gCubeSystem
/
storagehub
15
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/data-access/storagehub-webapp/1.0@178997 82a268e6-3cf1-43bd-a215-b396298e98cf

This commit is contained in:
Lucio Lelii 2019-04-11 14:38:41 +00:00
parent 8876b9f446
commit 609418a131
2 changed files with 69 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

149
src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
View File

@ -15,7 +15,9 @@ import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.jackrabbit.api.JackrabbitSession;
@ -47,10 +49,10 @@ public class GroupManager {
@Context ServletContext context;
private static final Logger log = LoggerFactory.getLogger(GroupManager.class);
@Inject
RepositoryInitializer repository;
@GET
@Path("")
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
@ -98,9 +100,9 @@ public class GroupManager {
Group createdGroup = usrManager.createGroup(group);
groupId = createdGroup.getID();
//TODO: A VREFolder must be created
createVreFolder(groupId, session);
session.save();
}catch(Exception e) {
log.error("jcr error creating group {}", group, e);
@ -109,25 +111,28 @@ public class GroupManager {
if (session!=null)
session.logout();
}
return groupId;
}
@DELETE
@Path("{id}")
@Path("{group}")
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
public String deleteGroup(@PathParam("id") String id){
public String deleteGroup(@PathParam("group") String group){
JackrabbitSession session = null;
String userId = null;
try {
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
//TODO: the VREFolder must be deleted
Authorizable authorizable = usrManager.getAuthorizable(id);
try {
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
sharedRootNode.getNode(group).removeSharedSet();
}catch (Exception e) {
log.warn("vreFolder {} not found, removing only the group", group);
}
Authorizable authorizable = usrManager.getAuthorizable(group);
if (authorizable.isGroup())
authorizable.remove();
session.save();
@ -138,10 +143,10 @@ public class GroupManager {
if (session!=null)
session.logout();
}
return userId;
return group;
}
@PUT
@Path("{id}")
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
@ -156,9 +161,24 @@ public class GroupManager {
Group group = (Group)usrManager.getAuthorizable(groupId);
User user = (User)usrManager.getAuthorizable(userId);
success = group.addMember(user);
String folderName = group.getPrincipal().getName();
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
Node folder = sharedRootNode.getNode(folderName);
AccessControlManager acm = session.getAccessControlManager();
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.WRITE_OWNER.getValue()) };
String userPath = String.format("%s%s/%s",Utils.getWorkspacePath(user.getPrincipal().getName()).toPath(),Constants.VRE_FOLDER_PARENT_NAME, folderName);
log.debug("creating folder in user path {}", userPath );
session.getWorkspace().clone(session.getWorkspace().getName(), folder.getPath(),userPath , false);
acls.addAccessControlEntry(user.getPrincipal(), usersPrivileges );
acm.setPolicy(folder.getPath(), acls);
session.save();
}catch(Exception e) {
log.error("jcr error adding user {} to group {}", userId, groupId, e);
@ -167,10 +187,10 @@ public class GroupManager {
if (session!=null)
session.logout();
}
return success;
}
@DELETE
@Path("{groupId}/users/{userId}")
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
@ -185,9 +205,9 @@ public class GroupManager {
Group group = (Group)usrManager.getAuthorizable(groupId);
User user = (User)usrManager.getAuthorizable(userId);
success = group.removeMember(user);
session.save();
}catch(Exception e) {
log.error("jcr error adding user {} to group {}", userId, groupId, e);
@ -196,12 +216,13 @@ public class GroupManager {
if (session!=null)
session.logout();
}
return success;
}
@GET
@Path("{groupId}/users")
@Produces(MediaType.APPLICATION_JSON)
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
public List<String> getUsersOfGroup(@PathParam("groupId") String groupId){
@ -213,15 +234,15 @@ public class GroupManager {
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
Group group = (Group)usrManager.getAuthorizable(groupId);
Iterator<Authorizable> it = group.getMembers();
while (it.hasNext()) {
Authorizable user = it.next();
users.add(user.getPrincipal().getName());
}
}catch(Exception e) {
log.error("jcr error getting users of group {}", groupId, e);
GXOutboundErrorResponse.throwException(new BackendGenericError(e));
@ -229,64 +250,30 @@ public class GroupManager {
if (session!=null)
session.logout();
}
return users;
}
@POST
@Path("{groupId}/createVREFolder")
@AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class)
public Response createVreFolder(@PathParam("groupId") String groupId){
JackrabbitSession session = null;
try {
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
private void createVreFolder(String groupId, JackrabbitSession session) throws Exception{
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
String name = groupId;
String title = groupId.substring(groupId.lastIndexOf("-")+1);
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null);
folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
folder.setProperty(NodeProperty.TITLE.toString(), name);
folder.setProperty(NodeProperty.DISPLAY_NAME.toString(), title);
session.save();
AccessControlManager acm = session.getAccessControlManager();
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
Group group = (Group)usrManager.getAuthorizable(groupId);
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
String name = groupId;
String title = groupId.substring(groupId.lastIndexOf("-")+1);
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null);
folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
folder.setProperty(NodeProperty.TITLE.toString(), name);
folder.setProperty(NodeProperty.DISPLAY_NAME.toString(), title);
session.save();
AccessControlManager acm = session.getAccessControlManager();
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.WRITE_OWNER.getValue()) };
Iterator<Authorizable> it = group.getMembers();
while (it.hasNext()) {
Authorizable user = it.next();
String userPath = String.format("%s%s/%s",Utils.getWorkspacePath(user.getPrincipal().getName()).toPath(),Constants.VRE_FOLDER_PARENT_NAME, name);
log.debug("creating folder in user path {}", userPath );
session.getWorkspace().clone(session.getWorkspace().getName(), folder.getPath(),userPath , false);
}
acls.addAccessControlEntry(group.getPrincipal(), usersPrivileges );
acm.setPolicy(folder.getPath(), acls);
session.save();
}catch(Exception e) {
log.error("jcr error creating vreFolder {}", groupId, e);
GXOutboundErrorResponse.throwException(new BackendGenericError(e));
} finally {
if (session!=null)
session.logout();
}
return Response.ok().build();
}
}

1
src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java
View File

@ -112,6 +112,7 @@ public class WorkspaceManager {
org.gcube.common.storagehub.model.Path trashPath = Paths.append(Utils.getWorkspacePath(), Constants.TRASH_ROOT_FOLDER_NAME);
if (!ses.nodeExists(trashPath.toPath())) {
Utils.createFolderInternally(ses, ses.getNode(Utils.getWorkspacePath().toPath()) , Constants.TRASH_ROOT_FOLDER_NAME, "trash of "+user, false, user, null);
ses.save();
}
log.trace("time to connect to repo {}",(System.currentTimeMillis()-start));