Merge remote-tracking branch 'origin/dmp-refactoring' into dmp-refactoring

dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java

@@ -2,6 +2,14 @@ package eu.eudat.authorization;
 
 public final class Permission {
 
+	//Language
+	public static String BrowseLanguage = "BrowseLanguage";
+	public static String EditLanguage = "EditLanguage";
+
+	//Language
+	public static String BrowseStatistics = "BrowseStatistics";
+	public static String BrowsePublicStatistics = "BrowsePublicStatistics";
+	
 	//DescriptionTemplateType
 	public static String BrowseDescriptionTemplateType = "BrowseDescriptionTemplateType";
 	public static String EditDescriptionTemplateType = "EditDescriptionTemplateType";

dmp-backend/web/src/main/java/eu/eudat/controllers/DashBoardController.java

@@ -1,5 +1,6 @@
 package eu.eudat.controllers;
 
+import eu.eudat.authorization.Permission;
 import eu.eudat.logic.managers.DashBoardManager;
 import eu.eudat.logic.security.claims.ClaimedAuthorities;
 import eu.eudat.logic.services.ApiContext;
@@ -12,6 +13,7 @@ import eu.eudat.models.data.helpers.responses.ResponseItem;
 import eu.eudat.models.data.security.Principal;
 import eu.eudat.types.ApiMessageCode;
 import eu.eudat.types.Authorities;
+import gr.cite.commons.web.authz.service.AuthorizationService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -27,18 +29,30 @@ import java.util.List;
 public class DashBoardController extends BaseController {
 
     private DashBoardManager dashBoardManager;
+    private final AuthorizationService authorizationService;
     @Autowired
-    public DashBoardController(ApiContext apiContext, DashBoardManager dashBoardManager) {
+    public DashBoardController(ApiContext apiContext, DashBoardManager dashBoardManager, AuthorizationService authorizationService) {
         super(apiContext);
         this.dashBoardManager = dashBoardManager;
+        this.authorizationService = authorizationService;
     }
 
     @RequestMapping(method = RequestMethod.GET, value = {"/dashboard/me/getStatistics"}, produces = "application/json")
     public ResponseEntity<ResponseItem<DashBoardStatistics>> getStatistics(Principal principal) throws IOException {
+        this.authorizationService.authorizeForce(Permission.BrowseStatistics);
+        
         DashBoardStatistics statistics = dashBoardManager.getMeStatistics(principal);
         return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<DashBoardStatistics>().status(ApiMessageCode.NO_MESSAGE).payload(statistics));
     }
 
+    @RequestMapping(method = RequestMethod.GET, value = {"/dashboard/getStatistics"}, produces = "application/json")
+    public ResponseEntity<ResponseItem<DashBoardStatistics>> getStatistics() {
+        this.authorizationService.authorizeForce(Permission.BrowsePublicStatistics);
+        
+        DashBoardStatistics statistics = dashBoardManager.getStatistics();
+        return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<DashBoardStatistics>().status(ApiMessageCode.NO_MESSAGE).payload(statistics));
+    }
+
     @RequestMapping(method = RequestMethod.POST, value = {"/dashboard/recentActivity"}, produces = "application/json")
     @Transactional
     public ResponseEntity<ResponseItem<List<RecentActivityModel>>> getNewRecentActivity(@RequestBody RecentActivityTableRequest tableRequest,

dmp-backend/web/src/main/java/eu/eudat/controllers/LanguageController.java

@@ -1,10 +1,12 @@
 package eu.eudat.controllers;
 
+import eu.eudat.authorization.Permission;
 import eu.eudat.logic.security.claims.ClaimedAuthorities;
 import eu.eudat.models.data.helpers.responses.ResponseItem;
 import eu.eudat.models.data.security.Principal;
 import eu.eudat.types.ApiMessageCode;
 import eu.eudat.types.Authorities;
+import gr.cite.commons.web.authz.service.AuthorizationService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.env.Environment;
 import org.springframework.http.HttpHeaders;
@@ -21,19 +23,45 @@ import java.io.*;
 public class LanguageController {
 
 	private Environment environment;
+	private final AuthorizationService authorizationService;
 
 	@Autowired
-	public LanguageController(Environment environment) {
+	public LanguageController(Environment environment, AuthorizationService authorizationService) {
 		this.environment = environment;
+		this.authorizationService = authorizationService;
 	}
 	
