93 lines
3.9 KiB
Java
93 lines
3.9 KiB
Java
package org.gcube.portal.plugins;
|
|
|
|
import java.util.List;
|
|
|
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
|
|
import org.gcube.common.storagehub.client.dsl.Util;
|
|
import org.gcube.common.storagehub.client.dsl.VREFolderManager;
|
|
import org.gcube.portal.plugins.util.AuthUtil;
|
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
|
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import com.liferay.portal.model.Role;
|
|
import com.liferay.portal.model.UserGroupRole;
|
|
import com.liferay.portal.service.RoleLocalServiceUtil;
|
|
import com.liferay.portal.service.UserGroupRoleLocalService;
|
|
import com.liferay.portal.service.UserGroupRoleLocalServiceWrapper;
|
|
|
|
public class GCubeHookSiteRoleLocalService extends UserGroupRoleLocalServiceWrapper {
|
|
/**
|
|
* logger
|
|
*/
|
|
private static final Logger _log = LoggerFactory.getLogger(GCubeHookSiteRoleLocalService.class);
|
|
private GroupManager gm;
|
|
public GCubeHookSiteRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) {
|
|
super(userGroupRoleLocalService);
|
|
gm = new LiferayGroupManager();
|
|
System.out.println("GCubeHookSiteRoleLocalService hook is UP & Listening ...");
|
|
}
|
|
|
|
@Override
|
|
public java.util.List<com.liferay.portal.model.UserGroupRole> addUserGroupRoles(
|
|
long userId, long groupId, long[] roleIds)
|
|
throws com.liferay.portal.kernel.exception.SystemException {
|
|
List<UserGroupRole> toReturn = super.addUserGroupRoles(userId, groupId, roleIds);
|
|
try {
|
|
_log.debug("Check if addUserGroupRoles is done in a VRE");
|
|
if (gm.isVRE(groupId)) {
|
|
_log.debug("addUserGroupRoles performed in a VRE, groupId=" + groupId);
|
|
boolean vreManagerRolePresent = false;
|
|
for (int i = 0; i < roleIds.length; i++) {
|
|
Role role = RoleLocalServiceUtil.getRole(roleIds[i]);
|
|
if (role.getName().compareTo(GCubeRole.VRE_MANAGER_LABEL) == 0) {
|
|
_log.info("User is being promoted (or was) as VREFolder Administrator, userId=" + userId + " on Site groupId="+groupId);
|
|
vreManagerRolePresent = true;
|
|
break;
|
|
}
|
|
}
|
|
setVREFolderAdministrator(userId, groupId, vreManagerRolePresent);
|
|
} else {
|
|
_log.debug("addUserGroupRoles NOT done in a VRE, groupId=" + groupId);
|
|
}
|
|
}
|
|
catch (Exception e) {
|
|
e.printStackTrace();
|
|
}
|
|
return toReturn;
|
|
}
|
|
|
|
private void setVREFolderAdministrator(long userId, long groupId, boolean enable) throws Exception {
|
|
String previousToken = SecurityTokenProvider.instance.get();
|
|
String previousUMAToken = AccessTokenProvider.instance.get();
|
|
//this put the necessary auth tokens (legacy e UMA) in ThreadLocal
|
|
try {
|
|
AuthUtil.setInfraManagerLegacyAndUMATokenInThreadLocal();
|
|
|
|
String context = gm.getInfrastructureScope(groupId);
|
|
String vreFolderTitle = Util.getVREGroupFromContext(context);
|
|
_log.debug("The vreFolderTitle on which the VREFolder role is being {} is {}", enable, vreFolderTitle);
|
|
StorageHubClient shc = new StorageHubClient();
|
|
VREFolderManager vreFolderManager = shc.getVreFolderManager(vreFolderTitle);
|
|
|
|
String theUserToPromoteOrDeclass = new LiferayUserManager().getUserById(userId).getUsername();
|
|
_log.info("The {} is being promoted? {} ", theUserToPromoteOrDeclass, enable);
|
|
if (enable)
|
|
vreFolderManager.setAdmin(theUserToPromoteOrDeclass);
|
|
else
|
|
vreFolderManager.removeAdmin(theUserToPromoteOrDeclass);
|
|
_log.info("*VREFolder-Hook** add/remove role operation complete");
|
|
}
|
|
finally {
|
|
AccessTokenProvider.instance.set(previousUMAToken);
|
|
SecurityTokenProvider.instance.set(previousToken);
|
|
_log.warn("An error occurred (or the user was already Admin) when trying to update shub role of userId "+ userId + " to the groupId: " + groupId);
|
|
}
|
|
}
|
|
}
|