Release/4.0.5

artifacts/src/main/java/org/openmbee/mms/artifacts/json/ArtifactJson.java

@@ -20,6 +20,7 @@ public class ArtifactJson extends HashMap<String, Object> {
     public static final String EXTENSION = "extension";
     public static final String LOCATION = "location";
     public static final String LOCATIONTYPE = "locationType";
+    public static final String CHECKSUM = "checksum";
 
     public ArtifactJson() {
         super();
@@ -77,6 +78,18 @@ public ArtifactJson setLocationType(String locationType) {
         return  this;
     }
 
+    @JsonProperty(CHECKSUM)
+    @Schema(accessMode = Schema.AccessMode.READ_ONLY)
+    public String getChecksum() {
+        return (String) this.get(CHECKSUM);
+    }
+
+    @JsonProperty(CHECKSUM)
+    public ArtifactJson setChecksum(String checksum) {
+        this.put(CHECKSUM, checksum);
+        return  this;
+    }
+
     public static List<ArtifactJson> getArtifacts(ElementJson elementJson){
 
         List<Object> rawArtifacts = (List)elementJson.get(ARTIFACTS);

artifacts/src/main/java/org/openmbee/mms/artifacts/objects/ArtifactResponse.java

@@ -3,6 +3,7 @@
 public class ArtifactResponse {
     private String mimeType;
     private String extension;
+    private String checksum;
     private byte[] data;
 
     public String getMimeType() {
@@ -21,6 +22,14 @@ public void setExtension(String extension) {
         this.extension = extension;
     }
 
+    public String getChecksum() {
+        return checksum;
+    }
+
+    public void setChecksum(String checksum) {
+        this.checksum = checksum;
+    }
+
     public byte[] getData() {
         return data;
     }

artifacts/src/main/java/org/openmbee/mms/artifacts/service/DefaultArtifactService.java

@@ -16,10 +16,14 @@
 import org.openmbee.mms.json.ElementJson;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.util.DigestUtils;
 import org.springframework.web.multipart.MultipartFile;
 
 import java.io.IOException;
-import java.util.*;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
 
 @Service
 public class DefaultArtifactService implements ArtifactService {
@@ -54,6 +58,7 @@ public ArtifactResponse get(String projectId, String refId, String id, Map<Strin
         response.setData(data);
         response.setExtension(artifact.getExtension());
         response.setMimeType(artifact.getMimeType());
+        response.setChecksum(artifact.getChecksum());
         return response;
     }
 
@@ -79,9 +84,10 @@ public ElementsResponse createOrUpdate(String projectId, String refId, String id
 
         String mimeType = getMimeTypeOfFile(file);
         String fileExtension = getFileExtension(file);
+        String checksum = getChecksumOfFile(file);
         String artifactLocation = artifactStorage.store(fileContents, elementJson, mimeType);
 
-        elementJson = attachOrUpdateArtifact(elementJson, artifactLocation, fileExtension, mimeType, "internal");
+        elementJson = attachOrUpdateArtifact(elementJson, artifactLocation, fileExtension, mimeType, "internal", checksum);
         ElementsRequest elementsRequest = new ElementsRequest();
         elementsRequest.setElements(Arrays.asList(elementJson));
         return nodeService.createOrUpdate(projectId, refId, elementsRequest, params, user);
@@ -113,7 +119,7 @@ private ElementJson getElement(NodeService nodeService, String projectId, String
         }
     }
 
-    private ElementJson attachOrUpdateArtifact(ElementJson elementJson, String artifactLocation, String fileExtension, String mimeType, String type) {
+    private ElementJson attachOrUpdateArtifact(ElementJson elementJson, String artifactLocation, String fileExtension, String mimeType, String type, String checksum) {
 
         List<ArtifactJson> artifacts = ArtifactJson.getArtifacts(elementJson);
         ArtifactJson artifact;
@@ -128,6 +134,7 @@ private ElementJson attachOrUpdateArtifact(ElementJson elementJson, String artif
         artifact.setExtension(fileExtension);
         artifact.setMimeType(mimeType);
         artifact.setLocationType(type);
+        artifact.setChecksum(checksum);
 
         ArtifactJson.setArtifacts(elementJson, artifacts);
         return elementJson;
@@ -166,6 +173,16 @@ private String getMimeTypeOfFile(MultipartFile file) {
         return file.getContentType();
     }
 
+    public static String getChecksumOfFile(MultipartFile file) {
+        String checksum = "";
+        try {
+            checksum = DigestUtils.md5DigestAsHex(file.getBytes());
+        } catch (IOException ioe) {
+            throw new BadRequestException(ioe);
+        }
+        return checksum;
+    }
+
     private NodeService getNodeService(String projectId) {
         return serviceFactory.getNodeService(getProjectType(projectId));
     }

build.gradle

@@ -157,4 +157,5 @@ subprojects {
             sign publishing.publications.mavenJava
         }
     }
-}
+
+}

example/artifacts.postman_collection.json

@@ -206,6 +206,7 @@
 							"    pm.expect(jsonData.elements.length).to.eql(1);",
 							"    pm.expect(jsonData.elements[0]['_artifacts'].length).to.eq(1);",
                             "    pm.expect(jsonData.elements[0]['_artifacts'][0].location).to.include('arta/x/jpg/')",
+                            "    pm.expect(jsonData.elements[0]['_artifacts'][0].checksum).to.include('c946d2fc350ad561fdb3c23c86a81343')",
                             "    pm.environment.set(\"commit-1-loc\", pm.response.json().elements[0]['_artifacts'][0].location);",
                             "    pm.environment.set(\"x-commit-1\", jsonData.elements[0][\"_commitId\"]);",
 							"});",
@@ -310,7 +311,8 @@
 							"pm.test(\"response element has 1 artifact\", function () {",
 							"    var jsonData = pm.response.json();",
 							"    pm.expect(jsonData.elements[0]['_artifacts'].length).to.eq(1);",
-							"});"
+                            "    pm.expect(jsonData.elements[0]['_artifacts'][0].checksum).to.include('5407655262fcca873c2f407f2dead2cf')",
+                            "});"
 						],
 						"type": "text/javascript"
 					}

example/src/main/resources/application.properties.example

@@ -16,6 +16,9 @@ ldap.provider.password=
 ldap.user.dn.pattern=uid={0}
 ldap.user.attributes.username=
 ldap.user.attributes.email=
+ldap.user.attributes.firstname=
+ldap.user.attributes.lastname=
+ldap.user.attributes.update=24
 ldap.group.role.attribute=cn
 ldap.group.search.base=
 ldap.group.search.filter=uniqueMember={0}

gradle.properties

@@ -1,4 +1,4 @@
-version=4.0.4
+version=4.0.5
 group=org.openmbee.mms
 
 springBootVersion=2.2.6.RELEASE

ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java

@@ -1,8 +1,11 @@
 package org.openmbee.mms.ldap;
 
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
 import java.util.*;
 
 import org.openmbee.mms.core.config.AuthorizationConstants;
+import org.openmbee.mms.data.domains.global.Base;
 import org.openmbee.mms.data.domains.global.Group;
 import org.openmbee.mms.rdb.repositories.GroupRepository;
 import org.openmbee.mms.rdb.repositories.UserRepository;
@@ -52,9 +55,18 @@ public class LdapSecurityConfig {
     @Value("${ldap.user.attributes.username:uid}")
     private String userAttributesUsername;
 
+    @Value("${ldap.user.attributes.firstname:givenname}")
+    private String userAttributesFirstName;
+
+    @Value("${ldap.user.attributes.lastname:sn}")
+    private String userAttributesLastName;
+
     @Value("${ldap.user.attributes.email:mail}")
     private String userAttributesEmail;
 
+    @Value("${ldap.user.attributes.update:24}")
+    private int userAttributesUpdate;
+
     @Value("${ldap.group.search.base:#{''}}")
     private String groupSearchBase;
 
@@ -115,18 +127,17 @@ private CustomLdapAuthoritiesPopulator(BaseLdapPathContextSource ldapContextSour
             public Collection<? extends GrantedAuthority> getGrantedAuthorities(
                 DirContextOperations userData, String username) {
                 Optional<User> userOptional = userRepository.findByUsername(username);
+
                 if (!userOptional.isPresent()) {
-                    User newUser = new User();
-                    newUser.setEmail(userData.getStringAttribute(userAttributesEmail));
-                    newUser.setUsername(userData.getStringAttribute(userAttributesUsername));
-                    newUser.setEnabled(true);
-                    newUser.setAdmin(false);
-                    userRepository.save(newUser);
+                    User newUser = createLdapUser(userData);
 
                     userOptional = Optional.of(newUser);
                 }
 
                 User user = userOptional.get();
+                if (user.getModified().isBefore(Instant.now().minus(userAttributesUpdate, ChronoUnit.HOURS))) {
+                    saveLdapUser(userData, user);
+                }
                 user.setPassword(null);
                 String userDn = userAttributesUsername + "=" + user.getUsername() + "," + providerBase;
 
