From 16aa33f03c1eb0d1dc30a2648cf3dc80c0a2f1af Mon Sep 17 00:00:00 2001
From: Lucio Lelii <lucio.lelii@isti.cnr.it>
Date: Wed, 19 Dec 2018 18:07:05 +0000
Subject: [PATCH] git-svn-id:
 https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/data-access/storagehub-webapp/1.0@176020
 82a268e6-3cf1-43bd-a215-b396298e98cf

---
 .../storagehub/AuthorizationChecker.java      |  1 -
 .../storagehub/services/ItemSharing.java      | 36 +++++++++++--------
 src/main/webapp/WEB-INF/web.xml               |  2 +-
 3 files changed, 23 insertions(+), 16 deletions(-)

diff --git a/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java b/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
index 748ce56..9d5204e 100644
--- a/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
+++ b/src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
@@ -34,7 +34,6 @@ public class AuthorizationChecker {
 		Item item  = node2Item.getItem(node, Excludes.ALL);
 
 		if (item==null) throw new UserNotAuthorizedException("Insufficent Provileges for user "+login+" to read node with id "+id+": it's  not a valid StorageHub node");
-		if (item.isPublicItem()) return;
 				
 		if (item.isShared()) {
 			SharedFolder parentShared = node2Item.getItem(retrieveSharedFolderParent(node, session), Excludes.EXCLUDE_ACCOUNTING);
diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java b/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java
index 196d5db..4865afd 100644
--- a/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java
@@ -1,8 +1,5 @@
 package org.gcube.data.access.storagehub.services;
 
-import java.util.Calendar;
-import java.util.HashSet;
-import java.util.List;
 import java.util.Set;
 
 import javax.enterprise.context.RequestScoped;
@@ -10,7 +7,6 @@ import javax.inject.Inject;
 import javax.jcr.Node;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-import javax.jcr.security.AccessControlEntry;
 import javax.jcr.security.AccessControlManager;
 import javax.jcr.security.Privilege;
 import javax.servlet.ServletContext;
@@ -33,11 +29,9 @@ import org.gcube.common.storagehub.model.exceptions.BackendGenericError;
 import org.gcube.common.storagehub.model.exceptions.InvalidCallParameters;
 import org.gcube.common.storagehub.model.exceptions.InvalidItemException;
 import org.gcube.common.storagehub.model.exceptions.StorageHubException;
-import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
 import org.gcube.common.storagehub.model.items.FolderItem;
 import org.gcube.common.storagehub.model.items.Item;
 import org.gcube.common.storagehub.model.items.SharedFolder;
-import org.gcube.common.storagehub.model.types.ItemAction;
 import org.gcube.common.storagehub.model.types.NodeProperty;
 import org.gcube.common.storagehub.model.types.PrimaryNodeType;
 import org.gcube.data.access.storagehub.AuthorizationChecker;
@@ -48,7 +42,6 @@ import org.gcube.data.access.storagehub.handlers.CredentialHandler;
 import org.gcube.data.access.storagehub.handlers.Item2NodeConverter;
 import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
 import org.gcube.data.access.storagehub.handlers.UnshareHandler;
-import org.gcube.data.access.storagehub.handlers.VersionHandler;
 import org.gcube.smartgears.utils.InnerMethodName;
 import org.glassfish.jersey.media.multipart.FormDataParam;
 import org.slf4j.Logger;
@@ -94,7 +87,7 @@ public class ItemSharing {
 			ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			authChecker.checkWriteAuthorizationControl(ses, id, false);
 
-			//Item item = node2Item.getItem(ses.getNodeByIdentifier(id), Excludes.ALL);
+			Item item = node2Item.getItem(ses.getNodeByIdentifier(id), Excludes.ALL);
 
 			if (accessType==null)
 				accessType = AccessType.READ_ONLY;
@@ -124,14 +117,14 @@ public class ItemSharing {
 
 				if (!alreadyShared) {
 					Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
-					addUserToSharing(sharedFolderNode, ses, login, adminPrivileges, acls);
+					addUserToSharing(sharedFolderNode, ses, login, item,  adminPrivileges, acls);
 					users.remove(login);
 				}
 
 				Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(accessType.getValue()) };
 				for (String user : users) 
 					try {
-						addUserToSharing(sharedFolderNode, ses, user, userPrivileges, acls);
+						addUserToSharing(sharedFolderNode, ses, user, null,  userPrivileges, acls);
 					}catch(Exception e){
 						log.warn("error adding user {} to sharing of folder {}", user, sharedFolderNode.getName());
 					}
@@ -168,7 +161,7 @@ public class ItemSharing {
 	private Node shareFolder(Node node, Session ses) throws RepositoryException, BackendGenericError, StorageHubException{
 		String login = AuthorizationProvider.instance.get().getClient().getId();
 
-		if (!node2Item.checkNodeType(node, FolderItem.class) || Utils.hasSharedChildren(node) || !node.getProperty(NodeProperty.OWNER.toString()).getString().equals(login))
+		if (!node2Item.checkNodeType(node, FolderItem.class) || Utils.hasSharedChildren(node) || !node.getProperty(NodeProperty.PORTAL_LOGIN.toString()).getString().equals(login))
 			throw new InvalidItemException("item with id "+id+" cannot be shared");
 
 		String sharedFolderName = node.getIdentifier();
@@ -184,9 +177,24 @@ public class ItemSharing {
 		return sharedFolderNode;
 	}
 
-	private void addUserToSharing(Node sharedFolderNode, Session ses, String user, Privilege[] userPrivileges, JackrabbitAccessControlList acls) throws RepositoryException{
-		ses.getWorkspace().clone(ses.getWorkspace().getName(), sharedFolderNode.getPath(), sharedFolderNode.getProperty(NodeProperty.TITLE.toString()).getString(), false);
-		String userRootWSId = ses.getNode(Utils.getWorkspacePath(user).toPath()).getIdentifier();
+	private void addUserToSharing(Node sharedFolderNode, Session ses, String user, Item itemToShare, Privilege[] userPrivileges, JackrabbitAccessControlList acls) throws RepositoryException{
+		String userRootWSId;
+		String userPath;
+		if (itemToShare==null) {
+			String userRootWS = Utils.getWorkspacePath(user).toPath(); 
+			userRootWSId = ses.getNode(userRootWS).getIdentifier();
+			userPath = String.format("%s%s",userRootWS,sharedFolderNode.getProperty(NodeProperty.TITLE.toString()).getString());
+		}
+		else {
+			userPath = itemToShare.getPath();
+			userRootWSId = itemToShare.getParentId();
+		}
+						
+		
+		log.info("cloning directory to {} ",userPath);
+		
+		ses.getWorkspace().clone(ses.getWorkspace().getName(), sharedFolderNode.getPath(), userPath , false);
+
 		acls.addAccessControlEntry(AccessControlUtils.getPrincipal(ses, user), userPrivileges );
 		Node usersNode =null; 
 		if (sharedFolderNode.hasNode(NodeConstants.USERS_NAME))
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 88995ec..30e611b 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -10,7 +10,7 @@
 	</context-param>
 	<context-param>
 		<param-name>resolver-basepath</param-name>
-		<param-value>https://data-d.d4science.org/shub</param-value>
+		<param-value>https://data1-d.d4science.org/shub</param-value>
 	</context-param>
 	<servlet>
 		<servlet-name>org.gcube.data.access.storagehub.StorageHub</servlet-name>