Skip to content
Snippets Groups Projects
Commit eb874a94 authored by Petar Hristov's avatar Petar Hristov :speech_balloon:
Browse files

New: Added Guest Role

parent 467aff41
No related branches found
No related tags found
1 merge request!233New: Added Guest Role
......@@ -87,7 +87,7 @@ namespace Coscine.Api.Project.Controllers
public ActionResult<IEnumerable<ProjectObject>> GetTopLevelProjects()
{
var user = _authenticator.GetUser();
var projects = _projectModel.GetTopLevelWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
var projects = _projectModel.GetTopLevelWithAccess(user, UserRoles.Member, UserRoles.Owner, UserRoles.Guest).ToList()
.Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
.OrderBy(element => element.DisplayName);
......@@ -109,13 +109,19 @@ namespace Coscine.Api.Project.Controllers
{
var user = _authenticator.GetUser();
var project = _projectModel.GetById(id);
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Coscine Basis: View Projects
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner, UserRoles.Guest))
{
var subProjectModel = new SubProjectModel();
var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id && !project.Deleted);
var parentProjectRelation = subProjectRel.FirstOrDefault();
if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Subprojects (no inheritance, invited seperately)
if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner, UserRoles.Guest))
{
return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
}
......@@ -137,13 +143,19 @@ namespace Coscine.Api.Project.Controllers
{
var user = _authenticator.GetUser();
var project = _projectModel.GetBySlug(slug);
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Coscine Basis: View Projects // Project: View Subprojects (no inheritance, invited seperately)
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner, UserRoles.Guest))
{
var subProjectModel = new SubProjectModel();
var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id && !project.Deleted);
var parentProjectRelation = subProjectRel.FirstOrDefault();
if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Coscine Basis: View Projects // Project: View Subprojects (no inheritance, invited seperately)
if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner, UserRoles.Guest))
{
return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
}
......@@ -168,7 +180,10 @@ namespace Coscine.Api.Project.Controllers
var resourceModel = new ResourceModel();
var resourceTypeModel = new ResourceTypeModel();
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Resource: View Resource (RCV, Metadatamanager)
if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner, UserRoles.Guest))
{
var resources = resourceModel.GetAllWhere((resource) =>
(from projectResource in resource.ProjectResources
......@@ -199,6 +214,9 @@ namespace Coscine.Api.Project.Controllers
{
var user = _authenticator.GetUser();
var project = _projectModel.GetById(id);
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (_projectModel.HasAccess(user, project, UserRoles.Owner))
{
LogAnalyticsEditProject(project, _projectModel.GetMetadataCompleteness(projectObject), projectObject.Disciplines, projectObject.Organizations, user);
......@@ -220,6 +238,9 @@ namespace Coscine.Api.Project.Controllers
{
var user = _authenticator.GetUser();
var project = _projectModel.GetById(id);
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (_projectModel.HasAccess(user, project, UserRoles.Owner))
{
var projectObject = _projectModel.CreateReturnObjectFromDatabaseObject(_projectModel.GetById(project.Id));
......@@ -339,8 +360,11 @@ namespace Coscine.Api.Project.Controllers
{
var user = _authenticator.GetUser();
if (projectObject.ParentId != new Guid()
&& !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Member, UserRoles.Owner))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Create Subprojects
var isUserAllowedToCreateSubProjects = _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Member, UserRoles.Owner);
if (projectObject.ParentId != new Guid() && !isUserAllowedToCreateSubProjects)
{
return Unauthorized("User is not allowed to create SubProjects.");
}
......@@ -360,9 +384,7 @@ namespace Coscine.Api.Project.Controllers
var project = _projectModel.StoreFromObject(projectObject, user, projectQuotas);
if (projectObject.ParentId != new Guid()
// Both an owner and a member can add subprojects to projects
&& _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Member, UserRoles.Owner))
if (projectObject.ParentId != new Guid() && isUserAllowedToCreateSubProjects)
{
var subProjectModel = new SubProjectModel();
subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
......@@ -396,6 +418,8 @@ namespace Coscine.Api.Project.Controllers
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Settings (project, user, quota)
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("You are not an owner of the project.");
......@@ -416,7 +440,7 @@ namespace Coscine.Api.Project.Controllers
}
/// <summary>
/// Call to analytics logger.
/// Creation of an Application Profile.
/// </summary>
/// <param name="projectId">Project id of the project</param>
/// <returns>204 no content</returns>
......@@ -432,6 +456,8 @@ namespace Coscine.Api.Project.Controllers
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - ???
