use of org.orcid.jaxb.model.message.Visibility in project ORCID-Source by ORCID.
the class OrcidProfileManagerImpl method addOrcidWorks.
@Override
@Transactional
public void addOrcidWorks(OrcidProfile updatedOrcidProfile) {
String orcid = updatedOrcidProfile.getOrcidIdentifier().getPath();
OrcidProfile existingProfile = retrieveOrcidProfile(orcid);
if (existingProfile == null) {
throw new IllegalArgumentException("No record found for " + orcid);
}
OrcidWorks existingOrcidWorks = existingProfile.retrieveOrcidWorks();
OrcidWorks updatedOrcidWorks = updatedOrcidProfile.retrieveOrcidWorks();
Visibility workVisibilityDefault = existingProfile.getOrcidInternal().getPreferences().getActivitiesVisibilityDefault().getValue();
Boolean claimed = existingProfile.getOrcidHistory().isClaimed();
setWorkPrivacy(updatedOrcidWorks, workVisibilityDefault, claimed == null ? false : claimed);
String amenderOrcid = sourceManager.retrieveSourceOrcid();
addSourceToWorks(updatedOrcidWorks, amenderOrcid);
updatedOrcidWorks = dedupeWorks(updatedOrcidWorks);
List<OrcidWork> updatedOrcidWorksList = updatedOrcidWorks.getOrcidWork();
checkUserCanHoldMoreElement(existingProfile.retrieveOrcidWorks(), updatedOrcidProfile.retrieveOrcidWorks());
if (compareWorksUsingScopusWay) {
checkForAlreadyExistingWorks(existingOrcidWorks, updatedOrcidWorksList);
if (existingOrcidWorks != null)
checkWorkExternalIdentifiersAreNotDuplicated(updatedOrcidWorksList, existingOrcidWorks.getOrcidWork());
else
checkWorkExternalIdentifiersAreNotDuplicated(updatedOrcidWorksList, null);
} else {
checkForAlreadyExistingWorksLegacyMode(existingOrcidWorks, updatedOrcidWorksList);
}
//workDao.increaseDisplayIndexOnAllElements(orcid);
persistAddedWorks(orcid, updatedOrcidWorksList);
profileDao.flush();
boolean notificationsEnabled = existingProfile.getOrcidInternal().getPreferences().getNotificationsEnabled();
if (notificationsEnabled) {
List<Item> activities = new ArrayList<>();
for (OrcidWork updatedWork : updatedOrcidWorksList) {
Item activity = new Item();
activity.setItemName(updatedWork.getWorkTitle().getTitle().getContent());
activity.setItemType(ItemType.WORK);
activity.setPutCode(updatedWork.getPutCode());
activities.add(activity);
}
notificationManager.sendAmendEmail(existingProfile, AmendedSection.WORK, activities);
}
}
use of org.orcid.jaxb.model.message.Visibility in project ORCID-Source by ORCID.
the class OrcidProfileManagerImpl method updateOrcidProfile.
@Override
@Transactional
public OrcidProfile updateOrcidProfile(OrcidProfile orcidProfile, UpdateOptions updateOptions) {
String amenderOrcid = sourceManager.retrieveSourceOrcid();
ProfileEntity existingProfileEntity = profileDao.find(orcidProfile.getOrcidIdentifier().getPath());
Visibility defaultVisibility = Visibility.fromValue(existingProfileEntity.getActivitiesVisibilityDefault().value());
if (existingProfileEntity != null) {
//Dont delete the existing elements anymore
//profileDao.removeChildrenWithGeneratedIds(existingProfileEntity);
setWorkPrivacy(orcidProfile, defaultVisibility);
setAffiliationPrivacy(orcidProfile, defaultVisibility);
setFundingPrivacy(orcidProfile, defaultVisibility);
}
dedupeWorks(orcidProfile);
dedupeAffiliations(orcidProfile);
dedupeFundings(orcidProfile);
addSourceToEmails(orcidProfile, existingProfileEntity, amenderOrcid);
Boolean claimed = orcidProfile.getOrcidHistory() != null ? orcidProfile.getOrcidHistory().isClaimed() : existingProfileEntity.getClaimed();
if (orcidProfile.getOrcidInternal() != null && orcidProfile.getOrcidInternal().getPreferences() != null && orcidProfile.getOrcidInternal().getPreferences().getActivitiesVisibilityDefault() != null) {
defaultVisibility = orcidProfile.getOrcidInternal().getPreferences().getActivitiesVisibilityDefault().getValue();
}
addDefaultVisibilityToBioItems(orcidProfile, defaultVisibility, claimed);
ProfileEntity profileEntity = adapter.toProfileEntity(orcidProfile, existingProfileEntity, updateOptions);
profileEntity.setLastModified(new Date());
profileEntity.setIndexingStatus(IndexingStatus.PENDING);
profileDao.flush();
ProfileEntity updatedProfileEntity = profileDao.merge(profileEntity);
profileDao.refresh(updatedProfileEntity);
OrcidProfile updatedOrcidProfile = convertToOrcidProfile(updatedProfileEntity, LoadOptions.ALL);
orcidProfileCacheManager.put(updatedOrcidProfile);
return updatedOrcidProfile;
}
use of org.orcid.jaxb.model.message.Visibility in project ORCID-Source by ORCID.
the class VisibilityFilterImpl method filter.
/**
* Remove the elements that are not present in the list of set of
* {@link org.orcid.jaxb.model.message .Visibility}s present in the array
* passed in.
*
* @param messageToBeFiltered
* the {@link org.orcid.jaxb.model.message.OrcidMessage} that
* will be traversed looking for
* {@link org .orcid.jaxb.model.message.VisibilityType} elements.
* @param source
* The orcid source that is executing the request
* @param removeAttribute
* should all {@link org.orcid.jaxb.model.message.Visibility}
* elements be removed from the object graph. This has the effect
* that they will not be present in the resulting JAXB
* serialisation.
* @param visibilities
* What {@link org.orcid.jaxb.model.message.Visibility} elements
* should be allowed.
* @return the cleansed {@link org.orcid.jaxb.model.message.OrcidMessage}
*/
@Override
public OrcidMessage filter(OrcidMessage messageToBeFiltered, final String sourceId, final boolean allowPrivateWorks, final boolean allowPrivateFunding, final boolean allowPrivateAffiliations, Visibility... visibilities) {
if (messageToBeFiltered == null || visibilities == null || visibilities.length == 0) {
return null;
}
String messageIdForLog = getMessageIdForLog(messageToBeFiltered);
LOGGER.debug("About to filter message: " + messageIdForLog);
final Set<Visibility> visibilitySet = new HashSet<Visibility>(Arrays.asList(visibilities));
if (visibilitySet.contains(Visibility.SYSTEM)) {
return messageToBeFiltered;
} else {
TreeCleaner treeCleaner = new TreeCleaner();
treeCleaner.clean(messageToBeFiltered, new TreeCleaningStrategy() {
public TreeCleaningDecision needsStripping(Object obj) {
TreeCleaningDecision decision = TreeCleaningDecision.DEFAULT;
if (obj != null) {
Class<?> clazz = obj.getClass();
if (!PojoUtil.isEmpty(sourceId)) {
if (allowPrivateAffiliations && Affiliation.class.isAssignableFrom(clazz)) {
Affiliation affiliation = (Affiliation) obj;
Source source = affiliation.getSource();
if (source != null) {
String sourcePath = source.retrieveSourcePath();
if (sourcePath != null) {
if (sourceId.equals(sourcePath)) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
} else if (allowPrivateFunding && Funding.class.isAssignableFrom(clazz)) {
Funding funding = (Funding) obj;
Source source = funding.getSource();
if (source != null) {
String sourcePath = source.retrieveSourcePath();
if (sourcePath != null) {
if (sourceId.equals(sourcePath)) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
} else if (allowPrivateWorks && OrcidWork.class.isAssignableFrom(clazz)) {
OrcidWork work = (OrcidWork) obj;
Source source = work.getSource();
if (source != null) {
if (sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
}
// fields are inside the country element
if (Address.class.isAssignableFrom(clazz)) {
Address address = (Address) obj;
// Remove empty addresses
if (address.getCountry() == null) {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
} else {
Country country = address.getCountry();
// Allow public addresses
if (Visibility.PUBLIC.equals(country.getVisibility())) {
decision = TreeCleaningDecision.IGNORE;
} else if (visibilitySet.contains(Visibility.LIMITED)) {
// Allow limited visibility when possible
if (Visibility.LIMITED.equals(country.getVisibility())) {
decision = TreeCleaningDecision.IGNORE;
} else {
// As last resource, check the source
Source source = country.getSource();
if (source != null && sourceId != null && sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
} else {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
}
}
}
}
}
if (Email.class.isAssignableFrom(clazz)) {
// include all emails if present
try {
Authentication authentication = getAuthentication();
if (authentication != null && messageToBeFiltered.getOrcidProfile() != null) {
permissionChecker.checkPermissions(getAuthentication(), ScopePathType.EMAIL_READ_PRIVATE, messageToBeFiltered.getOrcidProfile().retrieveOrcidPath());
decision = TreeCleaningDecision.IGNORE;
}
} catch (AccessControlException e) {
// private email can't be read, do nothing here
}
}
// that implements PrivateVisibleToSource
if (sourceId != null)
if (PrivateVisibleToSource.class.isAssignableFrom(clazz) && visibilitySet.contains(Visibility.LIMITED)) {
Source source = ((PrivateVisibleToSource) obj).getSource();
if (source != null) {
if (sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
if (TreeCleaningDecision.DEFAULT.equals(decision)) {
if (WorkContributors.class.isAssignableFrom(clazz)) {
decision = TreeCleaningDecision.IGNORE;
} else if (VisibilityType.class.isAssignableFrom(clazz)) {
VisibilityType visibilityType = (VisibilityType) obj;
if ((visibilityType.getVisibility() == null || !visibilitySet.contains(visibilityType.getVisibility()))) {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
}
}
}
}
return decision;
}
});
OrcidProfile orcidProfile = messageToBeFiltered.getOrcidProfile();
if (orcidProfile != null) {
orcidProfile.setOrcidInternal(null);
}
LOGGER.debug("Finished filtering message: " + messageIdForLog);
return messageToBeFiltered;
}
}
use of org.orcid.jaxb.model.message.Visibility in project ORCID-Source by ORCID.
