protected void init(Model model, final String pluginId) { languageCode = LocaleContextHolder.getLocale().getLanguage(); model.addAttribute("baseUrl", getBaseUrl(pluginId)); model.addAttribute("lng", this.languageCode); model.addAttribute("fallbackLng", appSettings.getLanguageCode()); model.addAttribute("isSuperUser", userAccountService.getCurrentUser().isSuperuser()); }
@GetMapping public String init(Model model) { model.addAttribute( "users", Lists.newArrayList( getUsers() .stream() .filter( user -> { Boolean superuser = user.isSuperuser(); return superuser == null || !superuser; }) .collect(Collectors.toList()))); model.addAttribute("roles", getRoles()); model.addAttribute("entityTypes", getEntityTypeDtos()); return "view-permissionmanager"; }
@RunAsSystem public Collection<? extends GrantedAuthority> getAuthorities(User user) { Set<GrantedAuthority> authorities = new LinkedHashSet<>(); if (user.isSuperuser() != null && user.isSuperuser()) { authorities.add(new SimpleGrantedAuthority(SecurityUtils.AUTHORITY_SU)); } if (user.getUsername().equals(SecurityUtils.ANONYMOUS_USERNAME)) { authorities.add(new SimpleGrantedAuthority(SecurityUtils.AUTHORITY_ANONYMOUS)); } else { authorities.add(new SimpleGrantedAuthority(AUTHORITY_USER)); } dataService .query(ROLE_MEMBERSHIP, RoleMembership.class) .eq(USER, user) .findAll() .filter(RoleMembership::isCurrent) .map(RoleMembership::getRole) .map(Role::getName) .map(SidUtils::createRoleAuthority) .map(SimpleGrantedAuthority::new) .forEach(authorities::add); return grantedAuthoritiesMapper.mapAuthorities(authorities); } }
@PostMapping("/threshold/{sortaJobExecutionId}") public String updateThreshold( @RequestParam(value = "threshold") String threshold, @PathVariable String sortaJobExecutionId, Model model) { if (!StringUtils.isEmpty(threshold)) { SortaJobExecution sortaJobExecution = findSortaJobExecution(sortaJobExecutionId); try { User currentUser = userAccountService.getCurrentUser(); if (currentUser.isSuperuser() || Objects.equal(sortaJobExecution.getUser().get(), currentUser.getUsername())) { RunAsSystemAspect.runAsSystem( () -> { Double thresholdValue = Double.parseDouble(threshold); sortaJobExecution.setThreshold(thresholdValue); dataService.update(SORTA_JOB_EXECUTION, sortaJobExecution); }); } } catch (NumberFormatException e) { model.addAttribute(MODEL_KEY_MESSAGE, threshold + " is illegal threshold value!"); } catch (Exception other) { model.addAttribute(MODEL_KEY_MESSAGE, "Error updating threshold: " + other.getMessage()); } } return matchResult(sortaJobExecutionId, model); }
@PostMapping("/delete/{sortaJobExecutionId}") @ResponseStatus(value = HttpStatus.OK) public String deleteResult( @PathVariable("sortaJobExecutionId") String sortaJobExecutionId, Model model) { SortaJobExecution sortaJobExecution = findSortaJobExecution(sortaJobExecutionId); if (sortaJobExecution != null) { User currentUser = userAccountService.getCurrentUser(); if (currentUser.isSuperuser() || Objects.equal(sortaJobExecution.getUser().get(), currentUser.getUsername())) { RunAsSystemAspect.runAsSystem( () -> dataService.deleteById(SORTA_JOB_EXECUTION, sortaJobExecution.getIdentifier())); tryDeleteRepository(sortaJobExecution.getResultEntityName()); tryDeleteRepository(sortaJobExecution.getSourceEntityName()); } } return init(model); }
@GetMapping(value = "/latest", produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List<Entity> findLastJobs() { final List<Entity> jobs = new ArrayList<>(); Instant weekAgo = Instant.now().minus(7, ChronoUnit.DAYS).truncatedTo(ChronoUnit.DAYS); User currentUser = userAccountService.getCurrentUser(); dataService .getMeta() .getEntityTypes() .filter(this::isAllowedJobExecutionEntityType) .forEach( e -> { Query<Entity> q = dataService.query(e.getId()).ge(JobExecutionMetaData.SUBMISSION_DATE, weekAgo); if (!currentUser.isSuperuser()) { q.and().eq(USER, currentUser.getUsername()); } dataService.findAll(e.getId(), q).forEach(jobs::add); }); jobs.sort( (job1, job2) -> job2.getInstant(SUBMISSION_DATE).compareTo(job1.getInstant(SUBMISSION_DATE))); if (jobs.size() > MAX_JOBS_TO_RETURN) { return jobs.subList(0, MAX_JOBS_TO_RETURN); } return jobs; }
UserViewData(User mu) { this(mu.getId(), mu.getUsername()); firstName = (null == mu.getFirstName() ? "" : mu.getFirstName()); middleName = (null == mu.getMiddleNames() ? "" : mu.getMiddleNames()); lastName = (null == mu.getLastName() ? "" : mu.getLastName()); fullName = firstName + ' ' + middleName + ' ' + lastName; this.active = mu.isActive(); this.superuser = mu.isSuperuser(); }