package eu.eudat.query; import eu.eudat.authorization.AuthorizationFlags; import eu.eudat.authorization.Permission; import eu.eudat.commons.enums.IsActive; import eu.eudat.commons.scope.user.UserScope; import eu.eudat.data.*; import eu.eudat.model.Language; import eu.eudat.model.User; import eu.eudat.model.PublicUser; import eu.eudat.query.utils.BuildSubQueryInput; import eu.eudat.query.utils.QueryUtilsService; import gr.cite.commons.web.authz.service.AuthorizationService; import gr.cite.tools.data.query.FieldResolver; import gr.cite.tools.data.query.QueryBase; import gr.cite.tools.data.query.QueryContext; import gr.cite.tools.exception.MyNotFoundException; import jakarta.persistence.Tuple; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.Predicate; import jakarta.persistence.criteria.Subquery; import org.springframework.beans.factory.config.ConfigurableBeanFactory; import org.springframework.context.annotation.Scope; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.stereotype.Component; import java.time.Instant; import java.util.*; @Component @Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE) public class UserQuery extends QueryBase { private String like; private Boolean dmpAssociated; private Collection ids; private Collection emails; private Collection excludedIds; private Collection isActives; private UserRoleQuery userRoleQuery; private EnumSet authorize = EnumSet.of(AuthorizationFlags.None); private final UserScope userScope; private final AuthorizationService authService; private final QueryUtilsService queryUtilsService; public UserQuery(UserScope userScope, AuthorizationService authService, QueryUtilsService queryUtilsService) { this.userScope = userScope; this.authService = authService; this.queryUtilsService = queryUtilsService; } public UserQuery like(String value) { this.like = value; return this; } public UserQuery ids(UUID value) { this.ids = List.of(value); return this; } public UserQuery ids(UUID... value) { this.ids = Arrays.asList(value); return this; } public UserQuery ids(Collection values) { this.ids = values; return this; } public UserQuery emails(String value) { this.emails = List.of(value); return this; } public UserQuery emails(String... value) { this.emails = Arrays.asList(value); return this; } public UserQuery emails(Collection values) { this.emails = values; return this; } public UserQuery excludedIds(Collection values) { this.excludedIds = values; return this; } public UserQuery excludedIds(UUID value) { this.excludedIds = List.of(value); return this; } public UserQuery excludedIds(UUID... value) { this.excludedIds = Arrays.asList(value); return this; } public UserQuery isActive(IsActive value) { this.isActives = List.of(value); return this; } public UserQuery isActive(IsActive... value) { this.isActives = Arrays.asList(value); return this; } public UserQuery isActive(Collection values) { this.isActives = values; return this; } public UserQuery userRoleSubQuery(UserRoleQuery userRoleSubQuery) { this.userRoleQuery = userRoleSubQuery; return this; } public UserQuery dmpAssociated(Boolean dmpAssociated) { this.dmpAssociated = dmpAssociated; return this; } public UserQuery authorize(EnumSet values) { this.authorize = values; return this; } @Override protected Boolean isFalseQuery() { return this.isEmpty(this.ids) || this.isEmpty(this.isActives) || this.isEmpty(this.emails) || this.isEmpty(this.excludedIds) || this.isFalseQuery(this.userRoleQuery); } @Override protected Class entityClass() { return UserEntity.class; } @Override protected Predicate applyAuthZ(QueryContext queryContext) { if (this.authorize.contains(AuthorizationFlags.None)) return null; if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseUser)) return null; UUID userId; if (this.authorize.contains(AuthorizationFlags.Owner)) userId = this.userScope.getUserIdSafe(); if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe(); else userId = null; List predicates = new ArrayList<>(); boolean usePublic = this.authorize.contains(AuthorizationFlags.Public); if (userId != null || usePublic) { UUID finalUserId = userId; predicates.add(queryContext.CriteriaBuilder.or( userId != null ? queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(userId) : queryContext.CriteriaBuilder.or(), //Creates a false query queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(queryUtilsService.buildSubQuery(new BuildSubQueryInput<>(new BuildSubQueryInput.Builder<>(DmpUserEntity.class, UUID.class) .query(queryContext.Query) .criteriaBuilder(queryContext.CriteriaBuilder) .