gCubeSystem
/
gcube-ckan-datacatalog
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Started managing the editor role. Added loading image within iframes and removed when onloading event is fired 

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/gcube-ckan-datacatalog@131357 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-09-14 14:42:46 +00:00
parent 1822ee8c06
commit b109a8b7da
10 changed files with 171 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.settings/org.eclipse.wst.common.component
View File

@ -4,9 +4,6 @@
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
<dependent-module archiveName="ckan-util-library-1.1.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ckan-util-library/ckan-util-library">
<dependency-type>uses</dependency-type>
</dependent-module>
<property name="context-root" value="gcube-ckan-datacatalog"/>
<property name="java-output-path" value="/gcube-ckan-datacatalog/target/gcube-ckan-datacatalog-1.0.0-SNAPSHOT/WEB-INF/classes"/>
</wb-module>

2
pom.xml
View File

@ -99,13 +99,11 @@
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>authorization-client</artifactId>
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>common-authorization</artifactId>
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
<scope>provided</scope>
</dependency>

21
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/GcubeCkanDataCatalogService.java
View File

@ -18,11 +18,28 @@ import com.google.gwt.user.client.rpc.RemoteServiceRelativePath;
public interface GcubeCkanDataCatalogService extends RemoteService {
/**
* Get the ckan connector access point
* @param pathInfoParameters
* @param queryStringParameters
* @param currentUrl
* @return
* @throws Exception
*/
CkanConnectorAccessPoint getCKanConnector(
String pathInfoParameters, String queryStringParameters, String currentUrl) throws Exception;
/**
* Get the current role in CKAN for this user
* @return
* @throws Exception
*/
CkanRole getMyRole() throws Exception;
/**
* Get the current user's username
* @return
*/
String getUser();
/**
@ -31,9 +48,13 @@ public interface GcubeCkanDataCatalogService extends RemoteService {
*/
Map<String, String> getCkanOrganizationsNamesAndUrlsForUser();
/**
* Logout from ckan
*/
void logoutFromCkan();
/**
* Remove auth cookie for ckan of this user
* @return
*/
String logoutURIFromCkan();

17
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/CkanFramePanel.java
View File

@ -5,14 +5,17 @@ package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.view;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GCubeCkanDataCatalog;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.event.IFrameInstanciedEvent;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.resource.CkanPortletResources;
import com.google.gwt.core.shared.GWT;
import com.google.gwt.dom.client.Style.Display;
import com.google.gwt.dom.client.Style.Unit;
import com.google.gwt.event.dom.client.LoadEvent;
import com.google.gwt.event.dom.client.LoadHandler;
import com.google.gwt.event.shared.HandlerManager;
import com.google.gwt.user.client.ui.FlowPanel;
import com.google.gwt.user.client.ui.Frame;
import com.google.gwt.user.client.ui.Image;
/**
@ -25,6 +28,7 @@ public class CkanFramePanel extends FlowPanel{
private Frame frame;
private HandlerManager eventBus;
private Image loading = new Image(CkanPortletResources.ICONS.loading());
/**
@ -34,7 +38,9 @@ public class CkanFramePanel extends FlowPanel{
*/
public CkanFramePanel(HandlerManager eventBus) {
this.eventBus = eventBus;
this.add(loading);
loading.getElement().getStyle().setProperty("margin", "auto");
loading.getElement().getStyle().setDisplay(Display.BLOCK);
}
/**
@ -64,14 +70,17 @@ public class CkanFramePanel extends FlowPanel{
frame = new Frame(ckanUrlConnector);
frame.getElement().setId(GCubeCkanDataCatalog.GCUBE_CKAN_IFRAME);
frame.setWidth("100%");
// frame.setHeight("100%");
// frame.getElement().getStyle().setOverflow(Overflow.HIDDEN);
// frame.getElement().setAttribute("scrolling", "no");
// frame.setHeight("100%");
// frame.getElement().getStyle().setOverflow(Overflow.HIDDEN);
// frame.getElement().setAttribute("scrolling", "no");
frame.getElement().getStyle().setBorderWidth(0, Unit.PX);
frame.addLoadHandler(new LoadHandler() {
@Override
public void onLoad(LoadEvent arg0) {
CkanFramePanel.this.remove(loading);
}
});
add(frame);

2
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/CkanMetadataManagementPanel.java
View File

@ -175,7 +175,7 @@ public class CkanMetadataManagementPanel extends FlowPanel{
}
/**
* Those buttons can be only visible when the logged user has role editr/admin/sysadmin
* Those buttons can be only visible when the logged user has role edit/admin/sysadmin
* @param show
*/
public void showInsertAndEditProductButtons(boolean show){

11
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/CkanOrganizationsPanel.java
View File

@ -32,7 +32,7 @@ public class CkanOrganizationsPanel extends VerticalPanel{
}
/**
* Set the organizations to show
* Set the organizations to show. If a null list is passed, it is an error
* @param result
*/
public void setOrganizations(Map<String, String> result) {
@ -47,7 +47,13 @@ public class CkanOrganizationsPanel extends VerticalPanel{
this.organizations = result;
//generate the list of organizations
if(result == null || result.isEmpty()){
if(result == null){
Paragraph p = new Paragraph("There was an error while retrieving your organizations, sorry.");
p.setStyleName("no-organizations-found-paragraph");
p.getElement().getStyle().setColor("#aaaaaa");
vPanel.add(p);
}
else if(result.isEmpty()){
Paragraph p = new Paragraph("You are not a member of any organizations.");
p.setStyleName("no-organizations-found-paragraph");
@ -85,6 +91,7 @@ public class CkanOrganizationsPanel extends VerticalPanel{
vPanel.add(list);
}
// add the footer
String html = "Powered by <a href=\"http://www.gcube-system.org\" target=\"_blank\">gCube</a> | <a href=\"http://ckan.org\" target=\"_blank\">CKAN</a>";
Footer footer = new Footer(html);
footer.setStyleName("footer-organizations");

17
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/client/view/GCubeCkanDataCatalogPanel.java
View File

@ -64,8 +64,11 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
String queryParameter =
Window.Location.getParameter(GCubeCkanDataCatalog.GET_QUERY_PARAMETER);
String currentPortletUrl = Window.Location.getHref();
currentPortletUrl = currentPortletUrl.split("\\?")[0]; // ignore get parameters
GCubeCkanDataCatalog.service.getCKanConnector(
pathParameter, queryParameter, Window.Location.getHref(),
pathParameter, queryParameter, currentPortletUrl,
new AsyncCallback<CkanConnectorAccessPoint>() {
@Override
@ -83,11 +86,11 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
if (result) {
// the portlet is outside the portal and no user is logged
// in
// show only home and statistics
// in show only home and statistics
managementPanel.doNotShowUserRelatedInfo();
}
else {
// polling for session expired check
CheckSession.getInstance().startPolling();
@ -97,13 +100,15 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
@Override
public void onSuccess(Map<String, String> result) {
if (result != null)
ckanOrganizationsPanel.setOrganizations(result);
}
@Override
public void onFailure(Throwable caught) {
// an error message will be displayed
ckanOrganizationsPanel.setOrganizations(null);
}
});
@ -122,7 +127,7 @@ public class GCubeCkanDataCatalogPanel extends BaseViewTemplate {
showEditInsertButtons(true);
break;
case EDITOR:
showEditInsertButtons(false); // because the editor has some limitations TODO
showEditInsertButtons(true);
break;
case MEMBER:
showEditInsertButtons(false);

138
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java
View File

@ -19,10 +19,10 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpStatus;
import org.gcube.application.framework.core.session.ASLSession;
import org.gcube.application.framework.core.session.SessionManager;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.datacatalogue.ckanutillibrary.ApplicationProfileScopePerUrlReader;
import org.gcube.datacatalogue.ckanutillibrary.CKanUtils;
import org.gcube.datacatalogue.ckanutillibrary.CkanUtilsFactory;
import org.gcube.datacatalogue.ckanutillibrary.utils.ApplicationProfileScopePerUrlReader;
import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanConnectorAccessPoint;
@ -56,7 +56,6 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
public static String CKANCONNECTORLOGOUT = "CkanConnectorLogout";
public static final String USERNAME_ATTRIBUTE = ScopeHelper.USERNAME_ATTRIBUTE;
private static Logger logger = LoggerFactory.getLogger(GcubeCkanDataCatalogServiceImpl.class);
private final static String DEFAULT_ROLE = "OrganizationMember";
public final static String TEST_USER = "test.user";
public final static String TEST_SCOPE = "/gcube/devsec/devVRE";
@ -68,8 +67,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
private static final String CKAN_HIGHEST_ROLE = "ckanHighestRole"; // editor, member, admin (this information is retrieved according the scope)
private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish (admin role)
// THIS IS NEEDED TO HANDLE SPECIAL CASES (e.g. for a certain portlet url we want to discover in another scope)
private final static String CLIENT_PORTLET_URL = "currentClientUrlPortlet";
// THIS IS NEEDED TO HANDLE SPECIAL CASES (e.g. for a certain portlet url we want to discover in another scope the ckan instance information)
private final static String SCOPE_CLIENT_PORTLET_URL = "currentClientUrlPortletScope";
/**
* Instanciate the ckan util library.
@ -82,13 +81,14 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
HttpSession httpSession = getThreadLocalRequest().getSession();
ASLSession aslSession = getASLSession(httpSession);
String currentScope = aslSession.getScope();
String user = aslSession.getUsername();
CKanUtils instance = null;
try{
String scopeInWhichDiscover = (discoverScope != null && !discoverScope.isEmpty()) ? discoverScope : currentScope;
logger.debug("Discovering ckan utils library into scope " + scopeInWhichDiscover);
instance = CkanUtilsFactory.getFactory().getUtilsPerScope(scopeInWhichDiscover);
}catch(Exception e){
logger.error("Unable to retrieve ckan utils", e);
}
@ -99,18 +99,18 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
* @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector(java.lang.String, java.lang.String)
*/
@Override
public CkanConnectorAccessPoint getCKanConnector(String pathInfoParameter, String queryStringParameters, String currentUrl) throws Exception {
logger.info("getCKanConnector [pathInfo: "+pathInfoParameter + ", query: "+queryStringParameters+"], current url is " + currentUrl);
public CkanConnectorAccessPoint getCKanConnector(String pathInfoParameter, String queryStringParameters, String currentPortletUrl) throws Exception {
logger.info("getCKanConnector [pathInfo: "+pathInfoParameter + ", query: "+queryStringParameters+"], current url is " + currentPortletUrl);
try{
// call asl session otherwise ScopeProvider.instance.get(); returns null
ASLSession aslSession = getASLSession(this.getThreadLocalRequest().getSession());
// retrieve scope per current portlet url
String scopePerCurrentUrl = new ApplicationProfileScopePerUrlReader().getScopePerUrl(currentUrl);
String scopePerCurrentUrl = new ApplicationProfileScopePerUrlReader().getScopePerUrl(currentPortletUrl);
// save it
this.getThreadLocalRequest().getSession().setAttribute(CLIENT_PORTLET_URL, currentUrl);
this.getThreadLocalRequest().getSession().setAttribute(SCOPE_CLIENT_PORTLET_URL, scopePerCurrentUrl);
if(queryStringParameters!=null && Base64.isBase64(queryStringParameters.getBytes())){
byte[] valueDecoded=Base64.decodeBase64(queryStringParameters.getBytes());
@ -177,12 +177,13 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
//GET TOKEN
String gcubeTokenValue = null;
if(SessionUtil.isIntoPortal()){
