gCubeSystem
/
gcat
16
0
Fork 0
Code Issues Pull Requests Releases 13 Wiki Activity

Fixed bug #23154

This commit is contained in:
Luca Frosini 2022-04-08 17:48:28 +02:00
parent 51d1f11d56
commit 8822df842d
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java
View File

@ -1073,11 +1073,11 @@ public class CKANPackage extends CKAN implements Moderated {
break; break;
case EDITOR: case EDITOR:
if(cmItemStatus!=null && cmItemStatus!=CMItemStatus.APPROVED) { // if(cmItemStatus!=null && cmItemStatus!=CMItemStatus.APPROVED) {
q = String.format("%s AND %s:%s", q, AUTHOR_EMAIL_KEY, ckanUser.getEMail()); q = String.format("%s AND %s:%s", q, AUTHOR_EMAIL_KEY, ckanUser.getEMail());
}else{ // }else{
cmItemStatus = CMItemStatus.APPROVED; // cmItemStatus = CMItemStatus.APPROVED;
} // }
break; break;
case MEMBER: case MEMBER:

13
src/main/java/org/gcube/gcat/rest/Resource.java
View File

@ -3,6 +3,7 @@ package org.gcube.gcat.rest;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -12,8 +13,10 @@ import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder; import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANResource; import org.gcube.gcat.persistence.ckan.CKANResource;
/** /**
@ -29,6 +32,9 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@GET @GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
* @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
*/
public String list(@PathParam(ITEM_ID_PARAMETER) String itemID) { public String list(@PathParam(ITEM_ID_PARAMETER) String itemID) {
setCalledMethod("GET /" + COLLECTION); setCalledMethod("GET /" + COLLECTION);
CKANResource ckanResource = new CKANResource(itemID); CKANResource ckanResource = new CKANResource(itemID);
@ -39,6 +45,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@POST @POST
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(@PathParam(ITEM_ID_PARAMETER) String itemID, String json) { public Response create(@PathParam(ITEM_ID_PARAMETER) String itemID, String json) {
setCalledMethod("POST /" + COLLECTION); setCalledMethod("POST /" + COLLECTION);
CKANResource ckanResource = new CKANResource(itemID); CKANResource ckanResource = new CKANResource(itemID);
@ -52,6 +59,9 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@GET @GET
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
* @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
*/
public String read(@PathParam(ITEM_ID_PARAMETER) String itemID, public String read(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID) {
setCalledMethod("GET /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("GET /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -64,6 +74,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(ITEM_ID_PARAMETER) String itemID, public String update(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
setCalledMethod("PUT /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("PUT /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -76,6 +87,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String patch(@PathParam(ITEM_ID_PARAMETER) String itemID, public String patch(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
setCalledMethod("PATCH /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("PATCH /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -86,6 +98,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@DELETE @DELETE
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(ITEM_ID_PARAMETER) String itemID, public Response delete(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID) {
setCalledMethod("DELETE /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("DELETE /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");