gCubeSystem
/
resource-registry
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed name

This commit is contained in:
Luca Frosini 2020-10-27 15:12:11 +01:00
parent 7efdf5cf91
commit a7c89cded0
4 changed files with 41 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/gcube/informationsystem/resourceregistry/contexts/ContextUtility.java
View File

@ -55,7 +55,7 @@ public class ContextUtility {
contexts = new HashMap<>(); contexts = new HashMap<>();
} }
private static final InheritableThreadLocal<Boolean> hierarchicMode = new InheritableThreadLocal<Boolean>() { private static final InheritableThreadLocal<Boolean> hierarchicalMode = new InheritableThreadLocal<Boolean>() {
@Override @Override
protected Boolean initialValue() { protected Boolean initialValue() {
@ -64,8 +64,8 @@ public class ContextUtility {
}; };
public static InheritableThreadLocal<Boolean> getHierarchicMode() { public static InheritableThreadLocal<Boolean> getHierarchicalMode() {
return hierarchicMode; return hierarchicalMode;
} }
private static String getCurrentContextFullName() { private static String getCurrentContextFullName() {

53
src/main/java/org/gcube/informationsystem/resourceregistry/contexts/security/SecurityContext.java
View File

@ -45,9 +45,12 @@ public class SecurityContext {
protected static final String DEFAULT_WRITER_ROLE = "writer"; protected static final String DEFAULT_WRITER_ROLE = "writer";
protected static final String DEFAULT_READER_ROLE = "reader"; protected static final String DEFAULT_READER_ROLE = "reader";
/*
* H stand for Hierarchical
*/
public static final String H = "H"; public static final String H = "H";
protected final boolean hierarchic; protected final boolean hierarchical;
public enum SecurityType { public enum SecurityType {
ROLE("Role"), USER("User"); ROLE("Role"), USER("User");
@ -85,8 +88,8 @@ public class SecurityContext {
protected Set<SecurityContext> children; protected Set<SecurityContext> children;
protected boolean isHierarchicMode() { protected boolean isHierarchicalMode() {
return hierarchic && ContextUtility.getHierarchicMode().get(); return hierarchical && ContextUtility.getHierarchicalMode().get();
} }
public void setParentSecurityContext(SecurityContext parentSecurityContext) { public void setParentSecurityContext(SecurityContext parentSecurityContext) {
@ -151,7 +154,7 @@ public class SecurityContext {
* @throws ResourceRegistryException * @throws ResourceRegistryException
*/ */
public void changeParentSecurityContext(SecurityContext newParentSecurityContext, ODatabaseDocument orientGraph) throws ResourceRegistryException { public void changeParentSecurityContext(SecurityContext newParentSecurityContext, ODatabaseDocument orientGraph) throws ResourceRegistryException {
if(!hierarchic) { if(!hierarchical) {
StringBuilder errorMessage = new StringBuilder(); StringBuilder errorMessage = new StringBuilder();
errorMessage.append("Cannot change parent "); errorMessage.append("Cannot change parent ");
errorMessage.append(SecurityContext.class.getSimpleName()); errorMessage.append(SecurityContext.class.getSimpleName());
@ -195,16 +198,16 @@ public class SecurityContext {
ORole role = oSecurity.getRole(roleName); ORole role = oSecurity.getRole(roleName);
roles.add(role); roles.add(role);
} }
newParentSecurityContext.addHierarchicRoleToParent(oSecurity, permissionMode, roles.toArray(new ORole[allChildren.size()])); newParentSecurityContext.addHierarchicalRoleToParent(oSecurity, permissionMode, roles.toArray(new ORole[allChildren.size()]));
} }
} }
} }
protected SecurityContext(UUID context, boolean hierarchic) throws ResourceRegistryException { protected SecurityContext(UUID context, boolean hierarchical) throws ResourceRegistryException {
this.context = context; this.context = context;
this.poolMap = new HashMap<>(); this.poolMap = new HashMap<>();
this.hierarchic = hierarchic; this.hierarchical = hierarchical;
this.children = new HashSet<>(); this.children = new HashSet<>();
} }
@ -215,7 +218,7 @@ public class SecurityContext {
private synchronized ODatabasePool getPool(PermissionMode permissionMode, boolean recreate) { private synchronized ODatabasePool getPool(PermissionMode permissionMode, boolean recreate) {
ODatabasePool pool = null; ODatabasePool pool = null;
Boolean h = isHierarchicMode(); Boolean h = isHierarchicalMode();
Map<PermissionMode,ODatabasePool> pools = poolMap.get(h); Map<PermissionMode,ODatabasePool> pools = poolMap.get(h);
if(pools == null) { if(pools == null) {
@ -288,7 +291,7 @@ public class SecurityContext {
ODocument oDocument = element.getRecord(); ODocument oDocument = element.getRecord();
OSecurity oSecurity = getOSecurity(oDatabaseDocument); OSecurity oSecurity = getOSecurity(oDatabaseDocument);
allow(oSecurity, oDocument, false); allow(oSecurity, oDocument, false);
if(hierarchic) { if(hierarchical) {
allow(oSecurity, oDocument, true); allow(oSecurity, oDocument, true);
} }
oDocument.save(); oDocument.save();
@ -305,17 +308,17 @@ public class SecurityContext {
} }
} }
protected void deny(OSecurity oSecurity, ODocument oDocument, boolean hierarchic) { protected void deny(OSecurity oSecurity, ODocument oDocument, boolean hierarchical) {
// The element could be created in such a context so the writerUser for the // The element could be created in such a context so the writerUser for the
// context is allowed by default because it was the creator // context is allowed by default because it was the creator
String writerUserName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.USER, hierarchic); String writerUserName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.USER, hierarchical);
oSecurity.denyUser(oDocument, ORestrictedOperation.ALLOW_ALL, writerUserName); oSecurity.denyUser(oDocument, ORestrictedOperation.ALLOW_ALL, writerUserName);
String readerUserName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.USER, hierarchic); String readerUserName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.USER, hierarchical);
oSecurity.denyUser(oDocument, ORestrictedOperation.ALLOW_READ, readerUserName); oSecurity.denyUser(oDocument, ORestrictedOperation.ALLOW_READ, readerUserName);
String writerRoleName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.ROLE, hierarchic); String writerRoleName = getSecurityRoleOrUserName(PermissionMode.WRITER, SecurityType.ROLE, hierarchical);
oSecurity.denyRole(oDocument, ORestrictedOperation.ALLOW_ALL, writerRoleName); oSecurity.denyRole(oDocument, ORestrictedOperation.ALLOW_ALL, writerRoleName);
String readerRoleName = getSecurityRoleOrUserName(PermissionMode.READER, SecurityType.ROLE, hierarchic); String readerRoleName = getSecurityRoleOrUserName(PermissionMode.READER, SecurityType.ROLE, hierarchical);
oSecurity.denyRole(oDocument, ORestrictedOperation.ALLOW_READ, readerRoleName); oSecurity.denyRole(oDocument, ORestrictedOperation.ALLOW_READ, readerRoleName);
} }
@ -324,7 +327,7 @@ public class SecurityContext {
ODocument oDocument = element.getRecord(); ODocument oDocument = element.getRecord();
OSecurity oSecurity = getOSecurity(oDatabaseDocument); OSecurity oSecurity = getOSecurity(oDatabaseDocument);
deny(oSecurity, oDocument, false); deny(oSecurity, oDocument, false);
if(hierarchic) { if(hierarchical) {
deny(oSecurity, oDocument, true); deny(oSecurity, oDocument, true);
} }
oDocument.save(); oDocument.save();
@ -339,7 +342,7 @@ public class SecurityContext {
@Override @Override
public Boolean call() throws Exception { public Boolean call() throws Exception {
