Implementing strategy for add/remove to/from context no follow
This commit is contained in:
parent
6082e3a0d6
commit
b18ebe7427
|
|
@ -28,6 +28,7 @@ import com.orientechnologies.orient.core.db.ODatabaseSession;
|
|||
import com.orientechnologies.orient.core.db.document.ODatabaseDocument;
|
||||
import com.orientechnologies.orient.core.db.record.OIdentifiable;
|
||||
import com.orientechnologies.orient.core.db.record.ORecordLazySet;
|
||||
import com.orientechnologies.orient.core.id.ORID;
|
||||
import com.orientechnologies.orient.core.metadata.security.ORestrictedOperation;
|
||||
import com.orientechnologies.orient.core.metadata.security.ORole;
|
||||
import com.orientechnologies.orient.core.metadata.security.OSecurity;
|
||||
|
|
@ -322,6 +323,22 @@ public class SecurityContext {
|
|||
oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, readerRoleName);
|
||||
}
|
||||
|
||||
public boolean isElementInContext(final OElement element) throws ResourceRegistryException {
|
||||
ORID orid = element.getIdentity();
|
||||
|
||||
ODatabaseDocument current = ContextUtility.getCurrentODatabaseDocumentFromThreadLocal();
|
||||
ODatabaseDocument contextODatabaseDocument = getDatabaseDocument(PermissionMode.READER);
|
||||
contextODatabaseDocument.activateOnCurrentThread();
|
||||
|
||||
ORecord oRecord = contextODatabaseDocument.getRecord(orid);
|
||||
logger.trace("{}", oRecord);
|
||||
|
||||
if(current!=null) {
|
||||
current.activateOnCurrentThread();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public void addElement(OElement element, ODatabaseDocument oDatabaseDocument) {
|
||||
ODocument oDocument = element.getRecord();
|
||||
OSecurity oSecurity = getOSecurity(oDatabaseDocument);
|
||||
|
|
|
|||
|
|
@ -42,6 +42,7 @@ import org.gcube.informationsystem.resourceregistry.contexts.security.SecurityCo
|
|||
import org.gcube.informationsystem.resourceregistry.contexts.security.SecurityContext.PermissionMode;
|
||||
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;
|
||||
import org.gcube.informationsystem.resourceregistry.instances.base.properties.PropertyElementManagement;
|
||||
import org.gcube.informationsystem.resourceregistry.instances.model.OperationValidator;
|
||||
import org.gcube.informationsystem.resourceregistry.utils.HeaderOrient;
|
||||
import org.gcube.informationsystem.resourceregistry.utils.HeaderUtility;
|
||||
import org.gcube.informationsystem.resourceregistry.utils.Utility;
|
||||
|
|
@ -772,6 +773,11 @@ public abstract class ElementManagement<El extends OElement> {
|
|||
|
||||
public Map<UUID,JsonNode> addToContext(UUID contextUUID)
|
||||
throws NotFoundException, ContextException, ResourceRegistryException {
|
||||
return addToContext(contextUUID, null);
|
||||
}
|
||||
|
||||
public Map<UUID,JsonNode> addToContext(UUID contextUUID, OperationValidator operationValidator)
|
||||
throws NotFoundException, ContextException, ResourceRegistryException {
|
||||
logger.info("Going to add {} with UUID {} to Context with UUID {}", accessType.getName(), uuid, contextUUID);
|
||||
ODatabaseDocument current = ContextUtility.getCurrentODatabaseDocumentFromThreadLocal();
|
||||
try {
|
||||
|
|
@ -782,7 +788,16 @@ public abstract class ElementManagement<El extends OElement> {
|
|||
|
||||
Map<UUID,JsonNode> affectedInstances = internalAddToContext(targetSecurityContext);
|
||||
|
||||
oDatabaseDocument.commit();
|
||||
if(honourPropagationConstraintsInContextSharing) {
|
||||
oDatabaseDocument.commit();
|
||||
}else {
|
||||
if(operationValidator==null) {
|
||||
throw new ResourceRegistryException("A removeFromContext operation which must not honour PropagationConstraints have to provide an " + OperationValidator.class.getSimpleName());
|
||||
}
|
||||
if(operationValidator.isValidOperation(affectedInstances)) {
|
||||
oDatabaseDocument.commit();
|
||||
}
|
||||
}
|
||||
logger.info("{} with UUID {} successfully added to Context with UUID {}", elementType, uuid, contextUUID);
|
||||
|
||||
return affectedInstances;
|
||||
|
|
@ -811,6 +826,11 @@ public abstract class ElementManagement<El extends OElement> {
|
|||
|
||||
public Map<UUID,JsonNode> removeFromContext(UUID contextUUID)
|
||||
throws NotFoundException, ContextException, ResourceRegistryException {
|
||||
return removeFromContext(contextUUID, null);
|
||||
}
|
||||
|
||||
public Map<UUID,JsonNode> removeFromContext(UUID contextUUID, OperationValidator operationValidator)
|
||||
throws NotFoundException, ContextException, ResourceRegistryException {
|
||||
logger.debug("Going to remove {} with UUID {} from Context with UUID {}", elementType, uuid, contextUUID);
|
||||
ODatabaseDocument current = ContextUtility.getCurrentODatabaseDocumentFromThreadLocal();
|
||||
try {
|
||||
|
|
@ -821,7 +841,16 @@ public abstract class ElementManagement<El extends OElement> {
|
|||
|
||||
Map<UUID,JsonNode> affectedInstances = internalRemoveFromContext(targetSecurityContext);
|
||||
|
||||
oDatabaseDocument.commit();
|
||||
if(honourPropagationConstraintsInContextSharing) {
|
||||
oDatabaseDocument.commit();
|
||||
}else {
|
||||
if(operationValidator==null) {
|
||||
throw new ResourceRegistryException("A removeFromContext operation which must not honour PropagationConstraints have to provide an " + OperationValidator.class.getSimpleName());
|
||||
}
|
||||
if(operationValidator.isValidOperation(affectedInstances)) {
|
||||
oDatabaseDocument.commit();
|
||||
}
|
||||
}
|
||||
logger.info("{} with UUID {} successfully removed from Context with UUID {}", elementType, uuid, contextUUID);
|
||||
|
||||
return affectedInstances;
|
||||
|
|
@ -1219,4 +1248,12 @@ public abstract class ElementManagement<El extends OElement> {
|
|||
}
|
||||
}
|
||||
|
||||
public boolean isAvailableOnContext(OElement element, SecurityContext securityContext) {
|
||||
try {
|
||||
return securityContext.isElementInContext(element);
|
||||
} catch (ResourceRegistryException e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -227,13 +227,15 @@ public abstract class EntityManagement<E extends EntityElement> extends EntityEl
|
|||
|
||||
Map<UUID,JsonNode> affectedInstances = new HashMap<>();
|
||||
|
||||
Iterable<OEdge> edges = getElement().getEdges(ODirection.OUT);
|
||||
|
||||
for(OEdge edge : edges) {
|
||||
RelationManagement<?> relationManagement = getRelationManagement(edge);
|
||||
relationManagement.setDryRunContextSharing(dryRunContextSharing);
|
||||
relationManagement.setHonourPropagationConstraintsInContextSharing(honourPropagationConstraintsInContextSharing);
|
||||
affectedInstances.putAll(relationManagement.internalRemoveFromContext(targetSecurityContext));
|
||||
if(honourPropagationConstraintsInContextSharing) {
|
||||
Iterable<OEdge> edges = getElement().getEdges(ODirection.OUT);
|
||||
|
||||
for(OEdge edge : edges) {
|
||||
RelationManagement<?> relationManagement = getRelationManagement(edge);
|
||||
relationManagement.setDryRunContextSharing(dryRunContextSharing);
|
||||
relationManagement.setHonourPropagationConstraintsInContextSharing(honourPropagationConstraintsInContextSharing);
|
||||
affectedInstances.putAll(relationManagement.internalRemoveFromContext(targetSecurityContext));
|
||||
}
|
||||
}
|
||||
|
||||
if(!dryRunContextSharing) {
|
||||
|
|
|
|||
|
|
@ -105,25 +105,30 @@ public class SharingManager {
|
|||
CalledMethodProvider.instance.set(calledMethod.toString());
|
||||
|
||||
ObjectMapper objectMapper = new ObjectMapper();
|
||||
Map<UUID,JsonNode> affectedInstances = new HashMap<>();
|
||||
|
||||
ArrayNode arrayNode = (ArrayNode) objectMapper.readTree(body);
|
||||
for(JsonNode node : arrayNode) {
|
||||
|
||||
Map<UUID,JsonNode> expectedInstances = new HashMap<>();
|
||||
|
||||
ElementManagement<?> elementManagement = null;
|
||||
boolean first = true;
|
||||
|
||||
for(JsonNode node : arrayNode) {
|
||||
String type = node.get(Element.CLASS_PROPERTY).asText();
|
||||
String instanceId = node.get(IdentifiableElement.HEADER_PROPERTY).get(Header.UUID_PROPERTY).asText();
|
||||
|
||||
ElementManagement<?> elementManagement = ElementManagementUtility.getERManagement(type);
|
||||
elementManagement.setUUID(UUID.fromString(instanceId));
|
||||
elementManagement.setDryRunContextSharing(dryRun);
|
||||
|
||||
if(operation == SharingOperation.ADD) {
|
||||
affectedInstances.putAll(elementManagement.addToContext(UUID.fromString(contextId)));
|
||||
}else {
|
||||
affectedInstances.putAll(elementManagement.removeFromContext(UUID.fromString(contextId)));
|
||||
UUID uuid = UUID.fromString(instanceId);
|
||||
expectedInstances.put(uuid, node);
|
||||
if(first) {
|
||||
elementManagement = ElementManagementUtility.getERManagement(type);
|
||||
elementManagement.setUUID(UUID.fromString(instanceId));
|
||||
first = false;
|
||||
}
|
||||
}
|
||||
|
||||
elementManagement.setHonourPropagationConstraintsInContextSharing(false);
|
||||
elementManagement.setDryRunContextSharing(dryRun);
|
||||
UUID contextUUID = UUID.fromString(contextId);
|
||||
Map<UUID,JsonNode> affectedInstances = elementManagement.addToContext(contextUUID);
|
||||
|
||||
return serializeAffectedInstaces(objectMapper, affectedInstances);
|
||||
}catch (ResourceRegistryException e) {
|
||||
throw e;
|
||||
|
|
|
|||
Loading…
Reference in New Issue