionTemplate {
}
public Short getVersion() {
return version;
return this.version;
}
public void setVersion(Short version) {
@ -102,7 +104,7 @@ public class DescriptionTemplate {
}
public String getLanguage() {
return language;
return this.language;
}
public void setLanguage(String language) {
@ -110,7 +112,7 @@ public class DescriptionTemplate {
}
public DescriptionTemplateType getType() {
return type;
return this.type;
}
public void setType(DescriptionTemplateType type) {
@ -118,7 +120,7 @@ public class DescriptionTemplate {
}
public Definition getDefinition() {
return definition;
return this.definition;
}
public void setDefinition(Definition definition) {
@ -126,7 +128,7 @@ public class DescriptionTemplate {
}
public Instant getCreatedAt() {
return createdAt;
return this.createdAt;
}
public void setCreatedAt(Instant createdAt) {
@ -134,7 +136,7 @@ public class DescriptionTemplate {
}
public Instant getUpdatedAt() {
return updatedAt;
return this.updatedAt;
}
public void setUpdatedAt(Instant updatedAt) {
@ -142,7 +144,7 @@ public class DescriptionTemplate {
}
public IsActive getIsActive() {
return isActive;
return this.isActive;
}
public void setIsActive(IsActive isActive) {
@ -150,7 +152,7 @@ public class DescriptionTemplate {
}
public DescriptionTemplateStatus getStatus() {
return status;
return this.status;
}
public void setStatus(DescriptionTemplateStatus status) {
@ -158,7 +160,7 @@ public class DescriptionTemplate {
}
public List<UserDescriptionTemplate> getUsers() {
return users;
return this.users;
}
public void setUsers(List<UserDescriptionTemplate> users) {
@ -166,7 +168,7 @@ public class DescriptionTemplate {
}
public String getHash() {
return hash;
return this.hash;
}
public void setHash(String hash) {
@ -174,15 +176,23 @@ public class DescriptionTemplate {
}
public DescriptionTemplateVersionStatus getVersionStatus() {
return versionStatus;
return this.versionStatus;
}
public void setVersionStatus(DescriptionTemplateVersionStatus versionStatus) {
this.versionStatus = versionStatus;
}
public List<String> getAuthorizationFlags() {
return this.authorizationFlags;
}
public void setAuthorizationFlags(List<String> authorizationFlags) {
this.authorizationFlags = authorizationFlags;
}
public Boolean getBelongsToCurrentTenant() {
return belongsToCurrentTenant;
return this.belongsToCurrentTenant;
}
public void setBelongsToCurrentTenant(Boolean belongsToCurrentTenant) {

2
backend/core/src/main/java/org/opencdmp/model/persist/DescriptionPersist.java
View File

@ -244,7 +244,7 @@ public class DescriptionPersist {
DmpDescriptionTemplateEntity dmpDescriptionTemplateEntity = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().ids(dmpDescriptionTemplateId).isActive(IsActive.Active).dmpIds(dmpId).first();
if (dmpDescriptionTemplateEntity == null) return true;
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(dmpId).dmpDescriptionTemplateIds(dmpDescriptionTemplateId).isActive(IsActive.Active).collect();
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(dmpId).dmpDescriptionTemplateIds(dmpDescriptionTemplateId).isActive(IsActive.Active).collect();
for (SectionEntity section: definition.getSections()) {
if (dmpDescriptionTemplateEntity.getSectionId().equals(section.getId()) && section.getHasTemplates() && !this.isListNullOrEmpty(section.getDescriptionTemplates())){

4
backend/core/src/main/java/org/opencdmp/model/persist/DmpPersist.java
View File

@ -274,8 +274,8 @@ public class DmpPersist {
org.opencdmp.commons.types.dmpblueprint.DefinitionEntity definition = this.xmlHandlingService.fromXmlSafe(org.opencdmp.commons.types.dmpblueprint.DefinitionEntity.class, dmpBlueprintEntity.getDefinition());
if (definition == null || this.isListNullOrEmpty(definition.getSections())) return true;
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).dmpIds(dmpId).collect();
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(dmpId).isActive(IsActive.Active).collect();
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).dmpIds(dmpId).collect();
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(dmpId).isActive(IsActive.Active).collect();
for (SectionEntity section: definition.getSections()) {
if (section.getHasTemplates() && !this.isListNullOrEmpty(section.getDescriptionTemplates())){

2
backend/core/src/main/java/org/opencdmp/model/persist/dmpproperties/DmpBlueprintValuePersist.java
View File

@ -174,7 +174,7 @@ public class DmpBlueprintValuePersist {
private String getReferenceTypeName(FieldEntity fieldEntity){
if (fieldEntity instanceof ReferenceTypeFieldEntity) {
return this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(((ReferenceTypeFieldEntity)fieldEntity).getReferenceTypeId()).firstAs(new BaseFieldSet().ensure(ReferenceType._name)).getName();
return this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(((ReferenceTypeFieldEntity)fieldEntity).getReferenceTypeId()).firstAs(new BaseFieldSet().ensure(ReferenceType._name)).getName();
}
return "";
}

30
backend/core/src/main/java/org/opencdmp/query/DescriptionTemplateQuery.java
View File

@ -15,10 +15,7 @@ import org.opencdmp.commons.enums.DescriptionTemplateStatus;
import org.opencdmp.commons.enums.DescriptionTemplateVersionStatus;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.commons.scope.user.UserScope;
import org.opencdmp.data.DescriptionTemplateEntity;
import org.opencdmp.data.DmpDescriptionTemplateEntity;
import org.opencdmp.data.DmpEntity;
import org.opencdmp.data.TenantEntityManager;
import org.opencdmp.data.*;
import org.opencdmp.model.descriptiontemplate.DescriptionTemplate;
import org.opencdmp.query.utils.BuildSubQueryInput;
import org.opencdmp.query.utils.QueryUtilsService;
@ -54,6 +51,7 @@ public class DescriptionTemplateQuery extends QueryBase<DescriptionTemplateEntit
private Collection<UUID> typeIds;
private Instant after;
private Boolean onlyCanEdit;
private DmpDescriptionTemplateQuery dmpDescriptionTemplateQuery;
@ -204,6 +202,11 @@ public class DescriptionTemplateQuery extends QueryBase<DescriptionTemplateEntit
return this;
}
public DescriptionTemplateQuery onlyCanEdit(Boolean onlyCanEdit) {
this.onlyCanEdit = onlyCanEdit;
return this;
}
public DescriptionTemplateQuery dmpDescriptionTemplateSubQuery(DmpDescriptionTemplateQuery value) {
this.dmpDescriptionTemplateQuery = value;
return this;
@ -352,6 +355,25 @@ public class DescriptionTemplateQuery extends QueryBase<DescriptionTemplateEntit
Predicate afterClause = queryContext.CriteriaBuilder.greaterThanOrEqualTo(queryContext.Root.get(DmpEntity._createdAt), this.after);
predicates.add(afterClause);
}
if (this.onlyCanEdit != null) {
boolean canEdit = this.authService.authorize(Permission.EditDescriptionTemplate);
if (!canEdit){
UUID userId = this.userScope.getUserIdSafe();
if (userId == null){
predicates.add(queryContext.CriteriaBuilder.or()); //Creates a false query
} else {
Subquery<UUID> subquery = this.queryUtilsService.buildSubQuery(new BuildSubQueryInput<>(
new BuildSubQueryInput.Builder<>(UserDescriptionTemplateEntity.class, UUID.class, queryContext)
.keyPathFunc((subQueryRoot) -> subQueryRoot.get(UserDescriptionTemplateEntity._descriptionTemplateId))
.filterFunc((subQueryRoot, cb) ->
cb.in(subQueryRoot.get(UserDescriptionTemplateEntity._userId)).value(userId)
)
));
predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionTemplateEntity._id)).value(subquery));
}
}
}
if (this.dmpDescriptionTemplateQuery != null) {
QueryContext<DmpDescriptionTemplateEntity, UUID> subQuery = this.applySubQuery(this.dmpDescriptionTemplateQuery, queryContext, UUID.class, dmpDescriptionTemplateEntityRoot -> dmpDescriptionTemplateEntityRoot.get(DmpDescriptionTemplateEntity._descriptionTemplateGroupId));

36
backend/core/src/main/java/org/opencdmp/query/lookup/DescriptionTemplateLookup.java
View File

@ -1,11 +1,11 @@
package org.opencdmp.query.lookup;
import gr.cite.tools.data.query.Lookup;
import gr.cite.tools.data.query.QueryFactory;
import org.opencdmp.commons.enums.DescriptionTemplateStatus;
import org.opencdmp.commons.enums.DescriptionTemplateVersionStatus;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.query.DescriptionTemplateQuery;
import gr.cite.tools.data.query.Lookup;
import gr.cite.tools.data.query.QueryFactory;
import java.util.List;
import java.util.UUID;
@ -31,9 +31,10 @@ public class DescriptionTemplateLookup extends Lookup {
private List<UUID> excludedIds;
private List<UUID> excludedGroupIds;
private Boolean onlyCanEdit;
public String getLike() {
return like;
return this.like;
}
public void setLike(String like) {
@ -41,7 +42,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<IsActive> getIsActive() {
return isActive;
return this.isActive;
}
public void setIsActive(List<IsActive> isActive) {
@ -49,7 +50,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<UUID> getGroupIds() {
return groupIds;
return this.groupIds;
}
public void setGroupIds(List<UUID> groupIds) {
@ -57,7 +58,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<Short> getVersions() {
return versions;
return this.versions;
}
public void setVersions(List<Short> versions) {
@ -65,7 +66,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<DescriptionTemplateStatus> getStatuses() {
return statuses;
return this.statuses;
}
public void setStatuses(List<DescriptionTemplateStatus> statuses) {
@ -73,7 +74,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<DescriptionTemplateVersionStatus> getVersionStatuses() {
return versionStatuses;
return this.versionStatuses;
}
public void setVersionStatuses(List<DescriptionTemplateVersionStatus> versionStatuses) {
@ -81,7 +82,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<UUID> getIds() {
return ids;
return this.ids;
}
public void setIds(List<UUID> ids) {
@ -89,7 +90,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<UUID> getTypeIds() {
return typeIds;
return this.typeIds;
}
public void setTypeIds(List<UUID> typeIds) {
@ -97,7 +98,7 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<UUID> getExcludedIds() {
return excludedIds;
return this.excludedIds;
}
public void setExcludedIds(List<UUID> excludedIds) {
@ -105,13 +106,21 @@ public class DescriptionTemplateLookup extends Lookup {
}
public List<UUID> getExcludedGroupIds() {
return excludedGroupIds;
return this.excludedGroupIds;
}
public void setExcludedGroupIds(List<UUID> excludedGroupIds) {
this.excludedGroupIds = excludedGroupIds;
}
public Boolean getOnlyCanEdit() {
return this.onlyCanEdit;
}
public void setOnlyCanEdit(Boolean onlyCanEdit) {
this.onlyCanEdit = onlyCanEdit;
}
public DescriptionTemplateQuery enrich(QueryFactory queryFactory) {
DescriptionTemplateQuery query = queryFactory.query(DescriptionTemplateQuery.class);
if (this.like != null)
@ -134,7 +143,8 @@ public class DescriptionTemplateLookup extends Lookup {
query.versions(this.versions);
if (this.versionStatuses != null)
query.versionStatuses(this.versionStatuses);
if (this.onlyCanEdit != null)
query.onlyCanEdit(this.onlyCanEdit);
this.enrichCommon(query);
return query;

12
backend/core/src/main/java/org/opencdmp/service/dashborad/DashboardServiceImpl.java
View File

@ -77,7 +77,7 @@ public class DashboardServiceImpl implements DashboardService {
descriptionLookup.getPage().setOffset(0);
descriptionLookup.getPage().setSize(model.getPage().getSize()+model.getPage().getOffset());
QueryResult<Description> descriptions = this.elasticQueryHelperService.collect(descriptionLookup, AuthorizationFlags.OwnerOrDmpAssociatedOrPermission, new BaseFieldSet().ensure(Description._id).ensure(Description._updatedAt).ensure(Description._status).ensure(Description._label));
QueryResult<Description> descriptions = this.elasticQueryHelperService.collect(descriptionLookup, AuthorizationFlags.AllExceptPublic, new BaseFieldSet().ensure(Description._id).ensure(Description._updatedAt).ensure(Description._status).ensure(Description._label));
if (!this.conventionService.isListNullOrEmpty(descriptions.getItems())) {
for (Description description : descriptions.getItems()) recentActivityItemEntities.add(new RecentActivityItemEntity(RecentActivityItemType.Description, description.getId(), description.getUpdatedAt(), description.getLabel(), description.getStatus().getValue()));
}
@ -88,7 +88,7 @@ public class DashboardServiceImpl implements DashboardService {
dmpLookup.getPage().setOffset(0);
dmpLookup.getPage().setSize(model.getPage().getSize()+model.getPage().getOffset());
QueryResult<Dmp> dmps = this.elasticQueryHelperService.collect(dmpLookup, AuthorizationFlags.OwnerOrDmpAssociatedOrPermission, new BaseFieldSet().ensure(Dmp._id).ensure(Dmp._updatedAt).ensure(Dmp._label).ensure(Dmp._status));
QueryResult<Dmp> dmps = this.elasticQueryHelperService.collect(dmpLookup, AuthorizationFlags.AllExceptPublic, new BaseFieldSet().ensure(Dmp._id).ensure(Dmp._updatedAt).ensure(Dmp._label).ensure(Dmp._status));
if (!this.conventionService.isListNullOrEmpty(dmps.getItems())) {
for (Dmp dmp : dmps.getItems()) recentActivityItemEntities.add(new RecentActivityItemEntity(RecentActivityItemType.Dmp, dmp.getId(), dmp.getUpdatedAt(), dmp.getLabel(), dmp.getStatus().getValue()));
}
@ -109,7 +109,7 @@ public class DashboardServiceImpl implements DashboardService {
if (model.getPage() != null){
recentActivityItemEntities = recentActivityItemEntities.stream().skip(model.getPage().getOffset()).limit(model.getPage().getSize()).toList();
}
return this.builderFactory.builder(RecentActivityItemBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(model.getProject()), recentActivityItemEntities);
return this.builderFactory.builder(RecentActivityItemBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(model.getProject()), recentActivityItemEntities);
}
@Override
@ -156,14 +156,14 @@ public class DashboardServiceImpl implements DashboardService {
DmpQuery dmpQuery = this.queryFactory.query(DmpQuery.class).disableTracking().isActive(IsActive.Active).dmpUserSubQuery(dmpUserLookup).versionStatuses(List.of(DmpVersionStatus.Current, DmpVersionStatus.NotFinalized));
DashboardStatistics statistics = new DashboardStatistics();
statistics.setDmpCount(dmpQuery.authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).count());
statistics.setDescriptionCount(this.queryFactory.query(DescriptionQuery.class).disableTracking().isActive(IsActive.Active).dmpSubQuery(dmpQuery).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).count());
statistics.setDmpCount(dmpQuery.authorize(AuthorizationFlags.AllExceptPublic).count());
statistics.setDescriptionCount(this.queryFactory.query(DescriptionQuery.class).disableTracking().isActive(IsActive.Active).dmpSubQuery(dmpQuery).authorize(AuthorizationFlags.AllExceptPublic).count());
statistics.setReferenceTypeStatistics(new ArrayList<>());
if (!this.conventionService.isListNullOrEmpty(this.config.getReferenceTypeCounters())){
for (UUID typeId : this.config.getReferenceTypeCounters()){
DashboardReferenceTypeStatistics referenceTypeStatistics = new DashboardReferenceTypeStatistics();
referenceTypeStatistics.setCount(this.queryFactory.query(ReferenceQuery.class).disableTracking().isActive(IsActive.Active).typeIds(typeId).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission)
referenceTypeStatistics.setCount(this.queryFactory.query(ReferenceQuery.class).disableTracking().isActive(IsActive.Active).typeIds(typeId).authorize(AuthorizationFlags.AllExceptPublic)
.dmpReferenceSubQuery(this.queryFactory.query(DmpReferenceQuery.class).disableTracking().isActives(IsActive.Active)
.dmpSubQuery(dmpQuery)).count());
referenceTypeStatistics.setReferenceType(this.builderFactory.builder(PublicReferenceTypeBuilder.class).build(new BaseFieldSet().ensure(PublicReferenceType._id), this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().ids(typeId).first()));

15
backend/core/src/main/java/org/opencdmp/service/deposit/DepositServiceImpl.java
View File

@ -5,10 +5,8 @@ import gr.cite.commons.web.oidc.filter.webflux.TokenExchangeCacheService;
import gr.cite.commons.web.oidc.filter.webflux.TokenExchangeFilterFunction;
import gr.cite.commons.web.oidc.filter.webflux.TokenExchangeModel;
import gr.cite.tools.data.builder.BuilderFactory;
import gr.cite.tools.data.query.Ordering;
import gr.cite.tools.data.query.QueryFactory;
import gr.cite.tools.exception.MyNotFoundException;
import gr.cite.tools.exception.MyValidationException;
import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import gr.cite.tools.logging.LoggerService;
@ -21,7 +19,6 @@ import org.opencdmp.authorization.authorizationcontentresolver.AuthorizationCont
import org.opencdmp.commonmodels.models.FileEnvelopeModel;
import org.opencdmp.commonmodels.models.dmp.DmpModel;
import org.opencdmp.commons.JsonHandlingService;
import org.opencdmp.commons.enums.ContactInfoType;
import org.opencdmp.commons.enums.IsActive;
import org.opencdmp.commons.enums.StorageType;
import org.opencdmp.commons.enums.TenantConfigurationType;
@ -29,7 +26,9 @@ import org.opencdmp.commons.notification.NotificationProperties;
import org.opencdmp.commons.scope.tenant.TenantScope;
import org.opencdmp.commons.scope.user.UserScope;
import org.opencdmp.commons.types.deposit.DepositSourceEntity;
import org.opencdmp.commons.types.notification.*;
import org.opencdmp.commons.types.notification.DataType;
import org.opencdmp.commons.types.notification.FieldInfo;
import org.opencdmp.commons.types.notification.NotificationFieldData;
import org.opencdmp.commons.types.tenantconfiguration.DepositTenantConfigurationEntity;
import org.opencdmp.convention.ConventionService;
import org.opencdmp.data.DmpEntity;
@ -43,7 +42,6 @@ import org.opencdmp.integrationevent.outbox.notification.NotifyIntegrationEvent;
import org.opencdmp.integrationevent.outbox.notification.NotifyIntegrationEventHandler;
import org.opencdmp.model.EntityDoi;
import org.opencdmp.model.StorageFile;
import org.opencdmp.model.UserContactInfo;
import org.opencdmp.model.builder.commonmodels.DepositConfigurationBuilder;
import org.opencdmp.model.builder.commonmodels.dmp.DmpCommonModelBuilder;
import org.opencdmp.model.persist.EntityDoiPersist;
@ -51,7 +49,10 @@ import org.opencdmp.model.persist.StorageFilePersist;
import org.opencdmp.model.persist.deposit.DepositAuthenticateRequest;
import org.opencdmp.model.persist.deposit.DepositRequest;
import org.opencdmp.model.tenantconfiguration.TenantConfiguration;
import org.opencdmp.query.*;
import org.opencdmp.query.DmpQuery;
import org.opencdmp.query.DmpUserQuery;
import org.opencdmp.query.TenantConfigurationQuery;
import org.opencdmp.query.UserQuery;
import org.opencdmp.service.encryption.EncryptionService;
import org.opencdmp.service.entitydoi.EntityDoiService;
import org.opencdmp.service.filetransformer.FileTransformerService;
@ -310,7 +311,7 @@ public class DepositServiceImpl implements DepositService {
}
//GK: Fifth Transform them to the DepositModel
DmpModel depositModel = this.builderFactory.builder(DmpCommonModelBuilder.class).useSharedStorage(depositClient.getConfiguration().isUseSharedStorage()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission)
DmpModel depositModel = this.builderFactory.builder(DmpCommonModelBuilder.class).useSharedStorage(depositClient.getConfiguration().isUseSharedStorage()).authorize(AuthorizationFlags.AllExceptPublic)
.setRepositoryId(dmpDepositModel.getRepositoryId()).setPdfFile(pdfEnvelope).setRdaJsonFile(jsonEnvelope).build(dmpEntity);

28
backend/core/src/main/java/org/opencdmp/service/description/DescriptionServiceImpl.java
View File

@ -273,7 +273,7 @@ public class DescriptionServiceImpl implements DescriptionService {
this.annotationEntityTouchedIntegrationEventHandler.handleDescription(data.getId());
this.elasticService.persistDescription(data);
return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Description._id), data);
return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Description._id), data);
}
@Override
public void updateDescriptionTemplate(UpdateDescriptionTemplatePersist model) throws InvalidApplicationException, IOException {
@ -453,13 +453,13 @@ public class DescriptionServiceImpl implements DescriptionService {
this.annotationEntityTouchedIntegrationEventHandler.handleDescription(data.getId());
if (data.getStatus().equals(DescriptionStatus.Finalized)) this.sendNotification(data, true);
}
return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Description._id), data);
return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Description._id), data);
}
public List<DescriptionValidationResult> validate(List<UUID> descriptionIds) throws InvalidApplicationException {
List<DescriptionValidationResult> descriptionValidationResults = new ArrayList<>();
List<DescriptionEntity> descriptions = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(descriptionIds).isActive(IsActive.Active).collect();
List<DescriptionEntity> descriptions = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(descriptionIds).isActive(IsActive.Active).collect();
if (descriptions == null){
return null;
}
@ -588,7 +588,7 @@ public class DescriptionServiceImpl implements DescriptionService {
} else if (FieldType.isTagType(fieldType)) {
if (!this.conventionService.isListNullOrEmpty(persist.getTags())){
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).disableTracking().tags(persist.getTags().stream().distinct().toList()).collectAs(new BaseFieldSet().ensure(Tag._id).ensure(Tag._label));
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).authorize(AuthorizationFlags.AllExceptPublic).disableTracking().tags(persist.getTags().stream().distinct().toList()).collectAs(new BaseFieldSet().ensure(Tag._id).ensure(Tag._label));
List<String> values = new ArrayList<>();
for (String tag : persist.getTags().stream().distinct().toList()){
@ -879,7 +879,7 @@ public class DescriptionServiceImpl implements DescriptionService {
//this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.descriptionAffiliation(descriptionId)), Permission.CloneDescription);
this.authorizationService.authorizeForce(Permission.EditDescription);//TODO: Missing Description or dmp for authz
DescriptionTemplateEntity descriptionTemplate = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(model.getDescriptionTemplateId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).first();
DescriptionTemplateEntity descriptionTemplate = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(model.getDescriptionTemplateId()).authorize(AuthorizationFlags.AllExceptPublic).first();
if (descriptionTemplate == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{model.getDescriptionTemplateId(), DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
org.opencdmp.commons.types.descriptiontemplate.DefinitionEntity definition = this.xmlHandlingService.fromXmlSafe(org.opencdmp.commons.types.descriptiontemplate.DefinitionEntity.class, descriptionTemplate.getDefinition());
@ -1066,7 +1066,7 @@ public class DescriptionServiceImpl implements DescriptionService {
if (!this.conventionService.isListNullOrEmpty(data.getTextListValue())){
List<UUID> tagIdsInField = data.getTextListValue().stream().filter(x -> this.conventionService.isValidGuid(UUID.fromString(x))).toList().stream().map(UUID::fromString).collect(Collectors.toList());
if (!this.conventionService.isListNullOrEmpty(tagIdsInField)){
List<TagEntity> tagsInField = this.queryFactory.query(TagQuery.class).isActive(IsActive.Active).ids(tagIdsInField).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).collect();
List<TagEntity> tagsInField = this.queryFactory.query(TagQuery.class).isActive(IsActive.Active).ids(tagIdsInField).disableTracking().authorize(AuthorizationFlags.All).collect();
if (!this.conventionService.isListNullOrEmpty(tagsInField)){
persist.setTags(tagsInField.stream().map(TagEntity::getLabel).toList());
}
@ -1115,7 +1115,7 @@ public class DescriptionServiceImpl implements DescriptionService {
logger.debug(new MapLogEntry("export xml").And("id", id));
if (!ignoreAuthorize) this.authorizationService.authorizeForce(Permission.ExportDescription);
DescriptionEntity data = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).first();
DescriptionEntity data = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.All).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Description.class.getSimpleName()}, LocaleContextHolder.getLocale()));
PropertyDefinitionEntity definition = this.jsonHandlingService.fromJson(PropertyDefinitionEntity.class, data.getProperties());
@ -1127,7 +1127,7 @@ public class DescriptionServiceImpl implements DescriptionService {
logger.debug(new MapLogEntry("export xml").And("id", id));
this.authorizationService.authorizeForce(Permission.ExportDescription);
DescriptionEntity data = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).first();
DescriptionEntity data = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.All).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Description.class.getSimpleName()}, LocaleContextHolder.getLocale()));
String xml = this.xmlHandlingService.toXml(this.exportXmlEntity(data.getId(), false));
@ -1141,17 +1141,17 @@ public class DescriptionServiceImpl implements DescriptionService {
xml.setLabel(data.getLabel());
xml.setFinalizedAt(data.getFinalizedAt());
DmpDescriptionTemplateEntity dmpDescriptionTemplateEntity = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().ids(data.getDmpDescriptionTemplateId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).first();
DmpDescriptionTemplateEntity dmpDescriptionTemplateEntity = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().ids(data.getDmpDescriptionTemplateId()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).first();
if (dmpDescriptionTemplateEntity != null) xml.setSectionId(dmpDescriptionTemplateEntity.getSectionId());
DescriptionTagQuery descriptionTagQuery = this.queryFactory.query(DescriptionTagQuery.class);
descriptionTagQuery.descriptionIds(data.getId());
descriptionTagQuery.isActive(IsActive.Active);
List<TagEntity> tagsEntities = this.queryFactory.query(TagQuery.class).disableTracking().descriptionTagSubQuery(descriptionTagQuery).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<TagEntity> tagsEntities = this.queryFactory.query(TagQuery.class).disableTracking().descriptionTagSubQuery(descriptionTagQuery).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(tagsEntities)) xml.setTags(tagsEntities.stream().map(TagEntity::getLabel).collect(Collectors.toList()));
DescriptionTemplateEntity descriptionTemplateEntity = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(data.getDescriptionTemplateId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).first();
DescriptionTemplateEntity descriptionTemplateEntity = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(data.getDescriptionTemplateId()).authorize(AuthorizationFlags.All).first();
if (descriptionTemplateEntity != null) {
xml.setDescriptionTemplate(this.descriptionTemplateService.exportXmlEntity(descriptionTemplateEntity.getId(), true));
}
@ -1160,11 +1160,11 @@ public class DescriptionServiceImpl implements DescriptionService {
xml.setProperties(this.descriptionPropertyDefinitionToExport(propertiesEntity));
}
List<DescriptionReferenceEntity> dmpReferences = this.queryFactory.query(DescriptionReferenceQuery.class).disableTracking().descriptionIds(data.getId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<DescriptionReferenceEntity> dmpReferences = this.queryFactory.query(DescriptionReferenceQuery.class).disableTracking().descriptionIds(data.getId()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpReferences)) {
List<ReferenceEntity> references = this.queryFactory.query(ReferenceQuery.class).disableTracking().ids(dmpReferences.stream().map(DescriptionReferenceEntity::getReferenceId).distinct().toList()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<ReferenceEntity> references = this.queryFactory.query(ReferenceQuery.class).disableTracking().ids(dmpReferences.stream().map(DescriptionReferenceEntity::getReferenceId).distinct().toList()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
Map<UUID, ReferenceEntity> referenceEntityMap = references == null ? new HashMap<>() : references.stream().collect(Collectors.toMap(ReferenceEntity::getId, x-> x));
List<ReferenceTypeEntity> referenceTypes = references == null ? new ArrayList<>() : this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().ids(references.stream().map(ReferenceEntity::getTypeId).distinct().toList()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<ReferenceTypeEntity> referenceTypes = references == null ? new ArrayList<>() : this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().ids(references.stream().map(ReferenceEntity::getTypeId).distinct().toList()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
Map<UUID, ReferenceTypeEntity> referenceTypeEntityMap = referenceTypes == null ? new HashMap<>() : referenceTypes.stream().collect(Collectors.toMap(ReferenceTypeEntity::getId, x-> x));
List<DescriptionReferenceImportExport> dmpReferenceImportExports = new LinkedList<>();
for (DescriptionReferenceEntity descriptionReferenceEntity : dmpReferences) {

23
backend/core/src/main/java/org/opencdmp/service/descriptiontemplate/DescriptionTemplateServiceImpl.java
View File

@ -20,6 +20,7 @@ import org.apache.commons.lang3.NotImplementedException;
import org.jetbrains.annotations.NotNull;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.authorization.Permission;
import org.opencdmp.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import org.opencdmp.commonmodels.models.DescriptionTemplateTypeModel;
import org.opencdmp.commonmodels.models.descriptiotemplate.*;
import org.opencdmp.commons.JsonHandlingService;
@ -118,6 +119,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
private final ValidatorFactory validatorFactory;
private final DescriptionTemplateTypeService descriptionTemplateTypeService;
private final AuthorizationContentResolver authorizationContentResolver;
@Autowired
public DescriptionTemplateServiceImpl(
@ -135,7 +137,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
JsonHandlingService jsonHandlingService,
NotifyIntegrationEventHandler eventHandler,
NotificationProperties notificationProperties,
ValidatorFactory validatorFactory, DescriptionTemplateTypeService descriptionTemplateTypeService) {
ValidatorFactory validatorFactory, DescriptionTemplateTypeService descriptionTemplateTypeService, AuthorizationContentResolver authorizationContentResolver) {
this.entityManager = entityManager;
this.userScope = userScope;
this.authorizationService = authorizationService;
@ -154,6 +156,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
this.notificationProperties = notificationProperties;
this.validatorFactory = validatorFactory;
this.descriptionTemplateTypeService = descriptionTemplateTypeService;
this.authorizationContentResolver = authorizationContentResolver;
}
//region Persist
@ -161,10 +164,10 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
public DescriptionTemplate persist(DescriptionTemplatePersist model, UUID groupId, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, JAXBException, ParserConfigurationException, JsonProcessingException, TransformerException {
logger.debug(new MapLogEntry("persisting data descriptionTemplate").And("model", model).And("fields", fields));
this.authorizationService.authorizeForce(Permission.EditDescriptionTemplate);
Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
if (isUpdate) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getId())), Permission.EditDescriptionTemplate);
else this.authorizationService.authorizeForce(Permission.EditDescriptionTemplate);
DescriptionTemplateEntity data;
if (isUpdate) {
data = this.entityManager.find(DescriptionTemplateEntity.class, model.getId());
@ -214,7 +217,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
this.entityManager.flush();
return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data);
return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data);
}
private void updateVersionStatusAndSave(DescriptionTemplateEntity data, DescriptionTemplateStatus previousStatus, DescriptionTemplateStatus newStatus) throws InvalidApplicationException {
@ -527,8 +530,8 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
this.authorizationService.authorizeForce(Permission.CloneDescriptionTemplate);
DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fields, query.firstAs(fields));
DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fields, query.firstAs(fields));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -662,7 +665,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
this.entityManager.flush();
return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data);
return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data);
}
//endregion
@ -867,7 +870,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
logger.debug(new MapLogEntry("exportXml").And("id", id));
if (!ignoreAuthorize) this.authorizationService.authorizeForce(Permission.ExportDescriptionTemplate);
DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).first();
DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
DefinitionEntity definition = this.xmlHandlingService.fromXml(DefinitionEntity.class, data.getDefinition());
@ -880,7 +883,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic
logger.debug(new MapLogEntry("exportXml").And("id", id));
this.authorizationService.authorizeForce(Permission.ExportDescriptionTemplate);
DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).first();
DescriptionTemplateEntity data = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));
String xml = this.xmlHandlingService.toXml(this.exportXmlEntity(id, false));

2
backend/core/src/main/java/org/opencdmp/service/descriptiontemplatetype/DescriptionTemplateTypeServiceImpl.java
View File

@ -106,7 +106,7 @@ public class DescriptionTemplateTypeServiceImpl implements DescriptionTemplateTy
this.entityManager.flush();
this.eventBroker.emit(new DescriptionTemplateTypeTouchedEvent(data.getId()));
return this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplateType._id), data);
return this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, DescriptionTemplateType._id), data);
}
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException {

54
backend/core/src/main/java/org/opencdmp/service/dmp/DmpServiceImpl.java
View File

@ -260,15 +260,15 @@ public class DmpServiceImpl implements DmpService {
this.annotationEntityTouchedIntegrationEventHandler.handleDmp(data.getId());
return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data);
return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data);
}
private void checkIfDescriptionTemplateIsUse (List<DmpDescriptionTemplatePersist> descriptionTemplates, UUID id){
List<DmpDescriptionTemplateEntity> existingDmpDescriptionTemplates = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(id).isActive(IsActive.Active).collect();
List<DmpDescriptionTemplateEntity> existingDmpDescriptionTemplates = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(id).isActive(IsActive.Active).collect();
List<DmpDescriptionTemplateEntity> removedDescriptionTemplates = existingDmpDescriptionTemplates.stream().filter(x -> descriptionTemplates.stream().noneMatch(y -> y.getDescriptionTemplateGroupId().equals(x.getDescriptionTemplateGroupId()))).toList();
DmpDescriptionTemplateQuery dmpDescriptionTemplateQuery = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().isActive(IsActive.Active).dmpIds(id).descriptionTemplateGroupIds(removedDescriptionTemplates.stream().map(DmpDescriptionTemplateEntity::getDescriptionTemplateGroupId).collect(Collectors.toList()));
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpDescriptionTemplateSubQuery(dmpDescriptionTemplateQuery).isActive(IsActive.Active);
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpDescriptionTemplateSubQuery(dmpDescriptionTemplateQuery).isActive(IsActive.Active);
if (query != null && query.count() > 0) throw new MyValidationException(this.errors.getDmpDescriptionTemplateCanNotRemove().getCode(), this.errors.getDmpDescriptionTemplateCanNotRemove().getMessage());
@ -354,7 +354,7 @@ public class DmpServiceImpl implements DmpService {
DmpEntity data = this.entityManager.find(DmpEntity.class, id);
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).types(EntityType.DMP).entityIds(data.getId());
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).types(EntityType.DMP).entityIds(data.getId());
if (entityDoiQuery.count() > 0) throw new MyApplicationException("DMP is deposited can not deleted");
DmpEntity previousDmp = null;
@ -493,7 +493,7 @@ public class DmpServiceImpl implements DmpService {
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(model.getDescriptions().stream().map(NewVersionDmpDescriptionPersist::getDescriptionId).distinct().collect(Collectors.toList())).isActive(IsActive.Active).collect();
FieldSet fieldSet = new BaseFieldSet(Description._id, BaseFieldSet.asIndexer(Description._descriptionTemplate, DescriptionTemplate._groupId));
List<Description> models = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, descriptionEntities);
List<Description> models = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, descriptionEntities);
if (!oldDmpEntity.getBlueprintId().equals(blueprintEntity.getId())){
// add description templates if exists in new blueprint
@ -673,7 +673,7 @@ public class DmpServiceImpl implements DmpService {
public Dmp buildClone(CloneDmpPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, IOException, InvalidApplicationException {
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation( model.getId())), Permission.CloneDmp);
DmpEntity existingDmpEntity = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(model.getId()).firstAs(fields);
DmpEntity existingDmpEntity = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(model.getId()).firstAs(fields);
if (!this.conventionService.isValidGuid(model.getId()) || existingDmpEntity == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -813,7 +813,7 @@ public class DmpServiceImpl implements DmpService {
this.annotationEntityTouchedIntegrationEventHandler.handleDmp(dmpEntity.getId());
return this.builderFactory.builder(DmpUserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fieldSet, DmpUser._id, DmpUser._hash), persisted);
return this.builderFactory.builder(DmpUserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fieldSet, DmpUser._id, DmpUser._hash), persisted);
}
private void checkDuplicateDmpUser(List<DmpUserPersist> model){
@ -850,7 +850,7 @@ public class DmpServiceImpl implements DmpService {
this.annotationEntityTouchedIntegrationEventHandler.handleDmp(dmpEntity.getId());
return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data);
return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data);
}
@Override
@ -1137,7 +1137,7 @@ public class DmpServiceImpl implements DmpService {
public void finalize(UUID id, List<UUID> descriptionIds) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, IOException {
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.FinalizeDmp);
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id).isActive(IsActive.Active).first();
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.AllExceptPublic).ids(id).isActive(IsActive.Active).first();
if (dmp == null){
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -1152,7 +1152,7 @@ public class DmpServiceImpl implements DmpService {
}
List<DescriptionEntity> descriptions = this.queryFactory.query(DescriptionQuery.class)
.authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(id).isActive(IsActive.Active).collect();
.authorize(AuthorizationFlags.AllExceptPublic).dmpIds(id).isActive(IsActive.Active).collect();
for (DescriptionEntity description: descriptions) {
if (descriptionIds.contains(description.getId())){
@ -1193,13 +1193,13 @@ public class DmpServiceImpl implements DmpService {
public void undoFinalize(UUID id, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException {
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.UndoFinalizeDmp);
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id).isActive(IsActive.Active).firstAs(fields);
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.AllExceptPublic).ids(id).isActive(IsActive.Active).firstAs(fields);
if (dmp == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
if (!dmp.getStatus().equals(DmpStatus.Finalized)) throw new MyApplicationException("DMP is already drafted");
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).types(EntityType.DMP).entityIds(dmp.getId()).isActive(IsActive.Active);
EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.AllExceptPublic).types(EntityType.DMP).entityIds(dmp.getId()).isActive(IsActive.Active);
if (entityDoiQuery.count() > 0) throw new MyApplicationException("DMP is deposited");
dmp.setStatus(DmpStatus.Draft);
@ -1232,7 +1232,7 @@ public class DmpServiceImpl implements DmpService {
public DmpValidationResult validate(UUID id) throws InvalidApplicationException {
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id).isActive(IsActive.Active).first();
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id).isActive(IsActive.Active).first();
if (dmp == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -1264,7 +1264,7 @@ public class DmpServiceImpl implements DmpService {
persist.setAccessType(data.getAccessType());
persist.setLanguage(data.getLanguage());
List<DmpUserEntity> dmpUserEntities = this.queryFactory.query(DmpUserQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(data.getId()).isActives(IsActive.Active).collect();
List<DmpUserEntity> dmpUserEntities = this.queryFactory.query(DmpUserQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(data.getId()).isActives(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpUserEntities)){
persist.setUsers(new ArrayList<>());
@ -1273,11 +1273,11 @@ public class DmpServiceImpl implements DmpService {
}
}
List<DmpReferenceEntity> dmpReferenceEntities = this.queryFactory.query(DmpReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(data.getId()).isActives(IsActive.Active).collect();
List<DmpReferenceEntity> dmpReferenceEntities = this.queryFactory.query(DmpReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(data.getId()).isActives(IsActive.Active).collect();
org.opencdmp.commons.types.dmpblueprint.DefinitionEntity definition = this.xmlHandlingService.fromXmlSafe(org.opencdmp.commons.types.dmpblueprint.DefinitionEntity.class, dmpBlueprintEntity.getDefinition());
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(data.getId()).isActive(IsActive.Active).collect();
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).dmpIds(data.getId()).isActive(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpDescriptionTemplateEntities)){
persist.setDescriptionTemplates(new ArrayList<>());
for (DmpDescriptionTemplateEntity descriptionTemplateEntity: dmpDescriptionTemplateEntities) {
@ -1301,7 +1301,7 @@ public class DmpServiceImpl implements DmpService {
List<ReferenceEntity> referencesFromAllFields = new ArrayList<>();
if (!this.conventionService.isListNullOrEmpty(dmpReferenceEntities)) {
referencesFromAllFields = this.queryFactory.query(ReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(dmpReferenceEntities.stream().map(DmpReferenceEntity::getReferenceId).collect(Collectors.toList())).isActive(IsActive.Active).collect();
referencesFromAllFields = this.queryFactory.query(ReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(dmpReferenceEntities.stream().map(DmpReferenceEntity::getReferenceId).collect(Collectors.toList())).isActive(IsActive.Active).collect();
}
Map<UUID, DmpBlueprintValuePersist> dmpBlueprintValues = new HashMap<>();
@ -1578,7 +1578,7 @@ public class DmpServiceImpl implements DmpService {
logger.debug(new MapLogEntry("export xml").And("id", id));
if (!ignoreAuthorize) this.authorizationService.authorizeForce(Permission.ExportDmp);
DmpEntity data = this.queryFactory.query(DmpQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).first();
DmpEntity data = this.queryFactory.query(DmpQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.All).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
DmpPropertiesEntity definition = this.jsonHandlingService.fromJson(DmpPropertiesEntity.class, data.getProperties());
@ -1590,7 +1590,7 @@ public class DmpServiceImpl implements DmpService {
logger.debug(new MapLogEntry("export xml").And("id", id));
this.authorizationService.authorizeForce(Permission.ExportDmp);
DmpEntity data = this.queryFactory.query(DmpQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).first();
DmpEntity data = this.queryFactory.query(DmpQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.All).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
String xml = this.xmlHandlingService.toXml(this.exportXmlEntity(data.getId(), false));
@ -1598,7 +1598,7 @@ public class DmpServiceImpl implements DmpService {
}
private DmpImportExport definitionXmlToExport(DmpEntity data, DmpPropertiesEntity propertiesEntity) throws InvalidApplicationException, JAXBException, ParserConfigurationException, IOException, InstantiationException, IllegalAccessException, SAXException {
DmpBlueprintEntity blueprintEntity = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(data.getBlueprintId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).first();
DmpBlueprintEntity blueprintEntity = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(data.getBlueprintId()).authorize(AuthorizationFlags.All).first();
if (blueprintEntity == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{data.getBlueprintId(), DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));
DmpImportExport xml = new DmpImportExport();
@ -1622,7 +1622,7 @@ public class DmpServiceImpl implements DmpService {
}
private List<DescriptionImportExport> descriptionsToExport(DmpEntity data) throws JAXBException, InvalidApplicationException, ParserConfigurationException, IOException, InstantiationException, IllegalAccessException, SAXException {
List<DescriptionEntity> descriptions = this.queryFactory.query(DescriptionQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).dmpIds(data.getId()).isActive(IsActive.Active).collect();
List<DescriptionEntity> descriptions = this.queryFactory.query(DescriptionQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.All).dmpIds(data.getId()).isActive(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(descriptions)) {
List<DescriptionImportExport> descriptionImportExports = new LinkedList<>();
for (DescriptionEntity description : descriptions) {
@ -1634,11 +1634,11 @@ public class DmpServiceImpl implements DmpService {
}
private List<DmpReferenceImportExport> dmpReferencesToExport(DmpEntity data){
List<DmpReferenceEntity> dmpReferences = this.queryFactory.query(DmpReferenceQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActives(IsActive.Active).collect();
List<DmpReferenceEntity> dmpReferences = this.queryFactory.query(DmpReferenceQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.All).isActives(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpReferences)) {
List<ReferenceEntity> references = this.queryFactory.query(ReferenceQuery.class).disableTracking().ids(dmpReferences.stream().map(DmpReferenceEntity::getReferenceId).distinct().toList()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<ReferenceEntity> references = this.queryFactory.query(ReferenceQuery.class).disableTracking().ids(dmpReferences.stream().map(DmpReferenceEntity::getReferenceId).distinct().toList()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
Map<UUID, ReferenceEntity> referenceEntityMap = references == null ? new HashMap<>() : references.stream().collect(Collectors.toMap(ReferenceEntity::getId, x-> x));
List<ReferenceTypeEntity> referenceTypes = references == null ? new ArrayList<>() : this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().ids(references.stream().map(ReferenceEntity::getTypeId).distinct().toList()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).collect();
List<ReferenceTypeEntity> referenceTypes = references == null ? new ArrayList<>() : this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().ids(references.stream().map(ReferenceEntity::getTypeId).distinct().toList()).authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).collect();
Map<UUID, ReferenceTypeEntity> referenceTypeEntityMap = referenceTypes == null ? new HashMap<>() : referenceTypes.stream().collect(Collectors.toMap(ReferenceTypeEntity::getId, x-> x));
List<DmpReferenceImportExport> dmpReferenceImportExports = new LinkedList<>();
for (DmpReferenceEntity descriptionTemplateEntity : dmpReferences) {
@ -1715,7 +1715,7 @@ public class DmpServiceImpl implements DmpService {
private List<DmpDescriptionTemplateImportExport> dmpDescriptionTemplatesToExport(DmpEntity data){
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).dmpIds(data.getId()).isActive(IsActive.Active).collect();
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.All).dmpIds(data.getId()).isActive(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpDescriptionTemplateEntities)) {
List<DmpDescriptionTemplateImportExport> dmpDescriptionTemplateImportExports = new LinkedList<>();
for (DmpDescriptionTemplateEntity descriptionTemplateEntity : dmpDescriptionTemplateEntities) {
@ -1737,9 +1737,9 @@ public class DmpServiceImpl implements DmpService {
}
private List<DmpUserImportExport>dmpUsersToExport(DmpEntity data){
List<DmpUserEntity> dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActives(IsActive.Active).collect();
List<DmpUserEntity> dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(data.getId()).authorize(AuthorizationFlags.All).isActives(IsActive.Active).collect();
if (!this.conventionService.isListNullOrEmpty(dmpUsers)) {
List<UserEntity> users = this.queryFactory.query(UserQuery.class).disableTracking().ids(dmpUsers.stream().map(DmpUserEntity::getUserId).distinct().toList()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).isActive(IsActive.Active).collect();
List<UserEntity> users = this.queryFactory.query(UserQuery.class).disableTracking().ids(dmpUsers.stream().map(DmpUserEntity::getUserId).distinct().toList()).authorize(AuthorizationFlags.All).isActive(IsActive.Active).collect();
Map<UUID, UserEntity> usersMap = users == null ? new HashMap<>() : users.stream().collect(Collectors.toMap(UserEntity::getId, x -> x));
List<DmpUserImportExport> dmpUserImportExports = new LinkedList<>();
for (DmpUserEntity dmpUserEntity : dmpUsers) {

12
backend/core/src/main/java/org/opencdmp/service/dmpblueprint/DmpBlueprintServiceImpl.java
View File

@ -173,7 +173,7 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService {
this.entityManager.flush();
return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, DmpBlueprint._id), data);
return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, DmpBlueprint._id), data);
}
private void updateVersionStatusAndSave(DmpBlueprintEntity data, DmpBlueprintStatus previousStatus, DmpBlueprintStatus newStatus) throws InvalidApplicationException {
@ -351,8 +351,8 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService {
this.authorizationService.authorizeForce(Permission.CloneDmpBlueprint);
DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fields, query.firstAs(fields));
DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fields, query.firstAs(fields));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -450,7 +450,7 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService {
this.entityManager.flush();
return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, DmpBlueprint._id), data);
return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, DmpBlueprint._id), data);
}
//endregion
@ -463,7 +463,7 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService {
logger.debug(new MapLogEntry("export xml").And("id", id));
if (!ignoreAuthorize) this.authorizationService.authorizeForce(Permission.ExportDmpBlueprint);
DmpBlueprintEntity data = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).first();
DmpBlueprintEntity data = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));
return this.definitionXmlToExport(data);
@ -473,7 +473,7 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService {
@Override
public ResponseEntity<byte[]> exportXml(UUID id) throws MyForbiddenException, MyNotFoundException, JAXBException, ParserConfigurationException, IOException, InstantiationException, IllegalAccessException, SAXException, TransformerException, InvalidApplicationException {
logger.debug(new MapLogEntry("export xml").And("id", id));
DmpBlueprintEntity data = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).first();
DmpBlueprintEntity data = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().ids(id).authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).first();
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));
String xml = this.xmlHandlingService.toXml(this.getExportXmlEntity(id, false));

2
backend/core/src/main/java/org/opencdmp/service/entitydoi/EntityDoiServiceImpl.java
View File

@ -109,7 +109,7 @@ public class EntityDoiServiceImpl implements EntityDoiService {
this.entityManager.flush();
this.eventBroker.emit(new EntityDoiTouchedEvent(data.getId()));
return this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, EntityDoi._id), data);
return this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, EntityDoi._id), data);
}
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException {

20
backend/core/src/main/java/org/opencdmp/service/filetransformer/FileTransformerServiceImpl.java
View File