 	@RequestMapping(value = "update/{lang}", method = RequestMethod.POST)
 	public @ResponseBody
-	ResponseEntity<ResponseItem<String>> updateLang(@PathVariable String lang, @RequestBody String json, @ClaimedAuthorities(claims = {Authorities.ADMIN}) Principal principal) throws Exception {
+	ResponseEntity<ResponseItem<String>> updateLang(@PathVariable String lang, @RequestBody String json) throws Exception {
+		this.authorizationService.authorizeForce(Permission.EditLanguage);
+		
 		String fileName =  this.environment.getProperty("language.path") + lang + ".json";
 		OutputStream os = new FileOutputStream(fileName);
 		os.write(json.getBytes());
 		os.close();
 		return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<String>().status(ApiMessageCode.SUCCESS_MESSAGE).message("Updated").payload("Updated"));
 	}
+
+	@RequestMapping(value = "{lang}", method = RequestMethod.GET)
+	public ResponseEntity getLanguage(@PathVariable String lang) throws IOException {
+
+		this.authorizationService.authorizeForce(Permission.BrowseLanguage);
+
+		String fileName =  this.environment.getProperty("language.path") + lang + ".json";
+		InputStream is = new FileInputStream(fileName);
+
+		HttpHeaders responseHeaders = new HttpHeaders();
+		responseHeaders.setContentLength(is.available());
+		responseHeaders.setContentType(MediaType.APPLICATION_JSON);
+		responseHeaders.set("Content-Disposition", "attachment;filename=" + fileName);
+		responseHeaders.set("Access-Control-Expose-Headers", "Content-Disposition");
+		responseHeaders.get("Access-Control-Expose-Headers").add("Content-Type");
+
+		byte[] content = new byte[is.available()];
+		is.read(content);
+		is.close();
+
+		return new ResponseEntity<>(content, responseHeaders, HttpStatus.OK);
+	}
 }

dmp-backend/web/src/main/java/eu/eudat/controllers/PublicDashBoardController.java

@@ -1,42 +0,0 @@
-package eu.eudat.controllers;
-
-import eu.eudat.controllers.BaseController;
-import eu.eudat.logic.managers.DashBoardManager;
-import eu.eudat.logic.security.claims.ClaimedAuthorities;
-import eu.eudat.logic.services.ApiContext;
-import eu.eudat.models.data.dashboard.recent.RecentActivity;
-import eu.eudat.models.data.dashboard.recent.model.RecentActivityModel;
-import eu.eudat.models.data.dashboard.recent.tablerequest.RecentActivityTableRequest;
-import eu.eudat.models.data.dashboard.searchbar.SearchBarItem;
-import eu.eudat.models.data.dashboard.statistics.DashBoardStatistics;
-import eu.eudat.models.data.helpers.responses.ResponseItem;
-import eu.eudat.models.data.security.Principal;
-import eu.eudat.types.ApiMessageCode;
-import eu.eudat.types.Authorities;
-import jakarta.transaction.Transactional;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-
-import java.io.IOException;
-import java.util.List;
-
-@RestController
-@CrossOrigin
-@RequestMapping(value = {"/api/public/dashboard/"})
-public class PublicDashBoardController extends BaseController {
-
-    private DashBoardManager dashBoardManager;
-    @Autowired
-    public PublicDashBoardController(ApiContext apiContext, DashBoardManager dashBoardManager) {
-        super(apiContext);
-        this.dashBoardManager = dashBoardManager;
-    }
-
-    @RequestMapping(method = RequestMethod.GET, value = {"getStatistics"}, produces = "application/json")
-    public ResponseEntity<ResponseItem<DashBoardStatistics>> getStatistics() {
-        DashBoardStatistics statistics = dashBoardManager.getStatistics();
-        return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<DashBoardStatistics>().status(ApiMessageCode.NO_MESSAGE).payload(statistics));
-    }
-}

dmp-backend/web/src/main/java/eu/eudat/controllers/PublicLanguageController.java

@@ -1,44 +0,0 @@
-package eu.eudat.controllers;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.core.env.Environment;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-
-import java.io.*;
-
-@RestController
-@CrossOrigin
-@RequestMapping(value = {"/api/public/language/"})
-public class PublicLanguageController {
-
-	private Environment environment;
-
-	@Autowired
-	public PublicLanguageController(Environment environment) {
-		this.environment = environment;
-	}
-
-	@RequestMapping(value = "{lang}", method = RequestMethod.GET)
-	public ResponseEntity getLanguage(@PathVariable String lang) throws IOException {
-
-		String fileName =  this.environment.getProperty("language.path") + lang + ".json";
-		InputStream is = new FileInputStream(fileName);
-
-		HttpHeaders responseHeaders = new HttpHeaders();
-		responseHeaders.setContentLength(is.available());
-		responseHeaders.setContentType(MediaType.APPLICATION_JSON);
-		responseHeaders.set("Content-Disposition", "attachment;filename=" + fileName);
-		responseHeaders.set("Access-Control-Expose-Headers", "Content-Disposition");
-		responseHeaders.get("Access-Control-Expose-Headers").add("Content-Type");
-
-		byte[] content = new byte[is.available()];
-		is.read(content);
-		is.close();
-
-		return new ResponseEntity<>(content, responseHeaders, HttpStatus.OK);
-	}
-}

