[kbss-cvut/record-manager-ui#202] Rename user to ROLE_USER and admini…

…strator to ROLE_ADMIN in SecurityConstants

src/main/java/cz/cvut/kbss/study/config/OAuth2SecurityConfig.java

@@ -79,7 +79,7 @@ private Converter<Jwt, AbstractAuthenticationToken> grantedAuthoritiesExtractor(
             assert extractedRoles != null;
             final Set<SimpleGrantedAuthority> authorities = new HashSet<>(extractedRoles);
             // Add default role if it is not present
-            authorities.add(new SimpleGrantedAuthority(SecurityConstants.user));
+            authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_USER));
             return new JwtAuthenticationToken(source, authorities);
         };
     }

src/main/java/cz/cvut/kbss/study/model/Role.java

@@ -8,10 +8,10 @@ public enum Role {
 
     // TODO deprecated -- should be removed.
     @Individual(iri=Vocabulary.s_i_RM_ADMIN)
-    administrator(SecurityConstants.administrator, Vocabulary.s_i_RM_ADMIN),
+    administrator(SecurityConstants.ROLE_ADMIN, Vocabulary.s_i_RM_ADMIN),
     // TODO deprecated -- should be removed.
     @Individual(iri = Vocabulary.s_i_RM_USER)
-    user(SecurityConstants.user, Vocabulary.s_i_RM_USER),
+    user(SecurityConstants.ROLE_USER, Vocabulary.s_i_RM_USER),
 
     @Individual(iri = Vocabulary.s_i_impersonate_role)
     impersonate(SecurityConstants.impersonate, Vocabulary.s_i_impersonate_role),

src/main/java/cz/cvut/kbss/study/rest/ActionHistoryController.java

@@ -54,7 +54,7 @@ public void create(@RequestBody ActionHistory actionHistory) {
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<ActionHistory> getActions(@RequestParam(value = "author", required = false) String authorUsername,
                                           @RequestParam(value = "type", required = false) String type,
@@ -73,7 +73,7 @@ public List<ActionHistory> getActions(@RequestParam(value = "author", required =
         return result.getContent();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
     public ActionHistory getByKey(@PathVariable("key") String key) {
         final ActionHistory action = actionHistoryService.findByKey(key);

src/main/java/cz/cvut/kbss/study/rest/FormGenController.java

@@ -9,7 +9,7 @@
 import org.springframework.web.bind.annotation.*;
 
 @RestController
-@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
+@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
 @RequestMapping("/formGen")
 public class FormGenController extends BaseController {
 

src/main/java/cz/cvut/kbss/study/rest/InstitutionController.java

@@ -30,7 +30,7 @@
 import static cz.cvut.kbss.study.rest.util.RecordFilterMapper.constructRecordFilter;
 
 @RestController
-@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
+@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
 @RequestMapping("/institutions")
 public class InstitutionController extends BaseController {
 
@@ -44,16 +44,16 @@ public InstitutionController(InstitutionService institutionService,
         this.recordService = recordService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<Institution> getAllInstitutions() {
         final List<Institution> institutions = institutionService.findAll();
         institutions.sort(Comparator.comparing(Institution::getName));
         return institutions;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') " +
-     "or hasAuthority('" + SecurityConstants.user + "') and @securityUtils.isMemberOfInstitution(#key)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
+     "or hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.isMemberOfInstitution(#key)")
     @GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
     public Institution findByKey(@PathVariable("key") String key) {
         return findInternal(key);
@@ -67,15 +67,15 @@ private Institution findInternal(String key) {
         return result;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isRecordInUsersInstitution(#key)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isRecordInUsersInstitution(#key)")
     @GetMapping(value = "/{key}/patients", produces = MediaType.APPLICATION_JSON_VALUE)
     public List<PatientRecordDto> getTreatedPatientRecords(@PathVariable("key") String key) {
         final Institution inst = findInternal(key);
         assert inst != null;
         return recordService.findAll(constructRecordFilter("institution", key), Pageable.unpaged()).getContent();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.CREATED)
     public ResponseEntity<Void> createInstitution(@RequestBody Institution institution) {
@@ -88,7 +88,7 @@ public ResponseEntity<Void> createInstitution(@RequestBody Institution instituti
         return new ResponseEntity<>(headers, HttpStatus.CREATED);
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @PutMapping(value = "/{key}", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void updateInstitution(@PathVariable("key") String key, @RequestBody Institution institution) {
@@ -104,7 +104,7 @@ public void updateInstitution(@PathVariable("key") String key, @RequestBody Inst
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @DeleteMapping(value = "/{key}")
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void deleteInstitution(@PathVariable("key") String key) {

