From 327948179e7bbe26605e09d6ecfe906e1cc546e0 Mon Sep 17 00:00:00 2001 From: amontenegro Date: Tue, 27 Feb 2024 13:37:16 -0600 Subject: [PATCH 1/2] Deactivated records should get 409 on GET requests --- .../orcid/api/common/jaxb/OrcidExceptionMapper.java | 2 ++ .../impl/MemberV3ApiServiceDelegatorImpl.java | 12 ++---------- .../manager/v3/impl/OrcidSecurityManagerImpl.java | 6 +++--- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/orcid-api-common/src/main/java/org/orcid/api/common/jaxb/OrcidExceptionMapper.java b/orcid-api-common/src/main/java/org/orcid/api/common/jaxb/OrcidExceptionMapper.java index 81f74a10d2b..d96850ceb37 100644 --- a/orcid-api-common/src/main/java/org/orcid/api/common/jaxb/OrcidExceptionMapper.java +++ b/orcid-api-common/src/main/java/org/orcid/api/common/jaxb/OrcidExceptionMapper.java @@ -111,6 +111,8 @@ public Response toResponse(Throwable t) { logShortError(t, clientId); } else if (t instanceof LockedException) { logShortError(t, clientId); + } else if (t instanceof DeactivatedException) { + logShortError(t, clientId); } else if (t instanceof ClientDeactivatedException) { logShortError(t, clientId); } else if (t instanceof OrcidNonPublicElementException) { diff --git a/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/delegator/impl/MemberV3ApiServiceDelegatorImpl.java b/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/delegator/impl/MemberV3ApiServiceDelegatorImpl.java index 64c6535d0bf..a3fb41eb9a5 100644 --- a/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/delegator/impl/MemberV3ApiServiceDelegatorImpl.java +++ b/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/delegator/impl/MemberV3ApiServiceDelegatorImpl.java @@ -1642,16 +1642,8 @@ public Response deleteResearchResource(String orcid, Long putCode) { return Response.noContent().build(); } - private void checkProfileStatus(String orcid, boolean readOperation) { - try { - orcidSecurityManager.checkProfile(orcid); - } catch (DeactivatedException e) { - // If it is a read operation, ignore the deactivated status since we - // are going to return the empty element with the deactivation date - if (!readOperation) { - throw e; - } - } + private void checkProfileStatus(String orcid, boolean readOperation) throws DeactivatedException { + orcidSecurityManager.checkProfile(orcid); } private Map addParmsMismatchedPutCode(Long urlPutCode, Long bodyPutCode) { diff --git a/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/OrcidSecurityManagerImpl.java b/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/OrcidSecurityManagerImpl.java index 59b415afdc0..5067b4195e3 100644 --- a/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/OrcidSecurityManagerImpl.java +++ b/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/OrcidSecurityManagerImpl.java @@ -202,15 +202,15 @@ public void checkProfile(String orcid) throws NoResultException, OrcidDeprecated // Check if the user record is locked if (!profile.isAccountNonLocked()) { - LockedException lockedException = new LockedException(); + LockedException lockedException = new LockedException(orcid + " is locked"); lockedException.setOrcid(profile.getId()); throw lockedException; } // Check if the user record is deactivated if (profile.getDeactivationDate() != null) { - DeactivatedException exception = new DeactivatedException(); - exception.setOrcid(orcid); + DeactivatedException exception = new DeactivatedException(orcid + " is deactivated"); + exception.setOrcid(orcid); throw exception; } } From 819793e5ffda18c192df476440a0f846c9fefa36 Mon Sep 17 00:00:00 2001 From: amontenegro Date: Mon, 8 Apr 2024 11:28:19 -0600 Subject: [PATCH 2/2] Add togglz to disable the endpoint --- .../api/memberV3/server/MemberV3ApiServiceImplV3_0.java | 4 ++++ orcid-core/src/main/java/org/orcid/core/togglz/Features.java | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/MemberV3ApiServiceImplV3_0.java b/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/MemberV3ApiServiceImplV3_0.java index 69b1958e314..4f0244c32e5 100644 --- a/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/MemberV3ApiServiceImplV3_0.java +++ b/orcid-api-web/src/main/java/org/orcid/api/memberV3/server/MemberV3ApiServiceImplV3_0.java @@ -89,6 +89,7 @@ import org.orcid.api.notificationsV3.server.delegator.NotificationsApiServiceDelegator; import org.orcid.core.api.OrcidApiConstants; import org.orcid.core.exception.OrcidNotificationAlreadyReadException; +import org.orcid.core.togglz.Features; import org.orcid.jaxb.model.v3.release.groupid.GroupIdRecord; import org.orcid.jaxb.model.v3.release.notification.permission.NotificationPermission; import org.orcid.jaxb.model.v3.release.record.Address; @@ -1049,6 +1050,9 @@ public Response deleteResearchResource(@PathParam("orcid") String orcid, @PathPa @Produces(value = { VND_ORCID_XML, ORCID_XML, MediaType.APPLICATION_XML, VND_ORCID_JSON, ORCID_JSON, MediaType.APPLICATION_JSON }) @Path(RECORD_SUMMARY) public Response getRecordSummary(@PathParam("orcid") String orcid) { + if(!Features.MAPI_SUMMARY_ENDPOINT.isActive()) { + return Response.status(Response.Status.NOT_FOUND).build(); + } return serviceDelegator.getRecordSummary(orcid); } } \ No newline at end of file diff --git a/orcid-core/src/main/java/org/orcid/core/togglz/Features.java b/orcid-core/src/main/java/org/orcid/core/togglz/Features.java index b571445ea78..3bfe0bac62a 100644 --- a/orcid-core/src/main/java/org/orcid/core/togglz/Features.java +++ b/orcid-core/src/main/java/org/orcid/core/togglz/Features.java @@ -56,7 +56,10 @@ public enum Features implements Feature { DELETE_EVENTS, @Label("Track public events stats ") - PAPI_EVENTS; + PAPI_EVENTS, + + @Label("Enable summary endpoint in the Members API") + MAPI_SUMMARY_ENDPOINT; public boolean isActive() { return FeatureContext.getFeatureManager().isActive(this);