the class OrcidApiAuthorizationSecurityAspect method visibilityResponseFilter.
@AfterReturning(pointcut = "@annotation(accessControl)", returning = "response")
public void visibilityResponseFilter(Response response, AccessControl accessControl) {
if (accessControl.requestComesFromInternalApi()) {
return;
}
Object entity = response.getEntity();
if (entity != null && OrcidMessage.class.isAssignableFrom(entity.getClass())) {
OrcidMessage orcidMessage = (OrcidMessage) entity;
//If it is search results, don't filter them, just return them
if (orcidMessage.getOrcidSearchResults() != null) {
return;
}
// get the client id
Object authentication = getAuthentication();
Set<Visibility> visibilities = new HashSet<Visibility>();
if (allowAnonymousAccess((Authentication) authentication, accessControl)) {
visibilities.add(Visibility.PUBLIC);
} else {
visibilities = permissionChecker.obtainVisibilitiesForAuthentication(getAuthentication(), accessControl.requiredScope(), orcidMessage);
}
//If the message contains a bio, and the given name is filtered, restore it as an empty space
boolean setEmptyGivenNameIfFiltered = false;
if (orcidMessage.getOrcidProfile() != null) {
if (orcidMessage.getOrcidProfile() != null && orcidMessage.getOrcidProfile().getOrcidBio() != null) {
setEmptyGivenNameIfFiltered = true;
}
}
ScopePathType requiredScope = accessControl.requiredScope();
// If the required scope is */read-limited or */update
if (isUpdateOrReadScope(requiredScope)) {
// if it should be able to
if (OrcidOAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OrcidOAuth2Authentication orcidAuth = (OrcidOAuth2Authentication) getAuthentication();
OAuth2Request authorization = orcidAuth.getOAuth2Request();
String clientId = authorization.getClientId();
// #1: Get the user orcid
String userOrcid = getUserOrcidFromOrcidMessage(orcidMessage);
// #2: Evaluate the scope to know which field to filter
boolean allowWorks = false;
boolean allowFunding = false;
boolean allowAffiliations = false;
// Get the update equivalent scope, if it is reading, but,
// doesnt have the read permissions, check if it have the
// update permissions
ScopePathType equivalentUpdateScope = getEquivalentUpdateScope(requiredScope);
if (requiredScope.equals(ScopePathType.READ_LIMITED)) {
if (hasScopeEnabled(clientId, userOrcid, ScopePathType.ORCID_WORKS_READ_LIMITED.getContent(), ScopePathType.ORCID_WORKS_UPDATE.getContent()))
allowWorks = true;
if (hasScopeEnabled(clientId, userOrcid, ScopePathType.FUNDING_READ_LIMITED.getContent(), ScopePathType.FUNDING_UPDATE.getContent()))
allowFunding = true;
if (hasScopeEnabled(clientId, userOrcid, ScopePathType.AFFILIATIONS_READ_LIMITED.getContent(), ScopePathType.AFFILIATIONS_UPDATE.getContent()))
allowAffiliations = true;
} else if (requiredScope.equals(ScopePathType.ORCID_WORKS_UPDATE) || requiredScope.equals(ScopePathType.ORCID_WORKS_READ_LIMITED)) {
// works
if (hasScopeEnabled(clientId, userOrcid, requiredScope.getContent(), equivalentUpdateScope == null ? null : equivalentUpdateScope.getContent()))
// If so, allow him to see private works
allowWorks = true;
} else if (requiredScope.equals(ScopePathType.FUNDING_UPDATE) || requiredScope.equals(ScopePathType.FUNDING_READ_LIMITED)) {
// funding
if (hasScopeEnabled(clientId, userOrcid, requiredScope.getContent(), equivalentUpdateScope == null ? null : equivalentUpdateScope.getContent()))
// If so, allow him to see private funding
allowFunding = true;
} else if (requiredScope.equals(ScopePathType.AFFILIATIONS_UPDATE) || requiredScope.equals(ScopePathType.AFFILIATIONS_READ_LIMITED)) {
// affiliations
if (hasScopeEnabled(clientId, userOrcid, requiredScope.getContent(), equivalentUpdateScope == null ? null : equivalentUpdateScope.getContent()))
// If so, allow him to see private affiliations
allowAffiliations = true;
}
