when the user choose a certain organization the name of the profiles is automatically updated

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@130605 82a268e6-3cf1-43bd-a215-b396298e98cf
2016-07-20 17:14:46 +00:00 · 2016-07-20 17:14:46 +00:00 · a788c64667
parent 82fed8eb45
commit a788c64667
6 changed files with 130 additions and 363 deletions
--- a/.settings/org.eclipse.wst.common.component
+++ b/.settings/org.eclipse.wst.common.component
@ -4,6 +4,9 @@
        <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
        <dependent-module archiveName="ckan-metadata-publisher-widget-1.0.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-metadata-publisher-widget/ckan-metadata-publisher-widget">
            <dependency-type>uses</dependency-type>
        </dependent-module>
        <property name="context-root" value="gcube-ckan-datacatalog"/>
        <property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
    </wb-module>
--- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/GCubeCkanDataCatalogPanel.java
+++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/GCubeCkanDataCatalogPanel.java
@ -50,7 +50,7 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 	 *            the event manager
 	 */
 	public GCubeCkanDataCatalogPanel(
-		RootPanel rootPanel, HandlerManager eventManager) {
+			RootPanel rootPanel, HandlerManager eventManager) {
 		this.rootPanel = rootPanel;
 		this.eventBus = eventManager;
@ -60,28 +60,28 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 		initPanel();
 		setTopPanelVisible(true);
 		String pathParameter =
-			Window.Location.getParameter(GCubeCkanDataCatalog.GET_PATH_PARAMETER);
+				Window.Location.getParameter(GCubeCkanDataCatalog.GET_PATH_PARAMETER);
 		String queryParameter =
-			Window.Location.getParameter(GCubeCkanDataCatalog.GET_QUERY_PARAMETER);
+				Window.Location.getParameter(GCubeCkanDataCatalog.GET_QUERY_PARAMETER);
 		GCubeCkanDataCatalog.service.getCKanConnector(
-			pathParameter, queryParameter,
+				pathParameter, queryParameter,
-			new AsyncCallback<CkanConnectorAccessPoint>() {
+				new AsyncCallback<CkanConnectorAccessPoint>() {
-				@Override
+					@Override
-				public void onSuccess(CkanConnectorAccessPoint ckan) {
+					public void onSuccess(CkanConnectorAccessPoint ckan) {
-					ckanAccessPoint = ckan;
+						ckanAccessPoint = ckan;
-					instanceCkanFrame(ckan.buildURI());
+						instanceCkanFrame(ckan.buildURI());
-					GCubeCkanDataCatalogPanel.this.rootPanel.remove(loading);
+						GCubeCkanDataCatalogPanel.this.rootPanel.remove(loading);
-				}
+					}
-				@Override
+					@Override
-				public void onFailure(Throwable caught) {
+					public void onFailure(Throwable caught) {
-					GCubeCkanDataCatalogPanel.this.rootPanel.remove(loading);
+						GCubeCkanDataCatalogPanel.this.rootPanel.remove(loading);
-					Window.alert("Sorry, An error occurred during contacting Gcube Ckan Data Catalogue!");
+						Window.alert("Sorry, An error occurred during contacting Gcube Ckan Data Catalogue!");
-				}
+					}
-			});
+				});
 		GCubeCkanDataCatalog.service.outsidePortal(new AsyncCallback<Boolean>() {
 			@Override
@ -121,7 +121,6 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 						@Override
 						public void onSuccess(CkanRole result) {
 							switch (result) {
 							case ADMIN:
 								showEditInsertButtons(true);
@ -132,10 +131,8 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 							case MEMBER:
 								showEditInsertButtons(false);
 								break;
 							case SYSADMIN:
 								showEditInsertButtons(true);
 								break;
 							default:
 								showEditInsertButtons(false); 
 								break;
 							}
 						}
@ -157,17 +154,17 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 			public void onResize(ResizeEvent event) {
 				GWT.log("onWindowResized width: " + event.getWidth() +
-					" height: " + event.getHeight());
+						" height: " + event.getHeight());
 				updateSize();
 			}
 		});
-//		Window.enableScrolling(false);
+		//		Window.enableScrolling(false);
 		rootPanel.add(loading);
 		rootPanel.add(this);
 		updateSize();
 		listenForPostMessage();
-//		postMessage("Un messaggio");
+		//		postMessage("Un messaggio");
 	}
 	/**
@ -259,7 +256,7 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 			int newH = this.managementPanel != null &&this.managementPanel.getCurrentHeight() > 0? this.managementPanel.getOffsetHeight() + height : height;
 			this.ckanFramePanel.getFrame().setHeight(newH + "px");
 		}
-//		workspace.setHeight(height+"px");
+		//		workspace.setHeight(height+"px");
 	}
 	/**
@ -294,14 +291,14 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
 		if (ckanAccessPoint.getBaseUrl().indexOf(origin)>=0) {
 			GWT.log("Data has been sent by ckan "+origin +", Is it the height?");
-	        // The data has been sent from your site
+			// The data has been sent from your site
-	        // The data sent with postMessage is stored in event.data
+			// The data sent with postMessage is stored in event.data
 			setIFrameHeight(data);
-	    } else {
+		} else {
-	        // The data hasn't been sent from your site!
+			// The data hasn't been sent from your site!
-	        // Be careful! Do not use it.
+			// Be careful! Do not use it.
-	        return;
+			return;
-	    }
+		}
 	}
--- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java
+++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java
@ -59,35 +59,37 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	public final static String TEST_MAIL = "test.user@test-com";
 	public final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
-	// ckan keys for ASL
+	// CKAN KEYS (PLEASE NOTE THAT THESE INFO ARE SAVED INTO SESSION PER SCOPE)
-	private static final String CKAN_TOKEN_KEY = "ckanToken";
+	private static final String CKAN_ORGS_USER_KEY = "ckanOrgs"; // organizations to whom he belongs (retrieved by the instance in the current scope)
-	private static final String CKAN_ORGS_USER_KEY = "ckanOrgs"; // organizations to whom he belongs
+	private static final String CKAN_HIGHEST_ROLE = "ckanHighestRole"; // editor, member, admin (this information is retrieved according the scope)
-	private static final String CKAN_HIGHEST_ROLE = "ckanHighestRole"; // editor, member, admin, sysadmin
+	private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish (admin role)
 	private static final String CKAN_LICENSES_KEY = "ckanLicenses"; // licenses
 	private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish
 	private static final String CKAN_PROFILES_KEY = "ckanProfiles"; // product profiles
 	/**
 	 * Instanciate the ckan util library.
 	 * Since it needs the scope, we need to check if it is null or not
 	 * @param discoverScope if you want to the discover the utils library in this specified scope
 	 * @return
 	 */
-	private CKanUtils getCkanUtilsObj(){
+	public CKanUtils getCkanUtilsObj(String discoverScope){
 		// check into session
 		HttpSession httpSession = getThreadLocalRequest().getSession();
 		ASLSession aslSession = getASLSession(httpSession);
 		String currentScope =  aslSession.getScope();
 		String user = aslSession.getUsername();
 		CKanUtils instance = null;
 		try{
-			if(user.equals(TEST_USER)){
+			if(user.equals(TEST_USER)){ 
 				// session expired or, maybe, outside the portal
 				logger.warn("User is "+TEST_USER +" are we out from portal?");
 				logger.warn("I'm using root scope "+PRODUCTION_SCOPE);
 				instance = new CKanUtilsImpl(PRODUCTION_SCOPE);
-			}else
+			}else{
-				instance = new CKanUtilsImpl(currentScope);
+				if(discoverScope != null && !discoverScope.isEmpty())
 					instance = new CKanUtilsImpl(discoverScope);
 				else
 					instance = new CKanUtilsImpl(currentScope);
 			}
 		}catch(Exception e){
 			logger.error("Unable to retrieve ckan utils", e);
 		}
@ -114,7 +116,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			logger.info("Builded URI to CKAN Connector: "+ckAP.buildURI());
 			logger.debug("returning ckanConnectorUri: "+ckAP);
 			return ckAP;
-			//			return "http://ckan-d-d4s.d4science.org";
+			//		return "http://ckan-d-d4s.d4science.org";
 		}catch(Exception e ){
 			String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue";
 			logger.error(message, e);
@ -134,7 +136,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	private CkanConnectorAccessPoint getCkanConnectorAccessPoint(String pathInfoParameter, String queryStringParameters) throws Exception {
 		if(outsidePortal()){
-			CkanConnectorAccessPoint ckan = new CkanConnectorAccessPoint(getCkanUtilsObj().getCatalogueUrl(),"");
+			CkanConnectorAccessPoint ckan = new CkanConnectorAccessPoint(getCkanUtilsObj(null).getCatalogueUrl(),"");
 			return ckan;
 		}
@ -268,7 +270,6 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			toReturn = CkanRole.ADMIN;
 		}else{
 			// we need to evaluate which roles the user has in this scope / or in his vre if the current scope is the root
 			HttpSession httpSession = this.getThreadLocalRequest().getSession();
 			ASLSession session = getASLSession(httpSession);
 			String currentScope = session.getScope();
@ -276,7 +277,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			String groupName = session.getGroupName(); // e.g. devVRE
 			// get key per scope
-			String keyPerScope = concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, session.getScope());
+			String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, session.getScope());
 			//  check if session expired
 			if(username.equals(TEST_USER)){
@ -292,39 +293,24 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 				}else{
-					CKanUtils ckanUtils = getCkanUtilsObj();
+					// we build up also a list that keeps track of the scopes (orgs) in which the user has role ADMIN
 					List<String> orgsInWhichAdminRole = new ArrayList<String>();
 					toReturn = UserUtil.getHighestRole(currentScope, username, groupName, this, orgsInWhichAdminRole);
 					httpSession.setAttribute(keyPerScope, toReturn);
-					// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
+					logger.info("Set role " + toReturn + " into session for user " + username);
-					boolean isSysAdmin = ckanUtils.isSysAdmin(username, getUserCKanTokenFromSession());
+					
-
+					// if he is an admin preload:
-					if(isSysAdmin){
+					// 1) organizations in which he can publish (the widget will find these info in session)
-
+					if(toReturn.equals(CkanRole.ADMIN)){
-						logger.info("The user is a sysadmin of the catalog -> he can edit/add");
+						httpSession.setAttribute(UserUtil.concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), orgsInWhichAdminRole);
-						httpSession.setAttribute(keyPerScope, CkanRole.SYSADMIN);
+						logger.info("Set organizations in which he can publish to " + orgsInWhichAdminRole + " into session for user " + username);
 						toReturn = CkanRole.SYSADMIN;
 					}else{
 						toReturn = UserUtil.getHighestRole(currentScope, username, groupName, ckanUtils);
 						httpSession.setAttribute(keyPerScope, toReturn);
 						logger.info("Set role " + toReturn + " into session for user " + username);
 					}
 					// if he is not a member/editor (so he can publish), preload:
 					// 1) organizations in which he can publish
 					// 2) the list of licenses
 					// 3) metadata profiles
 					// In this way the publish widget can simply retrieve those information from the ASL session
 					if(!(toReturn.equals(CkanRole.MEMBER) || toReturn.equals(CkanRole.EDITOR))){
 						UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils);
 						UserUtil.getUserOrganizationsList(httpSession, username, isSysAdmin, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession());
 						UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils);
 					}
 				}
 			}
 		}
-		// return the base role
+		// return the role
 		return toReturn;
 	}
@ -341,53 +327,6 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	}
 	/**
 	 * Get current user's token
 	 * @return String the ckan user's token
 	 */
 	private String getUserCKanTokenFromSession(){
 		String token = null;
 		if(!SessionUtil.isIntoPortal()){
 			logger.warn("You are running outside the portal");
 			token = TEST_SEC_TOKEN;
 		}else{
 			// store info in the http session
 			HttpSession httpSession = getThreadLocalRequest().getSession();
 			ASLSession aslSession = getASLSession(httpSession);
 			String username = aslSession.getUsername();
 			// get the key per scope
 			String keyPerScope = concatenateSessionKeyScope(CKAN_TOKEN_KEY, aslSession.getScope());
 			// check if session expired
 			if(username.equals(TEST_USER)){
 				logger.warn("Session expired, returning null token");
 				token = null;
 			}else{
 				try{
 					logger.debug("User in session is " + username);
 					if(httpSession.getAttribute(keyPerScope) != null)
 						token = (String)httpSession.getAttribute(keyPerScope);
 					else{
 						token = getCkanUtilsObj().getApiKeyFromUsername(username);
 						httpSession.setAttribute(keyPerScope, token);
 						logger.debug("Ckan token has been set for user " + username);
 					}
 					logger.debug("Found ckan token " + token.substring(0, 3) + "************************" + " for user " + username);
 				}catch(Exception e){
 					logger.error("Error while retrieving the key" , e);
 				}
 			}
 		}
 		return token;
 	}
 	@Override
 	public String logoutURIFromCkan() {
 		HttpSession httpSession = this.getThreadLocalRequest().getSession();
@ -472,6 +411,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 	@Override
 	public Map<String, String> getCkanOrganizationsNamesAndUrlsForUser() {
 		// TODO generate this list dynamically taking into account the current scope
 		Map<String, String> toReturn = new HashMap<>();
@ -486,7 +427,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			ASLSession session = getASLSession(httpSession);
 			String username = session.getUsername();
-			String keyPerScope = concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, session.getScope());
+			String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, session.getScope());
 			if(!username.equals(TEST_USER)){
@ -496,7 +437,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 					logger.debug("List of organizations was into the session " + toReturn);
 				}else{
 					logger.debug("Organizations list wasn't into session, retrieving them");
-					List<CkanOrganization> organizations = getCkanUtilsObj().getOrganizationsByUser(username);
+					List<CkanOrganization> organizations = getCkanUtilsObj(null).getOrganizationsByUser(username);
 					for (CkanOrganization ckanOrganization : organizations) {
 						toReturn.put(ckanOrganization.getTitle(), "/organization/" + ckanOrganization.getName());
 					}
@ -529,14 +470,4 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
 			return false;
 		}
 	}
 	/**
 	 * Builds a string made of key + scope
 	 * @param key
 	 * @param scope
 	 * @return
 	 */
 	public static String concatenateSessionKeyScope(String key, String scope){
 		return key.concat(scope);
 	}
 }
--- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java
+++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java
@ -4,26 +4,11 @@
 package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.server;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 import javax.servlet.http.HttpSession;
 import org.gcube.datacatalogue.ckanutillibrary.CKanUtils;
 import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
 import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader;
 import org.gcube.datacatalogue.metadatadiscovery.bean.MetadataType;
 import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataField;
 import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataFormat;
 import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataValidator;
 import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataVocabulary;
 import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
 import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.LicensesBean;
 import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataProfileBean;
 import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataTypeWrapper;
 import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetadataFieldWrapper;
 import org.gcube.vomanagement.usermanagement.GroupManager;
 import org.gcube.vomanagement.usermanagement.RoleManager;
 import org.gcube.vomanagement.usermanagement.UserManager;
@ -40,13 +25,11 @@ import org.gcube.vomanagement.usermanagement.model.GatewayRolesNames;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import eu.trentorise.opendata.jackan.model.CkanLicense;
 /**
 * The Class UserUtil.
 *
 * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
 * @author Costantino Perciante costantino.perciante@isti.cnr.it
 * Jun 21, 2016
 */
 public class UserUtil {
@ -86,20 +69,21 @@ public class UserUtil {
 	}
 	/**
-	 * Retrieve the highest ckan role the user has.
+	 * Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin role
 	 * @param currentScope the current scope 
 	 * @param username  the current username
 	 * @param groupName the current groupName
 	 * @param gcubeCkanDataCatalogServiceImpl 
 	 * @param orgsInWhichAdminRole 
 	 * @param ckanUtils ckanUtils
 	 */
-	public static CkanRole getHighestRole(String currentScope, String username, String groupName, CKanUtils ckanUtils){
+	public static CkanRole getHighestRole(String currentScope, String username, String groupName, GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<String> orgsInWhichAdminRole){
 		// base role as default value
 		CkanRole toReturn = CkanRole.MEMBER;
 		try{
-			// retrieve the liferay's roles for the user: we need to check every vre is the current scope is the root
+
 			// and just the current one if the scope is a vre, the vres inside the vo if it is a VO.
 			UserManager userManager = new LiferayUserManager();
 			RoleManager roleManager = new LiferayRoleManager();
 			GroupManager groupManager = new LiferayGroupManager();
@ -112,23 +96,21 @@ public class UserUtil {
 			logger.debug("Group id is " + currentGroupId + " and scope is " + currentScope);
-			// root
+			// retrieve the flat list of organizations
 			List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
 			// root (so check into the root, the VOs and the VRES)
 			if(groupManager.isRootVO(currentGroupId)){
 				List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
 				logger.debug("The list of organizations of the user " + username + " is " + groups);
 				for (GCubeGroup gCubeGroup : groups) {
 					// skip if it is not a vre
 					if(!groupManager.isVRE(gCubeGroup.getGroupId()))
 						continue;
 					// get the name of this vre
-					String vreName = gCubeGroup.getGroupName();
+					String gCubeGroupName = gCubeGroup.getGroupName();
 					// get the role of the users in this vre
-					List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(vreName));
+					List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(gCubeGroupName));
 					// the default one
 					RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
@ -137,15 +119,10 @@ public class UserUtil {
 					// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
 					for (GCubeRole gCubeRole : roles) {
 						if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
-							logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName);
+							logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + gCubeGroupName);
 							correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
 							ckanRoleMatched = CkanRole.ADMIN;
 							break;
 						}else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
 							logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName);
 							correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
 							ckanRoleMatched = CkanRole.EDITOR;
 							break;
 						}
 					}
@ -154,16 +131,17 @@ public class UserUtil {
 						continue;
 					// with this invocation, we check if the role is present in ckan and if it is not it will be added
-					boolean res = ckanUtils.checkRole(username, vreName, correspondentRoleToCheck);
+					CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(gCubeGroup.getGroupId()));
 					if(res){
-						// ok, we have a editor/admin role here
+					// if there is an instance of ckan in this scope..
-						if(toReturn.equals(CkanRole.ADMIN))
+					if(ckanUtils != null){
 						boolean res = ckanUtils.checkRole(username, gCubeGroupName, correspondentRoleToCheck);
 						if(res){
 							orgsInWhichAdminRole.add(gCubeGroupName.toLowerCase());
 							continue; // it is already the highest
-						else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
+
-							toReturn = CkanRole.ADMIN;
+						}
 						else if(toReturn.equals(CkanRole.MEMBER))
 							toReturn = ckanRoleMatched;
 					}
 				}
@ -172,23 +150,16 @@ public class UserUtil {
 			}else if(groupManager.isVO(currentGroupId)){
 				List<GCubeGroup> groups = groupManager.listGroupsByUser(userid);
 				logger.debug("The list of organizations of the user " + username + " is " + groups);
 				for (GCubeGroup gCubeGroup : groups) {
-					// skip if it is not a vre
+					if(currentGroupId != gCubeGroup.getParentGroupId() || currentGroupId != gCubeGroup.getGroupId())
 					if(!groupManager.isVRE(gCubeGroup.getGroupId()))
 						continue;
-					// check if this vre is a child of the vo
+					String gCubeGroupName = gCubeGroup.getGroupName();
 					if(currentGroupId != gCubeGroup.getParentGroupId())
 						continue;
-					String vreName = gCubeGroup.getGroupName();
+					List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(gCubeGroupName));
 					List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userid, groupManager.getGroupId(vreName));
 					// the default one
 					RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
@ -197,15 +168,11 @@ public class UserUtil {
 					// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
 					for (GCubeRole gCubeRole : roles) {
-						logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + vreName);
+						logger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + gCubeGroupName);
 						if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
 							correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
 							ckanRoleMatched = CkanRole.ADMIN;
 							break;
 						}else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
 							correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
 							ckanRoleMatched = CkanRole.EDITOR;
 							break;
 						}
 					}
@ -214,16 +181,17 @@ public class UserUtil {
 						continue;
 					// with this invocation, we check if the role is present in ckan and if it is not it will be added
-					boolean res = ckanUtils.checkRole(username, vreName, correspondentRoleToCheck);
+					CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(gCubeGroup.getGroupId()));
 					if(res){
-						// ok, we have a editor/admin role here
+					// if there is an instance of ckan in this scope..
-						if(toReturn.equals(CkanRole.ADMIN))
+					if(ckanUtils != null){
 						boolean res = ckanUtils.checkRole(username, gCubeGroupName, correspondentRoleToCheck);
 						if(res){
 							orgsInWhichAdminRole.add(gCubeGroupName.toLowerCase());
 							continue; // it is already the highest
-						else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
+
-							toReturn = CkanRole.ADMIN;
+						}
 						else if(toReturn.equals(CkanRole.MEMBER))
 							toReturn = ckanRoleMatched;
 					}
 				}
@ -247,19 +215,21 @@ public class UserUtil {
 						mainRole = GatewayRolesNames.CATALOGUE_ADMIN.getRoleName();
 						correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
 						break;
 					}else if(role.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
 						mainRole = GatewayRolesNames.CATALOGUE_EDITOR.getRoleName();
 						correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
 						break;
 					}
 				}
-				// with this invocation, we check if the role is present in ckan and if it is not it will be added
+				if(correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN)){
 				boolean res = ckanUtils.checkRole(username, groupName, correspondentRoleToCheck);
-				if(res){
+					// with this invocation, we check if the role is present in ckan and if it is not it will be added
-					// set the role
+					CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(currentGroupId));
-					toReturn = mapRoleLiferayToCkan(mainRole);
+					boolean res = ckanUtils.checkRole(username, groupName, correspondentRoleToCheck);
 					if(res){
 						// set the role
 						toReturn = mapLiferayRoleToCkan(mainRole);
 						orgsInWhichAdminRole.add(groupName.toLowerCase());
 					}
 				}
 			}
 		}catch(Exception e){
@ -272,158 +242,25 @@ public class UserUtil {
 	/**
 	 * Map between roles.
 	 *
 	 * @param mainRole the main role
 	 * @return the ckan role
 	 */
-	public static CkanRole mapRoleLiferayToCkan(String mainRole) {
+	public static CkanRole mapLiferayRoleToCkan(String mainRole) {
-		switch(mainRole){
+		if(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName().equals(mainRole))
-		case "Catalogue-Admin": return CkanRole.ADMIN;
+			return CkanRole.ADMIN;
-		case "Catalogue-Editor": return CkanRole.EDITOR;
+		else if(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName().equals(mainRole))
-		case "Catalogue-Member":
+			return CkanRole.EDITOR;
-		default : return CkanRole.MEMBER;
+		else
-		}
+			return CkanRole.MEMBER;
 	}
 	/**
-	 * Load the licenses list and put them into the asl session (the publisher widget will use it)
+	 * Builds a string made of key + scope
-	 * @param session
+	 * @param key
-	 * @param ckanLicensesKey
+	 * @param scope
-	 * @param ckanUtils 
+	 * @return the concatenated string key|scope (e.g., "role/gcube")
 	 */
-	public static void getLicenses(HttpSession session, String username, String ckanLicensesKey, CKanUtils ckanUtils) {
+	public static String concatenateSessionKeyScope(String key, String scope){
-
+		return key.concat(scope);
 		try{
 			logger.debug("User in session is " + username);
 			List<CkanLicense> titlesLicenses = ckanUtils.getLicenses();
 			List<String> titles = new ArrayList<String>();
 			List<String> urls = new ArrayList<String>();
 			for (CkanLicense license : titlesLicenses) {
 				titles.add(license.getTitle());
 				String url = (license.getUrl() != null && !license.getUrl().isEmpty()) ? license.getUrl() : "";
 				urls.add(url);
 			}
 			LicensesBean licensesBean = new LicensesBean(titles, urls);
 			session.setAttribute(ckanLicensesKey, licensesBean);
 			logger.info("List of licenses has been saved into session" + licensesBean);
 		}
 		catch(Exception e){
 			logger.error("Failed to preload licenses list", e);
 		}
 	}
 	/**
 	 * Load the list of organizations in which he can publish and put them into the asl session  (the publisher widget will use it)
 	 * @param session
 	 * @param ckanOrganizationsPublishKey
 	 * @param ckanUtils 
 	 */
 	public static void getUserOrganizationsList(HttpSession session, String username, boolean isSysAdmin,
 			String ckanOrganizationsPublishKey, CKanUtils ckanUtils, String token) {
 		try{
 			logger.debug("Request for user " + username + " organizations list");
 			List<String> orgsName = new ArrayList<String>();
 			if(isSysAdmin){
 				logger.info("The user " + username + " is a sysadmin. He can publish everywhere");
 				orgsName = ckanUtils.getOrganizationsNames(); // get all organizations' names
