diff --git a/src/main/java/eu/sshopencloud/marketplace/services/items/ItemVisibilityService.java b/src/main/java/eu/sshopencloud/marketplace/services/items/ItemVisibilityService.java index ed3ae54369b05639a351f01bff9b09ac0de6a4cb..29ae9cc77cc13c01120283ad010d90f6eed001af 100644 --- a/src/main/java/eu/sshopencloud/marketplace/services/items/ItemVisibilityService.java +++ b/src/main/java/eu/sshopencloud/marketplace/services/items/ItemVisibilityService.java @@ -100,16 +100,16 @@ class ItemVisibilityService { public boolean isTheLatestVersion(Item item) { User currentUser = LoggedInUserHolder.getLoggedInUser(); if (currentUser != null) { - if (currentUser.equals(item.getInformationContributor())) { + if (currentUser.isModerator() && item.getVersionedItem().getCurrentVersion().getId().equals(item.getId())) + return true; + if (currentUser.isModerator() && !item.getVersionedItem().getCurrentVersion().getId().equals(item.getId())) + return false; + if (currentUser.isContributor() && !currentUser.isModerator() && !currentUser.isSystemContributor() && currentUser.equals(item.getInformationContributor())) { return item.getVersionedItem().getCurrentVersion().getId().equals(item.getId()); - } else { - if(currentUser.isModerator() && item.getVersionedItem().getCurrentVersion().getId().equals(item.getId())) - return true; - if(currentUser.isModerator() && !item.getVersionedItem().getCurrentVersion().getId().equals(item.getId())) - return false; - if(currentUser.isContributor() && !currentUser.isModerator() && !currentUser.isSystemContributor()) - return false; } + if (currentUser.isContributor() && !currentUser.isModerator() && !currentUser.isSystemContributor() && !currentUser.equals(item.getInformationContributor())) + return item.getStatus().equals(APPROVED); + } return false; } diff --git a/src/test/java/eu/sshopencloud/marketplace/controllers/items/ItemRelationControllerITCase.java b/src/test/java/eu/sshopencloud/marketplace/controllers/items/ItemRelationControllerITCase.java index 71e41442b5c9f63144600b3db06520e05a726d67..08cf4b128acce0c412ae7eef49a292e4664b63fb 100644 --- a/src/test/java/eu/sshopencloud/marketplace/controllers/items/ItemRelationControllerITCase.java +++ b/src/test/java/eu/sshopencloud/marketplace/controllers/items/ItemRelationControllerITCase.java @@ -700,7 +700,8 @@ public class ItemRelationControllerITCase { .andExpect(jsonPath("relation.code", is("mentions"))) .andExpect(jsonPath("relation.label", is("Mentions"))); - mvc.perform(get("/api/workflows/{id}", workflowPersistentId)) + mvc.perform(get("/api/workflows/{id}", workflowPersistentId) + .header("Authorization", MODERATOR_JWT)) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(workflowPersistentId))) .andExpect(jsonPath("status", is("approved"))) @@ -1235,6 +1236,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/workflows/{workflowId}/steps/{stepId}", "tqmbGY", "prblMo") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("prblMo"))) @@ -1258,6 +1260,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/datasets/{datasetId}", "OdKfPc") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("OdKfPc"))) @@ -1276,6 +1279,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/datasets/{datasetId}", "dmbq4v") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("dmbq4v"))) @@ -1290,6 +1294,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/datasets/{datasetId}", newDataset.getPersistentId()) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(newDataset.getPersistentId()))) @@ -1315,6 +1320,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", toolId) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(toolId))) @@ -1359,6 +1365,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/training-materials/{trainingMaterialId}", "heBAGQ") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("heBAGQ"))) @@ -1373,6 +1380,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/workflows/{workflowId}", "tqmbGY") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("tqmbGY"))) @@ -1387,6 +1395,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", "Xgufde") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("Xgufde"))) @@ -1402,6 +1411,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", toolId) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(toolId))) @@ -1449,6 +1459,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", "Xgufde") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("Xgufde"))) @@ -1463,6 +1474,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/training-materials/{trainingMaterialId}", "heBAGQ") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("heBAGQ"))) @@ -1482,6 +1494,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", toolId) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(toolId))) @@ -1526,6 +1539,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/training-materials/{trainingMaterialId}", "heBAGQ") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("heBAGQ"))) @@ -1540,6 +1554,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/workflows/{workflowId}", "tqmbGY") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("tqmbGY"))) @@ -1550,6 +1565,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", "Xgufde") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("Xgufde"))) @@ -1582,6 +1598,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/training-materials/{trainingMaterialId}", "heBAGQ") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("heBAGQ"))) @@ -1596,6 +1613,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/workflows/{workflowId}", "tqmbGY") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("tqmbGY"))) @@ -1610,6 +1628,7 @@ public class ItemRelationControllerITCase { mvc.perform( get("/api/tools-services/{toolId}", "Xgufde") + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is("Xgufde"))) @@ -1865,7 +1884,8 @@ public class ItemRelationControllerITCase { .andExpect(jsonPath("relation.code", is("mentions"))) .andExpect(jsonPath("relation.label", is("Mentions"))); - mvc.perform(get("/api/workflows/{workflowId}/steps/{stepId}", subjectWorkflowId, subjectPersistentId)) + mvc.perform(get("/api/workflows/{workflowId}/steps/{stepId}", subjectWorkflowId, subjectPersistentId) + .header("Authorization", MODERATOR_JWT)) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(subjectPersistentId))) .andExpect(jsonPath("category", is("step"))) @@ -1875,7 +1895,8 @@ public class ItemRelationControllerITCase { .andExpect(jsonPath("relatedItems[0].relation.code", is("mentions"))) .andExpect(jsonPath("relatedItems[0].workflowId", is(objectWorkflowId))); - mvc.perform(get("/api/workflows/{workflowId}/steps/{stepId}", objectWorkflowId, objectPersistentId)) + mvc.perform(get("/api/workflows/{workflowId}/steps/{stepId}", objectWorkflowId, objectPersistentId) + .header("Authorization", MODERATOR_JWT)) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(objectPersistentId))) .andExpect(jsonPath("category", is("step"))) diff --git a/src/test/java/eu/sshopencloud/marketplace/controllers/trainings/TrainingMaterialControllerITCase.java b/src/test/java/eu/sshopencloud/marketplace/controllers/trainings/TrainingMaterialControllerITCase.java index 0d5959b0e1797b0c382c1a4fdf8ddbc38440d753..acc3344c0ea4589ea947c5ccf96f0ee04bc84d32 100644 --- a/src/test/java/eu/sshopencloud/marketplace/controllers/trainings/TrainingMaterialControllerITCase.java +++ b/src/test/java/eu/sshopencloud/marketplace/controllers/trainings/TrainingMaterialControllerITCase.java @@ -2240,9 +2240,9 @@ public class TrainingMaterialControllerITCase { ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(relatedObjectId))) - .andExpect(jsonPath("relatedItems", hasSize(1))) - .andExpect(jsonPath("relatedItems[0].persistentId", is(trainingMaterialId))) - .andExpect(jsonPath("relatedItems[0].relation.code", is("is-documented-by"))); + .andExpect(jsonPath("relatedItems", hasSize(3))) + .andExpect(jsonPath("relatedItems[1].persistentId", is(trainingMaterialId))) + .andExpect(jsonPath("relatedItems[1].relation.code", is("is-documented-by"))); trainingMaterial.setLabel("Gephi: explore the networks!"); diff --git a/src/test/java/eu/sshopencloud/marketplace/controllers/workflows/WorkflowControllerITCase.java b/src/test/java/eu/sshopencloud/marketplace/controllers/workflows/WorkflowControllerITCase.java index 5632d69531bc877f331a2e2eaf9e18ca7c7b2c9a..13d47caf8e9e175a08051ec061ea5a673e8b1fcc 100644 --- a/src/test/java/eu/sshopencloud/marketplace/controllers/workflows/WorkflowControllerITCase.java +++ b/src/test/java/eu/sshopencloud/marketplace/controllers/workflows/WorkflowControllerITCase.java @@ -2006,6 +2006,7 @@ public class WorkflowControllerITCase { mvc.perform( get("/api/workflows/{workflowId}", workflowId) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(workflowId))) @@ -2076,6 +2077,7 @@ public class WorkflowControllerITCase { mvc.perform( get("/api/workflows/{workflowId}", workflowId) + .header("Authorization", MODERATOR_JWT) ) .andExpect(status().isOk()) .andExpect(jsonPath("persistentId", is(workflowId)))