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpUserEntity._userId)) .filterFunc((subQueryRoot, cb) -> cb.in(subQueryRoot.get(DmpUserEntity._dmpId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, finalUserId, usePublic)) ) ))) )); } if (!predicates.isEmpty()) { Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); return queryContext.CriteriaBuilder.and(predicatesArray); } else { return queryContext.CriteriaBuilder.or(); //Creates a false query } } @Override protected Predicate applyFilters(QueryContext queryContext) { List predicates = new ArrayList<>(); if (this.like != null && !this.like.isEmpty()) { predicates.add(queryContext.CriteriaBuilder.like(queryContext.Root.get(UserEntity._name), this.like)); } if (this.ids != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)); for (UUID item : this.ids) inClause.value(item); predicates.add(inClause); } if (this.excludedIds != null) { CriteriaBuilder.In notInClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)); for (UUID item : this.excludedIds) notInClause.value(item); predicates.add(notInClause.not()); } if (this.isActives != null) { CriteriaBuilder.In inClause = queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._isActive)); for (IsActive item : this.isActives) inClause.value(item); predicates.add(inClause); } if (this.emails != null) { Subquery userContactInfoSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( new BuildSubQueryInput.Builder<>(UserContactInfoQuery.class, UUID.class, queryContext) .keyPathFunc((subQueryRoot) -> subQueryRoot.get(UserContactInfoEntity._id)) .filterFunc((subQueryRoot, cb) -> { CriteriaBuilder.In inClause = cb.in(subQueryRoot.get(UserContactInfoEntity._value)); for (String item : this.emails) inClause.value(item); return inClause; } ) )); predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(userContactInfoSubquery)); } if (this.userRoleQuery != null) { QueryContext subQuery = this.applySubQuery(this.userRoleQuery, queryContext, UUID.class, userRoleEntityRoot -> userRoleEntityRoot.get(UserRoleEntity._userId)); predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(subQuery.Query)); } if (this.dmpAssociated != null){ UUID userId; if (this.userScope.isSet()) userId = this.userScope.getUserIdSafe(); else throw new MyNotFoundException("Only user scoped allowed"); Subquery dmpUserDmpQuery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( new BuildSubQueryInput.Builder<>(DmpUserEntity.class, UUID.class, queryContext) .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpUserEntity._dmpId)) .filterFunc((subQueryRoot, cb) -> cb.and( cb.equal(subQueryRoot.get(DmpUserEntity._userId), userId), cb.equal(subQueryRoot.get(DmpUserEntity._isActive), IsActive.Active) )) )); Subquery dmpUserUserQuery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>( new BuildSubQueryInput.Builder<>(DmpUserEntity.class, UUID.class, queryContext) .keyPathFunc((subQueryRoot) -> subQueryRoot.get(DmpUserEntity._userId)) .filterFunc((subQueryRoot, cb) -> cb.and( cb.in(subQueryRoot.get(DmpUserEntity._dmpId)).value(dmpUserDmpQuery) , cb.equal(subQueryRoot.get(DmpUserEntity._isActive), IsActive.Active) )) )); predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(UserEntity._id)).value(dmpUserUserQuery)); } if (!predicates.isEmpty()) { Predicate[] predicatesArray = predicates.toArray(new Predicate[0]); return queryContext.CriteriaBuilder.and(predicatesArray); } else { return null; } } @Override protected String fieldNameOf(FieldResolver item) { if (item.match(User._id) || item.match(PublicUser._id)) return UserEntity._id; else if (item.match(User._name) || item.match(PublicUser._name)) return UserEntity._name; else if (item.prefix(User._additionalInfo)) return UserEntity._additionalInfo; else if (item.match(User._additionalInfo)) return UserEntity._additionalInfo; else if (item.match(User._createdAt) ) return UserEntity._createdAt; else if (item.match(User._updatedAt)) return UserEntity._updatedAt; else if (item.match(User._hash)) return UserEntity._updatedAt; else if (item.match(User._isActive)) return UserEntity._isActive; else return null; } @Override protected UserEntity convert(Tuple tuple, Set columns) { UserEntity item = new UserEntity(); item.setId(QueryBase.convertSafe(tuple, columns, UserEntity._id, UUID.class)); item.setName(QueryBase.convertSafe(tuple, columns, UserEntity._name, String.class)); item.setAdditionalInfo(QueryBase.convertSafe(tuple, columns, UserEntity._additionalInfo, String.class)); item.setCreatedAt(QueryBase.convertSafe(tuple, columns, UserEntity._createdAt, Instant.class)); item.setUpdatedAt(QueryBase.convertSafe(tuple, columns, UserEntity._updatedAt, Instant.class)); item.setIsActive(QueryBase.convertSafe(tuple, columns, UserEntity._isActive, IsActive.class)); return item; } }