visibilityFilter.filter(orcidMessage, clientId, allowWorks, allowFunding, allowAffiliations, visibilities.toArray(new Visibility[visibilities.size()]));
} else {
visibilityFilter.filter(orcidMessage, null, false, false, false, visibilities.toArray(new Visibility[visibilities.size()]));
}
} else {
visibilityFilter.filter(orcidMessage, null, false, false, false, visibilities.toArray(new Visibility[visibilities.size()]));
}
//If the given name was set at the beginning and now is filtered, it means we should restore it as an empty field
if (setEmptyGivenNameIfFiltered) {
if (orcidMessage.getOrcidProfile() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio() == null) {
orcidMessage.getOrcidProfile().setOrcidBio(new OrcidBio());
}
if (orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails() == null) {
orcidMessage.getOrcidProfile().getOrcidBio().setPersonalDetails(new PersonalDetails());
}
}
}
//Filter given or family names visibility
if (orcidMessage.getOrcidProfile() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().getGivenNames() != null) {
orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().getGivenNames().setVisibility(null);
} else {
//Null given names could break client integrations, so, lets return an empty string
GivenNames empty = new GivenNames();
empty.setContent(StringUtils.EMPTY);
orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().setGivenNames(empty);
}
if (orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().getFamilyName() != null) {
orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().getFamilyName().setVisibility(null);
}
}
}
}
//replace section visibilities now we may have filtered items
if (orcidMessage.getOrcidProfile() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio() != null) {
if (orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails() != null) {
OtherNames n = orcidMessage.getOrcidProfile().getOrcidBio().getPersonalDetails().getOtherNames();
if (n != null) {
n.setVisibility(getMostFromCollection(n.getOtherName()));
}
}
ExternalIdentifiers ids = orcidMessage.getOrcidProfile().getOrcidBio().getExternalIdentifiers();
if (ids != null) {
ids.setVisibility(getMostFromCollection(ids.getExternalIdentifier()));
}
Keywords kws = orcidMessage.getOrcidProfile().getOrcidBio().getKeywords();
if (kws != null) {
kws.setVisibility(getMostFromCollection(kws.getKeyword()));
}
ResearcherUrls urls = orcidMessage.getOrcidProfile().getOrcidBio().getResearcherUrls();
if (urls != null) {
urls.setVisibility(getMostFromCollection(urls.getResearcherUrl()));
}
}
}
}
}
use of org.orcid.jaxb.model.message.Visibility in project ORCID-Source by ORCID.
the class Jaxb2JpaAdapterImpl method setBiographyDetails.
private void setBiographyDetails(ProfileEntity profileEntity, Biography biography) {
if (biography != null) {
Visibility defaultVisibility = profileEntity.getActivitiesVisibilityDefault() == null ? OrcidVisibilityDefaults.BIOGRAPHY_DEFAULT.getVisibility() : Visibility.fromValue(profileEntity.getActivitiesVisibilityDefault().value());
if (profileEntity.getBiographyEntity() == null) {
profileEntity.setBiographyEntity(new BiographyEntity());
profileEntity.getBiographyEntity().setProfile(profileEntity);
}
profileEntity.getBiographyEntity().setBiography(biography.getContent());
if (profileEntity.getClaimed() == null || !profileEntity.getClaimed()) {
if (biography.getVisibility() != null) {
profileEntity.getBiographyEntity().setVisibility(org.orcid.jaxb.model.common_v2.Visibility.fromValue(biography.getVisibility().value()));
} else {
profileEntity.getBiographyEntity().setVisibility(org.orcid.jaxb.model.common_v2.Visibility.fromValue(defaultVisibility.value()));
}
}
//Fill the visibility in case it is still null
if (profileEntity.getBiographyEntity().getVisibility() == null) {
profileEntity.getBiographyEntity().setVisibility(org.orcid.jaxb.model.common_v2.Visibility.fromValue(defaultVisibility.value()));
}
}
}
Aggregations