Commit e3dd2142 authored by Sonia Zorba's avatar Sonia Zorba
Browse files

Bugfix

parent f038285c
Pipeline #581 passed with stages
in 30 seconds
...@@ -40,7 +40,7 @@ ...@@ -40,7 +40,7 @@
</dependency> </dependency>
<dependency> <dependency>
<groupId>${project.groupId}</groupId> <groupId>${project.groupId}</groupId>
<artifactId>AuthLib</artifactId> <artifactId>auth-lib</artifactId>
<version>2.0.0-SNAPSHOT</version> <version>2.0.0-SNAPSHOT</version>
</dependency> </dependency>
<dependency> <dependency>
......
...@@ -82,6 +82,10 @@ public class HomePageController { ...@@ -82,6 +82,10 @@ public class HomePageController {
@GetMapping(value = "/", produces = MediaType.TEXT_HTML_VALUE) @GetMapping(value = "/", produces = MediaType.TEXT_HTML_VALUE)
public String index(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { public String index(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// This page MUST NOT be cached to avoid losing the login redirect
response.setHeader("Cache-Control", "no-store, must-revalidate");
response.setHeader("Expires", "0");
Optional<List<InvitedRegistration>> optReg = invitedRegistrationManager.completeInvitedRegistrationIfNecessary(); Optional<List<InvitedRegistration>> optReg = invitedRegistrationManager.completeInvitedRegistrationIfNecessary();
if (optReg.isPresent()) { if (optReg.isPresent()) {
request.setAttribute("invited-registrations", optReg.get()); request.setAttribute("invited-registrations", optReg.get());
...@@ -95,6 +99,6 @@ public class HomePageController { ...@@ -95,6 +99,6 @@ public class HomePageController {
public void logout(HttpSession httpSession, HttpServletResponse response) throws IOException { public void logout(HttpSession httpSession, HttpServletResponse response) throws IOException {
httpSession.invalidate(); httpSession.invalidate();
String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString(); String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
response.sendRedirect(baseUrl); response.sendRedirect(baseUrl + "/");
} }
} }
...@@ -239,15 +239,15 @@ public class JWTWebServiceController { ...@@ -239,15 +239,15 @@ public class JWTWebServiceController {
@GetMapping(value = {"/permission/{group:.+}", "/permission"}, produces = MediaType.TEXT_PLAIN_VALUE) @GetMapping(value = {"/permission/{group:.+}", "/permission"}, produces = MediaType.TEXT_PLAIN_VALUE)
public void getUserPermission(@PathVariable("group") Optional<String> groupNames, @RequestParam("user_id") Optional<String> userId, HttpServletRequest request, HttpServletResponse response) throws IOException { public void getUserPermission(@PathVariable("group") Optional<String> groupNames, @RequestParam("user_id") Optional<String> userId, HttpServletRequest request, HttpServletResponse response) throws IOException {
GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
if (userId.isPresent()) { if (userId.isPresent()) {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) { try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (UserPermission userPermission : searchService.getUserPermission(userId.get(), permissionsManager.getCurrentUserPermissions(getRoot()))) { for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
String group = String.join(".", userPermission.getGroupCompleteName()); String group = String.join(".", userPermission.getGroupCompleteName());
pw.println(group + " " + userPermission.getPermission()); pw.println(group + " " + userPermission.getPermission());
} }
} }
} else { } else {
GroupEntity groupEntity = getGroupFromNames(extractGroupNames(groupNames));
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) { try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (it.inaf.ia2.gms.model.UserPermission up : permissionsManager.getAllPermissions(groupEntity)) { for (it.inaf.ia2.gms.model.UserPermission up : permissionsManager.getAllPermissions(groupEntity)) {
pw.println(up.getUser().getId() + " " + up.getPermission()); pw.println(up.getUser().getId() + " " + up.getPermission());
......
...@@ -115,7 +115,7 @@ public class SearchService { ...@@ -115,7 +115,7 @@ public class SearchService {
sortByGroupCompleteName(groups); sortByGroupCompleteName(groups);
response.setGroups(groups); response.setGroups(groups);
List<UserPermission> permissions = getUserPermission(targetUserId, actorPermissions); List<UserPermission> permissions = getUserPermission(groupsManager.getRoot(), targetUserId, actorPermissions);
sortByGroupCompleteName(permissions); sortByGroupCompleteName(permissions);
response.setPermissions(permissions); response.setPermissions(permissions);
...@@ -147,12 +147,12 @@ public class SearchService { ...@@ -147,12 +147,12 @@ public class SearchService {
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
public List<UserPermission> getUserPermission(String targetUserId, List<PermissionEntity> actorPermissions) { public List<UserPermission> getUserPermission(GroupEntity group, String targetUserId, List<PermissionEntity> actorPermissions) {
List<UserPermission> permissions = new ArrayList<>(); List<UserPermission> permissions = new ArrayList<>();
// Super-admin user is able to see also other user permissions // Super-admin user is able to see also other user permissions
PermissionUtils.getGroupPermission(groupsManager.getRoot(), actorPermissions).ifPresent(permission -> { PermissionUtils.getGroupPermission(group, actorPermissions).ifPresent(permission -> {
if (permission.equals(Permission.ADMIN)) { if (permission.equals(Permission.ADMIN)) {
Map<String, PermissionEntity> targetUserPermissions Map<String, PermissionEntity> targetUserPermissions
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment