dmp authz changes

This commit is contained in:
Efstratios Giannopoulos 2024-03-14 11:23:46 +02:00
parent e9cbf27295
commit cef1e295f7
17 changed files with 138 additions and 59 deletions

View File

@ -33,7 +33,7 @@ public class DmpBlueprintValueCensor extends BaseCensor {
if (fields == null || fields.isEmpty())
return;
this.authService.authorizeForce(Permission.BrowseDmp);
this.authService.authorizeForce(Permission.BrowseDmp, Permission.DeferredAffiliation);
}
}

View File

@ -3,10 +3,8 @@ package eu.eudat.model.censorship.dmpproperties;
import eu.eudat.authorization.Permission;
import eu.eudat.convention.ConventionService;
import eu.eudat.model.censorship.BaseCensor;
import eu.eudat.model.censorship.DmpCensor;
import eu.eudat.model.censorship.UserCensor;
import eu.eudat.model.dmpproperties.DmpContact;
import eu.eudat.model.dmpproperties.DmpProperties;
import gr.cite.commons.web.authz.service.AuthorizationService;
import gr.cite.tools.data.censor.CensorFactory;
import gr.cite.tools.fieldset.FieldSet;
@ -40,7 +38,7 @@ public class DmpContactCensor extends BaseCensor {
if (fields == null || fields.isEmpty())
return;
this.authService.authorizeForce(Permission.BrowseDmp);
this.authService.authorizeForce(Permission.BrowseDmp, Permission.DeferredAffiliation);
FieldSet userFields = fields.extractPrefixed(this.asIndexerPrefix(DmpContact._user));
this.censorFactory.censor(UserCensor.class).censor(userFields, userId);
}

View File

@ -38,7 +38,7 @@ public class DmpPropertiesCensor extends BaseCensor {
if (fields == null || fields.isEmpty())
return;
this.authService.authorizeForce(Permission.BrowseDmp);
this.authService.authorizeForce(Permission.BrowseDmp, Permission.DeferredAffiliation);
FieldSet dmpBlueprintValuesFields = fields.extractPrefixed(this.asIndexerPrefix(DmpProperties._dmpBlueprintValues));
this.censorFactory.censor(DmpBlueprintValueCensor.class).censor(dmpBlueprintValuesFields, userId);
FieldSet contactsFields = fields.extractPrefixed(this.asIndexerPrefix(DmpProperties._contacts));

View File

@ -36,7 +36,7 @@ public class DmpReferenceDataCensor extends BaseCensor {
if (fields == null || fields.isEmpty())
return;
this.authService.authorizeForce(Permission.BrowseDmpDescriptionTemplate);
this.authService.authorizeForce(Permission.BrowseDmpDescriptionTemplate, Permission.DeferredAffiliation);
}
}

View File

@ -17,6 +17,7 @@ import gr.cite.tools.data.query.QueryContext;
import jakarta.persistence.Tuple;
import jakarta.persistence.criteria.CriteriaBuilder;
import jakarta.persistence.criteria.Predicate;
import jakarta.persistence.criteria.Subquery;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
@ -189,7 +190,7 @@ public class EntityDoiQuery extends QueryBase<EntityDoiEntity> {
List<Predicate> predicates = new ArrayList<>();
boolean usePublic = this.authorize.contains(AuthorizationFlags.Public);
if (userId != null || usePublic) {
predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(EntityDoiEntity._entityId)).value( queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic))));
predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(EntityDoiEntity._entityId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic)));
}
if (!predicates.isEmpty()) {
Predicate[] predicatesArray = predicates.toArray(new Predicate[0]);

View File

@ -150,7 +150,7 @@ public class UserQuery extends QueryBase<UserEntity> {
if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseUser)) return null;
UUID userId;
if (this.authorize.contains(AuthorizationFlags.Owner)) userId = this.userScope.getUserIdSafe();
if (this.authorize.contains(AuthorizationFlags.Public)) userId = this.userScope.getUserIdSafe();
if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
else userId = null;
List<Predicate> predicates = new ArrayList<>();

View File

@ -1,8 +1,5 @@
package eu.eudat.service.dmp;
import com.fasterxml.jackson.core.JsonProcessingException;
import eu.eudat.data.DmpEntity;
import eu.eudat.data.DmpUserEntity;
import eu.eudat.model.Dmp;
import eu.eudat.model.DmpUser;
import eu.eudat.model.persist.*;
@ -36,7 +33,7 @@ public interface DmpService {
ResponseEntity<byte[]> export(UUID id, String transformerId, String exportType) throws InvalidApplicationException, IOException;
void inviteUsers(UUID id, List<DmpUserPersist> users) throws InvalidApplicationException, JAXBException, IOException;
void inviteUserOrAssignUsers(UUID id, List<DmpUserPersist> users) throws InvalidApplicationException, JAXBException, IOException;
void dmpInvitationAccept(String token) throws InvalidApplicationException, IOException;

