#21976 Access Policies now are applied also on retrieving layers for id

src/main/java/org/gcube/portlets/user/geoportaldataviewer/client/GeoportalDataViewer.java

@@ -83,8 +83,6 @@ public class GeoportalDataViewer implements EntryPoint {
 
 	int attempt = 0;
 
-	// https://data.d4science.org/gis-viewer-app/?wmsrequest=https%3A%2F%2Fgeona-proto.d4science.org%2Fgeoserver%2Fconcessioni_conf%2Fwms%3Fservice%3DWMS%26version%3D1.1.0%26request%3DGetMap%26layers%3Dconcessioni_conf%3Acentroids_concessioni%26styles%3D%26bbox%3D8.476%2C39.179%2C17.391%2C45.772%26width%3D768%26height%3D567%26srs%3DEPSG%3A4326%26format%3Dapplication%2Fopenlayers&zoom=6&centermap=12.45%2C42.98
-
 	/**
 	 * This is the entry point method.
 	 */

src/main/java/org/gcube/portlets/user/geoportaldataviewer/client/gis/OpenLayerOSM.java

@@ -150,14 +150,14 @@ public abstract class OpenLayerOSM {
 		this.eventBus = eventBus;
 
 		// create a OSM-layer
-		XyzOptions osmSourceOptions = OLFactory.createOptions();
+		XyzOptions xyzOptions = OLFactory.createOptions();
 //		osmSourceOptions.setCrossOrigin("Anonymous");
 //		osmSourceOptions.setTileLoadFunction(null);
 
-		Osm osmSource = new Osm(osmSourceOptions);
+		Osm osmSource = new Osm(xyzOptions);
 		LayerOptions osmLayerOptions = OLFactory.createOptions();
 		osmLayerOptions.setSource(osmSource);
-
+		
 		Tile osmLayer = new Tile(osmLayerOptions);
 		// create a projection
 		projectionOptions.setCode(MAP_PROJECTION.EPSG_3857.getName());

src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/GeoportalDataViewerServiceImpl.java

@@ -213,6 +213,12 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
 		try {
 
 			SessionUtil.getCurrentContext(this.getThreadLocalRequest(), true);
+			String userName = null;
+			try {
+				userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername();
+			}catch (Exception e) {
+				LOG.info("User not found in session, the userName for cecking policy will  be null");
+			}
 
 			if (itemType.equalsIgnoreCase("concessione")) {
 
@@ -227,15 +233,24 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
 					if (concessione.getPianteFineScavo() != null) {
 
 						for (LayerConcessione lc : concessione.getPianteFineScavo()) {
-							listLayers.add(ConvertToDataViewModel.toLayerConcessione(lc, baseConcessione));
+							if (CheckAccessPolicyUtil.isAccessible(lc.getPolicy().name(), userName)) {
+								listLayers.add(ConvertToDataViewModel.toLayerConcessione(lc, baseConcessione));
+							}
+						}
+
+						LayerConcessione lcPosizionamento = concessione.getPosizionamentoScavo();
+
+						if (lcPosizionamento != null) {
+
+							if (CheckAccessPolicyUtil.isAccessible(lcPosizionamento.getPolicy().name(), userName)) {
+
+								LayerConcessioneDV thePosizScavo = ConvertToDataViewModel
+										.toLayerConcessione(lcPosizionamento, baseConcessione);
+								if (thePosizScavo != null)
+									listLayers.add(thePosizScavo);
+							}
 						}
-					}
 
-					if (concessione.getPosizionamentoScavo() != null) {
-						LayerConcessioneDV thePosizScavo = ConvertToDataViewModel
-								.toLayerConcessione(concessione.getPosizionamentoScavo(), baseConcessione);
-						if (thePosizScavo != null)
-							listLayers.add(thePosizScavo);
 					}
 
 				} else
@@ -270,11 +285,6 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
 
 		try {
 			LOG.info("Trying to get record for id " + mongoId);
-//			SessionUtil.getCurrentContext(this.getThreadLocalRequest(), true);
-//			SessionUtil.getCurrentToken(this.getThreadLocalRequest(), true);
-//			// Obtain the client
-//			ConcessioniManagerI manager = statefulMongoConcessioni().build();
-//			Concessione concessione = manager.getById(mongoId);
 
 			ConcessioniMongoService cms = new ConcessioniMongoService();
 			Concessione concessione = cms.getItemById(this.getThreadLocalRequest(), mongoId);
@@ -283,12 +293,17 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
 			if (concessione != null) {
 				concessionDV = ConvertToDataViewModel.toConcessione(concessione);
 
-				GCubeUser user = SessionUtil.getCurrentUser(this.getThreadLocalRequest());
-				String userName = user == null ? null : user.getUsername();
+				String userName = null;
+				try {
+					userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername();
+
+				}catch (Exception e) {
+					LOG.info("User not found in session, so going to apply the acess policies");
+				}
 
-				// TODO THIS IS A WORKAROUND WAITING FOR USER ROLE.
+				// TODO THIS IS A WORKAROUND WAITING FOR ADOPTING OF USER ROLES. AT THE MOMENT, A USER AUTHENTICATED CAN ACCESS EVERYTHING
 				// I CAN CHECK THE ACCCESS POLICIES IF AND ONLY IF THE USER IS NOT LOGGED IN.
-				if (user == null) {
+				if (userName == null) {
 
 					// CHECKING ACCESS POLICY
 					LOG.info("Applying access policies for concessione " + mongoId + " returned by service");
@@ -296,6 +311,8 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
 					if (layerPosizionamento != null) {
 						if (!CheckAccessPolicyUtil.isAccessible(layerPosizionamento.getPolicy(), userName)) {
 							concessionDV.setPosizionamentoScavo(null);
+						}else {
+							LOG.info("Posizionamento di Scavo is not accessible by current user");
 						}
 					}
 

src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/CheckAccessPolicyUtil.java

@@ -1,5 +1,7 @@
 package org.gcube.portlets.user.geoportaldataviewer.server.util;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * The Class CheckAccessPolicyUtil.
@@ -9,7 +11,8 @@ package org.gcube.portlets.user.geoportaldataviewer.server.util;
  * Sep 9, 2021
  */
 public class CheckAccessPolicyUtil {
-
+	
+	private static final Logger LOG = LoggerFactory.getLogger(CheckAccessPolicyUtil.class);
 	/**
 	 * The Enum ACCESS_POLICY.
 	 *
@@ -67,8 +70,10 @@ public class CheckAccessPolicyUtil {
 			return true;
 		}
 
+		//From here managing is NOT OPEN access
+		
 		if (myLogin == null || myLogin.isEmpty()) {
-			// is not open and the user is not authenticated
+			// here is not open and the user is not authenticated
 			return false;
 		}