Commit 2e517208 authored by Sonia Zorba's avatar Sonia Zorba
Browse files

Added creation time and creator user to groups, memberships and permissions entities

parent 62a3e718
......@@ -9,7 +9,7 @@ import it.inaf.ia2.gms.service.GroupsService;
import org.springframework.stereotype.Service;
@Service
public class GroupsManager {
public class GroupsManager extends UserAwareComponent {
private final GroupsService groupsService;
private final PermissionsManager permissionsManager;
......@@ -45,7 +45,7 @@ public class GroupsManager {
verifyUserCanManageGroup(parent);
return groupsService.addGroup(parent, childGroupName, leaf);
return groupsService.addGroup(parent, childGroupName, leaf, getCurrentUserId());
}
public GroupEntity updateGroup(String groupId, String newGroupName, boolean leaf) {
......
......@@ -153,9 +153,10 @@ public class InvitedRegistrationManager extends UserAwareComponent {
MembershipEntity membershipEntity = new MembershipEntity();
membershipEntity.setUserId(userId);
membershipEntity.setGroupId(groupId);
membershipEntity.setCreatedBy(getCurrentUserId());
membershipsDAO.addMember(membershipEntity);
permissionsService.addPermission(groupEntity, userId, entry.getValue());
permissionsService.addPermission(groupEntity, userId, entry.getValue(), getCurrentUserId());
}
invitedRegistration.setUserId(getCurrentUserId());
......
......@@ -83,6 +83,7 @@ public class MembershipManager extends UserAwareComponent {
MembershipEntity membership = new MembershipEntity();
membership.setGroupId(group.getId());
membership.setUserId(userId);
membership.setCreatedBy(getCurrentUserId());
membership = membershipsDAO.addMember(membership);
loggingDAO.logAction("Added member, group_id=" + group.getId() + ", user_id=" + userId);
......
......@@ -81,22 +81,22 @@ public class PermissionsManager extends UserAwareComponent {
if (currentUserPermission == Permission.MANAGE_MEMBERS && permission == Permission.VIEW_MEMBERS) {
// Automatically assign the VIEW_MEMBERS permission ("Add collaborator" feature)
return permissionsService.addPermission(group, userId, Permission.VIEW_MEMBERS);
return permissionsService.addPermission(group, userId, Permission.VIEW_MEMBERS, getCurrentUserId());
} else if (currentUserPermission == Permission.ADMIN) {
// Admin users can specify a permission
return permissionsService.addPermission(group, userId, permission);
return permissionsService.addPermission(group, userId, permission, getCurrentUserId());
}
throw unauthorizedExceptionSupplier(group).get();
}
public PermissionEntity createOrUpdatePermission(GroupEntity group, String userId, Permission permission) {
verifyUserCanManagePermissions(group);
return permissionsService.createOrUpdatePermission(group, userId, permission);
return permissionsService.createOrUpdatePermission(group, userId, permission, getCurrentUserId());
}
public PermissionEntity updatePermission(GroupEntity group, String userId, Permission permission) {
verifyUserCanManagePermissions(group);
return permissionsService.updatePermission(group, userId, permission);
return permissionsService.updatePermission(group, userId, permission, getCurrentUserId());
}
public void removePermission(GroupEntity group, String userId) {
......
