#24390 workaround applied on checking the access policy

This commit is contained in:
Francesco Mangiacrapa 2023-01-11 12:21:32 +01:00
parent 5e45322051
commit acc6be29d8
7 changed files with 45 additions and 14 deletions

View File

@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes" path="src/main/java">
<classpathentry kind="src" output="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes" path="src/main/resources">
<classpathentry excluding="**" kind="src" output="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
@ -35,5 +35,5 @@
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/geoportal-data-viewer-app-3.0.1/WEB-INF/classes"/>
<classpathentry kind="output" path="target/geoportal-data-viewer-app-3.0.1-SNAPSHOT/WEB-INF/classes"/>
</classpath>

View File

@ -1,4 +1,4 @@
eclipse.preferences.version=1
lastWarOutDir=/home/francescomangiacrapa/git/geoportal-data-viewer-app/target/geoportal-data-viewer-app-3.0.1
lastWarOutDir=/home/francescomangiacrapa/git/geoportal-data-viewer-app/target/geoportal-data-viewer-app-3.0.1-SNAPSHOT
warSrcDir=src/main/webapp
warSrcDirIsOutput=false

View File

@ -38,7 +38,7 @@
<wb-module deploy-name="geoportal-data-viewer-app-3.0.1">
<wb-module deploy-name="geoportal-data-viewer-app-3.0.1-SNAPSHOT">

View File

@ -4,7 +4,7 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [v3.0.1-SNAPSHOT] - 2022-12-21
## [v3.1.0-SNAPSHOT] - 2023-01-11
#### Enhancement
- [#24300] Improved the GUI of the search functionality when multiple collections are available
@ -13,6 +13,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
#### Fixes
- Reduced the BBOX when resolving a project by share link
- GNA Project binding with automatically adding of the layers to Map
- [#24390] Read the access policy from the fileset json section
## [v3.0.0] - 2022-11-28

View File

@ -14,7 +14,7 @@
<groupId>org.gcube.portlets.user</groupId>
<artifactId>geoportal-data-viewer-app</artifactId>
<packaging>war</packaging>
<version>3.0.1-SNAPSHOT</version>
<version>3.1.0-SNAPSHOT</version>
<name>GeoPortal Data Viewer App</name>
<description>The GeoPortal Data Viewer App is an application to access, discovery and navigate the Geoportal projects/documents by a Web-Map Interface</description>

View File

@ -829,15 +829,43 @@ public class Geoportal_JSON_Mapper {
private static boolean checkAccessPolicy(String sectionDocumentJSON, String myLogin) {
LOG.info("checkAccessPolicy called");
// CHECKING THE POLICY
String accessPolicyPath = JSON_$_POINTER + "._access._policy";
//see ticket #24390
//First reading the access policy from the fileset
String accessPolicyPath = JSON_$_POINTER + ".fileset._access._policy";
boolean isAccessible = true;
try {
com.jayway.jsonpath.Configuration configuration = com.jayway.jsonpath.Configuration.builder()
.jsonProvider(new JsonOrgJsonProvider()).build();
LOG.debug("Reading access policy at {} into section document {}", accessPolicyPath, sectionDocumentJSON);
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
String _policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
String _policy = null;
try {
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
_policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
if(_policy==null)
throw new Exception("Policy is null");
}catch (Exception e) {
LOG.debug("Access policy not found in: "+accessPolicyPath);
}
//If policy does not exist into fileset, reading from the parent section
if(_policy==null) {
accessPolicyPath = JSON_$_POINTER + "._access._policy";
LOG.debug("Reading access policy at {} into section document {}", accessPolicyPath, sectionDocumentJSON);
try {
JsonPath theSectionPolycJsonPath = JsonPath.compile(accessPolicyPath);
_policy = theSectionPolycJsonPath.read(sectionDocumentJSON, configuration).toString();
if(_policy==null)
throw new Exception("Policy is null");
}catch (Exception e) {
LOG.debug("Access policy not found in: "+accessPolicyPath);
}
}
LOG.debug("The section {} has policy {}", accessPolicyPath, _policy);
isAccessible = GeportalCheckAccessPolicy.isAccessible(_policy, myLogin);
} catch (Exception e) {

View File

@ -134,10 +134,12 @@ public class SessionUtil {
GCubeUser user = pContext.getCurrentUser(request);
String token = PortalContext.getConfiguration().getCurrentUserToken(scope, user.getUsername());
if (token != null && setInThread)
SecurityTokenProvider.instance.set(token);
if (token != null) {
LOG.debug("Returning token " + token.substring(1, 10) + "_MASKED_TOKEN_");
if(setInThread)
SecurityTokenProvider.instance.set(token);
}
LOG.debug("Returning token " + token.substring(1, 10) + "_MASKED_TOKEN_");
return token;
}