diff --git a/grails-app/controllers/au/org/ala/biocollect/merit/ProxyController.groovy b/grails-app/controllers/au/org/ala/biocollect/merit/ProxyController.groovy index b5ce0c096..610c7916a 100644 --- a/grails-app/controllers/au/org/ala/biocollect/merit/ProxyController.groovy +++ b/grails-app/controllers/au/org/ala/biocollect/merit/ProxyController.groovy @@ -35,11 +35,11 @@ class ProxyController { } def features(){ - render webService.get("${grailsApplication.config.spatial.layersUrl}/objects/${params.layerId}") + render webService.get("${grailsApplication.config.spatial.layersUrl}/objects/${params.layerId}", false) } def feature(){ - render webService.get("${grailsApplication.config.spatial.layersUrl}/object/${params.featureId}") + render webService.get("${grailsApplication.config.spatial.layersUrl}/object/${params.featureId}", false) } def speciesProfile(String id) { diff --git a/grails-app/services/au/org/ala/biocollect/merit/AdminService.groovy b/grails-app/services/au/org/ala/biocollect/merit/AdminService.groovy index bc2dcce5b..df789227b 100644 --- a/grails-app/services/au/org/ala/biocollect/merit/AdminService.groovy +++ b/grails-app/services/au/org/ala/biocollect/merit/AdminService.groovy @@ -195,6 +195,6 @@ class AdminService { def syncCollectoryOrgs() { def url = "${grailsApplication.config.ecodata.service.url}admin/syncCollectoryOrgs" - webService.doPost(url) + webService.doPost(url, [:]) } } diff --git a/grails-app/services/au/org/ala/biocollect/merit/SettingService.groovy b/grails-app/services/au/org/ala/biocollect/merit/SettingService.groovy index a65010f57..a1744f7f3 100644 --- a/grails-app/services/au/org/ala/biocollect/merit/SettingService.groovy +++ b/grails-app/services/au/org/ala/biocollect/merit/SettingService.groovy @@ -134,7 +134,7 @@ class SettingService { // Do not set cookie value to default hub since it overwrites genuine hub selection when calls are made with default hub. // This usually happens when calls are made without hub parameter like downloading images. - if (settings?.urlPath != defaultHub || cookieService.getCookie(LAST_ACCESSED_HUB) == null) + if (settings?.urlPath != defaultHub) cookieService.setCookie(LAST_ACCESSED_HUB, settings?.urlPath, -1 /* -1 means the cookie expires when the browser is closed */, '/') GrailsWebRequest.lookup().params.hub = settings?.urlPath SettingService.setHubConfig(settings) diff --git a/grails-app/services/au/org/ala/biocollect/merit/WebService.groovy b/grails-app/services/au/org/ala/biocollect/merit/WebService.groovy index 98e0234db..b4045c601 100644 --- a/grails-app/services/au/org/ala/biocollect/merit/WebService.groovy +++ b/grails-app/services/au/org/ala/biocollect/merit/WebService.groovy @@ -78,14 +78,25 @@ class WebService { grailsApplication.config.webservice.readTimeout as int } + private void addAuthForAllowedDomains(URLConnection conn) { + def host = conn.getURL().getHost() + for (int domIndex = 0; domIndex < WHITE_LISTED_DOMAINS.size(); domIndex++) { + if (host.endsWith(WHITE_LISTED_DOMAINS[domIndex])) { + conn.setRequestProperty("Authorization", getAuthHeader()) + break + } + } + } + private URLConnection configureConnection(String url, boolean includeUserId, Integer timeout = null) { - def connUrl = new URL(url) - URLConnection conn = connUrl.openConnection() + URLConnection conn = (new URL(url)).openConnection() def readTimeout = timeout?:defaultTimeout() conn.setConnectTimeout(grailsApplication.config.getProperty("webservice.connectTimeout", Integer)) conn.setReadTimeout(readTimeout) + addHubUrlPath(conn) + addAuthForAllowedDomains(conn) if (includeUserId) { def user = getUserService().getUser() @@ -94,15 +105,6 @@ class WebService { } } - def host = connUrl.getHost() - - for (int domIndex = 0; domIndex < WHITE_LISTED_DOMAINS.size(); domIndex++) { - if (host.endsWith(WHITE_LISTED_DOMAINS[domIndex])) { - conn.setRequestProperty("Authorization", getAuthHeader()) - break - } - } - conn } @@ -265,7 +267,8 @@ class WebService { conn.setRequestMethod("POST") conn.setDoOutput(true) conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded") - conn.setRequestProperty("Authorization", getAuthHeader()) + + addAuthForAllowedDomains(conn) addHubUrlPath(conn) def user = getUserService().getUser() @@ -301,8 +304,8 @@ class WebService { conn = new URL(url).openConnection() conn.setDoOutput(true) conn.setRequestProperty("Content-Type", "application/json;charset=${charEncoding}") - conn.setRequestProperty("Authorization", getAuthHeader()) + addAuthForAllowedDomains(conn) addHubUrlPath(conn) def user = getUserService().getUser() @@ -337,7 +340,8 @@ class WebService { conn.setRequestMethod("PUT") conn.setDoOutput(true) conn.setRequestProperty("Content-Type", "application/json;charset=${charEncoding}") - conn.setRequestProperty("Authorization", getAuthHeader()) + + addAuthForAllowedDomains(conn) addHubUrlPath(conn) def user = getUserService().getUser() @@ -383,7 +387,8 @@ class WebService { conn.setDoOutput(true) conn.setRequestMethod("GET") conn.setRequestProperty("Content-Type", "${APPLICATION_JSON};charset=${StandardCharsets.UTF_8.toString()}"); - conn.setRequestProperty("Authorization", getAuthHeader()) + + addAuthForAllowedDomains(conn) addHubUrlPath(conn) def user = getUserService().getUser() @@ -411,7 +416,8 @@ class WebService { try { conn = new URL(url).openConnection() conn.setRequestMethod("DELETE") - conn.setRequestProperty("Authorization", getAuthHeader()) + + addAuthForAllowedDomains(conn) addHubUrlPath(conn) def user = getUserService().getUser()