Commit c75a9437 authored by Andrey Lugovskiy's avatar Andrey Lugovskiy
Browse files

- added acl

- removed unnecessary classes(RepositryCustom)
- updatet version for 'application.blocks.version'
- added annotations @Cacheable and @Table to Dataset, Partner, Descriptor and DescriptorList.
- updated ApplicationConfig for scan 'org.genesys.blocks.security.component'
- added check permissions(@PreAuthorize annotation) for DatasetController, DescriptorController and PartnerController. //TODO clarify permissions
- added PermissionsController
- updated liquibase for all changes(including application-blocks 1.3)
 - added deleted service for dataset, partner and descriptor.
 - added test for delete
 - added correct check permissions for dataset, partner and descriptor
 - fix test for permissions
parent 1ebfd31c
......@@ -119,12 +119,19 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-jpa</artifactId>
......@@ -161,6 +168,32 @@
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>${spring.security.version}</version>
<exclusions>
<exclusion>
<artifactId>spring-tx</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
</exclusions>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.github.ben-manes.caffeine</groupId>
<artifactId>caffeine</artifactId>
<version>2.3.3</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>${spring.security.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
......@@ -320,6 +353,5 @@
</exclusions>
</dependency>
</dependencies>
</dependencies>
</project>
......@@ -19,6 +19,7 @@ import java.util.Date;
import java.util.List;
import java.util.Set;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
......@@ -31,12 +32,14 @@ import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
import javax.persistence.OneToMany;
import javax.persistence.OrderColumn;
import javax.persistence.Table;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonView;
import org.genesys.blocks.model.JsonViews;
import org.genesys.blocks.model.Publishable;
import org.genesys.blocks.model.UuidEntity;
import org.genesys.blocks.security.model.AclAwareModel;
import org.genesys.catalog.annotations.PublishValidation;
import org.genesys.catalog.service.PublishValidationInterface;
import org.genesys.catalog.model.traits.Descriptor;
......@@ -52,7 +55,9 @@ import org.springframework.data.annotation.CreatedDate;
* @author Maxim Borodenko
*/
@Entity
public class Dataset extends UuidEntity implements Publishable, PublishValidationInterface {
@Cacheable
@Table(name = "dataset")
public class Dataset extends UuidEntity implements Publishable, PublishValidationInterface, AclAwareModel {
private static final long serialVersionUID = -4601980446454791177L;
......
......@@ -49,7 +49,7 @@ public class DatasetCreator extends UuidEntity implements PublishValidationInter
private String instituteAddress;
@Enumerated(EnumType.STRING)
@Column(nullable = false)
@PublishValidation
private DatasetCreatorRole role;
@ManyToOne(cascade = { CascadeType.REFRESH, CascadeType.MERGE, CascadeType.PERSIST, CascadeType.DETACH}, optional = false, fetch = FetchType.EAGER)
......
......@@ -17,6 +17,7 @@ package org.genesys.catalog.model.traits;
import java.util.List;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
......@@ -27,14 +28,17 @@ import javax.persistence.JoinColumn;
import javax.persistence.Lob;
import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
import com.fasterxml.jackson.annotation.JsonIdentityInfo;
import com.fasterxml.jackson.annotation.JsonIdentityReference;
import com.fasterxml.jackson.annotation.ObjectIdGenerators;
import org.genesys.blocks.model.Copyable;
import com.fasterxml.jackson.annotation.JsonIgnore;
import org.genesys.blocks.model.Publishable;
import org.genesys.blocks.model.UuidEntity;
import org.genesys.blocks.security.model.AclAwareModel;
import org.genesys.catalog.model.vocab.ControlledVocabulary;
import org.genesys.common.model.Partner;
import org.springframework.dao.DataIntegrityViolationException;
......@@ -45,8 +49,10 @@ import org.springframework.dao.DataIntegrityViolationException;
* @author Matija Obreza
*/
@Entity
@Cacheable
@Table(name = "descriptor")
@JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "uuid")
public class Descriptor extends UuidEntity implements Publishable, Copyable<Descriptor> {
public class Descriptor extends UuidEntity implements Publishable, Copyable<Descriptor>, AclAwareModel {
private static final long serialVersionUID = 7307818236681549484L;
public static enum DataType {
......@@ -114,6 +120,7 @@ public class Descriptor extends UuidEntity implements Publishable, Copyable<Desc
@JsonIdentityReference(alwaysAsId = false)
@ManyToMany(fetch = FetchType.LAZY, mappedBy = "descriptors", cascade = { CascadeType.REFRESH })
@JsonIgnore
private List<DescriptorList> descriptorLists;
public Descriptor() {
......@@ -247,7 +254,7 @@ public class Descriptor extends UuidEntity implements Publishable, Copyable<Desc
* <li>{@link DataType#CODED} - coded descriptors require a related vocabulary</li>
* <li>{@link DataType#SCALE} - minValue, maxValue are required, vocabulary with "scale labels" is optional</li>
* </ul>
*
*
* @param dataType the dataType to set
*/
public void setDataType(DataType dataType) {
......@@ -336,7 +343,7 @@ public class Descriptor extends UuidEntity implements Publishable, Copyable<Desc
public Descriptor copy() {
return null;
}
@Override
public Descriptor apply(Descriptor source) {
Copyable.super.apply(source);
......@@ -383,7 +390,7 @@ public class Descriptor extends UuidEntity implements Publishable, Copyable<Desc
default:
break;
}
return this;
}
}
......@@ -17,6 +17,7 @@ package org.genesys.catalog.model.traits;
import java.util.List;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
......@@ -34,6 +35,7 @@ import com.fasterxml.jackson.annotation.ObjectIdGenerators;
import org.genesys.blocks.model.Publishable;
import org.genesys.blocks.model.UuidEntity;
import org.genesys.blocks.security.model.AclAwareModel;
import org.genesys.common.model.Partner;
/**
......@@ -41,8 +43,9 @@ import org.genesys.common.model.Partner;
*/
@Entity
@Table(name = "descriptorlist")
@Cacheable
@JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "uuid")
public class DescriptorList extends UuidEntity implements Publishable {
public class DescriptorList extends UuidEntity implements Publishable, AclAwareModel {
private static final long serialVersionUID = 4873500390485739013L;
/**
......
package org.genesys.catalog.persistence.dataset;
import org.genesys.catalog.model.dataset.Dataset;
import org.genesys.catalog.service.filters.DatasetFilter;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
/**
* @author Andrey Lugovskoy.
*/
public interface DatasetRepositoryCustom {
/**
* List of dataset matching the filter
*
* @param filter filter data
* @param page Pageable
* @return list of Dataset
*/
Page<Dataset> listDatasets(DatasetFilter filter, Pageable page);
}
package org.genesys.catalog.persistence.dataset;
import org.genesys.catalog.model.dataset.Dataset;
import org.genesys.catalog.service.filters.DatasetFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
/**
* @author Andrey Lugovskoy.
*/
public class DatasetRepositoryCustomImpl implements DatasetRepositoryCustom {
@Autowired
private DatasetRepository datasetRepository;
/**
* {@inheritDoc}
*/
@Override
public Page<Dataset> listDatasets(DatasetFilter filter, Pageable page) {
return datasetRepository.findAll(filter.buildQuery(), page);
}
}
......@@ -28,6 +28,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
......@@ -45,6 +46,7 @@ public interface DatasetService {
* @param input new Dataset
* @return saved Dataset in db.
*/
@PreAuthorize("isAuthenticated()")
Dataset createDataset(Dataset input);
/**
......@@ -53,6 +55,7 @@ public interface DatasetService {
* @param input new Dataset
* @return updated Dataset in db.
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Dataset updateDataset(Dataset input);
/**
......@@ -62,6 +65,7 @@ public interface DatasetService {
* @param accessionIdentifiers new accessionIdentifiers
* @return updated Dataset in db.
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Dataset updateAccessionIdentifiers(Dataset input, Set<String> accessionIdentifiers);
/**
......@@ -71,6 +75,7 @@ public interface DatasetService {
* @param descriptor new Descriptor
* @return updated Dataset in db.
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Dataset addDescriptor(Dataset input, Descriptor descriptor);
/**
......@@ -80,6 +85,7 @@ public interface DatasetService {
* @param descriptor preserved Descriptor
* @return updated Dataset in db.
