package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.DmpUserRole; import eu.eudat.commons.enums.IsActive; import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.*; import eu.eudat.model.DmpUser; import eu.eudat.model.PublicDmpUser; import eu.eudat.query.utils.BuildSubQueryInput; import eu.eudat.query.utils.QueryUtilsService; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; import java.time.Instant; import java.util.*; @Component @Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE) public class DmpUserQuery extends QueryBase { private Collection ids; private Collection isActives; private Collection dmpIds; private Collection descriptionIds; private Collection userIds; private Collection userRoles; private Collection sectionIds; private Boolean sectionIsEmpty; private EnumSet authorize = EnumSet.of(AuthorizationFlags.None); public DmpUserQuery ids(UUID value) { this.ids = List.of(value); return this; } public DmpUserQuery ids(UUID... value) { this.ids = Arrays.asList(value); return this; } public DmpUserQuery ids(Collection values) { this.ids = values; return this; } public DmpUserQuery isActives(IsActive value) { this.isActives = List.of(value); return this; } public DmpUserQuery isActives(IsActive... value) { this.isActives = Arrays.asList(value); return this; } public DmpUserQuery isActives(Collection values) { this.isActives = values; return this; } public DmpUserQuery dmpIds(UUID value) { this.dmpIds = List.of(value); return this; } public DmpUserQuery dmpIds(UUID... value) { this.dmpIds = Arrays.asList(value); return this; } public DmpUserQuery dmpIds(Collection values) { this.dmpIds = values; return this; } public DmpUserQuery descriptionIds(UUID value) { this.descriptionIds = List.of(value); return this; } public DmpUserQuery descriptionIds(UUID... value) { this.descriptionIds = Arrays.asList(value); return this; } public DmpUserQuery descriptionIds(Collection values) { this.descriptionIds = values; return this; } public DmpUserQuery userRoles(DmpUserRole value) { this.userRoles = List.of(value); return this; } public DmpUserQuery userRoles(DmpUserRole... value) { this.userRoles = Arrays.asList(value); return this; } public DmpUserQuery userRoles(Collection values) { this.userRoles = values; return this; } public DmpUserQuery userIds(UUID value) { this.userIds = List.of(value); return this; } public DmpUserQuery userIds(UUID... value) { this.userIds = Arrays.asList(value); return this; } public DmpUserQuery userIds(Collection values) { this.userIds = values; return this; } public DmpUserQuery sectionIds(UUID value) { this.sectionIds = List.of(value); return this; } public DmpUserQuery sectionIds(UUID... value) { this.sectionIds = Arrays.asList(value); return this; } public DmpUserQuery sectionIds(Collection values) { this.sectionIds = values; return this; } public DmpUserQuery sectionIsEmpty(Boolean sectionIsEmpty) { this.sectionIsEmpty = sectionIsEmpty; return this; } public DmpUserQuery authorize(EnumSet values) { this.authorize = values; return this; } private final UserScope userScope; private final AuthorizationService authService; private final QueryUtilsService queryUtilsService; public DmpUserQuery( UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { this.userScope = userScope; this.authService = authService; this.queryUtilsService = queryUtilsService; } @Override protected Class entityClass() { return DmpUserEntity.class; } @Override protected Boolean isFalseQuery() { return this.isEmpty(this.ids) || this.isEmpty(this.dmpIds) || this.isEmpty(this.descriptionIds) || this.isEmpty(this.userIds); } @Override protected Predicate applyAuthZ(QueryContext queryContext) { if (this.authorize.contains(AuthorizationFlags.None)) return null; if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmp)) return null; UUID userId = null; boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); List predicates = new ArrayList<>(); if (userId != null || usePublic ) { predicates.add(queryContext.CriteriaBuilder.or( usePublic ? queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmpId)).value(queryUtilsService.buildPublicDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, usePublic)) : queryContext.CriteriaBuilder.or(), //Creates a false query userId != null ? queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmpId)).value(queryUtilsService.buildDmpUserAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId)) : queryContext.CriteriaBuilder.or() //Creates a false query )); } if (!predicates.isEmpty()) { Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); return queryContext.CriteriaBuilder.and(predicatesArray); } else { return queryContext.CriteriaBuilder.or(); //Creates a false query } } @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); if (this.ids != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._id)); for (UUID item : this.ids) inClause.value(item); predicates.add(inClause); } if (this.isActives != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._isActive)); for (IsActive item : this.isActives) inClause.value(item); predicates.add(inClause); } if (this.dmpIds != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmpId)); for (UUID item : this.dmpIds) inClause.value(item); predicates.add(inClause); } if (this.sectionIsEmpty != null){ if(this.sectionIsEmpty) predicates.add(queryContext.CriteriaBuilder.isNull(queryContext.Root.get(DmpUserEntity._sectionId))); else predicates.add(queryContext.CriteriaBuilder.isNotNull(queryContext.Root.get(DmpUserEntity._sectionId))); } if (this.descriptionIds != null) { Subquery descriptionSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( new BuildSubQueryInput.Builder<>(DescriptionEntity.class, UUID.class, queryContext) .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DescriptionEntity._dmpId)) .filterFunc((subQueryRoot, cb) -> { CriteriaBuilder.In inClause = cb.in(subQueryRoot.get(DmpUserEntity._id)); for (UUID item : this.descriptionIds) inClause.value(item); return inClause; }) )); predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._dmpId)).value(descriptionSubquery)); } if (this.userIds != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._userId)); for (UUID item : this.userIds) inClause.value(item); predicates.add(inClause); } if (this.sectionIds != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._sectionId)); for (UUID item : this.sectionIds) inClause.value(item); predicates.add(inClause); } if (this.userRoles != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(DmpUserEntity._role)); for (DmpUserRole item : this.userRoles) inClause.value(item); predicates.add(inClause); } if (!predicates.isEmpty()) { Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); return queryContext.CriteriaBuilder.and(predicatesArray); } else { return null; } } @Override protected DmpUserEntity convert(Tuple tuple, Set columns) { DmpUserEntity item = new DmpUserEntity(); item.setId(QueryBase.convertSafe(tuple, columns, DmpUserEntity._id, UUID.class)); item.setDmpId(QueryBase.convertSafe(tuple, columns, DmpUserEntity._dmpId, UUID.class)); item.setUserId(QueryBase.convertSafe(tuple, columns, DmpUserEntity._userId, UUID.class)); item.setSectionId(QueryBase.convertSafe(tuple, columns, DmpUserEntity._sectionId, UUID.class)); item.setRole(QueryBase.convertSafe(tuple, columns, DmpUserEntity._role, DmpUserRole.class)); item.setCreatedAt(QueryBase.convertSafe(tuple, columns, DmpUserEntity._createdAt, Instant.class)); item.setUpdatedAt(QueryBase.convertSafe(tuple, columns, DmpUserEntity._updatedAt, Instant.class)); item.setIsActive(QueryBase.convertSafe(tuple, columns, DmpUserEntity._isActive, IsActive.class)); return item; } @Override protected String fieldNameOf(FieldResolver item) { if (item.match(DmpUser._id) || item.match(PublicDmpUser._id)) return DmpUserEntity._id; else if (item.prefix(DmpUser._dmp) || item.prefix(PublicDmpUser._dmp)) return DmpUserEntity._dmpId; else if (item.prefix(DmpUser._user) || item.prefix(PublicDmpUser._user)) return DmpUserEntity._userId; else if (item.match(DmpUser._role) || item.match(PublicDmpUser._role)) return DmpUserEntity._role; else if (item.match(DmpUser._sectionId)) return DmpUserEntity._sectionId; else if (item.match(DmpUser._createdAt)) return DmpUserEntity._createdAt; else if (item.match(DmpUser._updatedAt)) return DmpUserEntity._updatedAt; else if (item.match(DmpUser._isActive)) return DmpUserEntity._isActive; else if (item.match(DmpUser._hash)) return DmpUserEntity._updatedAt; else if (item.match(DmpUser._dmp)) return DmpUserEntity._dmpId; else if (item.match(DmpUser._user)) return DmpUserEntity._userId; else return null; } }