Moved user-group retrieval API to UserGroupAdminController
Also changed the service path URL of UserGroupAdminController to
admin/group
Change-Id: I88dc3118d0fcb49d3fa0305f630d0eae0396159d
diff --git a/full/Changes b/full/Changes
index a963c45..94a3963 100644
--- a/full/Changes
+++ b/full/Changes
@@ -16,7 +16,9 @@
2023-02-10
- Use admin filter instead of OAuth2 ADMIN scope
- Added a plugin test.
-
+2023-02-15
+- Moved user-group retrieval API to UserGroupAdminController
+ and changed the service path URL of UserGroupAdminController.
# version 0.69.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java b/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
index 51aa1c0..92f69c3 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
@@ -551,20 +551,12 @@
groupMemberDao.deleteMember(member, deletedBy, isSoftDelete);
}
- public UserGroupDto searchByName (String username, String groupName)
+ public UserGroupDto searchByName (String groupName)
throws KustvaktException {
- if (adminDao.isAdmin(username)) {
- UserGroup userGroup =
- userGroupDao.retrieveGroupByName(groupName, true);
- UserGroupDto groupDto = converter.createUserGroupDto(userGroup,
- userGroup.getMembers(), null, null);
- return groupDto;
- }
- else {
- throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
- "Unauthorized operation for user: " + username, username);
- }
-
+ UserGroup userGroup = userGroupDao.retrieveGroupByName(groupName, true);
+ UserGroupDto groupDto = converter.createUserGroupDto(userGroup,
+ userGroup.getMembers(), null, null);
+ return groupDto;
}
public void editMemberRoles (String username, String groupName,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupAdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupAdminController.java
index c881cb9..6a5f146 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupAdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupAdminController.java
@@ -6,6 +6,7 @@
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
@@ -22,7 +23,7 @@
import de.ids_mannheim.korap.web.utils.ResourceFilters;
@Controller
-@Path("{version}/group/admin")
+@Path("{version}/admin/group")
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
@ResourceFilters({ APIVersionFilter.class, AdminFilter.class })
public class UserGroupAdminController {
@@ -60,5 +61,27 @@
throw kustvaktResponseHandler.throwit(e);
}
}
+
+ /**
+ * Retrieves a specific user-group. Only system admins are
+ * allowed.
+ *
+ * @param securityContext
+ * @param groupName
+ * group name
+ * @return a user-group
+ */
+ @POST
+ @Path("@{groupName}")
+ public UserGroupDto retrieveUserGroup (
+ @PathParam("groupName") String groupName) {
+ try {
+ return service.searchByName(groupName);
+ }
+ catch (KustvaktException e) {
+ throw kustvaktResponseHandler.throwit(e);
+ }
+
+ }
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
index cf16395..4cd48e5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
@@ -29,7 +29,6 @@
import de.ids_mannheim.korap.service.UserGroupService;
import de.ids_mannheim.korap.web.KustvaktResponseHandler;
import de.ids_mannheim.korap.web.filter.APIVersionFilter;
-import de.ids_mannheim.korap.web.filter.AdminFilter;
import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
import de.ids_mannheim.korap.web.filter.BlockingFilter;
import de.ids_mannheim.korap.web.filter.PiwikFilter;
@@ -87,33 +86,6 @@
}
}
-
- /**
- * Retrieves a specific user-group. Only system admins are
- * allowed.
- *
- * @param securityContext
- * @param groupName
- * group name
- * @return a user-group
- */
- @GET
- @Path("@{groupName}")
- @ResourceFilters({ APIVersionFilter.class, AdminFilter.class })
- public UserGroupDto retrieveUserGroup (
- @Context SecurityContext securityContext,
- @PathParam("groupName") String groupName) {
- TokenContext context =
- (TokenContext) securityContext.getUserPrincipal();
- try {
- return service.searchByName(context.getUsername(), groupName);
- }
- catch (KustvaktException e) {
- throw kustvaktResponseHandler.throwit(e);
- }
-
- }
-
/**
* Creates a user group with the group owner as the only group
* member. The group owner is the authenticated user in the token
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
index 354f6f9..33d6532 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
@@ -55,8 +55,8 @@
f.param("username", "dory");
f.param("token", "secret");
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED)
.post(Entity.form(f));
@@ -97,8 +97,8 @@
Form f = new Form();
f.param("username", "dory");
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue(testUser, "pass"))
@@ -117,8 +117,8 @@
f.param("username", "dory");
f.param("status", "ACTIVE");
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.queryParam("username", "dory").queryParam("status", "ACTIVE")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
@@ -152,8 +152,8 @@
@Test
public void testListByStatusAll () throws
ProcessingException, KustvaktException {
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue(sysAdminUser, "pass"))
@@ -179,8 +179,8 @@
Form f = new Form();
f.param("status", "HIDDEN");
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.queryParam("status", "HIDDEN")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
@@ -313,13 +313,14 @@
private JsonNode retrieveGroup (String groupName)
throws ProcessingException,
KustvaktException {
- Response response = target().path(API_VERSION).path("group")
- .path("@" + groupName)
- .request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue(sysAdminUser, "pass"))
+ Response response = target().path(API_VERSION).path("admin")
+ .path("group").path("@" + groupName).request()
+ .header(Attributes.AUTHORIZATION,
+ HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(
+ sysAdminUser, "pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .get();
+ .post(null);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
index 853d5cc..3b6bc5f 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
@@ -387,8 +387,8 @@
// EM: this is so complicated because the group retrieval are not allowed
// for delete groups
// check group
- response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue(admin, "pass"))
@@ -793,13 +793,12 @@
private void checkGroupMemberRole (String groupName, String deletedMemberName)
throws KustvaktException {
- Response response = target().path(API_VERSION).path("group")
- .path("@"+groupName)
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("@"+groupName)
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue(admin, "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .get();
+ .post(null);
String entity = response.readEntity(String.class);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VCReferenceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VCReferenceTest.java
index baeed7c..fe2c1df 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VCReferenceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VCReferenceTest.java
@@ -228,8 +228,8 @@
f.param("status", "HIDDEN");
// check dory in the hidden group of the vc
- response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue("admin", "pass"))
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index c764225..3730e82 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -226,8 +226,8 @@
Form f = new Form();
f.param("status", "HIDDEN");
// check gill in the hidden group of the vc
- Response response = target().path(API_VERSION).path("group")
- .path("admin").path("list")
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("list")
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue("admin", "pass"))
@@ -404,13 +404,13 @@
private JsonNode testCheckHiddenGroup (String groupName)
throws ProcessingException,
KustvaktException {
- Response response = target().path(API_VERSION).path("group")
- .path("@"+groupName)
+ Response response = target().path(API_VERSION)
+ .path("admin").path("group").path("@"+groupName)
.request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue("admin", "pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .get();
+ .post(null);
String entity = response.readEntity(String.class);
return JsonUtils.readTree(entity);