Partially implemented the role check method to retrieve the user permissions
git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@129121 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
ca18c10e23
commit
173d46f710
|
@ -10,9 +10,6 @@
|
||||||
<dependent-module archiveName="ckan-util-library-1.0.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-util-library/ckan-util-library">
|
<dependent-module archiveName="ckan-util-library-1.0.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-util-library/ckan-util-library">
|
||||||
<dependency-type>uses</dependency-type>
|
<dependency-type>uses</dependency-type>
|
||||||
</dependent-module>
|
</dependent-module>
|
||||||
<dependent-module archiveName="gcubedatacatalogue-metadata-discovery-0.1.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/gcubedatacatalogue-metadata-discovery/gcubedatacatalogue-metadata-discovery">
|
|
||||||
<dependency-type>uses</dependency-type>
|
|
||||||
</dependent-module>
|
|
||||||
<property name="context-root" value="gcube-ckan-datacatalog"/>
|
<property name="context-root" value="gcube-ckan-datacatalog"/>
|
||||||
<property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
|
<property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
|
||||||
</wb-module>
|
</wb-module>
|
||||||
|
|
7
pom.xml
7
pom.xml
|
@ -125,6 +125,13 @@
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.dvos</groupId>
|
||||||
|
<artifactId>usermanagement-core</artifactId>
|
||||||
|
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- LOGGER -->
|
<!-- LOGGER -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>log4j</groupId>
|
<groupId>log4j</groupId>
|
||||||
|
|
|
@ -10,14 +10,23 @@ import javax.servlet.http.HttpSession;
|
||||||
import org.gcube.application.framework.core.session.ASLSession;
|
import org.gcube.application.framework.core.session.ASLSession;
|
||||||
import org.gcube.application.framework.core.session.SessionManager;
|
import org.gcube.application.framework.core.session.SessionManager;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.CKanUtilsFactory;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.models.CkanRolesIntoLiferay;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
|
||||||
import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper;
|
import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper;
|
||||||
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService;
|
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService;
|
||||||
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
|
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
|
||||||
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.RoleManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.UserManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayGroupManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayRoleManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.impl.liferay.LiferayUserManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.model.RoleModel;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The server side implementation of the RPC service.
|
* The server side implementation of the RPC service.
|
||||||
*
|
*
|
||||||
|
@ -41,7 +50,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
|
||||||
private final static String TEST_USER = "francesco.mangiacrapa";
|
private final static String TEST_USER = "francesco.mangiacrapa";
|
||||||
private final static String TEST_SCOPE = "/gcube/devsec/devVRE";
|
private final static String TEST_SCOPE = "/gcube/devsec/devVRE";
|
||||||
private final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
|
private final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
|
||||||
// private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5";
|
// private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5";
|
||||||
|
|
||||||
/* (non-Javadoc)
|
/* (non-Javadoc)
|
||||||
* @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector()
|
* @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector()
|
||||||
|
@ -70,7 +79,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
|
||||||
}
|
}
|
||||||
logger.info("returning ckanConnectorUri: "+ckanConnectorUri);
|
logger.info("returning ckanConnectorUri: "+ckanConnectorUri);
|
||||||
return ckanConnectorUri;
|
return ckanConnectorUri;
|
||||||
// return "http://ckan-d-d4s.d4science.org";
|
// return "http://ckan-d-d4s.d4science.org";
|
||||||
}catch(Exception e ){
|
}catch(Exception e ){
|
||||||
String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue";
|
String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue";
|
||||||
logger.error(message, e);
|
logger.error(message, e);
|
||||||
|
@ -148,17 +157,84 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public CkanRole getMyRole() throws Exception{
|
public CkanRole getMyRole() throws Exception{
|
||||||
//TODO READ FROM IS
|
HttpSession httpSession = this.getThreadLocalRequest().getSession();
|
||||||
return CkanRole.ADMIN;
|
|
||||||
|
// we need to evaluate which roles the user has in this scope
|
||||||
|
String username = getASLSession(httpSession).getUsername();
|
||||||
|
String currentScope = getASLSession(httpSession).getScope();
|
||||||
|
String groupName = getASLSession(httpSession).getGroupName();
|
||||||
|
|
||||||
|
try{
|
||||||
|
|
||||||
|
// retrieve the liferay's roles for the user
|
||||||
|
UserManager userManager = new LiferayUserManager();
|
||||||
|
RoleManager roleManager = new LiferayRoleManager();
|
||||||
|
GroupManager groupManager = new LiferayGroupManager();
|
||||||
|
List<RoleModel> roles = roleManager.listRolesByUserAndGroup(groupManager.getGroupId(groupName), userManager.getUserId(username));
|
||||||
|
|
||||||
|
// the default one
|
||||||
|
CkanRolesIntoLiferay mainRole = CkanRolesIntoLiferay.CATALOG_MEMBER;
|
||||||
|
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
|
||||||
|
|
||||||
|
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
|
||||||
|
for (RoleModel role : roles) {
|
||||||
|
|
||||||
|
logger.debug("User " + username + " has role " + role.getRoleName() + " in " + currentScope);
|
||||||
|
|
||||||
|
if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_SYSADMIN.toString())){
|
||||||
|
mainRole = CkanRolesIntoLiferay.CATALOG_SYSADMIN;
|
||||||
|
correspondentRoleToCheck = RolesIntoOrganization.SYSADMIN;
|
||||||
|
break;
|
||||||
|
}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
|
||||||
|
mainRole = CkanRolesIntoLiferay.CATALOG_ADMIN;
|
||||||
|
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||||
|
break;
|
||||||
|
}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
|
||||||
|
mainRole = CkanRolesIntoLiferay.CATALOG_EDITOR;
|
||||||
|
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ask to ckan util lib the roles the user has in this scope(i.e. ckan organization)
|
||||||
|
String[] splittedScope = currentScope.split("/");
|
||||||
|
String organizationName = splittedScope[splittedScope.length -1];
|
||||||
|
|
||||||
|
// TODO with this invocation, we check if the role is present in ckan and if it is not it will be added
|
||||||
|
CKanUtilsFactory.getInstance().getCkanUtilsForScope(currentScope).checkRole(username, organizationName, correspondentRoleToCheck);
|
||||||
|
|
||||||
|
return reMapRole(mainRole);
|
||||||
|
|
||||||
|
}catch(Exception e){
|
||||||
|
logger.error("Unable to retrieve the role information for this user. Returning member role", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
// return the base role
|
||||||
|
return CkanRole.MEMBER;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Map between roles
|
||||||
|
* @param mainRole
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
private CkanRole reMapRole(CkanRolesIntoLiferay mainRole) {
|
||||||
|
switch(mainRole){
|
||||||
|
case CATALOG_SYSADMIN: return CkanRole.SYSADMIN;
|
||||||
|
case CATALOG_ADMIN: return CkanRole.ADMIN;
|
||||||
|
case CATALOG_EDITOR: return CkanRole.EDITOR;
|
||||||
|
case CATALOG_MEMBER: ;
|
||||||
|
default : return CkanRole.MEMBER;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getUser() {
|
public String getUser() {
|
||||||
|
|
||||||
HttpSession httpSession = this.getThreadLocalRequest().getSession();
|
HttpSession httpSession = this.getThreadLocalRequest().getSession();
|
||||||
|
|
||||||
logger.debug("User in session is " + getASLSession(httpSession).getUsername());
|
logger.debug("User in session is " + getASLSession(httpSession).getUsername());
|
||||||
return getASLSession(httpSession).getUsername();
|
return getASLSession(httpSession).getUsername();
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue