Merge Hub Access Meeds-io/MIPs#63 (#653)

component/portal/src/main/java/io/meeds/portal/security/constant/UserRegistrationType.java

@@ -0,0 +1,26 @@
+/**
+ * This file is part of the Meeds project (https://meeds.io/).
+ *
+ * Copyright (C) 2020 - 2023 Meeds Association [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package io.meeds.portal.security.constant;
+
+public enum UserRegistrationType {
+
+  OPEN, RESTRICTED;
+
+}

component/portal/src/main/java/io/meeds/portal/security/model/RegistrationSetting.java

@@ -0,0 +1,39 @@
+/**
+ * This file is part of the Meeds project (https://meeds.io/).
+ *
+ * Copyright (C) 2020 - 2023 Meeds Association [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package io.meeds.portal.security.model;
+
+import io.meeds.portal.security.constant.UserRegistrationType;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class RegistrationSetting {
+
+  private UserRegistrationType type;
+
+  private boolean              externalUser;
+
+  private String[]             extraGroupIds;
+
+}

component/portal/src/main/java/io/meeds/portal/security/rest/RegistrationSettingRest.java

@@ -0,0 +1,71 @@
+/**
+ * This file is part of the Meeds project (https://meeds.io/).
+ *
+ * Copyright (C) 2020 - 2023 Meeds Association [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package io.meeds.portal.security.rest;
+
+import javax.annotation.security.RolesAllowed;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+import org.exoplatform.services.rest.resource.ResourceContainer;
+
+import io.meeds.portal.security.model.RegistrationSetting;
+import io.meeds.portal.security.service.SecuritySettingService;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+@Path("/registration/settings")
+@Tag(name = "/registration/settings", description = "Managing user registraion settings and flow")
+public class RegistrationSettingRest implements ResourceContainer {
+
+  private SecuritySettingService securitySettingService;
+
+  public RegistrationSettingRest(SecuritySettingService securitySettingService) {
+    this.securitySettingService = securitySettingService;
+  }
+
+  @GET
+  @Produces(MediaType.APPLICATION_JSON)
+  @RolesAllowed("administrators")
+  @Operation(summary = "Get user registraion settings", description = "Get user registraion settings", method = "GET")
+  @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Request fulfilled") })
+  public Response getRegistrationSetting() {
+    RegistrationSetting registrationSetting = securitySettingService.getRegistrationSetting();
+    return Response.ok(registrationSetting).build();
+  }
+
+  @PUT
+  @RolesAllowed("administrators")
+  @Consumes(MediaType.APPLICATION_JSON)
+  @Operation(summary = "Update user registraion settings and flow", description = "Update user registraion settings and flow", method = "PUT")
+  @ApiResponses(value = { @ApiResponse(responseCode = "204", description = "Request fulfilled") })
+  public Response updateRegistrationSetting(RegistrationSetting registrationSetting) {
+    securitySettingService.saveRegistrationSetting(registrationSetting);
+    return Response.noContent().build();
+  }
+
+}

component/portal/src/main/java/io/meeds/portal/security/service/SecuritySettingService.java

@@ -0,0 +1,165 @@
+/**
+ * This file is part of the Meeds project (https://meeds.io/).
+ *
+ * Copyright (C) 2020 - 2023 Meeds Association [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package io.meeds.portal.security.service;
+
+import static io.meeds.portal.security.constant.UserRegistrationType.OPEN;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+
+import org.exoplatform.commons.api.settings.SettingService;
+import org.exoplatform.commons.api.settings.SettingValue;
+import org.exoplatform.commons.api.settings.data.Context;
+import org.exoplatform.commons.api.settings.data.Scope;
+
+import io.meeds.portal.security.constant.UserRegistrationType;
+import io.meeds.portal.security.model.RegistrationSetting;
+
+public class SecuritySettingService {
+
+  protected static final String               INTERNAL_USERS_GROUP               = "/platform/users";
+
+  protected static final String               EXTERNAL_USERS_GROUP               = "/platform/externals";
+
+  protected static final Context              SECURITY_CONTEXT                   = Context.GLOBAL.id("SECURITY");
+
+  protected static final Scope                SECURITY_SCOPE                     = Scope.APPLICATION.id("SECURITY");
+
+  protected static final String               REGISTRATION_TYPE_PARAM            = "REGISTRATION_TYPE";
+
+  protected static final String               REGISTRATION_EXTERNAL_USER_PARAM   = "REGISTRATION_EXTERNAL_USER";
+
+  protected static final String               REGISTRATION_EXTRA_GROUPS_PARAM    = "REGISTRATION_EXTRA_GROUPS";
+
+  protected static final String               EXTRA_GROUPS_SEPARATOR             = ",";
+
+  protected static final UserRegistrationType DEFAULT_REGISTRATION_TYPE          =
+                                                                        UserRegistrationType.valueOf(System.getProperty("meeds.settings.access.type.default",
+                                                                                                                        OPEN.name()).toUpperCase());
+
+  protected static final boolean              DEFAULT_REGISTRATION_EXTERNAL_USER =
+                                                                                 Boolean.parseBoolean(System.getProperty("meeds.settings.access.externalUsers",
+                                                                                                                         "false").toLowerCase());
+
+  private RegistrationSetting                 registrationSetting;
+
+  private SettingService                      settingService;
+
+  public SecuritySettingService(SettingService settingService) {
+    this.settingService = settingService;
+  }
+
+  public RegistrationSetting getRegistrationSetting() {
+    if (registrationSetting == null) {
+      registrationSetting = new RegistrationSetting(getRegistrationType(),
+                                                    isRegistrationExternalUser(),
+                                                    getRegistrationExtraGroupIds());
+    }
+    return registrationSetting;
+  }
+
+  public void saveRegistrationSetting(RegistrationSetting registrationSetting) {
+    saveRegistrationType(registrationSetting.getType());
+    saveRegistrationExternalUser(registrationSetting.isExternalUser());
+    saveRegistrationExtraGroupIds(registrationSetting.getExtraGroupIds());
+  }
+
+  public String[] getRegistrationGroupIds() {
+    List<String> registrationExtraGroupIds = new ArrayList<>(Arrays.asList(getRegistrationExtraGroupIds()));
+    if (isRegistrationExternalUser()) {
+      registrationExtraGroupIds.add(EXTERNAL_USERS_GROUP);
+    } else {
+      registrationExtraGroupIds.add(INTERNAL_USERS_GROUP);
+    }
+    return registrationExtraGroupIds.stream().filter(StringUtils::isNotBlank).distinct().toList().toArray(new String[0]);
+  }
+
+  public UserRegistrationType getRegistrationType() {
+    SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_TYPE_PARAM);
+    if (settingValue == null || settingValue.getValue() == null) {
+      return DEFAULT_REGISTRATION_TYPE;
+    } else {
+      return UserRegistrationType.valueOf(settingValue.getValue().toString());
+    }
+  }
+
+  public void saveRegistrationType(UserRegistrationType registrationType) {
+    try {
+      if (registrationType == null) {
+        registrationType = DEFAULT_REGISTRATION_TYPE;
+      }
+      settingService.set(SECURITY_CONTEXT,
+                         SECURITY_SCOPE,
+                         REGISTRATION_TYPE_PARAM,
+                         SettingValue.create(registrationType.toString()));
+    } finally {
+      registrationSetting = null;
+    }
+  }
+
+  public boolean isRegistrationExternalUser() {
+    SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_EXTERNAL_USER_PARAM);
+    if (settingValue == null || settingValue.getValue() == null) {
+      return DEFAULT_REGISTRATION_EXTERNAL_USER;
+    } else {
+      return Boolean.parseBoolean(settingValue.getValue().toString());
+    }
+  }
+
+  public void saveRegistrationExternalUser(boolean externalUser) {
+    try {
+      settingService.set(SECURITY_CONTEXT,
+                         SECURITY_SCOPE,
+                         REGISTRATION_EXTERNAL_USER_PARAM,
+                         SettingValue.create(String.valueOf(externalUser)));
+    } finally {
+      registrationSetting = null;
+    }
+  }
+
+  public String[] getRegistrationExtraGroupIds() {
+    SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_EXTRA_GROUPS_PARAM);
+    if (settingValue == null || settingValue.getValue() == null) {
+      return new String[0];
+    } else {
+      return Arrays.stream(settingValue.getValue().toString().split(EXTRA_GROUPS_SEPARATOR))
+                   .filter(StringUtils::isNotBlank)
+                   .distinct()
+                   .toArray(String[]::new);
+    }
+  }
+
+  public void saveRegistrationExtraGroupIds(String[] groupIds) {
+    try {
+      if (groupIds == null) {
+        groupIds = new String[0];
+      }
+      settingService.set(SECURITY_CONTEXT,
+                         SECURITY_SCOPE,
+                         REGISTRATION_EXTRA_GROUPS_PARAM,
+                         SettingValue.create(StringUtils.join(groupIds, EXTRA_GROUPS_SEPARATOR)));
+    } finally {
+      registrationSetting = null;
+    }
+  }
+
+}