Fix Bug #22483

CHANGELOG.md

@@ -4,6 +4,10 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v6.8.3-SNAPSHOT] - 2021-11-30
+
+- Bug Fix #22483: setUser2VREFolder may not restore ThreadLocal user variable
+
 ## [v6.8.2] - 2021-05-25
 
 - Feature #21505: Updated to support new UMATokensProvider class

pom.xml

@@ -12,7 +12,7 @@
 	<groupId>org.gcube.portal.plugins</groupId>
 	<artifactId>VREFolder-hook</artifactId>
 	<name>VREFolder-hook Hook</name>
-	<version>6.8.2</version>
+	<version>6.8.3-SNAPSHOT</version>
 	<packaging>war</packaging>
 	<description>
 		VREFolder-hook handles the user adding/removal from the related Home Library VRE Folder

src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java

@@ -66,22 +66,27 @@ public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrap
 		String previousToken = SecurityTokenProvider.instance.get();
 		String previousUMAToken = AccessTokenProvider.instance.get();
 		//this put the necessary auth tokens (legacy e UMA) in ThreadLocal
-		AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal();
+		try {
-		String context = gm.getInfrastructureScope(groupId);
+			AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal();
-		String vreFolderTitle = Util.getVREGroupFromContext(context);
-		_log.debug("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle);
-		StorageHubClient shc = new StorageHubClient();
-		VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle);
 
-		String theUserToPromoteOrDeclass = new LiferayUserManager().getUserById(userId).getUsername();
+			String context = gm.getInfrastructureScope(groupId);
-		_log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable);
+			String vreFolderTitle = Util.getVREGroupFromContext(context);
-		if (enable) 
+			_log.debug("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle);
-			vreFolderManager.setAdmin(theUserToPromoteOrDeclass);
+			StorageHubClient shc = new StorageHubClient();
-		else 	
+			VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle);
-			vreFolderManager.removeAdmin(theUserToPromoteOrDeclass);
-		_log.info("*VREFolder-Hook** add/remove role operation complete");
 
-		AccessTokenProvider.instance.set(previousUMAToken);
+			String theUserToPromoteOrDeclass = new LiferayUserManager().getUserById(userId).getUsername();
-		SecurityTokenProvider.instance.set(previousToken);
+			_log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable);
+			if (enable) 
+				vreFolderManager.setAdmin(theUserToPromoteOrDeclass);
+			else 	
+				vreFolderManager.removeAdmin(theUserToPromoteOrDeclass);
+			_log.info("*VREFolder-Hook** add/remove role operation complete");
+		}
+		finally {
+			AccessTokenProvider.instance.set(previousUMAToken);
+			SecurityTokenProvider.instance.set(previousToken);
+			_log.warn("An error occurred (or the user was already Admin) when trying to update shub role of userId "+ userId + " to the groupId: " + groupId);
+		}
 	}
 }

src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java

@@ -151,18 +151,22 @@ public class GCubeHookUserLocalService extends UserLocalServiceWrapper {
 	private boolean setUser2VREFolder(GroupManager gm, UserManager uMan, String username2Add, String context, boolean add) throws Exception {
 		String previousToken = SecurityTokenProvider.instance.get();
 		String previousUMAToken = AccessTokenProvider.instance.get();
-		AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal();
+		try {
-		_log.info("\n*VREFolder-Hook** new authorizationService PortalClient UMA-Token In ThreadLocal done  ****\n\n");
+			AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal();
-		String vreFolderNameForsHub = getVREFolderNameFromContext(context);		
+			_log.info("\n*VREFolder-Hook** new authorizationService PortalClient UMA-Token In ThreadLocal done  ****\n\n");
-		GroupManagerClient client = AbstractPlugin.groups().build();
+			String vreFolderNameForsHub = getVREFolderNameFromContext(context);		
-		if (add)
-			client.addUserToGroup(username2Add,vreFolderNameForsHub);
-		else 
-			client.removeUserFromGroup(username2Add, vreFolderNameForsHub);
 
+			GroupManagerClient client = AbstractPlugin.groups().build();
+			if (add)
+				client.addUserToGroup(username2Add,vreFolderNameForsHub);
+			else 
+				client.removeUserFromGroup(username2Add, vreFolderNameForsHub);
+		} finally {
+			AccessTokenProvider.instance.set(previousUMAToken);
+			SecurityTokenProvider.instance.set(previousToken);
+			_log.warn("An error occurred (or the user was already member) when trying to remove or add the user "+ username2Add + " to the VRE context: " + context);
+		}
 		_log.info("*VREFolder-Hook** " + username2Add + " was added or removed succefully from this VRE Folder. Added? (if false was removed)" + add);
-		AccessTokenProvider.instance.set(previousUMAToken);
-		SecurityTokenProvider.instance.set(previousToken);
 		return true;
 	}