@ -258,8 +258,8 @@ public class FileTransformerServiceImpl implements FileTransformerService {
FileTransformerRepository repository = this.getRepository(repositoryId);
if (repository == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{format, FileTransformerRepository.class.getSimpleName()}, LocaleContextHolder.getLocale()));
//GK: Second get the Target Data Management Plan
DmpQuery query = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(dmpId);
DmpModel dmpFileTransformerModel = this.builderFactory.builder(DmpCommonModelBuilder.class).useSharedStorage(repository.getConfiguration().isUseSharedStorage()).setRepositoryId(repository.getConfiguration().getFileTransformerId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(query.first());
DmpQuery query = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(dmpId);
DmpModel dmpFileTransformerModel = this.builderFactory.builder(DmpCommonModelBuilder.class).useSharedStorage(repository.getConfiguration().isUseSharedStorage()).setRepositoryId(repository.getConfiguration().getFileTransformerId()).authorize(AuthorizationFlags.AllExceptPublic).build(query.first());
if (dmpFileTransformerModel == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{dmpId, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
FileEnvelopeModel fileEnvelope = repository.exportDmp(dmpFileTransformerModel, format);
@ -279,8 +279,8 @@ public class FileTransformerServiceImpl implements FileTransformerService {
if (repository == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{format, FileTransformerRepository.class.getSimpleName()}, LocaleContextHolder.getLocale()));
//GK: Second get the Target Data Management Plan
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(descriptionId);
DescriptionModel descriptionFileTransformerModel = this.builderFactory.builder(DescriptionCommonModelBuilder.class).setRepositoryId(repository.getConfiguration().getFileTransformerId()).useSharedStorage(repository.getConfiguration().isUseSharedStorage()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(query.first());
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(descriptionId);
DescriptionModel descriptionFileTransformerModel = this.builderFactory.builder(DescriptionCommonModelBuilder.class).setRepositoryId(repository.getConfiguration().getFileTransformerId()).useSharedStorage(repository.getConfiguration().isUseSharedStorage()).authorize(AuthorizationFlags.AllExceptPublic).build(query.first());
if (descriptionFileTransformerModel == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{descriptionId, Description.class.getSimpleName()}, LocaleContextHolder.getLocale()));
FileEnvelopeModel fileEnvelope = repository.exportDescription(descriptionFileTransformerModel, format);
@ -316,7 +316,7 @@ public class FileTransformerServiceImpl implements FileTransformerService {
public DmpModel importDmp(DmpCommonModelConfig dmpCommonModelConfig) throws InvalidAlgorithmParameterException, NoSuchPaddingException, IllegalBlockSizeException, InvalidApplicationException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, IOException, JAXBException {
this.authorizationService.authorizeForce(Permission.NewDmp);
StorageFileEntity tempFile = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(dmpCommonModelConfig.getFileId()).first();
StorageFileEntity tempFile = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(dmpCommonModelConfig.getFileId()).first();
if (tempFile == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{dmpCommonModelConfig.getFileId(), StorageFile.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -324,15 +324,15 @@ public class FileTransformerServiceImpl implements FileTransformerService {
FileTransformerRepository repository = this.getRepository(dmpCommonModelConfig.getRepositoryId());
if (repository == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{dmpCommonModelConfig.getRepositoryId(), FileTransformerRepository.class.getSimpleName()}, LocaleContextHolder.getLocale()));
DmpBlueprintQuery dmpBlueprintQuery = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(dmpCommonModelConfig.getBlueprintId());
DmpBlueprintModel dmpBlueprintModel = this.builderFactory.builder(DmpBlueprintCommonModelBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(dmpBlueprintQuery.first());
DmpBlueprintQuery dmpBlueprintQuery = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(dmpCommonModelConfig.getBlueprintId());
DmpBlueprintModel dmpBlueprintModel = this.builderFactory.builder(DmpBlueprintCommonModelBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(dmpBlueprintQuery.first());
if (dmpBlueprintModel == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{dmpCommonModelConfig.getBlueprintId(), DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));
DmpImportModel dmpImportModel = new DmpImportModel();
dmpImportModel.setBlueprintModel(dmpBlueprintModel);
if (!this.conventionService.isListNullOrEmpty(dmpCommonModelConfig.getDescriptions())){
List<DescriptionTemplateEntity> descriptionTemplateEntities = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(dmpCommonModelConfig.getDescriptions().stream().map(x -> x.getTemplateId()).distinct().collect(Collectors.toList())).collect();
List<DescriptionTemplateEntity> descriptionTemplateEntities = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(dmpCommonModelConfig.getDescriptions().stream().map(x -> x.getTemplateId()).distinct().collect(Collectors.toList())).collect();
if (descriptionTemplateEntities == null) throw new MyApplicationException("Description Templates Not Exist!");
@ -340,7 +340,7 @@ public class FileTransformerServiceImpl implements FileTransformerService {
for (DescriptionCommonModelConfig descriptionCommonModelConfig : dmpCommonModelConfig.getDescriptions()) {
DescriptionTemplateEntity descriptionTemplateEntity = descriptionTemplateEntities.stream().filter(x -> x.getId().equals(descriptionCommonModelConfig.getTemplateId())).findFirst().orElse(null);
if (descriptionTemplateEntity != null){
DescriptionTemplateModel descriptionTemplateModel = this.builderFactory.builder(DescriptionTemplateCommonModelBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(descriptionTemplateEntity);
DescriptionTemplateModel descriptionTemplateModel = this.builderFactory.builder(DescriptionTemplateCommonModelBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(descriptionTemplateEntity);
DescriptionImportModel descriptionImportModel = new DescriptionImportModel();
descriptionImportModel.setId(descriptionCommonModelConfig.getId());
@ -383,7 +383,7 @@ public class FileTransformerServiceImpl implements FileTransformerService {
public PreprocessingDmpModel preprocessingDmp(UUID fileId, String repositoryId) throws InvalidAlgorithmParameterException, NoSuchPaddingException, IllegalBlockSizeException, InvalidApplicationException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, IOException {
this.authorizationService.authorizeForce(Permission.NewDmp);
StorageFileEntity tempFile = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(fileId).first();
StorageFileEntity tempFile = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(fileId).first();
if (tempFile == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{fileId, StorageFile.class.getSimpleName()}, LocaleContextHolder.getLocale()));

2
backend/core/src/main/java/org/opencdmp/service/language/LanguageServiceImpl.java
View File

@ -93,7 +93,7 @@ public class LanguageServiceImpl implements LanguageService {
this.entityManager.flush();
return this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Language._id), data);
return this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Language._id), data);
}
public String getPayload(String code) throws IOException {

18
backend/core/src/main/java/org/opencdmp/service/lock/LockServiceImpl.java
View File

@ -87,7 +87,8 @@ public class LockServiceImpl implements LockService {
AffiliatedResource affiliatedResourceDmp = this.authorizationContentResolver.dmpAffiliation(model.getTarget());
AffiliatedResource affiliatedResourceDescription = this.authorizationContentResolver.descriptionAffiliation(model.getTarget());
this.authorizationService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription), Permission.EditLock);
AffiliatedResource affiliatedResourceDescriptionTemplate = this.authorizationContentResolver.descriptionTemplateAffiliation(model.getTarget());
this.authorizationService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription, affiliatedResourceDescriptionTemplate), Permission.EditLock);
Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
@ -113,12 +114,12 @@ public class LockServiceImpl implements LockService {
this.entityManager.flush();
return this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Lock._id), data);
return this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Lock._id), data);
}
public LockStatus isLocked(UUID target, FieldSet fields) throws InvalidApplicationException {
LockStatus lockStatus = new LockStatus();
LockEntity lock = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).targetIds(target).first();
LockEntity lock = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).targetIds(target).first();
if (lock == null) {
lockStatus.setStatus(false);
@ -134,12 +135,12 @@ public class LockServiceImpl implements LockService {
} else lockStatus.setStatus(true);
}
lockStatus.setLock(this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Lock._id), lock));
lockStatus.setLock(this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Lock._id), lock));
return lockStatus;
}
public void lock(UUID target, LockTargetType targetType) throws InvalidApplicationException {
LockEntity lock = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).targetIds(target).first();
LockEntity lock = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).targetIds(target).first();
if (lock == null) {
this.persist(new LockPersist(target, targetType), null);
}else{
@ -150,7 +151,7 @@ public class LockServiceImpl implements LockService {
}
public void touch(UUID target) throws InvalidApplicationException {
LockEntity lock = this.queryFactory.query(LockQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).targetIds(target).first();
LockEntity lock = this.queryFactory.query(LockQuery.class).authorize(AuthorizationFlags.AllExceptPublic).targetIds(target).first();
if (lock == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{target, Lock.class.getSimpleName()}, LocaleContextHolder.getLocale()));
if (!lock.getLockedBy().equals(this.userScope.getUserId())) throw new MyApplicationException("Only the user who created that lock can touch it");
@ -161,7 +162,7 @@ public class LockServiceImpl implements LockService {
}
public void unlock(UUID target) throws InvalidApplicationException {
LockEntity lock = this.queryFactory.query(LockQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).targetIds(target).first();
LockEntity lock = this.queryFactory.query(LockQuery.class).authorize(AuthorizationFlags.AllExceptPublic).targetIds(target).first();
if (lock == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{target, Lock.class.getSimpleName()}, LocaleContextHolder.getLocale()));
if (!lock.getLockedBy().equals(this.userScope.getUserId())) {
@ -175,7 +176,8 @@ public class LockServiceImpl implements LockService {
AffiliatedResource affiliatedResourceDmp = this.authorizationContentResolver.dmpAffiliation(target);
AffiliatedResource affiliatedResourceDescription = this.authorizationContentResolver.descriptionAffiliation(target);
this.authorizationService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription), Permission.DeleteLock);
AffiliatedResource affiliatedResourceDescriptionTemplate = this.authorizationContentResolver.descriptionTemplateAffiliation(target);
this.authorizationService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription, affiliatedResourceDescriptionTemplate), Permission.DeleteLock);
this.deleterFactory.deleter(LockDeleter.class).deleteAndSaveByIds(List.of(id));
}

6
backend/core/src/main/java/org/opencdmp/service/prefillingsource/PrefillingSourceServiceImpl.java
View File

@ -155,7 +155,7 @@ public class PrefillingSourceServiceImpl implements PrefillingSourceService {
Long prefillingSourcesWithThisCode = this.queryFactory.query(PrefillingSourceQuery.class).codes(data.getCode()).count();
if (prefillingSourcesWithThisCode > 1) throw new MyValidationException(this.errors.getPrefillingSourceCodeExists().getCode(), this.errors.getPrefillingSourceCodeExists().getMessage());
return this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, PrefillingSource._id), data);
return this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, PrefillingSource._id), data);
}
private @NotNull PrefillingSourceDefinitionEntity buildDefinitionEntity(PrefillingSourceDefinitionPersist persist) {
@ -381,7 +381,7 @@ public class PrefillingSourceServiceImpl implements PrefillingSourceService {
Description description = new Description();
FieldSet descriptionTemplateFields = fieldSet.extractPrefixed(this.conventionService.asPrefix(Description._descriptionTemplate));
description.setDescriptionTemplate(this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(descriptionTemplateFields, descriptionTemplateEntity));
description.setDescriptionTemplate(this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(descriptionTemplateFields, descriptionTemplateEntity));
return this.mapPrefilledEntityToDescription(description, descriptionTemplateDefinition, prefillingSourceDefinition, prefillingSourceEntity.getLabel(), data);
}
@ -549,7 +549,7 @@ public class PrefillingSourceServiceImpl implements PrefillingSourceService {
case TAGS -> {
String[] valuesParsed = this.tryParseJsonAsObjectString(String[].class, value);
List<String> finalValue = valuesParsed == null ? List.of(value) : Arrays.stream(valuesParsed).toList();
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).isActive(IsActive.Active).tags(finalValue).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermissionOrPublic).collect();
List<TagEntity> existingTags = this.queryFactory.query(TagQuery.class).isActive(IsActive.Active).tags(finalValue).disableTracking().authorize(AuthorizationFlags.All).collect();
List<Tag> tags = new ArrayList<>();
for (String like : finalValue) {
Tag tag = new Tag();

8
backend/core/src/main/java/org/opencdmp/service/reference/ReferenceServiceImpl.java
View File

@ -122,7 +122,7 @@ public class ReferenceServiceImpl implements ReferenceService {
this.entityManager.flush();
return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Reference._id), data);
return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Reference._id), data);
}
private @NotNull DefinitionEntity buildDefinitionEntity(DefinitionPersist persist){
@ -195,7 +195,7 @@ public class ReferenceServiceImpl implements ReferenceService {
ReferenceEntity referenceEntity = this.buildReferenceEntityFromExternalData(result, data);
referenceEntities.add(referenceEntity);
}
externalModels = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), referenceEntities);
externalModels = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), referenceEntities);
}
List<Reference> models = this.fetchReferenceFromDb(lookup);
@ -239,10 +239,10 @@ public class ReferenceServiceImpl implements ReferenceService {
}
private List<Reference> fetchReferenceFromDb(ReferenceSearchLookup lookup){
ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).sourceTypes(ReferenceSourceType.Internal).typeIds(lookup.getTypeId());
ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic).sourceTypes(ReferenceSourceType.Internal).typeIds(lookup.getTypeId());
if (!this.conventionService.isNullOrEmpty(lookup.getLike())) query.like(lookup.getLike());
List<ReferenceEntity> data = query.collectAs(lookup.getProject());
return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
}
private ExternalDataResult getReferenceData(ReferenceTypeEntity referenceType, ExternalReferenceCriteria externalReferenceCriteria, String key) {

2
backend/core/src/main/java/org/opencdmp/service/referencetype/ReferenceTypeServiceImpl.java
View File

@ -110,7 +110,7 @@ public class ReferenceTypeServiceImpl implements ReferenceTypeService {
Long referenceTypesWithThisCode = this.queryFactory.query(ReferenceTypeQuery.class).codes(data.getCode()).count();
if (referenceTypesWithThisCode > 1) throw new MyValidationException(this.errors.getReferenceTypeCodeExists().getCode(), this.errors.getReferenceTypeCodeExists().getMessage());
return this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, ReferenceType._id), data);
return this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, ReferenceType._id), data);
}
private @NotNull ReferenceTypeDefinitionEntity buildDefinitionEntity(ReferenceTypeDefinitionPersist persist){

6
backend/core/src/main/java/org/opencdmp/service/storage/StorageFileServiceImpl.java
View File

@ -94,7 +94,7 @@ public class StorageFileServiceImpl implements StorageFileService {
this.entityManager.persist(storageFile);
this.entityManager.flush();
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, StorageFile._id), storageFile);
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, StorageFile._id), storageFile);
}
@Override
@ -142,7 +142,7 @@ public class StorageFileServiceImpl implements StorageFileService {
file.delete();
this.entityManager.merge(storageFile);
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, StorageFile._id), storageFile);
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, StorageFile._id), storageFile);
}
catch (Exception ex) {
logger.warn("problem reading byte content of storage file " + fileId, ex);
@ -181,7 +181,7 @@ public class StorageFileServiceImpl implements StorageFileService {
this.entityManager.persist(data);
this.entityManager.merge(storageFile);
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, StorageFile._id), data);
return this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, StorageFile._id), data);
}
catch (Exception ex) {

4
backend/core/src/main/java/org/opencdmp/service/supportivematerial/SupportiveMaterialServiceImpl.java
View File

@ -95,7 +95,7 @@ public class SupportiveMaterialServiceImpl implements SupportiveMaterialService{
if (d == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), SupportiveMaterial.class.getSimpleName()}, LocaleContextHolder.getLocale()));
} else {
List<SupportiveMaterialEntity> data = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).languageCodes(model.getLanguageCode()).types(model.getType()).collect();
List<SupportiveMaterialEntity> data = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).languageCodes(model.getLanguageCode()).types(model.getType()).collect();
if(data != null && !data.isEmpty()){
throw new MyApplicationException("Could not create a new Data with same type and lang code !");
@ -117,7 +117,7 @@ public class SupportiveMaterialServiceImpl implements SupportiveMaterialService{
this.entityManager.flush();
return this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, SupportiveMaterial._id), d);
return this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, SupportiveMaterial._id), d);
}
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException {

2
backend/core/src/main/java/org/opencdmp/service/tag/TagServiceImpl.java
View File

@ -112,7 +112,7 @@ public class TagServiceImpl implements TagService {
this.entityManager.flush();
this.eventBroker.emit(new TagTouchedEvent(data.getId()));
return this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Tag._id), data);
return this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Tag._id), data);
}
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException {

22
backend/core/src/main/java/org/opencdmp/service/tenant/TenantServiceImpl.java
View File

@ -16,8 +16,8 @@ import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import gr.cite.tools.logging.LoggerService;
import gr.cite.tools.logging.MapLogEntry;
import org.opencdmp.authorization.AuthorizationConfiguration;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.authorization.AuthorizationProperties;
import org.opencdmp.authorization.ClaimNames;
import org.opencdmp.authorization.Permission;
import org.opencdmp.commons.enums.IsActive;
@ -77,7 +77,7 @@ public class TenantServiceImpl implements TenantService {
private final TenantRemovalIntegrationEventHandler tenantRemovalIntegrationEventHandler;
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
private final KeycloakService keycloakService;
private final AuthorizationProperties authorizationProperties;
private final AuthorizationConfiguration authorizationConfiguration;
private final TenantScope tenantScope;
private final QueryFactory queryFactory;
private final CurrentPrincipalResolver currentPrincipalResolver;
@ -93,7 +93,7 @@ public class TenantServiceImpl implements TenantService {
BuilderFactory builderFactory,
ConventionService conventionService,
MessageSource messageSource,
ErrorThesaurusProperties errors, TenantTouchedIntegrationEventHandler tenantTouchedIntegrationEventHandler, TenantRemovalIntegrationEventHandler tenantRemovalIntegrationEventHandler, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, KeycloakService keycloakService, AuthorizationProperties authorizationProperties, TenantScope tenantScope, QueryFactory queryFactory, CurrentPrincipalResolver currentPrincipalResolver, ClaimExtractor claimExtractor, EventBroker eventBroker) {
ErrorThesaurusProperties errors, TenantTouchedIntegrationEventHandler tenantTouchedIntegrationEventHandler, TenantRemovalIntegrationEventHandler tenantRemovalIntegrationEventHandler, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, KeycloakService keycloakService, AuthorizationConfiguration authorizationConfiguration, TenantScope tenantScope, QueryFactory queryFactory, CurrentPrincipalResolver currentPrincipalResolver, ClaimExtractor claimExtractor, EventBroker eventBroker) {
this.entityManager = entityManager;
this.authorizationService = authorizationService;
this.deleterFactory = deleterFactory;
@ -105,7 +105,7 @@ public class TenantServiceImpl implements TenantService {
this.tenantRemovalIntegrationEventHandler = tenantRemovalIntegrationEventHandler;
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
this.keycloakService = keycloakService;
this.authorizationProperties = authorizationProperties;
this.authorizationConfiguration = authorizationConfiguration;
this.tenantScope = tenantScope;
this.queryFactory = queryFactory;
this.currentPrincipalResolver = currentPrincipalResolver;
@ -160,17 +160,17 @@ public class TenantServiceImpl implements TenantService {
this.eventBroker.emit(new TenantTouchedEvent(data.getId(), data.getCode()));
return this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Tenant._id), data);
return this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, Tenant._id), data);
}
private void autoAssignGlobalAdminsToNewTenant(TenantEntity tenant) throws InvalidApplicationException {
if (!this.authorizationProperties.getAutoAssignGlobalAdminToNewTenants()) return;
if (!this.authorizationConfiguration.getAuthorizationProperties().getAutoAssignGlobalAdminToNewTenants()) return;
List<UserRoleEntity> existingItems;
List<UserCredentialEntity> userCredentialEntities;
try {
this.entityManager.disableTenantFilters();
existingItems = this.queryFactory.query(UserRoleQuery.class).disableTracking().tenantIsSet(false).roles(this.authorizationProperties.getGlobalAdminRoles()).collect();
existingItems = this.queryFactory.query(UserRoleQuery.class).disableTracking().tenantIsSet(false).roles(this.authorizationConfiguration.getAuthorizationProperties().getGlobalAdminRoles()).collect();
userCredentialEntities = this.queryFactory.query(UserCredentialQuery.class).disableTracking().userIds(existingItems.stream().map(UserRoleEntity::getUserId).distinct().toList()).collect();
List<String> keycloakIdsToAddToTenantGroup = new ArrayList<>();
@ -191,10 +191,10 @@ public class TenantServiceImpl implements TenantService {
item.setId(UUID.randomUUID());
item.setUserId(userId);
item.setTenantId(tenant.getId());
if (existingItems.stream().filter(x -> x.getUserId().equals(userId) && x.getRole().equals(this.authorizationProperties.getAdminRole())).findFirst().orElse(null) != null){
item.setRole(this.authorizationProperties.getTenantAdminRole()); // admin
if (existingItems.stream().filter(x -> x.getUserId().equals(userId) && x.getRole().equals(this.authorizationConfiguration.getAuthorizationProperties().getAdminRole())).findFirst().orElse(null) != null){
item.setRole(this.authorizationConfiguration.getAuthorizationProperties().getTenantAdminRole()); // admin
} else {
item.setRole(this.authorizationProperties.getTenantUserRole()); // installation admin
item.setRole(this.authorizationConfiguration.getAuthorizationProperties().getTenantUserRole()); // installation admin
}
item.setCreatedAt(Instant.now());
this.entityManager.persist(item);
@ -214,7 +214,7 @@ public class TenantServiceImpl implements TenantService {
this.entityManager.flush();
for (String externalId : keycloakIdsToAddToTenantGroup) {
this.keycloakService.addUserToTenantRoleGroup(externalId, tenant.getCode(), this.authorizationProperties.getTenantAdminRole());
this.keycloakService.addUserToTenantRoleGroup(externalId, tenant.getCode(), this.authorizationConfiguration.getAuthorizationProperties().getTenantAdminRole());
}
} finally {
this.entityManager.reloadTenantFilters();

2
backend/core/src/main/java/org/opencdmp/service/tenantconfiguration/TenantConfigurationServiceImpl.java
View File

@ -185,7 +185,7 @@ public class TenantConfigurationServiceImpl implements TenantConfigurationServic
this.tenantDefaultLocaleTouchedIntegrationEventHandler.handle(event);
}
return this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, TenantConfiguration._id), data);
return this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, TenantConfiguration._id), data);
}
private @NotNull DepositTenantConfigurationEntity buildDepositTenantConfigurationEntity(DepositTenantConfigurationPersist persist) throws InvalidAlgorithmParameterException, NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException {

48
backend/core/src/main/java/org/opencdmp/service/user/UserServiceImpl.java
View File

@ -20,8 +20,8 @@ import org.apache.commons.csv.CSVFormat;
import org.apache.commons.csv.CSVPrinter;
import org.apache.commons.csv.QuoteMode;
import org.jetbrains.annotations.NotNull;
import org.opencdmp.authorization.AuthorizationConfiguration;
import org.opencdmp.authorization.AuthorizationFlags;
import org.opencdmp.authorization.AuthorizationProperties;
import org.opencdmp.authorization.OwnedResource;
import org.opencdmp.authorization.Permission;
import org.opencdmp.commons.JsonHandlingService;
@ -112,22 +112,22 @@ public class UserServiceImpl implements UserService {
private final ElasticService elasticService;
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
private final UserRemovalIntegrationEventHandler userRemovalIntegrationEventHandler;
private final AuthorizationProperties authorizationProperties;
private final AuthorizationConfiguration authorizationConfiguration;
private final TenantScope tenantScope;
private final AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler;
@Autowired
public UserServiceImpl(
TenantEntityManager entityManager,
AuthorizationService authorizationService,
DeleterFactory deleterFactory,
BuilderFactory builderFactory,
ConventionService conventionService,
ErrorThesaurusProperties errors,
MessageSource messageSource,
EventBroker eventBroker,
JsonHandlingService jsonHandlingService,
XmlHandlingService xmlHandlingService, QueryFactory queryFactory,
UserScope userScope, KeycloakService keycloakService, ActionConfirmationService actionConfirmationService, NotificationProperties notificationProperties, NotifyIntegrationEventHandler eventHandler, ValidatorFactory validatorFactory, ElasticService elasticService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, UserRemovalIntegrationEventHandler userRemovalIntegrationEventHandler, AuthorizationProperties authorizationProperties, TenantScope tenantScope, AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler) {
TenantEntityManager entityManager,
AuthorizationService authorizationService,
DeleterFactory deleterFactory,
BuilderFactory builderFactory,
ConventionService conventionService,
ErrorThesaurusProperties errors,
MessageSource messageSource,
EventBroker eventBroker,
JsonHandlingService jsonHandlingService,
XmlHandlingService xmlHandlingService, QueryFactory queryFactory,
UserScope userScope, KeycloakService keycloakService, ActionConfirmationService actionConfirmationService, NotificationProperties notificationProperties, NotifyIntegrationEventHandler eventHandler, ValidatorFactory validatorFactory, ElasticService elasticService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, UserRemovalIntegrationEventHandler userRemovalIntegrationEventHandler, AuthorizationConfiguration authorizationConfiguration, TenantScope tenantScope, AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler) {
this.entityManager = entityManager;
this.authorizationService = authorizationService;
this.deleterFactory = deleterFactory;
@ -148,7 +148,7 @@ public class UserServiceImpl implements UserService {
this.elasticService = elasticService;
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
this.userRemovalIntegrationEventHandler = userRemovalIntegrationEventHandler;
this.authorizationProperties = authorizationProperties;
this.authorizationConfiguration = authorizationConfiguration;
this.tenantScope = tenantScope;
this.annotationEntityTouchedIntegrationEventHandler = annotationEntityTouchedIntegrationEventHandler;
}
@ -187,7 +187,7 @@ public class UserServiceImpl implements UserService {
this.eventBroker.emit(new UserTouchedEvent(data.getId()));
this.userTouchedIntegrationEventHandler.handle(data.getId());
return this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, User._id), data);
return this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, User._id), data);
}
private @NotNull AdditionalInfoEntity buildAdditionalInfoEntity(UserAdditionalInfoPersist persist) throws InvalidApplicationException {
@ -343,16 +343,16 @@ public class UserServiceImpl implements UserService {
this.syncKeycloakRoles(data.getId());
this.userTouchedIntegrationEventHandler.handle(data.getId());
return this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, User._id), data);
return this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, User._id), data);
}
private void applyGlobalRoles(UUID userId, UserRolePatchPersist model) throws InvalidApplicationException {
try {
this.entityManager.disableTenantFilters();
List<UserRoleEntity> existingItems = this.queryFactory.query(UserRoleQuery.class).userIds(userId).tenantIsSet(false).roles(this.authorizationProperties.getAllowedGlobalRoles()).collect();
List<UserRoleEntity> existingItems = this.queryFactory.query(UserRoleQuery.class).userIds(userId).tenantIsSet(false).roles(this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()).collect();
List<UUID> foundIds = new ArrayList<>();
for (String roleName : model.getRoles().stream().filter(x -> x != null && !x.isBlank() && this.authorizationProperties.getAllowedGlobalRoles().contains(x)).distinct().toList()) {
for (String roleName : model.getRoles().stream().filter(x -> x != null && !x.isBlank() && this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles().contains(x)).distinct().toList()) {
UserRoleEntity item = existingItems.stream().filter(x -> x.getRole().equals(roleName)).findFirst().orElse(null);
if (item == null) {
item = new UserRoleEntity();
@ -379,7 +379,7 @@ public class UserServiceImpl implements UserService {
private void applyTenantRoles(UUID userId, UserRolePatchPersist model) throws InvalidApplicationException {
if (!this.tenantScope.isSet()) throw new MyForbiddenException("tenant scope required");
UserRoleQuery userRoleQuery = this.queryFactory.query(UserRoleQuery.class).userIds(userId).roles(this.authorizationProperties.getAllowedTenantRoles());
UserRoleQuery userRoleQuery = this.queryFactory.query(UserRoleQuery.class).userIds(userId).roles(this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles());
if (this.tenantScope.isDefaultTenant()) userRoleQuery.tenantIsSet(false);
else userRoleQuery.tenantIsSet(true).tenantIds(this.tenantScope.getTenant());
@ -387,7 +387,7 @@ public class UserServiceImpl implements UserService {
List<UserRoleEntity> existingItems = userRoleQuery.collect();
List<UUID> foundIds = new ArrayList<>();
for (String roleName : model.getRoles().stream().filter(x-> x != null && !x.isBlank() && this.authorizationProperties.getAllowedTenantRoles().contains(x)).distinct().toList()) {
for (String roleName : model.getRoles().stream().filter(x-> x != null && !x.isBlank() && this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles().contains(x)).distinct().toList()) {
UserRoleEntity item = existingItems.stream().filter(x-> x.getRole().equals(roleName)).findFirst().orElse(null);
if (item == null) {
item = new UserRoleEntity();
@ -700,9 +700,9 @@ public class UserServiceImpl implements UserService {
for (UserCredentialEntity userCredential : userCredentials){
this.keycloakService.removeFromAllGroups(userCredential.getExternalId());
for (UserRoleEntity userRole : userRoles) {
if (this.authorizationProperties.getAllowedGlobalRoles().contains(userRole.getRole())){
if (this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles().contains(userRole.getRole())){
this.keycloakService.addUserToGlobalRoleGroup(userCredential.getExternalId(), userRole.getRole());
} else if (this.authorizationProperties.getAllowedTenantRoles().contains(userRole.getRole())){
} else if (this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles().contains(userRole.getRole())){
String tenantCode = userRole.getTenantId() == null ? this.tenantScope.getDefaultTenantCode() : tenants.stream().filter(x-> x.getId().equals(userRole.getTenantId())).map(TenantEntity::getCode).findFirst().orElse(null);
if (!this.conventionService.isNullOrEmpty(tenantCode)) this.keycloakService.addUserToTenantRoleGroup(userCredential.getExternalId(), tenantCode, userRole.getRole());
}
@ -900,8 +900,8 @@ public class UserServiceImpl implements UserService {
}
private void addToDefaultUserGroups(String subjectId){
this.keycloakService.addUserToGlobalRoleGroup(subjectId, this.authorizationProperties.getGlobalUserRole());
this.keycloakService.addUserToTenantRoleGroup(subjectId, this.tenantScope.getDefaultTenantCode(), this.authorizationProperties.getTenantUserRole());
this.keycloakService.addUserToGlobalRoleGroup(subjectId, this.authorizationConfiguration.getAuthorizationProperties().getGlobalUserRole());
this.keycloakService.addUserToTenantRoleGroup(subjectId, this.tenantScope.getDefaultTenantCode(), this.authorizationConfiguration.getAuthorizationProperties().getTenantUserRole());
}
private void checkActionState(ActionConfirmationEntity action) throws MyApplicationException {

2
backend/core/src/main/java/org/opencdmp/service/user/settings/UserSettingsServiceImpl.java
View File

@ -84,7 +84,7 @@ public class UserSettingsServiceImpl implements UserSettingsService {
this.entityManager.flush();
return this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, UserSettings._id, UserSettings._key), data);
return this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(BaseFieldSet.build(fields, UserSettings._id, UserSettings._key), data);
}
}

27
backend/web/src/main/java/org/opencdmp/authorization/AffiliatedAuthorizationHandler.java
View File

@ -1,10 +1,11 @@
package org.opencdmp.authorization;
import org.opencdmp.commons.enums.DmpUserRole;
import gr.cite.commons.web.authz.handler.AuthorizationHandler;
import gr.cite.commons.web.authz.handler.AuthorizationHandlerContext;
import gr.cite.commons.web.authz.policy.AuthorizationRequirement;
import gr.cite.commons.web.oidc.principal.MyPrincipal;
import org.opencdmp.commons.enums.DmpUserRole;
import org.opencdmp.commons.enums.UserDescriptionTemplateRole;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@ -32,16 +33,18 @@ public class AffiliatedAuthorizationHandler extends AuthorizationHandler<Affilia
if (!isAuthenticated)
return ACCESS_NOT_DETERMINED;
if (myConfiguration.getMyPolicies() == null)
if (this.myConfiguration.getMyPolicies() == null)
return ACCESS_NOT_DETERMINED;
int hits = 0;
HashSet<DmpUserRole> roles = rs != null && rs.getDmpUserRoles() != null ? rs.getDmpUserRoles() : null;
HashSet<DmpUserRole> dmpUserRoles = rs != null && rs.getDmpUserRoles() != null ? rs.getDmpUserRoles() : null;
HashSet<UserDescriptionTemplateRole> userDescriptionTemplateRoles = rs != null && rs.getUserDescriptionTemplateRoles() != null ? rs.getUserDescriptionTemplateRoles() : null;
for (String permission : req.getRequiredPermissions()) {
CustomPermissionAttributesProperties.MyPermission policy = myConfiguration.getMyPolicies().get(permission);
boolean hasPermission = policy != null && hasPermission(policy.getDmp(), roles);
if (hasPermission) hits += 1;
CustomPermissionAttributesProperties.MyPermission policy = this.myConfiguration.getMyPolicies().get(permission);
boolean hasDmpPermission = policy != null && this.hasPermission(policy.getDmp(), dmpUserRoles);
boolean hasDescriptionTemplatePermission = policy != null && this.hasPermission(policy.getDescriptionTemplate(), userDescriptionTemplateRoles);
if (hasDmpPermission || hasDescriptionTemplatePermission) hits += 1;
}
if ((req.getMatchAll() && req.getRequiredPermissions().size() == hits) || (!req.getMatchAll() && hits > 0))
return ACCESS_GRANTED;
@ -49,6 +52,18 @@ public class AffiliatedAuthorizationHandler extends AuthorizationHandler<Affilia
return ACCESS_NOT_DETERMINED;
}
private Boolean hasPermission(DescriptionTemplateRole descriptionTemplateRole, HashSet<UserDescriptionTemplateRole> roles) {
if (roles == null)
return Boolean.FALSE;
if (descriptionTemplateRole == null || descriptionTemplateRole.getRoles() == null)
return Boolean.FALSE;
for (UserDescriptionTemplateRole role : descriptionTemplateRole.getRoles()) {
if (roles.contains(role))
return Boolean.TRUE;
}
return Boolean.FALSE;
}
private Boolean hasPermission(DmpRole dmpRole, HashSet<DmpUserRole> roles) {
if (roles == null)
return Boolean.FALSE;

12
backend/web/src/main/java/org/opencdmp/authorization/CustomPermissionAttributesProperties.java
View File

@ -18,21 +18,27 @@ public class CustomPermissionAttributesProperties {
}
public HashMap<String, MyPermission> getPolicies() {
return policies;
return this.policies;
}
public static class MyPermission {
private final DmpRole dmp;
private final DescriptionTemplateRole descriptionTemplate;
@ConstructorBinding
public MyPermission(DmpRole dmp) {
public MyPermission(DmpRole dmp, DescriptionTemplateRole descriptionTemplate) {
this.dmp = dmp;
this.descriptionTemplate = descriptionTemplate;
}
public DmpRole getDmp() {
return dmp;
return this.dmp;
}
public DescriptionTemplateRole getDescriptionTemplate() {
return this.descriptionTemplate;
}
}

20
backend/web/src/main/java/org/opencdmp/authorization/DescriptionTemplateRole.java Normal file
View File

@ -0,0 +1,20 @@
package org.opencdmp.authorization;
import org.opencdmp.commons.enums.UserDescriptionTemplateRole;
import org.springframework.boot.context.properties.bind.ConstructorBinding;
import java.util.Set;
public class DescriptionTemplateRole {
private final Set<UserDescriptionTemplateRole> roles;
@ConstructorBinding
public DescriptionTemplateRole(Set<UserDescriptionTemplateRole> roles) {
this.roles = roles;
}
public Set<UserDescriptionTemplateRole> getRoles() {
return this.roles;
}
}

2
backend/web/src/main/java/org/opencdmp/authorization/DmpRole.java
View File

@ -15,7 +15,7 @@ public class DmpRole {
}
public Set<DmpUserRole> getRoles() {
return roles;
return this.roles;
}
}

54
backend/web/src/main/java/org/opencdmp/controllers/DescriptionController.java
View File

@ -155,47 +155,25 @@ public class DescriptionController {
}
@PostMapping("query")
@Operation(
summary = "Query all descriptions",
description = SwaggerHelpers.Description.endpoint_query,
requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(
description = SwaggerHelpers.Description.endpoint_query_request_body,
content = {
@Content(
examples = {
@ExampleObject(
name = "Pagination and projection",
description = "Simple paginated request using a property projection list and pagination info",
value = SwaggerHelpers.Description.endpoint_query_request_body_example
)
}
)
}
),
responses = {
@ApiResponse(
description = "OK",
responseCode = "200",
content = {
@Content(
examples = {
@ExampleObject(
name = "First page",
description = "Example with the first page of paginated results",
value = SwaggerHelpers.Description.endpoint_query_response_example
)
}
)
}
)
}
)
@Operation(summary = "Query all descriptions", description = SwaggerHelpers.Description.endpoint_query, requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(description = SwaggerHelpers.Description.endpoint_query_request_body, content = @Content(
examples = {
@ExampleObject(
name = "Pagination and projection",
description = "Simple paginated request using a property projection list and pagination info",
value = SwaggerHelpers.Description.endpoint_query_request_body_example
)
}
)), responses = @ApiResponse(description = "OK", responseCode = "200", content = @Content(examples = @ExampleObject(
name = "First page",
description = "Example with the first page of paginated results",
value = SwaggerHelpers.Description.endpoint_query_response_example
))))
public QueryResult<Description> query(@RequestBody DescriptionLookup lookup) throws MyApplicationException, MyForbiddenException {
logger.debug("querying {}", Description.class.getSimpleName());
this.censorFactory.censor(DescriptionCensor.class).censor(lookup.getProject(), null);
QueryResult<Description> queryResult = this.elasticQueryHelperService.collect(lookup, AuthorizationFlags.OwnerOrDmpAssociatedOrPermission, null);
QueryResult<Description> queryResult = this.elasticQueryHelperService.collect(lookup, AuthorizationFlags.AllExceptPublic, null);
this.auditService.track(AuditableAction.Description_Query, "lookup", lookup);
@ -215,8 +193,8 @@ public class DescriptionController {
this.censorFactory.censor(DescriptionCensor.class).censor(fieldSet, null);
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).ids(id);
Description model = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).ids(id);
Description model = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Description.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/DescriptionTemplateController.java
View File

@ -88,10 +88,10 @@ public class DescriptionTemplateController {
this.censorFactory.censor(DescriptionTemplateCensor.class).censor(lookup.getProject(), null);
DescriptionTemplateQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
DescriptionTemplateQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<DescriptionTemplateEntity> data = query.collectAs(lookup.getProject());
List<DescriptionTemplate> models = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<DescriptionTemplate> models = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.DescriptionTemplate_Query, "lookup", lookup);
@ -106,8 +106,8 @@ public class DescriptionTemplateController {
this.censorFactory.censor(DescriptionTemplateCensor.class).censor(fieldSet, null);
DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/DescriptionTemplateTypeController.java
View File

@ -68,10 +68,10 @@ public class DescriptionTemplateTypeController {
this.censorFactory.censor(DescriptionTemplateTypeCensor.class).censor(lookup.getProject(), null);
DescriptionTemplateTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
DescriptionTemplateTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<DescriptionTemplateTypeEntity> data = query.collectAs(lookup.getProject());
List<DescriptionTemplateType> models = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<DescriptionTemplateType> models = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.DescriptionTemplateType_Query, "lookup", lookup);
@ -86,8 +86,8 @@ public class DescriptionTemplateTypeController {
this.censorFactory.censor(DescriptionTemplateTypeCensor.class).censor(fieldSet, null);
DescriptionTemplateTypeQuery query = this.queryFactory.query(DescriptionTemplateTypeQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
DescriptionTemplateType model = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
DescriptionTemplateTypeQuery query = this.queryFactory.query(DescriptionTemplateTypeQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
DescriptionTemplateType model = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplateType.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/DmpBlueprintController.java
View File

@ -81,10 +81,10 @@ public class DmpBlueprintController {
logger.debug("querying {}", DmpBlueprint.class.getSimpleName());
this.censorFactory.censor(DmpBlueprintCensor.class).censor(lookup.getProject(), null);
DmpBlueprintQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
DmpBlueprintQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<DmpBlueprintEntity> data = query.collectAs(lookup.getProject());
List<DmpBlueprint> models = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<DmpBlueprint> models = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.DmpBlueprint_Query, "lookup", lookup);
@ -98,8 +98,8 @@ public class DmpBlueprintController {
this.censorFactory.censor(DmpBlueprintCensor.class).censor(fieldSet, null);
DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale()));

6
backend/web/src/main/java/org/opencdmp/controllers/DmpController.java
View File

@ -159,7 +159,7 @@ public class DmpController {
this.censorFactory.censor(DmpCensor.class).censor(lookup.getProject(), null);
QueryResult<Dmp> queryResult = this.elasticQueryHelperService.collect(lookup, AuthorizationFlags.OwnerOrDmpAssociatedOrPermission, null);
QueryResult<Dmp> queryResult = this.elasticQueryHelperService.collect(lookup, AuthorizationFlags.AllExceptPublic, null);
this.auditService.track(AuditableAction.Dmp_Query, "lookup", lookup);
@ -178,8 +178,8 @@ public class DmpController {
this.censorFactory.censor(DmpCensor.class).censor(fieldSet, null);
DmpQuery query = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Dmp model = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
DmpQuery query = this.queryFactory.query(DmpQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Dmp model = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/EntityDoiController.java
View File

@ -70,10 +70,10 @@ public class EntityDoiController {
this.censorFactory.censor(EntityDoiCensor.class).censor(lookup.getProject(), null);
EntityDoiQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
EntityDoiQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<EntityDoiEntity> data = query.collectAs(lookup.getProject());
List<EntityDoi> models = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<EntityDoi> models = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.EntityDoi_Query, "lookup", lookup);
@ -87,8 +87,8 @@ public class EntityDoiController {
this.censorFactory.censor(EntityDoiCensor.class).censor(fieldSet, null);
EntityDoiQuery query = this.queryFactory.query(EntityDoiQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
EntityDoi model = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
EntityDoiQuery query = this.queryFactory.query(EntityDoiQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
EntityDoi model = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, EntityDoi.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/LanguageController.java
View File

@ -79,9 +79,9 @@ public class LanguageController {
this.censorFactory.censor(LanguageCensor.class).censor(lookup.getProject(), null);
LanguageQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
LanguageQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<LanguageEntity> data = query.collectAs(lookup.getProject());
List<Language> models = this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<Language> models = this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.Language_Query, "lookup", lookup);
@ -95,8 +95,8 @@ public class LanguageController {
this.censorFactory.censor(LanguageCensor.class).censor(fieldSet, null);
LanguageQuery query = this.queryFactory.query(LanguageQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Language model = this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
LanguageQuery query = this.queryFactory.query(LanguageQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Language model = this.builderFactory.builder(LanguageBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Language.class.getSimpleName()}, LocaleContextHolder.getLocale()));

21
backend/web/src/main/java/org/opencdmp/controllers/LockController.java
View File

@ -90,9 +90,9 @@ public class LockController {
this.censorFactory.censor(LockCensor.class).censor(lookup.getProject(), null);
LockQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
LockQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<LockEntity> data = query.collectAs(lookup.getProject());
List<Lock> models = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<Lock> models = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.Lock_Query, "lookup", lookup);
@ -106,8 +106,8 @@ public class LockController {
this.censorFactory.censor(LockCensor.class).censor(fieldSet, null);
LockQuery query = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Lock model = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
LockQuery query = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Lock model = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Lock.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -142,8 +142,8 @@ public class LockController {
this.censorFactory.censor(LockCensor.class).censor(fieldSet, null);
LockQuery query = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).targetIds(targetId);
Lock model = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
LockQuery query = this.queryFactory.query(LockQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).targetIds(targetId);
Lock model = this.builderFactory.builder(LockBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{targetId, Lock.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -174,7 +174,8 @@ public class LockController {
public boolean lock(@PathVariable("id") UUID targetId, @PathVariable("targetType") int targetType) throws Exception {
AffiliatedResource affiliatedResourceDmp = this.authorizationContentResolver.dmpAffiliation(targetId);
AffiliatedResource affiliatedResourceDescription = this.authorizationContentResolver.descriptionAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription), Permission.EditLock);
AffiliatedResource affiliatedResourceDescriptionTemplate = this.authorizationContentResolver.descriptionTemplateAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription, affiliatedResourceDescriptionTemplate), Permission.EditLock);
this.lockService.lock(targetId, LockTargetType.of((short) targetType));
this.auditService.track(AuditableAction.Lock_Locked, Map.ofEntries(
@ -189,7 +190,8 @@ public class LockController {
public boolean touch(@PathVariable("id") UUID targetId) throws Exception {
AffiliatedResource affiliatedResourceDmp = this.authorizationContentResolver.dmpAffiliation(targetId);
AffiliatedResource affiliatedResourceDescription = this.authorizationContentResolver.descriptionAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription), Permission.EditLock);
AffiliatedResource affiliatedResourceDescriptionTemplate = this.authorizationContentResolver.descriptionTemplateAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription, affiliatedResourceDescriptionTemplate), Permission.EditLock);
this.lockService.touch(targetId);
this.auditService.track(AuditableAction.Lock_Touched, Map.ofEntries(
@ -203,7 +205,8 @@ public class LockController {
public boolean unlock(@PathVariable("id") UUID targetId) throws Exception {
AffiliatedResource affiliatedResourceDmp = this.authorizationContentResolver.dmpAffiliation(targetId);
AffiliatedResource affiliatedResourceDescription = this.authorizationContentResolver.descriptionAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription), Permission.EditLock);
AffiliatedResource affiliatedResourceDescriptionTemplate = this.authorizationContentResolver.descriptionTemplateAffiliation(targetId);
this.authService.authorizeAtLeastOneForce(List.of(affiliatedResourceDmp, affiliatedResourceDescription, affiliatedResourceDescriptionTemplate), Permission.EditLock);
this.lockService.unlock(targetId);
this.auditService.track(AuditableAction.Lock_UnLocked, Map.ofEntries(

8
backend/web/src/main/java/org/opencdmp/controllers/PrefillingSourceController.java
View File

@ -87,9 +87,9 @@ public class PrefillingSourceController {
this.censorFactory.censor(PrefillingSourceCensor.class).censor(lookup.getProject(), null);
PrefillingSourceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
PrefillingSourceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<PrefillingSourceEntity> data = query.collectAs(lookup.getProject());
List<PrefillingSource> models = this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<PrefillingSource> models = this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.PrefillingSource_Query, "lookup", lookup);
@ -104,8 +104,8 @@ public class PrefillingSourceController {
this.censorFactory.censor(PrefillingSourceCensor.class).censor(fieldSet, null);
PrefillingSourceQuery query = this.queryFactory.query(PrefillingSourceQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
PrefillingSource model = this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
PrefillingSourceQuery query = this.queryFactory.query(PrefillingSourceQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
PrefillingSource model = this.builderFactory.builder(PrefillingSourceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, PrefillingSource.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/ReferenceController.java
View File

@ -81,9 +81,9 @@ public class ReferenceController {
this.censorFactory.censor(ReferenceCensor.class).censor(lookup.getProject(), null);
ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<ReferenceEntity> data = query.collectAs(lookup.getProject());
List<Reference> models = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<Reference> models = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.Reference_Query, "lookup", lookup);
@ -124,8 +124,8 @@ public class ReferenceController {
this.censorFactory.censor(ReferenceCensor.class).censor(fieldSet, null);
ReferenceQuery query = this.queryFactory.query(ReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Reference model = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
ReferenceQuery query = this.queryFactory.query(ReferenceQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Reference model = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Reference.class.getSimpleName()}, LocaleContextHolder.getLocale()));

12
backend/web/src/main/java/org/opencdmp/controllers/ReferenceTypeController.java
View File

@ -80,9 +80,9 @@ public class ReferenceTypeController{
this.censorFactory.censor(ReferenceTypeCensor.class).censor(lookup.getProject(), null);
ReferenceTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
ReferenceTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<ReferenceTypeEntity> data = query.collectAs(lookup.getProject());
List<ReferenceType> models = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<ReferenceType> models = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.ReferenceType_Query, "lookup", lookup);
@ -96,8 +96,8 @@ public class ReferenceTypeController{
this.censorFactory.censor(ReferenceTypeCensor.class).censor(fieldSet, null);
ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, ReferenceType.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -115,8 +115,8 @@ public class ReferenceTypeController{
this.censorFactory.censor(ReferenceTypeCensor.class).censor(fieldSet, null);
ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).codes(code);
ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).codes(code);
ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{code, ReferenceType.class.getSimpleName()}, LocaleContextHolder.getLocale()));

