gCubeSystem
/
VREFolder-hook
15
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

merge into: gCubeSystem:master
Branches Tags
gCubeSystem:master
gCubeSystem:Feature/restoredHLCalls
gCubeSystem:r5.6.1
gCubeSystem:v6.8.3
gCubeSystem:r5.4.0
gCubeSystem:v6.8.2
gCubeSystem:r5.2.0
gCubeSystem:v6.8.1
gCubeSystem:r5.0.0
gCubeSystem:v6.8.0
...
pull from: gCubeSystem:Feature/restoredHLCalls
Branches Tags
gCubeSystem:master
gCubeSystem:Feature/restoredHLCalls
gCubeSystem:r5.6.1
gCubeSystem:v6.8.3
gCubeSystem:r5.4.0
gCubeSystem:v6.8.2
gCubeSystem:r5.2.0
gCubeSystem:v6.8.1
gCubeSystem:r5.0.0
gCubeSystem:v6.8.0

1 Commits
master ... Feature/re

Author SHA1 Message Date
Massimiliano Assante ebc510b32e i restored the calls to the JCR repo via HL as it is in production 2020-11-18 11:18:09 +01:00
3 changed files with 64 additions and 136 deletions
Show Stats Expand all files Collapse all files

17
pom.xml
View File

@ -12,7 +12,7 @@
<groupId>org.gcube.portal.plugins</groupId>
<artifactId>VREFolder-hook</artifactId>
<name>VREFolder-hook Hook</name>
<version>6.7.0</version>
<version>6.7.1-SNAPSHOT</version>
<packaging>war</packaging>
<description>
VREFolder-hook handles the user adding/removal from the related Home Library VRE Folder
@ -22,7 +22,7 @@
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
<url>https://code-repo.d4science.org/gCubeSystem/${project.artifactId}</url>
</scm>
<properties>
<properties>
<liferay.version>6.2.5</liferay.version>
<liferay.maven.plugin.version>6.2.10.12</liferay.maven.plugin.version>
<liferay.auto.deploy.dir>/Users/massi/portal/liferay-portal-6.2-ce-ga6/deploy</liferay.auto.deploy.dir>
@ -44,7 +44,18 @@
<dependencies>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>storagehub-client-library</artifactId>
<artifactId>home-library</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>home-library-model</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>home-library-jcr</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.core</groupId>

127
src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalService.java
View File

@ -1,57 +1,46 @@
package org.gcube.portal.plugins;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.homelibrary.home.HomeLibrary;
import org.gcube.common.homelibrary.home.workspace.usermanager.UserManager;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
import org.gcube.common.storagehub.client.dsl.Util;
import org.gcube.common.storagehub.client.dsl.VREFolderManager;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
import org.gcube.vomanagement.usermanagement.model.GatewayRolesNames;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.liferay.portal.model.Role;
import com.liferay.portal.model.User;
import com.liferay.portal.model.UserGroupRole;
import com.liferay.portal.service.RoleLocalServiceUtil;
import com.liferay.portal.service.UserGroupRoleLocalService;
import com.liferay.portal.service.UserGroupRoleLocalServiceWrapper;
import com.liferay.portal.service.UserLocalServiceUtil;
public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrapper {
/**
* logger
*/
private static final Logger _log = LoggerFactory.getLogger(GCubeHookSiteRoleLocalService.class);
private GroupManager gm;
private LiferayUserManager uMan;
/**
* logger
*/
private static final Logger _log = LoggerFactory.getLogger(GCubeHookSiteRoleLocalService.class);
private GroupManager gm;
public GCubeHookSiteRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) {
super(userGroupRoleLocalService);
gm = new LiferayGroupManager();
uMan = new LiferayUserManager();
System.out.println("GCubeHookSiteRoleLocalService hook is UP & Listening ...");
}
public GCubeHookSiteRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) {
super(userGroupRoleLocalService);
gm = new LiferayGroupManager();
System.out.println("GCubeHookSiteRoleLocalService hook (via HL) is UP & Listening ...");
}
//TODO: as soon as Feature https://support.d4science.org/issues/17726 is delivered take care of this also
@Override
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(long[] userIds, long groupId,
long roleId) throws com.liferay.portal.kernel.exception.SystemException {
List<UserGroupRole> toReturn = super.addUserGroupRoles(userIds, groupId, roleId);
return toReturn;
}
//TODO: as soon as Feature https://support.d4science.org/issues/17726 is delivered take care of this also
@Override
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(long[] userIds, long groupId,
long roleId) throws com.liferay.portal.kernel.exception.SystemException {
List<UserGroupRole> toReturn = super.addUserGroupRoles(userIds, groupId, roleId);
return toReturn;
}
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(
long userId, long groupId, long[] roleIds)
@ -81,61 +70,31 @@ public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrap
return toReturn;
}
private void setVREFolderAdministrator(long userId, long groupId, boolean enable) throws Exception {
String currScope = ScopeProvider.instance.get();
String scopeToset = "/"+PortalContext.getConfiguration().getInfrastructureName();
ScopeProvider.instance.set(scopeToset);
String scopeVREFolder = gm.getInfrastructureScope(groupId);
private boolean setVREFolderAdministrator(long userId, long groupId, boolean enable) throws Exception {
String context = gm.getInfrastructureScope(groupId);
ScopeProvider.instance.set(context);
String vreFolderTitle = Util.getVREGroupFromContext(context);
_log.info("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle);
_log.debug("Before StorageHubClient shc = new StorageHubClient();");
StorageHubClient shc = new StorageHubClient();
_log.debug("Before shc.getVreFolderManager(vreFolderTitle);");
VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle);
String username = UserLocalServiceUtil.getUser(userId).getScreenName();
_log.debug("User " + username + " is going to be VRE Folder Admin?" + enable + " folder context:"+scopeVREFolder);
String previousUmaToken = UmaJWTProvider.instance.get();
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(scopeToset);
_log.info("The {} is being promoted (via HL)? {} ", username, enable);
UserManager hlUm = HomeLibrary.getHomeManagerFactory().getUserManager();
if (enable)
hlUm.setAdministrator(scopeVREFolder, username);
else
hlUm.removeAdministrator(scopeVREFolder, username);
String previousToken = SecurityTokenProvider.instance.get();
if (previousUmaToken != null) {
UmaJWTProvider.instance.set(previousUmaToken);
}
ScopeProvider.instance.set(currScope);
}
//get the super user
_log.debug("//get the super user");
String infraContext = "/" + PortalContext.getConfiguration().getInfrastructureName();
long rootgroupId = gm.getGroupIdFromInfrastructureScope(infraContext);
User theAdmin = LiferayUserManager.getRandomUserWithRole(rootgroupId, GatewayRolesNames.INFRASTRUCTURE_MANAGER);
if (theAdmin == null) {
_log.warn("Cannot add the user as VRE Folder admin: there is no user having role "
+ GatewayRolesNames.INFRASTRUCTURE_MANAGER);
return false;
} else {
RoleManager rm = new LiferayRoleManager();
String adminUsername = theAdmin.getScreenName();
_log.info("Got the super user: " + adminUsername);
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, adminUsername);
List<String> rolesString = new ArrayList<String>();
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), rootgroupId);
for (GCubeRole gCubeRole : theAdminRoles) {
rolesString.add(gCubeRole.getRoleName());
}
rolesString.add(GatewayRolesNames.INFRASTRUCTURE_MANAGER.getRoleName());
_log.info("authorizationService().setTokenRoles(theAdminToken, rolesString);" + theAdminToken);
authorizationService().setTokenRoles(theAdminToken, rolesString);
SecurityTokenProvider.instance.set(theAdminToken);
String previousUmaToken = UmaJWTProvider.instance.get();
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(infraContext);
String theUserToPromoteOrDeclass = uMan.getUserById(userId).getUsername();
_log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable);
if (enable)
vreFolderManager.setAdmin(theUserToPromoteOrDeclass);
else
vreFolderManager.removeAdmin(theUserToPromoteOrDeclass);
SecurityTokenProvider.instance.set(previousToken);
if (previousUmaToken != null) {
UmaJWTProvider.instance.set(previousUmaToken);
}
return true;
}
}
}

