use of com.epam.ta.reportportal.entity.project.ProjectRole in project service-api by reportportal.
the class UpdateProjectHandlerImpl method updateProjectUserRoles.
private void updateProjectUserRoles(Map<String, String> userRoles, Project project, ReportPortalUser user) {
if (!user.getUserRole().equals(UserRole.ADMINISTRATOR)) {
expect(userRoles.get(user.getUsername()), isNull()).verify(ErrorType.UNABLE_TO_UPDATE_YOURSELF_ROLE, user.getUsername());
}
if (MapUtils.isNotEmpty(userRoles)) {
userRoles.forEach((key, value) -> {
Optional<ProjectRole> newProjectRole = ProjectRole.forName(value);
expect(newProjectRole, isPresent()).verify(ErrorType.ROLE_NOT_FOUND, value);
Optional<ProjectUser> updatingProjectUser = ofNullable(ProjectUtils.findUserConfigByLogin(project, key));
expect(updatingProjectUser, isPresent()).verify(ErrorType.USER_NOT_FOUND, key);
if (UserRole.ADMINISTRATOR != user.getUserRole()) {
ProjectRole principalRole = projectExtractor.extractProjectDetails(user, project.getName()).getProjectRole();
ProjectRole updatingUserRole = ofNullable(ProjectUtils.findUserConfigByLogin(project, key)).orElseThrow(() -> new ReportPortalException(ErrorType.USER_NOT_FOUND, key)).getProjectRole();
/*
* Validate principal role level is high enough
*/
if (principalRole.sameOrHigherThan(updatingUserRole)) {
expect(newProjectRole.get(), Preconditions.isLevelEnough(principalRole)).verify(ErrorType.ACCESS_DENIED);
} else {
expect(updatingUserRole, Preconditions.isLevelEnough(principalRole)).verify(ErrorType.ACCESS_DENIED);
}
}
updatingProjectUser.get().setProjectRole(newProjectRole.get());
});
}
}
use of com.epam.ta.reportportal.entity.project.ProjectRole in project service-api by reportportal.
the class BaseProjectPermission method isAllowed.
/**
* Validates project exists and user assigned to project. After that
* delegates permission check to subclass
*/
@Override
public boolean isAllowed(Authentication authentication, Object projectName) {
if (!authentication.isAuthenticated()) {
return false;
}
OAuth2Authentication oauth = (OAuth2Authentication) authentication;
ReportPortalUser rpUser = (ReportPortalUser) oauth.getUserAuthentication().getPrincipal();
BusinessRule.expect(rpUser, Objects::nonNull).verify(ErrorType.ACCESS_DENIED);
final String resolvedProjectName = String.valueOf(projectName);
final ReportPortalUser.ProjectDetails projectDetails = projectExtractor.findProjectDetails(rpUser, resolvedProjectName).orElseThrow(() -> new ReportPortalException(ErrorType.ACCESS_DENIED));
fillProjectDetails(rpUser, resolvedProjectName, projectDetails);
ProjectRole role = projectDetails.getProjectRole();
return checkAllowed(rpUser, projectName.toString(), role);
}
use of com.epam.ta.reportportal.entity.project.ProjectRole in project service-api by reportportal.
the class CreateUserHandlerImpl method saveUser.
private Pair<UserActivityResource, CreateUserRS> saveUser(CreateUserRQFull request) {
final Project projectToAssign = getProjectHandler.getRaw(normalizeId(request.getDefaultProject()));
final ProjectRole projectRole = forName(request.getProjectRole()).orElseThrow(() -> new ReportPortalException(ROLE_NOT_FOUND, request.getProjectRole()));
final User user = convert(request);
try {
userRepository.save(user);
} catch (PersistenceException pe) {
if (pe.getCause() instanceof ConstraintViolationException) {
fail().withError(RESOURCE_ALREADY_EXISTS, ((ConstraintViolationException) pe.getCause()).getConstraintName());
}
throw new ReportPortalException("Error while User creating: " + pe.getMessage(), pe);
} catch (Exception exp) {
throw new ReportPortalException("Error while User creating: " + exp.getMessage(), exp);
}
userAuthenticator.authenticate(user);
projectUserHandler.assign(user, projectToAssign, projectRole);
final Project personalProject = createProjectHandler.createPersonal(user);
projectUserHandler.assign(user, personalProject, ProjectRole.PROJECT_MANAGER);
final CreateUserRS response = new CreateUserRS();
response.setId(user.getId());
response.setLogin(user.getLogin());
return Pair.of(TO_ACTIVITY_RESOURCE.apply(user, projectToAssign.getId()), response);
}
use of com.epam.ta.reportportal.entity.project.ProjectRole in project service-api by reportportal.
the class UpdateProjectHandlerImpl method assignUsers.
@Override
public OperationCompletionRS assignUsers(String projectName, AssignUsersRQ assignUsersRQ, ReportPortalUser user) {
if (UserRole.ADMINISTRATOR.equals(user.getUserRole())) {
Project project = projectRepository.findByName(normalizeId(projectName)).orElseThrow(() -> new ReportPortalException(ErrorType.PROJECT_NOT_FOUND, normalizeId(projectName)));
List<String> assignedUsernames = project.getUsers().stream().map(u -> u.getUser().getLogin()).collect(toList());
assignUsersRQ.getUserNames().forEach((name, role) -> {
ProjectRole projectRole = ProjectRole.forName(role).orElseThrow(() -> new ReportPortalException(ROLE_NOT_FOUND, role));
assignUser(name, projectRole, assignedUsernames, project);
});
} else {
expect(assignUsersRQ.getUserNames().keySet(), not(Preconditions.contains(equalTo(user.getUsername())))).verify(UNABLE_ASSIGN_UNASSIGN_USER_TO_PROJECT, "User should not assign himself to project.");
ReportPortalUser.ProjectDetails projectDetails = projectExtractor.extractProjectDetails(user, projectName);
Project project = projectRepository.findById(projectDetails.getProjectId()).orElseThrow(() -> new ReportPortalException(ErrorType.PROJECT_NOT_FOUND, normalizeId(projectName)));
List<String> assignedUsernames = project.getUsers().stream().map(u -> u.getUser().getLogin()).collect(toList());
assignUsersRQ.getUserNames().forEach((name, role) -> {
ProjectRole projectRole = ProjectRole.forName(role).orElseThrow(() -> new ReportPortalException(ROLE_NOT_FOUND, role));
ProjectRole modifierRole = projectDetails.getProjectRole();
expect(modifierRole.sameOrHigherThan(projectRole), BooleanUtils::isTrue).verify(ACCESS_DENIED);
assignUser(name, projectRole, assignedUsernames, project);
});
}
return new OperationCompletionRS("User(s) with username='" + assignUsersRQ.getUserNames().keySet() + "' was successfully assigned to project='" + normalizeId(projectName) + "'");
}
Aggregations