4
backend/web/src/main/java/org/opencdmp/controllers/StorageFileController.java
View File

@ -83,8 +83,8 @@ public class StorageFileController {
this.authorizationService.authorizeForce(Permission.BrowseStorageFile, Permission.DeferredAffiliation);
StorageFileQuery query = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
StorageFile model = this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
StorageFileQuery query = this.queryFactory.query(StorageFileQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
StorageFile model = this.builderFactory.builder(StorageFileBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, StorageFile.class.getSimpleName()}, LocaleContextHolder.getLocale()));

10
backend/web/src/main/java/org/opencdmp/controllers/SupportiveMaterialController.java
View File

@ -80,9 +80,9 @@ public class SupportiveMaterialController {
this.censorFactory.censor(SupportiveMaterialCensor.class).censor(lookup.getProject(), null);
SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<SupportiveMaterialEntity> data = query.collectAs(lookup.getProject());
List<SupportiveMaterial> models = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<SupportiveMaterial> models = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.SupportiveMaterial_Query, "lookup", lookup);
@ -96,8 +96,8 @@ public class SupportiveMaterialController {
this.censorFactory.censor(SupportiveMaterialCensor.class).censor(fieldSet, null);
SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
SupportiveMaterial model = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
SupportiveMaterial model = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, SupportiveMaterial.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -114,7 +114,7 @@ public class SupportiveMaterialController {
logger.debug("querying {}", SupportiveMaterial.class.getSimpleName());
SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().types(SupportiveMaterialFieldType.of(type)).languageCodes(language).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).disableTracking().types(SupportiveMaterialFieldType.of(type)).languageCodes(language).authorize(AuthorizationFlags.AllExceptPublic);
List<SupportiveMaterialEntity> data = query.collectAs(new BaseFieldSet().ensure(SupportiveMaterial._id).ensure(SupportiveMaterial._payload));
byte[] content;
if (data.size() == 1) content = data.getFirst().getPayload().getBytes();

8
backend/web/src/main/java/org/opencdmp/controllers/TagController.java
View File

@ -70,10 +70,10 @@ public class TagController {
this.censorFactory.censor(TagCensor.class).censor(lookup.getProject(), null);
TagQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
TagQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<TagEntity> data = query.collectAs(lookup.getProject());
List<Tag> models = this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<Tag> models = this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.Tag_Query, "lookup", lookup);
@ -87,8 +87,8 @@ public class TagController {
this.censorFactory.censor(TagCensor.class).censor(fieldSet, null);
TagQuery query = this.queryFactory.query(TagQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Tag model = this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
TagQuery query = this.queryFactory.query(TagQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Tag model = this.builderFactory.builder(TagBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Tag.class.getSimpleName()}, LocaleContextHolder.getLocale()));

12
backend/web/src/main/java/org/opencdmp/controllers/TenantConfigurationController.java
View File

@ -84,10 +84,10 @@ public class TenantConfigurationController {
this.censorFactory.censor(TenantConfigurationCensor.class).censor(lookup.getProject(), null);
TenantConfigurationQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
TenantConfigurationQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<TenantConfigurationEntity> data = query.collectAs(lookup.getProject());
List<TenantConfiguration> models = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<TenantConfiguration> models = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.TenantConfiguration_Query, "lookup", lookup);
@ -101,8 +101,8 @@ public class TenantConfigurationController {
this.censorFactory.censor(TenantConfigurationCensor.class).censor(fieldSet, null);
TenantConfigurationQuery query = this.queryFactory.query(TenantConfigurationQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
TenantConfiguration model = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
TenantConfigurationQuery query = this.queryFactory.query(TenantConfigurationQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
TenantConfiguration model = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, TenantConfiguration.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -120,11 +120,11 @@ public class TenantConfigurationController {
this.censorFactory.censor(TenantConfigurationCensor.class).censor(fieldSet, null);
TenantConfigurationQuery query = this.queryFactory.query(TenantConfigurationQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).isActive(IsActive.Active).types(TenantConfigurationType.of(type));
TenantConfigurationQuery query = this.queryFactory.query(TenantConfigurationQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).isActive(IsActive.Active).types(TenantConfigurationType.of(type));
if (this.tenantScope.isDefaultTenant()) query.tenantIsSet(false);
else query.tenantIsSet(true).tenantIds(this.tenantScope.getTenant());
TenantConfiguration model = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
TenantConfiguration model = this.builderFactory.builder(TenantConfigurationBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
this.auditService.track(AuditableAction.TenantConfiguration_LookupByType, Map.ofEntries(
new AbstractMap.SimpleEntry<String, Object>("type", type),

8
backend/web/src/main/java/org/opencdmp/controllers/TenantController.java
View File

@ -82,10 +82,10 @@ public class TenantController {
logger.debug("querying {}", Tenant.class.getSimpleName());
this.censorFactory.censor(TenantCensor.class).censor(lookup.getProject(), null);
TenantQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
TenantQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<TenantEntity> data = query.collectAs(lookup.getProject());
List<Tenant> models = this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<Tenant> models = this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.Tenant_Query, "lookup", lookup);
@ -99,8 +99,8 @@ public class TenantController {
this.censorFactory.censor(TenantCensor.class).censor(fieldSet, null);
TenantQuery query = this.queryFactory.query(TenantQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
Tenant model = this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
TenantQuery query = this.queryFactory.query(TenantQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
Tenant model = this.builderFactory.builder(TenantBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, Tenant.class.getSimpleName()}, LocaleContextHolder.getLocale()));

18
backend/web/src/main/java/org/opencdmp/controllers/UserController.java
View File

@ -98,10 +98,10 @@ public class UserController {
this.censorFactory.censor(UserCensor.class).censor(lookup.getProject(), null);
UserQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
UserQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<UserEntity> data = query.collectAs(lookup.getProject());
List<User> models = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<User> models = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.User_Query, "lookup", lookup);
@ -118,7 +118,7 @@ public class UserController {
UserQuery query = lookup.enrich(this.queryFactory).dmpAssociated(true).isActive(IsActive.Active);
List<UserEntity> data = query.collectAs(lookup.getProject());
List<DmpAssociatedUser> models = this.builderFactory.builder(DmpAssociatedUserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<DmpAssociatedUser> models = this.builderFactory.builder(DmpAssociatedUserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.User_DmpAssociatedQuery, "lookup", lookup);
@ -132,8 +132,8 @@ public class UserController {
this.censorFactory.censor(UserCensor.class).censor(fieldSet, id);
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).ids(id);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{id, User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -151,8 +151,8 @@ public class UserController {
this.censorFactory.censor(UserCensor.class).censor(fieldSet, null);
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).emails(email);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).emails(email);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{email, User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -183,8 +183,8 @@ public class UserController {
this.censorFactory.censor(UserCensor.class).censor(fieldSet, this.userScope.getUserId());
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().ids(this.userScope.getUserId()).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
UserQuery query = this.queryFactory.query(UserQuery.class).disableTracking().ids(this.userScope.getUserId()).authorize(AuthorizationFlags.AllExceptPublic);
User model = this.builderFactory.builder(UserBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
if (model == null)
throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{this.userScope.getUserId(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));

8
backend/web/src/main/java/org/opencdmp/controllers/UserSettingsController.java
View File

@ -73,9 +73,9 @@ public class UserSettingsController {
public QueryResult<UserSettings> Query(@RequestBody UserSettingsLookup lookup) throws MyApplicationException, MyForbiddenException {
logger.debug("querying {}", UserSettings.class.getSimpleName());
this.censorFactory.censor(UserSettingsCensor.class).censor(lookup.getProject(), null);
UserSettingsQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission);
UserSettingsQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.AllExceptPublic);
List<UserSettingsEntity> data = query.collectAs(lookup.getProject());
List<UserSettings> models = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(lookup.getProject(), data);
List<UserSettings> models = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(lookup.getProject(), data);
long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size();
this.auditService.track(AuditableAction.User_Settings_Query, "lookup", lookup);
@ -98,8 +98,8 @@ public class UserSettingsController {
UserSettings._updatedAt,
UserSettings._type
));
UserSettingsQuery query = this.queryFactory.query(UserSettingsQuery.class).disableTracking().authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).keys(key);
UserSettings model = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(fieldSet, query.firstAs(fieldSet));
UserSettingsQuery query = this.queryFactory.query(UserSettingsQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).keys(key);
UserSettings model = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.AllExceptPublic).build(fieldSet, query.firstAs(fieldSet));
this.auditService.track(AuditableAction.User_Settings_Lookup, Map.ofEntries(
new AbstractMap.SimpleEntry<String, Object>("key", key)

18
backend/web/src/main/java/org/opencdmp/interceptors/tenant/TenantInterceptor.java
View File

@ -12,7 +12,7 @@ import jakarta.persistence.criteria.CriteriaBuilder;
import jakarta.persistence.criteria.CriteriaQuery;
import jakarta.persistence.criteria.Root;
import org.jetbrains.annotations.NotNull;
import org.opencdmp.authorization.AuthorizationProperties;
import org.opencdmp.authorization.AuthorizationConfiguration;
import org.opencdmp.authorization.ClaimNames;
import org.opencdmp.authorization.Permission;
import org.opencdmp.commons.enums.IsActive;
@ -67,7 +67,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
private final LockByKeyManager lockByKeyManager;
private final ConventionService conventionService;
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
private final AuthorizationProperties authorizationProperties;
private final AuthorizationConfiguration authorizationConfiguration;
private final UserTenantRolesCacheService userTenantRolesCacheService;
public final TenantEntityManager tenantEntityManager;
@ -84,7 +84,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
TenantScopeProperties tenantScopeProperties,
UserAllowedTenantCacheService userAllowedTenantCacheService,
PlatformTransactionManager transactionManager,
ErrorThesaurusProperties errors, QueryUtilsService queryUtilsService, LockByKeyManager lockByKeyManager, ConventionService conventionService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationProperties authorizationProperties, UserTenantRolesCacheService userTenantRolesCacheService, TenantEntityManager tenantEntityManager) {
ErrorThesaurusProperties errors, QueryUtilsService queryUtilsService, LockByKeyManager lockByKeyManager, ConventionService conventionService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationConfiguration authorizationConfiguration, UserTenantRolesCacheService userTenantRolesCacheService, TenantEntityManager tenantEntityManager) {
this.tenantScope = tenantScope;
this.userScope = userScope;
this.currentPrincipalResolver = currentPrincipalResolver;
@ -98,7 +98,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
this.lockByKeyManager = lockByKeyManager;
this.conventionService = conventionService;
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
this.authorizationProperties = authorizationProperties;
this.authorizationConfiguration = authorizationConfiguration;
this.userTenantRolesCacheService = userTenantRolesCacheService;
this.tenantEntityManager = tenantEntityManager;
}
@ -287,7 +287,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
private List<String> getRolesFromClaims() {
List<String> claimsRoles = this.claimExtractor.asStrings(this.currentPrincipalResolver.currentPrincipal(), ClaimNames.TenantRolesClaimName);
if (claimsRoles == null) claimsRoles = new ArrayList<>();
claimsRoles = claimsRoles.stream().filter(x -> x != null && !x.isBlank() && (this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedTenantRoles()) || this.authorizationProperties.getAllowedTenantRoles().contains(x))).distinct().toList();
claimsRoles = claimsRoles.stream().filter(x -> x != null && !x.isBlank() && (this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()) || this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles().contains(x))).distinct().toList();
return claimsRoles;
}
@ -297,11 +297,11 @@ public class TenantInterceptor implements WebRequestInterceptor {
Root<UserRoleEntity> root = query.from(UserRoleEntity.class);
CriteriaBuilder.In<String> inRolesClause = criteriaBuilder.in(root.get(UserRoleEntity._role));
for (String item : this.authorizationProperties.getAllowedTenantRoles()) inRolesClause.value(item);
for (String item : this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()) inRolesClause.value(item);
query.where(criteriaBuilder.and(
criteriaBuilder.equal(root.get(UserRoleEntity._userId), this.userScope.getUserId()),
this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedTenantRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.tenantScope.isDefaultTenant() ? criteriaBuilder.isNull(root.get(UserRoleEntity._tenantId)) : criteriaBuilder.equal(root.get(UserRoleEntity._tenantId), this.tenantScope.getTenant())
)).multiselect(root.get(UserRoleEntity._role).alias(UserRoleEntity._role));
List<UserRoleEntity> results = this.entityManager.createQuery(query).getResultList();
@ -327,10 +327,10 @@ public class TenantInterceptor implements WebRequestInterceptor {
Root<UserRoleEntity> root = query.from(UserRoleEntity.class);
CriteriaBuilder.In<String> inRolesClause = criteriaBuilder.in(root.get(UserRoleEntity._role));
for (String item : this.authorizationProperties.getAllowedTenantRoles()) inRolesClause.value(item);
for (String item : this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()) inRolesClause.value(item);
query.where(criteriaBuilder.and(
criteriaBuilder.equal(root.get(UserRoleEntity._userId), this.userScope.getUserId()),
this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedTenantRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedTenantRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.tenantScope.isDefaultTenant() ? criteriaBuilder.isNull(root.get(UserRoleEntity._tenantId)) : criteriaBuilder.equal(root.get(UserRoleEntity._tenantId), this.tenantScope.getTenant())
));
List<UserRoleEntity> existingUserRoles = this.entityManager.createQuery(query).getResultList();

18
backend/web/src/main/java/org/opencdmp/interceptors/user/UserInterceptor.java
View File

@ -13,7 +13,7 @@ import jakarta.persistence.criteria.CriteriaBuilder;
import jakarta.persistence.criteria.CriteriaQuery;
import jakarta.persistence.criteria.Root;
import org.apache.commons.validator.routines.EmailValidator;
import org.opencdmp.authorization.AuthorizationProperties;
import org.opencdmp.authorization.AuthorizationConfiguration;
import org.opencdmp.authorization.ClaimNames;
import org.opencdmp.commons.JsonHandlingService;
import org.opencdmp.commons.enums.ContactInfoType;
@ -62,7 +62,7 @@ public class UserInterceptor implements WebRequestInterceptor {
private final LockByKeyManager lockByKeyManager;
private final LocaleProperties localeProperties;
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
private final AuthorizationProperties authorizationProperties;
private final AuthorizationConfiguration authorizationConfiguration;
private final ConventionService conventionService;
@PersistenceContext
public EntityManager entityManager;
@ -79,7 +79,7 @@ public class UserInterceptor implements WebRequestInterceptor {
JsonHandlingService jsonHandlingService,
QueryFactory queryFactory,
LockByKeyManager lockByKeyManager,
LocaleProperties localeProperties, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationProperties authorizationProperties, ConventionService conventionService, TenantEntityManager tenantEntityManager) {
LocaleProperties localeProperties, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationConfiguration authorizationConfiguration, ConventionService conventionService, TenantEntityManager tenantEntityManager) {
this.userScope = userScope;
this.currentPrincipalResolver = currentPrincipalResolver;
this.claimExtractor = claimExtractor;
@ -90,7 +90,7 @@ public class UserInterceptor implements WebRequestInterceptor {
this.lockByKeyManager = lockByKeyManager;
this.localeProperties = localeProperties;
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
this.authorizationProperties = authorizationProperties;
this.authorizationConfiguration = authorizationConfiguration;
this.conventionService = conventionService;
this.tenantEntityManager = tenantEntityManager;
}
@ -243,7 +243,7 @@ public class UserInterceptor implements WebRequestInterceptor {
private List<String> getRolesFromClaims() {
List<String> claimsRoles = this.claimExtractor.asStrings(this.currentPrincipalResolver.currentPrincipal(), ClaimNames.GlobalRolesClaimName);
if (claimsRoles == null) claimsRoles = new ArrayList<>();
claimsRoles = claimsRoles.stream().filter(x -> x != null && !x.isBlank() && (this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedGlobalRoles()) || this.authorizationProperties.getAllowedGlobalRoles().contains(x))).distinct().toList();
claimsRoles = claimsRoles.stream().filter(x -> x != null && !x.isBlank() && (this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()) || this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles().contains(x))).distinct().toList();
claimsRoles = claimsRoles.stream().filter(x -> x != null && !x.isBlank()).distinct().toList();
return claimsRoles;
}
@ -254,10 +254,10 @@ public class UserInterceptor implements WebRequestInterceptor {
Root<UserRoleEntity> root = query.from(UserRoleEntity.class);
CriteriaBuilder.In<String> inRolesClause = criteriaBuilder.in(root.get(UserRoleEntity._role));
for (String item : this.authorizationProperties.getAllowedGlobalRoles()) inRolesClause.value(item);
for (String item : this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()) inRolesClause.value(item);
query.where(criteriaBuilder.and(
criteriaBuilder.equal(root.get(UserRoleEntity._userId), userId),
this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedGlobalRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
criteriaBuilder.isNull(root.get(UserRoleEntity._tenantId))
));
List<UserRoleEntity> existingUserRoles = this.entityManager.createQuery(query).getResultList();
@ -284,11 +284,11 @@ public class UserInterceptor implements WebRequestInterceptor {
Root<UserRoleEntity> root = query.from(UserRoleEntity.class);
CriteriaBuilder.In<String> inRolesClause = criteriaBuilder.in(root.get(UserRoleEntity._role));
for (String item : this.authorizationProperties.getAllowedGlobalRoles()) inRolesClause.value(item);
for (String item : this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()) inRolesClause.value(item);
query.where(criteriaBuilder.and(
criteriaBuilder.equal(root.get(UserRoleEntity._userId), userId),
this.conventionService.isListNullOrEmpty(this.authorizationProperties.getAllowedGlobalRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
this.conventionService.isListNullOrEmpty(this.authorizationConfiguration.getAuthorizationProperties().getAllowedGlobalRoles()) ? criteriaBuilder.isNotNull(root.get(UserRoleEntity._role)) : inRolesClause,
criteriaBuilder.isNull(root.get(UserRoleEntity._tenantId))
)).multiselect(root.get(UserRoleEntity._role).alias(UserRoleEntity._role));
List<UserRoleEntity> results = this.entityManager.createQuery(query).getResultList();

