[JN-1479] more service annotations

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/dashboard/DashboardController.java

@@ -39,7 +39,8 @@ public ResponseEntity<Object> listPortalEnvAlerts(String portalShortcode, String
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
 
     List<ParticipantDashboardAlert> alerts =
-        dashboardExtService.listPortalEnvAlerts(PortalEnvAuthContext.of(operator, portalShortcode, environmentName));
+        dashboardExtService.listPortalEnvAlerts(
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName));
 
     return ResponseEntity.ok(alerts);
   }
@@ -57,7 +58,7 @@ public ResponseEntity<Object> updatePortalEnvAlert(
 
     ParticipantDashboardAlert updatedAlert =
         dashboardExtService.updatePortalEnvAlert(
-                PortalEnvAuthContext.of(operator, portalShortcode, environmentName), trigger, alert);
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName), trigger, alert);
 
     return ResponseEntity.ok(updatedAlert);
   }
@@ -75,7 +76,7 @@ public ResponseEntity<Object> createPortalEnvAlert(
 
     ParticipantDashboardAlert createdAlert =
         dashboardExtService.createPortalEnvAlert(
-                PortalEnvAuthContext.of(operator, portalShortcode, environmentName), trigger, alert);
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName), trigger, alert);
 
     return ResponseEntity.ok(createdAlert);
   }

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/forms/SurveyResponseController.java

@@ -2,7 +2,7 @@
 
 import bio.terra.pearl.api.admin.api.SurveyResponseApi;
 import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
-import bio.terra.pearl.api.admin.service.auth.context.PortalStudyEnvAuthContext;
+import bio.terra.pearl.api.admin.service.auth.context.PortalEnrolleeAuthContext;
 import bio.terra.pearl.api.admin.service.forms.SurveyResponseExtService;
 import bio.terra.pearl.core.model.EnvironmentName;
 import bio.terra.pearl.core.model.admin.AdminUser;
@@ -46,11 +46,11 @@ public ResponseEntity<Object> update(
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     SurveyResponseWithJustification responseDto =
         objectMapper.convertValue(body, SurveyResponseWithJustification.class);
-    PortalStudyEnvAuthContext authContext =
-        PortalStudyEnvAuthContext.of(user, portalShortcode, studyShortcode, environmentName);
+    PortalEnrolleeAuthContext authContext =
+        PortalEnrolleeAuthContext.of(
+            user, portalShortcode, studyShortcode, environmentName, enrolleeShortcode);
     HubResponse hubResponse =
-        surveyResponseExtService.updateResponse(
-            authContext, user, responseDto, enrolleeShortcode, taskId);
+        surveyResponseExtService.updateResponse(authContext, responseDto, taskId);
     return ResponseEntity.ok(hubResponse);
   }
 }

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/notifications/TriggerController.java

@@ -107,10 +107,8 @@ public ResponseEntity<Object> adHoc(
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     Trigger configUsed =
         notificationExtService.sendAdHoc(
-            adminUser,
-            portalShortcode,
-            studyShortcode,
-            environmentName,
+            PortalStudyEnvAuthContext.of(
+                adminUser, portalShortcode, studyShortcode, environmentName),
             adHoc.enrolleeShortcodes,
             adHoc.customMessages,
             adHoc.triggerId);

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/portal/PortalController.java

@@ -3,6 +3,8 @@
 import bio.terra.pearl.api.admin.api.PortalApi;
 import bio.terra.pearl.api.admin.models.dto.PortalShallowDto;
 import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
+import bio.terra.pearl.api.admin.service.auth.context.OperatorAuthContext;
+import bio.terra.pearl.api.admin.service.auth.context.PortalAuthContext;
 import bio.terra.pearl.api.admin.service.portal.PortalExtService;
 import bio.terra.pearl.core.model.admin.AdminUser;
 import bio.terra.pearl.core.model.portal.Portal;
@@ -33,16 +35,16 @@ public PortalController(
 
   @Override
   public ResponseEntity<Object> get(String portalShortcode, String language) {
-    AdminUser adminUser = requestService.requireAdminUser(request);
-    Portal portal = portalExtService.fullLoad(adminUser, portalShortcode, language);
+    AdminUser operator = requestService.requireAdminUser(request);
+    Portal portal =
+        portalExtService.fullLoad(PortalAuthContext.of(operator, portalShortcode), language);
     return ResponseEntity.ok(portal);
   }
 
   @Override
   public ResponseEntity<Object> getAll() {
-    AdminUser adminUser = requestService.requireAdminUser(request);
-
-    List<Portal> portals = portalExtService.getAll(adminUser);
+    AdminUser operator = requestService.requireAdminUser(request);
+    List<Portal> portals = portalExtService.getAll(OperatorAuthContext.of(operator));
     List<PortalShallowDto> portalDtos =
         portals.stream()
             .map(portal -> objectMapper.convertValue(portal, PortalShallowDto.class))

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/portal/PortalEnvironmentConfigController.java

@@ -2,6 +2,7 @@
 
 import bio.terra.pearl.api.admin.api.PortalEnvironmentConfigApi;
 import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
+import bio.terra.pearl.api.admin.service.auth.context.PortalEnvAuthContext;
 import bio.terra.pearl.api.admin.service.portal.PortalExtService;
 import bio.terra.pearl.core.model.EnvironmentName;
 import bio.terra.pearl.core.model.admin.AdminUser;
@@ -31,12 +32,13 @@ public PortalEnvironmentConfigController(
 
   @Override
   public ResponseEntity<Object> update(String portalShortcode, String envName, Object configObj) {
-    AdminUser user = authUtilService.requireAdminUser(request);
+    AdminUser operator = authUtilService.requireAdminUser(request);
     PortalEnvironmentConfig config =
         objectMapper.convertValue(configObj, PortalEnvironmentConfig.class);
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     PortalEnvironmentConfig updatedConfig =
-        portalExtService.updateConfig(portalShortcode, environmentName, config, user);
+        portalExtService.updateConfig(
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName), config);
     return ResponseEntity.ok(updatedConfig);
   }
 }

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/portal/PortalEnvironmentController.java

@@ -2,6 +2,7 @@
 
 import bio.terra.pearl.api.admin.api.PortalEnvironmentApi;
 import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
+import bio.terra.pearl.api.admin.service.auth.context.PortalEnvAuthContext;
 import bio.terra.pearl.api.admin.service.portal.PortalExtService;
 import bio.terra.pearl.core.model.EnvironmentName;
 import bio.terra.pearl.core.model.admin.AdminUser;
@@ -34,22 +35,24 @@ public PortalEnvironmentController(
 
   @Override
   public ResponseEntity<Object> update(String portalShortcode, String envName, Object body) {
-    AdminUser user = authUtilService.requireAdminUser(request);
+    AdminUser operator = authUtilService.requireAdminUser(request);
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     PortalEnvironment portalEnv = objectMapper.convertValue(body, PortalEnvironment.class);
     PortalEnvironment updatedEnv =
-        portalExtService.updateEnvironment(portalShortcode, environmentName, portalEnv, user);
+        portalExtService.updateEnvironment(
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName), portalEnv);
     return ResponseEntity.ok(updatedEnv);
   }
 
   @Override
   public ResponseEntity<Object> setLanguages(String portalShortcode, String envName, Object body) {
-    AdminUser user = authUtilService.requireAdminUser(request);
+    AdminUser operator = authUtilService.requireAdminUser(request);
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     List<PortalEnvironmentLanguage> updatedLanguages =
         objectMapper.convertValue(body, new TypeReference<List<PortalEnvironmentLanguage>>() {});
     updatedLanguages =
-        portalExtService.setLanguages(portalShortcode, environmentName, updatedLanguages, user);
+        portalExtService.setLanguages(
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName), updatedLanguages);
     return ResponseEntity.ok(updatedLanguages);
   }
 }

api-admin/src/main/java/bio/terra/pearl/api/admin/controller/siteContent/SiteContentController.java

