},
{
key: "intendedRoles",
+ nonSortable: true,
header: I18n.t("invitations.intendedRoles"),
mapper: invitation => invitation.intendedRoles
},
{
- key: "inviter__name",
+ key: "name",
header: I18n.t("invitations.inviter"),
mapper: invitation =>
- {invitation.inviter.name}
- {invitation.inviter.email}
+ {invitation.name}
+ {invitation.inviter_email}
},
{
- key: "createdAt",
+ key: "created_at",
header: I18n.t("invitations.createdAt"),
- mapper: invitation => shortDateFromEpoch(invitation.createdAt)
+ mapper: invitation => shortDateFromEpoch(invitation.created_at, false)
},
{
- key: pending ? "expiryDate" : "acceptedAt",
- header: I18n.t(pending ? "invitations.expiryDate" : "invitations.acceptedAt"),
- mapper: invitation => pending ? invitationExpiry(invitation) : shortDateFromEpoch(invitation.acceptedAt)
+ key: "expiry_date",
+ header: I18n.t("invitations.expiryDate"),
+ mapper: invitation => invitationExpiry(invitation)
},
{
key: "adminIcons",
@@ -357,21 +323,6 @@ export const Invitations = ({
header: "",
mapper: invitation => actionIcons(invitation)
}];
- const filteredInvitations = filterValue.value === allValue ? invitations.current :
- invitations.current.filter(invitation => invitation.status === filterValue.value ||
- (filterValue.value === mineValue && invitation.inviter.email === user.email)
- );
- const countInvitations = filteredInvitations.length;
- const hasEntities = countInvitations > 0;
- let title = " ";
-
- if (hasEntities) {
- title = I18n.t(`invitations.${standAlone ? "found" : "foundWithStatus"}`, {
- count: countInvitations,
- status: pending ? I18n.t("invitations.pending") : I18n.t("invitations.accepted").toLowerCase(),
- plural: I18n.t(`invitations.${countInvitations === 1 ? "singleInvitation" : "multipleInvitations"}`)
- })
- }
return (
{confirmationOpen && }
- {history && }
- navigate("/invitation/new", {state: role.id}) : null}
customNoEntities={I18n.t(`invitations.noResults`)}
- loading={loading}
+ loading={false}
onHover={true}
- hideTitle={loading}
- filters={filter(filterOptions, filterValue)}
actions={actionButtons()}
- searchCallback={searchCallback}
searchAttributes={["name", "email", "schacHomeOrganization", "inviter__email", "inviter__name"]}
- inputFocus={true}>
+ customSearch={search}
+ totalElements={totalElements}
+ inputFocus={!searching}
+ hideTitle={searching}
+ busy={searching}
+ >
)
diff --git a/client/src/tabs/Invitations.scss b/client/src/tabs/Invitations.scss
index 22fa88fd..20d9fc83 100644
--- a/client/src/tabs/Invitations.scss
+++ b/client/src/tabs/Invitations.scss
@@ -14,7 +14,7 @@
width: 20%;
}
- &.intendedAuthority {
+ &.intended_authority {
width: 15%;
text-align: center;
}
@@ -23,17 +23,18 @@
width: 15%;
}
- &.inviter__name {
- width: 20%;
+ &.name {
+ width: 26%;
}
- &.createdAt {
- width: 15%;
+ &.created_at {
+ width: 12%;
}
- &.expiryDate {
- width: 15%;
+ &.expiry_date {
+ width: 12%;
}
+
&.adminIcons {
width: 80px;
}
@@ -51,19 +52,7 @@
text-align: center;
}
- &.enforceEmailEquality {
- text-align: center;
- }
-
- &.eduIDOnly {
- text-align: center;
- }
-
- &.intendedAuthority {
- text-align: center;
- }
-
- &.status {
+ &.intended_authority {
text-align: center;
}
diff --git a/client/src/tabs/Roles.js b/client/src/tabs/Roles.js
index 1752aa47..75e23681 100644
--- a/client/src/tabs/Roles.js
+++ b/client/src/tabs/Roles.js
@@ -3,7 +3,7 @@ import {useAppStore} from "../stores/AppStore";
import React, {useEffect, useState} from "react";
import {Entities} from "../components/Entities";
import I18n from "../locale/I18n";
-import {Button, ButtonSize, Chip, Loader, Tooltip} from "@surfnet/sds";
+import {Button, ButtonSize, Chip, Tooltip} from "@surfnet/sds";
import {useNavigate} from "react-router-dom";
import {AUTHORITIES, highestAuthority, isUserAllowed, markAndFilterRoles} from "../utils/UserRole";
import {rolesByApplication} from "../api";
@@ -19,7 +19,6 @@ export const Roles = () => {
const {user, config} = useAppStore(state => state);
const navigate = useNavigate();
- const [loading, setLoading] = useState(false);
const [searching, setSearching] = useState(true);
const [roles, setRoles] = useState([]);
const [paginationQueryParams, setPaginationQueryParams] = useState(defaultPagination());
@@ -39,9 +38,7 @@ export const Roles = () => {
paginationQueryParams.sortDirection === "DESC");
setRoles(newRoles);
setTotalElements(page.totalElements);
- //we need to avoid flickerings
- setTimeout(() => setSearching(false), 75);
- setLoading(false);
+ setSearching(false);
})
} else {
const newRoles = markAndFilterRoles(
@@ -54,7 +51,6 @@ export const Roles = () => {
false);
setRoles(newRoles);
setSearching(false);
- setLoading(false);
}
}, [user, paginationQueryParams]);// eslint-disable-line react-hooks/exhaustive-deps
@@ -144,7 +140,8 @@ export const Roles = () => {
const authority = authorityForRole(user, role);
const label = authority ? I18n.t(`access.${authority}`) : I18n.t("roles.noMember");
return }
+ label={label}/>
+ }
},
{
key: "userRoleCount",
@@ -154,10 +151,6 @@ export const Roles = () => {
];
- if (loading) {
- return
- }
-
const isSuperUser = isUserAllowed(AUTHORITIES.SUPER_USER, user);
const isManager = isUserAllowed(AUTHORITIES.INSTITUTION_ADMIN, user);
const isInstitutionAdmin = highestAuthority(user) === AUTHORITIES.INSTITUTION_ADMIN;
diff --git a/client/src/tabs/UserRoles.js b/client/src/tabs/UserRoles.js
index b5afe604..af55a9ea 100644
--- a/client/src/tabs/UserRoles.js
+++ b/client/src/tabs/UserRoles.js
@@ -1,7 +1,7 @@
import React, {useEffect, useState} from "react";
import I18n from "../locale/I18n";
import "./UserRoles.scss";
-import {Button, ButtonSize, ButtonType, Checkbox, Chip, ChipType, Loader, Tooltip} from "@surfnet/sds";
+import {Button, ButtonSize, ButtonType, Checkbox, Chip, ChipType, Tooltip} from "@surfnet/sds";
import {Entities} from "../components/Entities";
import {ReactComponent as AlarmBell} from "../icons/alarm_bell.svg";
import "./Users.scss";
@@ -25,7 +25,7 @@ export const UserRoles = ({role, guests}) => {
const {user, setFlash, config} = useAppStore(state => state);
const [removeNotAllowed, setRemoveNotAllowed] = useState({});
- const [userRoles, setUserRoles] = useState({});
+ const [userRoles, setUserRoles] = useState([]);
const [selectedUserRoles, setSelectedUserRoles] = useState({});
const [allSelected, setAllSelected] = useState(false);
const [paginationQueryParams, setPaginationQueryParams] = useState(defaultPagination());
@@ -33,7 +33,6 @@ export const UserRoles = ({role, guests}) => {
const [confirmation, setConfirmation] = useState({});
const [confirmationOpen, setConfirmationOpen] = useState(false);
const [searching, setSearching] = useState(true);
- const [loading, setLoading] = useState(true);
useEffect(() => {
setRemoveNotAllowed(highestAuthority(user) === AUTHORITIES.INVITER && !guests);
@@ -54,8 +53,7 @@ export const UserRoles = ({role, guests}) => {
setAllSelected(false);
setTotalElements(page.totalElements);
//we need to avoid flickerings
- setTimeout(() => setSearching(false), 75);
- setLoading(false);
+ setSearching(false);
});
},
[guests, user, paginationQueryParams]);// eslint-disable-line react-hooks/exhaustive-deps
@@ -78,10 +76,6 @@ export const UserRoles = ({role, guests}) => {
})
}, 375);
- if (loading) {
- return
- }
-
const showCheckAllHeader = () => {
return Object.entries(selectedUserRoles)
