purge method fix
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/data-catalogue/catalogue-ws@162175 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
a76b9d36af
commit
b2fafeb32a
|
@ -4,9 +4,6 @@
|
||||||
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
|
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
|
||||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||||
<dependent-module archiveName="ckan-util-library-2.4.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-util-library/ckan-util-library">
|
|
||||||
<dependency-type>uses</dependency-type>
|
|
||||||
</dependent-module>
|
|
||||||
<property name="context-root" value="catalogue-ws"/>
|
<property name="context-root" value="catalogue-ws"/>
|
||||||
<property name="java-output-path" value="/catalogue-ws/target/classes"/>
|
<property name="java-output-path" value="/catalogue-ws/target/classes"/>
|
||||||
</wb-module>
|
</wb-module>
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
<ReleaseNotes>
|
<ReleaseNotes>
|
||||||
|
<Changeset component="org.gcube.data-catalogue.catalogue-ws.1-1-1"
|
||||||
|
date="2018-01-11">
|
||||||
|
<Change>Item purge method enhanced</Change>
|
||||||
|
</Changeset>
|
||||||
<Changeset component="org.gcube.data-catalogue.catalogue-ws.1-1-0"
|
<Changeset component="org.gcube.data-catalogue.catalogue-ws.1-1-0"
|
||||||
date="2017-06-20">
|
date="2017-06-20">
|
||||||
<Change>Minor fixes while checking user's permissions</Change>
|
<Change>Minor fixes while checking user's permissions</Change>
|
||||||
|
|
2
pom.xml
2
pom.xml
|
@ -11,7 +11,7 @@
|
||||||
<groupId>org.gcube.data-catalogue</groupId>
|
<groupId>org.gcube.data-catalogue</groupId>
|
||||||
<artifactId>catalogue-ws</artifactId>
|
<artifactId>catalogue-ws</artifactId>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
<version>1.1.0-SNAPSHOT</version>
|
<version>1.1.1-SNAPSHOT</version>
|
||||||
<name>catalogue-ws</name>
|
<name>catalogue-ws</name>
|
||||||
|
|
||||||
<description>
|
<description>
|
||||||
|
|
|
@ -22,12 +22,15 @@ import org.gcube.datacatalogue.catalogue.utils.Delegator;
|
||||||
import org.gcube.datacatalogue.catalogue.utils.PackageCreatePostActions;
|
import org.gcube.datacatalogue.catalogue.utils.PackageCreatePostActions;
|
||||||
import org.gcube.datacatalogue.catalogue.utils.Validator;
|
import org.gcube.datacatalogue.catalogue.utils.Validator;
|
||||||
import org.gcube.datacatalogue.ckanutillibrary.server.DataCatalogue;
|
import org.gcube.datacatalogue.ckanutillibrary.server.DataCatalogue;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.shared.RolesCkanGroupOrOrg;
|
||||||
import org.json.simple.JSONArray;
|
import org.json.simple.JSONArray;
|
||||||
import org.json.simple.JSONObject;
|
import org.json.simple.JSONObject;
|
||||||
import org.json.simple.parser.JSONParser;
|
import org.json.simple.parser.JSONParser;
|
||||||
import org.json.simple.parser.ParseException;
|
import org.json.simple.parser.ParseException;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import eu.trentorise.opendata.jackan.model.CkanDataset;
|
||||||
|
|
||||||
@Path(Constants.ITEMS)
|
@Path(Constants.ITEMS)
|
||||||
/**
|
/**
|
||||||
* Items service endpoint.
|
* Items service endpoint.
|
||||||
|
@ -139,11 +142,64 @@ public class Item {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public String purge(String json, @Context UriInfo uriInfo){
|
public String purge(String json, @Context UriInfo uriInfo){
|
||||||
|
|
||||||
// see http://docs.ckan.org/en/latest/api/#ckan.logic.action.get.dataset_purge
|
// see http://docs.ckan.org/en/latest/api/#ckan.logic.action.delete.dataset_purge
|
||||||
Caller caller = AuthorizationProvider.instance.get();
|
Caller caller = AuthorizationProvider.instance.get();
|
||||||
String context = ScopeProvider.instance.get();
|
String context = ScopeProvider.instance.get();
|
||||||
return Delegator.delegatePost(caller, context, Constants.ITEM_PURGE, json, uriInfo);
|
String username = caller.getClient().getId();
|
||||||
|
|
||||||
|
// we need to extend this method wrt ckan: admins can purge the organization data, while editors just their own
|
||||||
|
DataCatalogue utils = CatalogueUtils.getCatalogue();
|
||||||
|
|
||||||
|
// if sysadmin, just invoke ckan
|
||||||
|
if(utils.isSysAdmin(username)){
|
||||||
|
logger.debug("User " + caller.getClient().getId() + " seems a sysadmin");
|
||||||
|
return Delegator.delegatePost(caller, context, Constants.ITEM_PURGE, json, uriInfo);
|
||||||
|
}
|
||||||
|
else{
|
||||||
|
try {
|
||||||
|
|
||||||
|
String datasetId = null;
|
||||||
|
String ownerId = null;
|
||||||
|
String organization = null;
|
||||||
|
|
||||||
|
JSONParser parser = new JSONParser();
|
||||||
|
JSONObject obj = (JSONObject)parser.parse(json);
|
||||||
|
|
||||||
|
datasetId = (String)obj.get("id");
|
||||||
|
if(datasetId == null || datasetId.isEmpty())
|
||||||
|
throw new Exception("'id' field is missing!");
|
||||||
|
|
||||||
|
String userApiKey = utils.getApiKeyFromUsername(username);
|
||||||
|
CkanDataset item = utils.getDataset(datasetId, userApiKey);
|
||||||
|
ownerId = item.getCreatorUserId();
|
||||||
|
organization = item.getOrganization().getName();
|
||||||
|
|
||||||
|
// check user role here
|
||||||
|
RolesCkanGroupOrOrg roleInOrganization = RolesCkanGroupOrOrg.convertFromCapacity(utils.getRoleOfUserInOrganization(username, organization, userApiKey));
|
||||||
|
|
||||||
|
boolean purged = false;
|
||||||
|
if(roleInOrganization.equals(RolesCkanGroupOrOrg.MEMBER)){
|
||||||
|
throw new Exception("You have not enough priviliges to delete item with id " + datasetId);
|
||||||
|
}else if(roleInOrganization.equals(RolesCkanGroupOrOrg.ADMIN)){
|
||||||
|
purged = utils.deleteProduct(datasetId, userApiKey, true);
|
||||||
|
}else{
|
||||||
|
// we have an editor here; just check she owns the dataset
|
||||||
|
String userIdCkan = utils.getUserFromApiKey(userApiKey).getId();
|
||||||
|
if(ownerId.equals(userIdCkan))
|
||||||
|
purged = utils.deleteProduct(datasetId, userApiKey, true);
|
||||||
|
else
|
||||||
|
throw new Exception("Editors can only remove their own items!");
|
||||||
|
}
|
||||||
|
return CatalogueUtils.createJSONObjectMin(purged, null).toJSONString();
|
||||||
|
|
||||||
|
} catch (Exception e) {
|
||||||
|
logger.error("Something went wrong... ", e);
|
||||||
|
if(e instanceof ParseException)
|
||||||
|
return CatalogueUtils.createJSONOnFailure("Failed to parse incoming json!");
|
||||||
|
else
|
||||||
|
return CatalogueUtils.createJSONOnFailure(e.toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO PROFILE VALIDATION MUST BE PERFORMED HERE AS WELL
|
// TODO PROFILE VALIDATION MUST BE PERFORMED HERE AS WELL
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<application mode='online'>
|
<application mode='online'>
|
||||||
<name>Catalogue-WS</name>
|
<name>Catalogue-WS</name>
|
||||||
<group>Data-Catalogue</group>
|
<group>Data-Catalogue</group>
|
||||||
<version>1.1.0-SNAPSHOT</version>
|
<version>1.1.1-SNAPSHOT</version>
|
||||||
<description>Catalogue Service</description>
|
<description>Catalogue Service</description>
|
||||||
<local-persistence location='target' />
|
<local-persistence location='target' />
|
||||||
<exclude>/rest/</exclude>
|
<exclude>/rest/</exclude>
|
||||||
|
|
Reference in New Issue