#24390 workaround applied on checking the access policy
This commit is contained in:
parent
5e45322051
commit
acc6be29d8
|
@ -1,12 +1,12 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<classpath>
|
<classpath>
|
||||||
<classpathentry kind="src" output="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes" path="src/main/java">
|
<classpathentry kind="src" output="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes" path="src/main/java">
|
||||||
<attributes>
|
<attributes>
|
||||||
<attribute name="optional" value="true"/>
|
<attribute name="optional" value="true"/>
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
<attribute name="maven.pomderived" value="true"/>
|
||||||
</attributes>
|
</attributes>
|
||||||
</classpathentry>
|
</classpathentry>
|
||||||
<classpathentry excluding="**" kind="src" output="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes" path="src/main/resources">
|
<classpathentry excluding="**" kind="src" output="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes" path="src/main/resources">
|
||||||
<attributes>
|
<attributes>
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
<attribute name="maven.pomderived" value="true"/>
|
||||||
</attributes>
|
</attributes>
|
||||||
|
@ -35,5 +35,5 @@
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
<attribute name="maven.pomderived" value="true"/>
|
||||||
</attributes>
|
</attributes>
|
||||||
</classpathentry>
|
</classpathentry>
|
||||||
<classpathentry kind="output" path="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes"/>
|
<classpathentry kind="output" path="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes"/>
|
||||||
</classpath>
|
</classpath>
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
eclipse.preferences.version=1
|
eclipse.preferences.version=1
|
||||||
lastWarOutDir=/home/francescomangiacrapa/git/geoportal-data-viewer-app/target/geoportal-data-viewer-app-3.0.1
|
lastWarOutDir=/home/francescomangiacrapa/git/geoportal-data-viewer-app/target/geoportal-data-viewer-app-3.0.1-SNAPSHOT
|
||||||
warSrcDir=src/main/webapp
|
warSrcDir=src/main/webapp
|
||||||
warSrcDirIsOutput=false
|
warSrcDirIsOutput=false
|
||||||
|
|
|
@ -38,7 +38,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<wb-module deploy-name="geoportal-data-viewer-app-3.0.1">
|
<wb-module deploy-name="geoportal-data-viewer-app-3.0.1-SNAPSHOT">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
## [v3.0.1-SNAPSHOT] - 2022-12-21
|
## [v3.1.0-SNAPSHOT] - 2023-01-11
|
||||||
|
|
||||||
#### Enhancement
|
#### Enhancement
|
||||||
- [#24300] Improved the GUI of the search functionality when multiple collections are available
|
- [#24300] Improved the GUI of the search functionality when multiple collections are available
|
||||||
|
@ -13,6 +13,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
|
||||||
#### Fixes
|
#### Fixes
|
||||||
- Reduced the BBOX when resolving a project by share link
|
- Reduced the BBOX when resolving a project by share link
|
||||||
- GNA Project binding with automatically adding of the layers to Map
|
- GNA Project binding with automatically adding of the layers to Map
|
||||||
|
- [#24390] Read the access policy from the fileset json section
|
||||||
|
|
||||||
## [v3.0.0] - 2022-11-28
|
## [v3.0.0] - 2022-11-28
|
||||||
|
|
||||||
|
|
2
pom.xml
2
pom.xml
|
@ -14,7 +14,7 @@
|
||||||
<groupId>org.gcube.portlets.user</groupId>
|
<groupId>org.gcube.portlets.user</groupId>
|
||||||
<artifactId>geoportal-data-viewer-app</artifactId>
|
<artifactId>geoportal-data-viewer-app</artifactId>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
<version>3.0.1-SNAPSHOT</version>
|
<version>3.1.0-SNAPSHOT</version>
|
||||||
<name>GeoPortal Data Viewer App</name>
|
<name>GeoPortal Data Viewer App</name>
|
||||||
<description>The GeoPortal Data Viewer App is an application to access, discovery and navigate the Geoportal projects/documents by a Web-Map Interface</description>
