gCubeSystem
/
gcat
15
0
Fork 0
Code Issues Pull Requests Releases 13 Wiki Activity

Fixed user cache management

This commit is contained in:
Luca Frosini 2022-04-21 17:44:34 +02:00
parent 7acdc6a718
commit 04090463c9
2 changed files with 47 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/org/gcube/gcat/persistence/ckan/CKANUserCache.java
View File

@ -60,11 +60,16 @@ public abstract class CKANUserCache {
} }
public synchronized static void removeUserFromCache() { public synchronized static void removeUserFromCache() {
SecretManager secretManager = SecretManagerProvider.instance.get();
String gcubeUsername = secretManager.getUser().getUsername();
removeUserFromCache(gcubeUsername);
}
public synchronized static void removeUserFromCache(String gcubeUsername) {
SecretManager secretManager = SecretManagerProvider.instance.get(); SecretManager secretManager = SecretManagerProvider.instance.get();
String context = secretManager.getContext(); String context = secretManager.getContext();
Cache<String,CKANUser> userCache = userCachePerContext.get(context); Cache<String,CKANUser> userCache = userCachePerContext.get(context);
if(userCache != null) { if(userCache != null) {
String gcubeUsername = secretManager.getUser().getUsername();
userCache.remove(gcubeUsername); userCache.remove(gcubeUsername);
} }
} }

60
src/main/java/org/gcube/gcat/rest/User.java
View File

@ -2,6 +2,7 @@ package org.gcube.gcat.rest;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET; import javax.ws.rs.GET;
//import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
@ -12,9 +13,12 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
//import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role;
//import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANUser; import org.gcube.gcat.persistence.ckan.CKANUser;
import org.gcube.gcat.persistence.ckan.CKANUserCache; import org.gcube.gcat.persistence.ckan.CKANUserCache;
@ -25,10 +29,11 @@ import org.gcube.gcat.persistence.ckan.CKANUserCache;
@Path(User.USERS) @Path(User.USERS)
public class User extends REST<CKANUser> implements org.gcube.gcat.api.interfaces.User<Response,Response> { public class User extends REST<CKANUser> implements org.gcube.gcat.api.interfaces.User<Response,Response> {
protected static final String USER_ID_PARAMETER = "USER_ID"; protected static final String GCUBE_USERNAME_PARAMETER = "GCUBE_USERNAME";
protected static final String CKAN_USER_ID_PARAMETER = "USER_ID";
public User() { public User() {
super(USERS, USER_ID_PARAMETER, CKANUser.class); super(USERS, CKAN_USER_ID_PARAMETER, CKANUser.class);
} }
@GET @GET
@ -48,40 +53,57 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
} }
@GET @GET
@Path("/{" + USER_ID_PARAMETER + "}") @Path("/{" + CKAN_USER_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String read(@PathParam(USER_ID_PARAMETER) String username) { public String read(@PathParam(CKAN_USER_ID_PARAMETER) String username) {
return super.read(username); return super.read(username);
} }
@PUT @PUT
@Path("/{" + USER_ID_PARAMETER + "}") @Path("/{" + CKAN_USER_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(USER_ID_PARAMETER) String username, String json) { public String update(@PathParam(CKAN_USER_ID_PARAMETER) String username, String json) {
return super.update(username, json); return super.update(username, json);
} }
@DELETE
@Path("/{" + USER_ID_PARAMETER + "}")
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
/*
* Purge user form cache
*/
public Response delete(@PathParam(USER_ID_PARAMETER) String username) {
CKANUserCache.removeUserFromCache();
return Response.status(Status.NO_CONTENT).build();
}
@PURGE @PURGE
@Path("/{" + USER_ID_PARAMETER + "}") @Path("/{" + CKAN_USER_ID_PARAMETER + "}")
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response purge(@PathParam(USER_ID_PARAMETER) String username) { public Response purge(@PathParam(CKAN_USER_ID_PARAMETER) String username) {
return super.delete(username, true); return super.delete(username, true);
} }
@DELETE
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response removeCallerFromCache() {
SecretManager secretManager = SecretManagerProvider.instance.get();
org.gcube.common.authorization.utils.user.User user = secretManager.getUser();
if(user.getRoles().contains(Role.MANAGER.getPortalRole())) {
CKANUserCache.removeUserFromCache();
}else {
throw new ForbiddenException("Only " + Role.MANAGER.getCkanRole() + "s are authorized to remove an user from the cache");
}
return Response.status(Status.NO_CONTENT).build();
}
@DELETE
@Path("/{" + GCUBE_USERNAME_PARAMETER + "}")
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response removeUserFromCache(@PathParam(GCUBE_USERNAME_PARAMETER) String username) {
SecretManager secretManager = SecretManagerProvider.instance.get();
org.gcube.common.authorization.utils.user.User user = secretManager.getUser();
if(user.getRoles().contains(Role.MANAGER.getPortalRole())) {
CKANUserCache.removeUserFromCache(username);
}else {
throw new ForbiddenException("Only " + Role.MANAGER.getCkanRole() + "s are authorized to remove an user from the cache");
}
return Response.status(Status.NO_CONTENT).build();
}
} }