Example 1 with AccessControl
use of org.orcid.core.security.visibility.aop.AccessControl in project ORCID-Source by ORCID.
the class NotificationsApiServiceDelegatorImpl method flagNotificationAsArchived.
@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response flagNotificationAsArchived(String orcid, Long id) throws OrcidNotificationAlreadyReadException {
checkIfProfileDeprecated(orcid);
Notification notification = notificationManager.flagAsArchived(orcid, id);
if (notification == null) {
Map<String, String> params = new HashMap<String, String>();
params.put("orcid", orcid);
params.put("id", String.valueOf(id));
throw new OrcidNotificationNotFoundException(params);
}
return Response.ok(notification).build();
}
Also used :
HashMap(java.util.HashMap)
OrcidNotificationNotFoundException(org.orcid.core.exception.OrcidNotificationNotFoundException)
Notification(org.orcid.jaxb.model.notification_v2.Notification)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Example 2 with AccessControl
use of org.orcid.core.security.visibility.aop.AccessControl in project ORCID-Source by ORCID.
the class NotificationsApiServiceDelegatorImpl method findPermissionNotification.
@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response findPermissionNotification(String orcid, Long id) {
checkIfProfileDeprecated(orcid);
Notification notification = notificationManager.findByOrcidAndId(orcid, id);
if (notification != null) {
checkSource(notification);
return Response.ok(notification).build();
} else {
Map<String, String> params = new HashMap<String, String>();
params.put("orcid", orcid);
params.put("id", String.valueOf(id));
throw new OrcidNotificationNotFoundException(params);
}
}
Also used :
HashMap(java.util.HashMap)
OrcidNotificationNotFoundException(org.orcid.core.exception.OrcidNotificationNotFoundException)
Notification(org.orcid.jaxb.model.notification_v2.Notification)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Example 3 with AccessControl
use of org.orcid.core.security.visibility.aop.AccessControl in project ORCID-Source by ORCID.
the class NotificationsApiServiceDelegatorImpl method addPermissionNotification.
@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response addPermissionNotification(UriInfo uriInfo, String orcid, NotificationPermission notification) {
checkIfProfileDeprecated(orcid);
notificationValidationManager.validateNotificationPermission(notification);
ProfileEntity profile = profileEntityCacheManager.retrieve(orcid);
if (profile == null) {
throw OrcidNotFoundException.newInstance(orcid);
}
if (profile.getSendMemberUpdateRequests() != null && !profile.getSendMemberUpdateRequests()) {
Map<String, String> params = new HashMap<String, String>();
params.put("orcid", orcid);
throw new OrcidNotificationException(params);
}
Notification createdNotification = notificationManager.createNotification(orcid, notification);
try {
return Response.created(new URI(uriInfo.getAbsolutePath() + "/" + createdNotification.getPutCode())).build();
} catch (URISyntaxException e) {
throw new RuntimeException(localeManager.resolveMessage("apiError.notification_uri.exception"), e);
}
}
Also used :
HashMap(java.util.HashMap)
OrcidNotificationException(org.orcid.core.exception.OrcidNotificationException)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Notification(org.orcid.jaxb.model.notification_v2.Notification)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Example 4 with AccessControl
use of org.orcid.core.security.visibility.aop.AccessControl in project ORCID-Source by ORCID.
the class T2OrcidApiServiceDelegatorImpl method addExternalIdentifiers.
/**
* Add new external identifiers to the profile. As with all calls, if the
* message contains any other elements, a 400 Bad Request will be returned.
*
* @param orcidMessage
* the message congtaining the external ids
* @return If successful, returns a 200 OK with the updated content.
*/
@Override
@AccessControl(requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE)
public Response addExternalIdentifiers(UriInfo uriInfo, String orcid, OrcidMessage orcidMessage) {
OrcidProfile orcidProfile = orcidMessage.getOrcidProfile();
try {
ExternalIdentifiers updatedExternalIdentifiers = orcidProfile.getOrcidBio().getExternalIdentifiers();
// Get the client profile information
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String clientId = null;
if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
clientId = authorizationRequest.getClientId();
}
for (ExternalIdentifier ei : updatedExternalIdentifiers.getExternalIdentifier()) {
// Set the client profile to each external identifier
if (ei.getSource() == null) {
Source source = new Source();
source.setSourceClientId(new SourceClientId(clientId));
ei.setSource(source);
} else {
// Check if the provided external orcid exists
Source source = ei.getSource();
String sourceOrcid = source.retrieveSourcePath();
if (sourceOrcid != null) {
if (StringUtils.isBlank(sourceOrcid) || (!profileEntityManager.orcidExists(sourceOrcid) && !clientDetailsManager.exists(sourceOrcid))) {
Map<String, String> params = new HashMap<String, String>();
params.put("orcid", sourceOrcid);
throw new OrcidNotFoundException(params);
}
}
}
}
orcidProfile = orcidProfileManager.addExternalIdentifiers(orcidProfile);
return getOrcidMessageResponse(orcidProfile, orcid);
} catch (DataAccessException e) {
throw new OrcidBadRequestException(localeManager.resolveMessage("apiError.badrequest_createorcid.exception"));
}
}
Also used :
ExternalIdentifier(org.orcid.jaxb.model.message.ExternalIdentifier)
HashMap(java.util.HashMap)
SourceClientId(org.orcid.jaxb.model.message.SourceClientId)
Source(org.orcid.jaxb.model.message.Source)
OrcidProfile(org.orcid.jaxb.model.message.OrcidProfile)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OrcidBadRequestException(org.orcid.core.exception.OrcidBadRequestException)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidNotFoundException(org.orcid.core.exception.OrcidNotFoundException)
ExternalIdentifiers(org.orcid.jaxb.model.message.ExternalIdentifiers)
DataAccessException(org.springframework.dao.DataAccessException)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Example 5 with AccessControl
use of org.orcid.core.security.visibility.aop.AccessControl in project ORCID-Source by ORCID.
