Merge branch 'develop' into 2579-DDI-export

Author: sekmiller

src/main/java/Bundle.properties

@@ -185,8 +185,8 @@ user.updatePassword.password=Create a password that is minimum six characters lo
 authenticationProvidersAvailable.tip={0}There are no active authentication providers{1}If you are a system administrator, please enable one using the API.{2}If you are not a system administrator, please contact the one for your institution.
 login.System=Login System
 login.forgot.text=Forgot your password?
-login.builtin=Dataverse Account Log In
-login.institution=Institutional Log In
+login.builtin=Dataverse Account
+login.institution=Institutional Account
 login.institution.blurb=Use Dataverse with your institutional log in instead of creating an account. <a href="{0}/{1}/user/account.html" target="_blank">Learn More</a>.
 login.institution.support.beforeLink=Leaving your institution? Please contact
 login.institution.support.afterLink=for assistance.
@@ -748,6 +748,10 @@ dataset.manageGuestbooks.guestbook.name.tip=Enter a unique name for this Guestbo
 dataset.manageGuestbooks.guestbook.dataCollected=Data Collected
 dataset.manageGuestbooks.guestbook.dataCollected.description=Dataverse account information that will be collected when a user downloads a file. Check the ones that will be required.
 dataset.manageGuestbooks.guestbook.customQuestions=Custom Questions
+dataset.manageGuestbooks.guestbook.requiredCustomQuestions=Required Custom Questions
+dataset.manageGuestbooks.guestbook.optionalCustomQuestions=Optional Custom Questions
+dataset.manageGuestbooks.guestbook.requiredAccountInformation=Required Account Information
+dataset.manageGuestbooks.guestbook.optionalAccountInformation=Optional Account Information
 dataset.manageGuestbooks.guestbook.customQuestions.description=Create your own questions to have users provide more than their account information when they download a file. Questions can be required or optional and answers can be text or multiple choice.
 dataset.manageGuestbooks.guestbook.customQuestions.questionType=Question Type
 dataset.manageGuestbooks.guestbook.customQuestions.questionText=Question Text

src/main/java/edu/harvard/iq/dataverse/DataverseHeaderFragment.java

@@ -106,12 +106,12 @@ public void initBreadcrumbs(DvObject dvObject, String subPage) {
         breadcrumbs.clear();
 
         while (dvObject != null) {
-            breadcrumbs.add(0, new Breadcrumb(dvObject.getDisplayName(), dvObject));
+            breadcrumbs.add(0, new Breadcrumb(dvObject, dvObject.getDisplayName()));
             dvObject = dvObject.getOwner();
         }        
 
         if (subPage != null) {
-            breadcrumbs.add(new Breadcrumb(subPage, null));
+            breadcrumbs.add(new Breadcrumb(subPage));
         }
     }
 
@@ -243,17 +243,34 @@ private static String getPageFromContext() {
         }
         return "";
     }
+    
+    public void addBreadcrumb (String url, String linkString){
+        breadcrumbs.add(new Breadcrumb(url, linkString));
+    }
+    
+    public void addBreadcrumb (String linkString){
+        breadcrumbs.add(new Breadcrumb(linkString));
+    }
 
     // inner class used for breadcrumbs
     public static class Breadcrumb {
 
         private final String breadcrumbText;
-        private final DvObject dvObject;
+        private  DvObject dvObject = null;
+        private  String url = null;
 
-        public Breadcrumb(String breadcrumbText, DvObject dvObject) {
-            this.breadcrumbText = breadcrumbText;            
-            this.dvObject = dvObject;            
+        public Breadcrumb( DvObject dvObject, String breadcrumbText) {
+            this.breadcrumbText = breadcrumbText;
+            this.dvObject = dvObject;
+        }
 
+        public Breadcrumb( String url, String breadcrumbText) {
+            this.breadcrumbText = breadcrumbText;
+            this.url = url;
+        }
+        
+        public Breadcrumb(String breadcrumbText){
+            this.breadcrumbText = breadcrumbText;
         }
 
         public String getBreadcrumbText() {
@@ -264,6 +281,9 @@ public DvObject getDvObject() {
             return dvObject;
         }
 