package it.inaf.ia2.gms.model;
import java.util.Date;
public class GroupNode {
private String groupId;
......@@ -8,6 +10,8 @@ public class GroupNode {
private boolean hasChildren;
private boolean leaf;
private boolean locked;
private Date creationTime;
private String createdBy;
public String getGroupId() {
return groupId;
......@@ -56,4 +60,20 @@ public class GroupNode {
public void setLocked(boolean locked) {
this.locked = locked;
}
public String getCreatedBy() {
return createdBy;
}
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
}
public Date getCreationTime() {
return creationTime;
}
public void setCreationTime(Date creationTime) {
this.creationTime = creationTime;
}
}
......@@ -9,6 +9,7 @@ import java.sql.SQLException;
import java.sql.Types;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
......@@ -23,6 +24,8 @@ import org.springframework.stereotype.Component;
@Component
public class GroupsDAO {
private static final String GROUP_COLUMNS = "id, name, path, is_leaf, locked, creation_time, created_by";
@Autowired(required = false)
protected GroupsHook groupsHook;
......@@ -39,7 +42,7 @@ public class GroupsDAO {
groupsHook.beforeCreate(group);
}
String sql = "INSERT INTO gms_group (id, name, path, is_leaf) VALUES (?, ?, ?, ?)";
String sql = "INSERT INTO gms_group (id, name, path, is_leaf, created_by) VALUES (?, ?, ?, ?, ?)";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -47,6 +50,7 @@ public class GroupsDAO {
ps.setString(2, group.getName());
ps.setObject(3, group.getPath(), Types.OTHER);
ps.setBoolean(4, group.isLeaf());
ps.setString(5, group.getCreatedBy());
return ps;
});
......@@ -85,7 +89,7 @@ public class GroupsDAO {
public Optional<GroupEntity> findGroupById(String groupId) {
String sql = "SELECT id, name, path, is_leaf, locked from gms_group WHERE id = ?";
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -107,7 +111,7 @@ public class GroupsDAO {
public Optional<GroupEntity> findGroupByPath(String path) {
String sql = "SELECT id, name, is_leaf, locked from gms_group WHERE path = ?";
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE path = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -115,12 +119,7 @@ public class GroupsDAO {
return ps;
}, resultSet -> {
if (resultSet.next()) {
GroupEntity group = new GroupEntity();
group.setId(resultSet.getString("id"));
group.setName(resultSet.getString("name"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setLocked(resultSet.getBoolean("locked"));
group.setPath(path);
GroupEntity group = getGroupFromResultSet(resultSet);
return Optional.of(group);
}
return Optional.empty();
......@@ -135,7 +134,7 @@ public class GroupsDAO {
return jdbcTemplate.query(conn -> {
String sql = "SELECT id, name, path, is_leaf, locked from gms_group WHERE id IN (";
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE id IN (";
sql += String.join(",", identifiers.stream().map(p -> "?").collect(Collectors.toList()));
sql += ")";
......@@ -146,17 +145,7 @@ public class GroupsDAO {
}
return ps;
}, resultSet -> {
List<GroupEntity> groups = new ArrayList<>();
while (resultSet.next()) {
GroupEntity group = new GroupEntity();
group.setId(resultSet.getString("id"));
group.setName(resultSet.getString("name"));
group.setPath(resultSet.getString("path"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setLocked(resultSet.getBoolean("locked"));
groups.add(group);
}
return groups;
return getGroupsFromResultSet(resultSet);
});
}
......@@ -192,7 +181,7 @@ public class GroupsDAO {
public Optional<GroupEntity> findGroupByParentAndName(String parentPath, String childName) {
String sql = "SELECT id, path, is_leaf, locked from gms_group WHERE name = ? AND path ~ ?";
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE name = ? AND path ~ ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -201,12 +190,7 @@ public class GroupsDAO {
return ps;
}, resultSet -> {
if (resultSet.next()) {
GroupEntity group = new GroupEntity();
group.setId(resultSet.getString("id"));
group.setName(childName);
group.setPath(resultSet.getString("path"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setLocked(resultSet.getBoolean("locked"));
GroupEntity group = getGroupFromResultSet(resultSet);
return Optional.of(group);
}
return Optional.empty();
......@@ -226,9 +210,9 @@ public class GroupsDAO {
String sql;
if (hasSearchFilter) {
sql = "SELECT id, name, path, is_leaf, locked FROM gms_group WHERE path ~ ? AND name ILIKE ? ORDER BY name";
sql = "SELECT " + GROUP_COLUMNS + " FROM gms_group WHERE path ~ ? AND name ILIKE ? ORDER BY name";
} else {
sql = "SELECT id, name, path, is_leaf, locked FROM gms_group WHERE path ~ ? ORDER BY name";
sql = "SELECT " + GROUP_COLUMNS + " FROM gms_group WHERE path ~ ? ORDER BY name";
}
return jdbcTemplate.query(conn -> {
......@@ -253,7 +237,7 @@ public class GroupsDAO {
public List<GroupEntity> getAllChildren(String path) {
String sql = "SELECT id, name, path, is_leaf, locked FROM gms_group WHERE path <@ ? AND path <> ? ORDER BY nlevel(path) DESC";
String sql = "SELECT " + GROUP_COLUMNS + " FROM gms_group WHERE path <@ ? AND path <> ? ORDER BY nlevel(path) DESC";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -267,7 +251,7 @@ public class GroupsDAO {
public List<GroupEntity> findGroupsByNames(List<String> names) {
String sql = "SELECT id, name, path, is_leaf, locked from gms_group WHERE name IN ("
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE name IN ("
+ String.join(",", names.stream().map(g -> "?").collect(Collectors.toList()))
+ ")";
......@@ -286,17 +270,23 @@ public class GroupsDAO {
private List<GroupEntity> getGroupsFromResultSet(ResultSet resultSet) throws SQLException {
List<GroupEntity> groups = new ArrayList<>();
while (resultSet.next()) {
GroupEntity group = new GroupEntity();
group.setId(resultSet.getString("id"));
group.setName(resultSet.getString("name"));
group.setPath(resultSet.getString("path"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setLocked(resultSet.getBoolean("locked"));
groups.add(group);
groups.add(getGroupFromResultSet(resultSet));
}
return groups;
}
private GroupEntity getGroupFromResultSet(ResultSet resultSet) throws SQLException {
GroupEntity group = new GroupEntity();
group.setId(resultSet.getString("id"));
group.setName(resultSet.getString("name"));
group.setPath(resultSet.getString("path"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setLocked(resultSet.getBoolean("locked"));
group.setCreationTime(new Date(resultSet.getDate("creation_time").getTime()));
group.setCreatedBy(resultSet.getString("created_by"));
return group;
}
public Map<String, Boolean> getHasChildrenMap(Set<String> groupIds) {
if (groupIds.isEmpty()) {
......@@ -362,7 +352,7 @@ public class GroupsDAO {
public List<GroupEntity> searchGroups(String searchText) {
String sql = "SELECT id, name, path, is_leaf, locked from gms_group WHERE name ILIKE ?";
String sql = "SELECT " + GROUP_COLUMNS + " from gms_group WHERE name ILIKE ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......
......@@ -59,10 +59,10 @@ public class JoinDAO {
private void addPermissions(Set<PermissionEntity> permissionsToAdd) {
String sql = "INSERT INTO gms_permission (group_id, user_id, permission, group_path) VALUES "
+ String.join(", ", Collections.nCopies(permissionsToAdd.size(), "(?, ?, ?, ?)")) + "\n"
String sql = "INSERT INTO gms_permission (group_id, user_id, permission, group_path, set_by) VALUES "
+ String.join(", ", Collections.nCopies(permissionsToAdd.size(), "(?, ?, ?, ?, ?)")) + "\n"
+ "ON CONFLICT (group_id, user_id) DO UPDATE\n"
+ "SET permission = EXCLUDED.permission";
+ "SET permission = EXCLUDED.permission, set_by = EXCLUDED.set_by, update_time = NOW()";
LOG.trace("Executing {}", sql);
......@@ -74,6 +74,7 @@ public class JoinDAO {
ps.setString(++i, permission.getUserId());
ps.setObject(++i, permission.getPermission().toString(), Types.OTHER);
ps.setObject(++i, permission.getGroupPath(), Types.OTHER);
ps.setString(++i, permission.getSetBy());
}
return ps;
});
......
......@@ -3,9 +3,12 @@ package it.inaf.ia2.gms.persistence;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Types;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
import javax.sql.DataSource;
......@@ -25,27 +28,24 @@ public class MembershipsDAO {
public List<MembershipEntity> findByGroup(String groupId) {
String sql = "SELECT user_id FROM gms_membership WHERE group_id = ?";
String sql = "SELECT user_id, group_id, created_by, creation_time FROM gms_membership WHERE group_id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, groupId);
return ps;
}, resultSet -> {
List<MembershipEntity> members = new ArrayList<>();
while (resultSet.next()) {
MembershipEntity membership = new MembershipEntity();
membership.setGroupId(groupId);
membership.setUserId(resultSet.getString("user_id"));
members.add(membership);
}
return members;
return getMembershipsFromResultSet(resultSet);
});
}
public List<MembershipEntity> findByGroups(List<String> groupIds) {
String sql = "SELECT user_id, group_id FROM gms_membership WHERE group_id IN ("
if (groupIds.isEmpty()) {
return new ArrayList<>();
}
String sql = "SELECT user_id, group_id, created_by, creation_time FROM gms_membership WHERE group_id IN ("
+ String.join(",", Collections.nCopies(groupIds.size(), "?")) + ")";
return jdbcTemplate.query(conn -> {
......@@ -56,25 +56,36 @@ public class MembershipsDAO {
}
return ps;
}, resultSet -> {
List<MembershipEntity> members = new ArrayList<>();
while (resultSet.next()) {
MembershipEntity membership = new MembershipEntity();
membership.setGroupId(resultSet.getString("group_id"));
membership.setUserId(resultSet.getString("user_id"));
members.add(membership);
}
return members;
return getMembershipsFromResultSet(resultSet);
});
}
private List<MembershipEntity> getMembershipsFromResultSet(ResultSet resultSet) throws SQLException {
List<MembershipEntity> members = new ArrayList<>();
while (resultSet.next()) {
members.add(getMembershipEntityFromResultSet(resultSet));
}
return members;
}
private MembershipEntity getMembershipEntityFromResultSet(ResultSet resultSet) throws SQLException {
MembershipEntity membership = new MembershipEntity();
membership.setGroupId(resultSet.getString("group_id"));
membership.setUserId(resultSet.getString("user_id"));
membership.setUserId(resultSet.getString("user_id"));
membership.setCreatedBy(resultSet.getString("created_by"));
membership.setCreationTime(new Date(resultSet.getDate("creation_time").getTime()));
return membership;
}
public List<GroupEntity> getUserMemberships(String userId) {
return getUserMemberships(userId, null);
}
public List<GroupEntity> getUserMemberships(String userId, String parentPath) {
String sql = "SELECT g.id, g.name, g.path, g.is_leaf FROM "
+ " gms_membership m "
String sql = "SELECT g.id, g.name, g.path, g.is_leaf, g.creation_time, g.created_by "
+ " FROM gms_membership m "
+ " JOIN gms_group g ON g.id = m.group_id"
+ " WHERE m.user_id = ?";
if (parentPath != null) {
......@@ -99,6 +110,8 @@ public class MembershipsDAO {
group.setName(resultSet.getString("name"));
group.setPath(resultSet.getString("path"));
group.setLeaf(resultSet.getBoolean("is_leaf"));
group.setCreationTime(new Date(resultSet.getDate("creation_time").getTime()));
group.setCreatedBy(resultSet.getString("created_by"));
memberships.add(group);
}
return memberships;
......@@ -124,13 +137,14 @@ public class MembershipsDAO {
public MembershipEntity addMember(MembershipEntity membership) {
String sql = "INSERT INTO gms_membership (group_id, user_id) VALUES (?, ?)\n"
String sql = "INSERT INTO gms_membership (group_id, user_id, created_by) VALUES (?, ?, ?)\n"
+ "ON CONFLICT (group_id, user_id) DO NOTHING";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, membership.getGroupId());
ps.setString(2, membership.getUserId());
ps.setString(3, membership.getCreatedBy());
return ps;
});
......
......@@ -3,8 +3,11 @@ package it.inaf.ia2.gms.persistence;
import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Types;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
......@@ -16,6 +19,8 @@ import org.springframework.stereotype.Component;
@Component
public class PermissionsDAO {
private static final String PERMISSION_COLUMNS = "group_id, user_id, permission, group_path, update_time, set_by";
private final JdbcTemplate jdbcTemplate;
@Autowired
......@@ -25,34 +30,37 @@ public class PermissionsDAO {
public PermissionEntity createOrUpdatePermission(PermissionEntity userPermission) {
String sql = "INSERT INTO gms_permission(group_id, user_id, permission, group_path) VALUES(?, ?, ?, ?)\n"
String sql = "INSERT INTO gms_permission(group_id, user_id, permission, group_path, set_by) VALUES(?, ?, ?, ?, ?)\n"
+ "ON CONFLICT (group_id, user_id) DO UPDATE\n"
+ "SET permission = EXCLUDED.permission";
+ "SET permission = EXCLUDED.permission, set_by = EXCLUDED.set_by, update_time = NOW()";
jdbcTemplate.update(conn -> {
int i = 0;
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, userPermission.getGroupId());
ps.setString(2, userPermission.getUserId());
ps.setObject(3, userPermission.getPermission().toString(), Types.OTHER);
ps.setObject(4, userPermission.getGroupPath(), Types.OTHER);