ContextUtility.getHierarchicMode().set(false); ContextUtility.getHierarchicalMode().set(false);
ODatabaseDocument oDatabaseDocument = getDatabaseDocument(PermissionMode.READER); ODatabaseDocument oDatabaseDocument = getDatabaseDocument(PermissionMode.READER);
try { try {
oDatabaseDocument.activateOnCurrentThread(); oDatabaseDocument.activateOnCurrentThread();
@ -389,7 +392,7 @@ public class SecurityContext {
return oSecurity.getRole(superRoleName); return oSecurity.getRole(superRoleName);
} }
protected void addHierarchicRoleToParent(OSecurity oSecurity, PermissionMode permissionMode, ORole... roles) { protected void addHierarchicalRoleToParent(OSecurity oSecurity, PermissionMode permissionMode, ORole... roles) {
String userName = getSecurityRoleOrUserName(permissionMode, SecurityType.USER, true); String userName = getSecurityRoleOrUserName(permissionMode, SecurityType.USER, true);
OUser user = oSecurity.getUser(userName); OUser user = oSecurity.getUser(userName);
for(ORole role : roles) { for(ORole role : roles) {
@ -398,33 +401,33 @@ public class SecurityContext {
user.save(); user.save();
if(getParentSecurityContext() != null) { if(getParentSecurityContext() != null) {
getParentSecurityContext().addHierarchicRoleToParent(oSecurity, permissionMode, roles); getParentSecurityContext().addHierarchicalRoleToParent(oSecurity, permissionMode, roles);
} }
} }
protected void createRolesAndUsers(OSecurity oSecurity) { protected void createRolesAndUsers(OSecurity oSecurity) {
boolean[] booleanArray; boolean[] booleanArray;
if(hierarchic) { if(hierarchical) {
booleanArray = new boolean[] {false, true}; booleanArray = new boolean[] {false, true};
} else { } else {
booleanArray = new boolean[] {false}; booleanArray = new boolean[] {false};
} }
for(boolean hierarchic : booleanArray) { for(boolean hierarchical : booleanArray) {
for(PermissionMode permissionMode : PermissionMode.values()) { for(PermissionMode permissionMode : PermissionMode.values()) {
ORole superRole = getSuperRole(oSecurity, permissionMode); ORole superRole = getSuperRole(oSecurity, permissionMode);
String roleName = getSecurityRoleOrUserName(permissionMode, SecurityType.ROLE, hierarchic); String roleName = getSecurityRoleOrUserName(permissionMode, SecurityType.ROLE, hierarchical);
ORole role = oSecurity.createRole(roleName, superRole, ALLOW_MODES.DENY_ALL_BUT); ORole role = oSecurity.createRole(roleName, superRole, ALLOW_MODES.DENY_ALL_BUT);
addExtraRules(role, permissionMode); addExtraRules(role, permissionMode);
role.save(); role.save();
logger.trace("{} created", role); logger.trace("{} created", role);
if(hierarchic && getParentSecurityContext() != null) { if(hierarchical && getParentSecurityContext() != null) {
getParentSecurityContext().addHierarchicRoleToParent(oSecurity, permissionMode, role); getParentSecurityContext().addHierarchicalRoleToParent(oSecurity, permissionMode, role);
} }
String userName = getSecurityRoleOrUserName(permissionMode, SecurityType.USER, hierarchic); String userName = getSecurityRoleOrUserName(permissionMode, SecurityType.USER, hierarchical);
OUser user = oSecurity.createUser(userName, DatabaseEnvironment.DEFAULT_PASSWORDS.get(permissionMode), OUser user = oSecurity.createUser(userName, DatabaseEnvironment.DEFAULT_PASSWORDS.get(permissionMode),
role); role);
user.save(); user.save();
@ -513,7 +516,7 @@ public class SecurityContext {
protected void deleteRolesAndUsers(OSecurity oSecurity) { protected void deleteRolesAndUsers(OSecurity oSecurity) {
boolean[] booleanArray; boolean[] booleanArray;
if(hierarchic) { if(hierarchical) {
booleanArray = new boolean[] {false, true}; booleanArray = new boolean[] {false, true};
} else { } else {
booleanArray = new boolean[] {false}; booleanArray = new boolean[] {false};