gcubeTokenValue = getGcubeSecurityToken();
gcubeTokenValue = getGcubeSecurityToken(scopePerCurrentUrl);
}else{
logger.warn("******** Using TEST_USER security token!!!");
gcubeTokenValue = TEST_SEC_TOKEN;
}
// set the token into the CkanConnectorAccessPoint
ckan.addGubeToken(gcubeTokenValue);
//ADDING LIST OF VRE TO WHICH USER BELONGS
@ -190,6 +191,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
return ckan;
}
// retrieve the list of VREs to whom the user belongs
List<String> listVres = UserUtil.getListVreForUser(session.getUserEmailAddress());
ckan.addListOfVREs(listVres);
@ -197,43 +199,41 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
}
/**
* Gets the gcube security token.
* Gets the gcube security token for the user in current session and for a given scope
*
* @return the gcube security token
* @throws Exception
*/
protected String getGcubeSecurityToken() {
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = getASLSession(httpSession);
logger.debug("Get security token return: "+session.getSecurityToken());
protected String getGcubeSecurityToken(String scope) throws Exception {
if(session.getSecurityToken()==null || session.getSecurityToken().isEmpty()){
logger.warn("Security token retured from ASL is null or empty, I'm setting security token...");
setAuthorizationToken(session);
}
return session.getSecurityToken();
}
/**
* Temporary method to set the authorization token.
*
* @param session the new authorization token
*/
private static void setAuthorizationToken(ASLSession session) {
// ask it directly to the auth service
ASLSession session = getASLSession(this.getThreadLocalRequest().getSession());
String username = session.getUsername();
String scope = session.getScope();
ScopeProvider.instance.set(scope);
logger.debug("calling service token on scope " + scope);
List<String> userRoles = new ArrayList<String>();
userRoles.add(DEFAULT_ROLE);
session.setSecurityToken(null);
String token = authorizationService().build().generate(session.getUsername(), userRoles);
logger.debug("received token: "+token);
session.setSecurityToken(token);
logger.info("Security token set in session for: "+username + " on " + scope);
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), scope);
return token;
}
// /**
// * Temporary method to set the authorization token.
// *
// * @param session the new authorization token
// * @throws Exception
// */
// private static void setAuthorizationToken(ASLSession session) throws Exception {
// String username = session.getUsername();
// String scope = session.getScope();
// ScopeProvider.instance.set(scope);
// logger.debug("calling service token on scope " + scope);
// List<String> userRoles = new ArrayList<String>();
// userRoles.add(DEFAULT_ROLE);
// session.setSecurityToken(null);
// String token = authorizationService().generateUserToken(new UserInfo(username, userRoles), scope);
// logger.debug("received token: "+token);
// session.setSecurityToken(token);
// logger.info("Security token set in session for: "+username + " on " + scope);
// }
/**
* Gets the ASL session.
*
@ -285,11 +285,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
}else{
// save it
String currentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(CLIENT_PORTLET_URL);
// retrieve scope per current portlet url
String scopePerCurrentUrl = new ApplicationProfileScopePerUrlReader().getScopePerUrl(currentUrl);
// get the scope
String scopePerCurrentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(SCOPE_CLIENT_PORTLET_URL);
// get key per scope
String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_HIGHEST_ROLE, scopePerCurrentUrl);
@ -306,21 +303,22 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
GroupManager gm = new LiferayGroupManager();
String groupName = gm.getGroup(gm.getGroupIdFromInfrastructureScope(scopePerCurrentUrl)).getGroupName();
// we build up also a list that keeps track of the scopes (orgs) in which the user has role ADMIN
List<OrganizationBean> orgsInWhichAdminRole = new ArrayList<OrganizationBean>();
toReturn = UserUtil.getHighestRole(scopePerCurrentUrl, username, groupName, this, orgsInWhichAdminRole);
// we build up also a list that keeps track of the scopes (orgs) in which the user has at least role EDITOR
List<OrganizationBean> orgsInWhichAtLeastEditorRole = new ArrayList<OrganizationBean>();
toReturn = UserUtil.getHighestRole(scopePerCurrentUrl, username, groupName, this, orgsInWhichAtLeastEditorRole);
// put role in session
httpSession.setAttribute(keyPerScope, toReturn);
logger.info("Set role " + toReturn + " into session for user " + username);
// if he is an admin preload:
// if he is an admin/editor preload:
// 1) organizations in which he can publish (the widget will find these info in session)
if(toReturn.equals(CkanRole.ADMIN)){
httpSession.setAttribute(UserUtil.concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, scopePerCurrentUrl), orgsInWhichAdminRole);
logger.info("Set organizations in which he can publish to " + orgsInWhichAdminRole + " into session for user " + username);
if(toReturn.equals(CkanRole.ADMIN) || toReturn.equals(CkanRole.EDITOR)){
httpSession.setAttribute(UserUtil.concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, scopePerCurrentUrl), orgsInWhichAtLeastEditorRole);
logger.info("Set organizations in which he can publish to " + orgsInWhichAtLeastEditorRole + " into session for user " + username);
}
}catch(Exception e){
logger.error("Error while retreving roles... returning MEMBER", e);
logger.error("Error while retreving roles... returning " + toReturn, e);
}
}
}
@ -337,9 +335,9 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
public String getUser() {
HttpSession httpSession = this.getThreadLocalRequest().getSession();
logger.debug("User in session is " + getASLSession(httpSession).getUsername());
return getASLSession(httpSession).getUsername();
String username = getASLSession(httpSession).getUsername();
logger.debug("User in session is " + username);
return username;
}
@ -348,8 +346,11 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = getASLSession(httpSession);
String username = session.getUsername();
CkanConnectorAccessPoint ckanAP = SessionUtil.getCkanAccessPoint(this.getThreadLocalRequest().getSession(), session.getScope());
// String token = getGcubeSecurityToken();
// get the scope from session
String scopePerCurrentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(SCOPE_CLIENT_PORTLET_URL);
CkanConnectorAccessPoint ckanAP = SessionUtil.getCkanAccessPoint(this.getThreadLocalRequest().getSession(), scopePerCurrentUrl);
logger.info("Logout from CKAN for: "+username +" by token: "+ckanAP.getGcubeTokenValue());
String ckanConnectorLogut = getServletContext().getInitParameter(CKANCONNECTORLOGOUT);
@ -369,7 +370,9 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = getASLSession(httpSession);
String username = session.getUsername();
CkanConnectorAccessPoint ckanAP = SessionUtil.getCkanAccessPoint(this.getThreadLocalRequest().getSession(), session.getScope());
// get the scope from session
String scopePerCurrentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(SCOPE_CLIENT_PORTLET_URL);
CkanConnectorAccessPoint ckanAP = SessionUtil.getCkanAccessPoint(this.getThreadLocalRequest().getSession(), scopePerCurrentUrl);
// String token = getGcubeSecurityToken();
logger.info("Logout from CKAN for: "+username +" by token: "+ckanAP.getGcubeTokenValue());
@ -441,12 +444,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
ASLSession session = getASLSession(httpSession);
String username = session.getUsername();
// get it
String currentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(CLIENT_PORTLET_URL);
// retrieve scope per current portlet url
String scopePerCurrentUrl = new ApplicationProfileScopePerUrlReader().getScopePerUrl(currentUrl);
String scopePerCurrentUrl = (String)this.getThreadLocalRequest().getSession().getAttribute(SCOPE_CLIENT_PORTLET_URL);
String keyPerScope = UserUtil.concatenateSessionKeyScope(CKAN_ORGS_USER_KEY, scopePerCurrentUrl);
if(!username.equals(TEST_USER)){
@ -475,7 +474,7 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
if(!SessionUtil.isIntoPortal()){
logger.warn("You are not into the portal");
logger.warn("You are in DEV mode");
return false;
}else{
@ -483,11 +482,8 @@ public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implem
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = getASLSession(httpSession);
String username = session.getUsername();
return username.equals(TEST_USER);
if(username.equals(TEST_USER))
return true;
return false;
}
}
}

