[kbss-cvut/record-manager-ui#202] Implement Role group configuration …

…by model.ttl

src/main/java/cz/cvut/kbss/study/model/User.java

@@ -11,7 +11,6 @@
 import cz.cvut.kbss.study.model.util.HasDerivableUri;
 import cz.cvut.kbss.study.util.Constants;
 import cz.cvut.kbss.study.util.IdentificationUtils;
-import cz.cvut.kbss.study.util.RoleAssignmentUtil;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 import java.io.Serializable;
@@ -62,10 +61,10 @@ public class User implements HasDerivableUri, Serializable {
     @OWLObjectProperty(iri = Vocabulary.s_p_is_member_of, fetch = FetchType.EAGER)
     private Institution institution;
 
-    @OWLDataProperty(iri = Vocabulary.s_p_role_group)
+    @OWLObjectProperty(iri = Vocabulary.s_p_has_role_group)
     private String roleGroup;
 
-    @Types
+    @OWLObjectProperty(iri = Vocabulary.s_p_has_role)
     private Set<String> types;
 
     public String getRoleGroup() {
@@ -74,13 +73,11 @@ public String getRoleGroup() {
 
     public void setRoleGroup(String roleGroup) {
         this.roleGroup = roleGroup;
-        this.types.clear();
-        this.types = RoleAssignmentUtil.assignRolesForGroup(this.roleGroup);
     }
 
     public User() {
         this.types = new HashSet<>();
-        types.add(Vocabulary.s_c_doctor);
+        types.add(Vocabulary.s_i_user);
     }
 
     @Override
@@ -173,7 +170,7 @@ public void addType(String type) {
      */
     public boolean isAdmin() {
         assert types != null;
-        return getTypes().contains(Vocabulary.s_c_administrator);
+        return getTypes().contains(Vocabulary.s_i_administrator);
     }
 
     public String getToken() {

src/main/java/cz/cvut/kbss/study/persistence/dao/UserDao.java

@@ -83,9 +83,9 @@ public List<User> findByInstitution(Institution institution) {
 
     public int getNumberOfInvestigators() {
         return ((BigInteger) em.createNativeQuery(
-                                       "SELECT (count(?p) as ?investigatorCount) WHERE { ?p a ?typeDoctor . MINUS {?p a ?typeAdmin}}")
-                               .setParameter("typeDoctor", URI.create(Vocabulary.s_c_doctor))
-                               .setParameter("typeAdmin", URI.create(Vocabulary.s_c_administrator)).getSingleResult()
+                                       "SELECT (count(?p) as ?investigatorCount) WHERE { ?p a ?typeUser . MINUS {?p a ?typeAdmin}}")
+                               .setParameter("typeUser", URI.create(Vocabulary.s_i_user))
+                               .setParameter("typeAdmin", URI.create(Vocabulary.s_i_administrator)).getSingleResult()
         ).intValue();
     }
 }

src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java

@@ -27,9 +27,13 @@ private SecurityConstants() {
      */
     public static final int SESSION_TIMEOUT = 12 * 60 * 60;
 
+    public static final String ROLE_GROUP_OPERATOR_ADMIN = "ROLE_GROUP_OPERATOR_ADMIN";
+    public static final String ROLE_GROUP_OPERATOR = "ROLE_GROUP_OPERATOR";
+    public static final String ROLE_GROUP_SUPPLIER_ADMIN = "ROLE_GROUP_SUPPLIER_ADMIN";
+    public static final String ROLE_GROUP_SUPPLIER = "ROLE_GROUP_SUPPLIER";
+    public static final String ROLE_GROUP_EXTERNAL_USER = "ROLE_GROUP_EXTERNAL_USER";
     public static final String ROLE_USER = "ROLE_USER";
     public static final String ROLE_ADMIN = "ROLE_ADMIN";
-
     public static final String ROLE_COMPLETE_RECORDS = "rm_complete_records";
     public static final String ROLE_DELETE_ALL_RECORDS = "rm_delete_all_records";
     public static final String ROLE_DELETE_ORGANIZATION_RECORDS = "rm_delete_organization_records";

src/main/java/cz/cvut/kbss/study/security/model/Role.java

@@ -7,19 +7,19 @@
 import java.util.stream.Stream;
 
 public enum Role {
-    USER(SecurityConstants.ROLE_USER, Vocabulary.s_c_doctor),
-    ADMIN(SecurityConstants.ROLE_ADMIN, Vocabulary.s_c_administrator),
-    COMPLETE_RECORDS(SecurityConstants.ROLE_COMPLETE_RECORDS, Vocabulary.s_c_complete_records),
-    DELETE_ALL_RECORDS(SecurityConstants.ROLE_DELETE_ALL_RECORDS, Vocabulary.s_c_delete_all_records),
-    DELETE_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_DELETE_ORGANIZATION_RECORDS, Vocabulary.s_c_delete_organization_records),
-    EDIT_ALL_RECORDS(SecurityConstants.ROLE_EDIT_ALL_RECORDS, Vocabulary.s_c_edit_all_records),
-    EDIT_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_EDIT_ORGANIZATION_RECORDS, Vocabulary.s_c_edit_organization_records),
-    EDIT_USERS(SecurityConstants.ROLE_EDIT_USERS, Vocabulary.s_c_edit_users),
-    IMPORT_CODELISTS(SecurityConstants.ROLE_IMPORT_CODELISTS, Vocabulary.s_c_import_codelists),
-    PUBLISH_RECORDS(SecurityConstants.ROLE_PUBLISH_RECORDS, Vocabulary.s_c_publish_records),
-    REJECT_RECORDS(SecurityConstants.ROLE_REJECT_RECORDS, Vocabulary.s_c_reject_records),
-    VIEW_ALL_RECORDS(SecurityConstants.ROLE_VIEW_ALL_RECORDS, Vocabulary.s_c_view_all_records),
-    VIEW_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_VIEW_ORGANIZATION_RECORDS, Vocabulary.s_c_view_organization_records);
+    USER(SecurityConstants.ROLE_USER, Vocabulary.s_i_user),
+    ADMIN(SecurityConstants.ROLE_ADMIN, Vocabulary.s_i_administrator),
+    COMPLETE_RECORDS(SecurityConstants.ROLE_COMPLETE_RECORDS, Vocabulary.s_i_complete_records_role),
+    DELETE_ALL_RECORDS(SecurityConstants.ROLE_DELETE_ALL_RECORDS, Vocabulary.s_i_delete_all_records_role),
+    DELETE_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_DELETE_ORGANIZATION_RECORDS, Vocabulary.s_i_delete_organization_records_role),
+    EDIT_ALL_RECORDS(SecurityConstants.ROLE_EDIT_ALL_RECORDS, Vocabulary.s_i_edit_all_records_role),
+    EDIT_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_EDIT_ORGANIZATION_RECORDS, Vocabulary.s_i_edit_organization_records_role),
+    EDIT_USERS(SecurityConstants.ROLE_EDIT_USERS, Vocabulary.s_i_edit_users_role),
+    IMPORT_CODELISTS(SecurityConstants.ROLE_IMPORT_CODELISTS, Vocabulary.s_i_import_codelists_role),
+    PUBLISH_RECORDS(SecurityConstants.ROLE_PUBLISH_RECORDS, Vocabulary.s_i_publish_records_role),
+    REJECT_RECORDS(SecurityConstants.ROLE_REJECT_RECORDS, Vocabulary.s_i_reject_records_role),
+    VIEW_ALL_RECORDS(SecurityConstants.ROLE_VIEW_ALL_RECORDS, Vocabulary.s_i_view_all_records_role),
+    VIEW_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_VIEW_ORGANIZATION_RECORDS, Vocabulary.s_i_view_organization_records_role);
 
     private final String name;
     private final String type;

src/main/java/cz/cvut/kbss/study/security/model/RoleGroup.java

@@ -0,0 +1,43 @@
+package cz.cvut.kbss.study.security.model;
+
+import cz.cvut.kbss.study.model.Vocabulary;
+import cz.cvut.kbss.study.security.SecurityConstants;
+
+import java.util.Optional;
+import java.util.stream.Stream;
+
+public enum RoleGroup {
+
+
+    OPERATOR_ADMIN(SecurityConstants.ROLE_GROUP_OPERATOR_ADMIN, Vocabulary.s_i_operator_admin_role_group),
+    OPERATOR(SecurityConstants.ROLE_GROUP_OPERATOR, Vocabulary.s_i_operator_role_group),
+    SUPPLIER_ADMIN(SecurityConstants.ROLE_GROUP_SUPPLIER_ADMIN, Vocabulary.s_i_supplier_admin_role_group),
+    SUPPLIER(SecurityConstants.ROLE_GROUP_SUPPLIER, Vocabulary.s_i_supplier_role_group),
+    EXTERNAL_USER(SecurityConstants.ROLE_GROUP_EXTERNAL_USER, Vocabulary.s_i_external_user_role_group);
+
+
+    private final String name;
+    private final String type;
+
+    RoleGroup(String name, String type) {
+        this.name = name;
+        this.type = type;
+    }
+
+    public static Optional<RoleGroup> forType(String type) {
+        return Stream.of(RoleGroup.values()).filter(r -> r.type.equals(type)).findAny();
+    }
+
+    public static Optional<RoleGroup> forName(String name) {
+        return Stream.of(RoleGroup.values()).filter(r -> r.name.equals(name)).findAny();
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getType() {
+        return type;
+    }
+}
+

src/main/java/cz/cvut/kbss/study/service/SystemInitializer.java

@@ -3,7 +3,6 @@
 import cz.cvut.kbss.study.model.Institution;
 import cz.cvut.kbss.study.model.User;
 import cz.cvut.kbss.study.model.Vocabulary;
-import cz.cvut.kbss.study.util.Constants;
 import jakarta.annotation.PostConstruct;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -53,8 +52,7 @@ private void addDefaultAdministrator() {
             admin.setPassword("5y5t3mAdm1n.");
             admin.setInstitution(institutionService.findByName(INSTITUTION_NAME));
             admin.setIsInvited(true);
-            admin.setRoleGroup(Constants.OPERATOR_ADMIN);
-            admin.getTypes().add(Vocabulary.s_c_administrator);
+            admin.setRoleGroup(Vocabulary.s_i_operator_admin_role_group);
             LOG.debug("Persisting default administrator {}", admin);
             userService.persist(admin);
         }

src/main/java/cz/cvut/kbss/study/service/repository/RepositoryUserService.java

@@ -202,7 +202,7 @@ protected void prePersist(User instance) {
     @Override
     protected void preUpdate(User instance) {
         final User currentUser = securityUtils.getCurrentUser();
-        if (!currentUser.getTypes().contains(Vocabulary.s_c_administrator)
+        if (!currentUser.getTypes().contains(Vocabulary.s_i_administrator)
             && (!instance.getTypes().equals(currentUser.getTypes()) || (instance.getInstitution() != null
             && !instance.getInstitution().getKey().equals(currentUser.getInstitution().getKey())))) {
             throw new UnauthorizedException("Cannot update user.");

src/main/java/cz/cvut/kbss/study/util/Constants.java

@@ -69,9 +69,4 @@ private Constants() {
      */
     public static final String MEDIA_TYPE_EXCEL = "application/vnd.ms-excel";
 
-    public static final String OPERATOR_ADMIN = "OPERATOR_ADMIN";
-    public static final String OPERATOR_USER = "OPERATOR_USER";
-    public static final String SUPPLIER_ADMIN = "SUPPLIER_ADMIN";
-    public static final String SUPPLIER_USER = "SUPPLIER_USER";
-    public static final String EXTERNAL_USER = "EXTERNAL_USER";
 }