diff --git a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java index 91bc644..507142b 100644 --- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java +++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java @@ -269,6 +269,9 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem String username = session.getUsername(); String groupName = session.getGroupName(); // e.g. devVRE + // get key per scope + String keyPerScope = concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, session.getScope()); + // check if session expired if(username.equals(TEST_USER)){ @@ -276,9 +279,9 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem }else{ // check into session - if(session.getAttribute(CKAN_HIGHEST_ROLE) != null){ + if(httpSession.getAttribute(keyPerScope) != null){ - toReturn = (CkanRole)session.getAttribute(CKAN_HIGHEST_ROLE); + toReturn = (CkanRole)httpSession.getAttribute(keyPerScope); logger.info("Found user role into session " + toReturn + " and it is going to be returned"); }else{ @@ -291,13 +294,13 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem if(isSysAdmin){ logger.info("The user is a sysadmin of the catalog -> he can edit/add"); - session.setAttribute(CKAN_HIGHEST_ROLE, CkanRole.SYSADMIN); + httpSession.setAttribute(keyPerScope, CkanRole.SYSADMIN); toReturn = CkanRole.SYSADMIN; }else{ toReturn = UserUtil.getHighestRole(currentScope, username, groupName, ckanUtils); - session.setAttribute(CKAN_HIGHEST_ROLE, toReturn); + httpSession.setAttribute(keyPerScope, toReturn); logger.info("Set role " + toReturn + " into session for user " + username); } @@ -307,11 +310,9 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem // 3) metadata profiles // In this way the publish widget can simply retrieve those information from the ASL session if(!toReturn.equals(CkanRole.MEMBER)){ - - UserUtil.getLicenses(session, CKAN_LICENSES_KEY, ckanUtils); - UserUtil.getUserOrganizationsList(session, CKAN_ORGANIZATIONS_PUBLISH_KEY, ckanUtils, getUserCKanTokenFromSession()); - UserUtil.getMetadataProfilesList(session, CKAN_PROFILES_KEY, ckanUtils); - + UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils); + UserUtil.getUserOrganizationsList(httpSession, username, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession()); + UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils); } } } @@ -335,8 +336,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem } /** - * Get current user's token. - * + * Get current user's token * @return String the ckan user's token */ private String getUserCKanTokenFromSession(){ @@ -348,9 +348,14 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem token = TEST_SEC_TOKEN; }else{ - HttpSession httpSession = this.getThreadLocalRequest().getSession(); - ASLSession session = getASLSession(httpSession); - String username = session.getUsername(); + // store info in the http session + HttpSession httpSession = getThreadLocalRequest().getSession(); + + ASLSession aslSession = getASLSession(httpSession); + String username = aslSession.getUsername(); + + // get the key per scope + String keyPerScope = concatenateSessionKeyScope(CKAN_TOKEN_KEY, aslSession.getScope()); // check if session expired if(username.equals(TEST_USER)){ @@ -361,11 +366,11 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem }else{ try{ logger.debug("User in session is " + username); - if(session.getAttribute(CKAN_TOKEN_KEY) != null) - token = (String)session.getAttribute(CKAN_TOKEN_KEY); + if(httpSession.getAttribute(keyPerScope) != null) + token = (String)httpSession.getAttribute(keyPerScope); else{ token = getCkanUtilsObj().getApiKeyFromUsername(username); - session.setAttribute(CKAN_TOKEN_KEY, token); + httpSession.setAttribute(keyPerScope, token); logger.debug("Ckan token has been set for user " + username); } logger.debug("Found ckan token " + token.substring(0, 3) + "************************" + " for user " + username); @@ -475,11 +480,13 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem ASLSession session = getASLSession(httpSession); String username = session.getUsername(); + String keyPerScope = concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, session.getScope()); + if(!username.equals(TEST_USER)){ // check if the aslsession already has such information - if(session.getAttribute(CKAN_ORGS_USER_KEY) != null){ - toReturn = (Map) session.getAttribute(CKAN_ORGS_USER_KEY); + if(httpSession.getAttribute(keyPerScope) != null){ + toReturn = (Map) httpSession.getAttribute(keyPerScope); logger.debug("List of organizations was into the session " + toReturn); }else{ logger.debug("Organizations list wasn't into session, retrieving them"); @@ -488,7 +495,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem toReturn.put(ckanOrganization.getTitle(), "/organization/" + ckanOrganization.getName()); } logger.debug("List of organizations to return for user " + username + " is " + toReturn); - session.setAttribute(CKAN_ORGS_USER_KEY, toReturn); + httpSession.setAttribute(keyPerScope, toReturn); } } } @@ -516,4 +523,14 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem return false; } } + + /** + * Builds a string made of key + scope + * @param key + * @param scope + * @return + */ + public static String concatenateSessionKeyScope(String key, String scope){ + return key.concat(scope); + } } diff --git a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java index 33c1a2b..a68e658 100644 --- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java +++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java @@ -9,7 +9,7 @@ import java.util.List; import java.util.Map; import java.util.Map.Entry; -import org.gcube.application.framework.core.session.ASLSession; +import javax.servlet.http.HttpSession; import org.gcube.datacatalogue.ckanutillibrary.CKanUtils; import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization; import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader; @@ -288,12 +288,10 @@ public class UserUtil { * @param ckanLicensesKey * @param ckanUtils */ - public static void getLicenses(ASLSession session, String ckanLicensesKey, CKanUtils ckanUtils) { + public static void getLicenses(HttpSession session, String username, String ckanLicensesKey, CKanUtils ckanUtils) { try{ - String username = session.getUsername(); logger.debug("User in session is " + username); - List titlesLicenses = ckanUtils.getLicenseTitles(); LicensesBean licensesBean = new LicensesBean(titlesLicenses); session.setAttribute(ckanLicensesKey, licensesBean); @@ -311,12 +309,10 @@ public class UserUtil { * @param ckanOrganizationsPublishKey * @param ckanUtils */ - public static void getUserOrganizationsList(ASLSession session, + public static void getUserOrganizationsList(HttpSession session, String username, String ckanOrganizationsPublishKey, CKanUtils ckanUtils, String token) { try{ - - String username = session.getUsername(); logger.debug("Request for user " + username + " organizations list"); List orgsName = new ArrayList(); @@ -358,12 +354,11 @@ public class UserUtil { * @param ckanOrganizationsPublishKey * @param ckanUtils */ - public static void getMetadataProfilesList(ASLSession session, + public static void getMetadataProfilesList(HttpSession session, String username, String ckanProfilesKey, CKanUtils ckanUtils) { try{ - String username = session.getUsername(); logger.debug("User in session is " + username); List beans = new ArrayList();