reportportal · grabsefx · Nov 4, 2024 · Nov 4, 2024
diff --git a/build.gradle b/build.gradle
@@ -40,7 +40,7 @@ dependencies {
         compile 'com.epam.reportportal:commons'
         compile 'com.epam.reportportal:commons-dao'
     } else {
-        implementation 'com.github.reportportal:commons-dao:4caa252'
+        implementation 'com.github.reportportal:commons-dao:a072e00'
         api 'com.github.reportportal:commons:feature~orgs-SNAPSHOT'
     }
     api 'org.pf4j:pf4j:3.10.0'

diff --git a/src/main/java/com/epam/reportportal/extension/ProjectManagerCommand.java b/src/main/java/com/epam/reportportal/extension/ProjectManagerCommand.java
@@ -1,30 +1,59 @@
 package com.epam.reportportal.extension;
 
+import static java.util.Optional.ofNullable;
+
 import com.epam.reportportal.rules.commons.validation.BusinessRule;
+import com.epam.reportportal.rules.exception.ErrorType;
 import com.epam.reportportal.rules.exception.ReportPortalException;
 import com.epam.ta.reportportal.commons.ReportPortalUser;
 import com.epam.ta.reportportal.dao.ProjectRepository;
+import com.epam.ta.reportportal.dao.organization.OrganizationRepositoryCustom;
+import com.epam.ta.reportportal.entity.organization.Organization;
+import com.epam.ta.reportportal.entity.organization.OrganizationRole;
 import com.epam.ta.reportportal.entity.project.Project;
 import com.epam.ta.reportportal.entity.project.ProjectRole;
-import com.epam.reportportal.rules.exception.ErrorType;
-
-import static java.util.Optional.ofNullable;
+import com.epam.ta.reportportal.entity.user.UserRole;
+import java.util.Map.Entry;
 
 /**
  * @author <a href="mailto:[email protected]">Ivan Budayeu</a>
  */
 public abstract class ProjectManagerCommand<T> extends ProjectMemberCommand<T> {
 
-	protected ProjectManagerCommand(ProjectRepository projectRepository) {
-		super(projectRepository);
+	protected ProjectManagerCommand(ProjectRepository projectRepository, OrganizationRepositoryCustom organizationRepository) {
+		super(projectRepository, organizationRepository);
 	}
 
 	@Override
 	protected void validatePermissions(ReportPortalUser user, Project project) {
-		ProjectRole projectRole = ofNullable(user.getProjectDetails()).flatMap(detailsMapping -> ofNullable(detailsMapping.get(project.getName())))
-				.map(ReportPortalUser.ProjectDetails::getProjectRole)
-				.orElseThrow(() -> new ReportPortalException(ErrorType.ACCESS_DENIED));
+    Organization organization = organizationRepository.findById(project.getOrganizationId())
+        .orElseThrow(
+            () -> new ReportPortalException(ErrorType.NOT_FOUND, project.getOrganizationId()));
+
+    if (user.getUserRole() == UserRole.ADMINISTRATOR) {
+      return;
+    }
+
+    OrganizationRole orgRole = ofNullable(user.getOrganizationDetails())
+        .flatMap(detailsMapping -> ofNullable(detailsMapping.get(organization.getName())))
+        .map(ReportPortalUser.OrganizationDetails::getOrgRole)
+        .orElseThrow(() -> new ReportPortalException(ErrorType.ACCESS_DENIED));
+
+    if (orgRole.sameOrHigherThan(OrganizationRole.MANAGER)) {
+      return;
+    }
+
+    var projectRole = user.getOrganizationDetails().entrySet().stream()
+        .filter(entry -> entry.getKey().equals(organization.getName()))
+        .map(Entry::getValue)
+        .flatMap(orgDetails -> orgDetails.getProjectDetails().entrySet().stream())
+        .map(Entry::getValue)
+        .filter(details -> details.getProjectId().equals(project.getId()))
+        .map(ReportPortalUser.OrganizationDetails.ProjectDetails::getProjectRole)
+        .findFirst()
+        .orElseThrow(() -> new ReportPortalException(ErrorType.ACCESS_DENIED));
 
-		BusinessRule.expect(projectRole, ProjectRole.PROJECT_MANAGER::sameOrLowerThan).verify(ErrorType.ACCESS_DENIED);
+    BusinessRule.expect(projectRole, ProjectRole.EDITOR::sameOrLowerThan)
+        .verify(ErrorType.ACCESS_DENIED);
 	}
 }
diff --git a/src/main/java/com/epam/reportportal/extension/ProjectMemberCommand.java b/src/main/java/com/epam/reportportal/extension/ProjectMemberCommand.java
@@ -1,19 +1,21 @@
 package com.epam.reportportal.extension;
 
+import static java.util.Optional.ofNullable;
+
 import com.epam.reportportal.rules.commons.validation.BusinessRule;
 import com.epam.reportportal.rules.commons.validation.Suppliers;
+import com.epam.reportportal.rules.exception.ErrorType;
 import com.epam.reportportal.rules.exception.ReportPortalException;
 import com.epam.ta.reportportal.commons.ReportPortalUser;
 import com.epam.ta.reportportal.dao.ProjectRepository;
+import com.epam.ta.reportportal.dao.organization.OrganizationRepositoryCustom;
+import com.epam.ta.reportportal.entity.organization.Organization;
 import com.epam.ta.reportportal.entity.project.Project;
-import com.epam.reportportal.rules.exception.ErrorType;
-import org.springframework.security.core.context.SecurityContextHolder;
-
+import com.epam.ta.reportportal.entity.user.UserRole;
 import java.util.Map;
+import java.util.Map.Entry;
 import java.util.Objects;
-import java.util.Optional;
-
-import static java.util.Optional.ofNullable;
+import org.springframework.security.core.context.SecurityContextHolder;
 
 /**
  * @author <a href="mailto:[email protected]">Ivan Budayeu</a>
@@ -24,10 +26,13 @@ public abstract class ProjectMemberCommand<T> extends AbstractRoleBasedCommand<T
 
 
 	protected final ProjectRepository projectRepository;
+  protected final OrganizationRepositoryCustom organizationRepository;
 
-	protected ProjectMemberCommand(ProjectRepository projectRepository) {
+
+  protected ProjectMemberCommand(ProjectRepository projectRepository, OrganizationRepositoryCustom organizationRepository) {
 		this.projectRepository = projectRepository;
-	}
+    this.organizationRepository = organizationRepository;
+  }
 
 	@Override
 	public void validateRole(Map<String, Object> params) {
@@ -42,9 +47,20 @@ public void validateRole(Map<String, Object> params) {
 	}
 
 	protected void validatePermissions(ReportPortalUser user, Project project) {
-		BusinessRule.expect(ofNullable(user.getProjectDetails()).flatMap(detailsMapping -> ofNullable(detailsMapping.get(project.getName()))),
-				Optional::isPresent
-		).verify(ErrorType.ACCESS_DENIED);
+    if (user.getUserRole() == UserRole.ADMINISTRATOR) {
+      return;
+    }
+    Organization organization = organizationRepository.findById(project.getOrganizationId())
+        .orElseThrow(() -> new ReportPortalException(ErrorType.NOT_FOUND));
+
+    user.getOrganizationDetails().entrySet().stream()
+        .filter(entry -> entry.getKey().equals(organization.getName()))
+        .map(Entry::getValue)
+        .flatMap(orgDetails -> orgDetails.getProjectDetails().entrySet().stream())
+        .map(Entry::getValue)
+        .filter(details -> details.getProjectId().equals(project.getId()))
+        .findFirst()
+        .orElseThrow(() -> new ReportPortalException(ErrorType.ACCESS_DENIED));
 	}
 
 	public static Long retrieveLong(Map<String, Object> params, String param) {