.filter(entry => entry[1].allowed)
@@ -106,8 +100,7 @@ export const UserRoles = ({role, guests}) => {
.then(() => {
setConfirmationOpen(false);
setFlash(I18n.t("userRoles.updateFlash", {roleName: userRole.role.name}));
- const path = encodeURIComponent(window.location.pathname);
- navigate(`/refresh-route/${path}`, {replace: true});
+ setPaginationQueryParams({...paginationQueryParams});
})
}
};
@@ -195,7 +188,7 @@ export const UserRoles = ({role, guests}) => {
};
const handleError = e => {
- setLoading(false);
+ setSearching(false);
e.response.json().then(j => {
const reference = j.reference || 999;
setConfirmation({
diff --git a/client/src/tabs/UserRoles.scss b/client/src/tabs/UserRoles.scss
index 38d275dc..14450c1f 100644
--- a/client/src/tabs/UserRoles.scss
+++ b/client/src/tabs/UserRoles.scss
@@ -20,7 +20,7 @@
}
&.name {
- width: 22%;
+ width: 24%;
}
&.me {
@@ -28,7 +28,7 @@
}
&.schac_home_organization {
- width: 14%;
+ width: 16%;
}
&.authority {
@@ -42,11 +42,11 @@
}
&.endDate {
- width: 22%;
+ width: 20%;
}
&.createdAt {
- width: 14%;
+ width: 12%;
}
&.adminIcons {
diff --git a/client/src/tabs/Users.js b/client/src/tabs/Users.js
index 2748f454..10f8d0cf 100644
--- a/client/src/tabs/Users.js
+++ b/client/src/tabs/Users.js
@@ -32,8 +32,7 @@ export const Users = () => {
.then(page => {
setUsers(page.content);
setTotalElements(page.totalElements);
- //we need to avoid flickerings
- setTimeout(() => setSearching(false), 75);
+ setSearching(false);
});
},
[currentUser, paginationQueryParams]);// eslint-disable-line react-hooks/exhaustive-deps
diff --git a/client/src/utils/Authority.js b/client/src/utils/Authority.js
index 3f7dd19c..23361d4a 100644
--- a/client/src/utils/Authority.js
+++ b/client/src/utils/Authority.js
@@ -36,13 +36,13 @@ export const chipTypeForUserRole = authority => {
}
export const invitationExpiry = invitation => {
- const expired = new Date(invitation.expiryDate * 1000) < new Date();
+ const expired = new Date(invitation.expiry_date) < new Date();
if (expired) {
return
}
- return shortDateFromEpoch(invitation.expiryDate);
+ return shortDateFromEpoch(invitation.expiry_date, false);
}
export const authorityForRole = (user, role) => {
diff --git a/client/src/utils/Pagination.js b/client/src/utils/Pagination.js
index e1fab010..80d6dbbb 100644
--- a/client/src/utils/Pagination.js
+++ b/client/src/utils/Pagination.js
@@ -19,6 +19,9 @@ export const paginationQueryParams = (page, queryParams = {}) => {
if (!isEmpty(page.sortDirection)) {
queryParams.sortDirection = page.sortDirection;
}
+ if (!isEmpty(page.roleId)) {
+ queryParams.roleId = encodeURIComponent(page.roleId);
+ }
}
return Object.entries(queryParams).reduce((acc, entry) => {
acc += `${entry[0]}=${encodeURIComponent(entry[1])}&`
diff --git a/client/src/utils/UserRole.js b/client/src/utils/UserRole.js
index f181b1f0..be8b2438 100644
--- a/client/src/utils/UserRole.js
+++ b/client/src/utils/UserRole.js
@@ -87,7 +87,8 @@ export const allowedToDeleteInvitation = (user, invitation) => {
invitation.roles
.every(invitationRole => allowedToRenewUserRole(user, {
...invitationRole,
- authority: invitation.intendedAuthority
+ authority: invitation.intended_authority,
+ user_id: invitation.user_id
}))
}
@@ -98,6 +99,7 @@ export const allowedToRenewUserRole = (user, userRole, deleteAction = false, tar
if (deleteAction && (user.id === userRole.userInfo?.id || user.id === userRole.user_id)) {
return true;
}
+
const allowedByApplicationForInstitutionAdmin = user.institutionAdmin && (user.applications || [])
.some(application => roleIsConnectedToApp(userRole.role, application));
const allowedByApplicationForManager = isApplicationManagerForUserRole(user, userRole);
diff --git a/server/src/main/java/access/api/InvitationController.java b/server/src/main/java/access/api/InvitationController.java
index 9ce82a83..7953c53d 100644
--- a/server/src/main/java/access/api/InvitationController.java
+++ b/server/src/main/java/access/api/InvitationController.java
@@ -26,6 +26,10 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
@@ -36,15 +40,19 @@
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import java.time.Instant;
import java.util.*;
import java.util.stream.Collectors;
+import java.util.stream.Stream;
import static access.SwaggerOpenIdConfig.API_TOKENS_SCHEME_NAME;
import static access.SwaggerOpenIdConfig.OPEN_ID_SCHEME_NAME;
+import static java.util.Collections.emptyList;
@RestController
@RequestMapping(value = {
@@ -261,18 +269,15 @@ public ResponseEntity> accept(@Validated @RequestBody Accept
Set manageIdentifiers = provisioning.getRemoteApplications().stream()
.map(app -> app.manageId()).collect(Collectors.toSet());
newUserRoles.stream()
- .filter(userRole -> userRole.getRole().getApplicationUsages().stream()
- .anyMatch(appUsage -> manageIdentifiers.contains(appUsage.getApplication().getManageId())))
-
.map(userRole -> userRole.getRole())
- .sorted(Comparator.comparing(Role::getName))
- .findFirst()
+ .filter(role -> role.getApplicationUsages().stream()
+ .anyMatch(appUsage -> manageIdentifiers.contains(appUsage.getApplication().getManageId())))
+ .min(Comparator.comparing(Role::getName))
.ifPresent(role -> {
body.put("userWaitTime", provisioning.getUserWaitTime());
body.put("role", role.getName());
});
});
-
return ResponseEntity.status(HttpStatus.CREATED).body(body);
}
@@ -305,12 +310,80 @@ private void saveOAuth2AuthenticationToken(Authentication authentication,
@GetMapping("roles/{roleId}")
public ResponseEntity> byRole(@PathVariable("roleId") Long roleId, @Parameter(hidden = true) User user) {
LOG.debug(String.format("/roles/%s by user %s", roleId, user.getEduPersonPrincipalName()));
+
Role role = roleRepository.findById(roleId).orElseThrow(() -> new NotFoundException("Role not found"));
UserPermissions.assertRoleAccess(user, role, Authority.INVITER);
List invitations = invitationRepository.findByStatusAndRoles_role(Status.OPEN, role);
return ResponseEntity.ok(invitations);
}
+ @GetMapping("search")
+ public ResponseEntity>> search(@Parameter(hidden = true) User user,
+ @RequestParam(value = "roleId", required = false) Long roleId,
+ @RequestParam(value = "query", required = false, defaultValue = "") String query,
+ @RequestParam(value = "pageNumber", required = false, defaultValue = "0") int pageNumber,
+ @RequestParam(value = "pageSize", required = false, defaultValue = "10") int pageSize,
+ @RequestParam(value = "sort", required = false, defaultValue = "name") String sort,
+ @RequestParam(value = "sortDirection", required = false, defaultValue = "ASC") String sortDirection) {
+ LOG.debug(String.format("/search for invitations %s", user.getEduPersonPrincipalName()));
+
+ Page> invitationsPage;
+ Pageable pageable = PageRequest.of(pageNumber, pageSize, Sort.by(Sort.Direction.fromString(sortDirection), sort));
+
+ if (roleId == null) {
+ UserPermissions.assertSuperUser(user);
+ invitationsPage = StringUtils.hasText(query) ?
+ invitationRepository.searchByStatusPageWithKeyword(Status.OPEN, FullSearchQueryParser.parse(query), pageable) :
+ invitationRepository.searchByStatusPage(Status.OPEN, pageable);
+ } else {
+ Role role = roleRepository.findById(roleId).orElseThrow(() -> new NotFoundException("Role not found"));
+ UserPermissions.assertRoleAccess(user, role, Authority.INVITER);
+ invitationsPage = StringUtils.hasText(query) ?
+ invitationRepository.searchByStatusAndRoleWithKeywordPage(Status.OPEN, role.getId(), FullSearchQueryParser.parse(query), pageable) :
+ invitationRepository.searchByStatusAndRolePage(Status.OPEN, role.getId(), pageable);
+ }
+ if (invitationsPage.getTotalElements() == 0L) {
+ return ResponseEntity.ok(invitationsPage);
+ }
+ List invitationIdentifiers = invitationsPage.getContent().stream()
+ .map(m -> (Long) m.get("id")).toList();
+ //The rolesAndManageIdentifiers is a cartesian product, but the relationship between invitation, role and application is mainly 1-1-1
+ List> rolesAndManageIdentifiers = invitationRepository.findRoles(invitationIdentifiers);
+ Map>> rolesGroupedByInvitation = rolesAndManageIdentifiers
+ .stream()
+ .collect(Collectors.groupingBy(m -> (Long) m.get("id")));
+ //We need to add all roles, but also a list of manageIdentifiers for each role
+ List> invitations = invitationsPage.getContent()
+ .stream()
+ //Must copy to avoid java.lang.UnsupportedOperationException: A TupleBackedMap cannot be modified
+ .map(invitationMap -> {
+ Map copy = new HashMap<>(invitationMap);
+ List> aggregatedRoles = rolesGroupedByInvitation.get((Long) invitationMap.get("id"));
+ //For Invitations for SuperUsers and InstitutionAdmins have no userRoles
+ if (CollectionUtils.isEmpty(aggregatedRoles)) {
+ copy.put("roles", emptyList());
+ return copy;
+ }
+ Map>> rolesGroupedByRole = aggregatedRoles
+ .stream()
+ .collect(Collectors.groupingBy(m -> (Long) m.get("role_id")));
+ List> roles = rolesGroupedByRole
+ .entrySet()
+ .stream()
+ .map(entry -> Map.of(
+ "id", entry.getKey(),
+ "name", entry.getValue().getFirst().get("name"),
+ "manageIdentifiers", entry.getValue().stream().map(m -> m.get("manage_id")).toList()
+ ))
+ .toList();
+ copy.put("roles", roles);
+ return copy;
+ })
+ .toList();
+ return Pagination.of(invitationsPage, invitations);
+ }
+
+
private void checkEmailEquality(User user, Invitation invitation) {
if (invitation.isEnforceEmailEquality() && !invitation.getEmail().equalsIgnoreCase(user.getEmail())) {
throw new InvitationEmailMatchingException(
diff --git a/server/src/main/java/access/repository/InvitationRepository.java b/server/src/main/java/access/repository/InvitationRepository.java
index 5ce541bb..97671cab 100644
--- a/server/src/main/java/access/repository/InvitationRepository.java
+++ b/server/src/main/java/access/repository/InvitationRepository.java
@@ -3,15 +3,21 @@
import access.model.Invitation;
import access.model.Role;
import access.model.Status;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
import org.springframework.data.jpa.repository.EntityGraph;
import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.jpa.repository.QueryRewriter;
import org.springframework.stereotype.Repository;
import java.util.List;
+import java.util.Map;
import java.util.Optional;
@Repository
-public interface InvitationRepository extends JpaRepository {
+public interface InvitationRepository extends JpaRepository, QueryRewriter {
@EntityGraph(value = "findByHash", type = EntityGraph.EntityGraphType.LOAD,
attributePaths = {"inviter", "roles", "roles.role"})
@@ -23,5 +29,91 @@ public interface InvitationRepository extends JpaRepository {
List findByStatusAndRoles_role(Status status, Role role);
- List findByRoles_roleIsIn(List roles);
+ @Query(value = """
+ SELECT i.id, i.email, i.intended_authority,i.created_at, i.expiry_date,
+ u.id as user_id, u.name, u.email as inviter_email
+ FROM invitations i INNER JOIN users u ON u.id = i.inviter_id
+ WHERE i.status = ?1
+ """,
+ countQuery = "SELECT count(*) FROM invitations WHERE status = ?1",
+ queryRewriter = InvitationRepository.class,
+ nativeQuery = true)
+ Page> searchByStatusPage(Status status, Pageable pageable);
+
+ @Query(value = """
+ SELECT i.id, i.email, i.intended_authority,i.created_at, i.expiry_date,
+ u.id as user_id, u.name, u.email as inviter_email
+ FROM invitations i INNER JOIN users u ON u.id = i.inviter_id
+ WHERE i.status = ?1 AND
+ (MATCH(i.email) AGAINST(?2 IN BOOLEAN MODE)