56
src/main/java/org/gcube/portal/plugins/GCubeHookUserLocalService.java
View File

@ -1,27 +1,16 @@
package org.gcube.portal.plugins;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.homelibrary.home.HomeLibrary;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.storagehub.client.plugins.AbstractPlugin;
import org.gcube.common.storagehub.client.proxies.GroupManagerClient;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.portal.plugins.thread.CheckShareLatexUserThread;
import org.gcube.portal.plugins.thread.RemoveUserTokenFromVREThread;
import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
import org.gcube.vomanagement.usermanagement.model.GatewayRolesNames;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.log.Log;
@ -148,54 +137,23 @@ public class GCubeHookUserLocalService extends UserLocalServiceWrapper {
ScopeProvider.instance.set(currScope);
}
private boolean setUser2VREFolder(GroupManager gm, UserManager uMan, String username2Add, String context, boolean add) throws Exception {
String previousToken = SecurityTokenProvider.instance.get();
//get the super user
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
long rootgroupId = gm.getGroupIdFromInfrastructureScope(infraContext);
User theAdmin = LiferayUserManager.getRandomUserWithRole(rootgroupId, GatewayRolesNames.INFRASTRUCTURE_MANAGER);
if (theAdmin == null) {
_log.warn("Cannot add the user as VRE Folder admin: there is no user having role " + GatewayRolesNames.INFRASTRUCTURE_MANAGER);
return false;
}
else {
RoleManager rm = new LiferayRoleManager();
String adminUsername = theAdmin.getScreenName();
_log.info("Got the super user: " +adminUsername);
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, adminUsername);
List<String> rolesString = new ArrayList<String>();
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), rootgroupId);
for (GCubeRole gCubeRole : theAdminRoles) {
rolesString.add(gCubeRole.getRoleName());
}
rolesString.add(GatewayRolesNames.INFRASTRUCTURE_MANAGER.getRoleName());
_log.info("authorizationService().setTokenRoles(theAdminToken, rolesString);" +theAdminToken);
authorizationService().setTokenRoles(theAdminToken, rolesString);
SecurityTokenProvider.instance.set(theAdminToken);
private boolean setUser2VREFolder(GroupManager gm, UserManager uMan, String username2Add, String context, boolean add) throws Exception {
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
String previousUmaToken = UmaJWTProvider.instance.get();
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(infraContext);
GroupManagerClient client = AbstractPlugin.groups().build();
org.gcube.common.homelibrary.home.workspace.usermanager.UserManager hlUm = HomeLibrary.getHomeManagerFactory().getUserManager();
if (add)
client.addUserToGroup(username2Add, getVREFolderNameFromContext(context));
hlUm.associateUserToGroup(context, username2Add);
else
client.removeUserFromGroup(username2Add, getVREFolderNameFromContext(context));
SecurityTokenProvider.instance.set(previousToken);
hlUm.removeUserFromGroup(context, username2Add);
if (previousUmaToken != null) {
UmaJWTProvider.instance.set(previousUmaToken);
}
return true;
}
}
private static String getVREFolderNameFromContext(String context) {
if (context.startsWith("/")) {
return context.substring(1).replace("/", "-");
}
return null;
}
/**
*