-        
+        public String getUrl() {
+            return url;
+        }
+
     }
 }

src/main/java/edu/harvard/iq/dataverse/EMailValidator.java

@@ -33,14 +33,7 @@ public static boolean isEmailValid(String value, ConstraintValidatorContext cont
             //we'll let someone else decide if it's required
             return true;
         }
-        /**
-         * @todo Why are we validating the trimmed value rather than the value
-         * itself? Which are we persisting to the database, the trimmed value or
-         * the non-trimmed value? See also
-         * https://github.com/IQSS/dataverse/issues/2945 and
-         * https://github.com/IQSS/dataverse/issues/3044
-         */
-        boolean isValid = EmailValidator.getInstance().isValid(value.trim());
+        boolean isValid = EmailValidator.getInstance().isValid(value);
         if (!isValid) {
             if (context != null) {
                 context.buildConstraintViolationWithTemplate(value + " is not a valid email address.").addConstraintViolation();

src/main/java/edu/harvard/iq/dataverse/Guestbook.java

@@ -1,6 +1,7 @@
 
 package edu.harvard.iq.dataverse;
 
+import edu.harvard.iq.dataverse.util.BundleUtil;
 import java.io.Serializable;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -19,6 +20,7 @@
 import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
 import javax.persistence.Transient;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.hibernate.validator.constraints.NotBlank;
 
 /**
@@ -186,94 +188,63 @@ public boolean isDeletable() {
 
     public void setDeletable(boolean deletable) {
         this.deletable = deletable;
-    }
-    
-    public String getRequiredCustomQuestionsString(){
-        String retVal = "";
-        for (CustomQuestion cq : this.getCustomQuestions()){
-            if(cq.isRequired()){
-            if(retVal.isEmpty()){
-               retVal = "Required Custom Questions<br/>&#160; &#8226; " + cq.getQuestionString(); 
-            } else { 
-               retVal += "<br/>&#160; &#8226; " + cq.getQuestionString();
-            }
-        }
-        }
-        return retVal;        
-    }
-    
-    public String getOptionalCustomQuestionsString(){
-        String retVal = "";
-        for (CustomQuestion cq : this.getCustomQuestions()){
-            if(!cq.isRequired()){
-            if(retVal.isEmpty()){
-               retVal = "Optional Custom Questions<br/>&#160; &#8226; " + cq.getQuestionString(); 
-            } else { 
-               retVal += "<br/>&#160; &#8226; " + cq.getQuestionString();
-            }
-        }
-        }
-        return retVal;        
-    }
+    }    
 
-    public String getRequiredAccountInformationString(){
-        String retVal = "";
-        if(nameRequired){
-            retVal = "Required Account Information<br/>&#160; &#8226; Name";
+    public List<String> getRequiredAccountInformation() {
+        List<String> retList = new ArrayList();
+        if (nameRequired) {
+            retList.add(BundleUtil.getStringFromBundle("name"));
         }
-        if(emailRequired){
-            if(retVal.isEmpty()){
-               retVal = "Required Account Information<br/>&#160; &#8226; Email"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Email";  
-            }
+        if (emailRequired) {
+            retList.add(BundleUtil.getStringFromBundle("email"));
         }
-        if(institutionRequired){
-            if(retVal.isEmpty()){
-               retVal = "Required Account Information<br/>&#160; &#8226; Institution"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Institution";  
-            }
+        if (institutionRequired) {
+            retList.add(BundleUtil.getStringFromBundle("institution"));
         }
-        if(positionRequired){
-            if(retVal.isEmpty()){
-               retVal = "Required Account Information<br/>&#160; &#8226; Position"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Position";  
-            }
+        if (positionRequired) {
+            retList.add(BundleUtil.getStringFromBundle("position"));
         }
-        return retVal;
+        return retList;
     }
 
