diff --git a/avni-server-api/src/main/java/org/avni/server/dao/MetabaseRepository.java b/avni-server-api/src/main/java/org/avni/server/dao/MetabaseRepository.java index cc82d5be5..f71865c7f 100644 --- a/avni-server-api/src/main/java/org/avni/server/dao/MetabaseRepository.java +++ b/avni-server-api/src/main/java/org/avni/server/dao/MetabaseRepository.java @@ -1,5 +1,13 @@ package org.avni.server.dao; +import org.avni.server.domain.metabase.Collection; +import org.avni.server.domain.metabase.CollectionPermissions; +import org.avni.server.domain.metabase.CollectionResponse; +import org.avni.server.domain.metabase.Database; +import org.avni.server.domain.metabase.DatabaseResponse; +import org.avni.server.domain.metabase.Permissions; +import org.avni.server.domain.metabase.PermissionsGroup; +import org.avni.server.domain.metabase.PermissionsGroupResponse; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; @@ -8,16 +16,12 @@ import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Repository; import org.springframework.web.client.RestTemplate; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import java.util.HashMap; import java.util.Map; @Repository public class MetabaseRepository { - private final Logger logger = LoggerFactory.getLogger(MetabaseRepository.class); private final RestTemplate restTemplate; @Value("${metabase.api.key}") @@ -26,154 +30,69 @@ public class MetabaseRepository { @Value("${metabase.api.url}") private String metabaseApiUrl; - @Value("${database.host}") - private String dbHost; - - @Value("${database.port}") - private String dbPort; - - @Value("${database.name}") - private String dbName; - - @Value("${database.engine}") - private String dbEngine; - public MetabaseRepository(RestTemplate restTemplate) { this.restTemplate = restTemplate; } - public int createDatabase(String dbUser) { + public int createDatabase(Database database) { String url = metabaseApiUrl + "/database"; - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_JSON); - headers.set("x-api-key", apiKey); - - Map details = new HashMap<>(); - details.put("host", dbHost); - details.put("port", dbPort); - details.put("db", dbName); - details.put("user", dbUser); - - Map requestBody = new HashMap<>(); - requestBody.put("engine", dbEngine); - requestBody.put("name", dbUser); - requestBody.put("details", details); - - HttpEntity> entity = new HttpEntity<>(requestBody, headers); - logger.info("Sending request to create database for user: {}", dbUser); - ResponseEntity response = restTemplate.exchange(url, HttpMethod.POST, entity, Map.class); - logger.info("Response from Metabase API (create database): " + response.getBody()); - - return (Integer) response.getBody().get("id"); + HttpEntity entity = createHttpEntity(database); + DatabaseResponse response = restTemplate.postForObject(url, entity, DatabaseResponse.class); + return response.getId(); } - public int createCollection(String name) { + public int createCollection(Collection collection) { String url = metabaseApiUrl + "/collection"; - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_JSON); - headers.set("x-api-key", apiKey); - - Map requestBody = new HashMap<>(); - requestBody.put("name", name); - requestBody.put("description", name + " collection"); - - HttpEntity> entity = new HttpEntity<>(requestBody, headers); - logger.info("Sending request to create collection for name: {}", name); - ResponseEntity response = restTemplate.exchange(url, HttpMethod.POST, entity, Map.class); - logger.info("Response from Metabase API (create collection): " + response.getBody()); - - return (Integer) response.getBody().get("id"); + HttpEntity entity = createHttpEntity(collection); + CollectionResponse response = restTemplate.postForObject(url, entity, CollectionResponse.class); + return response.getId(); } - public int createPermissionsGroup(String name) { + public int createPermissionsGroup(PermissionsGroup permissionsGroup) { String url = metabaseApiUrl + "/permissions/group"; - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_JSON); - headers.set("x-api-key", apiKey); - - Map requestBody = new HashMap<>(); - requestBody.put("name", name); + HttpEntity entity = createHttpEntity(permissionsGroup); + PermissionsGroupResponse response = restTemplate.postForObject(url, entity, PermissionsGroupResponse.class); + return response.getId(); + } - HttpEntity> entity = new HttpEntity<>(requestBody, headers); - logger.info("Request body for creating permissions group: {}", requestBody); - logger.info("Sending request to create permissions group for name: {}", name); + public Map getPermissionsGraph() { + String url = metabaseApiUrl + "/permissions/graph"; + ResponseEntity response = restTemplate.exchange(url, HttpMethod.GET, createHttpEntity(null), Map.class); + return response.getBody(); + } - ResponseEntity response = restTemplate.exchange(url, HttpMethod.POST, entity, Map.class); - logger.info("Response from Metabase API (create permissions group): " + response.getBody()); - return (Integer) response.getBody().get("id"); + public Map getCollectionPermissionsGraph() { + String url = metabaseApiUrl + "/collection/graph"; + ResponseEntity response = restTemplate.exchange(url, HttpMethod.GET, createHttpEntity(null), Map.class); + return response.getBody(); } - public void assignDatabasePermissions(int groupId, int databaseId) { - logger.info("Assigning database permissions for group ID: {}", groupId); + public void assignDatabasePermissions(Permissions permissions, int groupId, int databaseId) { + permissions.updatePermissionsGraph(groupId, databaseId); String url = metabaseApiUrl + "/permissions/graph"; - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_JSON); - headers.set("x-api-key", apiKey); - - ResponseEntity response = restTemplate.exchange(url, HttpMethod.GET, new HttpEntity<>(headers), Map.class); - Map permissionsGraph = response.getBody(); - - Map groups = (Map) permissionsGraph.get("groups"); - if (groups == null) { - throw new RuntimeException("Groups not found in the permissions graph."); - } - - Map databasePermissions = new HashMap<>(); - databasePermissions.put("data", new HashMap() {{ - put("schemas", "all"); - }}); - - if (!groups.containsKey(String.valueOf(groupId))) { - groups.put(String.valueOf(groupId), new HashMap<>()); - } - Map groupPermissions = (Map) groups.get(String.valueOf(groupId)); - groupPermissions.put(String.valueOf(databaseId), databasePermissions); - - if (groups.containsKey("1")) { - Map group1Permissions = (Map) groups.get("1"); - if (group1Permissions.containsKey(String.valueOf(databaseId))) { - Map group1DatabasePermissions = (Map) group1Permissions.get(String.valueOf(databaseId)); - if (group1DatabasePermissions.containsKey("data")) { - Map dataPermissions = (Map) group1DatabasePermissions.get("data"); - dataPermissions.put("native", "none"); - dataPermissions.put("schemas", "none"); - } - } - } - - HttpEntity> entity = new HttpEntity<>(permissionsGraph, headers); - response = restTemplate.exchange(url, HttpMethod.PUT, entity, Map.class); - logger.info("Response from Metabase API (assign database permissions): " + response.getBody()); + sendPutRequest(url, permissions.getPermissionsGraph()); } - public void updateCollectionPermissions(int groupId, int collectionId) { - logger.info("Updating collection permissions for group ID: {} and collection ID: {}", groupId, collectionId); - String graphUrl = metabaseApiUrl + "/collection/graph"; + public void updateCollectionPermissions(CollectionPermissions collectionPermissions, int groupId, int collectionId) { + collectionPermissions.updatePermissionsGraph(groupId, collectionId); + String url = metabaseApiUrl + "/collection/graph"; + sendPutRequest(url, collectionPermissions.getPermissionsGraph()); + } + private HttpHeaders getHeaders() { HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_JSON); headers.set("x-api-key", apiKey); + return headers; + } - ResponseEntity graphResponse = restTemplate.exchange(graphUrl, HttpMethod.GET, new HttpEntity<>(headers), Map.class); - Map collectionGraph = graphResponse.getBody(); - - logger.info("Current collection permissions graph: {}", collectionGraph); - - Map> groups = (Map>) collectionGraph.get("groups"); - - groups.computeIfAbsent(String.valueOf(groupId), k -> new HashMap<>()); - - Map groupPermissions = groups.get(String.valueOf(groupId)); - groupPermissions.put(String.valueOf(collectionId), "write"); - - if (groups.containsKey("1")) { - Map group1Permissions = (Map) groups.get("1"); - group1Permissions.put(String.valueOf(collectionId), "none"); // Set the permission for the specified collection ID to "none" - } - - logger.info("Updated collection permissions graph: {}", collectionGraph); + private HttpEntity createHttpEntity(T body) { + HttpHeaders headers = getHeaders(); + return new HttpEntity<>(body, headers); + } - HttpEntity> entity = new HttpEntity<>(collectionGraph, headers); - graphResponse = restTemplate.exchange(graphUrl, HttpMethod.PUT, entity, Map.class); - logger.info("Response from Metabase API (update collection permissions): " + graphResponse.getBody()); + private void sendPutRequest(String url, Map requestBody) { + HttpEntity> entity = createHttpEntity(requestBody); + restTemplate.exchange(url, HttpMethod.PUT, entity, Map.class); } } diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/Collection.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Collection.java new file mode 100644 index 000000000..3b24bfa2c --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Collection.java @@ -0,0 +1,19 @@ +package org.avni.server.domain.metabase; + +public class Collection { + private String name; + private String description; + + public Collection(String name, String description) { + this.name = name; + this.description = description; + } + + public String getName() { + return name; + } + + public String getDescription() { + return description; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionPermissions.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionPermissions.java new file mode 100644 index 000000000..963af0e23 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionPermissions.java @@ -0,0 +1,29 @@ +package org.avni.server.domain.metabase; + +import java.util.HashMap; +import java.util.Map; + +public class CollectionPermissions { + private Map permissionsGraph; + + public CollectionPermissions(Map permissionsGraph) { + this.permissionsGraph = permissionsGraph; + } + + public Map getPermissionsGraph() { + return permissionsGraph; + } + + public void updatePermissionsGraph(int groupId, int collectionId) { + Map> groups = (Map>) permissionsGraph.get("groups"); + + groups.computeIfAbsent(String.valueOf(groupId), k -> new HashMap<>()); + Map groupPermissions = groups.get(String.valueOf(groupId)); + groupPermissions.put(String.valueOf(collectionId), "write"); + + if (groups.containsKey("1")) { + Map allGroupPermissions = groups.get("1"); + allGroupPermissions.put(String.valueOf(collectionId), "none"); + } + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionResponse.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionResponse.java new file mode 100644 index 000000000..3446978f6 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/CollectionResponse.java @@ -0,0 +1,13 @@ +package org.avni.server.domain.metabase; + +public class CollectionResponse { + private int id; + + public int getId() { + return id; + } + + public void setId(int id) { + this.id = id; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/Database.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Database.java new file mode 100644 index 000000000..c8c60ed44 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Database.java @@ -0,0 +1,25 @@ +package org.avni.server.domain.metabase; + +public class Database { + private String name; + private String engine; + private DatabaseDetails details; + + public Database(String name, String engine, DatabaseDetails details) { + this.name = name; + this.engine = engine; + this.details = details; + } + + public String getName() { + return name; + } + + public String getEngine() { + return engine; + } + + public DatabaseDetails getDetails() { + return details; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseDetails.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseDetails.java new file mode 100644 index 000000000..a17b4df3a --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseDetails.java @@ -0,0 +1,35 @@ +package org.avni.server.domain.metabase; + +public class DatabaseDetails { + private String host; + private String port; + private String db; + private String user; + + public DatabaseDetails(String host, String port, String db, String user) { + this.host = host; + this.port = port; + this.db = db; + this.user = user; + } + + + public String getHost() { + return host; + } + + public String getPort() { + return port; + } + + public String getDb() { + return db; + } + + public String getUser() { + return user; + } + + +} + \ No newline at end of file diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseResponse.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseResponse.java new file mode 100644 index 000000000..651991747 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/DatabaseResponse.java @@ -0,0 +1,13 @@ +package org.avni.server.domain.metabase; + +public class DatabaseResponse { + private int id; + + public int getId() { + return id; + } + + public void setId(int id) { + this.id = id; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/Group.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Group.java new file mode 100644 index 000000000..f1874c183 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Group.java @@ -0,0 +1,23 @@ +package org.avni.server.domain.metabase; + +public class Group { + private int id; + private boolean hasPermission; + + public Group(int id, boolean hasPermission) { + this.id = id; + this.hasPermission = hasPermission; + } + + public int getId() { + return id; + } + + public boolean hasPermission() { + return hasPermission; + } + + public void setPermission(boolean hasPermission) { + this.hasPermission = hasPermission; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/Groups.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Groups.java new file mode 100644 index 000000000..d355e5f27 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Groups.java @@ -0,0 +1,20 @@ +package org.avni.server.domain.metabase; + +import java.util.ArrayList; +import java.util.List; + +public class Groups { + private List groups = new ArrayList<>(); + + public void addGroup(Group group) { + groups.add(group); + } + + public Group getGroupById(int id) { + return groups.stream().filter(g -> g.getId() == id).findFirst().orElse(null); + } + + public List getGroups() { + return groups; + } +} \ No newline at end of file diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/Permissions.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Permissions.java new file mode 100644 index 000000000..b9668f824 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/Permissions.java @@ -0,0 +1,41 @@ +package org.avni.server.domain.metabase; + +import java.util.HashMap; +import java.util.Map; + +public class Permissions { + private Map permissionsGraph; + + public Permissions(Map permissionsGraph) { + this.permissionsGraph = permissionsGraph; + } + + public Map getPermissionsGraph() { + return permissionsGraph; + } + + public void updatePermissionsGraph(int groupId, int databaseId) { + Map groups = (Map) permissionsGraph.get("groups"); + + Map databasePermissions = new HashMap<>(); + databasePermissions.put("data", new HashMap() {{ + put("schemas", "all"); + }}); + + groups.computeIfAbsent(String.valueOf(groupId), k -> new HashMap<>()); + Map groupPermissions = (Map) groups.get(String.valueOf(groupId)); + groupPermissions.put(String.valueOf(databaseId), databasePermissions); + + if (groups.containsKey("1")) { + Map allGroupsPermissionsMap = (Map) groups.get("1"); + if (allGroupsPermissionsMap.containsKey(String.valueOf(databaseId))) { + Map allGroupsDatabasePermissions = (Map) allGroupsPermissionsMap.get(String.valueOf(databaseId)); + if (allGroupsDatabasePermissions.containsKey("data")) { + Map dataPermissions = (Map) allGroupsDatabasePermissions.get("data"); + dataPermissions.put("native", "none"); + dataPermissions.put("schemas", "none"); + } + } + } + } +} \ No newline at end of file diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroup.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroup.java new file mode 100644 index 000000000..b4b1e9003 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroup.java @@ -0,0 +1,13 @@ +package org.avni.server.domain.metabase; + +public class PermissionsGroup { + private String name; + + public PermissionsGroup(String name) { + this.name = name; + } + + public String getName() { + return name; + } +} \ No newline at end of file diff --git a/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroupResponse.java b/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroupResponse.java new file mode 100644 index 000000000..74f540b90 --- /dev/null +++ b/avni-server-api/src/main/java/org/avni/server/domain/metabase/PermissionsGroupResponse.java @@ -0,0 +1,13 @@ +package org.avni.server.domain.metabase; + +public class PermissionsGroupResponse { + private int id; + + public int getId() { + return id; + } + + public void setId(int id) { + this.id = id; + } +} diff --git a/avni-server-api/src/main/java/org/avni/server/service/MetabaseService.java b/avni-server-api/src/main/java/org/avni/server/service/MetabaseService.java index cf8f83219..df79dd827 100644 --- a/avni-server-api/src/main/java/org/avni/server/service/MetabaseService.java +++ b/avni-server-api/src/main/java/org/avni/server/service/MetabaseService.java @@ -1,50 +1,57 @@ package org.avni.server.service; import org.avni.server.dao.MetabaseRepository; -import org.avni.server.service.OrganisationService.OrganisationDTO; -import org.avni.server.service.accessControl.AccessControlService; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import org.avni.server.domain.Organisation; +import org.avni.server.domain.metabase.Collection; +import org.avni.server.domain.metabase.CollectionPermissions; +import org.avni.server.domain.metabase.Database; +import org.avni.server.domain.metabase.DatabaseDetails; +import org.avni.server.domain.metabase.Permissions; +import org.avni.server.domain.metabase.PermissionsGroup; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; -import java.util.List; - @Service public class MetabaseService { - private final Logger logger = LoggerFactory.getLogger(MetabaseService.class); private final MetabaseRepository metabaseRepository; private final OrganisationService organisationService; - private final AccessControlService accessControlService; - public MetabaseService(MetabaseRepository metabaseRepository, OrganisationService organisationService,AccessControlService accessControlService) { + @Value("${database.host}") + private String dbHost; + + @Value("${database.port}") + private String dbPort; + + @Value("${database.name}") + private String dbName; + + @Value("${database.engine}") + private String dbEngine; + + public MetabaseService(MetabaseRepository metabaseRepository, OrganisationService organisationService) { this.metabaseRepository = metabaseRepository; this.organisationService = organisationService; - this.accessControlService = accessControlService; } public void setupMetabase() { - accessControlService.assertIsSuperAdmin(); - List organisations = organisationService.getOrganisations(); - - for (OrganisationDTO organisation : organisations) { - String name = organisation.getName(); - String dbUser = organisation.getDbUser(); + Organisation currentOrganisation = organisationService.getCurrentOrganisation(); + String name = currentOrganisation.getName(); + String dbUser = currentOrganisation.getDbUser(); - try { - logger.info("Setting up Metabase for organisation: {}", name); + DatabaseDetails databaseDetails = new DatabaseDetails(dbHost, dbPort, dbName, dbUser); + Database database = new Database(name, dbEngine, databaseDetails); + Collection collection = new Collection(name, name + " collection"); + PermissionsGroup permissionsGroup = new PermissionsGroup(name); - int databaseId = metabaseRepository.createDatabase(dbUser); - int collectionId = metabaseRepository.createCollection(name); - int groupId = metabaseRepository.createPermissionsGroup(name); + int databaseId = metabaseRepository.createDatabase(database); + int collectionId = metabaseRepository.createCollection(collection); + int groupId = metabaseRepository.createPermissionsGroup(permissionsGroup); - metabaseRepository.assignDatabasePermissions(groupId, databaseId); - metabaseRepository.updateCollectionPermissions(groupId, collectionId); + Permissions permissions = new Permissions(metabaseRepository.getPermissionsGraph()); + metabaseRepository.assignDatabasePermissions(permissions, groupId, databaseId); - } catch (Exception e) { - logger.error("Error setting up Metabase for organisation: " + name, e); - throw new RuntimeException("Failed to setup Metabase for organisation: " + name, e); - } - } + CollectionPermissions collectionPermissions = new CollectionPermissions(metabaseRepository.getCollectionPermissionsGraph()); + metabaseRepository.updateCollectionPermissions(collectionPermissions, groupId, collectionId); } } diff --git a/avni-server-api/src/main/java/org/avni/server/service/OrganisationService.java b/avni-server-api/src/main/java/org/avni/server/service/OrganisationService.java index 7b2f51abe..9dacfe56b 100644 --- a/avni-server-api/src/main/java/org/avni/server/service/OrganisationService.java +++ b/avni-server-api/src/main/java/org/avni/server/service/OrganisationService.java @@ -788,37 +788,4 @@ public Organisation getCurrentOrganisation() { return organisationRepository.findOne(organisationId); } - public List getOrganisations() { - List organisations = organisationRepository.findAllByIsVoidedFalse(); - return organisations.stream() - .filter(org -> !"OpenCHS".equals(org.getName())) - .map(org -> new OrganisationDTO(org.getName(), org.getDbUser())) - .collect(Collectors.toList()); - } - - public static class OrganisationDTO { - private String name; - private String dbUser; - - public OrganisationDTO(String name, String dbUser) { - this.name = name; - this.dbUser = dbUser; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getDbUser() { - return dbUser; - } - - public void setDbUser(String dbUser) { - this.dbUser = dbUser; - } - } } \ No newline at end of file diff --git a/avni-server-api/src/main/java/org/avni/server/service/UserService.java b/avni-server-api/src/main/java/org/avni/server/service/UserService.java index bb8962d5c..51978d277 100644 --- a/avni-server-api/src/main/java/org/avni/server/service/UserService.java +++ b/avni-server-api/src/main/java/org/avni/server/service/UserService.java @@ -47,11 +47,6 @@ public User getCurrentUser() { return userContext.getUser(); } - public boolean isDefaultSuperAdmin() { - User currentUser = getCurrentUser(); - return currentUser != null && User.DEFAULT_SUPER_ADMIN.equals(currentUser.getUuid()); - } - public User save(User user) { String idPrefix = UserSettings.getIdPrefix(user.getSettings()); if (StringUtils.hasLength(idPrefix)) { diff --git a/avni-server-api/src/main/java/org/avni/server/web/MetabaseController.java b/avni-server-api/src/main/java/org/avni/server/web/MetabaseController.java index 463433168..0838c146b 100644 --- a/avni-server-api/src/main/java/org/avni/server/web/MetabaseController.java +++ b/avni-server-api/src/main/java/org/avni/server/web/MetabaseController.java @@ -1,38 +1,25 @@ package org.avni.server.web; +import org.avni.server.domain.accessControl.PrivilegeType; import org.avni.server.service.MetabaseService; import org.avni.server.service.UserService; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.prepost.PreAuthorize; +import org.avni.server.service.accessControl.AccessControlService; import org.springframework.web.bind.annotation.*; @RestController @RequestMapping("/api/metabase") public class MetabaseController { - - private final Logger logger = LoggerFactory.getLogger(MetabaseController.class); private final MetabaseService metabaseService; - private final UserService userService; + private final AccessControlService accessControlService; - public MetabaseController(MetabaseService metabaseService, UserService userService) { + public MetabaseController(MetabaseService metabaseService, UserService userService,AccessControlService accessControlService) { this.metabaseService = metabaseService; - this.userService = userService; + this.accessControlService= accessControlService; } @PostMapping("/setup") - public ResponseEntity setupMetabase() { - logger.info("Received request to setup Metabase"); - try { - if (userService.isDefaultSuperAdmin()) { - metabaseService.setupMetabase(); - return ResponseEntity.ok("Metabase setup completed for all organisations."); - } else { - return ResponseEntity.status(403).body("Access denied. Only the default super admin can access this endpoint."); - } - } catch (Exception e) { - return ResponseEntity.status(500).body(e.getMessage()); - } - } + public void setupMetabase() { + accessControlService.checkPrivilege(PrivilegeType.EditOrganisationConfiguration); + metabaseService.setupMetabase(); +} }