From 6be34572faae404dd53551654ea9fb4d9b961695 Mon Sep 17 00:00:00 2001
From: Stefano Maffei <stefano.maffei@4science.it>
Date: Wed, 5 Jun 2024 11:51:24 +0200
Subject: [PATCH 1/5] [LM-46] first set of changes for login miur properties

---
 .../ConfigurationRestRepository.java          | 20 ++++++++++++++++++-
 dspace/config/dspace.cfg                      |  4 ++++
 dspace/config/modules/rest.cfg                |  1 +
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
index 9af20394297d..dded3efe15b7 100644
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
@@ -7,11 +7,13 @@
  */
 package org.dspace.app.rest.repository;
 
+import java.sql.SQLException;
 import java.util.Arrays;
 import java.util.List;
 
 import org.dspace.app.rest.exception.RepositoryMethodNotImplementedException;
 import org.dspace.app.rest.model.PropertyRest;
+import org.dspace.authorize.service.AuthorizeService;
 import org.dspace.core.Context;
 import org.dspace.services.ConfigurationService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -27,13 +29,19 @@
 @Component(PropertyRest.CATEGORY + "." + PropertyRest.NAME)
 public class ConfigurationRestRepository extends DSpaceRestRepository<PropertyRest, String> {
 
+    @Autowired
+    private AuthorizeService authorizeService;
+
     private ConfigurationService configurationService;
     private List<String> exposedProperties;
+    private List<String> adminRestrictedProperties;
 
     @Autowired
     public ConfigurationRestRepository(ConfigurationService configurationService) {
         this.configurationService = configurationService;
         this.exposedProperties = Arrays.asList(configurationService.getArrayProperty("rest.properties.exposed"));
+        this.adminRestrictedProperties =
+            Arrays.asList(configurationService.getArrayProperty("admin.rest.properties.exposed"));
     }
 
     /**
@@ -54,9 +62,11 @@ public ConfigurationRestRepository(ConfigurationService configurationService) {
     @Override
     @PreAuthorize("permitAll()")
     public PropertyRest findOne(Context context, String property) {
-        if (!exposedProperties.contains(property) || !configurationService.hasProperty(property)) {
+        if (!exposedProperties.contains(property) || !configurationService.hasProperty(property)
+            || (isCurrentUserAdmin(context) && !adminRestrictedProperties.contains(property))) {
             throw new ResourceNotFoundException("No such configuration property: " + property);
         }
+
         String[] propertyValues = configurationService.getArrayProperty(property);
         PropertyRest propertyRest = new PropertyRest();
         propertyRest.setName(property);
@@ -64,6 +74,14 @@ public PropertyRest findOne(Context context, String property) {
         return propertyRest;
     }
 
+    private boolean isCurrentUserAdmin(Context context) {
+        try {
+            return authorizeService.isAdmin(context);
+        } catch (SQLException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     @Override
     public Page<PropertyRest> findAll(Context context, Pageable pageable) {
         throw new RepositoryMethodNotImplementedException("No implementation found; Method not allowed", "");
diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg
index aabdfecba4be..c0353d27d313 100644
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -1406,6 +1406,10 @@ webui.browse.link.1 = author:dc.contributor.*
 ### ANCE REQUEST JOURNALS ENDPOINT
 #ance.webservice.addjournal.endpoint = https://webservice.cineca.it/pubblicazioni
 
+### DLExporter URL
+loginmiur.dlexporter.accesstoken = 
+loginmiur.dlexporter.url = ${dspace.ui.url}/dlexporter/?accessToken=${loginmiur.dlexporter.accesstoken}
+
 
 ### i18n -  Locales / Language ####
 # Default Locale
diff --git a/dspace/config/modules/rest.cfg b/dspace/config/modules/rest.cfg
index faf7b248046b..0a8fe52a19ea 100644
--- a/dspace/config/modules/rest.cfg
+++ b/dspace/config/modules/rest.cfg
@@ -95,6 +95,7 @@ rest.properties.exposed = identifiers.item-status.register-doi
 rest.properties.exposed = authentication-password.domain.valid
 rest.properties.exposed = request.item.type
 rest.properties.exposed = handle.canonical.prefix
+admin.rest.properties.exposed = loginmiur.dlexporter.url
 #------------------------------------------------------------------#
 #------------DEDUPLICATION / DATAQUALITY CONFIGURATIONS------------#
 #------------------------------------------------------------------#

From c5b5128e3100932f9d3b8d506abd573e13822ded Mon Sep 17 00:00:00 2001
From: Stefano Maffei <stefano.maffei@4science.it>
Date: Tue, 16 Jul 2024 16:57:59 +0200
Subject: [PATCH 2/5] [LM-46] added tests and fixes for admin restricted
 properties

