diff --git a/dmp-backend/core/src/main/java/eu/eudat/authorization/AuthorizationFlags.java b/dmp-backend/core/src/main/java/eu/eudat/authorization/AuthorizationFlags.java index e87d23b26..e519cf260 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/authorization/AuthorizationFlags.java +++ b/dmp-backend/core/src/main/java/eu/eudat/authorization/AuthorizationFlags.java @@ -3,6 +3,6 @@ package eu.eudat.authorization; import java.util.EnumSet; public enum AuthorizationFlags { - None, Permission, Owner; - public static final EnumSet OwnerOrPermission = EnumSet.of(Owner, Permission); + None, Permission, DmpAssociated, Public; + public static final EnumSet OwnerOrPermissionOrMemberOrPublic = EnumSet.of(DmpAssociated, Permission, Public); } diff --git a/dmp-backend/core/src/main/java/eu/eudat/data/DmpDescriptionTemplateEntity.java b/dmp-backend/core/src/main/java/eu/eudat/data/DmpDescriptionTemplateEntity.java index 158c57bcd..22d894750 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/data/DmpDescriptionTemplateEntity.java +++ b/dmp-backend/core/src/main/java/eu/eudat/data/DmpDescriptionTemplateEntity.java @@ -2,14 +2,12 @@ package eu.eudat.data; import eu.eudat.commons.enums.IsActive; import eu.eudat.data.converters.enums.IsActiveConverter; -import jakarta.persistence.Column; -import jakarta.persistence.Convert; -import jakarta.persistence.Id; -import jakarta.persistence.Table; +import jakarta.persistence.*; import java.time.Instant; import java.util.UUID; +@Entity @Table(name = "\"DmpDescriptionTemplate\"") public class DmpDescriptionTemplateEntity { diff --git a/dmp-backend/core/src/main/java/eu/eudat/data/DmpEntity.java b/dmp-backend/core/src/main/java/eu/eudat/data/DmpEntity.java index 27bd32e3e..ae9cb6ad2 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/data/DmpEntity.java +++ b/dmp-backend/core/src/main/java/eu/eudat/data/DmpEntity.java @@ -4,6 +4,7 @@ import eu.eudat.commons.enums.DmpAccessType; import eu.eudat.commons.enums.DmpStatus; import eu.eudat.commons.enums.IsActive; import eu.eudat.data.converters.DateToUTCConverter; +import eu.eudat.data.converters.enums.DmpAccessTypeConverter; import eu.eudat.data.converters.enums.DmpStatusConverter; import eu.eudat.data.converters.enums.IsActiveConverter; import jakarta.persistence.*; @@ -71,7 +72,6 @@ public class DmpEntity { public static final String _isActive = "isActive"; @Column(name = "finalized_at") - @Convert(converter = DateToUTCConverter.class) private Instant finalizedAt; public static final String _finalizedAt = "finalizedAt"; @@ -81,8 +81,8 @@ public class DmpEntity { public static final String _creator = "creator"; - @Enumerated(EnumType.STRING) @Column(name = "access_type", nullable = false) + @Convert(converter = DmpAccessTypeConverter.class) private DmpAccessType accessType; public static final String _accessType = "accessType"; @@ -98,7 +98,6 @@ public class DmpEntity { public static final String _language = "language"; @Column(name = "public_after") - @Convert(converter = DateToUTCConverter.class) private Instant publicAfter; public static final String _publicAfter = "publicAfter"; diff --git a/dmp-backend/core/src/main/java/eu/eudat/data/DmpUserEntity.java b/dmp-backend/core/src/main/java/eu/eudat/data/DmpUserEntity.java index b9c7818c8..aac673e41 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/data/DmpUserEntity.java +++ b/dmp-backend/core/src/main/java/eu/eudat/data/DmpUserEntity.java @@ -29,7 +29,7 @@ public class DmpUserEntity { public static final String _user = "user"; - @Column(name = "status", nullable = false) + @Column(name = "role", nullable = false) @Convert(converter = DmpUserRoleConverter.class) private DmpUserRole role; diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionQuery.java index 25205d991..33ca55684 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionQuery.java @@ -1,12 +1,18 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; +import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.DescriptionStatus; +import eu.eudat.commons.enums.DmpAccessType; import eu.eudat.commons.enums.IsActive; +import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.DescriptionEntity; -import eu.eudat.data.DescriptionTemplateEntity; import eu.eudat.data.DmpDescriptionTemplateEntity; +import eu.eudat.data.DmpEntity; import eu.eudat.model.Description; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; +import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; @@ -35,8 +41,13 @@ public class DescriptionQuery extends QueryBase { private EnumSet authorize = EnumSet.of(AuthorizationFlags.None); - - public DescriptionQuery() { + private final UserScope userScope; + private final AuthorizationService authService; + private final QueryUtilsService queryUtilsService; + public DescriptionQuery(UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { + this.userScope = userScope; + this.authService = authService; + this.queryUtilsService = queryUtilsService; } public DescriptionQuery like(String value) { @@ -128,6 +139,34 @@ public class DescriptionQuery extends QueryBase { return DescriptionEntity.class; } + @Override + protected Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescription)) return null; + UUID userId; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + else userId = null; + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + Subquery dmpDescriptionTemplateSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpDescriptionTemplateEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpDescriptionTemplateEntity._id)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DmpDescriptionTemplateEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic)) + ) + )); + predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionEntity._dmpDescriptionTemplateId)).value(dmpDescriptionTemplateSubquery)); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionReferenceQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionReferenceQuery.java index 0251b4b39..8d0286c14 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionReferenceQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionReferenceQuery.java @@ -3,8 +3,13 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.commons.enums.IsActive; import eu.eudat.commons.scope.user.UserScope; +import eu.eudat.data.DescriptionEntity; import eu.eudat.data.DescriptionReferenceEntity; +import eu.eudat.data.DescriptionTagEntity; +import eu.eudat.data.DmpDescriptionTemplateEntity; import eu.eudat.model.DescriptionReference; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; @@ -12,6 +17,7 @@ import gr.cite.tools.data.query.QueryContext; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; +import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -35,7 +41,13 @@ public class DescriptionReferenceQuery extends QueryBase authorize = EnumSet.of(AuthorizationFlags.None); - public DescriptionReferenceQuery() { + private final UserScope userScope; + private final AuthorizationService authService; + private final QueryUtilsService queryUtilsService; + public DescriptionReferenceQuery(UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { + this.userScope = userScope; + this.authService = authService; + this.queryUtilsService = queryUtilsService; } public DescriptionReferenceQuery ids(UUID value) { @@ -133,6 +145,41 @@ public class DescriptionReferenceQuery extends QueryBase Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + //if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescription)) return null; + UUID userId; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + else userId = null; + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + Subquery dmpDescriptionTemplateSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpDescriptionTemplateEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpDescriptionTemplateEntity._id)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DmpDescriptionTemplateEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic)) + ) + )); + Subquery descriptionSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DescriptionEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DescriptionEntity._id)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(dmpDescriptionTemplateSubquery) + ) + )); + predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionReferenceEntity._descriptionId)).value(descriptionSubquery)); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTagQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTagQuery.java index 69a08a6c4..2d904e4aa 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTagQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTagQuery.java @@ -1,16 +1,23 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; +import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.IsActive; +import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.DescriptionEntity; import eu.eudat.data.DescriptionTagEntity; +import eu.eudat.data.DmpDescriptionTemplateEntity; import eu.eudat.model.DescriptionTag; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; +import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; +import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -114,9 +121,16 @@ public class DescriptionTagQuery extends QueryBase { this.authorize = values; return this; } - + + private final UserScope userScope; + private final AuthorizationService authService; + private final QueryUtilsService queryUtilsService; + public DescriptionTagQuery( - ) { + UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { + this.userScope = userScope; + this.authService = authService; + this.queryUtilsService = queryUtilsService; } @Override @@ -129,6 +143,43 @@ public class DescriptionTagQuery extends QueryBase { return this.isEmpty(this.ids) || this.isEmpty(this.excludedIds) || this.isEmpty(this.isActives) ||this.isEmpty(this.tagIds) || this.isEmpty(this.descriptionIds); } + + @Override + protected Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescription)) return null; + UUID userId; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + else userId = null; + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + Subquery dmpDescriptionTemplateSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpDescriptionTemplateEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpDescriptionTemplateEntity._id)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DmpDescriptionTemplateEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic)) + ) + )); + Subquery descriptionSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DescriptionEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DescriptionEntity._id)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(dmpDescriptionTemplateSubquery) + ) + )); + predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionTagEntity._descriptionId)).value(descriptionSubquery)); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTemplateQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTemplateQuery.java index 37922fdda..c703b29fa 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTemplateQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DescriptionTemplateQuery.java @@ -1,16 +1,24 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; +import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.DescriptionTemplateStatus; import eu.eudat.commons.enums.IsActive; +import eu.eudat.commons.scope.user.UserScope; +import eu.eudat.data.DescriptionEntity; import eu.eudat.data.DescriptionTemplateEntity; +import eu.eudat.data.DmpDescriptionTemplateEntity; import eu.eudat.model.DescriptionTemplate; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; +import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; +import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -138,9 +146,14 @@ public class DescriptionTemplateQuery extends QueryBase Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescriptionTemplate)) return null; + UUID userId; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + else userId = null; + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + Subquery dmpDescriptionTemplateSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpDescriptionTemplateEntity.class, UUID.class, queryContext) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpDescriptionTemplateEntity._descriptionTemplateId)) + .filterFunc((subQueryRoot, cb) -> + cb.in(subQueryRoot.get(DmpDescriptionTemplateEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic)) + ) + )); + predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionTemplateEntity._id)).value(dmpDescriptionTemplateSubquery)); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DmpDescriptionTemplateQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DmpDescriptionTemplateQuery.java index 964d3888f..37fe8477d 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DmpDescriptionTemplateQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DmpDescriptionTemplateQuery.java @@ -1,11 +1,16 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; +import eu.eudat.authorization.Permission; +import eu.eudat.commons.enums.DmpAccessType; import eu.eudat.commons.enums.IsActive; -import eu.eudat.data.DescriptionEntity; +import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.DmpDescriptionTemplateEntity; import eu.eudat.data.DmpEntity; +import eu.eudat.data.DmpUserEntity; import eu.eudat.model.DmpDescriptionTemplate; +import eu.eudat.query.utils.QueryUtilsService; +import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; @@ -123,8 +128,15 @@ public class DmpDescriptionTemplateQuery extends QueryBase Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmpDescriptionTemplate)) return null; + UUID userId = null; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpDescriptionTemplateEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic))); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DmpQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DmpQuery.java index f8eac72e8..29a8afaf3 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DmpQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DmpQuery.java @@ -1,19 +1,23 @@ package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; +import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.DmpAccessType; import eu.eudat.commons.enums.DmpStatus; import eu.eudat.commons.enums.IsActive; import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.DmpEntity; +import eu.eudat.data.DmpUserEntity; import eu.eudat.model.Dmp; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; import gr.cite.commons.web.authz.service.AuthorizationService; -import gr.cite.tools.data.query.FieldResolver; -import gr.cite.tools.data.query.QueryBase; -import gr.cite.tools.data.query.QueryContext; +import gr.cite.tools.data.query.*; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; +import jakarta.persistence.criteria.Root; +import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -42,12 +46,13 @@ public class DmpQuery extends QueryBase { private EnumSet authorize = EnumSet.of(AuthorizationFlags.None); private final UserScope userScope; - private final AuthorizationService authService; - - public DmpQuery(UserScope userScope, AuthorizationService authService) { + private final QueryUtilsService queryUtilsService; + + public DmpQuery(UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { this.userScope = userScope; this.authService = authService; + this.queryUtilsService = queryUtilsService; } public DmpQuery like(String value) { @@ -160,6 +165,29 @@ public class DmpQuery extends QueryBase { return DmpEntity.class; } + @Override + protected Predicate applyAuthZ(QueryContext queryContext) { + if (this.authorize.contains(AuthorizationFlags.None)) return null; + if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmp)) return null; + UUID userId = null; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); + + List predicates = new ArrayList<>(); + if (userId != null || usePublic ) { + predicates.add(queryContext.CriteriaBuilder.or( + usePublic ? queryContext.CriteriaBuilder.equal(queryContext.Root.get(DmpEntity._accessType), DmpAccessType.Public) : queryContext.CriteriaBuilder.or(), //Creates a false query + userId != null ? queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpEntity._id)).value(this.queryUtilsService.buildDmpUserAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId)) : queryContext.CriteriaBuilder.or() //Creates a false query + )); + } + if (predicates.size() > 0) { + Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); + return queryContext.CriteriaBuilder.and(predicatesArray); + } else { + return queryContext.CriteriaBuilder.or(); //Creates a false query + } + } + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/DmpUserQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/DmpUserQuery.java index 711e1bce8..1181d2626 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/DmpUserQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/DmpUserQuery.java @@ -4,19 +4,19 @@ import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.DmpAccessType; import eu.eudat.commons.enums.DmpUserRole; +import eu.eudat.commons.enums.IsActive; import eu.eudat.commons.scope.user.UserScope; -import eu.eudat.data.DmpDescriptionTemplateEntity; import eu.eudat.data.DmpEntity; import eu.eudat.data.DmpUserEntity; import eu.eudat.model.DmpUser; +import eu.eudat.query.utils.BuildSubQueryInput; +import eu.eudat.query.utils.QueryUtilsService; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; import jakarta.persistence.Tuple; -import jakarta.persistence.criteria.CriteriaBuilder; -import jakarta.persistence.criteria.Predicate; -import jakarta.persistence.criteria.Subquery; +import jakarta.persistence.criteria.*; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -37,8 +37,7 @@ public class DmpUserQuery extends QueryBase { private Collection userRoles; private EnumSet authorize = EnumSet.of(AuthorizationFlags.None); - - + public DmpUserQuery ids(UUID value) { this.ids = List.of(value); return this; @@ -108,12 +107,15 @@ public class DmpUserQuery extends QueryBase { private final AuthorizationService authService; + private final QueryUtilsService queryUtilsService; + public DmpUserQuery( UserScope userScope, - AuthorizationService authService - ) { + AuthorizationService authService, + QueryUtilsService queryUtilsService) { this.userScope = userScope; this.authService = authService; + this.queryUtilsService = queryUtilsService; } @Override @@ -130,13 +132,16 @@ public class DmpUserQuery extends QueryBase { protected Predicate applyAuthZ(QueryContext queryContext) { if (this.authorize.contains(AuthorizationFlags.None)) return null; if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmp)) return null; - UUID ownerId = null; - if (this.authorize.contains(AuthorizationFlags.Owner)) ownerId = this.userScope.getUserIdSafe(); + UUID userId = null; + boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); List predicates = new ArrayList<>(); - if (ownerId != null) { - predicates.add(queryContext.CriteriaBuilder.equal(queryContext.Root.get(DmpUserEntity._user), ownerId)); - + if (userId != null || usePublic ) { + predicates.add(queryContext.CriteriaBuilder.or( + usePublic ? queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmp)).value(queryUtilsService.buildPublicDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, usePublic)) : queryContext.CriteriaBuilder.or(), //Creates a false query + userId != null ? queryContext.CriteriaBuilder.equal(queryContext.Root.get(DmpUserEntity._user), userId) : queryContext.CriteriaBuilder.or() //Creates a false query + )); } if (predicates.size() > 0) { Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); @@ -145,7 +150,7 @@ public class DmpUserQuery extends QueryBase { return queryContext.CriteriaBuilder.or(); //Creates a false query } } - + @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); @@ -203,5 +208,5 @@ public class DmpUserQuery extends QueryBase { else if (item.match(DmpUser._updatedAt)) return DmpUserEntity._updatedAt; else return null; } - + } diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/UserSettingsQuery.java b/dmp-backend/core/src/main/java/eu/eudat/query/UserSettingsQuery.java index 9fd7f2baa..7f845c251 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/query/UserSettingsQuery.java +++ b/dmp-backend/core/src/main/java/eu/eudat/query/UserSettingsQuery.java @@ -145,7 +145,7 @@ public class UserSettingsQuery extends QueryBase { if (this.authorize.contains(AuthorizationFlags.None)) return null; if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseUserSettings)) return null; UUID ownerId = null; - if (this.authorize.contains(AuthorizationFlags.Owner)) ownerId = this.userScope.getUserIdSafe(); + if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) ownerId = this.userScope.getUserIdSafe(); List predicates = new ArrayList<>(); if (ownerId != null) { diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/utils/BuildSubQueryInput.java b/dmp-backend/core/src/main/java/eu/eudat/query/utils/BuildSubQueryInput.java new file mode 100644 index 000000000..bb2489403 --- /dev/null +++ b/dmp-backend/core/src/main/java/eu/eudat/query/utils/BuildSubQueryInput.java @@ -0,0 +1,90 @@ +package eu.eudat.query.utils; + +import gr.cite.tools.data.query.QueryContext; +import jakarta.persistence.criteria.*; + +import java.util.function.BiFunction; +import java.util.function.Function; + +public class BuildSubQueryInput { + private final AbstractQuery query; + private final CriteriaBuilder criteriaBuilder; + private final Class entityType; + private final Class keyType; + private final Function, Expression> keyPathFunc; + private final BiFunction, CriteriaBuilder, Predicate> filterFunc; + + public BuildSubQueryInput(Builder builder) { + query = builder.query; + criteriaBuilder = builder.criteriaBuilder; + entityType = builder.entityType; + keyType = builder.keyType; + keyPathFunc = builder.keyPathFunc; + filterFunc = builder.filterFunc; + } + + public AbstractQuery getQuery() { + return query; + } + + public CriteriaBuilder getCriteriaBuilder() { + return criteriaBuilder; + } + + public Class getEntityType() { + return entityType; + } + + public Class getKeyType() { + return keyType; + } + + public Function, Expression> getKeyPathFunc() { + return keyPathFunc; + } + + public BiFunction, CriteriaBuilder, Predicate> getFilterFunc() { + return filterFunc; + } + + public static class Builder { + private final Class entityType; + private final Class keyType; + private AbstractQuery query; + private CriteriaBuilder criteriaBuilder; + private Function, Expression> keyPathFunc; + private BiFunction, CriteriaBuilder, Predicate> filterFunc; + + public Builder(Class entityType, Class keyType) { + this.entityType = entityType; + this.keyType = keyType; + } + + public Builder(Class entityType, Class keyType, QueryContext queryContext) { + this.entityType = entityType; + this.keyType = keyType; + this.query = queryContext.Query; + this.criteriaBuilder = queryContext.CriteriaBuilder; + } + + public Builder query(AbstractQuery query) { + this.query = query; + return this; + } + + public Builder criteriaBuilder(CriteriaBuilder criteriaBuilder) { + this.criteriaBuilder = criteriaBuilder; + return this; + } + + public Builder keyPathFunc(Function, Expression> keyPathFunc) { + this.keyPathFunc = keyPathFunc; + return this; + } + + public Builder filterFunc(BiFunction, CriteriaBuilder, Predicate> filterFunc) { + this.filterFunc = filterFunc; + return this; + } + } +} diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsService.java b/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsService.java new file mode 100644 index 000000000..e66ef0c17 --- /dev/null +++ b/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsService.java @@ -0,0 +1,21 @@ +package eu.eudat.query.utils; + +import jakarta.persistence.criteria.AbstractQuery; +import jakarta.persistence.criteria.CriteriaBuilder; +import jakarta.persistence.criteria.Subquery; + +import java.util.UUID; + +public interface QueryUtilsService { + Subquery buildSubQuery(BuildSubQueryInput parameters); + + Subquery buildDmpAuthZSubQuery(AbstractQuery query, CriteriaBuilder criteriaBuilder, UUID userId, Boolean usePublic); + + Subquery buildPublicDmpAuthZSubQuery(AbstractQuery query, + CriteriaBuilder criteriaBuilder, + Boolean usePublic); + + Subquery buildDmpUserAuthZSubQuery(AbstractQuery query, + CriteriaBuilder criteriaBuilder, + UUID userId); +} diff --git a/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsServiceImpl.java new file mode 100644 index 000000000..67d1af970 --- /dev/null +++ b/dmp-backend/core/src/main/java/eu/eudat/query/utils/QueryUtilsServiceImpl.java @@ -0,0 +1,73 @@ +package eu.eudat.query.utils; + +import eu.eudat.commons.enums.DmpAccessType; +import eu.eudat.commons.enums.IsActive; +import eu.eudat.data.DmpEntity; +import eu.eudat.data.DmpUserEntity; +import jakarta.persistence.criteria.*; +import org.springframework.stereotype.Component; + +import java.util.UUID; + +@Component +public class QueryUtilsServiceImpl implements QueryUtilsService { + @Override + public Subquery buildSubQuery(BuildSubQueryInput parameters){ + Subquery subQuery = parameters.getQuery().subquery(parameters.getKeyType()); + Root subQueryRoot = subQuery.from(parameters.getEntityType()); + subQuery.select(parameters.getKeyPathFunc().apply(subQueryRoot)).distinct(true); + subQuery.where(parameters.getFilterFunc().apply(subQueryRoot, parameters.getCriteriaBuilder())); + return subQuery; + } + + @Override + public Subquery buildDmpAuthZSubQuery(AbstractQuery query, CriteriaBuilder criteriaBuilder, UUID userId, Boolean usePublic){ + return this.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpEntity.class, UUID.class) + .query(query) + .criteriaBuilder(criteriaBuilder) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpEntity._id)) + .filterFunc((subQueryRoot, cb) -> cb.or( + usePublic ? cb.and( + cb.equal(subQueryRoot.get(DmpEntity._accessType), DmpAccessType.Public), + cb.equal(subQueryRoot.get(DmpEntity._isActive), IsActive.Active) + ): cb.or(), //Creates a false query + userId != null ? cb.in(subQueryRoot.get(DmpEntity._id)).value(this.buildDmpUserAuthZSubQuery(query, criteriaBuilder, userId)) : cb.or() //Creates a false query + ) + ) + )); + } + + + @Override + public Subquery buildPublicDmpAuthZSubQuery(AbstractQuery query, CriteriaBuilder criteriaBuilder, Boolean usePublic){ + return this.buildSubQuery(new BuildSubQueryInput<>( + new BuildSubQueryInput.Builder<>(DmpEntity.class, UUID.class) + .query(query) + .criteriaBuilder(criteriaBuilder) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpEntity._id)) + .filterFunc((subQueryRoot, cb) -> + usePublic ? cb.and( + cb.equal(subQueryRoot.get(DmpEntity._accessType), DmpAccessType.Public), + cb.equal(subQueryRoot.get(DmpEntity._isActive), IsActive.Active) + ): cb.or() //Creates a false query + ) + )); + } + + @Override + public Subquery buildDmpUserAuthZSubQuery(AbstractQuery query, CriteriaBuilder criteriaBuilder, UUID userId){ + return this.buildSubQuery(new BuildSubQueryInput<>(new BuildSubQueryInput.Builder<>(DmpUserEntity.class, UUID.class) + .query(query) + .criteriaBuilder(criteriaBuilder) + .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpUserEntity._dmp)) + .filterFunc((subQueryRoot, cb) -> + userId != null ? cb.and( + cb.equal(subQueryRoot.get(DmpUserEntity._user), userId), + cb.equal(subQueryRoot.get(DmpUserEntity._isActive), IsActive.Active) + ) : cb.or() //Creates a false query + ) + )); + } +} + diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/description/DescriptionServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/description/DescriptionServiceImpl.java index 29359604e..bd6e01b38 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/description/DescriptionServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/description/DescriptionServiceImpl.java @@ -119,7 +119,7 @@ public class DescriptionServiceImpl implements DescriptionService { this.entityManager.flush(); this.eventBroker.emit(new DescriptionTouchedEvent(data.getId())); - return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, Description._id), data); + return this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, Description._id), data); } @Override diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplate/DescriptionTemplateServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplate/DescriptionTemplateServiceImpl.java index 3cf3e4805..5c92c63af 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplate/DescriptionTemplateServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplate/DescriptionTemplateServiceImpl.java @@ -177,7 +177,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic this.entityManager.flush(); - return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data); + return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data); } private void persistUsers(UUID id, List users) throws InvalidApplicationException { @@ -384,8 +384,8 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic this.authorizationService.authorizeForce(Permission.CloneDescriptionTemplate); - DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fields, query.firstAs(fields)); + DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fields, query.firstAs(fields)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale())); model.setLabel(model.getLabel() + " new "); @@ -491,7 +491,7 @@ public class DescriptionTemplateServiceImpl implements DescriptionTemplateServic this.entityManager.flush(); - return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data); + return this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, DescriptionTemplate._id), data); } //endregion diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplatetype/DescriptionTemplateTypeServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplatetype/DescriptionTemplateTypeServiceImpl.java index 68d2e388c..4aec9e709 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplatetype/DescriptionTemplateTypeServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/descriptiontemplatetype/DescriptionTemplateTypeServiceImpl.java @@ -2,7 +2,6 @@ package eu.eudat.service.descriptiontemplatetype; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; -import eu.eudat.commons.JsonHandlingService; import eu.eudat.commons.enums.IsActive; import eu.eudat.convention.ConventionService; import eu.eudat.data.DescriptionTemplateTypeEntity; @@ -16,7 +15,6 @@ import eu.eudat.model.persist.DescriptionTemplateTypePersist; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.builder.BuilderFactory; import gr.cite.tools.data.deleter.DeleterFactory; -import gr.cite.tools.data.query.QueryFactory; import gr.cite.tools.exception.MyApplicationException; import gr.cite.tools.exception.MyForbiddenException; import gr.cite.tools.exception.MyNotFoundException; @@ -108,7 +106,7 @@ public class DescriptionTemplateTypeServiceImpl implements DescriptionTemplateTy this.entityManager.flush(); this.eventBroker.emit(new DescriptionTemplateTypeTouchedEvent(data.getId())); - return this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, DescriptionTemplateType._id), data); + return this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, DescriptionTemplateType._id), data); } public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException { diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java index 9cc220d52..e898f52b6 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java @@ -129,7 +129,7 @@ public class DmpServiceImpl implements DmpService { this.eventBroker.emit(new DmpTouchedEvent(data.getId())); - return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data); + return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data); } public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException { @@ -173,7 +173,7 @@ public class DmpServiceImpl implements DmpService { this.entityManager.flush(); - return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, Dmp._id), data); + return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, Dmp._id), data); } private DmpEntity patchAndSave(DmpPersist model) throws JsonProcessingException { diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/dmpblueprint/DmpBlueprintServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/dmpblueprint/DmpBlueprintServiceImpl.java index 33ff481ea..eb53529b1 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/dmpblueprint/DmpBlueprintServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/dmpblueprint/DmpBlueprintServiceImpl.java @@ -133,7 +133,7 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService { this.entityManager.flush(); - return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, DmpBlueprint._id), data); + return this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, DmpBlueprint._id), data); } private @NotNull DefinitionEntity buildDefinitionEntity(DefinitionPersist persist){ @@ -260,8 +260,8 @@ public class DmpBlueprintServiceImpl implements DmpBlueprintService { this.authorizationService.authorizeForce(Permission.CloneDmpBlueprint); - DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fields, query.firstAs(fields)); + DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fields, query.firstAs(fields)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale())); model.setLabel(model.getLabel() + " new "); diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/entitydoi/EntityDoiServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/entitydoi/EntityDoiServiceImpl.java index 149b36064..48b3f11f3 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/entitydoi/EntityDoiServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/entitydoi/EntityDoiServiceImpl.java @@ -2,12 +2,10 @@ package eu.eudat.service.entitydoi; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; -import eu.eudat.commons.JsonHandlingService; import eu.eudat.commons.enums.EntityType; import eu.eudat.commons.enums.IsActive; import eu.eudat.convention.ConventionService; import eu.eudat.data.EntityDoiEntity; -import eu.eudat.data.old.DMP; import eu.eudat.errorcode.ErrorThesaurusProperties; import eu.eudat.event.EntityDoiTouchedEvent; import eu.eudat.event.EventBroker; @@ -18,7 +16,6 @@ import eu.eudat.model.persist.EntityDoiPersist; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.builder.BuilderFactory; import gr.cite.tools.data.deleter.DeleterFactory; -import gr.cite.tools.data.query.QueryFactory; import gr.cite.tools.exception.MyApplicationException; import gr.cite.tools.exception.MyForbiddenException; import gr.cite.tools.exception.MyNotFoundException; @@ -112,7 +109,7 @@ public class EntityDoiServiceImpl implements EntityDoiService { this.entityManager.flush(); this.eventBroker.emit(new EntityDoiTouchedEvent(data.getId())); - return this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, EntityDoi._id), data); + return this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, EntityDoi._id), data); } public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException { diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/referencetype/ReferenceTypeServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/referencetype/ReferenceTypeServiceImpl.java index 3f2858d01..086f88020 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/referencetype/ReferenceTypeServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/referencetype/ReferenceTypeServiceImpl.java @@ -99,7 +99,7 @@ public class ReferenceTypeServiceImpl implements ReferenceTypeService { this.entityManager.flush(); - return this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, ReferenceType._id), data); + return this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, ReferenceType._id), data); } private @NotNull ReferenceTypeDefinitionEntity buildDefinitionEntity(ReferenceTypeDefinitionPersist persist){ diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/supportivematerial/SupportiveMaterialServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/supportivematerial/SupportiveMaterialServiceImpl.java index a51fef853..ea1b6cb8e 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/supportivematerial/SupportiveMaterialServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/supportivematerial/SupportiveMaterialServiceImpl.java @@ -1,6 +1,5 @@ package eu.eudat.service.supportivematerial; -import com.fasterxml.jackson.core.JsonProcessingException; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.IsActive; @@ -36,8 +35,6 @@ import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Service; import javax.management.InvalidApplicationException; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.TransformerException; import java.io.*; import java.nio.file.Files; import java.nio.file.Path; @@ -131,7 +128,7 @@ public class SupportiveMaterialServiceImpl implements SupportiveMaterialService{ if (data == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), SupportiveMaterial.class.getSimpleName()}, LocaleContextHolder.getLocale())); } else { - List datas = this.queryFactory.query(SupportiveMaterialQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).languageCodes(model.getLanguageCode()).types(model.getType()).collect(); + List datas = this.queryFactory.query(SupportiveMaterialQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).languageCodes(model.getLanguageCode()).types(model.getType()).collect(); if(datas != null && !datas.isEmpty()){ throw new MyApplicationException("Could not create a new Data with same type and lang code !"); @@ -153,7 +150,7 @@ public class SupportiveMaterialServiceImpl implements SupportiveMaterialService{ this.entityManager.flush(); - return this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, SupportiveMaterial._id), data); + return this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, SupportiveMaterial._id), data); } public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException { diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/user/settings/UserSettingsServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/user/settings/UserSettingsServiceImpl.java index d67ed0967..b79db82af 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/user/settings/UserSettingsServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/user/settings/UserSettingsServiceImpl.java @@ -26,7 +26,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.MessageSource; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.stereotype.Service; -import org.springframework.web.context.annotation.RequestScope; import javax.management.InvalidApplicationException; import java.time.Instant; @@ -97,7 +96,7 @@ public class UserSettingsServiceImpl implements UserSettingsService { this.entityManager.flush(); - return this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, UserSettings._id, UserSettings._key), data); + return this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, UserSettings._id, UserSettings._key), data); } } diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/FileController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/FileController.java index cea30f23f..a1e9f3cde 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/FileController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/FileController.java @@ -80,7 +80,7 @@ public class FileController { String uuid = UUID.randomUUID().toString(); - DescriptionTemplateEntity descriptionTemplate = this.queryFactory.query(DescriptionTemplateQuery.class).ids(UUID.fromString(datasetProfileId)).authorize(AuthorizationFlags.OwnerOrPermission).first(); + DescriptionTemplateEntity descriptionTemplate = this.queryFactory.query(DescriptionTemplateQuery.class).ids(UUID.fromString(datasetProfileId)).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).first(); DefinitionEntity definition = descriptionTemplate == null ? null : this.xmlHandlingService.fromXml(DefinitionEntity.class, descriptionTemplate.getDefinition()); AtomicBoolean acceptedFile = new AtomicBoolean(false); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionController.java index 1e4714926..aa85c56da 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionController.java @@ -71,10 +71,10 @@ public class DescriptionController { this.censorFactory.censor(DescriptionCensor.class).censor(lookup.getProject(), null); - DescriptionQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + DescriptionQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.Description_Query, "lookup", lookup); @@ -88,8 +88,8 @@ public class DescriptionController { this.censorFactory.censor(DescriptionCensor.class).censor(fieldSet, null); - DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - Description model = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + DescriptionQuery query = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + Description model = this.builderFactory.builder(DescriptionBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateController.java index 0d16e9a11..79c924748 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateController.java @@ -3,7 +3,6 @@ package eu.eudat.controllers.v2; import com.fasterxml.jackson.core.JsonProcessingException; import eu.eudat.audit.AuditableAction; import eu.eudat.authorization.AuthorizationFlags; -import eu.eudat.authorization.Permission; import eu.eudat.data.DescriptionTemplateEntity; import eu.eudat.model.DescriptionTemplate; import eu.eudat.model.DmpBlueprint; @@ -13,11 +12,9 @@ import eu.eudat.model.censorship.DmpBlueprintCensor; import eu.eudat.model.persist.DescriptionTemplatePersist; import eu.eudat.model.persist.NewVersionDescriptionTemplatePersist; import eu.eudat.model.result.QueryResult; -import eu.eudat.models.data.helpers.responses.ResponseItem; import eu.eudat.query.DescriptionTemplateQuery; import eu.eudat.query.lookup.DescriptionTemplateLookup; import eu.eudat.service.descriptiontemplate.DescriptionTemplateService; -import eu.eudat.types.ApiMessageCode; import gr.cite.tools.auditing.AuditService; import gr.cite.tools.data.builder.BuilderFactory; import gr.cite.tools.data.censor.CensorFactory; @@ -33,7 +30,6 @@ import jakarta.xml.bind.JAXBException; import org.slf4j.LoggerFactory; import org.springframework.context.MessageSource; import org.springframework.context.i18n.LocaleContextHolder; -import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; import org.springframework.transaction.annotation.Transactional; @@ -85,10 +81,10 @@ public class DescriptionTemplateController { this.censorFactory.censor(DescriptionTemplateCensor.class).censor(lookup.getProject(), null); - DescriptionTemplateQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + DescriptionTemplateQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.DescriptionTemplate_Query, "lookup", lookup); @@ -103,8 +99,8 @@ public class DescriptionTemplateController { this.censorFactory.censor(DescriptionTemplateCensor.class).censor(fieldSet, null); - DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + DescriptionTemplateQuery query = this.queryFactory.query(DescriptionTemplateQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + DescriptionTemplate model = this.builderFactory.builder(DescriptionTemplateBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplate.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateTypeController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateTypeController.java index a2e0ba4a1..4136a3f56 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateTypeController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DescriptionTemplateTypeController.java @@ -70,10 +70,10 @@ public class DescriptionTemplateTypeController { this.censorFactory.censor(DescriptionTemplateTypeCensor.class).censor(lookup.getProject(), null); - DescriptionTemplateTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + DescriptionTemplateTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.DescriptionTemplateType_Query, "lookup", lookup); @@ -88,8 +88,8 @@ public class DescriptionTemplateTypeController { this.censorFactory.censor(DescriptionTemplateTypeCensor.class).censor(fieldSet, null); - DescriptionTemplateTypeQuery query = this.queryFactory.query(DescriptionTemplateTypeQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - DescriptionTemplateType model = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + DescriptionTemplateTypeQuery query = this.queryFactory.query(DescriptionTemplateTypeQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + DescriptionTemplateType model = this.builderFactory.builder(DescriptionTemplateTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, DescriptionTemplateType.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpBlueprintController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpBlueprintController.java index 18adc93de..912fb84c3 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpBlueprintController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpBlueprintController.java @@ -9,10 +9,9 @@ import eu.eudat.model.builder.DmpBlueprintBuilder; import eu.eudat.model.censorship.DmpBlueprintCensor; import eu.eudat.model.persist.DmpBlueprintPersist; import eu.eudat.model.result.QueryResult; -import eu.eudat.query.DmpBlueprintQuery; +import eu.eudat.query.*; import eu.eudat.query.lookup.DmpBlueprintLookup; import eu.eudat.service.dmpblueprint.DmpBlueprintService; -import eu.eudat.service.responseutils.ResponseUtilsService; import gr.cite.tools.auditing.AuditService; import gr.cite.tools.data.builder.BuilderFactory; import gr.cite.tools.data.censor.CensorFactory; @@ -81,11 +80,10 @@ public class DmpBlueprintController { logger.debug("querying {}", DmpBlueprint.class.getSimpleName()); this.censorFactory.censor(DmpBlueprintCensor.class).censor(lookup.getProject(), null); - - DmpBlueprintQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + DmpBlueprintQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.DmpBlueprint_Query, "lookup", lookup); @@ -100,8 +98,8 @@ public class DmpBlueprintController { this.censorFactory.censor(DmpBlueprintCensor.class).censor(fieldSet, null); - DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + DmpBlueprintQuery query = this.queryFactory.query(DmpBlueprintQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + DmpBlueprint model = this.builderFactory.builder(DmpBlueprintBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, DmpBlueprint.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpController.java index 21fa1d814..be5a1742a 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/DmpController.java @@ -71,10 +71,10 @@ public class DmpController { this.censorFactory.censor(DmpCensor.class).censor(lookup.getProject(), null); - DmpQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + DmpQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.Dmp_Query, "lookup", lookup); @@ -88,8 +88,8 @@ public class DmpController { this.censorFactory.censor(DmpCensor.class).censor(fieldSet, null); - DmpQuery query = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - Dmp model = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + DmpQuery query = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + Dmp model = this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/EntityDoiController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/EntityDoiController.java index ab9216f52..6e22efae5 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/EntityDoiController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/EntityDoiController.java @@ -71,10 +71,10 @@ public class EntityDoiController { this.censorFactory.censor(EntityDoiCensor.class).censor(lookup.getProject(), null); - EntityDoiQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + EntityDoiQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.EntityDoi_Query, "lookup", lookup); @@ -88,8 +88,8 @@ public class EntityDoiController { this.censorFactory.censor(EntityDoiCensor.class).censor(fieldSet, null); - EntityDoiQuery query = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - EntityDoi model = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + EntityDoiQuery query = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + EntityDoi model = this.builderFactory.builder(EntityDoiBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, EntityDoi.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceController.java index 08ea00bd1..e3820362d 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceController.java @@ -15,7 +15,6 @@ import eu.eudat.model.builder.ReferenceBuilder; import eu.eudat.model.censorship.ReferenceCensor; import eu.eudat.model.persist.ReferencePersist; import eu.eudat.model.result.QueryResult; -import eu.eudat.models.data.FetcherReference; import eu.eudat.models.data.helpers.responses.ResponseItem; import eu.eudat.query.ReferenceQuery; import eu.eudat.query.lookup.ReferenceLookup; @@ -89,9 +88,9 @@ public class ReferenceController extends BaseController { this.censorFactory.censor(ReferenceCensor.class).censor(lookup.getProject(), null); - ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List datas = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), datas); + List models = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), datas); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.Reference_Query, "lookup", lookup); @@ -117,8 +116,8 @@ public class ReferenceController extends BaseController { this.censorFactory.censor(ReferenceCensor.class).censor(fieldSet, null); - ReferenceQuery query = this.queryFactory.query(ReferenceQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - Reference model = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + ReferenceQuery query = this.queryFactory.query(ReferenceQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + Reference model = this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, Reference.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceTypeController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceTypeController.java index 1433c62fd..76ebb99f5 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceTypeController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/ReferenceTypeController.java @@ -78,9 +78,9 @@ public class ReferenceTypeController extends BaseController { this.censorFactory.censor(ReferenceTypeCensor.class).censor(lookup.getProject(), null); - ReferenceTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + ReferenceTypeQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List datas = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), datas); + List models = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), datas); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.ReferenceType_Query, "lookup", lookup); @@ -94,8 +94,8 @@ public class ReferenceTypeController extends BaseController { this.censorFactory.censor(ReferenceTypeCensor.class).censor(fieldSet, null); - ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + ReferenceTypeQuery query = this.queryFactory.query(ReferenceTypeQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + ReferenceType model = this.builderFactory.builder(ReferenceTypeBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, Reference.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/SupportiveMaterialController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/SupportiveMaterialController.java index c0bb8785a..94dbb3d80 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/SupportiveMaterialController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/SupportiveMaterialController.java @@ -3,7 +3,6 @@ package eu.eudat.controllers.v2; import com.fasterxml.jackson.core.JsonProcessingException; import eu.eudat.audit.AuditableAction; import eu.eudat.authorization.AuthorizationFlags; -import eu.eudat.commons.enums.SupportiveMaterialFieldType; import eu.eudat.data.SupportiveMaterialEntity; import eu.eudat.model.SupportiveMaterial; import eu.eudat.model.builder.SupportiveMaterialBuilder; @@ -13,7 +12,6 @@ import eu.eudat.model.result.QueryResult; import eu.eudat.query.SupportiveMaterialQuery; import eu.eudat.query.lookup.SupportiveMaterialLookup; import eu.eudat.service.supportivematerial.SupportiveMaterialService; -import eu.eudat.service.supportivematerial.SupportiveMaterialServiceImpl; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.auditing.AuditService; import gr.cite.tools.data.builder.BuilderFactory; @@ -28,7 +26,6 @@ import gr.cite.tools.logging.MapLogEntry; import gr.cite.tools.validation.MyValidate; import jakarta.transaction.Transactional; import jakarta.xml.bind.JAXBException; -import org.apache.commons.lang3.EnumUtils; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.MessageSource; @@ -83,9 +80,9 @@ public class SupportiveMaterialController { this.censorFactory.censor(SupportiveMaterialCensor.class).censor(lookup.getProject(), null); - SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List datas = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), datas); + List models = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), datas); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.SupportiveMaterial_Query, "lookup", lookup); @@ -99,8 +96,8 @@ public class SupportiveMaterialController { this.censorFactory.censor(SupportiveMaterialCensor.class).censor(fieldSet, null); - SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).ids(id); - SupportiveMaterial model = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + SupportiveMaterialQuery query = this.queryFactory.query(SupportiveMaterialQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).ids(id); + SupportiveMaterial model = this.builderFactory.builder(SupportiveMaterialBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); if (model == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{id, SupportiveMaterial.class.getSimpleName()}, LocaleContextHolder.getLocale())); @@ -118,7 +115,7 @@ public class SupportiveMaterialController { this.censorFactory.censor(SupportiveMaterialCensor.class).censor(lookup.getProject(), null); - SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + SupportiveMaterialQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List datas = query.collectAs(lookup.getProject()); if (datas.size() == 1){ return new ResponseEntity<>(datas.get(0).getPayload().getBytes(), HttpStatus.OK); diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/UserSettingsController.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/UserSettingsController.java index 730f44015..aa62e3a96 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/UserSettingsController.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/v2/UserSettingsController.java @@ -26,7 +26,6 @@ import jakarta.transaction.Transactional; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.MessageSource; -import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.web.bind.annotation.*; import javax.management.InvalidApplicationException; @@ -65,9 +64,9 @@ public class UserSettingsController { public QueryResult Query(@RequestBody UserSettingsLookup lookup) throws MyApplicationException, MyForbiddenException { logger.debug("querying {}", UserSettings.class.getSimpleName()); this.censorFactory.censor(UserSettingsCensor.class).censor(lookup.getProject(), null); - UserSettingsQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + UserSettingsQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List data = query.collectAs(lookup.getProject()); - List models = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), data); + List models = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), data); long count = (lookup.getMetadata() != null && lookup.getMetadata().getCountAll()) ? query.count() : models.size(); this.auditService.track(AuditableAction.User_Settings_Query, "lookup", lookup); @@ -91,8 +90,8 @@ public class UserSettingsController { UserSettings._updatedAt, UserSettings._type )); - UserSettingsQuery query = this.queryFactory.query(UserSettingsQuery.class).authorize(AuthorizationFlags.OwnerOrPermission).keys(key); - UserSettings model = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(fieldSet, query.firstAs(fieldSet)); + UserSettingsQuery query = this.queryFactory.query(UserSettingsQuery.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).keys(key); + UserSettings model = this.builderFactory.builder(UserSettingsBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(fieldSet, query.firstAs(fieldSet)); this.auditService.track(AuditableAction.User_Settings_Lookup, Map.ofEntries( new AbstractMap.SimpleEntry("key", key) diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/services/references/ReferenceService.java b/dmp-backend/web/src/main/java/eu/eudat/logic/services/references/ReferenceService.java index 8555a9ad1..b61b8a095 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/logic/services/references/ReferenceService.java +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/services/references/ReferenceService.java @@ -5,19 +5,12 @@ import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; import eu.eudat.commons.XmlHandlingService; import eu.eudat.commons.enums.IsActive; -import eu.eudat.commons.enums.ReferenceType; import eu.eudat.commons.scope.user.UserScope; import eu.eudat.commons.types.reference.DefinitionEntity; import eu.eudat.commons.types.reference.FieldEntity; import eu.eudat.configurations.referencetype.ReferenceTypeProperties; import eu.eudat.convention.ConventionService; import eu.eudat.data.ReferenceEntity; -import eu.eudat.data.dao.criteria.*; -import eu.eudat.data.old.DataRepository; -import eu.eudat.data.old.ExternalDataset; -import eu.eudat.data.old.Registry; -import eu.eudat.data.old.Service; -import eu.eudat.logic.builders.model.criteria.ExternalDatasetCriteriaBuilder; import eu.eudat.logic.proxy.config.ExternalUrlCriteria; import eu.eudat.logic.proxy.config.exceptions.HugeResultSet; import eu.eudat.logic.proxy.config.exceptions.NoURLFound; @@ -30,10 +23,8 @@ import eu.eudat.model.deleter.ReferenceDeleter; import eu.eudat.model.persist.ReferencePersist; import eu.eudat.model.persist.referencedefinition.DefinitionPersist; import eu.eudat.model.persist.referencedefinition.FieldPersist; -import eu.eudat.models.data.FetcherReference; import eu.eudat.query.ReferenceQuery; import eu.eudat.query.lookup.ReferenceSearchLookup; -import eu.eudat.queryable.QueryableList; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.builder.BuilderFactory; import gr.cite.tools.data.deleter.DeleterFactory; @@ -137,7 +128,7 @@ public class ReferenceService { this.entityManager.flush(); - return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(BaseFieldSet.build(fields, Reference._id), data); + return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(BaseFieldSet.build(fields, Reference._id), data); } private @NotNull DefinitionEntity buildDefinitionEntity(DefinitionPersist persist){ @@ -190,7 +181,7 @@ public class ReferenceService { List> remoteRepos = this.apiContext.getOperationsContext().getRemoteFetcher().get(lookup.getType(), externalUrlCriteria, lookup.getKey()); - List externalModels = this.builderFactory.builder(ReferenceSearchBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), remoteRepos); + List externalModels = this.builderFactory.builder(ReferenceSearchBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), remoteRepos); List models = this.fetchFromDb(lookup); models.addAll(externalModels); @@ -207,9 +198,9 @@ public class ReferenceService { Reference._isActive, Reference._createdAt, Reference._updatedAt, Reference._type, Reference._definition, Reference._reference, Reference._sourceType ); lookup.setProject(new BaseFieldSet(fields)); - ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermission); + ReferenceQuery query = lookup.enrich(this.queryFactory).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic); List datas = query.collectAs(lookup.getProject()); - return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermission).build(lookup.getProject(), datas); + return this.builderFactory.builder(ReferenceBuilder.class).authorize(AuthorizationFlags.OwnerOrPermissionOrMemberOrPublic).build(lookup.getProject(), datas); } // private List fetchFromDb(ReferenceType externalType, String query, String type, List> remoteRepos) throws InvalidApplicationException {