FAIRSPC-82: got rid of PermissionService

thehyve · Oct 11, 2024 · 41d5807 · 41d5807
1 parent c8217f6
commit 41d5807
Show file tree

Hide file tree

Showing 5 changed files with 155 additions and 21 deletions.
diff --git a/projects/saturn/src/main/java/io/fairspace/saturn/auth/PermissionService.java b/projects/saturn/src/main/java/io/fairspace/saturn/auth/PermissionService.java
diff --git a/projects/saturn/src/main/java/io/fairspace/saturn/config/ViewsConfig.java b/projects/saturn/src/main/java/io/fairspace/saturn/config/ViewsConfig.java
@@ -119,6 +119,7 @@ public static class Column {
             public Integer displayIndex = Integer.MAX_VALUE;
 
             public String rdfType;
+
             public int priority;
         }
 

diff --git a/projects/saturn/src/main/java/io/fairspace/saturn/config/ViewsConfigProperties.java b/projects/saturn/src/main/java/io/fairspace/saturn/config/ViewsConfigProperties.java
@@ -0,0 +1,139 @@
+package io.fairspace.saturn.config;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonSetter;
+import com.fasterxml.jackson.annotation.JsonValue;
+import com.fasterxml.jackson.annotation.Nulls;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.stereotype.Component;
+
+@Component
+@PropertySource("classpath:views.yaml")
+public class ViewsConfigProperties {
+
+    //    private Map<String, View> nameToViewConfigMap;
+
+    public List<View> views = new ArrayList<>();
+
+    public enum ColumnType {
+        Text,
+        Set,
+        Term,
+        TermSet,
+        Number,
+        Date,
+        Boolean,
+        Identifier;
+
+        public boolean isSet() {
+            return this == Set || this == TermSet;
+        }
+
+        @JsonValue
+        public String getName() {
+            return this.name();
+        }
+
+        private static final Map<String, ColumnType> mapping = new HashMap<>();
+
+        static {
+            for (ColumnType type : values()) {
+                mapping.put(type.name().toLowerCase(), type);
+            }
+        }
+
+        @JsonCreator
+        public static ColumnType forName(String name) {
+            if (name == null) {
+                return null;
+            }
+            name = name.toLowerCase();
+            if (!mapping.containsKey(name)) {
+                throw new IllegalArgumentException("Unknown column type: " + name);
+            }
+            return mapping.get(name);
+        }
+    }
+
+    public static class View {
+        /**
+         * The view name.
+         */
+        @NotBlank
+        public String name;
+        /**
+         * The view title.
+         */
+        @NotBlank
+        public String title;
+        /**
+         * The name of the items that appear as rows.
+         */
+        public String itemName;
+        /**
+         * The max count value to be requested for a view total count.
+         * If total count is greater than this max value, the total count value will look like 'more than 1000' on FE.
+         * This is to prevent performance issues when the total count is too large.
+         */
+        public Long maxDisplayCount;
+        /**
+         * The URLs of the types of entities that should be indexed in this view.
+         */
+        @JsonSetter(nulls = Nulls.AS_EMPTY)
+        public List<String> types;
+        /**
+         * Specifies which other views (and which columns) to embed in this view.
+         */
+        @JsonSetter(nulls = Nulls.AS_EMPTY)
+        public List<JoinView> join;
+        /**
+         * The columns of the view, not including columns from joined views.
+         */
+        @JsonSetter(nulls = Nulls.AS_EMPTY)
+        public List<Column> columns;
+
+        public static class Column {
+            @NotBlank
+            public String name;
+
+            @NotBlank
+            public String title;
+
+            @NotNull
+            public ColumnType type;
+
+            @NotBlank
+            public String source;
+            // displayIndex determines the order of columns on the view page.
+            @NotNull
+            public Integer displayIndex = Integer.MAX_VALUE;
+
+            public String rdfType;
+
+            public int priority;
+        }
+
+        public static class JoinView {
+            @NotBlank
+            public String view;
+
+            @NotBlank
+            public String on;
+
+            public boolean reverse = false;
+
+            @JsonSetter(nulls = Nulls.AS_EMPTY)
+            public List<String> include;
+            // displayIndex determines the order of columns on the view page, for joinView it is the column displaying
+            // the related entity
+            public Integer displayIndex = Integer.MAX_VALUE;
+        }
+    }
+}
diff --git a/projects/saturn/src/main/java/io/fairspace/saturn/controller/SparqlController.java b/projects/saturn/src/main/java/io/fairspace/saturn/controller/SparqlController.java
@@ -2,14 +2,15 @@
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import io.fairspace.saturn.config.Services;
 import io.fairspace.saturn.controller.validation.ValidSparqlReadQuery;
+import io.fairspace.saturn.services.AccessDeniedException;
 import io.fairspace.saturn.services.views.SparqlQueryService;
 
 @RestController
@@ -20,15 +21,22 @@ public class SparqlController {
 
     private final SparqlQueryService sparqlQueryService;
 
+    private final Services services;
+
     /**
      * Execute a read-only SPARQL query.
      *
      * @param sparqlQuery the SPARQL query
      * @return the result of the query (JSON)
      */
     @PostMapping(value = "/query", consumes = "application/sparql-query", produces = "application/json")
-    @PreAuthorize("@permissionService.hasMetadataQueryPermission()")
+    // todo: uncomment the line below and remove the metadataPermissions.hasMetadataQueryPermission() call once
+    //  the MetadataPermissions is available in the IoC container
+    //  @PreAuthorize("@metadataPermissions.hasMetadataQueryPermission()")
     public ResponseEntity<String> executeSparqlQuery(@ValidSparqlReadQuery @RequestBody String sparqlQuery) {
+        if (!services.getMetadataPermissions().hasMetadataQueryPermission()) {
+            throw new AccessDeniedException("You do not have permission to execute SPARQL queries.");
+        }
         var json = sparqlQueryService.executeQuery(sparqlQuery);
         return ResponseEntity.ok(json);
     }

diff --git a/projects/saturn/src/main/java/io/fairspace/saturn/services/metadata/MetadataPermissions.java b/projects/saturn/src/main/java/io/fairspace/saturn/services/metadata/MetadataPermissions.java
@@ -53,4 +53,9 @@ public boolean canWriteMetadata(Resource resource) {
         }
         return userService.currentUser().isCanAddSharedMetadata();
     }
+
+    public boolean hasMetadataQueryPermission() {
+        var user = userService.currentUser();
+        return user != null && user.isCanQueryMetadata();
+    }
 }