Bugfix

e3dd2142 · Sonia Zorba · f038285c · e3dd2142 · e3dd2142 · e3dd2142
Commit e3dd2142 authored Oct 30, 2020 by Sonia Zorba
--- a/gms/pom.xml
+++ b/gms/pom.xml
@@ -40,7 +40,7 @@
        </dependency>
        <dependency>
            <groupId>${project.groupId}</groupId>
-            <artifactId>AuthLib</artifactId>
+            <artifactId>auth-lib</artifactId>
            <version>2.0.0-SNAPSHOT</version>
        </dependency>
        <dependency>

--- a/gms/src/main/java/it/inaf/ia2/gms/controller/HomePageController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/HomePageController.java
@@ -82,6 +82,10 @@ public class HomePageController {
    @GetMapping(value = "/", produces = MediaType.TEXT_HTML_VALUE)
    public String index(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

+        // This page MUST NOT be cached to avoid losing the login redirect
+        response.setHeader("Cache-Control", "no-store, must-revalidate");
+        response.setHeader("Expires", "0");
+
        Optional<List<InvitedRegistration>> optReg = invitedRegistrationManager.completeInvitedRegistrationIfNecessary();
        if (optReg.isPresent()) {
            request.setAttribute("invited-registrations", optReg.get());
@@ -95,6 +99,6 @@ public class HomePageController {
    public void logout(HttpSession httpSession, HttpServletResponse response) throws IOException {
        httpSession.invalidate();
        String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
-        response.sendRedirect(baseUrl);
+        response.sendRedirect(baseUrl + "/");
    }
 }
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
@@ -239,15 +239,15 @@ public class JWTWebServiceController {
    @GetMapping(value = {"/permission/{group:.+}", "/permission"}, produces = MediaType.TEXT_PLAIN_VALUE)
    public void getUserPermission(@PathVariable("group") Optional<String> groupNames, @RequestParam("user_id") Optional<String> userId, HttpServletRequest request, HttpServletResponse response) throws IOException {

+        GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
        if (userId.isPresent()) {
            try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
-                for (UserPermission userPermission : searchService.getUserPermission(userId.get(), permissionsManager.getCurrentUserPermissions(getRoot()))) {
+                for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
                    String group = String.join(".", userPermission.getGroupCompleteName());
                    pw.println(group + " " + userPermission.getPermission());
                }
            }
        } else {
-            GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
            try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
                for (it.inaf.ia2.gms.model.UserPermission up : permissionsManager.getAllPermissions(groupEntity)) {
                    pw.println(up.getUser().getId() + " " + up.getPermission());

--- a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
@@ -115,7 +115,7 @@ public class SearchService {
        sortByGroupCompleteName(groups);
        response.setGroups(groups);

-        List<UserPermission> permissions = getUserPermission(targetUserId, actorPermissions);
+        List<UserPermission> permissions = getUserPermission(groupsManager.getRoot(), targetUserId, actorPermissions);
        sortByGroupCompleteName(permissions);
        response.setPermissions(permissions);

@@ -147,12 +147,12 @@ public class SearchService {
                .collect(Collectors.toList());
    }

-    public List<UserPermission> getUserPermission(String targetUserId, List<PermissionEntity> actorPermissions) {
+    public List<UserPermission> getUserPermission(GroupEntity group, String targetUserId, List<PermissionEntity> actorPermissions) {

        List<UserPermission> permissions = new ArrayList<>();

        // Super-admin user is able to see also other user permissions
-        PermissionUtils.getGroupPermission(groupsManager.getRoot(), actorPermissions).ifPresent(permission -> {
+        PermissionUtils.getGroupPermission(group, actorPermissions).ifPresent(permission -> {
            if (permission.equals(Permission.ADMIN)) {

                Map<String, PermissionEntity> targetUserPermissions