Commit e3dd2142 authored by Sonia Zorba's avatar Sonia Zorba
Browse files

Bugfix

parent f038285c
Pipeline #581 passed with stages
in 30 seconds
......@@ -40,7 +40,7 @@
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>AuthLib</artifactId>
<artifactId>auth-lib</artifactId>
<version>2.0.0-SNAPSHOT</version>
</dependency>
<dependency>
......
......@@ -82,6 +82,10 @@ public class HomePageController {
@GetMapping(value = "/", produces = MediaType.TEXT_HTML_VALUE)
public String index(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// This page MUST NOT be cached to avoid losing the login redirect
response.setHeader("Cache-Control", "no-store, must-revalidate");
response.setHeader("Expires", "0");
Optional<List<InvitedRegistration>> optReg = invitedRegistrationManager.completeInvitedRegistrationIfNecessary();
if (optReg.isPresent()) {
request.setAttribute("invited-registrations", optReg.get());
......@@ -95,6 +99,6 @@ public class HomePageController {
public void logout(HttpSession httpSession, HttpServletResponse response) throws IOException {
httpSession.invalidate();
String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
response.sendRedirect(baseUrl);
response.sendRedirect(baseUrl + "/");
}
}
......@@ -239,15 +239,15 @@ public class JWTWebServiceController {
@GetMapping(value = {"/permission/{group:.+}", "/permission"}, produces = MediaType.TEXT_PLAIN_VALUE)
public void getUserPermission(@PathVariable("group") Optional<String> groupNames, @RequestParam("user_id") Optional<String> userId, HttpServletRequest request, HttpServletResponse response) throws IOException {
GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
if (userId.isPresent()) {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (UserPermission userPermission : searchService.getUserPermission(userId.get(), permissionsManager.getCurrentUserPermissions(getRoot()))) {
for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
String group = String.join(".", userPermission.getGroupCompleteName());
pw.println(group + " " + userPermission.getPermission());
}
}
} else {
GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (it.inaf.ia2.gms.model.UserPermission up : permissionsManager.getAllPermissions(groupEntity)) {
pw.println(up.getUser().getId() + " " + up.getPermission());
......
......@@ -115,7 +115,7 @@ public class SearchService {
sortByGroupCompleteName(groups);
response.setGroups(groups);
List<UserPermission> permissions = getUserPermission(targetUserId, actorPermissions);
List<UserPermission> permissions = getUserPermission(groupsManager.getRoot(), targetUserId, actorPermissions);
sortByGroupCompleteName(permissions);
response.setPermissions(permissions);
......@@ -147,12 +147,12 @@ public class SearchService {
.collect(Collectors.toList());
}
public List<UserPermission> getUserPermission(String targetUserId, List<PermissionEntity> actorPermissions) {
public List<UserPermission> getUserPermission(GroupEntity group, String targetUserId, List<PermissionEntity> actorPermissions) {
List<UserPermission> permissions = new ArrayList<>();
// Super-admin user is able to see also other user permissions
PermissionUtils.getGroupPermission(groupsManager.getRoot(), actorPermissions).ifPresent(permission -> {
PermissionUtils.getGroupPermission(group, actorPermissions).ifPresent(permission -> {
if (permission.equals(Permission.ADMIN)) {
Map<String, PermissionEntity> targetUserPermissions
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment