[ALS-4793] Attempt to fix user roles

hms-dbmi · Aug 25, 2023 · 5c0e667 · 5c0e667
1 parent 32d3ec0
commit 5c0e667
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 14 deletions.
diff --git a/...ices/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java b/...ices/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java
@@ -190,18 +190,17 @@ public User createOpenAccessUser() {
 		User user = new User();
 		em().persist(user);
 
-		User result = getById(user.getUuid());
-		result.setSubject("open_access|" + result.getUuid().toString());
-		result.setRoles(new HashSet<>());
-		result.setEmail(user.getUuid() + "@open_access.com");
+		user = getById(user.getUuid());
+		user.setSubject("open_access|" + user.getUuid().toString());
 		user.setRoles(new HashSet<>());
-		em().merge(result);
+		user.setEmail(user.getUuid() + "@open_access.com");
+		em().merge(user);
 
-		logger.info("createOpenAccessUser() created user, uuid: " + result.getUuid()
-				+ ", subject: " + result.getSubject()
-				+ ", role: " + result.getRoleString()
-				+ ", privilege: "+ result.getPrivilegeString()
-				+ ", email: " + result.getEmail());
-		return result;
+		logger.info("createOpenAccessUser() created user, uuid: " + user.getUuid()
+				+ ", subject: " + user.getSubject()
+				+ ", role: " + user.getRoleString()
+				+ ", privilege: "+ user.getPrivilegeString()
+				+ ", email: " + user.getEmail());
+		return user;
 	}
 }
diff --git a/...sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java b/...sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java
@@ -281,7 +281,8 @@ public Response getCurrentUser(
                 .setPrivileges(user.getPrivilegeNameSet())
                 .setUuid(user.getUuid().toString())
                 .setAcceptedTOS(true);  //FENCE only returns valid users who have agreed to their terms
-
+
+        logger.debug("getCurrentUser() userForDisplay: " + userForDisplay.toString());
 
         // currently, the queryScopes are simple combination of queryScope string together as a set.
         // We are expecting the queryScope string as plain string. If it is a JSON, we could change the
@@ -313,6 +314,8 @@ public Response getCurrentUser(
             }
         }
 
+        logger.debug("getCurrentUser() returning userForDisplay: " + userForDisplay.toString());
+
         return PICSUREResponse.success(userForDisplay);
     }
 

diff --git a/.../main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java b/.../main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java
@@ -61,8 +61,8 @@ public Response authenticate(Map<String, String> authRequest) {
     }
 
     private void setDefaultUserRoles(User current_user) {
-        fenceAuthenticationService.upsertRole(current_user, "FENCE_PRIV_OPEN_ACCESS", null);
-        fenceAuthenticationService.upsertRole(current_user, "FENCE_PRIV_DICTIONARY", null);
+        logger.info("Setting default roles for user " + current_user.getUuid());
+        fenceAuthenticationService.upsertRole(current_user, "FENCE_ROLE_OPEN_ACCESS", null);
         userRepository.persist(current_user);
     }
 }