-    public String getOptionalAccountInformationString(){
-        String retVal = "";
+    public List<String> getOptionalAccountInformation(){
+                List <String> retList = new ArrayList();
         if(!nameRequired){
-            retVal = "Optional Account Information<br/>&#160; &#8226; Name";
+           retList.add(BundleUtil.getStringFromBundle("name"));
         }
         if(!emailRequired){
-            if(retVal.isEmpty()){
-               retVal = "Optional Account Information<br/>&#160; &#8226; Email"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Email";  
-            }
+            retList.add(BundleUtil.getStringFromBundle("email"));
         }
         if(!institutionRequired){
-            if(retVal.isEmpty()){
-               retVal = "Optional Account Information<br/>&#160; &#8226; Institution"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Institution";  
-            }
+            retList.add(BundleUtil.getStringFromBundle("institution"));
         }
         if(!positionRequired){
-            if(retVal.isEmpty()){
-               retVal = "Optional Account Information<br/>&#160; &#8226; Position"; 
-            } else { 
-               retVal += "<br/>&#160; &#8226; Position";  
-            }
+            retList.add(BundleUtil.getStringFromBundle("position"));
         }
-        return retVal;
+        return retList;
+        
+    }
+    
+    public List<String> getRequiredQuestionsList(){
+        List <String> retList = new ArrayList();
+                for (CustomQuestion cq : this.getCustomQuestions()){
+                    if(cq.isRequired()){
+                        retList.add(cq.getQuestionString());
+                    }
+                }
+        return retList;
     }
 
+    public List<String> getOptionalQuestionsList(){
+        List <String> retList = new ArrayList();
+                for (CustomQuestion cq : this.getCustomQuestions()){
+                    if(!cq.isRequired()){
+                        retList.add(cq.getQuestionString());
+                    }
+                }
+        return retList;
+    }
+        
     public void removeCustomQuestion(int index){
         customQuestions.remove(index);
     }

src/main/java/edu/harvard/iq/dataverse/RoleAssigneeServiceBean.java

@@ -274,7 +274,11 @@ private String getDvObjectIdListClause(List<Long> dvObjectIdList) {
         return " AND r.definitionpoint_id IN (" + StringUtils.join(outputList, ",") + ")";
     }
 
-    private List<String> getUserExplicitGroups(String roleAssigneeIdentifier) {
+    /**
+     * @todo Support groups within groups:
+     * https://github.com/IQSS/dataverse/issues/3056
+     */
+    public List<String> getUserExplicitGroups(String roleAssigneeIdentifier) {
 
         String qstr = "select  groupalias from explicitgroup";
         qstr += " where id in ";

src/main/java/edu/harvard/iq/dataverse/Shib.java

@@ -357,21 +357,34 @@ public String cancel() {
     }
 
     /**
-     * @return The value of a Shib attribute (if non-empty) or null.
+     * @return The trimmed value of a Shib attribute (if non-empty) or null.
+     *
+     * @todo Move this to ShibUtil
      */
     private String getValueFromAssertion(String key) {
         Object attribute = request.getAttribute(key);
         if (attribute != null) {
             String attributeValue = attribute.toString();
-            logger.fine("The SAML assertion for \"" + key + "\" (optional) was \"" + attributeValue + "\".");
-            if (!attributeValue.isEmpty()) {
-                return attributeValue;
+            String trimmedValue = attributeValue.trim();
+            if (!trimmedValue.isEmpty()) {
+                logger.fine("The SAML assertion for \"" + key + "\" (optional) was \"" + attributeValue + "\" and was trimmed to \"" + trimmedValue + "\".");
+                return trimmedValue;
+            } else {
+                logger.fine("The SAML assertion for \"" + key + "\" (optional) was \"" + attributeValue + "\" and was trimmed to \"" + trimmedValue + "\" (empty string). Returing null.");
+                return null;
             }
+        } else {
+            logger.fine("The SAML assertion for \"" + key + "\" (optional) was null.");
+            return null;
         }
-        logger.info("The SAML assertion for \"" + key + "\" (optional) was null.");
-        return null;
     }
 
+    /**
+     * @return The trimmed value of a Shib attribute (if non-empty) or null.
+     *
+     * @todo Move this to ShibUtil. More objects might be required since
+     * sometimes we want to show messages, etc.
+     */
     private String getRequiredValueFromAssertion(String key) throws Exception {
         Object attribute = request.getAttribute(key);
         if (attribute == null) {
@@ -390,8 +403,9 @@ private String getRequiredValueFromAssertion(String key) throws Exception {
         if (attributeValue.isEmpty()) {
             throw new Exception(key + " was empty");
         }
-        logger.fine("The SAML assertion for \"" + key + "\" (required) was \"" + attributeValue + "\".");
-        return attributeValue;
+        String trimmedValue = attributeValue.trim();
+        logger.fine("The SAML assertion for \"" + key + "\" (required) was \"" + attributeValue + "\" and was trimmed to \"" + trimmedValue + "\".");
+        return trimmedValue;
     }
 
     public String getRootDataverseAlias() {

src/main/java/edu/harvard/iq/dataverse/api/BuiltinUsers.java

@@ -8,6 +8,7 @@
 import edu.harvard.iq.dataverse.authorization.providers.builtin.PasswordEncryption;
 import edu.harvard.iq.dataverse.authorization.users.ApiToken;
 import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;
+import edu.harvard.iq.dataverse.util.json.JsonPrinter;
 import java.sql.Timestamp;
 import java.util.Calendar;
 import java.util.logging.Level;
@@ -24,6 +25,7 @@
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import static edu.harvard.iq.dataverse.util.json.JsonPrinter.json;
+import static edu.harvard.iq.dataverse.util.json.JsonPrinter.jsonForAuthUser;
 
 /**
  * REST API bean for managing {@link BuiltinUser}s.
@@ -134,6 +136,7 @@ private Response internalSave(BuiltinUser user, String password, String key) {
 
             JsonObjectBuilder resp = Json.createObjectBuilder();
             resp.add("user", json(user));
+            resp.add("authenticatedUser", jsonForAuthUser(au));
             resp.add("apiToken", token.getTokenString());
 
             alr.setInfo("builtinUser:" + user.getUserName() + " authenticatedUser:" + au.getIdentifier() );

src/main/java/edu/harvard/iq/dataverse/authorization/AuthenticationServiceBean.java

@@ -269,6 +269,11 @@ public AuthenticatedUser authenticate( String authenticationProviderId, Authenti
             // yay! see if we already have this user.
             AuthenticatedUser user = lookupUser(authenticationProviderId, resp.getUserId());
 
+            /**
+             * @todo Why does a method called "authenticate" have the potential
+             * to call "createAuthenticatedUser"? Isn't the creation of a user a
+             * different action than authenticating?
+             */
             return ( user == null ) ?
                 AuthenticationServiceBean.this.createAuthenticatedUser(
                         new UserRecordIdentifier(authenticationProviderId, resp.getUserId()), resp.getUserId(), resp.getUserDisplayInfo(), true )
@@ -391,6 +396,7 @@ public ApiToken save( ApiToken aToken ) {
      * @param userDisplayInfo
      * @param generateUniqueIdentifier if {@code true}, create a new, unique user identifier for the created user, if the suggested one exists.
      * @return the newly created user, or {@code null} if the proposed identifier exists and {@code generateUniqueIdentifier} was {@code false}.
+     * @throws EJBException which may wrap an ConstraintViolationException if the proposed user does not pass bean validation.
      */
     public AuthenticatedUser createAuthenticatedUser(UserRecordIdentifier userRecordId,
                                                      String proposedAuthenticatedUserIdentifier,
@@ -399,6 +405,10 @@ public AuthenticatedUser createAuthenticatedUser(UserRecordIdentifier userRecord
         AuthenticatedUser authenticatedUser = new AuthenticatedUser();
         authenticatedUser.applyDisplayInfo(userDisplayInfo);
 
+        // we have no desire for leading or trailing whitespace in identifiers
+        if (proposedAuthenticatedUserIdentifier != null) {
+            proposedAuthenticatedUserIdentifier = proposedAuthenticatedUserIdentifier.trim();
+        }
         // we now select a username for the generated AuthenticatedUser, or give up
         String internalUserIdentifer = proposedAuthenticatedUserIdentifier;
         // TODO should lock table authenticated users for write here