16
src/test/java/org/gcube/informationsystem/resourceregistry/instances/model/entity/FacetManagementTest.java
View File

@ -244,8 +244,8 @@ public class FacetManagementTest extends ContextTest {
read(s); read(s);
}); });
/* Entering hierarchic mode */ /* Entering hierarchical mode */
ContextUtility.getHierarchicMode().set(true); ContextUtility.getHierarchicalMode().set(true);
softwareFacet = read(softwareFacet); softwareFacet = read(softwareFacet);
checkSoftwareFacetAssertion(softwareFacet, VERSION); checkSoftwareFacetAssertion(softwareFacet, VERSION);
@ -256,8 +256,8 @@ public class FacetManagementTest extends ContextTest {
softwareFacet = read(softwareFacet); softwareFacet = read(softwareFacet);
checkSoftwareFacetAssertion(softwareFacet, VERSION); checkSoftwareFacetAssertion(softwareFacet, VERSION);
/* Leaving hierarchic mode */ /* Leaving hierarchical mode */
ContextUtility.getHierarchicMode().set(false); ContextUtility.getHierarchicalMode().set(false);
assertThrow(softwareFacet, FacetAvailableInAnotherContextException.class, (SoftwareFacet s) -> { assertThrow(softwareFacet, FacetAvailableInAnotherContextException.class, (SoftwareFacet s) -> {
read(s); read(s);
@ -290,8 +290,8 @@ public class FacetManagementTest extends ContextTest {
read(s); read(s);
}); });
/* Entering hierarchic mode */ /* Entering hierarchical mode */
ContextUtility.getHierarchicMode().set(true); ContextUtility.getHierarchicalMode().set(true);
assertThrow(softwareFacet, FacetAvailableInAnotherContextException.class, (SoftwareFacet s) -> { assertThrow(softwareFacet, FacetAvailableInAnotherContextException.class, (SoftwareFacet s) -> {
read(s); read(s);
@ -304,8 +304,8 @@ public class FacetManagementTest extends ContextTest {
read(softwareFacet); read(softwareFacet);
checkSoftwareFacetAssertion(softwareFacet, NEW_VERSION); checkSoftwareFacetAssertion(softwareFacet, NEW_VERSION);
/* Leaving hierarchic mode */ /* Leaving hierarchical mode */
ContextUtility.getHierarchicMode().set(false); ContextUtility.getHierarchicalMode().set(false);
read(softwareFacet); read(softwareFacet);
checkSoftwareFacetAssertion(softwareFacet, NEW_VERSION); checkSoftwareFacetAssertion(softwareFacet, NEW_VERSION);

4
src/test/java/org/gcube/informationsystem/resourceregistry/instances/multicontext/BasicTest.java
View File

@ -110,14 +110,14 @@ public class BasicTest extends ContextTest {
/* ---------------- entering hierarchic mode */ /* ---------------- entering hierarchic mode */
ContextUtility.getHierarchicMode().set(true); ContextUtility.getHierarchicalMode().set(true);
facetManagement = new FacetManagement(); facetManagement = new FacetManagement();
facetManagement.setUUID(uuid); facetManagement.setUUID(uuid);
readJson = facetManagement.read(); readJson = facetManagement.read();
logger.debug("You should be able to read it {}", readJson); logger.debug("You should be able to read it {}", readJson);
ContextUtility.getHierarchicMode().set(false); ContextUtility.getHierarchicalMode().set(false);
/* ---------------- leaving hierarchic mode */ /* ---------------- leaving hierarchic mode */