AuthorizationContentResolver resolve only login tenant permissions
This commit is contained in:
parent
789d9c5c5c
commit
d2d96b128a
|
|
@ -1,7 +1,9 @@
|
|||
package org.opencdmp.authorization.authorizationcontentresolver;
|
||||
|
||||
import gr.cite.tools.data.query.QueryFactory;
|
||||
import gr.cite.tools.exception.MyApplicationException;
|
||||
import gr.cite.tools.fieldset.BaseFieldSet;
|
||||
import gr.cite.tools.logging.LoggerService;
|
||||
import org.opencdmp.authorization.AffiliatedResource;
|
||||
import org.opencdmp.authorization.PermissionNameProvider;
|
||||
import org.opencdmp.commons.enums.IsActive;
|
||||
|
|
@ -16,6 +18,8 @@ import org.opencdmp.query.DescriptionQuery;
|
|||
import org.opencdmp.query.DmpDescriptionTemplateQuery;
|
||||
import org.opencdmp.query.DmpUserQuery;
|
||||
import org.opencdmp.query.UserDescriptionTemplateQuery;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.web.context.annotation.RequestScope;
|
||||
|
||||
|
|
@ -26,17 +30,21 @@ import java.util.stream.Collectors;
|
|||
@Service
|
||||
@RequestScope
|
||||
public class AuthorizationContentResolverImpl implements AuthorizationContentResolver {
|
||||
private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(AuthorizationContentResolverImpl.class));
|
||||
private static final Logger log = LoggerFactory.getLogger(AuthorizationContentResolverImpl.class);
|
||||
private final QueryFactory queryFactory;
|
||||
private final UserScope userScope;
|
||||
private final TenantScope tenantScope;
|
||||
private final AffiliationCacheService affiliationCacheService;
|
||||
private final PermissionNameProvider permissionNameProvider;
|
||||
public AuthorizationContentResolverImpl(QueryFactory queryFactory, UserScope userScope, TenantScope tenantScope, AffiliationCacheService affiliationCacheService, PermissionNameProvider permissionNameProvider) {
|
||||
private final TenantEntityManager tenantEntityManager;
|
||||
public AuthorizationContentResolverImpl(QueryFactory queryFactory, UserScope userScope, TenantScope tenantScope, AffiliationCacheService affiliationCacheService, PermissionNameProvider permissionNameProvider, TenantEntityManager tenantEntityManager) {
|
||||
this.queryFactory = queryFactory;
|
||||
this.userScope = userScope;
|
||||
this.tenantScope = tenantScope;
|
||||
this.affiliationCacheService = affiliationCacheService;
|
||||
this.permissionNameProvider = permissionNameProvider;
|
||||
this.tenantEntityManager = tenantEntityManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -59,9 +67,21 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
|
|||
|
||||
List<UUID> idsToResolve = this.getAffiliatedFromCache(ids, userId, affiliatedResources, DmpEntity.class.getSimpleName());
|
||||
if (idsToResolve.isEmpty()) return affiliatedResources;
|
||||
|
||||
List<DmpUserEntity> dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(ids).sectionIsEmpty(true).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._dmp));
|
||||
|
||||
List<DmpUserEntity> dmpUsers;
|
||||
try {
|
||||
this.tenantEntityManager.loadExplictTenantFilters();
|
||||
dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(ids).sectionIsEmpty(true).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._dmp));
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
} finally {
|
||||
try {
|
||||
this.tenantEntityManager.reloadTenantFilters();
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
}
|
||||
}
|
||||
for (DmpUserEntity dmpUser : dmpUsers){
|
||||
affiliatedResources.get(dmpUser.getDmpId()).getDmpUserRoles().add(dmpUser.getRole());
|
||||
}
|
||||
|
|
@ -87,7 +107,21 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
|
|||
List<UUID> idsToResolve = this.getAffiliatedFromCache(ids, userId, affiliatedResources, DescriptionTemplateEntity.class.getSimpleName());
|
||||
if (idsToResolve.isEmpty()) return affiliatedResources;
|
||||
|
||||
List<UserDescriptionTemplateEntity> userDescriptionTemplates = this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().descriptionTemplateIds(ids).userIds(userId).isActive(IsActive.Active).collectAs(new BaseFieldSet().ensure(UserDescriptionTemplate._role).ensure(UserDescriptionTemplate._descriptionTemplate));
|
||||
List<UserDescriptionTemplateEntity> userDescriptionTemplates;
|
||||
try {
|
||||
this.tenantEntityManager.loadExplictTenantFilters();
|
||||
userDescriptionTemplates = this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().descriptionTemplateIds(ids).userIds(userId).isActive(IsActive.Active).collectAs(new BaseFieldSet().ensure(UserDescriptionTemplate._role).ensure(UserDescriptionTemplate._descriptionTemplate));
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
} finally {
|
||||
try {
|
||||
this.tenantEntityManager.reloadTenantFilters();
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
for (UserDescriptionTemplateEntity dmpUser : userDescriptionTemplates){
|
||||
affiliatedResources.get(dmpUser.getDescriptionTemplateId()).getUserDescriptionTemplateRoles().add(dmpUser.getRole());
|
||||
|
|
@ -103,7 +137,23 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
|
|||
if (userId == null || !this.userScope.isSet()) return false;
|
||||
|
||||
//TODO: investigate if we want to use cache
|
||||
return this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().userIds(userId).isActive(IsActive.Active).count() > 0;
|
||||
boolean hasAny;
|
||||
try {
|
||||
this.tenantEntityManager.loadExplictTenantFilters();
|
||||
hasAny = this.queryFactory.query(UserDescriptionTemplateQuery.class).disableTracking().userIds(userId).isActive(IsActive.Active).count() > 0;
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
} finally {
|
||||
try {
|
||||
this.tenantEntityManager.reloadTenantFilters();
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
return hasAny;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -122,11 +172,30 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
|
|||
List<UUID> idsToResolve = this.getAffiliatedFromCache(ids, userId, affiliatedResources, DescriptionEntity.class.getSimpleName());
|
||||
if (idsToResolve.isEmpty()) return affiliatedResources;
|
||||
|
||||
List<DescriptionEntity> descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(ids).collectAs(new BaseFieldSet().ensure(Description._id).ensure(Description._dmpDescriptionTemplate).ensure(Description._dmp));
|
||||
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().ids(descriptionEntities.stream().map(DescriptionEntity::getDmpDescriptionTemplateId).distinct().toList()).collectAs(new BaseFieldSet().ensure(DmpDescriptionTemplate._id).ensure(DmpDescriptionTemplate._sectionId));
|
||||
Map<UUID, DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntityMap = dmpDescriptionTemplateEntities == null ? new HashMap<>() : dmpDescriptionTemplateEntities.stream().collect(Collectors.toMap(DmpDescriptionTemplateEntity::getId, x-> x));
|
||||
List<DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntities;
|
||||
List<DmpUserEntity> dmpUsers;
|
||||
List<DescriptionEntity> descriptionEntities;
|
||||
try {
|
||||
this.tenantEntityManager.loadExplictTenantFilters();
|
||||
descriptionEntities = this.queryFactory.query(DescriptionQuery.class).disableTracking().ids(ids).collectAs(new BaseFieldSet().ensure(Description._id).ensure(Description._dmpDescriptionTemplate).ensure(Description._dmp));
|
||||
dmpDescriptionTemplateEntities = this.queryFactory.query(DmpDescriptionTemplateQuery.class).disableTracking().ids(descriptionEntities.stream().map(DescriptionEntity::getDmpDescriptionTemplateId).distinct().toList()).collectAs(new BaseFieldSet().ensure(DmpDescriptionTemplate._id).ensure(DmpDescriptionTemplate._sectionId));
|
||||
dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().descriptionIds(ids).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._sectionId).ensure(DmpUser._dmp));
|
||||
|
||||
List<DmpUserEntity> dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().descriptionIds(ids).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._sectionId).ensure(DmpUser._dmp));
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
} finally {
|
||||
try {
|
||||
this.tenantEntityManager.reloadTenantFilters();
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
Map<UUID, DmpDescriptionTemplateEntity> dmpDescriptionTemplateEntityMap = dmpDescriptionTemplateEntities == null ? new HashMap<>() : dmpDescriptionTemplateEntities.stream().collect(Collectors.toMap(DmpDescriptionTemplateEntity::getId, x-> x));
|
||||
Map<UUID, List<DmpUserEntity>> dmpUsersMap = dmpUsers.stream().collect(Collectors.groupingBy(DmpUserEntity::getDmpId));
|
||||
|
||||
for (DescriptionEntity description : descriptionEntities){
|
||||
|
|
@ -160,7 +229,22 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
|
|||
}
|
||||
if (userId == null || !this.userScope.isSet()) return affiliatedResources;
|
||||
|
||||
List<DmpUserEntity> dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(dmpId).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._sectionId).ensure(DmpUser._dmp));
|
||||
|
||||
List<DmpUserEntity> dmpUsers;
|
||||
try {
|
||||
this.tenantEntityManager.loadExplictTenantFilters();
|
||||
dmpUsers = this.queryFactory.query(DmpUserQuery.class).disableTracking().dmpIds(dmpId).userIds(userId).isActives(IsActive.Active).collectAs(new BaseFieldSet().ensure(DmpUser._role).ensure(DmpUser._sectionId).ensure(DmpUser._dmp));
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
} finally {
|
||||
try {
|
||||
this.tenantEntityManager.reloadTenantFilters();
|
||||
} catch (InvalidApplicationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
throw new MyApplicationException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
for (UUID sectionId : sectionIds.stream().distinct().toList()){
|
||||
List<DmpUserEntity> dmpSectionUsers = dmpUsers.stream().filter(x-> x.getSectionId() == null || x.getSectionId().equals(sectionId)).toList();
|
||||
|
|
|
|||
Loading…
Reference in New Issue