@ -44,7 +44,6 @@ import javax.ws.rs.core.StreamingOutput;
import org.apache.commons.io.FilenameUtils ;
import org.gcube.common.authorization.control.annotations.AuthorizationControl ;
import org.gcube.common.authorization.library.provider.AuthorizationProvider ;
import org.gcube.common.encryption.encrypter.StringEncrypter ;
import org.gcube.common.gxrest.response.outbound.GXOutboundErrorResponse ;
import org.gcube.common.scope.api.ScopeProvider ;
@ -69,8 +68,8 @@ import org.gcube.common.storagehub.model.service.ItemWrapper;
import org.gcube.common.storagehub.model.service.VersionList ;
import org.gcube.common.storagehub.model.types.ItemAction ;
import org.gcube.common.storagehub.model.types.NodeProperty ;
import org.gcube.data.access.storagehub.AuthorizationChecker ;
import org.gcube.data.access.storagehub.Constants ;
import org.gcube.data.access.storagehub.PathUtil ;
import org.gcube.data.access.storagehub.Range ;
import org.gcube.data.access.storagehub.SingleFileStreamingOutput ;
import org.gcube.data.access.storagehub.StorageHubAppllicationManager ;
@ -92,7 +91,7 @@ import org.slf4j.LoggerFactory;
@Path ( "items" )
@ManagedBy ( StorageHubAppllicationManager . class )
public class ItemsManager {
public class ItemsManager extends Impersonable {
private static final Logger log = LoggerFactory . getLogger ( ItemsManager . class ) ;
@ -108,20 +107,20 @@ public class ItemsManager {
@Context
ServletContext context ;
@Inject
AuthorizationChecker authChecker ;
@Inject
VersionHandler versionHandler ;
@Inject
TrashHandler trashHandler ;
@Inject PathUtil pathUtil ;
@Inject Node2ItemConverter node2Item ;
@Inject Item2NodeConverter item2Node ;
@Inject StorageBackendHandler storageBackend ;
@GET
@Path ( "{id}" )
@Produces ( MediaType . APPLICATION_JSON )
@ -380,7 +379,6 @@ public class ItemsManager {
log . warn ( "arrived id is {}" , id ) ;
Session ses = null ;
try {
String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
String complexId = id ;
@ -425,9 +423,9 @@ public class ItemsManager {
if ( ! ( item instanceof AbstractFileItem ) ) throw new InvalidCallParameters ( "the choosen item is not a File" ) ;
if ( versionName ! = null )
return downloadVersionInternal ( ses , login , itemId , versionName , false ) ;
return downloadVersionInternal ( ses , currentUser , itemId , versionName , false ) ;
else
return downloadFileInternal ( ses , ( AbstractFileItem ) item , login , true ) ;
return downloadFileInternal ( ses , ( AbstractFileItem ) item , currentUser , true ) ;
} catch ( RepositoryException re ) {
@ -648,11 +646,10 @@ public class ItemsManager {
InnerMethodName . instance . set ( "downloadSpecificVersion" ) ;
Session ses = null ;
try {
String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkReadAuthorizationControl ( ses , id ) ;
return downloadVersionInternal ( ses , login , id , versionName , true ) ;
return downloadVersionInternal ( ses , currentUser , id , versionName , true ) ;
} catch ( RepositoryException re ) {
log . error ( "jcr error downloading version" , re ) ;
@ -690,7 +687,7 @@ public class ItemsManager {
String fileName = String . format ( "%s_v%s.%s" , oldfilename , version . getName ( ) , ext ) ;
if ( withAccounting )
accountingHandler . createReadObj ( fileName , ses , node , true ) ;
accountingHandler . createReadObj ( fileName , ses , node , login , true ) ;
StreamingOutput so = new SingleFileStreamingOutput ( streamToWrite ) ;
@ -710,11 +707,11 @@ public class ItemsManager {
@Produces ( MediaType . APPLICATION_JSON )
public ItemList getAnchestors ( @QueryParam ( "exclude" ) List < String > excludes ) {
InnerMethodName . instance . set ( "getAnchestors" ) ;
org . gcube . common . storagehub . model . Path absolutePath = Utils . getWorkspacePath ( ) ;
org . gcube . common . storagehub . model . Path absolutePath = path Util. getWorkspacePath ( currentUser ) ;
Session ses = null ;
List < Item > toReturn = new LinkedList < > ( ) ;
try {
String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkReadAuthorizationControl ( ses , id ) ;
Node currentNode = ses . getNodeByIdentifier ( id ) ;
@ -726,7 +723,7 @@ public class ItemsManager {
boolean found = false ;
while ( sharedSetIterator . hasNext ( ) ) {
Node sharedNode = sharedSetIterator . nextNode ( ) ;
if ( sharedNode . getPath ( ) . startsWith ( Utils. getWorkspacePath ( login ) . toPath ( ) ) ) {
if ( sharedNode . getPath ( ) . startsWith ( absolutePath . toPath ( ) ) ) {
currentNode = sharedNode . getParent ( ) ;
found = true ;
break ;
@ -769,17 +766,16 @@ public class ItemsManager {
Session ses = null ;
Response response = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
final Node node = ses . getNodeByIdentifier ( id ) ;
authChecker . checkReadAuthorizationControl ( ses , id ) ;
final Item item = node2Item . getItem ( node , null ) ;
if ( item instanceof AbstractFileItem ) {
return downloadFileInternal ( ses , ( AbstractFileItem ) item , login , true ) ;
return downloadFileInternal ( ses , ( AbstractFileItem ) item , currentUser , true ) ;
} else if ( item instanceof FolderItem ) {
try {
final Deque < Item > allNodes = Utils . getAllNodesForZip ( ( FolderItem ) item , ses , accountingHandler, excludes ) ;
final Deque < Item > allNodes = Utils . getAllNodesForZip ( ( FolderItem ) item , ses , currentUser, accountingHandler, excludes ) ;
final org . gcube . common . storagehub . model . Path originalPath = Paths . getPath ( item . getParentPath ( ) ) ;
StreamingOutput so = new StreamingOutput ( ) {
@ -790,7 +786,7 @@ public class ItemsManager {
long start = System . currentTimeMillis ( ) ;
zos . setLevel ( Deflater . BEST_COMPRESSION ) ;
log . debug ( "writing StreamOutput" ) ;
Utils . zipNode ( zos , allNodes , login , originalPath , storageBackend ) ;
Utils . zipNode ( zos , allNodes , currentUser , originalPath , storageBackend ) ;
log . debug ( "StreamOutput written in {}" , ( System . currentTimeMillis ( ) - start ) ) ;
} catch ( Exception e ) {
log . error ( "error writing stream" , e ) ;
@ -806,7 +802,7 @@ public class ItemsManager {
. header ( "Content-Length" , - 1l )
. build ( ) ;
accountingHandler . createReadObj ( item . getTitle ( ) , ses , ses . getNodeByIdentifier ( item . getId ( ) ) , false ) ;
accountingHandler . createReadObj ( item . getTitle ( ) , ses , ( Node ) item . getRelatedNode ( ) , currentUser , false ) ;
} finally {
if ( ses ! = null ) ses . save ( ) ;
}
@ -830,7 +826,7 @@ public class ItemsManager {
final InputStream streamToWrite = storageBackend . download ( fileItem . getContent ( ) . getStorageId ( ) ) ;
if ( withAccounting )
accountingHandler . createReadObj ( fileItem . getTitle ( ) , ses , ses . getNodeByIdentifier ( fileItem . getId ( ) ) , true ) ;
accountingHandler . createReadObj ( fileItem . getTitle ( ) , ses , ( Node ) fileItem . getRelatedNode ( ) , login , true ) ;
StreamingOutput so = new SingleFileStreamingOutput ( streamToWrite ) ;
@ -851,8 +847,7 @@ public class ItemsManager {
Session ses = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkMoveOpsForProtectedFolders ( ses , id ) ;
@ -884,8 +879,8 @@ public class ItemsManager {
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( destination . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getPath ( ) , true , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( destination . getPath ( ) , false , true , 0 , currentUser ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getPath ( ) , true , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
@ -894,15 +889,15 @@ public class ItemsManager {