the class T2OrcidApiServiceDelegatorImpl method registerWebhook.
/**
* Register a new webhook to the profile. As with all calls, if the message
* contains any other elements, a 400 Bad Request will be returned.
*
* @param orcid
* the identifier of the profile to add the webhook
* @param uriInfo
* an uri object containing the webhook
* @return If successful, returns a 2xx.
* */
@Override
@AccessControl(requiredScope = ScopePathType.WEBHOOK)
public Response registerWebhook(UriInfo uriInfo, String orcid, String webhookUri) {
@SuppressWarnings("unused") URI validatedWebhookUri = null;
try {
validatedWebhookUri = new URI(webhookUri);
} catch (URISyntaxException e) {
Object[] params = { webhookUri };
throw new OrcidBadRequestException(localeManager.resolveMessage("apiError.badrequest_incorrect_webhook.exception", params));
}
ProfileEntity profile = profileEntityCacheManager.retrieve(orcid);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
ClientDetailsEntity clientDetails = null;
String clientId = null;
if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
clientId = authorizationRequest.getClientId();
clientDetails = clientDetailsManager.findByClientId(clientId);
}
if (profile != null && clientDetails != null) {
WebhookEntityPk webhookPk = new WebhookEntityPk(profile, webhookUri);
WebhookEntity webhook = webhookManager.find(webhookPk);
boolean isNew = webhook == null;
if (isNew) {
webhook = new WebhookEntity();
webhook.setProfile(profile);
webhook.setDateCreated(new Date());
webhook.setEnabled(true);
webhook.setUri(webhookUri);
webhook.setClientDetails(clientDetails);
}
webhookManager.update(webhook);
return isNew ? Response.created(uriInfo.getAbsolutePath()).build() : Response.noContent().build();
} else if (profile == null) {
Map<String, String> params = new HashMap<String, String>();
params.put("orcid", orcid);
throw new OrcidNotFoundException(params);
} else {
Map<String, String> params = new HashMap<String, String>();
params.put("client", clientId);
throw new OrcidClientNotFoundException(params);
}
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
WebhookEntityPk(org.orcid.persistence.jpa.entities.keys.WebhookEntityPk)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Date(java.util.Date)
SubmissionDate(org.orcid.jaxb.model.message.SubmissionDate)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OrcidBadRequestException(org.orcid.core.exception.OrcidBadRequestException)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
WebhookEntity(org.orcid.persistence.jpa.entities.WebhookEntity)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidNotFoundException(org.orcid.core.exception.OrcidNotFoundException)
Map(java.util.Map)
HashMap(java.util.HashMap)
OrcidClientNotFoundException(org.orcid.core.exception.OrcidClientNotFoundException)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Aggregations
AccessControl (org.orcid.core.security.visibility.aop.AccessControl)10
HashMap (java.util.HashMap)6
Authentication (org.springframework.security.core.Authentication)4
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)4
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)4
OrcidBadRequestException (org.orcid.core.exception.OrcidBadRequestException)3
OrcidNotFoundException (org.orcid.core.exception.OrcidNotFoundException)3
Notification (org.orcid.jaxb.model.notification_v2.Notification)3
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)3
URI (java.net.URI)2
URISyntaxException (java.net.URISyntaxException)2
Date (java.util.Date)2
OrcidNotificationNotFoundException (org.orcid.core.exception.OrcidNotificationNotFoundException)2
OrcidProfile (org.orcid.jaxb.model.message.OrcidProfile)2
WebhookEntity (org.orcid.persistence.jpa.entities.WebhookEntity)2
WebhookEntityPk (org.orcid.persistence.jpa.entities.keys.WebhookEntityPk)2
DataAccessException (org.springframework.dao.DataAccessException)2
Map (java.util.Map)1
Response (javax.ws.rs.core.Response)1
StatsTimelineList (org.orcid.api.common.writer.stats.StatsTimelineList)1
