Add managing directory permissions endpoints (#138)

achour94 · web-flow · commit 7f6e8fe2d19e · 2025-04-01T09:39:04.000+02:00
Signed-off-by: achour94 &lt;berrahmaachour@gmail.com&gt;
diff --git a/src/main/java/org/gridsuite/explore/server/ExploreController.java b/src/main/java/org/gridsuite/explore/server/ExploreController.java
@@ -663,4 +663,33 @@ public ResponseEntity<Void> hasRight(@PathVariable("directoryUuid") UUID directo
             return ResponseEntity.noContent().build();
         }
     }
+
+    @GetMapping(value = "/explore/directories/{directoryUuid}/permissions", produces = MediaType.APPLICATION_JSON_VALUE)
+    @Operation(summary = "Get permissions for a directory")
+    @ApiResponses(value = {
+        @ApiResponse(responseCode = "200", description = "The permissions for the directory"),
+        @ApiResponse(responseCode = "403", description = "Not authorized to view permissions for this directory"),
+        @ApiResponse(responseCode = "404", description = "The directory was not found")
+    })
+    @PreAuthorize("@authorizationService.isAuthorized(#userId, #directoryUuid, null, T(org.gridsuite.explore.server.dto.PermissionType).READ)")
+    public ResponseEntity<List<PermissionDTO>> getDirectoryPermissions(@PathVariable("directoryUuid") UUID directoryUuid,
+                                                          @RequestHeader(QUERY_PARAM_USER_ID) String userId) {
+        return ResponseEntity.ok().contentType(MediaType.APPLICATION_JSON)
+                .body(directoryService.getDirectoryPermissions(directoryUuid, userId));
+    }
+
+    @PutMapping(value = "/explore/directories/{directoryUuid}/permissions", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @Operation(summary = "Set permissions for a directory")
+    @ApiResponses(value = {
+        @ApiResponse(responseCode = "200", description = "Permissions were successfully updated"),
+        @ApiResponse(responseCode = "403", description = "Not authorized to update permissions for this directory"),
+        @ApiResponse(responseCode = "404", description = "The directory was not found")
+    })
+    @PreAuthorize("@authorizationService.isAuthorized(#userId, #directoryUuid, null, T(org.gridsuite.explore.server.dto.PermissionType).MANAGE)")
+    public ResponseEntity<Void> setDirectoryPermissions(@PathVariable("directoryUuid") UUID directoryUuid,
+                                                        @RequestBody List<PermissionDTO> permissions,
+                                                        @RequestHeader(QUERY_PARAM_USER_ID) String userId) {
+        directoryService.setDirectoryPermissions(directoryUuid, permissions, userId);
+        return ResponseEntity.ok().build();
+    }
 }
diff --git a/src/main/java/org/gridsuite/explore/server/dto/PermissionDTO.java b/src/main/java/org/gridsuite/explore/server/dto/PermissionDTO.java
@@ -0,0 +1,28 @@
+/**
+ * Copyright (c) 2025, RTE (http://www.rte-france.com)
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+package org.gridsuite.explore.server.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import java.util.List;
+import java.util.UUID;
+
+/**
+ * @author Achour BERRAHMA <achour.berrahma at rte-france.com>
+ */
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+public class PermissionDTO {
+    private boolean allUsers;
+    private List<UUID> groups;
+    private PermissionType type;
+}
diff --git a/src/main/java/org/gridsuite/explore/server/dto/PermissionType.java b/src/main/java/org/gridsuite/explore/server/dto/PermissionType.java
@@ -12,4 +12,5 @@
 public enum PermissionType {
     READ,
     WRITE,
+    MANAGE,
 }
diff --git a/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java b/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java
@@ -8,6 +8,7 @@
 
 import org.gridsuite.explore.server.ExploreException;
 import org.gridsuite.explore.server.dto.ElementAttributes;
+import org.gridsuite.explore.server.dto.PermissionDTO;
 import org.gridsuite.explore.server.dto.PermissionType;
 import org.gridsuite.explore.server.utils.ParametersType;
 import org.springframework.core.ParameterizedTypeReference;
@@ -415,6 +416,42 @@ public boolean hasPermission(List<UUID> elementUuids, UUID targetDirectoryUuid,
         return !HttpStatus.NO_CONTENT.equals(response.getStatusCode());
     }
 
+    public List<PermissionDTO> getDirectoryPermissions(UUID directoryUuid, String userId) {
+        String path = UriComponentsBuilder
+                .fromPath(DIRECTORIES_SERVER_DIRECTORIES_ROOT_PATH + "/{directoryUuid}/permissions")
+                .buildAndExpand(directoryUuid)
+                .toUriString();
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.add(HEADER_USER_ID, userId);
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        ResponseEntity<List<PermissionDTO>> response = restTemplate.exchange(
+            directoryServerBaseUri + path,
+            HttpMethod.GET,
+            new HttpEntity<>(headers),
+            new ParameterizedTypeReference<List<PermissionDTO>>() { }
+        );
+
+        return response.getBody();
+    }
+
+    public void setDirectoryPermissions(UUID directoryUuid, List<PermissionDTO> permissions, String userId) {
+        String path = UriComponentsBuilder
+                .fromPath(DIRECTORIES_SERVER_DIRECTORIES_ROOT_PATH + "/{directoryUuid}/permissions")
+                .buildAndExpand(directoryUuid)
+                .toUriString();
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.add(HEADER_USER_ID, userId);
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        restTemplate.exchange(
+            directoryServerBaseUri + path,
+                HttpMethod.PUT,
+                new HttpEntity<>(permissions, headers),
+                Void.class
+        );
+    }
+
     private void handleException(HttpStatusCodeException e) {
         if (HttpStatus.FORBIDDEN.equals(e.getStatusCode())) {
             throw new ExploreException(NOT_ALLOWED);
diff --git a/src/test/java/org/gridsuite/explore/server/ExploreTest.java b/src/test/java/org/gridsuite/explore/server/ExploreTest.java
@@ -20,6 +20,8 @@
 import okio.Buffer;
 import org.gridsuite.explore.server.dto.CaseAlertThresholdMessage;
 import org.gridsuite.explore.server.dto.ElementAttributes;
+import org.gridsuite.explore.server.dto.PermissionDTO;
+import org.gridsuite.explore.server.dto.PermissionType;
 import org.gridsuite.explore.server.services.*;
 import org.gridsuite.explore.server.utils.ContingencyListType;
 import org.gridsuite.explore.server.utils.ParametersType;
@@ -205,6 +207,11 @@ void setup(final MockWebServer server) throws Exception {
         String newElementUuidAsString = mapper.writeValueAsString(ELEMENT_COPY_UUID);
         String newElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(ELEMENT_UUID, STUDY1, "STUDY", USER1, 0, null));
         String listElementsAsString = "[" + newElementAttributesAsString + "," + publicStudyAttributesAsString + "]";
+        String parentDirectoryPermissions = mapper.writeValueAsString(List.of(
+                new PermissionDTO(false, List.of(UUID.randomUUID(), UUID.randomUUID()), PermissionType.READ),
+                new PermissionDTO(false, List.of(UUID.randomUUID()), PermissionType.WRITE),
+                new PermissionDTO(false, List.of(), PermissionType.MANAGE)
+        ));
 
         final Dispatcher dispatcher = new Dispatcher() {
             @SneakyThrows(JsonProcessingException.class)
@@ -381,6 +388,18 @@ public MockResponse dispatch(RecordedRequest request) {
                         return new MockResponse(200, Headers.of(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE), invalidElementAsString);
                     } else if (path.matches("/v1/cases-alert-threshold")) {
                         return new MockResponse(200, Headers.of(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE), "40");
+                    } else if (path.matches("/v1/directories/" + PARENT_DIRECTORY_UUID + "/permissions")) {
+                        return new MockResponse(200, Headers.of(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE), parentDirectoryPermissions);
+                    } else if (path.matches("/v1/directories/" + PARENT_DIRECTORY_UUID_FORBIDDEN + "/permissions") &&
+                            USER_NOT_ALLOWED.equals(request.getHeaders().get("userId"))) {
+                        return new MockResponse(403);
+                    }
+                } else if ("PUT".equals(request.getMethod())) {
+                    if (path.matches("/v1/directories/" + PARENT_DIRECTORY_UUID + "/permissions")) {
+                        return new MockResponse(200);
+                    } else if (path.matches("/v1/directories/" + PARENT_DIRECTORY_UUID_FORBIDDEN + "/permissions") &&
+                            USER_NOT_ALLOWED.equals(request.getHeaders().get("userId"))) {
+                        return new MockResponse(403);
                     }
                 } else if ("DELETE".equals(request.getMethod())) {
                     if (path.matches("/v1/filters/" + FILTER_UUID)) {
@@ -945,6 +964,45 @@ void testModifyCompositeModifications(final MockWebServer server) throws Excepti
         ).andExpect(status().isOk());
     }
 
+    @Test
+    void testGetDirectoryPermissions() throws Exception {
+        MvcResult result = mockMvc.perform(get("/v1/explore/directories/{directoryUuid}/permissions", PARENT_DIRECTORY_UUID)
+                        .header("userId", USER1))
+                .andExpect(status().isOk())
+                .andReturn();
+        String responseJson = result.getResponse().getContentAsString();
+        List<PermissionDTO> returnedPermissions = mapper.readValue(responseJson, new TypeReference<List<PermissionDTO>>() { });
+        assertEquals(3, returnedPermissions.size());
+
+        // Execute the test with a forbidden directory ID
+        mockMvc.perform(get("/v1/explore/directories/{directoryUuid}/permissions", PARENT_DIRECTORY_UUID_FORBIDDEN)
+                        .header("userId", USER_NOT_ALLOWED))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    void testSetDirectoryPermissions() throws Exception {
+        List<PermissionDTO> permissions = List.of(
+                new PermissionDTO(false, List.of(UUID.randomUUID(), UUID.randomUUID()), PermissionType.READ),
+                new PermissionDTO(false, List.of(UUID.randomUUID()), PermissionType.WRITE),
+                new PermissionDTO(false, List.of(), PermissionType.MANAGE)
+        );
+        String permissionsJson = mapper.writeValueAsString(permissions);
+
+        mockMvc.perform(put("/v1/explore/directories/{directoryUuid}/permissions", PARENT_DIRECTORY_UUID)
+                        .header("userId", USER1)
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(permissionsJson))
+                .andExpect(status().isOk());
+
+        // Execute the test with a forbidden directory ID
+        mockMvc.perform(put("/v1/explore/directories/{directoryUuid}/permissions", PARENT_DIRECTORY_UUID_FORBIDDEN)
+                        .header("userId", USER_NOT_ALLOWED)
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(permissionsJson))
+                .andExpect(status().isForbidden());
+    }
+
     @Test
     void testGetModificationMetadata() throws Exception {
         final String expectedResult = mapper.writeValueAsString(new ElementAttributes(MODIFICATION_UUID, "one modif", "MODIFICATION", USER1, 0L, null, modificationSpecificMetadata));

Original file line number	Diff line number	Diff line change
`@@ -12,4 +12,5 @@`
`12`	`12`	`public enum PermissionType {`
`13`	`13`	`READ,`
`14`	`14`	`WRITE,`
	`15`	`+ MANAGE,`
`15`	`16`	`}`