String newPath = String . format ( "%s/%s" , destination . getPath ( ) , uniqueName ) ;
ses . getWorkspace ( ) . move ( nodeToMove . getPath ( ) , newPath ) ;
Utils . setPropertyOnChangeNode ( ses . getNode ( newPath ) , login , ItemAction . MOVED ) ;
Utils . setPropertyOnChangeNode ( ses . getNode ( newPath ) , currentUser , ItemAction . MOVED ) ;
String mimeTypeForAccounting = ( item instanceof AbstractFileItem ) ? ( ( AbstractFileItem ) item ) . getContent ( ) . getMimeType ( ) : null ;
if ( movingSharedItemOutside )
item2Node . updateOwnerOnSubTree ( nodeToMove , login ) ;
item2Node . updateOwnerOnSubTree ( nodeToMove , currentUser ) ;
accountingHandler . createFolderAddObj ( uniqueName , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , destination , false ) ;
accountingHandler . createFolderRemoveObj ( item . getTitle ( ) , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , originalParent, false ) ;
accountingHandler . createFolderAddObj ( uniqueName , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , currentUser , destination , false ) ;
accountingHandler . createFolderRemoveObj ( item . getTitle ( ) , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , currentUser, originalParent, false ) ;
ses . save ( ) ;
} finally {
ses . getWorkspace ( ) . getLockManager ( ) . unlock ( nodeToMove . getPath ( ) ) ;
@ -931,8 +926,6 @@ public class ItemsManager {
Session ses = null ;
String newFileIdentifier = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
//ses = RepositoryInitializer.getRepository().login(new SimpleCredentials(login,Utils.getSecurePassword(login).toCharArray()));
//TODO check if it is possible to change all the ACL on a workspace
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
@ -949,8 +942,8 @@ public class ItemsManager {
throw new InvalidItemException ( "folder cannot be copied" ) ;
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( destination . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToCopy . getPath ( ) , true , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( destination . getPath ( ) , false , true , 0 , currentUser ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToCopy . getPath ( ) , true , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
@ -968,13 +961,13 @@ public class ItemsManager {
item2Node . replaceContent ( newNode , ( AbstractFileItem ) item , ItemAction . CLONED ) ;
}
Utils . setPropertyOnChangeNode ( newNode , login , ItemAction . CLONED ) ;
newNode . setProperty ( NodeProperty . PORTAL_LOGIN . toString ( ) , login ) ;
Utils . setPropertyOnChangeNode ( newNode , currentUser , ItemAction . CLONED ) ;
newNode . setProperty ( NodeProperty . PORTAL_LOGIN . toString ( ) , currentUser ) ;
newNode . setProperty ( NodeProperty . IS_PUBLIC . toString ( ) , false ) ;
newNode . setProperty ( NodeProperty . TITLE . toString ( ) , uniqueName ) ;
String mimeTypeForAccounting = ( item instanceof AbstractFileItem ) ? ( ( AbstractFileItem ) item ) . getContent ( ) . getMimeType ( ) : null ;
accountingHandler . createFolderAddObj ( uniqueName , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , destination, false ) ;
accountingHandler . createFolderAddObj ( uniqueName , item . getClass ( ) . getSimpleName ( ) , mimeTypeForAccounting , ses , currentUser, destination, false ) ;
ses . save ( ) ;
@ -1005,8 +998,7 @@ public class ItemsManager {
Session ses = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkMoveOpsForProtectedFolders ( ses , id ) ;
@ -1024,8 +1016,8 @@ public class ItemsManager {
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getPath ( ) , true , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getParent ( ) . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getPath ( ) , true , true , 0 , currentUser ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToMove . getParent ( ) . getPath ( ) , false , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
@ -1035,9 +1027,9 @@ public class ItemsManager {
String newPath = String . format ( "%s/%s" , nodeToMove . getParent ( ) . getPath ( ) , uniqueName ) ;
nodeToMove . setProperty ( NodeProperty . TITLE . toString ( ) , uniqueName ) ;
Utils . setPropertyOnChangeNode ( nodeToMove , login , ItemAction . RENAMED ) ;
Utils . setPropertyOnChangeNode ( nodeToMove , currentUser , ItemAction . RENAMED ) ;
ses . move ( nodeToMove . getPath ( ) , newPath ) ;
accountingHandler . createRename ( item . getTitle ( ) , uniqueName , ses . getNode ( newPath ) , ses, false ) ;
accountingHandler . createRename ( item . getTitle ( ) , uniqueName , ses . getNode ( newPath ) , currentUser, ses, false ) ;
ses . save ( ) ;
} finally {
ses . getWorkspace ( ) . getLockManager ( ) . unlock ( nodeToMove . getPath ( ) ) ;
@ -1069,8 +1061,7 @@ public class ItemsManager {
Session ses = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkWriteAuthorizationControl ( ses , id , false ) ;
@ -1078,12 +1069,12 @@ public class ItemsManager {
final Node nodeToUpdate = ses . getNodeByIdentifier ( id ) ;
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
try {
item2Node . updateHidden ( nodeToUpdate , hidden , login ) ;
item2Node . updateHidden ( nodeToUpdate , hidden , currentUser ) ;
ses . save ( ) ;
} finally {
ses . getWorkspace ( ) . getLockManager ( ) . unlock ( nodeToUpdate . getPath ( ) ) ;
@ -1115,8 +1106,7 @@ public class ItemsManager {
Session ses = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkWriteAuthorizationControl ( ses , id , false ) ;
@ -1124,12 +1114,12 @@ public class ItemsManager {
final Node nodeToUpdate = ses . getNodeByIdentifier ( id ) ;
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
try {
item2Node . updateDescription ( nodeToUpdate , description , login ) ;
item2Node . updateDescription ( nodeToUpdate , description , currentUser ) ;
ses . save ( ) ;
} finally {
ses . getWorkspace ( ) . getLockManager ( ) . unlock ( nodeToUpdate . getPath ( ) ) ;
@ -1160,8 +1150,7 @@ public class ItemsManager {
Session ses = null ;
try {
final String login = AuthorizationProvider . instance . get ( ) . getClient ( ) . getId ( ) ;
ses = repository . getRepository ( ) . login ( CredentialHandler . getAdminCredentials ( context ) ) ;
authChecker . checkWriteAuthorizationControl ( ses , id , false ) ;
@ -1169,12 +1158,12 @@ public class ItemsManager {
final Node nodeToUpdate = ses . getNodeByIdentifier ( id ) ;
try {
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , login ) ;
ses . getWorkspace ( ) . getLockManager ( ) . lock ( nodeToUpdate . getPath ( ) , false , true , 0 , currentUser ) ;
} catch ( LockException e ) {
throw new ItemLockedException ( e ) ;
}
try {
item2Node . updateMetadataNode ( nodeToUpdate , metadata . getMap ( ) , login ) ;
item2Node . updateMetadataNode ( nodeToUpdate , metadata . getMap ( ) , currentUser ) ;
ses . save ( ) ;
} finally {
ses . getWorkspace ( ) . getLockManager ( ) . unlock ( nodeToUpdate . getPath ( ) ) ;
@ -1202,7 +1191,7 @@ public class ItemsManager {
@Path ( "{id}" )
public Response deleteItem ( @QueryParam ( "force" ) boolean force ) {
InnerMethodName . instance . set ( "deleteItem(" + force + ")" ) ;
Session ses = null ;
try {
@ -1223,7 +1212,7 @@ public class ItemsManager {
log . debug ( "item is trashed? {}" , itemToDelete . isTrashed ( ) ) ;
if ( ! itemToDelete . isTrashed ( ) & & ! force ) {
trashHandler . moveToTrash ( ses , nodeToDelete , itemToDelete );
trashHandler . moveToTrash ( ses , nodeToDelete , itemToDelete , currentUser );
} else
trashHandler . removeNodes ( ses , Collections . singletonList ( itemToDelete ) ) ;