Update getRecordStatusHistory and getRecordStatusHistoryByType to support getting working copy records history. (#8153)

* Update getRecordStatusHistory and getRecordStatusHistoryByType to support getting working copy records history.

* Also include workflow/last api in the changes.

* Update can edit to use non approved records when not specified.

Author: ianwallen

services/src/main/java/org/fao/geonet/api/ApiUtils.java

@@ -259,11 +259,19 @@ public static Path downloadUrlInTemp(String url) throws IOException, URISyntaxEx
     }
 
     /**
-     * Check if the current user can edit this record.
+     * Check if the current user can edit this record
      */
     public static AbstractMetadata canEditRecord(String metadataUuid, HttpServletRequest request) throws Exception {
+        return canEditRecord(metadataUuid, false, request);
+    }
+
+    /**
+     * Check if the current user can edit this record.
+     */
+    public static AbstractMetadata canEditRecord(String metadataUuid, boolean approved, HttpServletRequest request) throws Exception {
         ApplicationContext appContext = ApplicationContextHolder.get();
-        AbstractMetadata metadata = getRecord(metadataUuid);
+        String metadataId = getInternalId(metadataUuid, approved);
+        AbstractMetadata metadata = getRecord(metadataId);
         AccessManager accessManager = appContext.getBean(AccessManager.class);
         if (!accessManager.canEdit(createServiceContext(request), String.valueOf(metadata.getId()))) {
             throw new SecurityException(String.format(
@@ -297,8 +305,7 @@ public static AbstractMetadata canViewRecord(String metadataUuid, HttpServletReq
      * Check if the current user can view this record.
      */
     public static AbstractMetadata canViewRecord(String metadataUuid, boolean approved, HttpServletRequest request) throws Exception {
-        String metadataId;
-        metadataId = getInternalId(metadataUuid, approved);
+        String metadataId = getInternalId(metadataUuid, approved);
 
         AbstractMetadata metadata = getRecord(metadataId);
         try {

services/src/main/java/org/fao/geonet/api/records/MetadataWorkflowApi.java

@@ -176,9 +176,18 @@ public List<MetadataStatusResponse> getRecordStatusHistory(
         @Parameter(description = API_PARAM_RECORD_UUID, required = true) @PathVariable String metadataUuid,
         @RequestParam(required = false) boolean details,
         @Parameter(description = "Sort direction", required = false) @RequestParam(defaultValue = "DESC") Sort.Direction sortOrder,
+        @Parameter(description = "Use approved version or not", example = "true")
+        @RequestParam(required = false, defaultValue = "true")  Boolean approved,
         HttpServletRequest request) throws Exception {
         ServiceContext context = ApiUtils.createServiceContext(request);
-        AbstractMetadata metadata = ApiUtils.canViewRecord(metadataUuid, request);
+
+        AbstractMetadata metadata;
+        try {
+            metadata = ApiUtils.canViewRecord(metadataUuid, approved, request);
+        } catch (SecurityException e) {
+            Log.debug(API.LOG_MODULE_NAME, e.getMessage(), e);
+            throw new NotAllowedException(ApiParams.API_RESPONSE_NOT_ALLOWED_CAN_VIEW);
+        }
 
         String sortField = SortUtils.createPath(MetadataStatus_.changeDate);
 
@@ -199,9 +208,17 @@ public List<MetadataStatusResponse> getRecordStatusHistoryByType(
         @Parameter(description = "Type", required = true) @PathVariable StatusValueType type,
         @RequestParam(required = false) boolean details,
         @Parameter(description = "Sort direction", required = false) @RequestParam(defaultValue = "DESC") Sort.Direction sortOrder,
+        @Parameter(description = "Use approved version or not", example = "true")
+        @RequestParam(required = false, defaultValue = "true") Boolean approved,
         HttpServletRequest request) throws Exception {
         ServiceContext context = ApiUtils.createServiceContext(request);
-        AbstractMetadata metadata = ApiUtils.canViewRecord(metadataUuid, request);
+        AbstractMetadata metadata;
+        try {
+            metadata = ApiUtils.canViewRecord(metadataUuid, approved, request);
+        } catch (SecurityException e) {
+            Log.debug(API.LOG_MODULE_NAME, e.getMessage(), e);
+            throw new NotAllowedException(ApiParams.API_RESPONSE_NOT_ALLOWED_CAN_VIEW);
+        }
 
         String sortField = SortUtils.createPath(MetadataStatus_.changeDate);
 
@@ -223,8 +240,10 @@ public List<MetadataStatusResponse> getRecordStatusHistoryByType(
     @ResponseBody
     public MetadataWorkflowStatusResponse getStatus(
         @Parameter(description = API_PARAM_RECORD_UUID, required = true) @PathVariable String metadataUuid,
+        @Parameter(description = "Use approved version or not", example = "true")
+        @RequestParam(required = false, defaultValue = "true")  Boolean approved,
         HttpServletRequest request) throws Exception {
-        AbstractMetadata metadata = ApiUtils.canEditRecord(metadataUuid, request);
+        AbstractMetadata metadata = ApiUtils.canEditRecord(metadataUuid, approved, request);
         Locale locale = languageUtils.parseAcceptLanguage(request.getLocales());
         ResourceBundle messages = ApiUtils.getMessagesResourceBundle(request.getLocales());
         ServiceContext context = ApiUtils.createServiceContext(request, locale.getISO3Language());