Merge branch 'dmp-refactoring' of https://code-repo.d4science.org/MaDgiK-CITE/argos into dmp-refactoring

This commit is contained in:
Sofia Papacharalampous 2024-03-13 18:00:09 +02:00
commit ea3b1b1558
9 changed files with 54 additions and 38 deletions

View File

@ -9,5 +9,7 @@ import java.util.UUID;
public interface AuthorizationContentResolver { public interface AuthorizationContentResolver {
List<String> getPermissionNames(); List<String> getPermissionNames();
Map<UUID, AffiliatedResource> dmpAffiliation(List<UUID> ids); AffiliatedResource dmpAffiliation(UUID id);
Map<UUID, AffiliatedResource> dmpsAffiliation(List<UUID> ids);
} }

View File

@ -33,8 +33,13 @@ public class AuthorizationContentResolverImpl implements AuthorizationContentRes
public List<String> getPermissionNames() { public List<String> getPermissionNames() {
return permissionNameProvider.getPermissions(); return permissionNameProvider.getPermissions();
} }
@Override @Override
public Map<UUID, AffiliatedResource> dmpAffiliation(List<UUID> ids){ public AffiliatedResource dmpAffiliation(UUID id) {
return this.dmpsAffiliation(List.of(id)).getOrDefault(id, new AffiliatedResource());
}
@Override
public Map<UUID, AffiliatedResource> dmpsAffiliation(List<UUID> ids){
UUID userId = this.userScope.getUserIdSafe(); UUID userId = this.userScope.getUserIdSafe();
Map<UUID, AffiliatedResource> affiliatedResources = new HashMap<>(); Map<UUID, AffiliatedResource> affiliatedResources = new HashMap<>();
for (UUID id : ids){ for (UUID id : ids){

View File

@ -2,17 +2,13 @@ package eu.eudat.model.builder;
import eu.eudat.authorization.AffiliatedResource; import eu.eudat.authorization.AffiliatedResource;
import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.AuthorizationFlags;
import eu.eudat.authorization.Permission;
import eu.eudat.authorization.authorizationcontentresolver.AuthorizationContentResolver; import eu.eudat.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import eu.eudat.commons.JsonHandlingService; import eu.eudat.commons.JsonHandlingService;
import eu.eudat.commons.enums.EntityType; import eu.eudat.commons.enums.EntityType;
import eu.eudat.commons.types.description.PropertyDefinitionEntity;
import eu.eudat.commons.types.dmp.DmpPropertiesEntity; import eu.eudat.commons.types.dmp.DmpPropertiesEntity;
import eu.eudat.convention.ConventionService; import eu.eudat.convention.ConventionService;
import eu.eudat.data.DmpDescriptionTemplateEntity;
import eu.eudat.data.DmpEntity; import eu.eudat.data.DmpEntity;
import eu.eudat.model.*; import eu.eudat.model.*;
import eu.eudat.model.builder.descriptionpropertiesdefinition.PropertyDefinitionBuilder;
import eu.eudat.model.builder.dmpproperties.DmpPropertiesBuilder; import eu.eudat.model.builder.dmpproperties.DmpPropertiesBuilder;
import eu.eudat.query.*; import eu.eudat.query.*;
import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.commons.web.authz.service.AuthorizationService;
@ -94,7 +90,7 @@ public class DmpBuilder extends BaseBuilder<Dmp, DmpEntity> {
Set<String> authorizationFlags = this.extractAuthorizationFlags(fields, Dmp._authorizationFlags, this.authorizationContentResolver.getPermissionNames()); Set<String> authorizationFlags = this.extractAuthorizationFlags(fields, Dmp._authorizationFlags, this.authorizationContentResolver.getPermissionNames());
Map<UUID, AffiliatedResource> affiliatedResourceMap = authorizationFlags == null || authorizationFlags.isEmpty() ? null : this.authorizationContentResolver.dmpAffiliation(data.stream().map(DmpEntity::getId).collect(Collectors.toList())); Map<UUID, AffiliatedResource> affiliatedResourceMap = authorizationFlags == null || authorizationFlags.isEmpty() ? null : this.authorizationContentResolver.dmpsAffiliation(data.stream().map(DmpEntity::getId).collect(Collectors.toList()));
FieldSet propertiesFields = fields.extractPrefixed(this.asPrefix(Dmp._properties)); FieldSet propertiesFields = fields.extractPrefixed(this.asPrefix(Dmp._properties));
for (DmpEntity d : data) { for (DmpEntity d : data) {

