Commented annotations for role filtering refs #23103

2022-04-12 11:48:12 +02:00 · 2022-04-12 11:48:12 +02:00 · a2c2c0044e
parent 4c427b3e26
commit a2c2c0044e
10 changed files with 72 additions and 73 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,7 +11,6 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 - Added Enunciate to automatically create REST APIs documentation [#23096]
 - Fixed 'offset' parameter behaviuor in item listing [#22999]
 - Moderation message are sent using gcube messaging system via Social Service [#23117]
- Added role filtering to REST API [23101]
 - Remove enforcement on approved item for Catalogue-Editor added enforcement to email [#23154]
 - ClientID requests are now properly supported [#21903] 

--- a/pom.xml
+++ b/pom.xml
@ -64,11 +64,11 @@
 			<artifactId>gcat-api</artifactId>
 			<version>[2.0.0,3.0.0-SNAPSHOT)</version>
 		</dependency>
-		<dependency>
-			<groupId>org.gcube.common</groupId>
-			<artifactId>authorization-control-library</artifactId>
-			<version>[1.0.0,2.0.0-SNAPSHOT)</version>
-		</dependency>
+<!-- 		<dependency> -->
+<!-- 			<groupId>org.gcube.common</groupId> -->
+<!-- 			<artifactId>authorization-control-library</artifactId> -->
+<!-- 			<version>[1.0.0,2.0.0-SNAPSHOT)</version> -->
+<!-- 		</dependency> -->
 		<dependency>
 			<groupId>org.gcube.common</groupId>
 			<artifactId>authorization-utils</artifactId>
--- a/src/main/java/org/gcube/gcat/rest/Configuration.java
+++ b/src/main/java/org/gcube/gcat/rest/Configuration.java
@ -9,7 +9,7 @@ import javax.ws.rs.DefaultValue;
 import javax.ws.rs.ForbiddenException;
 import javax.ws.rs.GET;
 import javax.ws.rs.InternalServerErrorException;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -24,7 +24,7 @@ import javax.xml.ws.WebServiceException;

 import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
 import org.gcube.com.fasterxml.jackson.databind.node.ObjectNode;
-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
 import org.gcube.gcat.annotation.PATCH;
 import org.gcube.gcat.annotation.PURGE;
@ -99,7 +99,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 201, condition = "Catalogue configuration successfully created."),
 		@ResponseCode(code = 401, condition = "Only Catalogue-Managers can create catalogue configuration."),
@ -157,7 +157,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	@GET
 	@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 200, condition = "Catalogue configuration successfully read."),
 		@ResponseCode(code = 401, condition = "Only User with role Catalogue-Editors or above can read a catalogue configuration."),
@ -201,7 +201,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 200, condition = "Catalogue configuration successfully created/updated."),
 		@ResponseCode(code = 401, condition = "Only Catalogue-Managers can create/update catalogue configuration."),
@ -243,7 +243,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 200, condition = "Catalogue configuration successfully updated."),
 		@ResponseCode(code = 401, condition = "Only Catalogue-Managers can update catalogue configuration."),
@ -302,7 +302,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	
 	@DELETE
 	@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."),
 		@ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."),
@ -339,7 +339,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
 	
 	@PURGE
 	@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	@StatusCodes ({
 		@ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."),
 		@ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."),
--- a/src/main/java/org/gcube/gcat/rest/Group.java
+++ b/src/main/java/org/gcube/gcat/rest/Group.java
@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -14,11 +14,11 @@ import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Response;
 import javax.xml.ws.WebServiceException;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.annotation.PATCH;
 import org.gcube.gcat.annotation.PURGE;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANGroup;

 /**
@ -44,7 +44,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
 			@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, 
 			@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -69,7 +69,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response create(String json) {
 		return super.create(json);
 	}
@ -78,7 +78,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@Path("/{" + GROUP_ID_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR}, exception=NotAuthorizedException.class)
 	public String read(@PathParam(GROUP_ID_PARAMETER) String id) {
 		return super.read(id);
 	}
@ -88,7 +88,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String update(@PathParam(GROUP_ID_PARAMETER) String id, String json) {
 		return super.update(id, json);
 	}
@ -98,7 +98,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String patch(@PathParam(GROUP_ID_PARAMETER) String id, String json) {
 		return super.patch(id, json);
 	}
@ -106,7 +106,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@DELETE
 	@Path("/{" + GROUP_ID_PARAMETER + "}")
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(GROUP_ID_PARAMETER) String id,
 			@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
 		return super.delete(id, purge);
@ -115,13 +115,13 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
 	@PURGE
 	@Path("/{" + GROUP_ID_PARAMETER + "}")
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response purge(@PathParam(GROUP_ID_PARAMETER) String id) {
 		return delete(id, true);
 	}
 	
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(String name, boolean purge) {
 		return delete(name, new Boolean(purge));
 	}
--- a/src/main/java/org/gcube/gcat/rest/Item.java
+++ b/src/main/java/org/gcube/gcat/rest/Item.java
@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -16,12 +16,12 @@ import javax.ws.rs.core.Response.ResponseBuilder;
 import javax.ws.rs.core.Response.Status;
 import javax.xml.ws.WebServiceException;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.annotation.PATCH;
 import org.gcube.gcat.annotation.PURGE;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.moderation.Moderated;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.moderation.Moderated;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANPackage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -72,7 +72,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response create(String json) {
 		return super.create(json);
 	}
@ -93,7 +93,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String update(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
 		return super.update(id, json);
 	}
@ -103,7 +103,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String patch(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
 		return super.patch(id, json);
 	}
@ -111,7 +111,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@DELETE
 	@Path("/{" + ITEM_ID_PARAMETER + "}")
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(ITEM_ID_PARAMETER) String id,
 			@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
 		return super.delete(id, purge);
@ -120,7 +120,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@PURGE
 	@Path("/{" + ITEM_ID_PARAMETER + "}")
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response purge(@PathParam(ITEM_ID_PARAMETER) String id) {
 		return super.purge(id);
 	}
@ -145,7 +145,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@DELETE
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) {
 		deleteAll(purge);
 		return Response.status(Status.ACCEPTED).build();
@ -154,7 +154,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@PURGE
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response bulkPurge() {
 		return bulkDelete(true);
 	}
@ -163,7 +163,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
 	@Path("/{" + ITEM_ID_PARAMETER + "}")
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class)
 	public Response moderate(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
 		setCalledMethod("POST /" + COLLECTION_PARAMETER + "/{" + ID_PARAMETER + "}");
 		CKANPackage ckanPackage = getInstance();
--- a/src/main/java/org/gcube/gcat/rest/Organization.java
+++ b/src/main/java/org/gcube/gcat/rest/Organization.java
@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -14,11 +14,11 @@ import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Response;
 import javax.xml.ws.WebServiceException;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.annotation.PATCH;
 import org.gcube.gcat.annotation.PURGE;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANOrganization;

 /**
@ -45,7 +45,7 @@ public class Organization extends REST<CKANOrganization>
 	
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
 			@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, 
 			@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -70,7 +70,7 @@ public class Organization extends REST<CKANOrganization>
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response create(String json) {
 		return super.create(json);
 	}
@ -79,7 +79,7 @@ public class Organization extends REST<CKANOrganization>
 	@Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String read(@PathParam(ORGANIZATION_ID_PARAMETER) String id) {
 		return super.read(id);
 	}
@ -89,7 +89,7 @@ public class Organization extends REST<CKANOrganization>
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String update(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) {
 		return super.update(id, json);
 	}
@ -99,7 +99,7 @@ public class Organization extends REST<CKANOrganization>
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String patch(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) {
 		return super.patch(id, json);
 	}
@ -107,7 +107,7 @@ public class Organization extends REST<CKANOrganization>
 	@DELETE
 	@Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(ORGANIZATION_ID_PARAMETER) String id,
 			@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
 		return super.delete(id, purge);
@ -115,7 +115,7 @@ public class Organization extends REST<CKANOrganization>
 	
 	@PURGE
 	@Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response purge(@PathParam(ORGANIZATION_ID_PARAMETER) String id) {
 		return super.purge(id);
 	}
--- a/src/main/java/org/gcube/gcat/rest/Profile.java
+++ b/src/main/java/org/gcube/gcat/rest/Profile.java
@ -9,7 +9,7 @@ import javax.ws.rs.HeaderParam;
 import javax.ws.rs.HttpMethod;
 import javax.ws.rs.InternalServerErrorException;
 import javax.ws.rs.NotAllowedException;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
@ -24,10 +24,10 @@ import javax.ws.rs.core.Response.Status;
 import javax.ws.rs.core.UriInfo;

 import org.gcube.com.fasterxml.jackson.databind.node.ArrayNode;
-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.profile.ISProfile;
 import org.xml.sax.SAXException;

@ -138,7 +138,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
 	@Path("/{" + PROFILE_NAME_PARAMETER + "}")
 	@Consumes(MediaType.APPLICATION_XML)
 	@Produces(MediaType.APPLICATION_XML)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response createOrUpdate(@PathParam(PROFILE_NAME_PARAMETER) String name, String xml) {
 		setCalledMethod("PUT /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
 		try {
@ -169,7 +169,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
 	
 	@DELETE
 	@Path("/{" + PROFILE_NAME_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(PROFILE_NAME_PARAMETER) String name) {
 		setCalledMethod("DELETE /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
 		try {
--- a/src/main/java/org/gcube/gcat/rest/Resource.java
+++ b/src/main/java/org/gcube/gcat/rest/Resource.java
@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -13,10 +13,10 @@ import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 import javax.ws.rs.core.Response.Status;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.annotation.PATCH;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANResource;

 /**
@ -45,7 +45,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
 	@POST
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response create(@PathParam(ITEM_ID_PARAMETER) String itemID, String json) {
 		setCalledMethod("POST /" + COLLECTION);
 		CKANResource ckanResource = new CKANResource(itemID);
@ -74,7 +74,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
 	@Path("/{" + RESOURCE_ID_PARAMETER + "}")
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String update(@PathParam(ITEM_ID_PARAMETER) String itemID,
 			@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
 		setCalledMethod("PUT /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -87,7 +87,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
 	@Path("/{" + RESOURCE_ID_PARAMETER + "}")
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String patch(@PathParam(ITEM_ID_PARAMETER) String itemID,
 			@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
 		setCalledMethod("PATCH /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -98,7 +98,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
 	
 	@DELETE
 	@Path("/{" + RESOURCE_ID_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(ITEM_ID_PARAMETER) String itemID,
 			@PathParam(RESOURCE_ID_PARAMETER) String resourceID) {
 		setCalledMethod("DELETE /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
--- a/src/main/java/org/gcube/gcat/rest/Trash.java
+++ b/src/main/java/org/gcube/gcat/rest/Trash.java
@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
@ -11,10 +11,10 @@ import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import javax.xml.ws.WebServiceException;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.annotation.PURGE;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANPackageTrash;

 /**
@ -27,7 +27,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
 		CKANPackageTrash ckanPackageTrash = new CKANPackageTrash();
 		ckanPackageTrash.setOwnOnly(ownOnly);
@ -36,7 +36,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
 	
 	@DELETE
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response empty(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
 		Thread thread = new Thread(new Runnable() {
 		    @Override
@ -51,7 +51,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
 	}
 	
 	@PURGE
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response emptyViaPurge(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
 		return empty(ownOnly); 
 	}
--- a/src/main/java/org/gcube/gcat/rest/User.java
+++ b/src/main/java/org/gcube/gcat/rest/User.java
@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotAuthorizedException;
+//import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
@ -11,9 +11,9 @@ import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Response;

-import org.gcube.common.authorization.control.annotations.AuthorizationControl;
+//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
 import org.gcube.gcat.api.GCatConstants;
-import org.gcube.gcat.api.roles.Role;
+//import org.gcube.gcat.api.roles.Role;
 import org.gcube.gcat.persistence.ckan.CKANUser;

 /**
@ -30,7 +30,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list() {
 		return super.list(-1, -1);
 	}
@ -39,7 +39,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response create(String json) {
 		return super.create(json);
 	}
@ -48,7 +48,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	@Path("/{" + USER_ID_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String read(@PathParam(USER_ID_PARAMETER) String username) {
 		return super.read(username);
 	}
@ -58,14 +58,14 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String update(@PathParam(USER_ID_PARAMETER) String username, String json) {
 		return super.update(username, json);
 	}
 	
 	@DELETE
 	@Path("/{" + USER_ID_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
+//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(USER_ID_PARAMETER) String username) {
 		return super.delete(username, false);
 	}