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Dataset removeDescriptor(Dataset input, Descriptor descriptor);
/**
......@@ -89,6 +95,7 @@ public interface DatasetService {
* @param descriptors ordered descriptor list
* @return updated dataset
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Dataset updateDescriptors(Dataset input, List<Descriptor> descriptors);
/**
......@@ -158,6 +165,7 @@ public interface DatasetService {
* @throws InvalidRepositoryPathException InvalidRepositoryPathException
* @throws InvalidRepositoryFileDataException InvalidRepositoryFileDataException
*/
@PreAuthorize("isAuthenticated()")
Dataset addFileToDataset(UUID datasetUuid, MultipartFile file) throws NotFoundElement, IOException, InvalidRepositoryPathException, InvalidRepositoryFileDataException;
/**
......@@ -168,6 +176,7 @@ public interface DatasetService {
* @throws NoSuchRepositoryFileException NoSuchRepositoryFileException
* @throws IOException IOException
*/
@PreAuthorize("isAuthenticated()")
Dataset removeFileOfDataset(UUID datasetUuid, UUID fileUuid) throws NotFoundElement, NoSuchRepositoryFileException, IOException;
/**
......@@ -185,4 +194,13 @@ public interface DatasetService {
* @return loaded dataset
*/
Dataset fetchLazyCollections(Dataset dataset);
/**
* Remove dataset
*
* @param dataset dataset
* @return removed dataset
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#dataset, 'delete')")
Dataset removeDataset(Dataset dataset);
}
......@@ -22,9 +22,11 @@ import org.genesys.catalog.model.traits.Descriptor;
import org.genesys.catalog.service.filters.DescriptorFilter;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PreAuthorize;
public interface DescriptorService {
@PreAuthorize("hasRole('ADMINISTRATOR')")
Descriptor createDescriptor(Descriptor input);
/**
......@@ -32,6 +34,7 @@ public interface DescriptorService {
* @param input updatable descriptor
* @return updated descriptor
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'WRITE')")
Descriptor updateDescriptor(Descriptor input);
/**
......@@ -65,6 +68,7 @@ public interface DescriptorService {
* @param source new values
* @return updated descriptor
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#source, 'WRITE')")
Descriptor updateDescriptor(UUID uuid, int version, Descriptor source);
/**
......@@ -81,6 +85,13 @@ public interface DescriptorService {
*/
Page<Descriptor> listDescriptorLists(DescriptorFilter descriptorFilter, Pageable page);
/**
* Method for delete Descriptor
* @param descriptor descriptor
* @return removed Descriptor
*/
Descriptor removeDescriptor(Descriptor descriptor);
/**
* Insert or update all Descriptor records
* @param source
......
......@@ -19,6 +19,7 @@ import org.genesys.catalog.service.filters.PartnerFilter;
import org.genesys.common.model.Partner;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PreAuthorize;
import java.util.UUID;
......@@ -36,6 +37,7 @@ public interface PartnerService {
* @param input new Partner
* @return saved partner in db.
