when the user choose a certain organization the name of the profiles is automatically updated

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@130605 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-07-20 17:14:46 +00:00
parent 82fed8eb45
commit a788c64667
6 changed files with 130 additions and 363 deletions

View File

@ -4,6 +4,9 @@
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/> <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/> <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/> <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
<dependent-module archiveName="ckan-metadata-publisher-widget-1.0.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-metadata-publisher-widget/ckan-metadata-publisher-widget">
<dependency-type>uses</dependency-type>
</dependent-module>
<property name="context-root" value="gcube-ckan-datacatalog"/> <property name="context-root" value="gcube-ckan-datacatalog"/>
<property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/> <property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
</wb-module> </wb-module>

View File

@ -121,7 +121,6 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
@Override @Override
public void onSuccess(CkanRole result) { public void onSuccess(CkanRole result) {
switch (result) { switch (result) {
case ADMIN: case ADMIN:
showEditInsertButtons(true); showEditInsertButtons(true);
@ -132,10 +131,8 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
case MEMBER: case MEMBER:
showEditInsertButtons(false); showEditInsertButtons(false);
break; break;
case SYSADMIN:
showEditInsertButtons(true);
break;
default: default:
showEditInsertButtons(false);
break; break;
} }
} }

View File

@ -59,35 +59,37 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
public final static String TEST_MAIL = "test.user@test-com"; public final static String TEST_MAIL = "test.user@test-com";
public final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810"; public final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
// ckan keys for ASL // CKAN KEYS (PLEASE NOTE THAT THESE INFO ARE SAVED INTO SESSION PER SCOPE)
private static final String CKAN_TOKEN_KEY = "ckanToken"; private static final String CKAN_ORGS_USER_KEY = "ckanOrgs"; // organizations to whom he belongs (retrieved by the instance in the current scope)
private static final String CKAN_ORGS_USER_KEY = "ckanOrgs"; // organizations to whom he belongs private static final String CKAN_HIGHEST_ROLE = "ckanHighestRole"; // editor, member, admin (this information is retrieved according the scope)
private static final String CKAN_HIGHEST_ROLE = "ckanHighestRole"; // editor, member, admin, sysadmin private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish (admin role)
private static final String CKAN_LICENSES_KEY = "ckanLicenses"; // licenses
private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish
private static final String CKAN_PROFILES_KEY = "ckanProfiles"; // product profiles
/** /**
* Instanciate the ckan util library.
* Since it needs the scope, we need to check if it is null or not * Since it needs the scope, we need to check if it is null or not
* @param discoverScope if you want to the discover the utils library in this specified scope
* @return * @return
*/ */
private CKanUtils getCkanUtilsObj(){ public CKanUtils getCkanUtilsObj(String discoverScope){
// check into session
HttpSession httpSession = getThreadLocalRequest().getSession(); HttpSession httpSession = getThreadLocalRequest().getSession();
ASLSession aslSession = getASLSession(httpSession); ASLSession aslSession = getASLSession(httpSession);
String currentScope = aslSession.getScope(); String currentScope = aslSession.getScope();
String user = aslSession.getUsername(); String user = aslSession.getUsername();
CKanUtils instance = null; CKanUtils instance = null;
try{ try{
if(user.equals(TEST_USER)){ if(user.equals(TEST_USER)){
// session expired or, maybe, outside the portal
logger.warn("User is "+TEST_USER +" are we out from portal?"); logger.warn("User is "+TEST_USER +" are we out from portal?");
logger.warn("I'm using root scope "+PRODUCTION_SCOPE); logger.warn("I'm using root scope "+PRODUCTION_SCOPE);
instance = new CKanUtilsImpl(PRODUCTION_SCOPE); instance = new CKanUtilsImpl(PRODUCTION_SCOPE);
}else }else{
if(discoverScope != null && !discoverScope.isEmpty())
instance = new CKanUtilsImpl(discoverScope);
else
instance = new CKanUtilsImpl(currentScope); instance = new CKanUtilsImpl(currentScope);
}
}catch(Exception e){ }catch(Exception e){
logger.error("Unable to retrieve ckan utils", e); logger.error("Unable to retrieve ckan utils", e);
} }
@ -134,7 +136,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
private CkanConnectorAccessPoint getCkanConnectorAccessPoint(String pathInfoParameter, String queryStringParameters) throws Exception { private CkanConnectorAccessPoint getCkanConnectorAccessPoint(String pathInfoParameter, String queryStringParameters) throws Exception {
if(outsidePortal()){ if(outsidePortal()){
CkanConnectorAccessPoint ckan = new CkanConnectorAccessPoint(getCkanUtilsObj().getCatalogueUrl(),""); CkanConnectorAccessPoint ckan = new CkanConnectorAccessPoint(getCkanUtilsObj(null).getCatalogueUrl(),"");
return ckan; return ckan;
} }
@ -268,7 +270,6 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
toReturn = CkanRole.ADMIN; toReturn = CkanRole.ADMIN;
}else{ }else{
// we need to evaluate which roles the user has in this scope / or in his vre if the current scope is the root
HttpSession httpSession = this.getThreadLocalRequest().getSession(); HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = getASLSession(httpSession); ASLSession session = getASLSession(httpSession);
String currentScope = session.getScope(); String currentScope = session.getScope();
@ -276,7 +277,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
String groupName = session.getGroupName(); // e.g. devVRE String groupName = session.getGroupName(); // e.g. devVRE
// get key per scope // get key per scope
String keyPerScope = concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, session.getScope()); String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, session.getScope());
// check if session expired // check if session expired
if(username.equals(TEST_USER)){ if(username.equals(TEST_USER)){
@ -292,39 +293,24 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
}else{ }else{
CKanUtils ckanUtils = getCkanUtilsObj(); // we build up also a list that keeps track of the scopes (orgs) in which the user has role ADMIN
List<String> orgsInWhichAdminRole = new ArrayList<String>();
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything) toReturn = UserUtil.getHighestRole(currentScope, username, groupName, this, orgsInWhichAdminRole);
boolean isSysAdmin = ckanUtils.isSysAdmin(username, getUserCKanTokenFromSession());
if(isSysAdmin){
logger.info("The user is a sysadmin of the catalog -> he can edit/add");
httpSession.setAttribute(keyPerScope, CkanRole.SYSADMIN);
toReturn = CkanRole.SYSADMIN;
}else{
toReturn = UserUtil.getHighestRole(currentScope, username, groupName, ckanUtils);
httpSession.setAttribute(keyPerScope, toReturn); httpSession.setAttribute(keyPerScope, toReturn);
logger.info("Set role " + toReturn + " into session for user " + username); logger.info("Set role " + toReturn + " into session for user " + username);
}
// if he is not a member/editor (so he can publish), preload: // if he is an admin preload:
// 1) organizations in which he can publish // 1) organizations in which he can publish (the widget will find these info in session)
// 2) the list of licenses if(toReturn.equals(CkanRole.ADMIN)){
// 3) metadata profiles httpSession.setAttribute(UserUtil.concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), orgsInWhichAdminRole);
// In this way the publish widget can simply retrieve those information from the ASL session logger.info("Set organizations in which he can publish to " + orgsInWhichAdminRole + " into session for user " + username);
if(!(toReturn.equals(CkanRole.MEMBER) || toReturn.equals(CkanRole.EDITOR))){
UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils);
UserUtil.getUserOrganizationsList(httpSession, username, isSysAdmin, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession());
UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils);
} }
} }
} }
} }
// return the base role // return the role
return toReturn; return toReturn;
} }
@ -341,53 +327,6 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
} }
/**
* Get current user's token
* @return String the ckan user's token
*/
private String getUserCKanTokenFromSession(){
String token = null;
if(!SessionUtil.isIntoPortal()){
logger.warn("You are running outside the portal");
token = TEST_SEC_TOKEN;
}else{
// store info in the http session
HttpSession httpSession = getThreadLocalRequest().getSession();
ASLSession aslSession = getASLSession(httpSession);
String username = aslSession.getUsername();
// get the key per scope
String keyPerScope = concatenateSessionKeyScope(CKAN_TOKEN_KEY, aslSession.getScope());
// check if session expired
if(username.equals(TEST_USER)){
logger.warn("Session expired, returning null token");
token = null;
}else{
try{
logger.debug("User in session is " + username);
if(httpSession.getAttribute(keyPerScope) != null)
token = (String)httpSession.getAttribute(keyPerScope);
else{
token = getCkanUtilsObj().getApiKeyFromUsername(username);
httpSession.setAttribute(keyPerScope, token);
logger.debug("Ckan token has been set for user " + username);
}
logger.debug("Found ckan token " + token.substring(0, 3) + "************************" + " for user " + username);
}catch(Exception e){
logger.error("Error while retrieving the key" , e);
}
}
}
return token;
}
@Override @Override
public String logoutURIFromCkan() { public String logoutURIFromCkan() {
HttpSession httpSession = this.getThreadLocalRequest().getSession(); HttpSession httpSession = this.getThreadLocalRequest().getSession();
@ -473,6 +412,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
@Override @Override
public Map<String, String> getCkanOrganizationsNamesAndUrlsForUser() { public Map<String, String> getCkanOrganizationsNamesAndUrlsForUser() {
// TODO generate this list dynamically taking into account the current scope
Map<String, String> toReturn = new HashMap<>(); Map<String, String> toReturn = new HashMap<>();
if(!SessionUtil.isIntoPortal()){ if(!SessionUtil.isIntoPortal()){
@ -486,7 +427,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
ASLSession session = getASLSession(httpSession); ASLSession session = getASLSession(httpSession);
String username = session.getUsername(); String username = session.getUsername();
String keyPerScope = concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, session.getScope()); String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, session.getScope());
if(!username.equals(TEST_USER)){ if(!username.equals(TEST_USER)){
@ -496,7 +437,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
logger.debug("List of organizations was into the session " + toReturn); logger.debug("List of organizations was into the session " + toReturn);
}else{ }else{
logger.debug("Organizations list wasn't into session, retrieving them"); logger.debug("Organizations list wasn't into session, retrieving them");
List<CkanOrganization> organizations = getCkanUtilsObj().getOrganizationsByUser(username); List<CkanOrganization> organizations = getCkanUtilsObj(null).getOrganizationsByUser(username);
for (CkanOrganization ckanOrganization : organizations) { for (CkanOrganization ckanOrganization : organizations) {
toReturn.put(ckanOrganization.getTitle(), "/organization/" + ckanOrganization.getName()); toReturn.put(ckanOrganization.getTitle(), "/organization/" + ckanOrganization.getName());
} }
@ -529,14 +470,4 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
return false; return false;
} }
} }
/**
* Builds a string made of key + scope
* @param key
* @param scope
* @return
*/
public static String concatenateSessionKeyScope(String key, String scope){
return key.concat(scope);
}
} }

View File

@ -4,26 +4,11 @@
package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.server; package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.server;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.servlet.http.HttpSession;
import org.gcube.datacatalogue.ckanutillibrary.CKanUtils; import org.gcube.datacatalogue.ckanutillibrary.CKanUtils;
import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization; import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader;
import org.gcube.datacatalogue.metadatadiscovery.bean.MetadataType;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataField;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataFormat;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataValidator;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataVocabulary;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole; import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.LicensesBean;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataProfileBean;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataTypeWrapper;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetadataFieldWrapper;
import org.gcube.vomanagement.usermanagement.GroupManager; import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.RoleManager; import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.UserManager; import org.gcube.vomanagement.usermanagement.UserManager;
@ -40,13 +25,11 @@ import org.gcube.vomanagement.usermanagement.model.GatewayRolesNames;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import eu.trentorise.opendata.jackan.model.CkanLicense;
/** /**
* The Class UserUtil. * The Class UserUtil.
*
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
* @author Costantino Perciante costantino.perciante@isti.cnr.it
* Jun 21, 2016 * Jun 21, 2016
*/ */
public class UserUtil { public class UserUtil {
@ -86,20 +69,21 @@ public class UserUtil {
} }
/** /**
* Retrieve the highest ckan role the user has. * Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin role
* @param currentScope the current scope * @param currentScope the current scope
* @param username the current username * @param username the current username
* @param groupName the current groupName * @param groupName the current groupName
* @param gcubeCkanDataCatalogServiceImpl
* @param orgsInWhichAdminRole
* @param ckanUtils ckanUtils * @param ckanUtils ckanUtils
*/ */
public static CkanRole getHighestRole(String currentScope, String username, String groupName, CKanUtils ckanUtils){ public static CkanRole getHighestRole(String currentScope, String username, String groupName, GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<String> orgsInWhichAdminRole){
// base role as default value // base role as default value
CkanRole toReturn = CkanRole.MEMBER; CkanRole toReturn = CkanRole.MEMBER;
try{ try{
// retrieve the liferay's roles for the user: we need to check every vre is the current scope is the root
// and just the current one if the scope is a vre, the vres inside the vo if it is a VO.
UserManager userManager = new LiferayUserManager(); UserManager userManager = new LiferayUserManager();
RoleManager roleManager = new LiferayRoleManager(); RoleManager roleManager = new LiferayRoleManager();
GroupManager groupManager = new LiferayGroupManager(); GroupManager groupManager = new LiferayGroupManager();
@ -112,23 +96,21 @@ public class UserUtil {
logger.debug("Group id is " + currentGroupId + " and scope is " + currentScope); logger.debug("Group id is " + currentGroupId + " and scope is " + currentScope);
// root // retrieve the flat list of organizations
List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
// root (so check into the root, the VOs and the VRES)
if(groupManager.isRootVO(currentGroupId)){ if(groupManager.isRootVO(currentGroupId)){
List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
logger.debug("The list of organizations of the user " + username + " is " + groups); logger.debug("The list of organizations of the user " + username + " is " + groups);
for (GCubeGroup gCubeGroup : groups) { for (GCubeGroup gCubeGroup : groups) {
// skip if it is not a vre
if(!groupManager.isVRE(gCubeGroup.getGroupId()))
continue;
// get the name of this vre // get the name of this vre
String vreName = gCubeGroup.getGroupName(); String gCubeGroupName = gCubeGroup.getGroupName();
// get the role of the users in this vre // get the role of the users in this vre
List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(vreName)); List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(gCubeGroupName));
// the default one // the default one
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER; RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
@ -137,15 +119,10 @@ public class UserUtil {
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog // NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
for (GCubeRole gCubeRole : roles) { for (GCubeRole gCubeRole : roles) {
if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){ if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName); logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + gCubeGroupName);
correspondentRoleToCheck = RolesIntoOrganization.ADMIN; correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
ckanRoleMatched = CkanRole.ADMIN; ckanRoleMatched = CkanRole.ADMIN;
break; break;
}else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName);
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
ckanRoleMatched = CkanRole.EDITOR;
break;
} }
} }
@ -154,16 +131,17 @@ public class UserUtil {
continue; continue;
// with this invocation, we check if the role is present in ckan and if it is not it will be added // with this invocation, we check if the role is present in ckan and if it is not it will be added
boolean res = ckanUtils.checkRole(username, vreName, correspondentRoleToCheck); CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(gCubeGroup.getGroupId()));
// if there is an instance of ckan in this scope..
if(ckanUtils != null){
boolean res = ckanUtils.checkRole(username, gCubeGroupName, correspondentRoleToCheck);
if(res){ if(res){
// ok, we have a editor/admin role here orgsInWhichAdminRole.add(gCubeGroupName.toLowerCase());
if(toReturn.equals(CkanRole.ADMIN))
continue; // it is already the highest continue; // it is already the highest
else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
toReturn = CkanRole.ADMIN; }
else if(toReturn.equals(CkanRole.MEMBER))
toReturn = ckanRoleMatched;
} }
} }
@ -172,23 +150,16 @@ public class UserUtil {
}else if(groupManager.isVO(currentGroupId)){ }else if(groupManager.isVO(currentGroupId)){
List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
logger.debug("The list of organizations of the user " + username + " is " + groups); logger.debug("The list of organizations of the user " + username + " is " + groups);
for (GCubeGroup gCubeGroup : groups) { for (GCubeGroup gCubeGroup : groups) {
// skip if it is not a vre if(currentGroupId != gCubeGroup.getParentGroupId() || currentGroupId != gCubeGroup.getGroupId())
if(!groupManager.isVRE(gCubeGroup.getGroupId()))
continue; continue;
// check if this vre is a child of the vo String gCubeGroupName = gCubeGroup.getGroupName();
if(currentGroupId != gCubeGroup.getParentGroupId())
continue;
String vreName = gCubeGroup.getGroupName(); List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(gCubeGroupName));
List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(vreName));
// the default one // the default one
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER; RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
@ -197,15 +168,11 @@ public class UserUtil {
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog // NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
for (GCubeRole gCubeRole : roles) { for (GCubeRole gCubeRole : roles) {
logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName); logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + gCubeGroupName);
if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){ if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
correspondentRoleToCheck = RolesIntoOrganization.ADMIN; correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
ckanRoleMatched = CkanRole.ADMIN; ckanRoleMatched = CkanRole.ADMIN;
break; break;
}else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
ckanRoleMatched = CkanRole.EDITOR;
break;
} }
} }
@ -214,16 +181,17 @@ public class UserUtil {
continue; continue;
// with this invocation, we check if the role is present in ckan and if it is not it will be added // with this invocation, we check if the role is present in ckan and if it is not it will be added
boolean res = ckanUtils.checkRole(username, vreName, correspondentRoleToCheck); CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(gCubeGroup.getGroupId()));
// if there is an instance of ckan in this scope..
if(ckanUtils != null){
boolean res = ckanUtils.checkRole(username, gCubeGroupName, correspondentRoleToCheck);
if(res){ if(res){
// ok, we have a editor/admin role here orgsInWhichAdminRole.add(gCubeGroupName.toLowerCase());
if(toReturn.equals(CkanRole.ADMIN))
continue; // it is already the highest continue; // it is already the highest
else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
toReturn = CkanRole.ADMIN; }
else if(toReturn.equals(CkanRole.MEMBER))
toReturn = ckanRoleMatched;
} }
} }
@ -247,19 +215,21 @@ public class UserUtil {
mainRole = GatewayRolesNames.CATALOGUE_ADMIN.getRoleName(); mainRole = GatewayRolesNames.CATALOGUE_ADMIN.getRoleName();
correspondentRoleToCheck = RolesIntoOrganization.ADMIN; correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
break; break;
}else if(role.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
mainRole = GatewayRolesNames.CATALOGUE_EDITOR.getRoleName();
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
break;
} }
} }
if(correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN)){
// with this invocation, we check if the role is present in ckan and if it is not it will be added // with this invocation, we check if the role is present in ckan and if it is not it will be added
CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(currentGroupId));
boolean res = ckanUtils.checkRole(username, groupName, correspondentRoleToCheck); boolean res = ckanUtils.checkRole(username, groupName, correspondentRoleToCheck);
if(res){ if(res){
// set the role // set the role
toReturn = mapRoleLiferayToCkan(mainRole); toReturn = mapLiferayRoleToCkan(mainRole);
orgsInWhichAdminRole.add(groupName.toLowerCase());
}
} }
} }
}catch(Exception e){ }catch(Exception e){
@ -272,158 +242,25 @@ public class UserUtil {
/** /**
* Map between roles. * Map between roles.
*
* @param mainRole the main role * @param mainRole the main role
* @return the ckan role * @return the ckan role
*/ */
public static CkanRole mapRoleLiferayToCkan(String mainRole) { public static CkanRole mapLiferayRoleToCkan(String mainRole) {
switch(mainRole){ if(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName().equals(mainRole))
case "Catalogue-Admin": return CkanRole.ADMIN; return CkanRole.ADMIN;
case "Catalogue-Editor": return CkanRole.EDITOR; else if(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName().equals(mainRole))
case "Catalogue-Member": return CkanRole.EDITOR;
default : return CkanRole.MEMBER; else
} return CkanRole.MEMBER;
} }
/** /**
* Load the licenses list and put them into the asl session (the publisher widget will use it) * Builds a string made of key + scope
* @param session * @param key
* @param ckanLicensesKey * @param scope
* @param ckanUtils * @return the concatenated string key|scope (e.g., "role/gcube")
*/ */
public static void getLicenses(HttpSession session, String username, String ckanLicensesKey, CKanUtils ckanUtils) { public static String concatenateSessionKeyScope(String key, String scope){
return key.concat(scope);
try{
logger.debug("User in session is " + username);
List<CkanLicense> titlesLicenses = ckanUtils.getLicenses();
List<String> titles = new ArrayList<String>();
List<String> urls = new ArrayList<String>();
for (CkanLicense license : titlesLicenses) {
titles.add(license.getTitle());
String url = (license.getUrl() != null && !license.getUrl().isEmpty()) ? license.getUrl() : "";
urls.add(url);
}
LicensesBean licensesBean = new LicensesBean(titles, urls);
session.setAttribute(ckanLicensesKey, licensesBean);
logger.info("List of licenses has been saved into session" + licensesBean);
}
catch(Exception e){
logger.error("Failed to preload licenses list", e);
}
}
/**
* Load the list of organizations in which he can publish and put them into the asl session (the publisher widget will use it)
* @param session
* @param ckanOrganizationsPublishKey
* @param ckanUtils
*/
public static void getUserOrganizationsList(HttpSession session, String username, boolean isSysAdmin,
String ckanOrganizationsPublishKey, CKanUtils ckanUtils, String token) {
try{
logger.debug("Request for user " + username + " organizations list");
List<String> orgsName = new ArrayList<String>();
if(isSysAdmin){
logger.info("The user " + username + " is a sysadmin. He can publish everywhere");
orgsName = ckanUtils.getOrganizationsNames(); // get all organizations' names
}else{
// We need to retrieve orgs in which the user has the roles ADMIN
List<RolesIntoOrganization> rolesToMatch = new ArrayList<RolesIntoOrganization>();
rolesToMatch.add(RolesIntoOrganization.ADMIN);
Map<String, List<RolesIntoOrganization>> orgsAndRoles = ckanUtils.getGroupsAndRolesByUser(username, rolesToMatch);
logger.debug("Result is " + orgsAndRoles);
Iterator<Entry<String, List<RolesIntoOrganization>>> iterator = orgsAndRoles.entrySet().iterator();
// get the names
while (iterator.hasNext()) {
Map.Entry<String, List<RolesIntoOrganization>> entry = (Map.Entry<String, List<RolesIntoOrganization>>) iterator
.next();
orgsName.add(entry.getKey());
logger.debug("The user has a role ADMIN into org " + entry.getKey());
}
}
session.setAttribute(ckanOrganizationsPublishKey, orgsName);
logger.info("Organizations name for user " + username + " has been saved into session");
}catch(Exception e){
logger.error("Failed to preload list of organizations in which the user can publish", e);
}
}
/**
* Load the list of product profiles and put them into the asl session (the publisher widget will use it)
* @param session
* @param ckanOrganizationsPublishKey
* @param ckanUtils
*/
public static void getMetadataProfilesList(HttpSession session, String username,
String ckanProfilesKey, CKanUtils ckanUtils) {
try{
logger.debug("User in session is " + username);
List<MetaDataProfileBean> beans = new ArrayList<MetaDataProfileBean>();
try {
DataCalogueMetadataFormatReader reader = new DataCalogueMetadataFormatReader();
for (MetadataType mt : reader.getListOfMetadataTypes()) {
MetadataFormat metadata = reader.getMetadataFormatForMetadataType(mt);
// we need to wrap the list of metadata
List<MetadataFieldWrapper> wrapperList = new ArrayList<MetadataFieldWrapper>();
List<MetadataField> toWrap = metadata.getMetadataFields();
for(MetadataField metadataField: toWrap){
MetadataFieldWrapper wrapperObj = new MetadataFieldWrapper();
wrapperObj.setDefaulValue(metadataField.getDefaulValue());
wrapperObj.setFieldName(metadataField.getFieldName());
wrapperObj.setIsBoolean(metadataField.getIsBoolean());
wrapperObj.setMandatory(metadataField.getMandatory());
wrapperObj.setNote(metadataField.getNote());
MetadataValidator validator = metadataField.getValidator();
if(validator != null)
wrapperObj.setValidator(validator.getRegularExpression());
MetadataVocabulary vocabulary = metadataField.getVocabulary();
if(vocabulary != null)
wrapperObj.setVocabulary(vocabulary.getVocabularyFields());
// add to the list
wrapperList.add(wrapperObj);
}
// wrap the mt as well
MetaDataTypeWrapper typeWrapper = new MetaDataTypeWrapper();
typeWrapper.setDescription(mt.getDescription());
typeWrapper.setId(mt.getId());
typeWrapper.setName(mt.getName());
MetaDataProfileBean bean = new MetaDataProfileBean(typeWrapper, wrapperList);
beans.add(bean);
}
logger.info("List of beans is " + beans);
session.setAttribute(ckanProfilesKey, beans);
logger.debug("List of profiles has been saved into session");
} catch (Exception e) {
logger.error("Error while retrieving metadata beans ", e);
}
}
catch(Exception e){
logger.error("Failed to retrieve the list of product profiles", e);
}
} }
} }

View File

@ -5,14 +5,13 @@ package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared;
/** /**
* * The Ckan role list
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
* @author Costantino Perciante costantino.perciante@isti.cnr.it
* Jun 9, 2016 * Jun 9, 2016
*/ */
public enum CkanRole { public enum CkanRole {
MEMBER, MEMBER,
EDITOR, EDITOR,
ADMIN, ADMIN
SYSADMIN
} }

View File

@ -11,8 +11,8 @@
<portlet-mode>VIEW</portlet-mode> <portlet-mode>VIEW</portlet-mode>
</supports> </supports>
<portlet-info> <portlet-info>
<title>GCubeCkanDataCatalogPortlet</title> <title>Infrastructure Data Catalogue</title>
<short-title>GCubeCkanDataCatalogPortlet</short-title> <short-title>Infrastructure Data Catalogue</short-title>
</portlet-info> </portlet-info>
</portlet> </portlet>
</portlet-app> </portlet-app>