Skip to content

Commit 1687097

Browse files
jo-poljo-pol
committed
(re)extracted methods to solve merge conflict
1 parent 40351f5 commit 1687097

File tree

1 file changed

+76
-82
lines changed

1 file changed

+76
-82
lines changed

src/main/java/edu/harvard/iq/dataverse/PermissionServiceBean.java

Lines changed: 76 additions & 82 deletions
Original file line numberDiff line numberDiff line change
@@ -953,96 +953,90 @@ public List<Dataverse> findPermittedCollections(DataverseRequest request, Authen
953953

954954
public List<Dataverse> findPermittedCollections(DataverseRequest request, AuthenticatedUser user, int permissionBit, String searchTerm) {
955955
if (user != null) {
956-
// IP Group - Only check IP if a User is calling for themself
957-
String ipRangeSQL = "FALSE";
958-
if (request != null
959-
&& request.getAuthenticatedUser() != null
960-
&& !request.getAuthenticatedUser().isSuperuser()
961-
&& request.getSourceAddress() != null
962-
&& request.getAuthenticatedUser().getUserIdentifier().equalsIgnoreCase(user.getUserIdentifier())) {
963-
IpAddress ip = request.getSourceAddress();
964-
if (ip instanceof IPv4Address) {
965-
IPv4Address ipv4 = (IPv4Address) ip;
966-
ipRangeSQL = ipv4.toBigInteger() + " BETWEEN ipv4range.bottomaslong AND ipv4range.topaslong";
967-
} else if (ip instanceof IPv6Address) {
968-
IPv6Address ipv6 = (IPv6Address) ip;
969-
long[] vals = ipv6.toLongArray();
970-
if (vals.length == 4) {
971-
ipRangeSQL = """
972-
(@0 BETWEEN ipv6range.bottoma AND ipv6range.topa
973-
AND @1 BETWEEN ipv6range.bottomb AND ipv6range.topb
974-
AND @2 BETWEEN ipv6range.bottomc AND ipv6range.topc
975-
AND @3 BETWEEN ipv6range.bottomd AND ipv6range.topd)
976-
""";
977-
for (int i = 0; i < vals.length; i++) {
978-
ipRangeSQL = ipRangeSQL.replace("@" + i, String.valueOf(vals[i]));
979-
}
980-
}
981-
}
956+
var sqlCode = getBaseQueryForAllPermittedDataverses(request, user, permissionBit);
957+
if (searchTerm == null || searchTerm.isEmpty()) {
958+
return em.createNativeQuery(sqlCode, Dataverse.class).getResultList();
959+
} else if (user.isSuperuser()) {
960+
Query query = em.createNativeQuery(sqlCode.concat(WHERE).concat(SEARCH_PARAMS), Dataverse.class);
961+
setSearchParamValues(searchTerm, query);
962+
return query.getResultList();
982963
}
983-
String sqlCode;
984-
if (user.isSuperuser()) {
985-
sqlCode = LIST_ALL_DATAVERSES_SUPERUSER_HAS_PERMISSION;
986-
987-
if (searchTerm == null || searchTerm.isEmpty()) {
988-
return em.createNativeQuery(sqlCode, Dataverse.class).getResultList();
989-
} else {
990-
sqlCode = LIST_ALL_DATAVERSES_SUPERUSER_HAS_PERMISSION.concat(WHERE).concat(SEARCH_PARAMS);
964+
else {
965+
Query query = em.createNativeQuery(sqlCode.concat(AND).concat(SEARCH_PARAMS), Dataverse.class);
966+
setSearchParamValues(searchTerm, query);
967+
return query.getResultList();
968+
}
969+
}
970+
return null;
971+
}
991972

992-
String pattern = searchTerm.toLowerCase();
993-
String pattern1 = pattern + "%";
994-
String pattern2 = "% " + pattern + "%";
973+
public boolean hasMultiplePermittedCollections(DataverseRequest request, AuthenticatedUser user, int permissionBit) {
974+
if (user != null) {
975+
var sqlCode = getBaseQueryForAllPermittedDataverses(request, user, permissionBit) + " LIMIT 2";
976+
var resultList = em.createNativeQuery(sqlCode, Dataverse.class).getResultList();
977+
return resultList.size() > 1;
978+
}
979+
return false;
980+
}
995981

996-
// Adjust the queries for very short, 1
997-
if (pattern.length() == 1) {
998-
pattern1 = pattern;
999-
pattern2 = pattern + " %";
1000-
}
1001-
Query query = em.createNativeQuery(sqlCode, Dataverse.class);
1002-
query.setParameter(1, "%dataverse");
1003-
query.setParameter(2, pattern1);
1004-
query.setParameter(3, pattern2);
1005-
query.setParameter(4, "%dataverse");
1006-
query.setParameter(5, pattern1);
1007-
query.setParameter(6, pattern2);
1008-
return query.getResultList();
982+
private String getBaseQueryForAllPermittedDataverses(DataverseRequest request, AuthenticatedUser user, int permissionBit) {
983+
if (user.isSuperuser()) {
984+
return LIST_ALL_DATAVERSES_SUPERUSER_HAS_PERMISSION;
985+
} else {
986+
return LIST_ALL_DATAVERSES_USER_HAS_PERMISSION
987+
.replace("@USERID", String.valueOf(user.getId()))
988+
.replace("@PERMISSIONBIT", String.valueOf(permissionBit))
989+
.replace("@IPRANGESQL", getIpRange(request, user));
990+
}
991+
}
1009992

1010-
}
1011-
} else {
1012-
if (searchTerm == null || searchTerm.isEmpty()) {
1013-
sqlCode = LIST_ALL_DATAVERSES_USER_HAS_PERMISSION
1014-
.replace("@USERID", String.valueOf(user.getId()))
1015-
.replace("@PERMISSIONBIT", String.valueOf(permissionBit))
1016-
.replace("@IPRANGESQL", ipRangeSQL);
1017-
return em.createNativeQuery(sqlCode, Dataverse.class).getResultList();
1018-
} else {
1019-
String pattern = searchTerm.toLowerCase();
1020-
String pattern1 = pattern + "%";
1021-
String pattern2 = "% " + pattern + "%";
1022-
1023-
// Adjust the queries for very short, 1
1024-
if (pattern.length() == 1) {
1025-
pattern1 = pattern;
1026-
pattern2 = pattern + " %";
993+
private String getIpRange(DataverseRequest request, AuthenticatedUser user) {
994+
// IP Group - Only check IP if a User is calling for themself
995+
String ipRangeSQL = "FALSE";
996+
if (request != null
997+
&& request.getAuthenticatedUser() != null
998+
&& !request.getAuthenticatedUser().isSuperuser()
999+
&& request.getSourceAddress() != null
1000+
&& request.getAuthenticatedUser().getUserIdentifier().equalsIgnoreCase(user.getUserIdentifier())) {
1001+
IpAddress ip = request.getSourceAddress();
1002+
if (ip instanceof IPv4Address) {
1003+
IPv4Address ipv4 = (IPv4Address) ip;
1004+
ipRangeSQL = ipv4.toBigInteger() + " BETWEEN ipv4range.bottomaslong AND ipv4range.topaslong";
1005+
} else if (ip instanceof IPv6Address) {
1006+
IPv6Address ipv6 = (IPv6Address) ip;
1007+
long[] vals = ipv6.toLongArray();
1008+
if (vals.length == 4) {
1009+
ipRangeSQL = """
1010+
(@0 BETWEEN ipv6range.bottoma AND ipv6range.topa
1011+
AND @1 BETWEEN ipv6range.bottomb AND ipv6range.topb
1012+
AND @2 BETWEEN ipv6range.bottomc AND ipv6range.topc
1013+
AND @3 BETWEEN ipv6range.bottomd AND ipv6range.topd)
1014+
""";
1015+
for (int i = 0; i < vals.length; i++) {
1016+
ipRangeSQL = ipRangeSQL.replace("@" + i, String.valueOf(vals[i]));
10271017
}
1028-
1029-
sqlCode = LIST_ALL_DATAVERSES_USER_HAS_PERMISSION.concat(AND).concat(SEARCH_PARAMS)
1030-
.replace("@USERID", String.valueOf(user.getId()))
1031-
.replace("@PERMISSIONBIT", String.valueOf(permissionBit))
1032-
.replace("@IPRANGESQL", ipRangeSQL);
1033-
1034-
Query query = em.createNativeQuery(sqlCode, Dataverse.class);
1035-
query.setParameter(1, "%dataverse");
1036-
query.setParameter(2, pattern1);
1037-
query.setParameter(3, pattern2);
1038-
query.setParameter(4, "%dataverse");
1039-
query.setParameter(5, pattern1);
1040-
query.setParameter(6, pattern2);
1041-
return query.getResultList();
10421018
}
10431019
}
10441020
}
1045-
return null;
1021+
return ipRangeSQL;
1022+
}
1023+
1024+
private void setSearchParamValues(String searchTerm, Query query) {
1025+
String pattern = searchTerm.toLowerCase();
1026+
String pattern1 = pattern + "%";
1027+
String pattern2 = "% " + pattern + "%";
1028+
1029+
// Adjust the queries for very short, 1
1030+
if (pattern.length() == 1) {
1031+
pattern1 = pattern;
1032+
pattern2 = pattern + " %";
1033+
}
1034+
query.setParameter(1, "%dataverse");
1035+
query.setParameter(2, pattern1);
1036+
query.setParameter(3, pattern2);
1037+
query.setParameter(4, "%dataverse");
1038+
query.setParameter(5, pattern1);
1039+
query.setParameter(6, pattern2);
10461040
}
10471041

10481042
/**

0 commit comments

Comments
 (0)