@@ -178,4 +189,34 @@ public BaseLdapPathContextSource contextSource() {
         return contextSource;
     }
 
+    private User saveLdapUser(DirContextOperations userData, User saveUser) {
+        if (saveUser.getEmail() == null ||
+            !saveUser.getEmail().equals(userData.getStringAttribute(userAttributesEmail))
+        ) {
+            saveUser.setEmail(userData.getStringAttribute(userAttributesEmail));
+        }
+        if (saveUser.getFirstName() == null ||
+            !saveUser.getFirstName().equals(userData.getStringAttribute(userAttributesFirstName))
+        ) {
+            saveUser.setFirstName(userData.getStringAttribute(userAttributesFirstName));
+        }
+        if (saveUser.getLastName() == null ||
+            !saveUser.getLastName().equals(userData.getStringAttribute(userAttributesLastName))
+        ) {
+            saveUser.setLastName(userData.getStringAttribute(userAttributesLastName));
+        }
+
+        return saveUser;
+    }
+
+    private User createLdapUser(DirContextOperations userData) {
+        User user = saveLdapUser(userData, new User());
+        user.setUsername(userData.getStringAttribute(userAttributesUsername));
+        user.setEnabled(true);
+        user.setAdmin(false);
+        userRepository.save(user);
+
+
+        return user;
+    }
 }

localuser/src/main/java/org/openmbee/mms/localuser/controllers/LocalUserController.java

@@ -6,6 +6,7 @@
 import org.openmbee.mms.core.exceptions.NotFoundException;
 import org.openmbee.mms.core.exceptions.UnauthorizedException;
 import org.openmbee.mms.core.utils.AuthenticationUtils;
+import org.openmbee.mms.data.domains.global.User;
 import org.openmbee.mms.localuser.security.UserCreateRequest;
 import org.openmbee.mms.localuser.security.UserDetailsServiceImpl;
 import org.openmbee.mms.localuser.security.UsersResponse;
@@ -14,10 +15,10 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.ArrayList;
+import java.util.List;
 
 @RestController
 @Tag(name = "Auth")
@@ -43,10 +44,16 @@ public UserCreateRequest createUser(@RequestBody UserCreateRequest req) {
     }
 
     @GetMapping(value = "/users")
-    @PreAuthorize(AuthorizationConstants.IS_MMSADMIN)
-    public UsersResponse getUsers() {
+    @PreAuthorize("isAuthenticated()")
+    public UsersResponse getUsers(@RequestParam(required = false) String user) {
         UsersResponse res = new UsersResponse();
-        res.setUsers(userDetailsService.getUsers());
+        List<User> users = new ArrayList<>();
+        if (user != null) {
+            users.add(userDetailsService.loadUserByUsername(user).getUser());
+        } else {
+            users = userDetailsService.getUsers();
+        }
+        res.setUsers(users);
         return res;
     }
 

rdb/src/main/java/org/openmbee/mms/rdb/repositories/BranchGroupPermRepository.java

@@ -20,6 +20,8 @@ public interface BranchGroupPermRepository extends JpaRepository<BranchGroupPerm
 
     Optional<BranchGroupPerm> findByBranchAndGroupAndInheritedIsFalse(Branch b, Group g);
 
+    List<BranchGroupPerm> findAllByGroup_NameAndBranch_Project_ProjectId(String group, String projectId);
+
     boolean existsByBranchAndGroup_NameInAndRoleIn(Branch b, Set<String> groups, Set<Role> roles);
 
     void deleteByBranchAndGroup_NameInAndInheritedIsFalse(Branch b, Set<String> groups);

rdb/src/main/java/org/openmbee/mms/rdb/repositories/BranchRepository.java

@@ -1,5 +1,6 @@
 package org.openmbee.mms.rdb.repositories;
 
+import java.util.List;
 import java.util.Optional;
 import org.openmbee.mms.data.domains.global.Branch;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -10,4 +11,6 @@ public interface BranchRepository extends JpaRepository<Branch, Long> {
 
     Optional<Branch> findByProject_ProjectIdAndBranchId(String projectId, String branchId);
 
+    List<Branch> findAllByProject_ProjectId(String projectId);
+
 }

rdb/src/main/java/org/openmbee/mms/rdb/repositories/BranchUserPermRepository.java

@@ -1,5 +1,6 @@
 package org.openmbee.mms.rdb.repositories;
 
+import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 
@@ -19,6 +20,8 @@ public interface BranchUserPermRepository extends JpaRepository<BranchUserPerm,
 
     Optional<BranchUserPerm> findByBranchAndUserAndInheritedIsFalse(Branch b, User u);
 
+    List<BranchUserPerm> findAllByUser_UsernameAndBranch_Project_ProjectId(String user, String projectId);
+
     boolean existsByBranchAndUser_UsernameAndRoleIn(Branch b, String user, Set<Role> roles);
 
     void deleteByBranchAndUser_UsernameInAndInheritedIsFalse(Branch b, Set<String> users);

rdb/src/main/java/org/openmbee/mms/rdb/repositories/OrgGroupPermRepository.java

@@ -22,6 +22,8 @@ public interface OrgGroupPermRepository extends JpaRepository<OrgGroupPerm, Long
 
     List<OrgGroupPerm> findAllByOrganizationAndRole_Name(Organization org, String r);
 
+    List<OrgGroupPerm> findAllByGroup_Name(String group);
+
     boolean existsByOrganizationAndGroup_NameInAndRoleIn(Organization org, Set<String> user, Set<Role> roles);
 
     void deleteByOrganizationAndGroup_NameIn(Organization org, Set<String> groups);

rdb/src/main/java/org/openmbee/mms/rdb/repositories/OrgUserPermRepository.java

@@ -22,6 +22,8 @@ public interface OrgUserPermRepository extends JpaRepository<OrgUserPerm, Long>
 
     List<OrgUserPerm> findAllByOrganizationAndRole_Name(Organization org, String r);
 
+    List<OrgUserPerm> findAllByUser_Username(String username);
+
     boolean existsByOrganizationAndUser_UsernameAndRoleIn(Organization org, String user, Set<Role> roles);
 
     void deleteByOrganizationAndUser_UsernameIn(Organization org, Set<String> users);

rdb/src/main/java/org/openmbee/mms/rdb/repositories/OrganizationRepository.java

@@ -1,5 +1,6 @@
 package org.openmbee.mms.rdb.repositories;
 
+import java.util.List;
 import java.util.Optional;
 import org.openmbee.mms.data.domains.global.Organization;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -12,4 +13,6 @@ public interface OrganizationRepository extends JpaRepository<Organization, Long
 
     Optional<Organization> findByOrganizationName(String name);
 
+    List<Organization> findAllByIsPublicTrue();
+
 }

rdb/src/main/java/org/openmbee/mms/rdb/repositories/ProjectGroupPermRepository.java

@@ -24,6 +24,8 @@ public interface ProjectGroupPermRepository extends JpaRepository<ProjectGroupPe
 
     List<ProjectGroupPerm> findAllByProjectAndRole_Name(Project proj, String r);
 
+    List<ProjectGroupPerm> findAllByGroup_Name(String group);
+
     boolean existsByProjectAndGroup_NameInAndRoleIn(Project proj, Set<String> groups, Set<Role> roles);
 
     void deleteByProjectAndGroup_NameInAndInheritedIsFalse(Project proj, Set<String> groups);

rdb/src/main/java/org/openmbee/mms/rdb/repositories/ProjectRepository.java

@@ -17,4 +17,5 @@ public interface ProjectRepository extends JpaRepository<Project, Long> {
 
     List<Project> findAllByOrganizationOrganizationId(String id);
 
+    List<Project> findAllByIsPublicTrue();
 }

rdb/src/main/java/org/openmbee/mms/rdb/repositories/ProjectUserPermRepository.java

@@ -24,6 +24,8 @@ public interface ProjectUserPermRepository extends JpaRepository<ProjectUserPerm
 
     List<ProjectUserPerm> findAllByProjectAndRole_Name(Project proj, String r);
 
+    List<ProjectUserPerm> findAllByUser_Username(String user);
+
     boolean existsByProjectAndUser_UsernameAndRoleIn(Project proj, String user, Set<Role> roles);
 
     void deleteByProjectAndUser_UsernameInAndInheritedIsFalse(Project proj, Set<String> users);

storage/README.rst

@@ -7,6 +7,8 @@ This is an implementation of the ``artifacts`` interface using s3 and should wor
 
 `MinIO <https://min.io/product/overview>`_ is an open source s3 compatible object storage, it can be used standalone or can add a s3 api layer on top of existing providers using MinIO Gateway, for example, `NAS <https://docs.min.io/docs/minio-gateway-for-nas.html>`_
 
+If s3.access_key or s3.secret_key are omitted, will follow the `default credentials chain <https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html>`_
+
 Configuration
 ^^^^^^^^^^^^^