Commit 7902bccc authored by Matija Obreza's avatar Matija Obreza

Merge branch 'descriptors-not-accessible' into 'master'

Descriptors not accessible

See merge request genesys-pgr/genesys-server!286
parents 2f32b0d4 ba400709
......@@ -95,6 +95,16 @@ public interface DescriptorService {
*/
Page<Descriptor> listDescriptorsForCurrentUser(DescriptorFilter filter, Pageable page);
/**
* List descriptors accessible to the user (both published by others and owned descriptors).
*
* @param filter the filter
* @param page the page
* @return the page
*/
Page<Descriptor> listAccessibleDescriptors(DescriptorFilter filter, Pageable page);
/**
* List published descriptors.
*
......@@ -180,4 +190,5 @@ public interface DescriptorService {
* @return the number of published descriptors
*/
long countDescriptors(DescriptorFilter filter);
}
......@@ -236,6 +236,19 @@ public class DescriptorServiceImpl implements DescriptorService {
return new PageImpl<>(res.getContent(), page, res.getTotalElements());
}
}
@Override
@PreAuthorize("isAuthenticated()")
public Page<Descriptor> listAccessibleDescriptors(DescriptorFilter descriptorFilter, Pageable page) {
if (securityUtils.hasRole(UserRole.ADMINISTRATOR)) {
return listDescriptorsForCurrentUser(descriptorFilter, page);
} else {
final HashSet<Long> partners = new HashSet<>(securityUtils.listObjectIdentityIdsForCurrentUser(Partner.class, BasePermission.WRITE));
Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title");
Page<Descriptor> res = descriptorRepository.findAll(QDescriptor.descriptor.state.in(PublishState.PUBLISHED).or(descriptor.owner.id.in(partners)).and(descriptorFilter.buildQuery()), markdownSortPageRequest);
return new PageImpl<>(res.getContent(), page, res.getTotalElements());
}
}
/**
* {@inheritDoc}
......
......@@ -245,6 +245,28 @@ public class DescriptorController extends ApiBaseController {
return new FilteredPage<>(filterInfo.filterCode, filterInfo.filter, descriptorService.listDescriptors(filterInfo.filter, page.toPageRequest(100, Sort.Direction.ASC, "id")));
}
/**
* List descriptors accessible to user
*
* @param page the page
* @param filter the descriptor filter
* @return the page
* @throws IOException
*/
@PostMapping(value = "/list-accessible")
public FilteredPage<Descriptor> listAccessibleDescriptors(@RequestParam(name = "f", required = false) String filterCode, final Pagination page,
@RequestBody(required = false) DescriptorFilter filter) throws IOException {
if (filterCode != null) {
filter = shortFilterService.filterByCode(filterCode, DescriptorFilter.class);
} else {
filterCode = shortFilterService.getCode(filter);
}
FilterInfo<DescriptorFilter> filterInfo = shortFilterService.processFilter(filterCode, filter, DescriptorFilter.class);
return new FilteredPage<>(filterInfo.filterCode, filterInfo.filter, descriptorService.listAccessibleDescriptors(filterInfo.filter, page.toPageRequest(100, Sort.Direction.ASC, "id")));
}
/**
* My descriptors.
*
......
......@@ -120,7 +120,7 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
user.setAccountType(accountType);
user.getRoles().add(UserRole.USER);
super.setPassword(user, password);
return userRepository.save(user);
return deepLoad(userRepository.save(user));
}
@Transactional
......@@ -279,23 +279,13 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
@Override
public User getUserByEmail(String email) {
final User user = userRepository.findByEmail(email);
if (user != null) {
user.getRoles().size();
}
return user;
return deepLoad(user);
}
@Override
public User getUserByUuid(String uuid) {
final User user = userRepository.findByUuid(uuid);
if (user != null) {
user.getRoles().size();
}
return user;
return deepLoad(user);
}
@Override
......
......@@ -67,6 +67,7 @@ public class UserServiceTest extends AbstractServicesTest {
user = userService.createUser(email, fullName, initialPassword, AccountType.LOCAL);
assertEquals(user.getAccountType(), AccountType.LOCAL);
assertThat(user.getRoles(), containsInAnyOrder(UserRole.USER, UserRole.EVERYONE));
assertThat(passwordEncoder.matches(initialPassword, user.getPassword()), is(true));
}
......@@ -230,7 +231,7 @@ public class UserServiceTest extends AbstractServicesTest {
@Test
public void updateRolesTest() throws PasswordPolicyException {
assertThat(userService.getUserByEmail(email).getRoles(), hasSize(1));
assertThat(userService.getUserByEmail(email).getRoles(), hasSize(2));
Set<UserRole> selectedRoles = Sets.newHashSet(UserRole.ADMINISTRATOR);
userService.setRoles(user, selectedRoles);
assertThat(userService.getUserByEmail(email).getRoles(), hasSize(3));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment