gCubeSystem
/
VREFolder-hook
15
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
VREFolder-hook/src/main/java/org/gcube/portal/plugins/GCubeHookSiteRoleLocalServi...

142 lines
6.5 KiB
Java
Raw Blame History

package org.gcube.portal.plugins;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
import org.gcube.common.storagehub.client.dsl.Util;
import org.gcube.common.storagehub.client.dsl.VREFolderManager;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
import org.gcube.vomanagement.usermanagement.model.GatewayRolesNames;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.liferay.portal.model.Role;
import com.liferay.portal.model.User;
import com.liferay.portal.model.UserGroupRole;
import com.liferay.portal.service.RoleLocalServiceUtil;
import com.liferay.portal.service.UserGroupRoleLocalService;
import com.liferay.portal.service.UserGroupRoleLocalServiceWrapper;
public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrapper {
/**
* logger
*/
private static final Logger _log = LoggerFactory.getLogger(GCubeHookSiteRoleLocalService.class);
private GroupManager gm;
private LiferayUserManager uMan;
public GCubeHookSiteRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) {
super(userGroupRoleLocalService);
gm = new LiferayGroupManager();
uMan = new LiferayUserManager();
System.out.println("GCubeHookSiteRoleLocalService hook is UP & Listening ...");
}
//TODO: as soon as Feature https://support.d4science.org/issues/17726 is delivered take care of this also
@Override
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(long[] userIds, long groupId,
long roleId) throws com.liferay.portal.kernel.exception.SystemException {
List<UserGroupRole> toReturn = super.addUserGroupRoles(userIds, groupId, roleId);
return toReturn;
}
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(
long userId, long groupId, long[] roleIds)
throws com.liferay.portal.kernel.exception.SystemException {
List<UserGroupRole> toReturn = super.addUserGroupRoles(userId, groupId, roleIds);
try {
_log.debug("Check if addUserGroupRoles is done in a VRE");
if (gm.isVRE(groupId)) {
_log.debug("addUserGroupRoles performed in a VRE, groupId=" + groupId);
boolean vreManagerRolePresent = false;
for (int i = 0; i < roleIds.length; i++) {
Role role = RoleLocalServiceUtil.getRole(roleIds[i]);
if (role.getName().compareTo(GCubeRole.VRE_MANAGER_LABEL) == 0) {
_log.info("User is being promoted (or was) as VREFolder Administrator, userId=" + userId + " on Site groupId="+groupId);
vreManagerRolePresent = true;
break;
}
}
setVREFolderAdministrator(userId, groupId, vreManagerRolePresent);
} else {
_log.debug("addUserGroupRoles NOT done in a VRE, groupId=" + groupId);
}
}
catch (Exception e) {
e.printStackTrace();
}
return toReturn;
}
private boolean setVREFolderAdministrator(long userId, long groupId, boolean enable) throws Exception {
String context = gm.getInfrastructureScope(groupId);
ScopeProvider.instance.set(context);
String vreFolderTitle = Util.getVREGroupFromContext(context);
_log.info("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle);
_log.debug("Before StorageHubClient shc = new StorageHubClient();");
StorageHubClient shc = new StorageHubClient();
_log.debug("Before shc.getVreFolderManager(vreFolderTitle);");
VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle);
String previousToken = SecurityTokenProvider.instance.get();
//get the super user
_log.debug("//get the super user");
String infraContext = "/" + PortalContext.getConfiguration().getInfrastructureName();
long rootgroupId = gm.getGroupIdFromInfrastructureScope(infraContext);
User theAdmin = LiferayUserManager.getRandomUserWithRole(rootgroupId, GatewayRolesNames.INFRASTRUCTURE_MANAGER);
if (theAdmin == null) {
_log.warn("Cannot add the user as VRE Folder admin: there is no user having role "
+ GatewayRolesNames.INFRASTRUCTURE_MANAGER);
return false;
} else {
RoleManager rm = new LiferayRoleManager();
String adminUsername = theAdmin.getScreenName();
_log.info("Got the super user: " + adminUsername);
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, adminUsername);
List<String> rolesString = new ArrayList<String>();
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), rootgroupId);
for (GCubeRole gCubeRole : theAdminRoles) {
rolesString.add(gCubeRole.getRoleName());
}
rolesString.add(GatewayRolesNames.INFRASTRUCTURE_MANAGER.getRoleName());
_log.info("authorizationService().setTokenRoles(theAdminToken, rolesString);" + theAdminToken);
authorizationService().setTokenRoles(theAdminToken, rolesString);
SecurityTokenProvider.instance.set(theAdminToken);
String previousUmaToken = UmaJWTProvider.instance.get();
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(infraContext);
String theUserToPromoteOrDeclass = uMan.getUserById(userId).getUsername();
_log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable);
if (enable)
vreFolderManager.setAdmin(theUserToPromoteOrDeclass);
else
vreFolderManager.removeAdmin(theUserToPromoteOrDeclass);
SecurityTokenProvider.instance.set(previousToken);
if (previousUmaToken != null) {
UmaJWTProvider.instance.set(previousUmaToken);
}
return true;
}
}
}
Reference in New Issue View Git Blame Copy Permalink