 			}else{
 				// We need to retrieve orgs in which the user has the roles ADMIN
 				List<RolesIntoOrganization> rolesToMatch = new ArrayList<RolesIntoOrganization>();
 				rolesToMatch.add(RolesIntoOrganization.ADMIN);
 				Map<String, List<RolesIntoOrganization>> orgsAndRoles = ckanUtils.getGroupsAndRolesByUser(username, rolesToMatch);
 				logger.debug("Result is " + orgsAndRoles);
 				Iterator<Entry<String, List<RolesIntoOrganization>>> iterator = orgsAndRoles.entrySet().iterator();
 				// get the names
 				while (iterator.hasNext()) {
 					Map.Entry<String, List<RolesIntoOrganization>> entry = (Map.Entry<String, List<RolesIntoOrganization>>) iterator
 							.next();
 					orgsName.add(entry.getKey());
 					logger.debug("The user has a role ADMIN into org "  + entry.getKey());
 				}
 			}
 			session.setAttribute(ckanOrganizationsPublishKey, orgsName);
 			logger.info("Organizations name for user " + username + " has been saved into session");
 		}catch(Exception e){
 			logger.error("Failed to preload list of organizations in which the user can publish", e);
 		}
 	}
 	/**
 	 * Load the list of product profiles and put them into the asl session (the publisher widget will use it)
 	 * @param session
 	 * @param ckanOrganizationsPublishKey
 	 * @param ckanUtils 
 	 */
 	public static void getMetadataProfilesList(HttpSession session, String username,
 			String ckanProfilesKey, CKanUtils ckanUtils) {
 		try{
 			logger.debug("User in session is " + username);
 			List<MetaDataProfileBean> beans = new ArrayList<MetaDataProfileBean>();
 			try {
 				DataCalogueMetadataFormatReader reader = new DataCalogueMetadataFormatReader();
 				for (MetadataType mt : reader.getListOfMetadataTypes()) {
 					MetadataFormat metadata = reader.getMetadataFormatForMetadataType(mt);
 					// we need to wrap the list of metadata
 					List<MetadataFieldWrapper> wrapperList = new ArrayList<MetadataFieldWrapper>();
 					List<MetadataField> toWrap = metadata.getMetadataFields();
 					for(MetadataField metadataField: toWrap){
 						MetadataFieldWrapper wrapperObj = new MetadataFieldWrapper();
 						wrapperObj.setDefaulValue(metadataField.getDefaulValue());
 						wrapperObj.setFieldName(metadataField.getFieldName());
 						wrapperObj.setIsBoolean(metadataField.getIsBoolean());
 						wrapperObj.setMandatory(metadataField.getMandatory());
 						wrapperObj.setNote(metadataField.getNote());
 						MetadataValidator validator = metadataField.getValidator();
 						if(validator != null)
 							wrapperObj.setValidator(validator.getRegularExpression());
 						MetadataVocabulary vocabulary = metadataField.getVocabulary();
 						if(vocabulary != null)
 							wrapperObj.setVocabulary(vocabulary.getVocabularyFields());
 						// add to the list
 						wrapperList.add(wrapperObj);
 					}
 					// wrap the mt as well
 					MetaDataTypeWrapper typeWrapper = new MetaDataTypeWrapper();
 					typeWrapper.setDescription(mt.getDescription());
 					typeWrapper.setId(mt.getId());
 					typeWrapper.setName(mt.getName());
 					MetaDataProfileBean bean = new MetaDataProfileBean(typeWrapper, wrapperList);
 					beans.add(bean);
 				}
 				logger.info("List of beans is " + beans);
 				session.setAttribute(ckanProfilesKey, beans);
 				logger.debug("List of profiles has been saved into session");
 			} catch (Exception e) {
 				logger.error("Error while retrieving metadata beans ", e);
 			}
 		}
 		catch(Exception e){
 			logger.error("Failed to retrieve the list of product profiles", e);
 		}
 	}
 }
--- a/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/shared/CkanRole.java
+++ b/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/shared/CkanRole.java
@ -5,14 +5,13 @@ package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared;
 /**
- *
+ * The Ckan role list
 * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
 * @author Costantino Perciante costantino.perciante@isti.cnr.it
 * Jun 9, 2016
 */
 public enum CkanRole {
 	MEMBER,
 	EDITOR,
-	ADMIN,
+	ADMIN
 	SYSADMIN
 }
--- a/src/main/webapp/WEB-INF/portlet.xml
+++ b/src/main/webapp/WEB-INF/portlet.xml
@ -11,8 +11,8 @@
 			<portlet-mode>VIEW</portlet-mode>
 		</supports>
 		<portlet-info>
-			<title>GCubeCkanDataCatalogPortlet</title>
+			<title>Infrastructure Data Catalogue</title>
-			<short-title>GCubeCkanDataCatalogPortlet</short-title>
+			<short-title>Infrastructure Data Catalogue</short-title>
 		</portlet-info>
 	</portlet>
 </portlet-app>