allow users to edit access to their projects (#498)

wow-such-code · web-flow · commit 9d9ddfd47af5 · 2024-02-23T17:58:54.000+01:00
* allow users to edit access to their projects

* hide user access component if user is not allowed to use it

* address code smells

* more code smells
diff --git a/project-management-infrastructure/src/main/java/life/qbic/projectmanagement/infrastructure/project/ProjectRepositoryImpl.java b/project-management-infrastructure/src/main/java/life/qbic/projectmanagement/infrastructure/project/ProjectRepositoryImpl.java
@@ -74,7 +74,7 @@ public void add(Project project) {
     Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
     QbicUserDetails details = (QbicUserDetails) authentication.getPrincipal();
     projectAccessService.grant(details.getUserId(), project.getId(),
-        List.of(READ, WRITE));
+        List.of(READ, WRITE, ADMINISTRATION));//administration of this project, only
     projectAccessService.grantToAuthority(ADMIN.auth(), project.getId(), ADMIN.permissions());
     projectAccessService.grantToAuthority(PROJECT_MANAGER.auth(), project.getId(),
         PROJECT_MANAGER.permissions());
diff --git a/user-interface/src/main/java/life/qbic/datamanager/security/UserPermissionsImpl.java b/user-interface/src/main/java/life/qbic/datamanager/security/UserPermissionsImpl.java
@@ -12,6 +12,8 @@ public class UserPermissionsImpl implements UserPermissions {
 
   final AclPermissionEvaluator aclPermissionEvaluator;
 
+  private static final String projectTargetType = "life.qbic.projectmanagement.domain.model.project.Project";
+
   public UserPermissionsImpl(@Autowired
   AclPermissionEvaluator aclPermissionEvaluator) {
     this.aclPermissionEvaluator = aclPermissionEvaluator;
@@ -21,16 +23,18 @@ public UserPermissionsImpl(@Autowired
   public boolean readProject(ProjectId projectId) {
     return aclPermissionEvaluator.hasPermission(
         SecurityContextHolder.getContext().getAuthentication(), projectId,
-        "life.qbic.projectmanagement.domain.model.project.Project", "READ");
+        projectTargetType, "READ");
   }
 
   @Override
   public boolean changeProjectAccess(ProjectId projectId) {
     Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
     boolean hasReadPermission = aclPermissionEvaluator.hasPermission(authentication, projectId,
-        "life.qbic.projectmanagement.domain.model.project.Project", "READ");
+        projectTargetType, "READ");
+    boolean hasCreatedProject = aclPermissionEvaluator.hasPermission(authentication, projectId,
+        projectTargetType, "ADMINISTRATION");
     boolean canChangeAclAccess = authentication.getAuthorities().stream()
         .anyMatch(it -> it.getAuthority().equals("acl:change-access"));
-    return (hasReadPermission && canChangeAclAccess);
+    return (hasReadPermission && (canChangeAclAccess || hasCreatedProject));
   }
 }
diff --git a/user-interface/src/main/java/life/qbic/datamanager/views/navigation/ProjectSideNavigationComponent.java b/user-interface/src/main/java/life/qbic/datamanager/views/navigation/ProjectSideNavigationComponent.java
@@ -1,5 +1,6 @@
 package life.qbic.datamanager.views.navigation;
 
+import static java.util.Objects.requireNonNull;
 import static org.slf4j.LoggerFactory.getLogger;
 
 import com.vaadin.flow.component.Component;
@@ -27,6 +28,7 @@
 import java.util.Objects;
 import java.util.Optional;
 import life.qbic.application.commons.ApplicationException;
+import life.qbic.datamanager.security.UserPermissions;
 import life.qbic.datamanager.views.AppRoutes.Projects;
 import life.qbic.datamanager.views.Context;
 import life.qbic.datamanager.views.projects.overview.ProjectOverviewMain;
@@ -63,14 +65,17 @@ public class ProjectSideNavigationComponent extends Div implements
   private final Div content;
   private final transient ProjectInformationService projectInformationService;
   private final transient ExperimentInformationService experimentInformationService;
+  private final transient UserPermissions userPermissions;
   private Context context = new Context();
 
   public ProjectSideNavigationComponent(
       @Autowired ProjectInformationService projectInformationService,
-      @Autowired ExperimentInformationService experimentInformationService) {
+      @Autowired ExperimentInformationService experimentInformationService,
+      @Autowired UserPermissions userPermissions) {
     content = new Div();
     Objects.requireNonNull(projectInformationService);
     Objects.requireNonNull(experimentInformationService);
+    this.userPermissions = requireNonNull(userPermissions, "userPermissions must not be null");
     addClassName("project-navigation-drawer");
     this.projectInformationService = projectInformationService;
     this.experimentInformationService = experimentInformationService;
@@ -95,8 +100,10 @@ public void beforeEnter(BeforeEnterEvent beforeEnterEvent) {
     var project = loadProject(parsedProjectId);
     List<Experiment> experiments = loadExperimentsForProject(project);
     List<ProjectPreview> lastModifiedProjects = retrieveLastModifiedProjects();
-    content.add(generateNavigationSections(project, lastModifiedProjects, experiments).toArray(
-        Component[]::new));
+    boolean canUserAdministrate = userPermissions.changeProjectAccess(parsedProjectId);
+    content.add(
+        generateNavigationSections(project, lastModifiedProjects, experiments, canUserAdministrate)
+            .toArray(Component[]::new));
   }
 
   private Project loadProject(ProjectId id) {
@@ -116,19 +123,19 @@ private List<ProjectPreview> retrieveLastModifiedProjects() {
   }
 
   private static List<Div> generateNavigationSections(Project project,
-      List<ProjectPreview> lastModifiedProjects, List<Experiment> experiments) {
-    Div projectSection = createProjectSection(project, lastModifiedProjects);
+      List<ProjectPreview> lastModifiedProjects, List<Experiment> experiments, boolean canUserAdministrate) {
+    Div projectSection = createProjectSection(project, lastModifiedProjects, canUserAdministrate);
     Div experimentSection = createExperimentSection(project.getId().value(), experiments);
     return List.of(projectSection, experimentSection);
   }
 
   private static Div createProjectSection(Project project,
-      List<ProjectPreview> lastModifiedProjects) {
+      List<ProjectPreview> lastModifiedProjects, boolean canUserAdministrate) {
     Div projectSection = new Div();
     projectSection.add(createProjectHeader(),
         createProjectSelection(project.getProjectIntent().projectTitle().title(),
             lastModifiedProjects),
-        generateSectionDivider(), createProjectItems(project.getId().value()));
+        generateSectionDivider(), createProjectItems(project.getId().value(), canUserAdministrate));
     projectSection.addClassName("project-section");
     return projectSection;
   }
@@ -187,9 +194,12 @@ private static Span generateSectionDivider() {
     return sectionDivider;
   }
 
-  private static Div createProjectItems(String projectId) {
+  private static Div createProjectItems(String projectId, boolean canUserAdministrate) {
     Div projectItems = new Div();
-    projectItems.add(createProjectSummaryLink(projectId), createProjectUsers(projectId));
+    projectItems.add(createProjectSummaryLink(projectId));
+    if(canUserAdministrate) {
+      projectItems.add(createProjectUsers(projectId));
+    }
     projectItems.addClassName("project-items");
     return projectItems;
   }
diff --git a/user-interface/src/main/java/life/qbic/datamanager/views/projects/project/ProjectMainLayout.java b/user-interface/src/main/java/life/qbic/datamanager/views/projects/project/ProjectMainLayout.java
@@ -8,6 +8,7 @@
 import com.vaadin.flow.router.PageTitle;
 import java.util.Objects;
 import life.qbic.datamanager.security.LogoutService;
+import life.qbic.datamanager.security.UserPermissions;
 import life.qbic.datamanager.views.Context;
 import life.qbic.datamanager.views.general.DataManagerMenu;
 import life.qbic.datamanager.views.navigation.ProjectSideNavigationComponent;
@@ -34,19 +35,21 @@ public class ProjectMainLayout extends AppLayout implements BeforeEnterObserver
   private final ProjectSideNavigationComponent projectSideNavigationComponent;
   private final DataManagerMenu dataManagerMenu;
   private final transient ProjectInformationService projectInformationService;
+
   private Context context = new Context();
   private final Span projectTitle = new Span();
 
   public ProjectMainLayout(@Autowired LogoutService logoutService,
       ProjectInformationService projectInformationService,
-      ExperimentInformationService experimentInformationService) {
+      ExperimentInformationService experimentInformationService,
+      @Autowired UserPermissions userPermissions) {
     Objects.requireNonNull(logoutService);
     Objects.requireNonNull(projectInformationService);
     Objects.requireNonNull(experimentInformationService);
     this.projectInformationService = projectInformationService;
     this.projectSideNavigationComponent = new ProjectSideNavigationComponent(
         projectInformationService,
-        experimentInformationService);
+        experimentInformationService, userPermissions);
     dataManagerMenu = new DataManagerMenu(logoutService);
     addToNavbar(createDrawerToggleAndTitleBar(), dataManagerMenu);
     addClassName("project-main-layout");
diff --git a/user-interface/src/main/java/life/qbic/datamanager/views/projects/project/experiments/ExperimentMainLayout.java b/user-interface/src/main/java/life/qbic/datamanager/views/projects/project/experiments/ExperimentMainLayout.java
@@ -16,6 +16,7 @@
 import java.util.Objects;
 import life.qbic.application.commons.ApplicationException;
 import life.qbic.datamanager.security.LogoutService;
+import life.qbic.datamanager.security.UserPermissions;
 import life.qbic.datamanager.views.Context;
 import life.qbic.datamanager.views.general.DataManagerMenu;
 import life.qbic.datamanager.views.navigation.ProjectSideNavigationComponent;
@@ -52,15 +53,16 @@ public class ExperimentMainLayout extends AppLayout implements BeforeEnterObserv
 
   public ExperimentMainLayout(@Autowired LogoutService logoutService,
       @Autowired ProjectInformationService projectInformationService,
-      @Autowired ExperimentInformationService experimentInformationService) {
+      @Autowired ExperimentInformationService experimentInformationService,
+      @Autowired UserPermissions userPermissions) {
     Objects.requireNonNull(logoutService);
     Objects.requireNonNull(projectInformationService);
     Objects.requireNonNull(experimentInformationService);
     this.dataManagerMenu = new DataManagerMenu(logoutService);
     this.experimentInformationService = experimentInformationService;
     this.projectSideNavigationComponent = new ProjectSideNavigationComponent(
-        projectInformationService,
-        experimentInformationService);
+        projectInformationService, experimentInformationService,
+        userPermissions);
     initializeNavbar();
     initializeAppDrawer();
     addClassName("experiment-main-layout");
