package org.gcube.portal.plugins; import static org.gcube.common.authorization.client.Constants.authorizationService; import java.util.ArrayList; import java.util.List; import org.gcube.common.authorization.library.provider.SecurityTokenProvider; import org.gcube.common.homelibrary.home.HomeLibrary; import org.gcube.common.homelibrary.home.workspace.usermanager.UserManager; import org.gcube.common.portal.PortalContext; import org.gcube.common.scope.api.ScopeProvider; import org.gcube.common.storagehub.client.plugins.AbstractPlugin; import org.gcube.common.storagehub.client.proxies.GroupManagerClient; import org.gcube.vomanagement.usermanagement.GroupManager; import org.gcube.vomanagement.usermanagement.RoleManager; import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager; import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager; import org.gcube.vomanagement.usermanagement.model.GCubeRole; import org.gcube.vomanagement.usermanagement.model.GCubeUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.exception.SystemException; import com.liferay.portal.model.Role; import com.liferay.portal.model.UserGroupRole; import com.liferay.portal.service.RoleLocalServiceUtil; import com.liferay.portal.service.UserGroupRoleLocalService; import com.liferay.portal.service.UserGroupRoleLocalServiceWrapper; import com.liferay.portal.service.UserLocalServiceUtil; public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrapper { /** * logger */ private static final Logger _log = LoggerFactory.getLogger(GCubeHookSiteRoleLocalService.class); private GroupManager gm; public GCubeHookSiteRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) { super(userGroupRoleLocalService); gm = new LiferayGroupManager(); System.out.println("GCubeHookSiteRoleLocalService hook is UP & Listening ..."); } @Override public java.util.List addUserGroupRoles( long userId, long groupId, long[] roleIds) throws com.liferay.portal.kernel.exception.SystemException { List toReturn = super.addUserGroupRoles(userId, groupId, roleIds); try { String context = gm.getInfrastructureScope(groupId); String username = UserLocalServiceUtil.getUser(userId).getScreenName(); String userToken = authorizationService().resolveTokenByUserAndContext(username, context); List userRoles = getUserRoles(roleIds); authorizationService().setTokenRoles(userToken, userRoles); _log.debug("Check if addUserGroupRoles is done in a VRE"); if (gm.isVRE(groupId)) { _log.debug("addUserGroupRoles performed in a VRE, groupId=" + groupId); boolean vreManagerRolePresent = false; for (int i = 0; i < roleIds.length; i++) { Role role = RoleLocalServiceUtil.getRole(roleIds[i]); if (role.getName().compareTo(GCubeRole.VRE_MANAGER_LABEL) == 0) { _log.info("User is being promoted (or was) as VREFolder Administrator, userId=" + userId + " on Site groupId="+groupId); vreManagerRolePresent = true; break; } } setVREFolderAdministrator(userId, groupId, vreManagerRolePresent); } else { _log.debug("addUserGroupRoles NOT done in a VRE, groupId=" + groupId); } } catch (Exception e) { e.printStackTrace(); } return toReturn; } private List getUserRoles(long[] roleIds) throws PortalException, SystemException { List toReturn = new ArrayList<>(); for (int i = 0; i < roleIds.length; i++) { Role role = RoleLocalServiceUtil.getRole(roleIds[i]); toReturn.add(role.getName()); } return toReturn; } private void setVREFolderAdministrator(long userId, long groupId, boolean enable) throws Exception { String scopeVREFolder = gm.getInfrastructureScope(groupId); String currScope = ScopeProvider.instance.get(); String scopeToset = "/"+PortalContext.getConfiguration().getInfrastructureName(); ScopeProvider.instance.set(scopeToset); String username = UserLocalServiceUtil.getUser(userId).getScreenName(); _log.debug("User " + username + " is going to be VRE Folder Admin?" + enable); UserManager hlUm = HomeLibrary.getHomeManagerFactory().getUserManager(); if (enable) hlUm.setAdministrator(scopeVREFolder, username); else hlUm.removeAdministrator(scopeVREFolder, username); ScopeProvider.instance.set(currScope); } }