16
backend/web/src/main/java/org/opencdmp/models/AccountBuilder.java
View File

@ -10,18 +10,14 @@ import gr.cite.tools.data.builder.BuilderFactory;
import gr.cite.tools.data.query.QueryFactory;
import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import org.opencdmp.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import org.opencdmp.commons.JsonHandlingService;
import org.opencdmp.commons.scope.tenant.TenantScope;
import org.opencdmp.commons.scope.user.UserScope;
import org.opencdmp.commons.types.user.AdditionalInfoEntity;
import org.opencdmp.data.DmpEntity;
import org.opencdmp.data.TenantEntityManager;
import org.opencdmp.data.UserEntity;
import org.opencdmp.model.builder.BaseBuilder;
import org.opencdmp.model.builder.TenantBuilder;
import org.opencdmp.model.builder.dmpreference.DmpReferenceBuilder;
import org.opencdmp.model.dmp.Dmp;
import org.opencdmp.query.DmpReferenceQuery;
import org.opencdmp.query.TenantQuery;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
import org.springframework.context.annotation.Scope;
@ -29,7 +25,6 @@ import org.springframework.stereotype.Component;
import javax.management.InvalidApplicationException;
import java.util.*;
import java.util.stream.Collectors;
@Component
@Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE)
@ -39,6 +34,7 @@ public class AccountBuilder {
private final Set<String> excludeMoreClaim;
private final CurrentPrincipalResolver currentPrincipalResolver;
private final AuthorizationConfiguration authorizationConfiguration;
private final AuthorizationContentResolver authorizationContentResolver;
private final JsonHandlingService jsonHandlingService;
private final UserScope userScope;
private final TenantEntityManager entityManager;
@ -46,11 +42,12 @@ public class AccountBuilder {
private final QueryFactory queryFactory;
private final BuilderFactory builderFactory;
public AccountBuilder(ClaimExtractor claimExtractor, CurrentPrincipalResolver currentPrincipalResolver, AuthorizationConfiguration authorizationConfiguration, JsonHandlingService jsonHandlingService, UserScope userScope, TenantEntityManager entityManager, TenantScope tenantScope, QueryFactory queryFactory, BuilderFactory builderFactory) {
public AccountBuilder(ClaimExtractor claimExtractor, CurrentPrincipalResolver currentPrincipalResolver, AuthorizationConfiguration authorizationConfiguration, AuthorizationContentResolver authorizationContentResolver, JsonHandlingService jsonHandlingService, UserScope userScope, TenantEntityManager entityManager, TenantScope tenantScope, QueryFactory queryFactory, BuilderFactory builderFactory) {
this.claimExtractor = claimExtractor;
this.currentPrincipalResolver = currentPrincipalResolver;
this.authorizationConfiguration = authorizationConfiguration;
this.jsonHandlingService = jsonHandlingService;
this.authorizationContentResolver = authorizationContentResolver;
this.jsonHandlingService = jsonHandlingService;
this.userScope = userScope;
this.entityManager = entityManager;
this.tenantScope = tenantScope;
@ -116,6 +113,9 @@ public class AccountBuilder {
permissions.add(permissionEntry.getKey());
}
}
if (!permissions.contains(org.opencdmp.authorization.Permission.ViewDescriptionTemplatePage)){
if (this.authorizationContentResolver.hasAtLeastOneDescriptionTemplateAffiliation()) permissions.add(org.opencdmp.authorization.Permission.ViewDescriptionTemplatePage);
}
model.setPermissions(new ArrayList<>(permissions));
}

12
backend/web/src/main/resources/config/permissions.yml
View File

@ -405,6 +405,10 @@ permissions:
- Admin
- TenantAdmin
- TenantPlanManager
descriptionTemplate:
roles:
- Owner
- Member
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
@ -958,6 +962,10 @@ permissions:
- Viewer
- DescriptionContributor
- Reviewer
descriptionTemplate:
roles:
- Owner
- Member
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
@ -971,6 +979,10 @@ permissions:
- Viewer
- DescriptionContributor
- Reviewer
descriptionTemplate:
roles:
- Owner
- Member
claims: [ ]
clients: [ ]
allowAnonymous: false

2
dmp-frontend/src/app/core/model/description-template/description-template.ts
View File

@ -10,6 +10,7 @@ import { ReferenceType } from "../reference-type/reference-type";
import { User } from "../user/user";
import { Reference } from "../reference/reference";
import { DescriptionTemplateVersionStatus } from "@app/core/common/enum/description-template-version-status";
import { AppPermission } from "@app/core/common/enum/permission.enum";
export interface DescriptionTemplate extends BaseEntity {
@ -23,6 +24,7 @@ export interface DescriptionTemplate extends BaseEntity {
definition?: DescriptionTemplateDefinition;
users?: UserDescriptionTemplate[];
versionStatus?: DescriptionTemplateVersionStatus;
authorizationFlags?: AppPermission[];
}
export interface UserDescriptionTemplate extends BaseEntity {

4
dmp-frontend/src/app/core/query/description-template.lookup.ts
View File

@ -14,7 +14,7 @@ export class DescriptionTemplateLookup extends Lookup implements DescriptionTemp
groupIds: Guid[];
excludedGroupIds: Guid[];
versionStatuses: DescriptionTemplateVersionStatus[];
onlyCanEdit: boolean;
constructor() {
super();
}
@ -30,4 +30,6 @@ export interface DescriptionTemplateFilter {
groupIds: Guid[];
excludedGroupIds: Guid[];
versionStatuses: DescriptionTemplateVersionStatus[];
onlyCanEdit: boolean;
}

3
dmp-frontend/src/app/ui/admin/description-template/description-template.routing.ts
View File

@ -84,9 +84,6 @@ const routes: Routes = [
'entity': DescriptionTemplateEditorResolver
},
data: {
authContext: {
permissions: [AppPermission.EditDescriptionTemplate]
},
getFromTitleService: true,
usePrefix: false
}

10
dmp-frontend/src/app/ui/admin/description-template/editor/description-template-editor.component.ts
View File

@ -104,19 +104,19 @@ export class DescriptionTemplateEditorComponent extends BaseEditor<DescriptionTe
}
protected get canDelete(): boolean {
return !this.isDeleted && !this.isNew && this.hasPermission(this.authService.permissionEnum.DeleteDescriptionTemplate);
return !this.isDeleted && !this.isNew && (this.hasPermission(this.authService.permissionEnum.DeleteDescriptionTemplate) || this.item?.authorizationFlags?.some(x => x === AppPermission.DeleteDescriptionTemplate));
}
protected get canSave(): boolean {
return !this.isDeleted && this.hasPermission(this.authService.permissionEnum.EditDescriptionTemplate);
return !this.isDeleted && (this.hasPermission(this.authService.permissionEnum.EditDescriptionTemplate) || this.item?.authorizationFlags?.some(x => x === AppPermission.EditDescriptionTemplate));
}
protected get canFinalize(): boolean {
return !this.isDeleted && this.hasPermission(this.authService.permissionEnum.EditDescriptionTemplate);
return !this.isDeleted && (this.hasPermission(this.authService.permissionEnum.EditDescriptionTemplate) || this.item?.authorizationFlags?.some(x => x === AppPermission.EditDescriptionTemplate));
}
private hasPermission(permission: AppPermission): boolean {
return this.authService.hasPermission(permission) || this.editorModel?.permissions?.includes(permission);
return this.authService.hasPermission(permission) || this.editorModel?.permissions?.includes(permission) || this.item?.authorizationFlags?.some(x => x === permission);
}
constructor(
@ -211,7 +211,7 @@ export class DescriptionTemplateEditorComponent extends BaseEditor<DescriptionTe
}
buildForm() {
this.formGroup = this.editorModel.buildForm(null, this.isDeleted || !this.authService.hasPermission(AppPermission.EditDescriptionTemplate));
this.formGroup = this.editorModel.buildForm(null, this.isDeleted || !(this.authService.hasPermission(AppPermission.EditDescriptionTemplate) || this.item?.authorizationFlags?.some(x => x === AppPermission.EditDescriptionTemplate)));
this.descriptionTemplateEditorService.setValidationErrorModel(this.editorModel.validationErrorModel);
this.isFinalized = this.editorModel.status == DescriptionTemplateStatus.Finalized;
if (this.isFinalized || this.isDeleted) {

8
dmp-frontend/src/app/ui/admin/description-template/editor/description-template-editor.resolver.ts
View File

@ -1,5 +1,6 @@
import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
import { AppPermission } from '@app/core/common/enum/permission.enum';
import { DescriptionTemplateType } from '@app/core/model/description-template-type/description-template-type';
import { DescriptionTemplate, DescriptionTemplateBaseFieldData, DescriptionTemplateDefaultValue, DescriptionTemplateDefinition, DescriptionTemplateExternalDatasetData, DescriptionTemplateField, DescriptionTemplateFieldSet, DescriptionTemplateLabelAndMultiplicityData, DescriptionTemplateMultiplicity, DescriptionTemplatePage, DescriptionTemplateReferenceTypeData, DescriptionTemplateRule, DescriptionTemplateSection, DescriptionTemplateSelectData, DescriptionTemplateSelectOption, DescriptionTemplateUploadData, DescriptionTemplateUploadOption, UserDescriptionTemplate } from '@app/core/model/description-template/description-template';
import { ReferenceType } from '@app/core/model/reference-type/reference-type';
@ -29,6 +30,13 @@ export class DescriptionTemplateEditorResolver extends BaseEditorResolver {
nameof<DescriptionTemplate>(x => x.language),
nameof<DescriptionTemplate>(x => x.status),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.EditDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.DeleteDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.CloneDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.CreateNewVersionDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.ImportDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.ExportDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.type), nameof<DescriptionTemplateType>(x => x.id)].join('.'),
[nameof<DescriptionTemplate>(x => x.type), nameof<DescriptionTemplateType>(x => x.name)].join('.'),

12
dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.html
View File

@ -92,23 +92,23 @@
<mat-icon>more_horiz</mat-icon>
</button>
<mat-menu #actionsMenu="matMenu">
<button *ngIf="row.status !== descriptionTemplateStatuses.Finalized" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/', row.id])">
<button *ngIf="row.status !== descriptionTemplateStatuses.Finalized && hasPermission(permissionEnum.EditDescriptionTemplate, row)" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/', row.id])">
<mat-icon>edit</mat-icon>{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.EDIT' | translate}}
</button>
<button *ngIf="row.belongsToCurrentTenant != false" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/new-version/', row.id])">
<button *ngIf="row.belongsToCurrentTenant != false && hasExplicitPermission(permissionEnum.EditDescriptionTemplate)" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/new-version/', row.id])">
<mat-icon>queue</mat-icon>{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.NEW-VERSION' | translate}}
</button>
<button mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/clone/', row.id])">
<button *ngIf="row.belongsToCurrentTenant != false && hasPermission(permissionEnum.CloneDescriptionTemplate, row)" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/clone/', row.id])">
<mat-icon>content_copy</mat-icon>{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.CLONE' | translate}}
</button>
<button mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/versions/', row.groupId])">
<button *ngIf="row.belongsToCurrentTenant != false && hasExplicitPermission(permissionEnum.EditDescriptionTemplate)" mat-menu-item [routerLink]="routerUtils.generateUrl(['/description-templates/versions/', row.groupId])">
<mat-icon>library_books</mat-icon>
{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.VIEW-VERSIONS' | translate}}
</button>
<button mat-menu-item (click)="export($event, row.id)">
<button *ngIf="row.belongsToCurrentTenant != false && hasPermission(permissionEnum.ExportDescriptionTemplate, row)" mat-menu-item (click)="export($event, row.id)">
<mat-icon>download</mat-icon>{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.DOWNLOAD-XML' | translate}}
</button>
<button *ngIf="row.belongsToCurrentTenant != false" mat-menu-item (click)="delete(row.id)">
<button *ngIf="row.belongsToCurrentTenant != false && hasPermission(permissionEnum.DeleteDescriptionTemplate, row)" mat-menu-item (click)="delete(row.id)">
<mat-icon>delete</mat-icon>
{{'DESCRIPTION-TEMPLATE-LISTING.ACTIONS.DELETE' | translate}}
</button>

24
dmp-frontend/src/app/ui/admin/description-template/listing/description-template-listing.component.ts
View File

@ -31,6 +31,7 @@ import { takeUntil } from 'rxjs/operators';
import { nameof } from 'ts-simple-nameof';
import { ImportDescriptionTemplateDialogComponent } from './import-description-template/import-description-template.dialog.component';
import { RouterUtilsService } from '@app/core/services/router/router-utils.service';
import { AppPermission } from '@app/core/common/enum/permission.enum';
@Component({
@ -45,6 +46,9 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
descriptionTemplateStatuses = DescriptionTemplateStatus;
mode;
public permissionEnum = AppPermission;
@ViewChild('descriptionTemplateStatus', { static: true }) descriptionTemplateStatus?: TemplateRef<any>;
@ViewChild('actions', { static: true }) actions?: TemplateRef<any>;
@ViewChild(HybridListingComponent, { static: true }) hybridListingComponent: HybridListingComponent;
@ -60,11 +64,26 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
nameof<DescriptionTemplate>(x => x.createdAt),
nameof<DescriptionTemplate>(x => x.hash),
nameof<DescriptionTemplate>(x => x.belongsToCurrentTenant),
nameof<DescriptionTemplate>(x => x.isActive)
nameof<DescriptionTemplate>(x => x.isActive),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.EditDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.DeleteDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.CloneDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.CreateNewVersionDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.ImportDescriptionTemplate].join('.'),
[nameof<DescriptionTemplate>(x => x.authorizationFlags), AppPermission.ExportDescriptionTemplate].join('.'),
];
rowIdentity = x => x.id;
public hasPermission(permission: AppPermission, row: DescriptionTemplate): boolean {
return this.authService.hasPermission(permission) || row?.authorizationFlags?.some(x => x === permission);
}
public hasExplicitPermission(permission: AppPermission): boolean {
return this.authService.hasPermission(permission);
}
constructor(
protected router: Router,
protected route: ActivatedRoute,
@ -186,6 +205,7 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
}
protected loadListing(): Observable<QueryResult<DescriptionTemplate>> {
this.lookup.onlyCanEdit = true;
return this.descriptionTemplateService.query(this.lookup);
}
@ -254,4 +274,4 @@ export class DescriptionTemplateListingComponent extends BaseListingComponent<De
}
});
}
}
}