@@ -2,6 +2,8 @@
 
 import bio.terra.pearl.api.admin.api.SiteContentApi;
 import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
+import bio.terra.pearl.api.admin.service.auth.context.PortalAuthContext;
+import bio.terra.pearl.api.admin.service.auth.context.PortalEnvAuthContext;
 import bio.terra.pearl.api.admin.service.siteContent.SiteContentExtService;
 import bio.terra.pearl.core.model.EnvironmentName;
 import bio.terra.pearl.core.model.admin.AdminUser;
@@ -35,7 +37,8 @@ public SiteContentController(
   public ResponseEntity<Object> get(String portalShortcode, String stableId, Integer version) {
     AdminUser operator = authUtilService.requireAdminUser(request);
     Optional<SiteContent> siteContent =
-        siteContentExtService.get(portalShortcode, stableId, version, operator);
+        siteContentExtService.get(
+            PortalAuthContext.of(operator, portalShortcode), stableId, version);
     return ResponseEntity.of(siteContent.map(content -> content));
   }
 
@@ -44,7 +47,8 @@ public ResponseEntity<Object> getCurrent(String portalShortcode, String envName)
     AdminUser operator = authUtilService.requireAdminUser(request);
     EnvironmentName environmentName = EnvironmentName.valueOfCaseInsensitive(envName);
     Optional<SiteContent> siteContent =
-        siteContentExtService.getCurrent(portalShortcode, environmentName, operator);
+        siteContentExtService.getCurrent(
+            PortalEnvAuthContext.of(operator, portalShortcode, environmentName));
     return ResponseEntity.of(siteContent.map(content -> content));
   }
 
@@ -53,15 +57,17 @@ public ResponseEntity<Object> create(String portalShortcode, String stableId, Ob
     AdminUser operator = authUtilService.requireAdminUser(request);
     SiteContent siteContent = objectMapper.convertValue(body, SiteContent.class);
     SiteContent savedContent =
-        siteContentExtService.create(portalShortcode, stableId, siteContent, operator);
+        siteContentExtService.create(
+            PortalAuthContext.of(operator, portalShortcode), stableId, siteContent);
     return ResponseEntity.ok(savedContent);
   }
 
   @Override
   public ResponseEntity<Object> versionList(String portalShortcode, String stableId) {
     AdminUser operator = authUtilService.requireAdminUser(request);
     List<SiteContent> contents =
-        siteContentExtService.versionList(portalShortcode, stableId, operator);
+        siteContentExtService.versionList(
+            PortalAuthContext.of(operator, portalShortcode), stableId);
     return ResponseEntity.ok(contents);
   }
 }

api-admin/src/main/java/bio/terra/pearl/api/admin/service/PopulateExtService.java

@@ -1,5 +1,6 @@
 package bio.terra.pearl.api.admin.service;
 
+import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
 import bio.terra.pearl.api.admin.service.auth.EnforcePortalStudyEnvPermission;
 import bio.terra.pearl.api.admin.service.auth.SuperuserOnly;
 import bio.terra.pearl.api.admin.service.auth.context.OperatorAuthContext;
@@ -132,7 +133,7 @@ public SiteContent populateSiteContent(
     }
   }
 
-  @EnforcePortalStudyEnvPermission(permission = "BASE")
+  @EnforcePortalStudyEnvPermission(permission = AuthUtilService.BASE_PERMISSION)
   public Enrollee populateEnrollee(
       PortalStudyEnvAuthContext authContext, String filePathName, boolean overwrite) {
     StudyPopulateContext config =
@@ -147,7 +148,7 @@ public Enrollee populateEnrollee(
     return enrolleePopulator.populate(config, overwrite);
   }
 
-  @EnforcePortalStudyEnvPermission(permission = "BASE")
+  @EnforcePortalStudyEnvPermission(permission = AuthUtilService.BASE_PERMISSION)
   public Enrollee populateEnrollee(
       PortalStudyEnvAuthContext authContext,
       EnrolleePopulateType enrolleePopulateType,

api-admin/src/main/java/bio/terra/pearl/api/admin/service/admin/AdminUserExtService.java

@@ -1,5 +1,6 @@
 package bio.terra.pearl.api.admin.service.admin;
 
+import bio.terra.pearl.api.admin.service.auth.AuthUtilService;
 import bio.terra.pearl.api.admin.service.auth.EnforcePortalPermission;
 import bio.terra.pearl.api.admin.service.auth.SuperuserOnly;
 import bio.terra.pearl.api.admin.service.auth.context.OperatorAuthContext;
@@ -49,7 +50,7 @@ public AdminUser get(OperatorAuthContext authContext, UUID id) {
    * null, returns all portalAdminUsers, otherwise, just returns the portalAdminUser corresponding
    * to the portalId if one exists
    */
-  @EnforcePortalPermission(permission = "BASE")
+  @EnforcePortalPermission(permission = AuthUtilService.BASE_PERMISSION)
   public AdminUser getInPortal(PortalAuthContext authContext, UUID id) {
     return get(id, authContext.getPortal(), authContext.getOperator());
   }
@@ -87,7 +88,7 @@ public List<AdminUser> getAll(OperatorAuthContext authContext) {
     return adminUserService.findAllWithRoles();
   }
 
-  @EnforcePortalPermission(permission = "BASE")
+  @EnforcePortalPermission(permission = AuthUtilService.BASE_PERMISSION)
   public List<AdminUser> findByPortal(PortalAuthContext authContext) {
     return adminUserService.findAllWithRolesByPortal(authContext.getPortal().getId());
   }

api-admin/src/main/java/bio/terra/pearl/api/admin/service/auth/AuthUtilService.java

@@ -30,7 +30,7 @@ public class AuthUtilService {
    * authorized to access the given portal. It might include public-ish operations like viewing
    * surveys, etc.
    */
-  public static final String BASE_PERMISSON = "BASE";
+  public static final String BASE_PERMISSION = "BASE";
 
   private final AdminUserService adminUserService;
   private final BearerTokenFactory bearerTokenFactory;
@@ -84,7 +84,7 @@ public Portal authUserToPortal(AdminUser user, String portalShortcode) {
   public Portal authUserToPortalWithPermission(
       AdminUser user, String portalShortcode, String permission) {
     Portal portal = authUserToPortal(user, portalShortcode);
-    if (user.isSuperuser() || BASE_PERMISSON.equals(permission)) {
+    if (user.isSuperuser() || BASE_PERMISSION.equals(permission)) {
       return portal;
     }
     adminUserService

api-admin/src/main/java/bio/terra/pearl/api/admin/service/auth/EnforcePortalEnvPermission.java

@@ -5,5 +5,5 @@
 @Retention(RetentionPolicy.RUNTIME)
 @Target(ElementType.METHOD)
 public @interface EnforcePortalEnvPermission {
-    String permission();
+  String permission();
 }

api-admin/src/main/java/bio/terra/pearl/api/admin/service/auth/EnforcePortalEnvPermissionAspect.java

@@ -1,61 +1,57 @@
 package bio.terra.pearl.api.admin.service.auth;
 
 import bio.terra.pearl.api.admin.service.auth.context.PortalEnvAuthContext;
-import bio.terra.pearl.api.admin.service.auth.context.PortalStudyEnvAuthContext;
 import bio.terra.pearl.core.model.portal.Portal;
 import bio.terra.pearl.core.model.portal.PortalEnvironment;
-import bio.terra.pearl.core.model.study.PortalStudy;
-import bio.terra.pearl.core.model.study.StudyEnvironment;
 import bio.terra.pearl.core.service.portal.PortalEnvironmentService;
 import bio.terra.pearl.core.service.portal.exception.PortalEnvironmentMissing;
-import bio.terra.pearl.core.service.study.StudyEnvironmentService;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.reflect.MethodSignature;
 
-public class EnforcePortalEnvPermissionAspect extends BaseEnforcePermissionAspect<
-        PortalEnvAuthContext, EnforcePortalEnvPermission> {
-    private final AuthUtilService authUtilService;
-    private final PortalEnvironmentService portalEnvironmentService;
-
-    public EnforcePortalEnvPermissionAspect(
-            AuthUtilService authUtilService, PortalEnvironmentService portalEnvironmentService) {
-        this.authUtilService = authUtilService;
-        this.portalEnvironmentService = portalEnvironmentService;
-    }
-
-    @Around(value = "@annotation(EnforcePortalEnvPermission)")
-    public Object enforcePermission(ProceedingJoinPoint joinPoint) throws Throwable {
-        PortalEnvAuthContext authContext = extractAuthContext(joinPoint);
-        String permission = getPermissionName(joinPoint);
-        Portal portal =
-                authUtilService.authUserToPortalWithPermission(
-                        authContext.getOperator(), authContext.getPortalShortcode(), permission);
-        authContext.setPortal(portal);
-
-        PortalEnvironment portalEnv =
-                portalEnvironmentService.findOne(
-                        authContext.getPortalShortcode(), authContext.getEnvironmentName())
-                        .orElseThrow(PortalEnvironmentMissing::new);
-        authContext.setPortalEnvironment(portalEnv);
-        return joinPoint.proceed();
-    }
-
-    @Override
-    protected String getPermissionName(ProceedingJoinPoint joinPoint) {
-        return ((MethodSignature) joinPoint.getSignature())
-                .getMethod()
-                .getAnnotation(getAnnotationClass())
-                .permission();
-    }
-
-    @Override
-    protected Class<PortalEnvAuthContext> getAuthContextClass() {
-        return PortalEnvAuthContext.class;
-    }
-
-    @Override
-    protected Class<EnforcePortalEnvPermission> getAnnotationClass() {
-        return EnforcePortalEnvPermission.class;
-    }
+public class EnforcePortalEnvPermissionAspect
+    extends BaseEnforcePermissionAspect<PortalEnvAuthContext, EnforcePortalEnvPermission> {
+  private final AuthUtilService authUtilService;
+  private final PortalEnvironmentService portalEnvironmentService;
+
+  public EnforcePortalEnvPermissionAspect(
+      AuthUtilService authUtilService, PortalEnvironmentService portalEnvironmentService) {
+    this.authUtilService = authUtilService;
+    this.portalEnvironmentService = portalEnvironmentService;
+  }
+
+  @Around(value = "@annotation(EnforcePortalEnvPermission)")
+  public Object enforcePermission(ProceedingJoinPoint joinPoint) throws Throwable {
+    PortalEnvAuthContext authContext = extractAuthContext(joinPoint);
+    String permission = getPermissionName(joinPoint);
+    Portal portal =
+        authUtilService.authUserToPortalWithPermission(
+            authContext.getOperator(), authContext.getPortalShortcode(), permission);
+    authContext.setPortal(portal);
+
+    PortalEnvironment portalEnv =
+        portalEnvironmentService
+            .findOne(authContext.getPortalShortcode(), authContext.getEnvironmentName())
+            .orElseThrow(PortalEnvironmentMissing::new);
+    authContext.setPortalEnvironment(portalEnv);
+    return joinPoint.proceed();
+  }
+
+  @Override
+  protected String getPermissionName(ProceedingJoinPoint joinPoint) {
+    return ((MethodSignature) joinPoint.getSignature())
+        .getMethod()
+        .getAnnotation(getAnnotationClass())
+        .permission();
+  }
+
+  @Override
+  protected Class<PortalEnvAuthContext> getAuthContextClass() {
+    return PortalEnvAuthContext.class;
+  }
+
+  @Override
+  protected Class<EnforcePortalEnvPermission> getAnnotationClass() {
+    return EnforcePortalEnvPermission.class;
+  }
 }