diff --git a/my-profile-api/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberService.java b/my-profile-api/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberService.java index 7f105bf..ef38ad3 100644 --- a/my-profile-api/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberService.java +++ b/my-profile-api/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberService.java @@ -19,5 +19,8 @@ public interface EmergencyPhoneNumberService{ * @throws Exception */ public TypeValue[] setEmergencyPhoneNumbers(String netid, TypeValue[] phoneNumbers) throws Exception; + + public TypeValue[] getEmergencyPhoneNumbers(String username, + String manifestGroups, String netId); } diff --git a/my-profile-local-contact-impl/src/main/java/edu/wisc/my/profile/emergencyPhone/service/EmergencyPhoneNumberServiceImpl.java b/my-profile-local-contact-impl/src/main/java/edu/wisc/my/profile/emergencyPhone/service/EmergencyPhoneNumberServiceImpl.java index 7fd2f09..abe59f5 100644 --- a/my-profile-local-contact-impl/src/main/java/edu/wisc/my/profile/emergencyPhone/service/EmergencyPhoneNumberServiceImpl.java +++ b/my-profile-local-contact-impl/src/main/java/edu/wisc/my/profile/emergencyPhone/service/EmergencyPhoneNumberServiceImpl.java @@ -1,6 +1,9 @@ package edu.wisc.my.profile.emergencyPhone.service; +import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; @@ -11,14 +14,23 @@ @Service public class EmergencyPhoneNumberServiceImpl implements EmergencyPhoneNumberService{ + + protected final Logger logger = LoggerFactory.getLogger(getClass()); private EmergencyPhoneNumberDao dao; + private String adminGroup; + @Autowired public void setEmergencyPhoneNumberDao(EmergencyPhoneNumberDao dao) { this.dao = dao; } + @Value("${adminGroup}") + public void setAdminGroup(String group) { + adminGroup = group; + } + @Override public TypeValue[] getEmergencyPhoneNumbers(String netId) { return dao.getData(netId); @@ -32,5 +44,17 @@ public TypeValue[] setEmergencyPhoneNumbers(String netId, } return dao.setData(netId, phoneNumbers); } + + @Override + public TypeValue[] getEmergencyPhoneNumbers(String username, String manifestGroups, String netId) { + if(StringUtils.isNotBlank(adminGroup) && manifestGroups.contains(adminGroup)){ + logger.info("User {} lookuped up user {} emergency phone number", username, netId); + return dao.getData(netId); + }else { + //TODO : implement uw-spring-security + logger.warn("Security violation: User {} looked up user{} emergency phone number", username, netId); + throw new SecurityException("Security violation, forbidden"); + } + } } diff --git a/my-profile-middleware-impl/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberServiceImpl.java b/my-profile-middleware-impl/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberServiceImpl.java index 19ef8ba..da3e856 100644 --- a/my-profile-middleware-impl/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberServiceImpl.java +++ b/my-profile-middleware-impl/src/main/java/edu/wisc/my/profile/service/EmergencyPhoneNumberServiceImpl.java @@ -1,6 +1,10 @@ package edu.wisc.my.profile.service; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import edu.wisc.my.profile.dao.EmergencyPhoneNumberDao; @@ -9,8 +13,17 @@ @Service public class EmergencyPhoneNumberServiceImpl implements EmergencyPhoneNumberService { + protected final Logger logger = LoggerFactory.getLogger(getClass()); + + private String adminGroup; + @Autowired private EmergencyPhoneNumberDao dao; + + @Value("${adminGroup}") + public void setAdminGroup(String group) { + adminGroup = group; + } @Override public TypeValue[] getEmergencyPhoneNumbers(String netId) { @@ -22,4 +35,16 @@ public TypeValue[] setEmergencyPhoneNumbers(String netId, TypeValue[] phoneNumbe return dao.setPhoneNumbers(netId, phoneNumbers); } + @Override + public TypeValue[] getEmergencyPhoneNumbers(String username, String manifestGroups, String netId) { + if(StringUtils.isNotBlank(adminGroup) && manifestGroups.contains(adminGroup)){ + logger.info("User {} lookuped up user {} emergency phone number", username, netId); + return dao.getPhoneNumbers(netId); + }else { + //TODO : implement uw-spring-security + logger.warn("Security violation: User {} looked up user{} emergency phone number", username, netId); + throw new SecurityException("Security violation, forbidden"); + } + } + } diff --git a/my-profile-webapp/src/main/java/edu/wisc/my/profile/web/LocalContactAdminController.java b/my-profile-webapp/src/main/java/edu/wisc/my/profile/web/LocalContactAdminController.java index fb8114d..80d3cf3 100644 --- a/my-profile-webapp/src/main/java/edu/wisc/my/profile/web/LocalContactAdminController.java +++ b/my-profile-webapp/src/main/java/edu/wisc/my/profile/web/LocalContactAdminController.java @@ -22,8 +22,10 @@ import edu.wisc.my.profile.model.ContactInformation; import edu.wisc.my.profile.model.SearchTerm; +import edu.wisc.my.profile.model.TypeValue; import edu.wisc.my.profile.model.User; import edu.wisc.my.profile.service.EmergencyContactInformationService; +import edu.wisc.my.profile.service.EmergencyPhoneNumberService; import edu.wisc.my.profile.service.LocalContactInformationService; import edu.wisc.my.profile.service.SearchUsersService; @@ -44,6 +46,9 @@ public class LocalContactAdminController { @Autowired private SearchUsersService searchUsersService; + @Autowired + private EmergencyPhoneNumberService emPhoneNumberService; + @Value("${manifestAttribute}") public void setManifestGroupAttribute(String attr) { manifestAttribute = attr; @@ -99,10 +104,14 @@ public void setUsernameAttr(String attr) { } ContactInformation[] emergencyInfo = emergencyService.getContactInfo(username, manifestGroups, netId); ContactInformation localInfo = localService.getContactInfo(username,manifestGroups, netId); + TypeValue[] emergencyPhoneNumbers = emPhoneNumberService.getEmergencyPhoneNumbers(username, manifestGroups, netId); String localContactInfoString = gson.toJson(localInfo); String emergencyContactInfoString = gson.toJson(emergencyInfo); + String emergencyPhoneNumbersString = gson.toJson(emergencyPhoneNumbers); response.setContentType("application/json"); - response.getWriter().write("{\"emergency\":"+ emergencyContactInfoString +" , \"local\":"+localContactInfoString+"}"); + response.getWriter().write("{\"emergency\":"+ emergencyContactInfoString + + " , \"local\":"+localContactInfoString+ + " , \"emergencyPhoneNumbers\":"+emergencyPhoneNumbersString+"}"); } catch (Exception e) { logger.error("Issue happened during lookup", e); response.setStatus(HttpServletResponse.SC_FORBIDDEN); diff --git a/my-profile-webapp/src/main/webapp/my-app/lec/partials/user.html b/my-profile-webapp/src/main/webapp/my-app/lec/partials/user.html index 638e8b0..124035e 100644 --- a/my-profile-webapp/src/main/webapp/my-app/lec/partials/user.html +++ b/my-profile-webapp/src/main/webapp/my-app/lec/partials/user.html @@ -43,7 +43,7 @@

Local Phone Numbers

-
{{phone.type}} : {{phone.value}}
+
{{phone.type}} : {{phone.value}}
No local phone numbers available for {{people.firstName}} {{people.middleName}} {{people.lastName}}