From 609418a131b5d3d8f26e4a67b849e904414dbbcc Mon Sep 17 00:00:00 2001 From: Lucio Lelii Date: Thu, 11 Apr 2019 14:38:41 +0000 Subject: [PATCH] git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/data-access/storagehub-webapp/1.0@178997 82a268e6-3cf1-43bd-a215-b396298e98cf --- .../storagehub/services/GroupManager.java | 149 ++++++++---------- .../storagehub/services/WorkspaceManager.java | 1 + 2 files changed, 69 insertions(+), 81 deletions(-) diff --git a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java index 95fcef1..e952b55 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java @@ -15,7 +15,9 @@ import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.jackrabbit.api.JackrabbitSession; @@ -47,10 +49,10 @@ public class GroupManager { @Context ServletContext context; private static final Logger log = LoggerFactory.getLogger(GroupManager.class); - + @Inject RepositoryInitializer repository; - + @GET @Path("") @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) @@ -98,9 +100,9 @@ public class GroupManager { Group createdGroup = usrManager.createGroup(group); groupId = createdGroup.getID(); - - //TODO: A VREFolder must be created - + + createVreFolder(groupId, session); + session.save(); }catch(Exception e) { log.error("jcr error creating group {}", group, e); @@ -109,25 +111,28 @@ public class GroupManager { if (session!=null) session.logout(); } - + return groupId; } - + @DELETE - @Path("{id}") + @Path("{group}") @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) - public String deleteGroup(@PathParam("id") String id){ + public String deleteGroup(@PathParam("group") String group){ JackrabbitSession session = null; - String userId = null; try { session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager(); - //TODO: the VREFolder must be deleted - - Authorizable authorizable = usrManager.getAuthorizable(id); + try { + Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH); + sharedRootNode.getNode(group).removeSharedSet(); + }catch (Exception e) { + log.warn("vreFolder {} not found, removing only the group", group); + } + Authorizable authorizable = usrManager.getAuthorizable(group); if (authorizable.isGroup()) authorizable.remove(); session.save(); @@ -138,10 +143,10 @@ public class GroupManager { if (session!=null) session.logout(); } - - return userId; + + return group; } - + @PUT @Path("{id}") @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) @@ -156,9 +161,24 @@ public class GroupManager { Group group = (Group)usrManager.getAuthorizable(groupId); User user = (User)usrManager.getAuthorizable(userId); - + success = group.addMember(user); + + String folderName = group.getPrincipal().getName(); + Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH); + Node folder = sharedRootNode.getNode(folderName); + AccessControlManager acm = session.getAccessControlManager(); + JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath()); + Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.WRITE_OWNER.getValue()) }; + + String userPath = String.format("%s%s/%s",Utils.getWorkspacePath(user.getPrincipal().getName()).toPath(),Constants.VRE_FOLDER_PARENT_NAME, folderName); + log.debug("creating folder in user path {}", userPath ); + session.getWorkspace().clone(session.getWorkspace().getName(), folder.getPath(),userPath , false); + + acls.addAccessControlEntry(user.getPrincipal(), usersPrivileges ); + acm.setPolicy(folder.getPath(), acls); + session.save(); }catch(Exception e) { log.error("jcr error adding user {} to group {}", userId, groupId, e); @@ -167,10 +187,10 @@ public class GroupManager { if (session!=null) session.logout(); } - + return success; } - + @DELETE @Path("{groupId}/users/{userId}") @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) @@ -185,9 +205,9 @@ public class GroupManager { Group group = (Group)usrManager.getAuthorizable(groupId); User user = (User)usrManager.getAuthorizable(userId); - + success = group.removeMember(user); - + session.save(); }catch(Exception e) { log.error("jcr error adding user {} to group {}", userId, groupId, e); @@ -196,12 +216,13 @@ public class GroupManager { if (session!=null) session.logout(); } - + return success; } - + @GET @Path("{groupId}/users") + @Produces(MediaType.APPLICATION_JSON) @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) public List getUsersOfGroup(@PathParam("groupId") String groupId){ @@ -213,15 +234,15 @@ public class GroupManager { org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager(); Group group = (Group)usrManager.getAuthorizable(groupId); - + Iterator it = group.getMembers(); - + while (it.hasNext()) { Authorizable user = it.next(); users.add(user.getPrincipal().getName()); } - - + + }catch(Exception e) { log.error("jcr error getting users of group {}", groupId, e); GXOutboundErrorResponse.throwException(new BackendGenericError(e)); @@ -229,64 +250,30 @@ public class GroupManager { if (session!=null) session.logout(); } - + return users; } - - @POST - @Path("{groupId}/createVREFolder") - @AuthorizationControl(allowed={"lucio.lelii"}, exception=MyAuthException.class) - public Response createVreFolder(@PathParam("groupId") String groupId){ - JackrabbitSession session = null; - try { - session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); + private void createVreFolder(String groupId, JackrabbitSession session) throws Exception{ - org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager(); + Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH); + + String name = groupId; + + String title = groupId.substring(groupId.lastIndexOf("-")+1); + + Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null); + folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER); + folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true); + folder.setProperty(NodeProperty.TITLE.toString(), name); + folder.setProperty(NodeProperty.DISPLAY_NAME.toString(), title); + session.save(); + + AccessControlManager acm = session.getAccessControlManager(); + JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath()); + Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) }; + acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges ); - Group group = (Group)usrManager.getAuthorizable(groupId); - - Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH); - - String name = groupId; - - String title = groupId.substring(groupId.lastIndexOf("-")+1); - - Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null); - folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER); - folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true); - folder.setProperty(NodeProperty.TITLE.toString(), name); - folder.setProperty(NodeProperty.DISPLAY_NAME.toString(), title); - session.save(); - - AccessControlManager acm = session.getAccessControlManager(); - JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath()); - Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) }; - acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges ); - - - Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.WRITE_OWNER.getValue()) }; - - Iterator it = group.getMembers(); - - while (it.hasNext()) { - Authorizable user = it.next(); - String userPath = String.format("%s%s/%s",Utils.getWorkspacePath(user.getPrincipal().getName()).toPath(),Constants.VRE_FOLDER_PARENT_NAME, name); - log.debug("creating folder in user path {}", userPath ); - session.getWorkspace().clone(session.getWorkspace().getName(), folder.getPath(),userPath , false); - } - acls.addAccessControlEntry(group.getPrincipal(), usersPrivileges ); - acm.setPolicy(folder.getPath(), acls); - session.save(); - - }catch(Exception e) { - log.error("jcr error creating vreFolder {}", groupId, e); - GXOutboundErrorResponse.throwException(new BackendGenericError(e)); - } finally { - if (session!=null) - session.logout(); - } - return Response.ok().build(); } - + } diff --git a/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java b/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java index af018bc..2dcbb95 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java @@ -112,6 +112,7 @@ public class WorkspaceManager { org.gcube.common.storagehub.model.Path trashPath = Paths.append(Utils.getWorkspacePath(), Constants.TRASH_ROOT_FOLDER_NAME); if (!ses.nodeExists(trashPath.toPath())) { Utils.createFolderInternally(ses, ses.getNode(Utils.getWorkspacePath().toPath()) , Constants.TRASH_ROOT_FOLDER_NAME, "trash of "+user, false, user, null); + ses.save(); } log.trace("time to connect to repo {}",(System.currentTimeMillis()-start));