src/main/java/cz/cvut/kbss/study/rest/OidcUserController.java

@@ -38,14 +38,14 @@ public OidcUserController(UserService userService, InstitutionService institutio
         this.institutionService = institutionService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
     @GetMapping(value = "/current", produces = MediaType.APPLICATION_JSON_VALUE)
     public User getCurrent() {
         return userService.getCurrentUser();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name or " +
-            "hasAuthority('" + SecurityConstants.user + "') and @securityUtils.areFromSameInstitution(#username)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name or " +
+            "hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.areFromSameInstitution(#username)")
     @GetMapping(value = "/{username}", produces = MediaType.APPLICATION_JSON_VALUE)
     public User getByUsername(@PathVariable("username") String username) {
         final User user = userService.findByUsername(username);
@@ -56,14 +56,14 @@ public User getByUsername(@PathVariable("username") String username) {
     }
 
     @PreAuthorize(
-            "hasAuthority('" + SecurityConstants.administrator + "') " +
-                    "or hasAuthority('" + SecurityConstants.administrator + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
+            "hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
+                    "or hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<User> getUsers(@RequestParam(value = "institution", required = false) String institutionKey) {
         return institutionKey != null ? getByInstitution(institutionKey) : userService.findAll();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
     @PutMapping(value = "/{username}", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void updateUser(@PathVariable("username") String username, @RequestBody User user,

src/main/java/cz/cvut/kbss/study/rest/PatientRecordController.java

@@ -42,7 +42,7 @@
 import java.util.stream.Stream;
 
 @RestController
-@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
+@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
 @RequestMapping("/records")
 public class PatientRecordController extends BaseController {
 
@@ -70,7 +70,7 @@ public PatientRecordController(PatientRecordService recordService, ApplicationEv
         this.publishRecordsService = publishRecordsService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #institutionKey==null or @securityUtils.isMemberOfInstitution(#institutionKey)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #institutionKey==null or @securityUtils.isMemberOfInstitution(#institutionKey)")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<PatientRecordDto> getRecords(
             @RequestParam(value = "institution", required = false) String institutionKey,
@@ -79,7 +79,7 @@ public List<PatientRecordDto> getRecords(
 
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         boolean hasAdminRole = authentication.getAuthorities().stream()
-                .anyMatch(authority -> authority.getAuthority().equals(SecurityConstants.administrator));
+                .anyMatch(authority -> authority.getAuthority().equals(SecurityConstants.ROLE_ADMIN));
 
         if (!hasAdminRole && institutionKey == null) {
             throw new ValidationException("record.save-error.user-not-assigned-to-institution",
@@ -91,15 +91,15 @@ public List<PatientRecordDto> getRecords(
         return result.getContent();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
     @GetMapping(value="used-record-phases", produces = MediaType.APPLICATION_JSON_VALUE)
     public Set<RecordPhase> getUsedRecordPhases(@RequestParam(value = "institution", required = false) String institutionKey){
         return recordService.findUsedRecordPhases();
     }
 
 
     @PreAuthorize(
-            "hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
+            "hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
     @GetMapping(value = "/export", produces = {MediaType.APPLICATION_JSON_VALUE, Constants.MEDIA_TYPE_EXCEL})
     public ResponseEntity<?> exportRecords(
             @RequestParam(name = "institution", required = false) String institutionKey,
@@ -158,7 +158,7 @@ public ResponseEntity<InputStreamResource> exportRecordsExcel(MultiValueMap<Stri
                 .body(new InputStreamResource(stream));
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isRecordInUsersInstitution(#key)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isRecordInUsersInstitution(#key)")
     @GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
     public PatientRecord getRecord(@PathVariable("key") String key) {
         return findInternal(key);
@@ -190,7 +190,7 @@ public ResponseEntity<String> createRecord(@RequestBody PatientRecord record) {
     }
 
     @PreAuthorize(
-        "hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
+        "hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
     @PostMapping(value = "/publish", produces = {MediaType.APPLICATION_JSON_VALUE})
     public RecordImportResult publishRecords(
         @RequestParam(name = "institution", required = false) String institutionKey,

src/main/java/cz/cvut/kbss/study/rest/RoleGroupController.java

@@ -29,13 +29,13 @@ public RoleGroupController(RoleGroupService roleGroupService) {
         this.roleGroupService = roleGroupService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<RoleGroup> getRoleGroups() {
         return roleGroupService.findAll();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(value = "/{name}",produces = MediaType.APPLICATION_JSON_VALUE)
     public RoleGroup findByName(@PathVariable("name") String name) {
         RoleGroup result = roleGroupService.findByName(name);

src/main/java/cz/cvut/kbss/study/rest/StatisticsController.java

@@ -11,7 +11,7 @@
 import java.util.HashMap;
 import java.util.Map;
 
-@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
 @RestController
 @RequestMapping("/statistics")
 public class StatisticsController extends BaseController {
@@ -22,7 +22,7 @@ public StatisticsController(StatisticsService statisticsService) {
         this.statisticsService = statisticsService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public Map<String, Integer> getStatistics() {
         Map<String, Integer> data = new HashMap<>();

src/main/java/cz/cvut/kbss/study/rest/UserController.java

@@ -47,8 +47,8 @@ public UserController(UserService userService, InstitutionService institutionSer
         this.institutionService = institutionService;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name or " +
-            "hasAuthority('" + SecurityConstants.user + "') and @securityUtils.areFromSameInstitution(#username)")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name or " +
+            "hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.areFromSameInstitution(#username)")
     @GetMapping(value = "/{username}", produces = MediaType.APPLICATION_JSON_VALUE)
     public User getByUsername(@PathVariable("username") String username) {
         final User user = userService.findByUsername(username);
@@ -58,13 +58,13 @@ public User getByUsername(@PathVariable("username") String username) {
         return user;
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
     @GetMapping(value = "/current", produces = MediaType.APPLICATION_JSON_VALUE)
     public User getCurrent() {
         return userService.getCurrentUser();
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
     public ResponseEntity<Void> create(@RequestBody User user) {
         userService.persist(user);
@@ -77,8 +77,8 @@ public ResponseEntity<Void> create(@RequestBody User user) {
     }
 
     @PreAuthorize(
-            "hasAuthority('" + SecurityConstants.administrator + "') " +
-                    "or hasAuthority('" + SecurityConstants.user + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
+            "hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
+                    "or hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public List<User> getUsers(@RequestParam(value = "institution", required = false) String institutionKey) {
         return institutionKey != null ? getByInstitution(institutionKey) : userService.findAll();
@@ -90,7 +90,7 @@ private List<User> getByInstitution(String institutionKey) {
         return userService.findByInstitution(institution);
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @DeleteMapping(value = "/{username}")
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void removeUser(@PathVariable("username") String username) {
@@ -101,7 +101,7 @@ public void removeUser(@PathVariable("username") String username) {
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
     @PutMapping(value = "/{username}", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void updateUser(@PathVariable("username") String username, @RequestBody User user,
@@ -117,7 +117,7 @@ public void updateUser(@PathVariable("username") String username, @RequestBody U
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
     @PutMapping(value = "/{username}/password-change", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void updatePassword(@PathVariable("username") String username, @RequestBody Map<String, String> password,
@@ -147,7 +147,7 @@ public void resetPassword(@RequestBody String emailAddress) {
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @GetMapping(value = "/generate-username/{usernamePrefix}", produces = MediaType.TEXT_PLAIN_VALUE)
     public String generateUsername(@PathVariable(value = "usernamePrefix") String usernamePrefix) {
         return userService.generateUsername(usernamePrefix);
@@ -173,7 +173,7 @@ public void changePasswordByToken(@RequestBody Map<String, String> data) {
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @PutMapping(value = "/send-invitation/{username}")
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void sendInvitation(@PathVariable(value = "username") String username) {
@@ -188,7 +188,7 @@ public void sendInvitation(@PathVariable(value = "username") String username) {
         }
     }
 
-    @PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
+    @PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
     @PostMapping(value = "/send-invitation/delete", consumes = MediaType.TEXT_PLAIN_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
     public void deleteInvitationOption(@RequestBody String username) {

src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java

@@ -27,9 +27,9 @@ private SecurityConstants() {
      */
     public static final int SESSION_TIMEOUT = 12 * 60 * 60;
 
-    public static final String user = "ROLE_USER";
+    public static final String ROLE_USER = "ROLE_USER";
 
-    public static final String administrator = "ROLE_ADMIN";
+    public static final String ROLE_ADMIN = "ROLE_ADMIN";
 
     public static final String impersonate = "impersonate";