[kbss-cvut/record-manager-ui#202] Replace types with roles

kbss-cvut · Oct 9, 2024 · 180b972 · 180b972
1 parent 4e3445b
commit 180b972
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java b/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java
@@ -1,5 +1,6 @@
 package cz.cvut.kbss.study.security;
 
+import cz.cvut.kbss.study.model.Role;
 import cz.cvut.kbss.study.rest.exception.BadRequestException;
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.security.core.Authentication;
@@ -14,7 +15,7 @@ public class CustomSwitchUserFilter extends SwitchUserFilter {
     @Override
     protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException {
         final Authentication switchTo = super.attemptSwitchUser(request);
-        if (switchTo.getAuthorities().stream().anyMatch(a -> SecurityConstants.ROLE_ADMIN.equals(a.getAuthority()))) {
+        if (switchTo.getAuthorities().stream().anyMatch(a -> Role.administrator.name().equals(a.getAuthority()))) {
             throw new BadRequestException("Cannot impersonate admin.");
         }
         return switchTo;

diff --git a/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java b/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java
@@ -1,5 +1,6 @@
 package cz.cvut.kbss.study.security.model;
 
+import cz.cvut.kbss.study.model.Role;
 import cz.cvut.kbss.study.model.User;
 import cz.cvut.kbss.study.security.SecurityConstants;
 import org.springframework.security.core.GrantedAuthority;
@@ -36,12 +37,10 @@ public UserDetails(User user, Collection<GrantedAuthority> authorities) {
 
     private void resolveRoles() {
         authorities.addAll(
-                user.getTypes().stream()
-                    .map(Role::forType)
-                    .filter(Optional::isPresent)
-                    .map(r -> new SimpleGrantedAuthority(r.get().getName()))
+                user.getRoleGroup().getRoles().stream()
+                    .map(r -> new SimpleGrantedAuthority(r.name()))
                     .toList());
-        authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_USER));
+        authorities.add(new SimpleGrantedAuthority(Role.user.name()));
     }
 
     public void eraseCredentials() {

diff --git a/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java b/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java
@@ -41,6 +41,7 @@ void attemptSwitchUserSwitchesCurrentUserToTarget() {
         source.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator));
         Environment.setCurrentUser(source);
         final User target = Generator.generateUser(null, null);
+        target.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.user));
         when(userDetailsService.loadUserByUsername(target.getUsername())).thenReturn(new UserDetails(target));
         final MockHttpServletRequest request = new MockHttpServletRequest();
         request.setParameter("username", target.getUsername());
@@ -55,7 +56,6 @@ void attemptSwitchUserThrowsBadRequestExceptionWhenTargetUserIsAdmin() {
         source.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator));
         Environment.setCurrentUser(source);
         final User target = Generator.generateUser(null, roleGroup);
-        target.addType(Vocabulary.s_i_administrator);
         target.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator));
         when(userDetailsService.loadUserByUsername(target.getUsername())).thenReturn(new UserDetails(target));
         final MockHttpServletRequest request = new MockHttpServletRequest();