From 498ffca73ddfe3f6c2b4cdcadb7c4a90e3679587 Mon Sep 17 00:00:00 2001 From: amentis Date: Fri, 15 Mar 2024 11:39:01 +0200 Subject: [PATCH] dmp finalize changes --- .../eu/eudat/authorization/Permission.java | 1 + .../eu/eudat/service/dmp/DmpServiceImpl.java | 30 ++++++++++--------- .../src/main/resources/config/permissions.yml | 13 ++++++++ 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java index fc8374251..2a7846f35 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java +++ b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java @@ -76,6 +76,7 @@ public final class Permission { public static String CreateNewVersionDmp = "CreateNewVersionDmp"; public static String ExportDmp = "ExportDmp"; public static String FinalizeDmp = "FinalizeDmp"; + public static String UndoFinalizeDmp = "UndoFinalizeDmp"; public static String AssignDmpUsers = "AssignDmpUsers"; public static String InviteDmpUsers = "InviteDmpUsers"; diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java index ea8ace216..b11b7d16a 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/dmp/DmpServiceImpl.java @@ -817,6 +817,7 @@ public class DmpServiceImpl implements DmpService { } public void finalize(UUID id, List descriptionIds) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, IOException { + this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.FinalizeDmp); DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id).isActive(IsActive.Active).first(); if (dmp == null){ @@ -827,27 +828,22 @@ public class DmpServiceImpl implements DmpService { throw new MyApplicationException("DMP is already finalized"); } - if (!this.conventionService.isListNullOrEmpty(descriptionIds)){ - List descriptionsToBeFinalised = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(descriptionIds).dmpIds(id).isActive(IsActive.Active).collect(); - for (DescriptionEntity description: descriptionsToBeFinalised) { + List descriptions = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).dmpIds(id).isActive(IsActive.Active).collect(); + + for (DescriptionEntity description: descriptions) { + if (descriptionIds.contains(description.getId())){ + // description to be finalized if (description.getStatus().equals(DescriptionStatus.Finalized)){ throw new MyApplicationException("Description is already finalized"); - } + } description.setStatus(DescriptionStatus.Finalized); description.setUpdatedAt(Instant.now()); description.setFinalizedAt(Instant.now()); this.entityManager.merge(description); - } - - List descriptionsToBeCanceled = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).excludedIds(descriptionIds).dmpIds(id).isActive(IsActive.Active).collect(); - for (DescriptionEntity description: descriptionsToBeCanceled) { + } else if (description.getStatus().equals(DescriptionStatus.Draft)) { + // description to be canceled description.setStatus(DescriptionStatus.Canceled); - } - this.deleterFactory.deleter(DescriptionDeleter.class).delete(descriptionsToBeCanceled, true); - } else { - List descriptions = this.queryFactory.query(DescriptionQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(descriptionIds).dmpIds(id).statuses(DescriptionStatus.Finalized).isActive(IsActive.Active).collect(); - if (descriptions == null){ - throw new MyApplicationException("Dmp don't have Finalized Descriptions"); + this.deleterFactory.deleter(DescriptionDeleter.class).delete(List.of(description), true); } } @@ -862,6 +858,7 @@ public class DmpServiceImpl implements DmpService { } public void undoFinalize(UUID id, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, IOException { + this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.UndoFinalizeDmp); DmpEntity dmp = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(id).isActive(IsActive.Active).firstAs(fields); if (dmp == null){ @@ -872,6 +869,11 @@ public class DmpServiceImpl implements DmpService { throw new MyApplicationException("DMP is already drafted"); } + EntityDoiQuery entityDoiQuery = this.queryFactory.query(EntityDoiQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).types(EntityType.DMP).entityIds(dmp.getId()); + if (entityDoiQuery != null && entityDoiQuery.count() > 0){ + throw new MyApplicationException("DMP is deposited"); + } + dmp.setStatus(DmpStatus.Draft); dmp.setUpdatedAt(Instant.now()); diff --git a/dmp-backend/web/src/main/resources/config/permissions.yml b/dmp-backend/web/src/main/resources/config/permissions.yml index d721300ba..f13f8631c 100644 --- a/dmp-backend/web/src/main/resources/config/permissions.yml +++ b/dmp-backend/web/src/main/resources/config/permissions.yml @@ -404,6 +404,19 @@ permissions: clients: [ ] allowAnonymous: false allowAuthenticated: false + UndoFinalizeDmp: + roles: + - Admin + dmp: + roles: + - Owner + - User + - DescriptionContributor + - Reviewer + claims: [ ] + clients: [ ] + allowAnonymous: false + allowAuthenticated: false AssignDmpUsers: roles: - Admin