+ OR MATCH (u.given_name, u.family_name, u.email) against (?2 IN BOOLEAN MODE))
+ """,
+ countQuery = """
+ SELECT count(*) FROM invitations i INNER JOIN users u ON u.id = i.inviter_id
+ WHERE status = ?1 AND
+ (MATCH(i.email) AGAINST(?2 IN BOOLEAN MODE)
+ OR MATCH (u.given_name, u.family_name, u.email) against (?2 IN BOOLEAN MODE))
+ """,
+ queryRewriter = InvitationRepository.class,
+ nativeQuery = true)
+ Page> searchByStatusPageWithKeyword(Status status, String keyWord, Pageable pageable);
+
+ @Query(value = """
+ SELECT i.id, i.email, i.intended_authority,i.created_at, i.expiry_date,
+ u.id as user_id, u.name, u.email as inviter_email
+ FROM invitations i INNER JOIN users u ON u.id = i.inviter_id INNER JOIN invitation_roles ir ON ir.invitation_id = i.id
+ INNER JOIN roles r ON r.id = ir.role_id
+ WHERE i.status = ?1 AND r.id = ?2
+ """,
+ countQuery = """
+ SELECT count(*) FROM invitations i
+ INNER JOIN invitation_roles ir ON ir.invitation_id = i.id
+ INNER JOIN roles r ON r.id = ir.role_id
+ WHERE status = ?1 and role_id = ?2
+ """,
+ queryRewriter = InvitationRepository.class,
+ nativeQuery = true)
+ Page> searchByStatusAndRolePage(Status status, Long roleId, Pageable pageable);
+
+ @Query(value = """
+ SELECT i.id, i.email, i.intended_authority,i.created_at, i.expiry_date,
+ u.id as user_id, u.name, u.email as inviter_email
+ FROM invitations i INNER JOIN users u ON u.id = i.inviter_id INNER JOIN invitation_roles ir ON ir.invitation_id = i.id
+ INNER JOIN roles r ON r.id = ir.role_id
+ WHERE i.status = ?1 AND r.id = ?2 AND
+ (MATCH(i.email) AGAINST(?3 IN BOOLEAN MODE)
+ OR MATCH (u.given_name, u.family_name, u.email) against (?3 IN BOOLEAN MODE))
+ """,
+ countQuery = """
+ SELECT count(*) FROM invitations i
+ INNER JOIN invitation_roles ir ON ir.invitation_id = i.id
+ INNER JOIN roles r ON r.id = ir.role_id
+ INNER JOIN users u ON u.id = i.inviter_id
+ WHERE status = ?1 and role_id = ?2 AND
+ (MATCH(i.email) AGAINST(?3 IN BOOLEAN MODE)
+ OR MATCH (u.given_name, u.family_name, u.email) against (?3 IN BOOLEAN MODE))
+ """,
+ queryRewriter = InvitationRepository.class,
+ nativeQuery = true)
+ Page> searchByStatusAndRoleWithKeywordPage(Status status, Long roleId, String keyWord, Pageable pageable);
+
+ @Query(value = """
+ SELECT ir.invitation_id as id, r.name, r.id as role_id, a.manage_id
+ FROM roles r INNER JOIN invitation_roles ir ON ir.role_id = r.id
+ INNER JOIN application_usages au ON au.role_id = r.id
+ INNER JOIN applications a ON a.id = au.application_id
+ WHERE ir.invitation_id IN ?1
+ """, nativeQuery = true)
+ List> findRoles(List invitationIdentifiers);
+
+ @Override
+ default String rewrite(String query, Sort sort) {
+ Sort.Order nameSort = sort.getOrderFor("name");
+ if (nameSort != null) {
+ return query.replace("order by i.name", "order by u.name");
+ }
+ return query;
+ }
+
+
}
diff --git a/server/src/main/java/access/repository/RoleRepository.java b/server/src/main/java/access/repository/RoleRepository.java
index 6eef3195..323f900f 100644
--- a/server/src/main/java/access/repository/RoleRepository.java
+++ b/server/src/main/java/access/repository/RoleRepository.java
@@ -48,8 +48,8 @@ SELECT COUNT(r.id) FROM roles r WHERE MATCH (name, description) against (?1 IN B
@Query(value = """
- SELECT r.id as id, r.name as name, r.description as description,
- (SELECT COUNT(*) FROM user_roles ur WHERE ur.role_id=r.id) as userRoleCount
+ SELECT r.id AS id, r.name AS name, r.description AS description,
+ (SELECT COUNT(*) FROM user_roles ur WHERE ur.role_id=r.id) AS userRoleCount
FROM roles r WHERE r.organization_guid = ?1
""",
countQuery = """
@@ -60,9 +60,9 @@ SELECT COUNT(r.id) FROM roles r WHERE r.organization_guid = ?1
Page> searchByPageAndOrganizationGUID(String organizationGUID, Pageable pageable);
@Query(value = """
- SELECT r.id as role_id, a.manage_id as manage_id, a.manage_type as manage_type
- FROM applications a INNER JOIN application_usages au on au.application_id = a.id
- INNER JOIN roles r on au.role_id = r.id WHERE r.id in ?1
+ SELECT r.id AS role_id, a.manage_id AS manage_id, a.manage_type AS manage_type
+ FROM applications a INNER JOIN application_usages au ON au.application_id = a.id
+ INNER JOIN roles r ON au.role_id = r.id WHERE r.id IN ?1
""",
nativeQuery = true)
List> findApplications(List roleIdentifiers);
diff --git a/server/src/main/java/access/seed/PerformanceSeed.java b/server/src/main/java/access/seed/PerformanceSeed.java
index 300f1744..04430aec 100644
--- a/server/src/main/java/access/seed/PerformanceSeed.java
+++ b/server/src/main/java/access/seed/PerformanceSeed.java
@@ -5,9 +5,11 @@
import access.manage.Manage;
import access.manage.ManageIdentifier;
import access.model.*;
+import access.provision.scim.GroupURN;
import access.repository.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.sql.DataSource;
@@ -30,6 +32,7 @@ public class PerformanceSeed {
private final UserRoleRepository userRoleRepository;
private final InvitationRepository invitationRepository;
private final Manage manage;
+ private final String groupUrnPrefix;
public PerformanceSeed(UserRepository userRepository,
RoleRepository roleRepository,
@@ -37,13 +40,14 @@ public PerformanceSeed(UserRepository userRepository,
UserRoleRepository userRoleRepository,
InvitationRepository invitationRepository,
Manage manage,
- DataSource dataSource) {
+ @Value("${voot.group_urn_domain}") String groupUrnPrefix) {
this.userRepository = userRepository;
this.roleRepository = roleRepository;
this.applicationRepository = applicationRepository;
this.userRoleRepository = userRoleRepository;
this.invitationRepository = invitationRepository;
this.manage = manage;
+ this.groupUrnPrefix = groupUrnPrefix;
}
public Map go(int numberOfRoles, int numberOfUsers) {
@@ -167,6 +171,7 @@ private Role createRole(List> providers, String institutionG
false,
false);
role.setOrganizationGUID(institutionGuid);
+ role.setUrn(GroupURN.urnFromRole(this.groupUrnPrefix, role));
return role;
}
diff --git a/server/src/main/resources/application.yml b/server/src/main/resources/application.yml
index 4788d5e6..26965c89 100644
--- a/server/src/main/resources/application.yml
+++ b/server/src/main/resources/application.yml
@@ -57,9 +57,7 @@ spring:
properties:
hibernate:
naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
- format_sql: false
open-in-view: false
- show-sql: false
datasource:
driver-class-name: org.mariadb.jdbc.Driver
url: jdbc:mysql://localhost/invite?autoReconnect=true&useSSL=false&permitMysqlScheme=true&allowPublicKeyRetrieval=true
diff --git a/server/src/main/resources/db/mysql/migration/V42_0__invitations_indexes.sql b/server/src/main/resources/db/mysql/migration/V42_0__invitations_indexes.sql
new file mode 100644
index 00000000..115317bd
--- /dev/null
+++ b/server/src/main/resources/db/mysql/migration/V42_0__invitations_indexes.sql
@@ -0,0 +1,9 @@
+ALTER TABLE `invitations`
+ ADD INDEX `status_index` (`status`);
+ALTER TABLE `invitations`
+ ADD INDEX `created_at_index` (`created_at`);
+ALTER TABLE `invitations`
+ ADD INDEX `expiry_date_index` (`expiry_date`);
+ALTER TABLE `invitations`
+ ADD FULLTEXT INDEX `email_index` (`email`);
+
diff --git a/server/src/test/java/access/api/InvitationControllerTest.java b/server/src/test/java/access/api/InvitationControllerTest.java
index 027636df..419d3e74 100644
--- a/server/src/test/java/access/api/InvitationControllerTest.java
+++ b/server/src/test/java/access/api/InvitationControllerTest.java
@@ -2,6 +2,7 @@
import access.AbstractTest;
import access.AccessCookieFilter;
+import access.DefaultPage;
import access.exception.NotFoundException;
import access.manage.EntityType;
import access.model.*;
@@ -12,6 +13,7 @@
import io.restassured.http.ContentType;
import org.junit.jupiter.api.Test;
import org.springframework.data.domain.Example;
+import org.springframework.data.domain.Sort;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;
@@ -650,4 +652,160 @@ void resendInviteMailExpirationDate() throws Exception {
assertTrue(savedInvitation.getExpiryDate().isAfter(Instant.now().plus(13, ChronoUnit.DAYS)));
}
+ @Test
+ void invitationsSearchSuperUser() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", SUPER_SUB);