*/
@PreAuthorize("hasRole('ADMINISTRATOR')")
Partner createPartner(Partner input);
/**
......@@ -44,6 +46,7 @@ public interface PartnerService {
* @param input partner with new data
* @return updated partner
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'write')")
Partner updatePartner(Partner input);
/**
......@@ -54,6 +57,7 @@ public interface PartnerService {
* @param source new values
* @return updated partner
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#source, 'write')")
Partner updatePartner(UUID uuid, int version, Partner source);
/**
......@@ -96,4 +100,12 @@ public interface PartnerService {
* @param source source partner
*/
void copyValues(Partner target, Partner source);
/**
* Method for remove partner
* @param partner partner
* @return removed partner
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#partner, 'delete')")
Partner removePartner(Partner partner);
}
......@@ -15,11 +15,15 @@
*/
package org.genesys.catalog.service;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys.catalog.model.user.User;
import org.genesys.catalog.model.user.UserRole;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.userdetails.UserDetailsService;
import java.util.List;
public interface UserService extends UserDetailsService {
/**
......@@ -82,8 +86,38 @@ public interface UserService extends UserDetailsService {
*
* @param user user to delete
*/
@PreAuthorize("hasRole('ADMINISTRATOR')")
void deleteUser(User user);
/**
* Method for set AccountType for user
*
* @param user user
* @param accountType accountType
* @return updated user
*/
User setAccountType(User user, BasicUser.AccountType accountType);
/**
* Autocomplete User by email
* @param email email of user
* @return List of users
*/
List<User> autocompleteUser(String email);
/**
* Method for remove user by userId
* @param userId user id
* @throws UserException
*/
@PreAuthorize("hasRole('ADMINISTRATOR')")
void removeUserById(long userId) throws UserException;
/**
* Get current user
* @return current user
*/
@PreAuthorize("isAuthenticated()")
User getMe();
}
......@@ -296,12 +296,18 @@ public class DatasetServiceImpl implements DatasetService {
return fetchLazyCollections(datasetRepository.save(dataset));
}
/**
* {@inheritDoc}
*/
@Override
public List<RepositoryFile> loadListByDataset(UUID datasetUuid) throws NotFoundElement {
Dataset dataset = loadDataset(datasetUuid);
return dataset.getRepositoryFiles();
}
/**
* {@inheritDoc}
*/
@Transactional
@Override
public Dataset fetchLazyCollections(Dataset dataset) {
......@@ -314,6 +320,17 @@ public class DatasetServiceImpl implements DatasetService {
return dataset;
}
/**
* {@inheritDoc}
*/
@Transactional
@Override
public Dataset removeDataset(Dataset dataset) {
Dataset loadedDataset = loadDataset(dataset);
datasetRepository.delete(loadedDataset);
return loadedDataset;
}
private void copyValues(Dataset target, final Dataset source) {
target.setTitle(source.getTitle());
target.setPublished(source.isPublished());
......
......@@ -20,6 +20,7 @@ import java.util.List;
import java.util.UUID;
import org.genesys.catalog.model.traits.Descriptor;
import org.genesys.catalog.model.traits.Descriptor.DataType;
import org.genesys.catalog.persistence.traits.DescriptorRepository;
import org.genesys.catalog.service.DescriptorService;
import org.genesys.catalog.service.filters.DescriptorFilter;
......@@ -147,9 +148,20 @@ public class DescriptorServiceImpl implements DescriptorService {
return descriptorRepository.findAll(descriptorFilter.buildQuery(), page);
}
/**
* {@inheritDoc}
*/
@Transactional
@Override
public Descriptor removeDescriptor(Descriptor descriptor) {
Descriptor loadedDescriptor = reloadDescriptor(descriptor);
descriptorRepository.delete(loadedDescriptor);
return loadedDescriptor;
}
/**
* Lazy load for objects in descriptor
*
*
* @param descriptor descriptor
* @return descriptor with loaded inner objects
*/
......
......@@ -18,6 +18,7 @@ package org.genesys.catalog.service.impl;
import java.util.HashSet;
import java.util.UUID;
import org.genesys.blocks.security.service.CustomAclService;
import org.genesys.catalog.service.PartnerService;
import org.genesys.catalog.service.filters.PartnerFilter;
import org.genesys.common.model.Partner;
......@@ -29,6 +30,8 @@ import org.springframework.dao.ConcurrencyFailureException;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
......@@ -44,11 +47,15 @@ public class PartnerServiceImpl implements PartnerService {
@Autowired
private PartnerRepository partnerRepository;
@Autowired
private CustomAclService aclService;
/**
* {@inheritDoc}
*/
@Transactional
@Override
@PreAuthorize("hasRole('ADMINISTRATOR')")
public Partner createPartner(Partner input) {
LOG.debug("Creating partner: {} - {}", input.getShortName(), input.getName());
Partner partner = new Partner();
......@@ -147,6 +154,17 @@ public class PartnerServiceImpl implements PartnerService {
target.getWiewsCodes().addAll(source.getWiewsCodes());
}
/**
* {@inheritDoc}
*/
@Transactional
@Override
public Partner removePartner(Partner partner) {
Partner loadedPartner = loadPartner(partner);
partnerRepository.delete(loadedPartner);
return loadedPartner;
}
protected Partner lazyLoad(Partner partner) {
if (partner != null) {
partner.getUrls().size();
......