From 7e64d1d6deccd84bcc5e6c78425f20b33a6d19a9 Mon Sep 17 00:00:00 2001
From: Sonia Zorba <sonia.zorba@inaf.it>
Date: Tue, 9 Nov 2021 12:58:34 +0100
Subject: [PATCH] Permission controller: allowed retrieval of own permissions
 for non-admin users

---
 gms/pom.xml                                   |  3 +++
 .../gms/controller/PermissionsController.java | 23 +++++++++++++++----
 .../controller/PermissionsControllerTest.java | 19 +++++++++++++++
 3 files changed, 41 insertions(+), 4 deletions(-)

diff --git a/gms/pom.xml b/gms/pom.xml
index a67189d..71d1429 100644
--- a/gms/pom.xml
+++ b/gms/pom.xml
@@ -155,6 +155,9 @@
             <plugin>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>2.22.2</version>
+                <configuration>
+                    <trimStackTrace>false</trimStackTrace>
+                </configuration>
             </plugin>
             <plugin>
                 <groupId>org.jacoco</groupId>
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
index 18593f1..42d6b32 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
@@ -27,6 +27,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
+import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
@@ -128,10 +129,24 @@ public class PermissionsController {
 
         GroupEntity groupEntity = groupNameService.getGroupFromNames(groupNames);
         if (userId.isPresent()) {
-            try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
-                for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
-                    String group = groupNameService.getCompleteName(userPermission.getGroupCompleteName());
-                    pw.println(group + " " + userPermission.getPermission());
+            if (userId.get().equals(request.getUserPrincipal().getName())) {
+                // asking my permissions
+                try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
+                    List<PermissionEntity> userPermissions = permissionsManager.getCurrentUserPermissions();
+
+                    Map<String, List<String>> namesMap = groupNameService.getNamesFromIds(userPermissions.stream()
+                            .map(pe -> pe.getGroupId()).collect(Collectors.toSet()));
+
+                    for (PermissionEntity pe : userPermissions) {
+                        pw.println(groupNameService.getCompleteName(namesMap.get(pe.getGroupId())) + " " + pe.getPermission());
+                    }
+                }
+            } else {
+                try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
+                    for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
+                        String group = groupNameService.getCompleteName(userPermission.getGroupCompleteName());
+                        pw.println(group + " " + userPermission.getPermission());
+                    }
                 }
             }
         } else {
diff --git a/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java b/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
index 9423ae0..c56c04b 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
@@ -21,7 +21,9 @@ import it.inaf.ia2.gms.service.SearchService;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;
+import java.util.Set;
 import static org.hamcrest.CoreMatchers.is;
 import org.junit.Before;
 import org.junit.Test;
@@ -148,6 +150,23 @@ public class PermissionsControllerTest {
                 .andExpect(content().string("rap_user ADMIN\n"));
     }
 
+    @Test
+    public void testGetMyPermissions() throws Exception {
+
+        when(groupsDAO.findGroupById("ROOT")).thenReturn(Optional.of(new GroupEntity()));
+        when(groupsDAO.getGroupCompleteNamesFromId(Set.of("group_id"))).thenReturn(Map.of("group_id", "TNG"));
+
+        PermissionEntity pe = new PermissionEntity();
+        pe.setGroupId("group_id");
+        pe.setPermission(Permission.VIEW_MEMBERS);
+        when(permissionsManager.getCurrentUserPermissions()).thenReturn(List.of(pe));
+
+        mockMvc.perform(get("/permission?user_id=TEST_PRINCIPAL").principal(getPrincipal())
+                .accept(MediaType.TEXT_PLAIN))
+                .andExpect(status().isOk())
+                .andExpect(content().string("TNG VIEW_MEMBERS\n"));
+    }
+
     @Test
     public void testGetUserPermissions() throws Exception {
 
-- 
GitLab