+
+ DefaultPage> page = given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("pageNumber", 0)
+ .queryParam("pageSize", 3)
+ .queryParam("sort", "email")
+ .queryParam("sortDirection", Sort.Direction.DESC.name())
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .as(new TypeRef<>() {
+ });
+
+ assertEquals(6, page.getTotalElements());
+
+ List> content = page.getContent();
+ assertEquals(3, content.size());
+ List> invitations = content.stream().filter(m -> ((List>) m.get("roles")).size() == 2)
+ .toList();
+ assertEquals(1, invitations.size());
+ }
+
+ @Test
+ void invitationsSearchSuperUserWithKeyword() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", SUPER_SUB);
+
+ DefaultPage> page = given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("query", "invite")
+ .queryParam("pageNumber", 0)
+ .queryParam("pageSize", 3)
+ .queryParam("sort", "created_at")
+ .queryParam("sortDirection", Sort.Direction.DESC.name())
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .as(new TypeRef<>() {
+ });
+
+ assertEquals(1, page.getTotalElements());
+ List> invitations = page.getContent();
+ Map invitation = invitations.getFirst();
+ List actual = ((List>) invitation.get("roles"))
+ .stream()
+ .map(m -> (String) m.get("name"))
+ .sorted()
+ .toList();
+ assertEquals(List.of("Calendar", "Mail"), actual);
+ assertEquals("inviter@new.com", invitation.get("email"));
+ assertEquals("paul.doe@example.com", invitation.get("inviter_email"));
+ }
+
+ @Test
+ void invitationsSearchInviter() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", INVITER_SUB);
+ Role role = roleRepository.findByName("Calendar").get();
+
+ DefaultPage> page = given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("roleId", role.getId())
+ .queryParam("pageNumber", 0)
+ .queryParam("pageSize", 1)
+ .queryParam("sort", "email")
+ .queryParam("sortDirection", Sort.Direction.DESC.name())
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .as(new TypeRef<>() {
+ });
+
+ assertEquals(1, page.getTotalElements());
+ List> invitations = page.getContent();
+ assertEquals(1, invitations.size());
+
+ Map invitation = invitations.getFirst();
+ List actual = ((List>) invitation.get("roles"))
+ .stream()
+ .map(m -> (String) m.get("name"))
+ .sorted()
+ .toList();
+ assertEquals(List.of("Calendar", "Mail"), actual);
+ }
+
+ @Test
+ void invitationsSearchInviterWithKeyword() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", INVITER_SUB);
+ Role role = roleRepository.findByName("Calendar").get();
+
+ DefaultPage> page = given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("roleId", role.getId())
+ .queryParam("query", "john")
+ .queryParam("pageNumber", 0)
+ .queryParam("pageSize", 3)
+ .queryParam("sort", "name")
+ .queryParam("sortDirection", Sort.Direction.DESC.name())
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .as(new TypeRef<>() {
+ });
+
+ assertEquals(1, page.getTotalElements());
+ }
+
+ @Test
+ void invitationsSearchInviterWithKeywordNoResults() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", INVITER_SUB);
+ Role role = roleRepository.findByName("Calendar").get();
+
+ DefaultPage> page = given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("roleId", role.getId())
+ .queryParam("query", "NOPE")
+ .queryParam("pageNumber", 0)
+ .queryParam("pageSize", 3)
+ .queryParam("sort", "name")
+ .queryParam("sortDirection", Sort.Direction.DESC.name())
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .as(new TypeRef<>() {
+ });
+
+ assertEquals(0, page.getTotalElements());
+ }
+
+ @Test
+ void invitationsSearchInviterWithKeyword404() throws Exception {
+ AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", INVITER_SUB);
+ given()
+ .when()
+ .filter(accessCookieFilter.cookieFilter())
+ .accept(ContentType.JSON)
+ .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
+ .queryParam("roleId", 999)
+ .contentType(ContentType.JSON)
+ .get("/api/v1/invitations/search")
+ .then()
+ .statusCode(404);
+ }
+
+
}
\ No newline at end of file