View File

@ -191,6 +191,12 @@ public class DmpServiceImpl implements DmpService {
this.patchAndSaveTemplates(data.getId(), model.getDescriptionTemplates());
if (!isUpdate || userScope.isSet()) {
this.addOwner(data);
if (model.getUsers() == null) model.setUsers(new ArrayList<>());
if (model.getUsers().stream().noneMatch(x-> x.getUser() != null && x.getUser().equals(this.userScope.getUserIdSafe()) && DmpUserRole.Owner.equals(x.getRole()))) model.getUsers().add(this.createOwnerPersist());
}
this.eventBroker.emit(new DmpTouchedEvent(data.getId()));
this.dmpTouchedIntegrationEventHandler.handle(DmpTouchedIntegrationEventHandler.buildEventFromPersistModel(model));
@ -200,10 +206,7 @@ public class DmpServiceImpl implements DmpService {
this.sendNotification(data);
if (!this.conventionService.isListNullOrEmpty(model.getUsers())){
this.inviteUsers(data.getId(), model.getUsers());
}else{
this.addOwner(data);
this.assignUsers(data.getId(), new ArrayList<>(), null);
this.inviteUserOrAssignUsers(data.getId(), model.getUsers());
}
this.elasticService.persistDmp(data);
@ -211,6 +214,13 @@ public class DmpServiceImpl implements DmpService {
return this.builderFactory.builder(DmpBuilder.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).build(BaseFieldSet.build(fields, Dmp._id, Dmp._hash), data);
}
private DmpUserPersist createOwnerPersist() {
DmpUserPersist persist = new DmpUserPersist();
persist.setRole(DmpUserRole.Owner);
persist.setUser(userScope.getUserIdSafe());
return persist;
}
private void addOwner(DmpEntity dmpEntity) throws InvalidApplicationException {
DmpUserEntity data = new DmpUserEntity();
data.setId(UUID.randomUUID());
@ -286,14 +296,14 @@ public class DmpServiceImpl implements DmpService {
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException, IOException {
logger.debug("deleting dmp: {}", id);
this.authorizationService.authorizeForce(Permission.DeleteDmp);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.DeleteDmp);
this.deleterFactory.deleter(DmpDeleter.class).deleteAndSaveByIds(List.of(id), false);
}
@Override
public Dmp createNewVersion(NewVersionDmpPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, JAXBException, ParserConfigurationException, IOException, TransformerException {
this.authorizationService.authorizeForce(Permission.CreateNewVersionDmp);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation( model.getId())), Permission.CreateNewVersionDmp);
DmpEntity oldDmpEntity = this.entityManager.find(DmpEntity.class, model.getId());
if (oldDmpEntity == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -395,7 +405,7 @@ public class DmpServiceImpl implements DmpService {
@Override
public Dmp buildClone(CloneDmpPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, IOException, InvalidApplicationException {
this.authorizationService.authorizeForce(Permission.CloneDmp);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation( model.getId())), Permission.CloneDmp);
DmpEntity existingDmpEntity = this.queryFactory.query(DmpQuery.class).authorize(AuthorizationFlags.OwnerOrDmpAssociatedOrPermission).ids(model.getId()).firstAs(fields);
if (!this.conventionService.isValidGuid(model.getId()) || existingDmpEntity == null)
@ -527,7 +537,7 @@ public class DmpServiceImpl implements DmpService {
@Override
public Dmp removeUser(DmpUserRemovePersist model, FieldSet fields) throws InvalidApplicationException, IOException {
this.authorizationService.authorizeForce(Permission.AssignDmpUsers);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getDmpId())), Permission.AssignDmpUsers);
DmpEntity data = this.entityManager.find(DmpEntity.class, model.getDmpId());
if (data == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -566,7 +576,7 @@ public class DmpServiceImpl implements DmpService {
if (data == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));
if (!this.conventionService.hashValue(data.getUpdatedAt()).equals(model.getHash())) throw new MyValidationException(this.errors.getHashConflict().getCode(), this.errors.getHashConflict().getMessage());
if (model.getStatus() != null && model.getStatus() == DmpStatus.Finalized && data.getStatus() != DmpStatus.Finalized) {
this.authorizationService.authorizeForce(Permission.FinalizeDmp);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getId())), Permission.FinalizeDmp);
data.setStatus(model.getStatus());
data.setFinalizedAt(Instant.now());
}
@ -807,9 +817,8 @@ public class DmpServiceImpl implements DmpService {
}
// invites
public void inviteUsers(UUID id, List<DmpUserPersist> users) throws InvalidApplicationException, JAXBException, IOException {
this.authorizationService.authorizeForce(Permission.InviteDmpUsers);
public void inviteUserOrAssignUsers(UUID id, List<DmpUserPersist> users) throws InvalidApplicationException, JAXBException, IOException {
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.InviteDmpUsers);
DmpEntity dmp = this.queryFactory.query(DmpQuery.class).ids(id).first();
if (dmp == null){

View File

@ -2,6 +2,7 @@ package eu.eudat.service.lock;
import eu.eudat.authorization.AuthorizationFlags;
import eu.eudat.authorization.Permission;
import eu.eudat.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import eu.eudat.commons.scope.user.UserScope;
import eu.eudat.convention.ConventionService;
import eu.eudat.data.LockEntity;
@ -51,6 +52,7 @@ public class LockServiceImpl implements LockService {
private final ConventionService conventionService;
private final MessageSource messageSource;
private final ErrorThesaurusProperties errors;
private final AuthorizationContentResolver authorizationContentResolver;
@Autowired
public LockServiceImpl(
@ -62,7 +64,7 @@ public class LockServiceImpl implements LockService {
QueryFactory queryFactory,
ConventionService conventionService,
MessageSource messageSource,
ErrorThesaurusProperties errors) {
ErrorThesaurusProperties errors, AuthorizationContentResolver authorizationContentResolver) {
this.entityManager = entityManager;
this.userScope = userScope;
this.authorizationService = authorizationService;
@ -72,12 +74,13 @@ public class LockServiceImpl implements LockService {
this.conventionService = conventionService;
this.messageSource = messageSource;
this.errors = errors;
this.authorizationContentResolver = authorizationContentResolver;
}
public Lock persist(LockPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException {
logger.debug(new MapLogEntry("persisting data").And("model", model).And("fields", fields));
this.authorizationService.authorizeForce(Permission.EditLock);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getTarget())), Permission.EditLock);
Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
@ -176,7 +179,7 @@ public class LockServiceImpl implements LockService {
public void deleteAndSave(UUID id) throws MyForbiddenException, InvalidApplicationException {
logger.debug("deleting : {}", id);
this.authorizationService.authorizeForce(Permission.DeleteLock);
this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(id)), Permission.DeleteLock);
this.deleterFactory.deleter(LockDeleter.class).deleteAndSaveByIds(List.of(id));
}

View File

@ -256,7 +256,7 @@ public class DmpController {
public boolean inviteUsers(@PathVariable("id") UUID id, @RequestBody DmpUserInvitePersist model) throws InvalidApplicationException, JAXBException, IOException {
logger.debug(new MapLogEntry("inviting users to dmp").And("model", model));
this.dmpService.inviteUsers(id, model.getUsers());
this.dmpService.inviteUserOrAssignUsers(id, model.getUsers());
this.auditService.track(AuditableAction.Dmp_Invite_Users, Map.ofEntries(
new AbstractMap.SimpleEntry<String, Object>("model", model)

