From 5c0e66776edbb1a6488bd9c0bd4576c12960dffe Mon Sep 17 00:00:00 2001 From: gcolon021 Date: Fri, 25 Aug 2023 15:27:12 -0400 Subject: [PATCH] [ALS-4793] Attempt to fix user roles --- .../auth/data/repository/UserRepository.java | 21 +++++++++---------- .../dbmi/avillach/auth/rest/UserService.java | 5 ++++- .../auth/OpenAuthenticationService.java | 4 ++-- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java index b7a65669e..2539e91bd 100644 --- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java +++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/data/repository/UserRepository.java @@ -190,18 +190,17 @@ public User createOpenAccessUser() { User user = new User(); em().persist(user); - User result = getById(user.getUuid()); - result.setSubject("open_access|" + result.getUuid().toString()); - result.setRoles(new HashSet<>()); - result.setEmail(user.getUuid() + "@open_access.com"); + user = getById(user.getUuid()); + user.setSubject("open_access|" + user.getUuid().toString()); user.setRoles(new HashSet<>()); - em().merge(result); + user.setEmail(user.getUuid() + "@open_access.com"); + em().merge(user); - logger.info("createOpenAccessUser() created user, uuid: " + result.getUuid() - + ", subject: " + result.getSubject() - + ", role: " + result.getRoleString() - + ", privilege: "+ result.getPrivilegeString() - + ", email: " + result.getEmail()); - return result; + logger.info("createOpenAccessUser() created user, uuid: " + user.getUuid() + + ", subject: " + user.getSubject() + + ", role: " + user.getRoleString() + + ", privilege: "+ user.getPrivilegeString() + + ", email: " + user.getEmail()); + return user; } } diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java index 8d1806a92..e6b775af1 100644 --- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java +++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/UserService.java @@ -281,7 +281,8 @@ public Response getCurrentUser( .setPrivileges(user.getPrivilegeNameSet()) .setUuid(user.getUuid().toString()) .setAcceptedTOS(true); //FENCE only returns valid users who have agreed to their terms - + + logger.debug("getCurrentUser() userForDisplay: " + userForDisplay.toString()); // currently, the queryScopes are simple combination of queryScope string together as a set. // We are expecting the queryScope string as plain string. If it is a JSON, we could change the @@ -313,6 +314,8 @@ public Response getCurrentUser( } } + logger.debug("getCurrentUser() returning userForDisplay: " + userForDisplay.toString()); + return PICSUREResponse.success(userForDisplay); } diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java index bffacecc5..ffbca8e6e 100644 --- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java +++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java @@ -61,8 +61,8 @@ public Response authenticate(Map authRequest) { } private void setDefaultUserRoles(User current_user) { - fenceAuthenticationService.upsertRole(current_user, "FENCE_PRIV_OPEN_ACCESS", null); - fenceAuthenticationService.upsertRole(current_user, "FENCE_PRIV_DICTIONARY", null); + logger.info("Setting default roles for user " + current_user.getUuid()); + fenceAuthenticationService.upsertRole(current_user, "FENCE_ROLE_OPEN_ACCESS", null); userRepository.persist(current_user); } }