ps.setString(++i, userPermission.getGroupId());
ps.setString(++i, userPermission.getUserId());
ps.setObject(++i, userPermission.getPermission().toString(), Types.OTHER);
ps.setObject(++i, userPermission.getGroupPath(), Types.OTHER);
ps.setString(++i, userPermission.getSetBy());
return ps;
});
return userPermission;
}
public PermissionEntity updatePermission(PermissionEntity userPermission, Permission newPermission) {
String sql = "UPDATE gms_permission SET permission = ? WHERE group_id = ? AND user_id = ? AND group_path = ?";
public PermissionEntity updatePermission(PermissionEntity userPermission) {
userPermission.setPermission(newPermission);
String sql = "UPDATE gms_permission SET permission = ?, set_by = ?, update_time = NOW() "
+ " WHERE group_id = ? AND user_id = ? AND group_path = ?";
jdbcTemplate.update(conn -> {
int i = 0;
PreparedStatement ps = conn.prepareStatement(sql);
ps.setObject(1, userPermission.getPermission().toString(), Types.OTHER);
ps.setString(2, userPermission.getGroupId());
ps.setString(3, userPermission.getUserId());
ps.setObject(4, userPermission.getGroupPath(), Types.OTHER);
ps.setObject(++i, userPermission.getPermission().toString(), Types.OTHER);
ps.setString(++i, userPermission.getSetBy());
ps.setString(++i, userPermission.getGroupId());
ps.setString(++i, userPermission.getUserId());
ps.setObject(++i, userPermission.getGroupPath(), Types.OTHER);
return ps;
});
......@@ -61,23 +69,14 @@ public class PermissionsDAO {
public List<PermissionEntity> findUserPermissions(String userId) {
String sql = "SELECT group_id, permission, group_path FROM gms_permission WHERE user_id = ?";
String sql = "SELECT " + PERMISSION_COLUMNS + " FROM gms_permission WHERE user_id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, userId);
return ps;
}, resultSet -> {
List<PermissionEntity> permissions = new ArrayList<>();
while (resultSet.next()) {
PermissionEntity permission = new PermissionEntity();
permission.setGroupId(resultSet.getString("group_id"));
permission.setUserId(userId);
permission.setPermission(Permission.valueOf(resultSet.getString("permission")));
permission.setGroupPath(resultSet.getString("group_path"));
permissions.add(permission);
}
return permissions;
return getPermissionsFromResultSet(resultSet);
});
}
......@@ -87,7 +86,7 @@ public class PermissionsDAO {
*/
public List<PermissionEntity> findUserPermissions(String userId, String path) {
String sql = "SELECT group_id, permission, group_path FROM gms_permission WHERE user_id = ?\n"
String sql = "SELECT " + PERMISSION_COLUMNS + " FROM gms_permission WHERE user_id = ?\n"
+ "AND (group_path <@ ? OR group_path @> ?)";
return jdbcTemplate.query(conn -> {
......@@ -97,22 +96,13 @@ public class PermissionsDAO {
ps.setObject(3, path, Types.OTHER);
return ps;
}, resultSet -> {
List<PermissionEntity> permissions = new ArrayList<>();
while (resultSet.next()) {
PermissionEntity permission = new PermissionEntity();
permission.setGroupId(resultSet.getString("group_id"));
permission.setUserId(userId);
permission.setPermission(Permission.valueOf(resultSet.getString("permission")));
permission.setGroupPath(resultSet.getString("group_path"));
permissions.add(permission);
}
return permissions;
return getPermissionsFromResultSet(resultSet);
});
}
public Optional<PermissionEntity> findPermissionEntity(String groupId, String userId) {
String sql = "SELECT group_path, permission FROM gms_permission WHERE group_id = ? AND user_id = ?";
String sql = "SELECT " + PERMISSION_COLUMNS + " FROM gms_permission WHERE group_id = ? AND user_id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
......@@ -121,12 +111,7 @@ public class PermissionsDAO {
return ps;
}, resultSet -> {
if (resultSet.next()) {
PermissionEntity permissionEntity = new PermissionEntity();
permissionEntity.setGroupId(groupId);
permissionEntity.setUserId(userId);
permissionEntity.setPermission(Permission.valueOf(resultSet.getString("permission")));
permissionEntity.setGroupPath(resultSet.getString("group_path"));
return Optional.of(permissionEntity);
return Optional.of(getPermissionEntityFromResultSet(resultSet));
}
return Optional.empty();
});
......@@ -134,26 +119,36 @@ public class PermissionsDAO {
public List<PermissionEntity> getGroupsPermissions(String groupId) {
String sql = "SELECT user_id, permission, group_path FROM gms_permission WHERE group_id = ?";
String sql = "SELECT " <