---
 .../repository/ConfigurationRestRepository.java     |  3 ++-
 .../app/rest/ConfigurationRestRepositoryIT.java     | 13 +++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
index dded3efe15b7..c00703786a9a 100644
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/ConfigurationRestRepository.java
@@ -62,7 +62,8 @@ public ConfigurationRestRepository(ConfigurationService configurationService) {
     @Override
     @PreAuthorize("permitAll()")
     public PropertyRest findOne(Context context, String property) {
-        if (!exposedProperties.contains(property) || !configurationService.hasProperty(property)
+        if ((!exposedProperties.contains(property) && !isCurrentUserAdmin(context))
+            || !configurationService.hasProperty(property)
             || (isCurrentUserAdmin(context) && !adminRestrictedProperties.contains(property))) {
             throw new ResourceNotFoundException("No such configuration property: " + property);
         }
diff --git a/dspace-server-webapp/src/test/java/org/dspace/app/rest/ConfigurationRestRepositoryIT.java b/dspace-server-webapp/src/test/java/org/dspace/app/rest/ConfigurationRestRepositoryIT.java
index 1eab1ef68eb7..20df3ac8ccc1 100644
--- a/dspace-server-webapp/src/test/java/org/dspace/app/rest/ConfigurationRestRepositoryIT.java
+++ b/dspace-server-webapp/src/test/java/org/dspace/app/rest/ConfigurationRestRepositoryIT.java
@@ -47,6 +47,19 @@ public void getNonExposedValue() throws Exception {
             .andExpect(status().isNotFound());
     }
 
+    @Test
+    public void getAdminRestrictedValue() throws Exception {
+        getClient().perform(get("/api/config/properties/loginmiur.dlexporter.url"))
+            .andExpect(status().isNotFound());
+    }
+
+    @Test
+    public void getAdminRestrictedValueRetrieved() throws Exception {
+        String tokenAdmin = getAuthToken(admin.getEmail(), password);
+        getClient(tokenAdmin).perform(get("/api/config/properties/loginmiur.dlexporter.url"))
+            .andExpect(status().is2xxSuccessful());
+    }
+
     @Test
     public void getAll() throws Exception {
         getClient().perform(get("/api/config/properties/"))

From 000c9145253417379ee8ad25fedb856061bfc80b Mon Sep 17 00:00:00 2001
From: Stefano Maffei <stefano.maffei@4science.it>
Date: Fri, 9 Aug 2024 09:00:09 +0200
Subject: [PATCH 3/5] [LM-46] changes in url for loginmiur DL exporter

---
 dspace/config/dspace.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg
index 9c39a80cadaa..a4466fea6ed5 100644
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -1417,7 +1417,7 @@ webui.browse.link.1 = author:dc.contributor.*
 
 ### DLExporter URL
 loginmiur.dlexporter.accesstoken = 
-loginmiur.dlexporter.url = ${dspace.ui.url}/dlexporter/?accessToken=${loginmiur.dlexporter.accesstoken}
+loginmiur.dlexporter.url = /dlexporter/?accessToken=${loginmiur.dlexporter.accesstoken}
 
 
 ### i18n -  Locales / Language ####

From 0ba41c275bd1d7679d17c534712a3a8e345b5d06 Mon Sep 17 00:00:00 2001
From: Stefano Maffei <stefano.maffei@4science.it>
Date: Fri, 9 Aug 2024 10:39:03 +0200
Subject: [PATCH 4/5] [LM-46] exposed login miur token

---
 dspace/config/modules/rest.cfg | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/dspace/config/modules/rest.cfg b/dspace/config/modules/rest.cfg
index 0a8fe52a19ea..da186c0a6794 100644
--- a/dspace/config/modules/rest.cfg
+++ b/dspace/config/modules/rest.cfg
@@ -96,6 +96,8 @@ rest.properties.exposed = authentication-password.domain.valid
 rest.properties.exposed = request.item.type
 rest.properties.exposed = handle.canonical.prefix
 admin.rest.properties.exposed = loginmiur.dlexporter.url
+admin.rest.properties.exposed = loginmiur.dlexporter.accesstoken
+
 #------------------------------------------------------------------#
 #------------DEDUPLICATION / DATAQUALITY CONFIGURATIONS------------#
 #------------------------------------------------------------------#

From cb20c8f6f13c756457f72cf1312ae6d90043f2a7 Mon Sep 17 00:00:00 2001
From: FrancescoMolinaro <francesco.molinaro@4science.com>
Date: Fri, 9 Aug 2024 11:18:56 +0200
Subject: [PATCH 5/5] [LM-46] refactor url

---
 dspace/config/dspace.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg
index a4466fea6ed5..fcd357761105 100644
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -1417,7 +1417,7 @@ webui.browse.link.1 = author:dc.contributor.*
 
 ### DLExporter URL
 loginmiur.dlexporter.accesstoken = 
-loginmiur.dlexporter.url = /dlexporter/?accessToken=${loginmiur.dlexporter.accesstoken}
+loginmiur.dlexporter.url = /dlexporter?accessToken=${loginmiur.dlexporter.accesstoken}
 
 
 ### i18n -  Locales / Language ####