View File

@ -38,7 +38,7 @@ public class DefinitionCensor extends BaseCensor {
if (fields == null || fields.isEmpty()) if (fields == null || fields.isEmpty())
return; return;
this.authService.authorizeForce(Permission.BrowseReference); this.authService.authorizeForce(Permission.BrowseReference, Permission.DeferredAffiliation);
FieldSet fieldsFields = fields.extractPrefixed(this.asIndexerPrefix(Definition._fields)); FieldSet fieldsFields = fields.extractPrefixed(this.asIndexerPrefix(Definition._fields));
this.censorFactory.censor(FieldCensor.class).censor(fieldsFields, userId); this.censorFactory.censor(FieldCensor.class).censor(fieldsFields, userId);
} }

View File

@ -33,7 +33,7 @@ public class FieldCensor extends BaseCensor {
if (fields == null || fields.isEmpty()) if (fields == null || fields.isEmpty())
return; return;
this.authService.authorizeForce(Permission.BrowseReference); this.authService.authorizeForce(Permission.BrowseReference, Permission.DeferredAffiliation);
} }
} }

View File

@ -3,6 +3,7 @@ package eu.eudat.service.dmp;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.AuthorizationFlags;
import eu.eudat.authorization.Permission; import eu.eudat.authorization.Permission;
import eu.eudat.authorization.authorizationcontentresolver.AuthorizationContentResolver;
import eu.eudat.commons.JsonHandlingService; import eu.eudat.commons.JsonHandlingService;
import eu.eudat.commons.XmlHandlingService; import eu.eudat.commons.XmlHandlingService;
import eu.eudat.commons.enums.*; import eu.eudat.commons.enums.*;
@ -124,30 +125,31 @@ public class DmpServiceImpl implements DmpService {
private final DmpTouchedIntegrationEventHandler dmpTouchedIntegrationEventHandler; private final DmpTouchedIntegrationEventHandler dmpTouchedIntegrationEventHandler;
private final AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler; private final AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler;
private final AuthorizationContentResolver authorizationContentResolver;
@Autowired @Autowired
public DmpServiceImpl( public DmpServiceImpl(
EntityManager entityManager, EntityManager entityManager,
AuthorizationService authorizationService, AuthorizationService authorizationService,
DeleterFactory deleterFactory, DeleterFactory deleterFactory,
BuilderFactory builderFactory, BuilderFactory builderFactory,
QueryFactory queryFactory, QueryFactory queryFactory,
ConventionService conventionService, ConventionService conventionService,
ErrorThesaurusProperties errors, ErrorThesaurusProperties errors,
MessageSource messageSource, MessageSource messageSource,
XmlHandlingService xmlHandlingService, XmlHandlingService xmlHandlingService,
JsonHandlingService jsonHandlingService, JsonHandlingService jsonHandlingService,
UserScope userScope, UserScope userScope,
EventBroker eventBroker, EventBroker eventBroker,
DescriptionService descriptionService, DescriptionService descriptionService,
NotifyIntegrationEventHandler eventHandler, NotifyIntegrationEventHandler eventHandler,
NotificationProperties notificationProperties, NotificationProperties notificationProperties,
ActionConfirmationService actionConfirmationService, ActionConfirmationService actionConfirmationService,
FileTransformerService fileTransformerService, FileTransformerService fileTransformerService,
ValidatorFactory validatorFactory, ValidatorFactory validatorFactory,
ElasticService elasticService, ElasticService elasticService,
DmpTouchedIntegrationEventHandler dmpTouchedIntegrationEventHandler, DmpTouchedIntegrationEventHandler dmpTouchedIntegrationEventHandler,
AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler) { AnnotationEntityTouchedIntegrationEventHandler annotationEntityTouchedIntegrationEventHandler, AuthorizationContentResolver authorizationContentResolver) {
this.entityManager = entityManager; this.entityManager = entityManager;
this.authorizationService = authorizationService; this.authorizationService = authorizationService;
this.deleterFactory = deleterFactory; this.deleterFactory = deleterFactory;
@ -169,10 +171,14 @@ public class DmpServiceImpl implements DmpService {
this.elasticService = elasticService; this.elasticService = elasticService;
this.dmpTouchedIntegrationEventHandler = dmpTouchedIntegrationEventHandler; this.dmpTouchedIntegrationEventHandler = dmpTouchedIntegrationEventHandler;
this.annotationEntityTouchedIntegrationEventHandler = annotationEntityTouchedIntegrationEventHandler; this.annotationEntityTouchedIntegrationEventHandler = annotationEntityTouchedIntegrationEventHandler;
this.authorizationContentResolver = authorizationContentResolver;
} }
public Dmp persist(DmpPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, JAXBException, IOException { public Dmp persist(DmpPersist model, FieldSet fields) throws MyForbiddenException, MyValidationException, MyApplicationException, MyNotFoundException, InvalidApplicationException, JAXBException, IOException {
this.authorizationService.authorizeForce(Permission.EditDmp);
Boolean isUpdate = this.conventionService.isValidGuid(model.getId());
if (isUpdate) this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(model.getId())), Permission.EditDmp);
else this.authorizationService.authorizeForce(Permission.NewDmp);
DmpEntity data = this.patchAndSave(model); DmpEntity data = this.patchAndSave(model);
@ -196,8 +202,8 @@ public class DmpServiceImpl implements DmpService {
if (!this.conventionService.isListNullOrEmpty(model.getUsers())){ if (!this.conventionService.isListNullOrEmpty(model.getUsers())){
this.inviteUsers(data.getId(), model.getUsers()); this.inviteUsers(data.getId(), model.getUsers());
}else{ }else{
this.assignUsers(data.getId(), new ArrayList<>(), null);
this.addOwner(data); this.addOwner(data);
this.assignUsers(data.getId(), new ArrayList<>(), null);
} }
this.elasticService.persistDmp(data); this.elasticService.persistDmp(data);
@ -477,7 +483,7 @@ public class DmpServiceImpl implements DmpService {
@Override @Override
public List<DmpUser> assignUsers(UUID dmpId, List<DmpUserPersist> model, FieldSet fieldSet) throws InvalidApplicationException, IOException { public List<DmpUser> assignUsers(UUID dmpId, List<DmpUserPersist> model, FieldSet fieldSet) throws InvalidApplicationException, IOException {
this.authorizationService.authorizeForce(Permission.AssignDmpUsers); this.authorizationService.authorizeAtLeastOneForce(List.of(this.authorizationContentResolver.dmpAffiliation(dmpId)), Permission.AssignDmpUsers);
DmpEntity dmpEntity = this.entityManager.find(DmpEntity.class, dmpId); DmpEntity dmpEntity = this.entityManager.find(DmpEntity.class, dmpId);
if (dmpEntity == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{dmpId, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale())); if (dmpEntity == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{dmpId, Dmp.class.getSimpleName()}, LocaleContextHolder.getLocale()));

