solved error on group creation
This commit is contained in:
lucio
parent
67fe556a4f
commit
c1ab8333b8
|
|
@ -57,6 +57,7 @@ import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
|
|||
import org.gcube.data.access.storagehub.handlers.VRE;
|
||||
import org.gcube.data.access.storagehub.handlers.VREManager;
|
||||
import org.gcube.smartgears.utils.InnerMethodName;
|
||||
import org.glassfish.jersey.media.multipart.FormDataParam;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
|
@ -119,9 +120,9 @@ public class GroupManager {
|
|||
|
||||
@POST
|
||||
@Path("")
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@Consumes(MediaType.MULTIPART_FORM_DATA)
|
||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||
public String createGroup(@FormParam("group") String group, @FormParam("accessType") AccessType accessType){
|
||||
public String createGroup(@FormDataParam("group") String group, @FormDataParam("accessType") AccessType accessType, @FormDataParam("folderOwner") String folderOwner){
|
||||
|
||||
InnerMethodName.instance.set("createGroup");
|
||||
|
||||
|
|
@ -129,9 +130,6 @@ public class GroupManager {
|
|||
String groupId = null;
|
||||
try {
|
||||
|
||||
if (!isValidGroupForContext(groupId))
|
||||
throw new UserNotAuthorizedException("only VREManager can execute this operation");
|
||||
|
||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||
|
||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
||||
|
|
@ -139,7 +137,7 @@ public class GroupManager {
|
|||
Group createdGroup = usrManager.createGroup(group);
|
||||
groupId = createdGroup.getID();
|
||||
|
||||
createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER);
|
||||
createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER, folderOwner);
|
||||
|
||||
session.save();
|
||||
}catch(Exception e) {
|
||||
|
|
@ -162,10 +160,7 @@ public class GroupManager {
|
|||
|
||||
JackrabbitSession session = null;
|
||||
try {
|
||||
|
||||
if (!isValidGroupForContext(group))
|
||||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
||||
|
||||
|
||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||
|
||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
||||
|
|
@ -207,7 +202,7 @@ public class GroupManager {
|
|||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
||||
|
||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||
VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
|
||||
|
||||
|
||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = ((JackrabbitSession)session).getUserManager();
|
||||
|
||||
|
|
@ -218,13 +213,13 @@ public class GroupManager {
|
|||
if (!group.isMember(authUser))
|
||||
throw new InvalidCallParameters("user "+userId+" is not in the group "+groupId);
|
||||
|
||||
Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
|
||||
Node vreFolder = getVreFolderNode(session, groupId);
|
||||
AccessControlManager acm = session.getAccessControlManager();
|
||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
|
||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
|
||||
Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||
Principal principal = AccessControlUtils.getPrincipal(session, userId);
|
||||
acls.addAccessControlEntry(principal, userPrivileges);
|
||||
acm.setPolicy(node.getPath(), acls);
|
||||
acm.setPolicy(vreFolder.getPath(), acls);
|
||||
|
||||
session.save();
|
||||
}catch(StorageHubException she ){
|
||||
|
|
@ -255,11 +250,11 @@ public class GroupManager {
|
|||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
||||
|
||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||
VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
|
||||
|
||||
Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
|
||||
|
||||
Node vreFolder = getVreFolderNode(session, groupId);
|
||||
AccessControlManager acm = session.getAccessControlManager();
|
||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
|
||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
|
||||
|
||||
AccessControlEntry toRemove = null;
|
||||
for (AccessControlEntry acl: acls.getAccessControlEntries())
|
||||
|
|
@ -269,7 +264,7 @@ public class GroupManager {
|
|||
}
|
||||
|
||||
acls.removeAccessControlEntry(toRemove);
|
||||
acm.setPolicy(node.getPath(), acls);
|
||||
acm.setPolicy(vreFolder.getPath(), acls);
|
||||
session.save();
|
||||
}catch(StorageHubException she ){
|
||||
log.error(she.getErrorMessage(), she);
|
||||
|
|
@ -461,7 +456,7 @@ public class GroupManager {
|
|||
return users;
|
||||
}
|
||||
|
||||
private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType) throws Exception{
|
||||
private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType, String owner ) throws Exception{
|
||||
|
||||
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
||||
|
||||
|
|
@ -469,7 +464,7 @@ public class GroupManager {
|
|||
|
||||
String title = groupId.substring(groupId.lastIndexOf("-")+1);
|
||||
|
||||
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null);
|
||||
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, owner, null);
|
||||
folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
|
||||
folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
|
||||
folder.setProperty(NodeProperty.TITLE.toString(), name);
|
||||
|
|
@ -478,8 +473,12 @@ public class GroupManager {
|
|||
|
||||
AccessControlManager acm = session.getAccessControlManager();
|
||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
|
||||
Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||
|
||||
|
||||
/*Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
|
||||
*/
|
||||
|
||||
|
||||
Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(defaultAccessType.getValue()) };
|
||||
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session,groupId), usersPrivileges );
|
||||
|
|
@ -487,7 +486,7 @@ public class GroupManager {
|
|||
|
||||
}
|
||||
|
||||
private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, Exception {
|
||||
private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, RepositoryException {
|
||||
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
||||
|
||||
Node vreFolder = null;
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ import org.gcube.data.access.storagehub.Utils;
|
|||
import org.gcube.data.access.storagehub.exception.MyAuthException;
|
||||
import org.gcube.data.access.storagehub.handlers.CredentialHandler;
|
||||
import org.gcube.data.access.storagehub.handlers.UnshareHandler;
|
||||
import org.gcube.smartgears.utils.InnerMethodName;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
|
@ -60,7 +61,9 @@ public class UserManager {
|
|||
@Path("")
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public List<String> getUsers(){
|
||||
|
||||
|
||||
InnerMethodName.instance.set("getUsers");
|
||||
|
||||
JackrabbitSession session = null;
|
||||
List<String> users= new ArrayList<>();
|
||||
try {
|
||||
|
|
@ -94,7 +97,9 @@ public class UserManager {
|
|||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||
public String createUser(@FormParam("user") String user, @FormParam("password") String password){
|
||||
|
||||
|
||||
InnerMethodName.instance.set("createUser");
|
||||
|
||||
JackrabbitSession session = null;
|
||||
String userId = null;
|
||||
try {
|
||||
|
|
@ -133,8 +138,8 @@ public class UserManager {
|
|||
@Path("{user}")
|
||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||
public String deleteUser(@PathParam("user") String user){
|
||||
|
||||
|
||||
InnerMethodName.instance.set("deleteUser");
|
||||
|
||||
JackrabbitSession session = null;
|
||||
String userId = null;
|
||||
|
|
|
|||
Loading…
Reference in New Issue