2
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/SessionUtil.java
View File

@ -96,7 +96,5 @@ public class SessionUtil {
public static CkanConnectorAccessPoint getCkanAccessPoint(HttpSession session, String scope) {
String key = getKeyForSession(CKAN_ACCESS_POINT, scope);
return (CkanConnectorAccessPoint) session.getAttribute(key);
}
}

66
src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/UserUtil.java
View File

@ -79,7 +79,7 @@ public class UserUtil {
}
/**
* Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin role
* Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin or ckan-editor role
* @param currentScope the current scope
* @param username the current username
* @param groupName the current groupName
@ -87,7 +87,7 @@ public class UserUtil {
* @param orgsInWhichAdminRole
* @param ckanUtils ckanUtils
*/
public static CkanRole getHighestRole(String currentScope, String username, String groupName, GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<OrganizationBean> orgsInWhichAdminRole){
public static CkanRole getHighestRole(String currentScope, String username, String groupName, GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<OrganizationBean> orgsInWhichAtLeastEditorRole){
// base role as default value
CkanRole toReturn = CkanRole.MEMBER;
@ -129,8 +129,16 @@ public class UserUtil {
if(correspondentRoleToCheck.equals(RolesIntoOrganization.MEMBER))
continue;
// admin or editor case
checkIfRoleIsSetInCkanInstance(username, gCubeGroupName, gCubeGroup.getGroupId(),
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAdminRole);
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAtLeastEditorRole);
if(toReturn.equals(CkanRole.ADMIN))
continue;
else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
toReturn = CkanRole.ADMIN;
else // it was MEMBER
toReturn = mapRolesIntoOrganizationToCkanRole(correspondentRoleToCheck);
}
@ -156,7 +164,14 @@ public class UserUtil {
continue;
checkIfRoleIsSetInCkanInstance(username, gCubeGroupName, gCubeGroup.getGroupId(),
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAdminRole);
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAtLeastEditorRole);
if(toReturn.equals(CkanRole.ADMIN))
continue;
else if(toReturn.equals(CkanRole.EDITOR) && correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN))
toReturn = CkanRole.ADMIN;
else
toReturn = mapRolesIntoOrganizationToCkanRole(correspondentRoleToCheck);
}
}else if(groupManager.isVRE(currentGroupId)){
@ -167,11 +182,11 @@ public class UserUtil {
// get highest role
RolesIntoOrganization correspondentRoleToCheck = getLiferayHighestRoleInOrg(roles);
// if it the role is ADMIN we have to be sure to set it
if(correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN)){
// if it the role is ADMIN/EDITOR we have to be sure to set it
if(correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN) || correspondentRoleToCheck.equals(RolesIntoOrganization.EDITOR)){
checkIfRoleIsSetInCkanInstance(username, groupName, currentGroupId,
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAdminRole);
correspondentRoleToCheck, groupManager, gcubeCkanDataCatalogServiceImpl, orgsInWhichAtLeastEditorRole);
}
}
}catch(Exception e){
@ -179,17 +194,13 @@ public class UserUtil {
return CkanRole.MEMBER;
}
// check the list
if(orgsInWhichAdminRole.size() > 0)
toReturn = CkanRole.ADMIN;
// return the role
logger.debug("Returning role " + toReturn + " for user " + username);
return toReturn;
}
/**
* Check if the role admin is set or must be set into the ckan instance at this scope
* Check if the role admin/editor is set or must be set into the ckan instance at this scope
* @param username
* @param gCubeGroupName
* @param groupId
@ -204,7 +215,7 @@ public class UserUtil {
String gCubeGroupName, long groupId,
RolesIntoOrganization correspondentRoleToCheck,
GroupManager groupManager,
GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<OrganizationBean> orgsInWhichAdminRole) throws UserManagementSystemException, GroupRetrievalFault {
GcubeCkanDataCatalogServiceImpl gcubeCkanDataCatalogServiceImpl, List<OrganizationBean> orgsInWhichAtLeastEditorRole) throws UserManagementSystemException, GroupRetrievalFault {
// with this invocation, we check if the role is present in ckan and if it is not it will be added
CKanUtils ckanUtils = gcubeCkanDataCatalogServiceImpl.getCkanUtilsObj(groupManager.getInfrastructureScope(groupId));
@ -213,11 +224,11 @@ public class UserUtil {
if(ckanUtils != null){
boolean res = ckanUtils.checkRole(username, gCubeGroupName, correspondentRoleToCheck);
if(res){
// get the orgs of the user
// get the orgs of the user and retrieve its title and name
List<CkanOrganization> ckanOrgs = ckanUtils.getOrganizationsByUser(username);
for (CkanOrganization ckanOrganization : ckanOrgs) {
if(ckanOrganization.getName().equals(gCubeGroupName.toLowerCase()) || ckanOrganization.getName().equals(CKanUtilsImpl.PRODUCTION_CKAN_ORGNAME_ROOT)){
orgsInWhichAdminRole.add(new OrganizationBean(ckanOrganization.getTitle(), ckanOrganization.getName()));
orgsInWhichAtLeastEditorRole.add(new OrganizationBean(ckanOrganization.getTitle(), ckanOrganization.getName()));
break;
}
}
@ -228,21 +239,42 @@ public class UserUtil {
}
/**
* Retrieve the ckan roles among a list of liferay roles
* Retrieve the ckan role among a list of liferay roles
* @param roles
* @return
* @return MEMBER/EDITOR/ADMIN role
*/
private static RolesIntoOrganization getLiferayHighestRoleInOrg(
List<GCubeRole> roles) {
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
for (GCubeRole gCubeRole : roles) {
if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
return RolesIntoOrganization.ADMIN;
}
if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
return RolesIntoOrganization.EDITOR;
}
}
return RolesIntoOrganization.MEMBER;
}
/**
* Return the correspondent CkanRole
* @param correspondentRoleToCheck
* @return
*/
private static CkanRole mapRolesIntoOrganizationToCkanRole(
RolesIntoOrganization correspondentRoleToCheck) {
switch(correspondentRoleToCheck){
case ADMIN: return CkanRole.ADMIN;
case EDITOR: return CkanRole.EDITOR;
case MEMBER: return CkanRole.MEMBER;
default:return null;
}
}
/**
* Builds a string made of key + scope
* @param key