Check first if the user is a ckan sysadmin (in this case he can edit/add without further checks), then if he is a editor/admin or simple member
git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@129159 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
4490c079e5
commit
60b93329ec
|
@ -181,42 +181,47 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
|
|||
|
||||
try{
|
||||
|
||||
// retrieve the liferay's roles for the user
|
||||
UserManager userManager = new LiferayUserManager();
|
||||
RoleManager roleManager = new LiferayRoleManager();
|
||||
GroupManager groupManager = new LiferayGroupManager();
|
||||
List<RoleModel> roles = roleManager.listRolesByUserAndGroup(groupManager.getGroupId(groupName), userManager.getUserId(username));
|
||||
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
|
||||
boolean isSysAdmin = instance.isSysAdmin(username, instance.getApiKeyFromUsername(username));
|
||||
|
||||
// the default one
|
||||
CkanRolesIntoLiferay mainRole = CkanRolesIntoLiferay.CATALOG_MEMBER;
|
||||
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
|
||||
if(isSysAdmin){
|
||||
|
||||
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
|
||||
for (RoleModel role : roles) {
|
||||
logger.debug("The user is a sysadmin of the catalog -> he can edit/add");
|
||||
return CkanRole.SYSADMIN;
|
||||
|
||||
logger.debug("User " + username + " has role " + role.getRoleName() + " in " + currentScope);
|
||||
}else{
|
||||
|
||||
if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_SYSADMIN.toString())){
|
||||
mainRole = CkanRolesIntoLiferay.CATALOG_SYSADMIN;
|
||||
correspondentRoleToCheck = RolesIntoOrganization.SYSADMIN;
|
||||
break;
|
||||
}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
|
||||
mainRole = CkanRolesIntoLiferay.CATALOG_ADMIN;
|
||||
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||
break;
|
||||
}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
|
||||
mainRole = CkanRolesIntoLiferay.CATALOG_EDITOR;
|
||||
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
|
||||
break;
|
||||
// retrieve the liferay's roles for the user
|
||||
UserManager userManager = new LiferayUserManager();
|
||||
RoleManager roleManager = new LiferayRoleManager();
|
||||
GroupManager groupManager = new LiferayGroupManager();
|
||||
List<RoleModel> roles = roleManager.listRolesByUserAndGroup(groupManager.getGroupId(groupName), userManager.getUserId(username));
|
||||
|
||||
// the default one
|
||||
CkanRolesIntoLiferay mainRole = CkanRolesIntoLiferay.CATALOG_MEMBER;
|
||||
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
|
||||
|
||||
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
|
||||
for (RoleModel role : roles) {
|
||||
|
||||
logger.debug("User " + username + " has role " + role.getRoleName() + " in " + currentScope);
|
||||
if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
|
||||
mainRole = CkanRolesIntoLiferay.CATALOG_ADMIN;
|
||||
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||
break;
|
||||
}else if(role.getRoleName().contains(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
|
||||
mainRole = CkanRolesIntoLiferay.CATALOG_EDITOR;
|
||||
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// with this invocation, we check if the role is present in ckan and if it is not it will be added
|
||||
boolean res = instance.checkRole(username, groupName, correspondentRoleToCheck);
|
||||
|
||||
if(res)
|
||||
return reMapRole(mainRole);
|
||||
}
|
||||
|
||||
// with this invocation, we check if the role is present in ckan and if it is not it will be added
|
||||
boolean res = instance.checkRole(username, groupName, correspondentRoleToCheck);
|
||||
|
||||
if(res)
|
||||
return reMapRole(mainRole);
|
||||
|
||||
}catch(Exception e){
|
||||
logger.error("Unable to retrieve the role information for this user. Returning member role", e);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue