gCubeSystem
/
storagehub
16
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

solved an error on authorization for deleted user

This commit is contained in:
lucio 2020-04-05 11:37:15 +02:00
parent 62fe5a77a0
commit 6e69de91d0
1 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/org/gcube/data/access/storagehub/AuthorizationChecker.java
View File

@ -56,9 +56,18 @@ public class AuthorizationChecker {
for (AccessControlEntry entry: entries) {
log.debug("checking access right for {} with compared with {}",login, entry.getPrincipal());
Authorizable authorizable = ((JackrabbitSession) session).getUserManager().getAuthorizable(entry.getPrincipal());
//TODO; check why sometimes the next line gets a nullpointer
if (!authorizable.isGroup() && entry.getPrincipal().getName().equals(login)) return;
if (authorizable.isGroup() && ((Group) authorizable).isMember(userAuthorizable)) return;
if (authorizable==null) {
log.warn("{} doesn't have a correspondant auhtorizable object, check it ", entry.getPrincipal());
continue;
}
try {
if (!authorizable.isGroup() && entry.getPrincipal().getName().equals(login)) return;
if (authorizable.isGroup() && ((Group) authorizable).isMember(userAuthorizable)) return;
}catch (Throwable e) {
log.warn("someting went wrong checking authorizations",e);
}
}
throw new UserNotAuthorizedException("Insufficent Privileges for user "+login+" to read node with id "+id);