Merge pull request #12 from topcoder-platform/dev

Sync - group check for resources

Author: ajefts

build-dependencies.xml

@@ -171,6 +171,7 @@
         <pathelement location="${aws.jar}" />
         <pathelement location="${httpclient.jar}" />
         <pathelement location="${httpcore.jar}" />
+        <pathelement location="${xerces.jar}" />
 
         <path refid="spring_libs"/>
         <path refid="poi_libs"/>

conf/MessageResources.properties

@@ -1328,6 +1328,7 @@ error.com.cronos.onlinereview.actions.editProject.AggregationReviewMustFollow=Ag
 error.com.cronos.onlinereview.actions.editProject.FinalFixMustFollow=Final fix must follow either appeals response or aggregation or aggregation review, or final review
 error.com.cronos.onlinereview.actions.editProject.FinalFixMustBeFollowed=Final fix must be followed by final review
 error.com.cronos.onlinereview.actions.editProject.FinalReviewMustFollow=Final review must follow final fix
+error.com.cronos.onlinereview.actions.editProject.Resource.GroupPermissionDenied=User is restricted by challenge groups
 error.com.cronos.onlinereview.actions.editProject.Resource.Empty=*Specify resource''s handle
 error.com.cronos.onlinereview.actions.editProject.Resource.NotFound=*There''s no such member
 error.com.cronos.onlinereview.actions.editProject.Resource.TrueSubmitterHandleChanged=*Handle for this submitter can not be changed as this resource has already submitted for the project

conf/OnlineReview.xml

@@ -5213,6 +5213,22 @@
         <Property name="topcoder_api_base_url">
             <Value>@topcoder_api_base_url@</Value>
         </Property>
+        
+        <Property name="user_group_membership_url">
+            <Value>@topcoder_api_base_url_v3@/groups?memberId=%s&amp;membershipType=User</Value>
+        </Property>
+        <Property name="v3jwt_cookie_name">
+            <Value>v3jwt</Value>
+        </Property>
+        <Property name="v2jwt_cookie_name">
+            <Value>tcjwt</Value>
+        </Property>
+        <Property name="v3jwt_authorization_url">
+            <Value>http://api.topcoder-dev.com/v3/authorizations</Value>
+        </Property>
+        <Property name="sso_domain_for_v3jwt_cookie">
+            <Value>.topcoder.com</Value>
+        </Property>
     </Config>
 
     <!--

src/java/main/com/cronos/onlinereview/actions/project/SaveProjectAction.java

@@ -16,13 +16,17 @@
 import com.topcoder.management.project.ProjectPropertyType;
 import com.topcoder.management.project.ProjectStatus;
 import com.topcoder.shared.dataAccess.resultSet.ResultSetContainer;
+import com.topcoder.shared.dataAccess.resultSet.ResultSetContainer.ResultSetRow;
 import com.topcoder.shared.util.DBMS;
 
 /**
  * <p>A simple DAO for projects backed up by Query Tool.</p>
+ * 
+ * Changes in version 2.1 Topcoder - Add Group Permission Check For Adding Resources v1.0
+ * - add the checkUserChallengeEligibility method to check user group permission
  *
  * @author TCSASSEMBLER
- * @version 2.0
+ * @version 2.1
  */
 public class ProjectDataAccess extends BaseDataAccess {
 
@@ -305,4 +309,39 @@ public long getProjectClient(long directProjectId) {
         }
         return 0;
     }
+    
+
+    /**
+     * Check user challenge eligibility
+     *
+     * @param userId the userId to use
+     * @param challengeId the challengeId to use
+     * @return the Map<String,Long> result contains the group and challenge info
+     */
+    public Map<String, Long> checkUserChallengeEligibility(long userId, long challengeId) {
+    	String queryName = "get_challenge_accessibility_and_groups";
+    	ResultSetContainer resultContainer = runQueryInDB(DBMS.OLTP_DATASOURCE_NAME, queryName,
+                new String[] {"userId", "challengeId"}, new String[] {userId + "", challengeId + ""}).get(queryName);
+    	
+    	if (resultContainer != null && resultContainer.getRowCount() > 0) {
+    		Map<String, Long> map = new HashMap<String, Long>();
+    		ResultSetRow row = resultContainer.getRow(0);
+    		
+    		Object obj = row.getItem("user_group_xref_found").getResultData();
+    		if (obj != null) {
+    			map.put("user_group_xref_found", Long.parseLong(obj.toString()));
+    		}
+    		obj = row.getItem("challenge_group_ind").getResultData();
+    		if (obj != null) {
+    			map.put("challenge_group_ind", Long.parseLong(obj.toString()));
+    		}
+    		obj = row.getItem("group_id").getResultData();
+    		if (obj != null) {
+    			map.put("group_id", Long.parseLong(obj.toString()));
+    		}
+    		return map;
+    	}
+    	
+    	return null;
+    }
 }

src/java/main/com/cronos/onlinereview/dataaccess/ProjectDataAccess.java

@@ -26,9 +26,13 @@
  * This class is thread-safe as its inner state is initialized only once and
  * is not changed afterwards.
  * </p>
+ * 
+ * Changes in version 2.1 Topcoder - Add Group Permission Check For Adding Resources v1.0
+ * - add the userGroupMemebershipUrl, v3jwtCookieName, v2jwtCookieName, v3jwtAuthorizationUrl,
+ * ssoDomainForV3jwtCookie configuration values
  *
  * @author TCSASSEMBLER
- * @version 2.0
+ * @version 2.1
  */
 public class ConfigHelper {
 
@@ -553,6 +557,31 @@ public class ConfigHelper {
      */
     private static final String THURGOOD_PASSWORD_PROP = "thurgood_password";
 
+    /**
+     * <p>A <code>String</code> providing the name for v3 jwt cookie name property.</p>
+     */
+    private static final String V3_JWT_COOKIE_NAME = "v3jwt_cookie_name";
+    
+    /**
+     * <p>A <code>String</code> providing the name for user group memeber ship url property.</p>
+     */
+    private static final String USER_GROUP_MEMBERSHIP_URL = "user_group_membership_url";
+    
+    /**
+     * <p>A <code>String</code> providing the name for v2 jwt cookie name property.</p>
+     */
+    private static final String V2_JWT_COOKIE_NAME = "v2jwt_cookie_name";
+    
+    /**
+     * <p>A <code>String</code> providing the name for sso domain for v3 jwt cookie property.</p>
+     */
+    private static final String SSO_DOMAIN_FOR_V3_JWT_COOKIE = "sso_domain_for_v3jwt_cookie";
+    
+    /**
+     * <p>A <code>String</code> providing the name for v3 jwt authorization url property.</p>
+     */
+    private static final String V3_JWT_AUTHORIZATION_URL = "v3jwt_authorization_url";
+    
     /**
      * This member variable holds the submitter role id.
      */
@@ -909,6 +938,31 @@ public class ConfigHelper {
      * <p>Represents the password of the Thurgood user.</p>
      */
     private static String thurgoodPassword;
+    
+    /**
+     * <p>Represents the userGroupMembershipUrl.</p> 
+     */
+    private static String userGroupMembershipUrl;
+    
+    /**
+     * <p>Represents the v3jwtCookieBame.</p> 
+     */
+    private static String v3jwtCookieName;
+    
+    /**
+     * <p>Represents the v2jwtCookieBame.</p> 
+     */
+    private static String v2jwtCookieName;
+    
+    /**
+     * <p>Represents the v3jwtAuthorizationUrl.</p> 
+     */
+    private static String v3jwtAuthorizationUrl;
+    
+    /**
+     * <p>Represents the ssoDomainForV3jwtCookie.</p> 
+     */
+    private static String ssoDomainForV3jwtCookie;
 
     static {
         // Obtaining the instance of Configuration Manager
@@ -1505,6 +1559,11 @@ public class ConfigHelper {
                 thurgoodPassword = value;
             }
 
+            userGroupMembershipUrl = cfgMgr.getString(ONLINE_REVIEW_CFG_NS, USER_GROUP_MEMBERSHIP_URL);
+            v3jwtCookieName = cfgMgr.getString(ONLINE_REVIEW_CFG_NS, V3_JWT_COOKIE_NAME);
+            v2jwtCookieName = cfgMgr.getString(ONLINE_REVIEW_CFG_NS, V2_JWT_COOKIE_NAME);
+            ssoDomainForV3jwtCookie = cfgMgr.getString(ONLINE_REVIEW_CFG_NS, SSO_DOMAIN_FOR_V3_JWT_COOKIE);
+            v3jwtAuthorizationUrl = cfgMgr.getString(ONLINE_REVIEW_CFG_NS, V3_JWT_AUTHORIZATION_URL);
         } catch (UnknownNamespaceException une) {
             System.out.println(une.getMessage());
             une.printStackTrace();
@@ -2332,5 +2391,47 @@ public static String getThurgoodUsername() {
     public static String getThurgoodPassword() {
         return thurgoodPassword;
     }
-
+    
+    /**
+     * Get user group membership url
+     *
+     * @return the userGroupMembershipUrl
+     */
+    public static String getUserGroupMembershipUrl() {
+    	return userGroupMembershipUrl;
+    }
+
+    /**
+     * Get v3jwt cookie name
+     *
+     * @return the v3jwtCookieName
+     */
+    public static String getV3jwtCookieName() {
+    	return v3jwtCookieName;
+    }
+
+    /**
+     * Get v2jwtCookieName.
+     * @return the v2jwtCookieName. 
+     */
+    public static String getV2jwtCookieName() {
+        return v2jwtCookieName;
+    }
+
+    /**
+     * Get v3jwtAuthorizationUrl.
+     * @return the v3jwtAuthorizationUrl. 
+     */
+    public static String getV3jwtAuthorizationUrl() {
+        return v3jwtAuthorizationUrl;
+    }
+
+    /**
+     * Get ssoDomainForV3jwtCookie.
+     * @return the ssoDomainForV3jwtCookie. 
+     */
+    public static String getSsoDomainForV3jwtCookie() {
+        return ssoDomainForV3jwtCookie;
+    }
+    
 }