git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/data-access/storagehub-webapp/1.0@176020 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
5a45df9b16
commit
16aa33f03c
|
|
@ -34,7 +34,6 @@ public class AuthorizationChecker {
|
|||
Item item = node2Item.getItem(node, Excludes.ALL);
|
||||
|
||||
if (item==null) throw new UserNotAuthorizedException("Insufficent Provileges for user "+login+" to read node with id "+id+": it's not a valid StorageHub node");
|
||||
if (item.isPublicItem()) return;
|
||||
|
||||
if (item.isShared()) {
|
||||
SharedFolder parentShared = node2Item.getItem(retrieveSharedFolderParent(node, session), Excludes.EXCLUDE_ACCOUNTING);
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
package org.gcube.data.access.storagehub.services;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.enterprise.context.RequestScoped;
|
||||
|
|
@ -10,7 +7,6 @@ import javax.inject.Inject;
|
|||
import javax.jcr.Node;
|
||||
import javax.jcr.RepositoryException;
|
||||
import javax.jcr.Session;
|
||||
import javax.jcr.security.AccessControlEntry;
|
||||
import javax.jcr.security.AccessControlManager;
|
||||
import javax.jcr.security.Privilege;
|
||||
import javax.servlet.ServletContext;
|
||||
|
|
@ -33,11 +29,9 @@ import org.gcube.common.storagehub.model.exceptions.BackendGenericError;
|
|||
import org.gcube.common.storagehub.model.exceptions.InvalidCallParameters;
|
||||
import org.gcube.common.storagehub.model.exceptions.InvalidItemException;
|
||||
import org.gcube.common.storagehub.model.exceptions.StorageHubException;
|
||||
import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
|
||||
import org.gcube.common.storagehub.model.items.FolderItem;
|
||||
import org.gcube.common.storagehub.model.items.Item;
|
||||
import org.gcube.common.storagehub.model.items.SharedFolder;
|
||||
import org.gcube.common.storagehub.model.types.ItemAction;
|
||||
import org.gcube.common.storagehub.model.types.NodeProperty;
|
||||
import org.gcube.common.storagehub.model.types.PrimaryNodeType;
|
||||
import org.gcube.data.access.storagehub.AuthorizationChecker;
|
||||
|
|
@ -48,7 +42,6 @@ import org.gcube.data.access.storagehub.handlers.CredentialHandler;
|
|||
import org.gcube.data.access.storagehub.handlers.Item2NodeConverter;
|
||||
import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
|
||||
import org.gcube.data.access.storagehub.handlers.UnshareHandler;
|
||||
import org.gcube.data.access.storagehub.handlers.VersionHandler;
|
||||
import org.gcube.smartgears.utils.InnerMethodName;
|
||||
import org.glassfish.jersey.media.multipart.FormDataParam;
|
||||
import org.slf4j.Logger;
|
||||
|
|
@ -94,7 +87,7 @@ public class ItemSharing {
|
|||
ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||
authChecker.checkWriteAuthorizationControl(ses, id, false);
|
||||
|
||||
//Item item = node2Item.getItem(ses.getNodeByIdentifier(id), Excludes.ALL);
|
||||
Item item = node2Item.getItem(ses.getNodeByIdentifier(id), Excludes.ALL);
|
||||
|
||||
if (accessType==null)
|
||||
accessType = AccessType.READ_ONLY;
|
||||
|
|
@ -124,14 +117,14 @@ public class ItemSharing {
|
|||
|
||||
if (!alreadyShared) {
|
||||
Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||
addUserToSharing(sharedFolderNode, ses, login, adminPrivileges, acls);
|
||||
addUserToSharing(sharedFolderNode, ses, login, item, adminPrivileges, acls);
|
||||
users.remove(login);
|
||||
}
|
||||
|
||||
Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(accessType.getValue()) };
|
||||
for (String user : users)
|
||||
try {
|
||||
addUserToSharing(sharedFolderNode, ses, user, userPrivileges, acls);
|
||||
addUserToSharing(sharedFolderNode, ses, user, null, userPrivileges, acls);
|
||||
}catch(Exception e){
|
||||
log.warn("error adding user {} to sharing of folder {}", user, sharedFolderNode.getName());
|
||||
}
|
||||
|
|
@ -168,7 +161,7 @@ public class ItemSharing {
|
|||
private Node shareFolder(Node node, Session ses) throws RepositoryException, BackendGenericError, StorageHubException{
|
||||
String login = AuthorizationProvider.instance.get().getClient().getId();
|
||||
|
||||
if (!node2Item.checkNodeType(node, FolderItem.class) || Utils.hasSharedChildren(node) || !node.getProperty(NodeProperty.OWNER.toString()).getString().equals(login))
|
||||
if (!node2Item.checkNodeType(node, FolderItem.class) || Utils.hasSharedChildren(node) || !node.getProperty(NodeProperty.PORTAL_LOGIN.toString()).getString().equals(login))
|
||||
throw new InvalidItemException("item with id "+id+" cannot be shared");
|
||||
|
||||
String sharedFolderName = node.getIdentifier();
|
||||
|
|
@ -184,9 +177,24 @@ public class ItemSharing {
|
|||
return sharedFolderNode;
|
||||
}
|
||||
|
||||
private void addUserToSharing(Node sharedFolderNode, Session ses, String user, Privilege[] userPrivileges, JackrabbitAccessControlList acls) throws RepositoryException{
|
||||
ses.getWorkspace().clone(ses.getWorkspace().getName(), sharedFolderNode.getPath(), sharedFolderNode.getProperty(NodeProperty.TITLE.toString()).getString(), false);
|
||||
String userRootWSId = ses.getNode(Utils.getWorkspacePath(user).toPath()).getIdentifier();
|
||||
private void addUserToSharing(Node sharedFolderNode, Session ses, String user, Item itemToShare, Privilege[] userPrivileges, JackrabbitAccessControlList acls) throws RepositoryException{
|
||||
String userRootWSId;
|
||||
String userPath;
|
||||
if (itemToShare==null) {
|
||||
String userRootWS = Utils.getWorkspacePath(user).toPath();
|
||||
userRootWSId = ses.getNode(userRootWS).getIdentifier();
|
||||
userPath = String.format("%s%s",userRootWS,sharedFolderNode.getProperty(NodeProperty.TITLE.toString()).getString());
|
||||
}
|
||||
else {
|
||||
userPath = itemToShare.getPath();
|
||||
userRootWSId = itemToShare.getParentId();
|
||||
}
|
||||
|
||||
|
||||
log.info("cloning directory to {} ",userPath);
|
||||
|
||||
ses.getWorkspace().clone(ses.getWorkspace().getName(), sharedFolderNode.getPath(), userPath , false);
|
||||
|
||||
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(ses, user), userPrivileges );
|
||||
Node usersNode =null;
|
||||
if (sharedFolderNode.hasNode(NodeConstants.USERS_NAME))
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
</context-param>
|
||||
<context-param>
|
||||
<param-name>resolver-basepath</param-name>
|
||||
<param-value>https://data-d.d4science.org/shub</param-value>
|
||||
<param-value>https://data1-d.d4science.org/shub</param-value>
|
||||
</context-param>
|
||||
<servlet>
|
||||
<servlet-name>org.gcube.data.access.storagehub.StorageHub</servlet-name>
|
||||
|
|
|
|||
Loading…
Reference in New Issue