|
<description>The GeoPortal Data Viewer App is an application to access, discovery and navigate the Geoportal projects/documents by a Web-Map Interface</description>
|
||||||
|
|
||||||
|
|
|
@ -829,15 +829,43 @@ public class Geoportal_JSON_Mapper {
|
||||||
private static boolean checkAccessPolicy(String sectionDocumentJSON, String myLogin) {
|
private static boolean checkAccessPolicy(String sectionDocumentJSON, String myLogin) {
|
||||||
LOG.info("checkAccessPolicy called");
|
LOG.info("checkAccessPolicy called");
|
||||||
// CHECKING THE POLICY
|
// CHECKING THE POLICY
|
||||||
String accessPolicyPath = JSON_$_POINTER + "._access._policy";
|
//see ticket #24390
|
||||||
|
//First reading the access policy from the fileset
|
||||||
|
String accessPolicyPath = JSON_$_POINTER + ".fileset._access._policy";
|
||||||
boolean isAccessible = true;
|
boolean isAccessible = true;
|
||||||
try {
|
try {
|
||||||
com.jayway.jsonpath.Configuration configuration = com.jayway.jsonpath.Configuration.builder()
|
com.jayway.jsonpath.Configuration configuration = com.jayway.jsonpath.Configuration.builder()
|
||||||
.jsonProvider(new JsonOrgJsonProvider()).build();
|
.jsonProvider(new JsonOrgJsonProvider()).build();
|
||||||
|
|
||||||
LOG.debug("Reading access policy at {} into section document {}", accessPolicyPath, sectionDocumentJSON);
|
LOG.debug("Reading access policy at {} into section document {}", accessPolicyPath, sectionDocumentJSON);
|
||||||
|
String _policy = null;
|
||||||
|
try {
|
||||||
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
|
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
|
||||||
String _policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
|
_policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
|
||||||
|
|
||||||
|
if(_policy==null)
|
||||||
|
throw new Exception("Policy is null");
|
||||||
|
|
||||||
|
}catch (Exception e) {
|
||||||
|
LOG.debug("Access policy not found in: "+accessPolicyPath);
|
||||||
|
}
|
||||||
|
|
||||||
|
//If policy does not exist into fileset, reading from the parent section
|
||||||
|
if(_policy==null) {
|
||||||
|
accessPolicyPath = JSON_$_POINTER + "._access._policy";
|
||||||
|
LOG.debug("Reading access policy at {} into section document {}", accessPolicyPath, sectionDocumentJSON);
|
||||||
|
try {
|
||||||
|
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
|
||||||
|
_policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
|
||||||
|
|
||||||
|
if(_policy==null)
|
||||||
|
throw new Exception("Policy is null");
|
||||||
|
|
||||||
|
}catch (Exception e) {
|
||||||
|
LOG.debug("Access policy not found in: "+accessPolicyPath);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
LOG.debug("The section {} has policy {}", accessPolicyPath, _policy);
|
LOG.debug("The section {} has policy {}", accessPolicyPath, _policy);
|
||||||
isAccessible = GeportalCheckAccessPolicy.isAccessible(_policy, myLogin);
|
isAccessible = GeportalCheckAccessPolicy.isAccessible(_policy, myLogin);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
|
|
|
@ -134,10 +134,12 @@ public class SessionUtil {
|
||||||
GCubeUser user = pContext.getCurrentUser(request);
|
GCubeUser user = pContext.getCurrentUser(request);
|
||||||
String token = PortalContext.getConfiguration().getCurrentUserToken(scope, user.getUsername());
|
String token = PortalContext.getConfiguration().getCurrentUserToken(scope, user.getUsername());
|
||||||
|
|
||||||
if (token != null && setInThread)
|
if (token != null) {
|
||||||
SecurityTokenProvider.instance.set(token);
|
|
||||||
|
|
||||||
LOG.debug("Returning token " + token.substring(1, 10) + "_MASKED_TOKEN_");
|
LOG.debug("Returning token " + token.substring(1, 10) + "_MASKED_TOKEN_");
|
||||||
|
if(setInThread)
|
||||||
|
SecurityTokenProvider.instance.set(token);
|
||||||
|
}
|
||||||
|
|
||||||
return token;
|
return token;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue