[kbss-cvut/record-manager-ui#202] Implement Role group assignment

kbss-cvut · Sep 18, 2024 · 0a8cfee · 0a8cfee
1 parent b0b4648
commit 0a8cfee
Show file tree

Hide file tree

Showing 6 changed files with 107 additions and 1 deletion.
diff --git a/src/main/java/cz/cvut/kbss/study/model/User.java b/src/main/java/cz/cvut/kbss/study/model/User.java
@@ -11,6 +11,7 @@
 import cz.cvut.kbss.study.model.util.HasDerivableUri;
 import cz.cvut.kbss.study.util.Constants;
 import cz.cvut.kbss.study.util.IdentificationUtils;
+import cz.cvut.kbss.study.util.RoleAssignmentUtil;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 import java.io.Serializable;
@@ -61,9 +62,22 @@ public class User implements HasDerivableUri, Serializable {
     @OWLObjectProperty(iri = Vocabulary.s_p_is_member_of, fetch = FetchType.EAGER)
     private Institution institution;
 
+    @OWLDataProperty(iri = Vocabulary.s_p_role_group)
+    private String roleGroup;
+
     @Types
     private Set<String> types;
 
+    public String getRoleGroup() {
+        return roleGroup;
+    }
+
+    public void setRoleGroup(String roleGroup) {
+        this.roleGroup = roleGroup;
+        this.types.clear();
+        this.types = RoleAssignmentUtil.assignRolesForGroup(this.roleGroup);
+    }
+
     public User() {
         this.types = new HashSet<>();
         types.add(Vocabulary.s_c_doctor);
@@ -216,7 +230,7 @@ public User copy() {
         copy.setInstitution(institution);
         copy.setIsInvited(isInvited);
         copy.setToken(token);
-        types.forEach(copy::addType);
+        copy.setRoleGroup(roleGroup);
         return copy;
     }
 

diff --git a/src/main/java/cz/cvut/kbss/study/service/SystemInitializer.java b/src/main/java/cz/cvut/kbss/study/service/SystemInitializer.java
@@ -3,6 +3,7 @@
 import cz.cvut.kbss.study.model.Institution;
 import cz.cvut.kbss.study.model.User;
 import cz.cvut.kbss.study.model.Vocabulary;
+import cz.cvut.kbss.study.util.Constants;
 import jakarta.annotation.PostConstruct;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -52,6 +53,7 @@ private void addDefaultAdministrator() {
             admin.setPassword("5y5t3mAdm1n.");
             admin.setInstitution(institutionService.findByName(INSTITUTION_NAME));
             admin.setIsInvited(true);
+            admin.setRoleGroup(Constants.OPERATOR_ADMIN);
             admin.getTypes().add(Vocabulary.s_c_administrator);
             LOG.debug("Persisting default administrator {}", admin);
             userService.persist(admin);

