2016-03-16 14:43:46 +01:00
package org.gcube.portal.plugins ;
2019-10-11 16:47:23 +02:00
import static org.gcube.common.authorization.client.Constants.authorizationService ;
import java.util.ArrayList ;
import java.util.List ;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider ;
2016-03-16 14:43:46 +01:00
import org.gcube.common.portal.PortalContext ;
import org.gcube.common.scope.api.ScopeProvider ;
2019-10-11 16:47:23 +02:00
import org.gcube.common.storagehub.client.plugins.AbstractPlugin ;
import org.gcube.common.storagehub.client.proxies.GroupManagerClient ;
2017-06-05 17:55:45 +02:00
import org.gcube.portal.plugins.thread.CheckShareLatexUserThread ;
2018-03-05 11:53:19 +01:00
import org.gcube.portal.plugins.thread.RemoveUserTokenFromVREThread ;
2018-03-02 17:01:07 +01:00
import org.gcube.portal.plugins.thread.UpdateUserToLDAPGroupThread ;
2020-01-15 19:14:09 +01:00
import org.gcube.portal.plugins.util.HookConstants ;
2016-03-16 14:43:46 +01:00
import org.gcube.vomanagement.usermanagement.GroupManager ;
2019-10-11 16:47:23 +02:00
import org.gcube.vomanagement.usermanagement.RoleManager ;
import org.gcube.vomanagement.usermanagement.UserManager ;
2016-03-16 14:43:46 +01:00
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager ;
2019-10-11 16:47:23 +02:00
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager ;
2016-03-16 14:43:46 +01:00
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager ;
2019-10-11 16:47:23 +02:00
import org.gcube.vomanagement.usermanagement.model.GCubeRole ;
import org.gcube.vomanagement.usermanagement.model.GCubeUser ;
2016-03-16 14:43:46 +01:00
import com.liferay.portal.kernel.exception.SystemException ;
2018-03-02 17:01:07 +01:00
import com.liferay.portal.kernel.log.Log ;
import com.liferay.portal.kernel.log.LogFactoryUtil ;
2016-03-16 14:43:46 +01:00
import com.liferay.portal.model.User ;
import com.liferay.portal.service.UserLocalService ;
import com.liferay.portal.service.UserLocalServiceWrapper ;
/ * *
*
* @author Massimiliano Assante , CNR - ISTI
*
* /
public class GCubeHookUserLocalService extends UserLocalServiceWrapper {
2020-01-15 19:14:09 +01:00
2016-03-16 14:43:46 +01:00
/ * *
* logger
* /
2018-03-02 17:01:07 +01:00
private static Log _log = LogFactoryUtil . getLog ( GCubeHookUserLocalService . class ) ;
2016-03-16 14:43:46 +01:00
/ * ( non - Java - doc )
* @see com . liferay . portal . service . UserLocalServiceWrapper # UserLocalServiceWrapper ( UserLocalService userLocalService )
* /
public GCubeHookUserLocalService ( UserLocalService userLocalService ) {
super ( userLocalService ) ;
System . out . println ( " GCubeHookUserLocalService hook is UP & Listening ... " ) ;
}
/** USERS ADD TO GROUP **/
@Override
public void addGroupUser ( long groupId , long userId ) throws com . liferay . portal . kernel . exception . SystemException {
super . addGroupUser ( groupId , userId ) ;
2018-03-05 11:53:19 +01:00
addUserToVRERelatedServices ( groupId , userId ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void addGroupUser ( long groupId , com . liferay . portal . model . User user ) throws com . liferay . portal . kernel . exception . SystemException {
super . addGroupUser ( groupId , user . getUserId ( ) ) ;
2018-03-05 11:53:19 +01:00
addUserToVRERelatedServices ( groupId , user . getUserId ( ) ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void addGroupUsers ( long groupId , long [ ] userIds ) throws com . liferay . portal . kernel . exception . PortalException , com . liferay . portal . kernel . exception . SystemException {
super . addGroupUsers ( groupId , userIds ) ;
2018-03-05 11:53:19 +01:00
addUsersToVRERelatedServices ( groupId , userIds ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void addGroupUsers ( long groupId , java . util . List < com . liferay . portal . model . User > Users ) throws com . liferay . portal . kernel . exception . PortalException , com . liferay . portal . kernel . exception . SystemException {
super . addGroupUsers ( groupId , Users ) ;
for ( User user : Users ) {
2018-03-05 11:53:19 +01:00
addUserToVRERelatedServices ( groupId , user . getUserId ( ) ) ;
2016-03-16 14:43:46 +01:00
}
}
2017-06-05 17:55:45 +02:00
2016-03-16 14:43:46 +01:00
/** USERS REMOVAL FROM GROUP **/
/ * *
* this is the method used from Liferay Sites Membership Admin
* /
@Override
public void unsetGroupUsers ( long groupId , long [ ] userIds , com . liferay . portal . service . ServiceContext serviceContext ) throws com . liferay . portal . kernel . exception . PortalException , SystemException {
super . unsetGroupUsers ( groupId , userIds , serviceContext ) ;
2018-03-05 11:53:19 +01:00
removeUsersFromVRERelatedServices ( groupId , userIds ) ;
2016-03-16 14:43:46 +01:00
}
2017-06-05 17:55:45 +02:00
2016-03-16 14:43:46 +01:00
@Override
public void deleteGroupUser ( long groupId , long userId ) throws com . liferay . portal . kernel . exception . SystemException {
super . deleteGroupUser ( groupId , userId ) ;
2018-03-05 11:53:19 +01:00
removeUserFromVREReleatedServices ( groupId , userId ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void deleteGroupUser ( long groupId , com . liferay . portal . model . User user ) throws com . liferay . portal . kernel . exception . SystemException {
super . deleteGroupUser ( groupId , user ) ;
2018-03-05 11:53:19 +01:00
removeUserFromVREReleatedServices ( groupId , user . getUserId ( ) ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void deleteGroupUsers ( long groupId , long [ ] userIds ) throws com . liferay . portal . kernel . exception . SystemException {
super . deleteGroupUsers ( groupId , userIds ) ;
2018-03-05 11:53:19 +01:00
removeUsersFromVRERelatedServices ( groupId , userIds ) ;
2016-03-16 14:43:46 +01:00
}
@Override
public void deleteGroupUsers ( long groupId , java . util . List < com . liferay . portal . model . User > Users ) throws com . liferay . portal . kernel . exception . SystemException {
super . deleteGroupUsers ( groupId , Users ) ;
for ( User user : Users ) {
2018-03-05 11:53:19 +01:00
removeUserFromVREReleatedServices ( groupId , user . getUserId ( ) ) ;
2016-03-16 14:43:46 +01:00
}
}
//
/ * *
*
* @param groupId
* @param userId
* /
2018-03-05 11:53:19 +01:00
private void addUsersToVRERelatedServices ( long groupId , long [ ] userId ) {
2016-03-16 14:43:46 +01:00
for ( int i = 0 ; i < userId . length ; i + + ) {
2018-03-05 11:53:19 +01:00
addUserToVRERelatedServices ( groupId , userId [ i ] ) ;
2016-03-16 14:43:46 +01:00
}
}
/ * *
2018-03-05 11:53:19 +01:00
* this method add the user joiing a VRE to all the related services she was associated ( VREFolder , LDAP Group , SecurityToken is not necessary in thi case )
2016-03-16 14:43:46 +01:00
* @param groupId
* @param userId
* /
2018-03-05 11:53:19 +01:00
private void addUserToVRERelatedServices ( long groupId , long userId ) {
2016-03-16 14:43:46 +01:00
_log . debug ( " GCube VRE Folder hook addGroupUser intercepted, trying to add user to VRE Folder " ) ;
GroupManager gm = new LiferayGroupManager ( ) ;
String currScope = ScopeProvider . instance . get ( ) ;
String scopeToset = " / " + PortalContext . getConfiguration ( ) . getInfrastructureName ( ) ;
ScopeProvider . instance . set ( scopeToset ) ;
try {
if ( gm . isVRE ( groupId ) ) {
_log . debug ( " Group is a VRE, proceeding with association ... " ) ;
String scope = gm . getInfrastructureScope ( groupId ) ;
org . gcube . vomanagement . usermanagement . UserManager um = new LiferayUserManager ( ) ;
String username = um . getUserById ( userId ) . getUsername ( ) ;
2018-03-02 17:01:07 +01:00
//add the user to LDAP Group
Thread tLdap = new Thread ( new UpdateUserToLDAPGroupThread ( username , scope , groupId , false ) ) ;
tLdap . start ( ) ;
2017-06-05 17:55:45 +02:00
//add the user to shareLatex
Thread t = new Thread ( new CheckShareLatexUserThread ( username , scope ) ) ;
t . start ( ) ;
2019-10-11 16:47:23 +02:00
setUser2VREFolder ( gm , um , username , scope , true ) ;
2016-03-16 14:43:46 +01:00
} else {
_log . debug ( " Group is not a VRE, SKIP adding " ) ;
}
}
catch ( Exception e ) {
e . printStackTrace ( ) ;
}
ScopeProvider . instance . set ( currScope ) ;
}
2019-10-11 16:47:23 +02:00
private boolean setUser2VREFolder ( GroupManager gm , UserManager uMan , String username2Add , String context , boolean add ) throws Exception {
2020-01-15 19:14:09 +01:00
String previousToken = SecurityTokenProvider . instance . get ( ) ;
2019-10-11 16:47:23 +02:00
//get the super user
String infraContext = " / " + PortalContext . getConfiguration ( ) . getInfrastructureName ( ) ;
2020-01-30 19:16:38 +01:00
// long rootgroupId = gm.getGroupIdFromInfrastructureScope(infraContext);
// RoleManager rm = new LiferayRoleManager();
// long roleId = rm.getRoleId(HookConstants.AUTORISED_INFRA_ROLE, rootgroupId);
// List<GCubeUser> users = uMan.listUsersByGroupAndRole(rootgroupId, roleId);
// if (users.isEmpty()) {
// _log.error("Cannot add the user as VRE Folder admin: there is no user having role {} on context: {}", HookConstants.AUTORISED_INFRA_ROLE, infraContext);
// return false;
// }
// else {
//GCubeUser theAdmin = users.get(0);
String adminUsername = " lucio.lelii " ;
_log . info ( " Got the super user: " + adminUsername ) ;
String theAdminToken = PortalContext . getConfiguration ( ) . getCurrentUserToken ( infraContext , adminUsername ) ;
2019-10-11 16:47:23 +02:00
List < String > rolesString = new ArrayList < String > ( ) ;
2020-01-30 19:16:38 +01:00
// List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), rootgroupId);
// for (GCubeRole gCubeRole : theAdminRoles) {
// rolesString.add(gCubeRole.getRoleName());
// }
rolesString . add ( " Infrastructure-Manager " ) ;
_log . info ( " authorizationService().setTokenRoles(theAdminToken, rolesString); " + theAdminToken ) ;
2019-10-11 16:47:23 +02:00
authorizationService ( ) . setTokenRoles ( theAdminToken , rolesString ) ;
SecurityTokenProvider . instance . set ( theAdminToken ) ;
GroupManagerClient client = AbstractPlugin . groups ( ) . build ( ) ;
if ( add )
client . addUserToGroup ( username2Add , getVREFolderNameFromContext ( context ) ) ;
else
client . removeUserFromGroup ( username2Add , getVREFolderNameFromContext ( context ) ) ;
2020-01-15 19:14:09 +01:00
SecurityTokenProvider . instance . set ( previousToken ) ;
2019-10-11 16:47:23 +02:00
return true ;
2020-01-30 19:16:38 +01:00
//}
2019-10-11 16:47:23 +02:00
}
private static String getVREFolderNameFromContext ( String context ) {
if ( context . startsWith ( " / " ) ) {
return context . substring ( 1 ) . replace ( " / " , " - " ) ;
}
return null ;
}
2016-03-16 14:43:46 +01:00
/ * *
*
* @param groupId
* @param userId
* /
2018-03-05 11:53:19 +01:00
private void removeUsersFromVRERelatedServices ( long groupId , long [ ] userId ) {
2016-03-16 14:43:46 +01:00
for ( int i = 0 ; i < userId . length ; i + + ) {
2018-03-05 11:53:19 +01:00
removeUserFromVREReleatedServices ( groupId , userId [ i ] ) ;
2016-03-16 14:43:46 +01:00
}
}
/ * *
2018-03-05 11:53:19 +01:00
* this method remove the user leaving a VRE from all the related services she was associated ( VREFolder , LDAP Group and SecurityToken )
2016-03-16 14:43:46 +01:00
* @param groupId
* @param userId
* /
2018-03-05 11:53:19 +01:00
private void removeUserFromVREReleatedServices ( long groupId , long userId ) {
2016-03-16 14:43:46 +01:00
_log . debug ( " GCube VRE Folder hook removeUserFromHLVREFolder intercepted, trying to remove user from VRE Folder " ) ;
GroupManager gm = new LiferayGroupManager ( ) ;
String currScope = ScopeProvider . instance . get ( ) ;
String scopeToset = " / " + PortalContext . getConfiguration ( ) . getInfrastructureName ( ) ;
ScopeProvider . instance . set ( scopeToset ) ;
try {
if ( gm . isVRE ( groupId ) ) {
_log . debug ( " Group is a VRE, proceeding with removal ... " ) ;
String scope = gm . getInfrastructureScope ( groupId ) ;
org . gcube . vomanagement . usermanagement . UserManager um = new LiferayUserManager ( ) ;
String username = um . getUserById ( userId ) . getUsername ( ) ;
2018-03-02 17:01:07 +01:00
//remove the user to LDAP Group
Thread tLdap = new Thread ( new UpdateUserToLDAPGroupThread ( username , scope , groupId , true ) ) ;
tLdap . start ( ) ;
2019-10-11 16:47:23 +02:00
setUser2VREFolder ( gm , um , username , scope , false ) ;
2018-03-05 11:53:19 +01:00
Thread tToken = new Thread ( new RemoveUserTokenFromVREThread ( username , scope ) ) ;
tToken . start ( ) ;
2016-03-16 14:43:46 +01:00
} else {
_log . debug ( " Group is not a VRE, SKIP removal " ) ;
}
}
catch ( Exception e ) {
e . printStackTrace ( ) ;
}
ScopeProvider . instance . set ( currScope ) ;
}
2017-06-05 17:55:45 +02:00
2016-03-16 14:43:46 +01:00
}