SHIBUI-2394

merged auth branch changes

.gitignore

@@ -415,3 +415,8 @@ beacon/spring/out
 /a.xml
 /application.yml
 /backend/src/test/resources/conf/deletem.xml
+/testbed/authentication/shibui/saml-signing-cert.crt
+/testbed/authentication/shibui/saml-signing-cert.key
+/testbed/authentication/shibui/saml-signing-cert.pem
+/testbed/authentication/shibui/samlKeystore.jks
+/testbed/authentication/shibui/sp-metadata.xml

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/DangerController.java

@@ -9,6 +9,7 @@
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolversPositionOrderContainerRepository;
 import edu.internet2.tier.shibboleth.admin.ui.repository.ShibPropertySetRepository;
 import edu.internet2.tier.shibboleth.admin.ui.repository.ShibPropertySettingRepository;
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.ApproversRepository;
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.GroupsRepository;
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.OwnershipRepository;
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository;
@@ -28,6 +29,9 @@
 @Profile("very-dangerous")
 @Slf4j
 public class DangerController {
+    @Autowired
+    private ApproversRepository approversRepositry;
+
     @Autowired
     private CustomEntityAttributeDefinitionRepository attributeRepository;
 
@@ -105,6 +109,7 @@ private void clearShibSettings() {
     }
 
     private void clearUsersAndGroups() {
+        approversRepositry.deleteAll();
         groupRepository.deleteAll();
         ownershipRepository.clearAllOwnedByGroup();
         userRepository.findAll().forEach(user -> {

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/RootUiViewController.java

@@ -1,6 +1,10 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.info.InfoEndpoint;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 
 import javax.servlet.http.HttpServletRequest;
@@ -15,6 +19,13 @@
 @Controller
 public class RootUiViewController {
 
+    @Autowired InfoEndpoint infoEndpoint;
+
+    @GetMapping(value = "/info")
+    public ResponseEntity<?> getInfo() {
+        return ResponseEntity.ok(infoEndpoint.info());
+    }
+
     @RequestMapping("/")
     public String index() {
         return "redirect:/index.html";

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Group.java

@@ -57,7 +57,7 @@ public class Group implements Owner {
     @Column(name = "validation_regex")
     private String validationRegex;
 
-    @OneToMany(fetch = FetchType.LAZY)
+    @OneToMany(fetch = FetchType.EAGER)
     private List<Approvers> approversList = new ArrayList<>();
 
     /**

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java

@@ -231,7 +231,8 @@ public EntityDescriptorRepresentation createNew(EntityDescriptorRepresentation e
         validateEntityIdAndACSUrls(edRep);
 
         ed.setIdOfOwner(userService.getCurrentUserGroup().getOwnerId());
-        if (shibUiAuthorizationDelegate.hasPermission(userService.getCurrentUserAuthentication(), null, PermissionType.admin)) {
+        if (shibUiAuthorizationDelegate.hasPermission(userService.getCurrentUserAuthentication(), null, PermissionType.admin) ||
+             userService.getCurrentUserGroup().getApproversList().isEmpty()) {
             ed.setApproved(true);
         }
 
@@ -250,7 +251,8 @@ public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(Ent
         if (ed.getProtocol() == EntityDescriptorProtocol.OIDC) {
             ed.getSPSSODescriptor("").addSupportedProtocol("http://openid.net/specs/openid-connect-core-1_0.html");
         }
-        if (shibUiAuthorizationDelegate.hasPermission(userService.getCurrentUserAuthentication(), null, PermissionType.admin)) {
+        if (shibUiAuthorizationDelegate.hasPermission(userService.getCurrentUserAuthentication(), null, PermissionType.admin) ||
+            userService.getCurrentUserGroup().getApproversList().isEmpty()) {
             ed.setApproved(true);
         }
         EntityDescriptor savedEntity = entityDescriptorRepository.save(ed);
@@ -669,8 +671,14 @@ public EntityDescriptorRepresentation updateEntityDescriptorEnabledStatus(String
     public EntityDescriptorRepresentation updateGroupForEntityDescriptor(String resourceId, String groupId) {
         EntityDescriptor ed = entityDescriptorRepository.findByResourceId(resourceId);
         ed.setIdOfOwner(groupId);
+        Group group = groupService.find(groupId);
         ownershipRepository.deleteEntriesForOwnedObject(ed);
-        ownershipRepository.save(new Ownership(groupService.find(groupId), ed));
+        ownershipRepository.save(new Ownership(group, ed));
+        // check and see if we need to update the approved status
+        if (!ed.isServiceEnabled()) {
+            int numApprovers = group.getApproversList().size();
+            ed.setApproved(!(numApprovers > 0 && ed.approvedCount() < numApprovers));
+        }
         EntityDescriptor savedEntity = entityDescriptorRepository.save(ed);
         return createRepresentationFromDescriptor(savedEntity);
     }

ui/src/app/App.constant.js

@@ -16,7 +16,7 @@ export const getActuatorPath = () => {
 
 export const BASE_PATH = getBasePath();
 export const API_BASE_PATH = `${BASE_PATH}api`;
-export const ACTUATOR_PATH = getActuatorPath();
+export const ACTUATOR_PATH = getBasePath();
 
 export const FILTER_PLUGIN_TYPES = ['RequiredValidUntil', 'SignatureValidation', 'EntityRoleWhiteList'];
 

ui/src/app/core/components/VersionInfo.js

@@ -16,7 +16,7 @@ export function VersionInfo () {
             'mode':'no-cors'
         }
     }
-    const { data = {} } = useFetch(`${ACTUATOR_PATH}actuator/info`, opts, []);
+    const { data = {} } = useFetch(`${ACTUATOR_PATH}/info`, opts, []);
 
     const [ versionData, setVersionData ] = React.useState('');