Removed admin & owner restriction on client info access.
Removed registered_by and restrict registration_date to admin/owner-
only.
Change-Id: Ib909ec3b30d6f15294ee7ac58e4b33e445b434a9
diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java b/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
index 6f45900..0fca60a 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
@@ -47,10 +47,6 @@
private boolean isPermitted;
private JsonNode source;
- public OAuth2ClientInfoDto (OAuth2Client client) throws KustvaktException {
- this(client,true);
- }
-
public OAuth2ClientInfoDto (OAuth2Client client, boolean showAllInfo) throws KustvaktException {
this.setClientId(client.getId());
this.setClientName(client.getName());
@@ -65,7 +61,7 @@
if (showAllInfo) {
this.setSuper(client.isSuper());
this.setRedirect_uri(client.getRedirectURI());
- this.setRegisteredBy(client.getRegisteredBy());
+// this.setRegisteredBy(client.getRegisteredBy());
ZonedDateTime registrationDate = client.getRegistrationDate();
if (registrationDate != null) {
this.setRegistrationDate(registrationDate.toString());
@@ -93,13 +89,13 @@
this.isSuper = isSuper;
}
- public String getRegisteredBy () {
- return registeredBy;
- }
-
- public void setRegisteredBy (String registeredBy) {
- this.registeredBy = registeredBy;
- }
+// public String getRegisteredBy () {
+// return registeredBy;
+// }
+//
+// public void setRegisteredBy (String registeredBy) {
+// this.registeredBy = registeredBy;
+// }
public String getClientId () {
return clientId;
diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index d6feae2..ed68d5d 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -341,22 +341,23 @@
return clientDao.retrieveClientById(clientId);
}
+ // client info is available for all users but only via super client
public OAuth2ClientInfoDto retrieveClientInfo (String clientId, String username)
throws KustvaktException {
OAuth2Client client = clientDao.retrieveClientById(clientId);
- // all client info is only available to the owner/admin
- if (adminDao.isAdmin(username)
- || username.equals(client.getRegisteredBy())) {
- return new OAuth2ClientInfoDto(client);
+ boolean showAllInfo = false;
+ if (isPlugin(client)) {
+ return new OAuth2ClientInfoDto(client, showAllInfo);
}
- // plugin info is available for all users inclusive guest
- else if (isPlugin(client)) {
- return new OAuth2ClientInfoDto(client, false);
- }
else {
- throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
- "Unauthorized operation for user: " + username, username);
+ if (client.getRegisteredBy().equals(username) ||
+ adminDao.isAdmin(username)) {
+ showAllInfo = true;
+ }
+ return new OAuth2ClientInfoDto(client, showAllInfo);
+// throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
+// "Unauthorized operation for user: " + username, username);
}
}