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("You are not an owner of the project.");
......@@ -469,6 +495,8 @@ namespace Coscine.Api.Project.Controllers
return NotFound($@"The role ""{sendInvitationObject.Role}"" was not found.");
}
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("You are not an owner of the project.");
......@@ -536,6 +564,8 @@ namespace Coscine.Api.Project.Controllers
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (!_projectModel.HasAccess(user, _projectModel.GetById(invitation.Project), UserRoles.Owner))
{
return Unauthorized("You are not an owner of this project.");
......@@ -570,6 +600,8 @@ namespace Coscine.Api.Project.Controllers
var project = _projectModel.GetById(invitation.Project);
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (!_projectModel.HasAccess(_userModel.GetById(invitation.Issuer), project, UserRoles.Owner))
{
return Unauthorized("The issuer is not an owner of the project.");
......
......@@ -64,7 +64,9 @@ namespace Coscine.Api.Project.Controllers
return base.NotFound($"Could not find project with id: {id}");
}
if (!_projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Settings (project, user, quota)
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("The user is not authorized to perform a get on the selected project!");
}
......@@ -94,7 +96,9 @@ namespace Coscine.Api.Project.Controllers
return NotFound($"Could not find project with id: {id}");
}
if (!_projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Settings (project, user, quota)
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("The user is not authorized to perform a get on the selected project!");
}
......@@ -129,6 +133,8 @@ namespace Coscine.Api.Project.Controllers
return NotFound($"Could not find project with id: {id}");
}
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Change Settings (project, user, quota)
if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
{
return Unauthorized("The user is not authorized to perform a get on the selected project!");
......
......@@ -57,7 +57,9 @@ namespace Coscine.Api.Project.Controllers
var projectModel = new ProjectModel();
var user = _authenticator.GetUser();
if (projectModel.HasAccess(user, projectModel.GetById(projectId), UserRoles.Owner, UserRoles.Member))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: View Members of Project on Project page
if (projectModel.HasAccess(user, projectModel.GetById(projectId), UserRoles.Owner, UserRoles.Member, UserRoles.Guest))
{
var users = _projectRoleModel.GetAllWhere((projectRole) =>
(projectRole.ProjectId == projectId)
......@@ -128,9 +130,13 @@ namespace Coscine.Api.Project.Controllers
var userToAdd = userModel.GetById(projectRoleObject.User.Id);
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Project: Change Settings (project, user, quota)
if (projectModel.HasAccess(user, project, UserRoles.Owner))
{
var userIsAlreadymember = projectModel.HasAccess(userToAdd, project, UserRoles.Owner, UserRoles.Member);
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - none
var userAlreadyHasRole = projectModel.HasAccess(userToAdd, project, UserRoles.Owner, UserRoles.Member, UserRoles.Guest);
_emitter.EmitUserAdd(new UserEventArgs(_configuration)
{
Project = project,
......@@ -138,7 +144,7 @@ namespace Coscine.Api.Project.Controllers
User = userToAdd
});
LogAnalytics(userIsAlreadymember == true ? "Change Role" : "Add Member", user, null, project.Id.ToString());
LogAnalytics(userAlreadyHasRole == true ? "Change Role" : "Add Member", user, null, project.Id.ToString());
return Ok(_projectRoleModel.SetFromObject(projectRoleObject));
}
......@@ -162,6 +168,8 @@ namespace Coscine.Api.Project.Controllers
var user = _authenticator.GetUser();
var project = projectModel.GetById(projectId);
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Project: Change Settings (project, user, quota)
if (projectModel.HasAccess(user, project, UserRoles.Owner))
{
_projectRoleModel.CheckIfLastOwnerWillBeRemoved(roleId, projectId);
......@@ -201,7 +209,10 @@ namespace Coscine.Api.Project.Controllers
var project = projectModel.GetById(projectId);
var roleId = _projectRoleModel.GetGetUserRoleForProject(projectId, user.Id);
if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - ???
// Guests have the right to leave a project on their own.
if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member, UserRoles.Guest))
{
_projectRoleModel.CheckIfLastOwnerWillBeRemoved((Guid)roleId, projectId);
_emitter.EmitUserRemove(new UserEventArgs(this._configuration)
......
......@@ -39,6 +39,9 @@ namespace Coscine.Api.Project.Controllers
var projectModel = new ProjectModel();
var projectRoleModel = new ProjectRoleModel();
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Create Subprojects
string[] allowedRoles = { UserRoles.Owner, UserRoles.Member };
allowedRoles = allowedRoles.Select(x => x.ToLower().Trim()).ToArray();
if (projectModel.HasAccess(user, projectModel.GetById(parentGuid), allowedRoles))
......@@ -76,6 +79,9 @@ namespace Coscine.Api.Project.Controllers
var projectModel = new ProjectModel();
var projectRoleModel = new ProjectRoleModel();
var user = _authenticator.GetUser();
// Rights Matrix (https://git.rwth-aachen.de/coscine/docs/private/internal-wiki/-/blob/master/coscine/Definition%20of%20rights%20Matrix.md)
// - Project: Create Subprojects
string[] allowedRoles = { UserRoles.Owner, UserRoles.Member };
allowedRoles = allowedRoles.Select(x => x.ToLower().Trim()).ToArray();
if (projectModel.HasAccess(user, projectModel.GetById(childGuid), allowedRoles))
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment