Partially implemented the role check method to retrieve the user permissions

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@129121 82a268e6-3cf1-43bd-a215-b396298e98cf
2016-06-14 15:42:59 +00:00 · 2016-06-14 15:42:59 +00:00 · 173d46f710
parent ca18c10e23
commit 173d46f710
3 changed files with 91 additions and 11 deletions
--- a/.settings/org.eclipse.wst.common.component
+++ b/.settings/org.eclipse.wst.common.component
@ -10,9 +10,6 @@
        <dependent-module archiveName="ckan-util-library-1.0.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-util-library/ckan-util-library">
            <dependency-type>uses</dependency-type>
        </dependent-module>
-        <dependent-module archiveName="gcubedatacatalogue-metadata-discovery-0.1.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/gcubedatacatalogue-metadata-discovery/gcubedatacatalogue-metadata-discovery">
-            <dependency-type>uses</dependency-type>
-        </dependent-module>
        <property name="context-root" value="gcube-ckan-datacatalog"/>
        <property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
    </wb-module>
--- a/pom.xml
+++ b/pom.xml
@ -125,6 +125,13 @@
 			<scope>provided</scope>
 		</dependency>

+		<dependency>
+			<groupId>org.gcube.dvos</groupId>
+			<artifactId>usermanagement-core</artifactId>
+			<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
+			<scope>provided</scope>
+		</dependency>
+
 		<!-- LOGGER -->
 		<dependency>
 			<groupId>log4j</groupId>
--- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java
+++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java
@ -10,14 +10,23 @@ import javax.servlet.http.HttpSession;
 import org.gcube.application.framework.core.session.ASLSession;
 import org.gcube.application.framework.core.session.SessionManager;
 import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.datacatalogue.ckanutillibrary.CKanUtilsFactory;
+import org.gcube.datacatalogue.ckanutillibrary.models.CkanRolesIntoLiferay;
+import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
 import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper;
 import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService;
 import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
+import org.gcube.vomanagement.usermanagement.GroupManager;
+import org.gcube.vomanagement.usermanagement.RoleManager;
+import org.gcube.vomanagement.usermanagement.UserManager;
+import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayGroupManager;
+import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayRoleManager;
+import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayUserManager;
+import org.gcube.vomanagement.usermanagement.model.RoleModel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import com.google.gwt.user.server.rpc.RemoteServiceServlet;
-
 /**
 * The server side implementation of the RPC service.
 *
@ -41,7 +50,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	private final static String TEST_USER = "francesco.mangiacrapa";
 	private final static String TEST_SCOPE = "/gcube/devsec/devVRE";
 	private final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
-//	private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5";
+	//	private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5";

 	/* (non-Javadoc)
 	 * @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector()
@ -70,7 +79,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			}
 			logger.info("returning ckanConnectorUri: "+ckanConnectorUri);
 			return ckanConnectorUri;
-//			return "http://ckan-d-d4s.d4science.org";
+			//			return "http://ckan-d-d4s.d4science.org";
 		}catch(Exception e ){
 			String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue";
 			logger.error(message, e);
@ -148,17 +157,84 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	 */
 	@Override
 	public CkanRole getMyRole() throws Exception{
-		//TODO READ FROM IS
-		return CkanRole.ADMIN;
+		HttpSession httpSession = this.getThreadLocalRequest().getSession();
+
+		// we need to evaluate which roles the user has in this scope
+		String username = getASLSession(httpSession).getUsername();
+		String currentScope = getASLSession(httpSession).getScope();
+		String groupName = getASLSession(httpSession).getGroupName();
+		
+		try{
+
+		// retrieve the liferay's roles for the user
+		UserManager userManager = new LiferayUserManager();
+		RoleManager roleManager = new LiferayRoleManager();
+		GroupManager groupManager = new LiferayGroupManager();
+		List<RoleModel> roles = roleManager.listRolesByUserAndGroup(groupManager.getGroupId(groupName), userManager.getUserId(username));
+
+		// the default one
+		CkanRolesIntoLiferay mainRole = CkanRolesIntoLiferay.CATALOG_MEMBER;
+		RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
+
+		// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
+		for (RoleModel role : roles) {
+
+			logger.debug("User " + username + " has role " + role.getRoleName() + " in " + currentScope); 
+
+			if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_SYSADMIN.toString())){
+				mainRole = CkanRolesIntoLiferay.CATALOG_SYSADMIN;
+				correspondentRoleToCheck = RolesIntoOrganization.SYSADMIN;
+				break;
+			}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
+				mainRole = CkanRolesIntoLiferay.CATALOG_ADMIN;
+				correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
+				break;
+			}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
+				mainRole = CkanRolesIntoLiferay.CATALOG_EDITOR;
+				correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
+				break;
+			}				
+		}
+
+		// ask to ckan util lib the roles the user has in this scope(i.e. ckan organization)
+		String[] splittedScope = currentScope.split("/");
+		String organizationName = splittedScope[splittedScope.length -1];
+
+		// TODO with this invocation, we check if the role is present in ckan and if it is not it will be added
+		CKanUtilsFactory.getInstance().getCkanUtilsForScope(currentScope).checkRole(username, organizationName, correspondentRoleToCheck);
+
+		return reMapRole(mainRole);
+		
+		}catch(Exception e){
+			logger.error("Unable to retrieve the role information for this user. Returning member role", e);
+		}
+		
+		// return the base role
+		return CkanRole.MEMBER; 
+	}
+
+	/**
+	 * Map between roles
+	 * @param mainRole
+	 * @return
+	 */
+	private CkanRole reMapRole(CkanRolesIntoLiferay mainRole) {
+		switch(mainRole){
+		case CATALOG_SYSADMIN: return CkanRole.SYSADMIN;
+		case CATALOG_ADMIN: return CkanRole.ADMIN;
+		case CATALOG_EDITOR: return CkanRole.EDITOR;
+		case CATALOG_MEMBER: ;
+		default : return CkanRole.MEMBER; 
+		}
 	}

 	@Override
 	public String getUser() {
-		
+
 		HttpSession httpSession = this.getThreadLocalRequest().getSession();
-		
+
 		logger.debug("User in session is " + getASLSession(httpSession).getUsername());
 		return getASLSession(httpSession).getUsername();
-		
+
 	}
 }