diff --git a/src/main/java/cz/cvut/kbss/study/util/Constants.java b/src/main/java/cz/cvut/kbss/study/util/Constants.java
@@ -68,4 +68,10 @@ private Constants() {
      * Excel MIME type
      */
     public static final String MEDIA_TYPE_EXCEL = "application/vnd.ms-excel";
+
+    public static final String OPERATOR_ADMIN = "OPERATOR_ADMIN";
+    public static final String OPERATOR_USER = "OPERATOR_USER";
+    public static final String SUPPLIER_ADMIN = "SUPPLIER_ADMIN";
+    public static final String SUPPLIER_USER = "SUPPLIER_USER";
+    public static final String EXTERNAL_USER = "EXTERNAL_USER";
 }
diff --git a/src/main/java/cz/cvut/kbss/study/util/RoleAssignmentUtil.java b/src/main/java/cz/cvut/kbss/study/util/RoleAssignmentUtil.java
@@ -0,0 +1,78 @@
+package cz.cvut.kbss.study.util;
+
+import cz.cvut.kbss.study.model.Vocabulary;
+
+import java.util.*;
+
+public class RoleAssignmentUtil {
+
+    public static final Set<String> OPERATOR_ADMIN_ROLES = new HashSet<>(
+            Set.of(
+                    Vocabulary.s_c_administrator,
+                    Vocabulary.s_c_doctor,
+                    Vocabulary.s_c_edit_users,
+                    Vocabulary.s_c_publish_records,
+                    Vocabulary.s_c_reject_records,
+                    Vocabulary.s_c_view_organization_records,
+                    Vocabulary.s_c_edit_organization_records,
+                    Vocabulary.s_c_delete_organization_records,
+                    Vocabulary.s_c_complete_records,
+                    Vocabulary.s_c_import_codelists
+            )
+    );
+
+    public static final Set<String> OPERATOR_USER_ROLES = new HashSet<>(
+            Set.of(
+                    Vocabulary.s_c_complete_records
+            )
+    );
+
+    public static final Set<String> SUPPLIER_ADMIN_ROLES = new HashSet<>(
+            Set.of(
+                    Vocabulary.s_c_administrator,
+                    Vocabulary.s_c_doctor,
+                    Vocabulary.s_c_edit_users,
+                    Vocabulary.s_c_reject_records,
+                    Vocabulary.s_c_view_organization_records,
+                    Vocabulary.s_c_edit_organization_records,
+                    Vocabulary.s_c_delete_organization_records,
+                    Vocabulary.s_c_complete_records,
+                    Vocabulary.s_c_import_codelists,
+                    Vocabulary.s_c_edit_all_records,
+                    Vocabulary.s_c_delete_all_records,
+                    Vocabulary.s_c_view_all_records
+            )
+    );
+
+    public static final Set<String> SUPPLIER_USER_ROLES = new HashSet<>(
+            Set.of(
+                    Vocabulary.s_c_complete_records
+            )
+    );
+
+    public static final Map<String, Set<String>> roleGroups = Map.of(
+            Constants.OPERATOR_ADMIN, OPERATOR_ADMIN_ROLES,
+            Constants.OPERATOR_USER, OPERATOR_USER_ROLES,
+            Constants.SUPPLIER_ADMIN, SUPPLIER_ADMIN_ROLES,
+            Constants.SUPPLIER_USER, SUPPLIER_USER_ROLES,
+            Constants.EXTERNAL_USER, defaultRoles()
+    );
+
+
+    public static Set<String> assignRolesForGroup(String group) {
+        if(group != null)
+          return roleGroups.getOrDefault(group, defaultRoles());
+        return defaultRoles();
+    }
+
+    /**
+     * Default roles to be assigned if the group is not recognized.
+     *
+     * @return A set of default roles
+     */
+    private static Set<String> defaultRoles() {
+        Set<String> defaultRoles = new HashSet<>();
+        defaultRoles.add(Vocabulary.s_c_doctor);
+        return defaultRoles;
+    }
+}
diff --git a/src/main/resources/model.ttl b/src/main/resources/model.ttl
@@ -66,6 +66,10 @@ rm:has-question rdf:type owl:ObjectProperty ;
 rm:is-member-of rdf:type owl:ObjectProperty ;
                 rdfs:subPropertyOf rm:relates-to .
 
+###  http://onto.fel.cvut.cz/ontologies/record-manager/role-group
+rm:role-group rdf:type owl:ObjectProperty ;
+                rdfs:subPropertyOf rm:relates-to .
+
 
 ###  http://onto.fel.cvut.cz/ontologies/record-manager/relates-to
 rm:relates-to rdf:type owl:ObjectProperty .

diff --git a/src/test/java/cz/cvut/kbss/study/service/security/SecurityUtilsTest.java b/src/test/java/cz/cvut/kbss/study/service/security/SecurityUtilsTest.java
@@ -12,6 +12,7 @@
 import cz.cvut.kbss.study.security.model.UserDetails;
 import cz.cvut.kbss.study.service.ConfigReader;
 import cz.cvut.kbss.study.util.ConfigParam;
+import cz.cvut.kbss.study.util.Constants;
 import cz.cvut.kbss.study.util.IdentificationUtils;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
@@ -66,6 +67,7 @@ public void setUp() {
         Institution institution = Generator.generateInstitution();
         institution.setKey(IdentificationUtils.generateKey());
         this.user = Generator.getUser(USERNAME, PASSWORD, "John", "Johnie", "[email protected]", institution);
+        this.user.setRoleGroup(Constants.OPERATOR_ADMIN);
         user.generateUri();
     }