View File

@ -3,6 +3,7 @@ package eu.eudat.controllers;
import eu.eudat.audit.AuditableAction;
import eu.eudat.authorization.AuthorizationFlags;
import eu.eudat.authorization.Permission;
import eu.eudat.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import gr.cite.tools.validation.ValidationFilterAnnotation;
import eu.eudat.data.LockEntity;
import eu.eudat.model.Lock;
@ -62,14 +63,14 @@ public class LockController {
private final MessageSource messageSource;
private final AuthorizationService authService;
private final AuthorizationContentResolver authorizationContentResolver;
@Autowired
public LockController(BuilderFactory builderFactory,
AuditService auditService,
LockService lockService,
CensorFactory censorFactory,
QueryFactory queryFactory,
MessageSource messageSource, AuthorizationService authService) {
MessageSource messageSource, AuthorizationService authService, AuthorizationContentResolver authorizationContentResolver) {
this.builderFactory = builderFactory;
this.auditService = auditService;
this.lockService = lockService;
@ -77,6 +78,7 @@ public class LockController {
this.queryFactory = queryFactory;
this.messageSource = messageSource;
this.authService = authService;
this.authorizationContentResolver = authorizationContentResolver;
}
@PostMapping("query")
@ -154,7 +156,7 @@ public class LockController {
@GetMapping("target/status/{id}")
public Boolean getLocked(@PathVariable("id") UUID targetId) throws Exception {
logger.debug(new MapLogEntry("is locked" + Lock.class.getSimpleName()).And("targetId", targetId));
this.authService.authorizeForce(Permission.BrowseLock);
this.authService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(targetId)), Permission.BrowseLock);
Boolean isLocked = this.lockService.isLocked(targetId);
this.auditService.track(AuditableAction.Lock_IsLocked, Map.ofEntries(
@ -167,7 +169,7 @@ public class LockController {
@DeleteMapping("target/unlock/{id}")
public boolean unlock(@PathVariable("id") UUID targetId) throws Exception {
logger.debug(new MapLogEntry("unlock" + Lock.class.getSimpleName()).And("targetId", targetId));
this.authService.authorizeForce(Permission.BrowseLock);
this.authService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(targetId)), Permission.BrowseLock);
this.lockService.unlock(targetId);
this.auditService.track(AuditableAction.Lock_UnLocked, Map.ofEntries(

View File

@ -342,6 +342,12 @@ permissions:
DeleteDmp:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -349,6 +355,12 @@ permissions:
CloneDmp:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -356,6 +368,12 @@ permissions:
CreateNewVersionDmp:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -363,6 +381,12 @@ permissions:
ExportDmp:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -370,6 +394,12 @@ permissions:
FinalizeDmp:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -390,6 +420,12 @@ permissions:
InviteDmpUsers:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false
@ -709,18 +745,36 @@ permissions:
BrowseLock:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
EditLock:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
DeleteLock:
roles:
- Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ]
clients: [ ]
allowAnonymous: false

View File

@ -12,6 +12,7 @@ import { ReferencePersist } from '../reference/reference';
import { DmpAssociatedUser, User } from "../user/user";
import { DmpReference } from './dmp-reference';
import { IsActive } from '@app/core/common/enum/is-active.enum';
import { AppPermission } from '@app/core/common/enum/permission.enum';
export interface Dmp extends BaseEntity {
label?: string;
@ -33,6 +34,7 @@ export interface Dmp extends BaseEntity {
descriptions?: Description[];
dmpDescriptionTemplates?: DmpDescriptionTemplate[];
entityDois?: EntityDoi[];
authorizationFlags?: AppPermission[];
}
export interface DmpProperties {

View File

@ -196,7 +196,7 @@ export class DmpEditorComponent extends BaseEditor<DmpEditorModel, Dmp> implemen
}
buildForm() {
const canedit = this.isNew ? this.authService.hasPermission(AppPermission.NewDmp) : this.authService.hasPermission(AppPermission.EditDmp);
const canedit = this.isNew ? this.authService.hasPermission(AppPermission.NewDmp) : this.item.authorizationFlags?.some(x => x === AppPermission.EditDmp) || this.authService.hasPermission(AppPermission.EditDmp);
this.formGroup = this.editorModel.buildForm(null, this.isDeleted || !canedit);
if (this.editorModel.status == DmpStatus.Finalized || this.isDeleted) {

View File

@ -1,5 +1,6 @@
import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
import { AppPermission } from '@app/core/common/enum/permission.enum';
import { Description } from '@app/core/model/description/description';
import { DescriptionTemplatesInSection, DmpBlueprint, DmpBlueprintDefinition, DmpBlueprintDefinitionSection, ExtraFieldInSection, FieldInSection, ReferenceTypeFieldInSection, SystemFieldInSection } from '@app/core/model/dmp-blueprint/dmp-blueprint';
import { Dmp, DmpBlueprintValue, DmpContact, DmpDescriptionTemplate, DmpProperties, DmpUser } from '@app/core/model/dmp/dmp';
@ -38,6 +39,8 @@ export class DmpEditorResolver extends BaseEditorResolver {
nameof<Dmp>(x => x.publicAfter),
nameof<Dmp>(x => x.hash),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.EditDmp].join('.'),
[nameof<Dmp>(x => x.properties), nameof<DmpProperties>(x => x.dmpBlueprintValues), nameof<DmpBlueprintValue>(x => x.fieldId)].join('.'),
[nameof<Dmp>(x => x.properties), nameof<DmpProperties>(x => x.dmpBlueprintValues), nameof<DmpBlueprintValue>(x => x.fieldValue)].join('.'),
[nameof<Dmp>(x => x.properties), nameof<DmpProperties>(x => x.contacts), nameof<DmpContact>(x => x.user), nameof<DmpAssociatedUser>(x => x.id)].join('.'),

View File

@ -35,10 +35,11 @@ const routes: Routes = [
data: {
...BreadcrumbService.generateRouteDataConfiguration({
title: 'BREADCRUMBS.EDIT-DMP'
}),
authContext: {
permissions: [AppPermission.EditDmp]
}
})
// ,
// authContext: {
// permissions: [AppPermission.EditDmp]
// }
}
},

View File

@ -196,39 +196,39 @@ export class DmpOverviewComponent extends BaseComponent implements OnInit {
isDmpOwner(): boolean {
const principalId: Guid = this.authentication.userId();
if (principalId) return !!this.dmp.dmpUsers?.find(x => (x.role === DmpUserRole.Owner) && (principalId === x.id));
if (principalId) return !!this.dmp.dmpUsers?.find(x => (x.role === DmpUserRole.Owner) && (principalId === x.user?.id));
}
canEditDmp(): boolean{
return (this.isDraftDmp()) && (this.isDmpOwner() || this.authentication.hasPermission(AppPermission.EditDmp)) && this.isPublicView == false;
return (this.isDraftDmp()) && (this.dmp.authorizationFlags?.some(x => x === AppPermission.EditDmp) || this.authentication.hasPermission(AppPermission.EditDmp)) && this.isPublicView == false;
}
canCreateNewVersion(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.CreateNewVersionDmp) && this.isPublicView == false;
return this.dmp.authorizationFlags?.some(x => x === AppPermission.CreateNewVersionDmp) || this.authentication.hasPermission(AppPermission.CreateNewVersionDmp) && this.isPublicView == false;
}
canDeleteDmp(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.DeleteDmp) && this.isPublicView == false;
return this.dmp.authorizationFlags?.some(x => x === AppPermission.DeleteDmp) || this.authentication.hasPermission(AppPermission.DeleteDmp) && this.isPublicView == false;
}
canCloneDmp(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.CloneDmp);
return this.dmp.authorizationFlags?.some(x => x === AppPermission.CloneDmp) || this.authentication.hasPermission(AppPermission.CloneDmp);
}
canFinalizeDmp(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.FinalizeDmp) && this.isPublicView == false;
return this.dmp.authorizationFlags?.some(x => x === AppPermission.FinalizeDmp) || this.authentication.hasPermission(AppPermission.FinalizeDmp) && this.isPublicView == false;
}
canExportDmp(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.ExportDmp);
return this.dmp.authorizationFlags?.some(x => x === AppPermission.ExportDmp) || this.authentication.hasPermission(AppPermission.ExportDmp);
}
canInviteDmpUsers(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.InviteDmpUsers) && this.isPublicView == false;
return this.dmp.authorizationFlags?.some(x => x === AppPermission.InviteDmpUsers) || this.authentication.hasPermission(AppPermission.InviteDmpUsers) && this.isPublicView == false;
}
canAssignDmpUsers(): boolean {
return this.isDmpOwner() || this.authentication.hasPermission(AppPermission.AssignDmpUsers) && this.isPublicView == false;
return this.dmp.authorizationFlags?.some(x => x === AppPermission.AssignDmpUsers) || this.authentication.hasPermission(AppPermission.AssignDmpUsers) && this.isPublicView == false;
}
editClicked() {
@ -768,6 +768,15 @@ export class DmpOverviewComponent extends BaseComponent implements OnInit {
nameof<Dmp>(x => x.groupId),
nameof<Dmp>(x => x.version),
nameof<Dmp>(x => x.updatedAt),
nameof<Dmp>(x => x.updatedAt),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.CreateNewVersionDmp].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.DeleteDmp].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.CloneDmp].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.FinalizeDmp].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.ExportDmp].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.InviteDmpUsers].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.AssignDmpUsers].join('.'),
[nameof<Dmp>(x => x.authorizationFlags), AppPermission.EditDmp].join('.'),
[nameof<Dmp>(x => x.entityDois), nameof<EntityDoi>(x => x.id)].join('.'),
[nameof<Dmp>(x => x.entityDois), nameof<EntityDoi>(x => x.repositoryId)].join('.'),
[nameof<Dmp>(x => x.entityDois), nameof<EntityDoi>(x => x.doi)].join('.'),