View File

@ -377,6 +377,12 @@ permissions:
AssignDmpUsers: AssignDmpUsers:
roles: roles:
- Admin - Admin
dmp:
roles:
- Owner
- User
- DescriptionContributor
- Reviewer
claims: [ ] claims: [ ]
clients: [ ] clients: [ ]
allowAnonymous: false allowAnonymous: false

View File

@ -196,7 +196,8 @@ export class DmpEditorComponent extends BaseEditor<DmpEditorModel, Dmp> implemen
} }
buildForm() { buildForm() {
this.formGroup = this.editorModel.buildForm(null, this.isDeleted || !this.authService.hasPermission(AppPermission.EditDmp)); const canedit = this.isNew ? this.authService.hasPermission(AppPermission.NewDmp) : this.authService.hasPermission(AppPermission.EditDmp);
this.formGroup = this.editorModel.buildForm(null, this.isDeleted || !canedit);
if (this.editorModel.status == DmpStatus.Finalized || this.isDeleted) { if (this.editorModel.status == DmpStatus.Finalized || this.isDeleted) {
this.formGroup.disable(); this.formGroup.disable();

View File

@ -20,7 +20,7 @@ const routes: Routes = [
title: 'BREADCRUMBS.NEW-DMP' title: 'BREADCRUMBS.NEW-DMP'
}), }),
authContext: { authContext: {
permissions: [AppPermission.EditDmp] permissions: [AppPermission.NewDmp]
} }
} }
}, },