dmp-backend/web/src/main/resources/config/permissions.yml

@@ -1,12 +1,35 @@
 permissions:
   extendedClaims: [ ]
   policies:
-    # Users
+    # Language
+    BrowseLanguage:
+      roles: [ ]
+      clients: [ ]
+      allowAnonymous: true
+      allowAuthenticated: true
+    EditLanguage:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    # Statistics
+    BrowseStatistics:
+      roles: [ ]
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: true
+    BrowsePublicStatistics:
+      roles: [ ]
+      clients: [ ]
+      allowAnonymous: true
+      allowAuthenticated: true
+    # DescriptionTemplateType
     BrowseDescriptionTemplateType:
       roles:
         - Admin
       clients: [ ]
-      allowAnonymous: true
+      allowAnonymous: false
       allowAuthenticated: false
     EditDescriptionTemplateType:
       roles:

dmp-frontend/src/app/core/services/dashboard/dashboard.service.ts

@@ -14,7 +14,6 @@ export class DashboardService {
 
 	private headers: HttpHeaders;
 	private get apiBase(): string { return `${this.configurationService.server}dashboard`; }
-	private get publicApiBase(): string { return `${this.configurationService.server}public/dashboard`; }
 
 
 	constructor(private http: BaseHttpService,
@@ -22,7 +21,7 @@ export class DashboardService {
 	}
 
 	getStatistics(): Observable<DashboardStatisticsModel> {
-		return this.http.get<DashboardStatisticsModel>(`${this.publicApiBase}/getStatistics`, { headers: this.headers });
+		return this.http.get<DashboardStatisticsModel>(`${this.apiBase}/getStatistics`, { headers: this.headers });
 	}
 
 	getUserStatistics(): Observable<DashboardStatisticsModel> {

dmp-frontend/src/app/core/services/language/language.service.ts

@@ -13,7 +13,6 @@ import { InterceptorType } from '@common/http/interceptors/interceptor-type';
 export class LanguageService {
 	private currentLanguage: string;
 	private get apiBase(): string { return `${this.configurationService.server}language`; }
-	private get publicApiBase(): string { return `${this.configurationService.server}public/language`; }
 
 	constructor(
 		private translate: TranslateService,
@@ -40,7 +39,7 @@ export class LanguageService {
 		// 		InterceptorType.AuthToken,
 		// 	]
 		// };
-		return this.http.get(`${this.publicApiBase}/${this.currentLanguage}`, { params: params, responseType: 'blob', observe: 'response' });
+		return this.http.get(`${this.apiBase}/${this.currentLanguage}`, { params: params, responseType: 'blob', observe: 'response' });
 	}
 
 	public updateLanguage(json: string): Observable<String> {

dmp-frontend/src/app/core/services/language/server.loader.ts

@@ -7,7 +7,7 @@ import { BaseHttpParams } from '@common/http/base-http-params';
 import { InterceptorType } from '@common/http/interceptors/interceptor-type';
 
 export class TranslateServerLoader implements TranslateLoader{
-	private get apiBase(): string { return `${this.configurationService.server}public/language`; }
+	private get apiBase(): string { return `${this.configurationService.server}language`; }
 
 	constructor(
 		private http: HttpClient,

dmp-frontend/src/app/ui/auth/login/login.component.ts

@@ -1,4 +1,5 @@
 import { Component, Input, OnInit } from '@angular/core';
+import { ActivatedRoute } from '@angular/router';
 import { AuthService } from '@app/core/services/auth/auth.service';
 import { BaseComponent } from '@common/base/base.component';
 
@@ -24,10 +25,11 @@ export class LoginComponent extends BaseComponent implements OnInit {
 
 	constructor(
 		private authService: AuthService,
+		private route: ActivatedRoute
 	) { super(); }
 
 	ngOnInit(): void {
-		const returnUrL = this.returnUrl;
-		this.authService.authenticate(returnUrL ? returnUrL : "/");
+		this.returnUrl = this.route.snapshot.queryParamMap.get('returnUrl') || '/';
+		this.authService.authenticate(this.returnUrl ? this.returnUrl : "/");
 	}
 }