Merge pull request #398 from qbicsoftware/release-2023-10-10

Release 2023 10 10

Author: KochTobi

authorization/pom.xml

@@ -21,7 +21,7 @@
   <dependencies>
     <dependency>
       <groupId>life.qbic</groupId>
-      <artifactId>user</artifactId>
+      <artifactId>user-domain</artifactId>
       <version>0.26.1</version>
       <scope>compile</scope>
     </dependency>
@@ -83,7 +83,7 @@
     </dependency>
     <dependency>
       <groupId>life.qbic</groupId>
-      <artifactId>projectmanagement</artifactId>
+      <artifactId>projectmanagement-domain</artifactId>
       <version>0.26.1</version>
       <scope>compile</scope>
     </dependency>
@@ -96,11 +96,5 @@
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-acl</artifactId>
     </dependency>
-    <dependency>
-      <groupId>life.qbic</groupId>
-      <artifactId>authorization</artifactId>
-      <version>0.26.1</version>
-      <scope>compile</scope>
-    </dependency>
   </dependencies>
 </project>

database-connector/pom.xml

@@ -11,9 +11,9 @@
 
 import java.util.List;
 import java.util.Optional;
-import life.qbic.authorization.acl.ProjectAccessService;
-import life.qbic.authorization.authorities.aspects.CanCreateProject;
 import life.qbic.logging.api.Logger;
+import life.qbic.projectmanagement.application.authorization.acl.ProjectAccessService;
+import life.qbic.projectmanagement.application.authorization.authorities.aspects.CanCreateProject;
 import life.qbic.projectmanagement.domain.project.Project;
 import life.qbic.projectmanagement.domain.project.ProjectCode;
 import life.qbic.projectmanagement.domain.project.ProjectId;

database-connector/src/main/java/life/qbic/projectmanagement/persistence/ProjectRepositoryImpl.java

@@ -10,8 +10,7 @@
   <version>0.26.1</version>
   <modules>
     <module>vaadinfrontend</module>
-    <module>user</module>
-    <module>authorization</module>
+    <module>user-domain</module>
     <module>broadcasting</module>
     <module>newshandler</module>
     <module>database-connector</module>
@@ -20,8 +19,9 @@
     <module>subscription-provider</module>
     <module>subscription-api</module>
     <module>finances</module>
-    <module>projectmanagement</module>
+    <module>projectmanagement-domain</module>
     <module>domain-concept</module>
+    <module>user-domain-api</module>
   </modules>
   <packaging>pom</packaging>
 

pom.xml

@@ -7,8 +7,8 @@
     <version>0.26.1</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
-  <artifactId>projectmanagement</artifactId>
-  <name>projectmanagement</name>
+  <artifactId>projectmanagement-domain</artifactId>
+  <name>projectmanagement-domain</name>
   <url>http://maven.apache.org</url>
   <dependencies>
     <dependency>
@@ -77,5 +77,15 @@
       <groupId>org.jobrunr</groupId>
       <artifactId>jobrunr-spring-boot-3-starter</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-acl</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>life.qbic.datamanager</groupId>
+      <artifactId>user-domain-api</artifactId>
+      <version>0.26.1</version>
+      <scope>compile</scope>
+    </dependency>
   </dependencies>
 </project>

projectmanagement/pom.xml projectmanagement-domain/pom.xml

@@ -1,4 +1,4 @@
-package life.qbic.authorization.application;
+package life.qbic.projectmanagement.application;
 
 /**
  * <b>App Context Provider</b>

projectmanagement/src/main/java/life/qbic/projectmanagement/application/AddExperimentToProjectService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/AddExperimentToProjectService.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.application;
+package life.qbic.projectmanagement.application;
 
 /**
  * <b>Messages</b>

authorization/src/main/java/life/qbic/authorization/application/AppContextProvider.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/AppContextProvider.java

@@ -1,10 +1,9 @@
-package life.qbic.authorization.security;
+package life.qbic.projectmanagement.application.authorization;
 
 import java.io.Serial;
 import java.util.Collection;
 import java.util.List;
-import life.qbic.authentication.domain.user.concept.User;
-import life.qbic.authentication.domain.user.concept.UserId;
+import java.util.Objects;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
@@ -22,10 +21,7 @@
 public class QbicUserDetails implements UserDetails {
   @Serial
   private static final long serialVersionUID = 5812210012669790933L;
-  private final UserId userId;
-  private final String username;
-  private final String password;
-  private final boolean active;
+  private final User user;
   private final List<GrantedAuthority> grantedAuthorities;
 
   /**
@@ -35,10 +31,7 @@ public class QbicUserDetails implements UserDetails {
    * @since 1.0.0
    */
   public QbicUserDetails(User user, List<GrantedAuthority> grantedAuthorities) {
-    this.userId = user.id();
-    this.username = user.emailAddress().get();
-    this.password = user.getEncryptedPassword().get();
-    this.active = user.isActive();
+    this.user = Objects.requireNonNull(user);
     this.grantedAuthorities = List.copyOf(grantedAuthorities);
   }
 
@@ -47,18 +40,23 @@ public Collection<? extends GrantedAuthority> getAuthorities() {
     return List.copyOf(grantedAuthorities);
   }
 
-  public UserId getUserId() {
-    return userId;
+  public String getUserId() {
+    return user.id();
   }
 
   @Override
   public String getPassword() {
-    return password;
+    return user.encryptedPassword();
   }
 
   @Override
   public String getUsername() {
-    return username;
+    // Todo fix and use user ID as user ID instead of the mutable email-address
+    // Rational: the user's email address is not guaranteed to be immutable, since we might add a feature in
+    // the future to change user's email address. That means, the identification of the user by their
+    // email address is error-prone and of risk. Since a user gets a UUID on registration, we can use this
+    // to identify the user, since this ID will never change
+    return user.emailAddress();
   }
 
   @Override
@@ -78,7 +76,7 @@ public boolean isCredentialsNonExpired() {
 
   @Override
   public boolean isEnabled() {
-    return active;
+    return user.isActive();
   }
 
   public boolean hasAuthority(GrantedAuthority authority) {

projectmanagement/src/main/java/life/qbic/projectmanagement/application/DeletionService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/DeletionService.java

@@ -0,0 +1,11 @@
+package life.qbic.projectmanagement.application.authorization;
+
+/**
+ * <b>User concept on application security level</b>
+ *
+ * @since 1.0.0
+ */
+public record User(String id, String fullName, String emailAddress, String encryptedPassword,
+                   boolean isActive) {
+
+}

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ExperimentInformationService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ExperimentInformationService.java

@@ -1,7 +1,6 @@
-package life.qbic.authorization.acl;
+package life.qbic.projectmanagement.application.authorization.acl;
 
 import java.util.List;
-import life.qbic.authentication.domain.user.concept.UserId;
 import life.qbic.projectmanagement.domain.project.ProjectId;
 import org.springframework.security.acls.model.Permission;
 import org.springframework.security.core.GrantedAuthority;
@@ -18,9 +17,9 @@ public interface ProjectAccessService {
    * Lists all users which have a permission within the specific project
    *
    * @param projectId the identifier of the project
-   * @return a list of UserIds which are associated with the project
+   * @return a list of user ids which are associated with the project
    */
-  List<UserId> listUsers(ProjectId projectId);
+  List<String> listUsers(ProjectId projectId);
 
   /**
    * Lists all users which have a permission on the project

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ExperimentalDesignSearchService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ExperimentalDesignSearchService.java

@@ -1,11 +1,10 @@
-package life.qbic.authorization.acl;
+package life.qbic.projectmanagement.application.authorization.acl;
 
 import static java.util.Objects.requireNonNull;
 
 import java.util.List;
 import java.util.function.Predicate;
-import life.qbic.authentication.domain.user.concept.UserId;
-import life.qbic.authorization.security.QbicUserDetails;
+import life.qbic.projectmanagement.application.authorization.QbicUserDetails;
 import life.qbic.projectmanagement.domain.project.Project;
 import life.qbic.projectmanagement.domain.project.ProjectId;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -38,7 +37,7 @@ public ProjectAccessServiceImpl(@Autowired MutableAclService aclService,
 
   @Transactional
   @Override
-  public List<UserId> listUsers(ProjectId projectId) {
+  public List<String> listUsers(ProjectId projectId) {
     List<String> userNames = listUsernames(projectId);
     return userNames.stream().map(userDetailsService::loadUserByUsername)
         .filter(it -> it instanceof QbicUserDetails)

authorization/src/main/java/life/qbic/authorization/application/Messages.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/Messages.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.acl;
+package life.qbic.projectmanagement.application.authorization.acl;
 
 import java.util.Optional;
 import org.springframework.beans.factory.annotation.Autowired;

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ProjectCreationService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ProjectCreationService.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import static java.util.Objects.requireNonNull;
 

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ProjectInformationService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ProjectInformationService.java

@@ -1,9 +1,8 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import java.util.ArrayList;
 import java.util.List;
 import java.util.stream.Stream;
-import life.qbic.authentication.domain.user.concept.UserId;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Service;
@@ -12,19 +11,19 @@
  * Provides granted authorities given a user
  */
 @Service
-public class QBiCUserAuthorityService implements UserAuthorityProvider {
+public class QbicUserAuthorityService implements UserAuthorityProvider {
 
   private final UserRoleRepository userRoleRepository;
 
-  public QBiCUserAuthorityService(
+  public QbicUserAuthorityService(
       @Autowired UserRoleRepository userRoleRepository
   ) {
     this.userRoleRepository = userRoleRepository;
   }
 
   @Override
-  public List<GrantedAuthority> getAuthoritiesByUserId(UserId userId) {
-    List<UserRole> roles = userRoleRepository.findAllByUserId(userId.get());
+  public List<GrantedAuthority> getAuthoritiesByUserId(String userId) {
+    List<UserRole> roles = userRoleRepository.findAllByUserId(userId);
     return roles.stream().flatMap(this::getAuthoritiesForRole).toList();
   }
 

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ProjectLinkingService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ProjectLinkingService.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import static java.util.Objects.requireNonNull;
 

projectmanagement/src/main/java/life/qbic/projectmanagement/application/ProjectPreview.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/ProjectPreview.java

@@ -1,7 +1,6 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import java.util.List;
-import life.qbic.authentication.domain.user.concept.UserId;
 import org.springframework.security.core.GrantedAuthority;
 
 /**
@@ -15,5 +14,5 @@ public interface UserAuthorityProvider {
    * @param userId the userid to retrieve granted authorities for
    * @return a list of authorities granted to the user
    */
-  List<GrantedAuthority> getAuthoritiesByUserId(UserId userId);
+  List<GrantedAuthority> getAuthoritiesByUserId(String userId);
 }

projectmanagement/src/main/java/life/qbic/projectmanagement/application/SortOrder.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/SortOrder.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;

projectmanagement/src/main/java/life/qbic/projectmanagement/application/VariableValueFormatter.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/VariableValueFormatter.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.authorities;
+package life.qbic.projectmanagement.application.authorization.authorities;
 
 import java.util.List;
 import org.springframework.data.jpa.repository.JpaRepository;

projectmanagement/src/main/java/life/qbic/projectmanagement/application/api/ProjectPreviewLookup.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/api/ProjectPreviewLookup.java

@@ -1,4 +1,4 @@
-package life.qbic.authorization.authorities.aspects;
+package life.qbic.projectmanagement.application.authorization.authorities.aspects;
 
 import org.springframework.security.access.prepost.PreAuthorize;
 

projectmanagement/src/main/java/life/qbic/projectmanagement/application/api/SampleCodeService.java projectmanagement-domain/src/main/java/life/qbic/projectmanagement/application/api/SampleCodeService.java

@@ -1,8 +1,8 @@
-package life.qbic.authorization.application.policy;
+package life.qbic.projectmanagement.application.policy;
 
 import java.util.Objects;
-import life.qbic.authorization.application.policy.directive.InformUserAboutGrantedAccess;
 import life.qbic.domain.concepts.DomainEventDispatcher;
+import life.qbic.projectmanagement.application.policy.directive.InformUserAboutGrantedAccess;
 
 /**
  * <b>Policy: Project access granted</b>