From d6780fea7931f187ebd2478ffd7e8466ee3d9867 Mon Sep 17 00:00:00 2001 From: Massimiliano Assante Date: Tue, 30 Nov 2021 15:44:30 +0100 Subject: [PATCH] Fix Bug #22483 --- CHANGELOG.md | 4 ++ pom.xml | 2 +- .../GCubeHookSiteRoleLocalService.java | 39 +++++++++++-------- .../plugins/GCubeHookUserLocalService.java | 26 +++++++------ 4 files changed, 42 insertions(+), 29 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7524e1e..4015e06 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v6.8.3-SNAPSHOT] - 2021-11-30 + +- Bug Fix #22483: setUser2VREFolder may not restore ThreadLocal user variable + ## [v6.8.2] - 2021-05-25 - Feature #21505: Updated to support new UMATokensProvider class diff --git a/pom.xml b/pom.xml index b7cfc25..b3c48e9 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,7 @@ org.gcube.portal.plugins VREFolder-hook VREFolder-hook Hook - 6.8.2 + 6.8.3-SNAPSHOT war VREFolder-hook handles the user adding/removal from the related Home Library VRE Folder diff --git a/src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java b/src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java index e4d9bb5..3a725d0 100644 --- a/src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java +++ b/src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java @@ -66,22 +66,27 @@ public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrap String previousToken = SecurityTokenProvider.instance.get(); String previousUMAToken = AccessTokenProvider.instance.get(); //this put the necessary auth tokens (legacy e UMA) in ThreadLocal - AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal(); - String context = gm.getInfrastructureScope(groupId); - String vreFolderTitle = Util.getVREGroupFromContext(context); - _log.debug("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle); - StorageHubClient shc = new StorageHubClient(); - VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle); - - String theUserToPromoteOrDeclass = new LiferayUserManager().getUserById(userId).getUsername(); - _log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable); - if (enable) - vreFolderManager.setAdmin(theUserToPromoteOrDeclass); - else - vreFolderManager.removeAdmin(theUserToPromoteOrDeclass); - _log.info("*VREFolder-Hook** add/remove role operation complete"); - - AccessTokenProvider.instance.set(previousUMAToken); - SecurityTokenProvider.instance.set(previousToken); + try { + AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal(); + + String context = gm.getInfrastructureScope(groupId); + String vreFolderTitle = Util.getVREGroupFromContext(context); + _log.debug("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle); + StorageHubClient shc = new StorageHubClient(); + VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle); + + String theUserToPromoteOrDeclass = new LiferayUserManager().getUserById(userId).getUsername(); + _log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable); + if (enable) + vreFolderManager.setAdmin(theUserToPromoteOrDeclass); + else + vreFolderManager.removeAdmin(theUserToPromoteOrDeclass); + _log.info("*VREFolder-Hook** add/remove role operation complete"); + } + finally { + AccessTokenProvider.instance.set(previousUMAToken); + SecurityTokenProvider.instance.set(previousToken); + _log.warn("An error occurred (or the user was already Admin) when trying to update shub role of userId "+ userId + " to the groupId: " + groupId); + } } } diff --git a/src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java b/src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java index 1f59c10..879e43a 100644 --- a/src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java +++ b/src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java @@ -151,18 +151,22 @@ public class GCubeHookUserLocalService extends UserLocalServiceWrapper { private boolean setUser2VREFolder(GroupManager gm, UserManager uMan, String username2Add, String context, boolean add) throws Exception { String previousToken = SecurityTokenProvider.instance.get(); String previousUMAToken = AccessTokenProvider.instance.get(); - AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal(); - _log.info("\n*VREFolder-Hook** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n"); - String vreFolderNameForsHub = getVREFolderNameFromContext(context); - GroupManagerClient client = AbstractPlugin.groups().build(); - if (add) - client.addUserToGroup(username2Add,vreFolderNameForsHub); - else - client.removeUserFromGroup(username2Add, vreFolderNameForsHub); - + try { + AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal(); + _log.info("\n*VREFolder-Hook** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n"); + String vreFolderNameForsHub = getVREFolderNameFromContext(context); + + GroupManagerClient client = AbstractPlugin.groups().build(); + if (add) + client.addUserToGroup(username2Add,vreFolderNameForsHub); + else + client.removeUserFromGroup(username2Add, vreFolderNameForsHub); + } finally { + AccessTokenProvider.instance.set(previousUMAToken); + SecurityTokenProvider.instance.set(previousToken); + _log.warn("An error occurred (or the user was already member) when trying to remove or add the user "+ username2Add + " to the VRE context: " + context); + } _log.info("*VREFolder-Hook** " + username2Add + " was added or removed succefully from this VRE Folder. Added? (if false was removed)" + add); - AccessTokenProvider.instance.set(previousUMAToken); - SecurityTokenProvider.instance.set(previousToken); return true; }