solved error on group creation
This commit is contained in:
parent
67fe556a4f
commit
c1ab8333b8
|
@ -57,6 +57,7 @@ import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
|
||||||
import org.gcube.data.access.storagehub.handlers.VRE;
|
import org.gcube.data.access.storagehub.handlers.VRE;
|
||||||
import org.gcube.data.access.storagehub.handlers.VREManager;
|
import org.gcube.data.access.storagehub.handlers.VREManager;
|
||||||
import org.gcube.smartgears.utils.InnerMethodName;
|
import org.gcube.smartgears.utils.InnerMethodName;
|
||||||
|
import org.glassfish.jersey.media.multipart.FormDataParam;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
@ -119,9 +120,9 @@ public class GroupManager {
|
||||||
|
|
||||||
@POST
|
@POST
|
||||||
@Path("")
|
@Path("")
|
||||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
@Consumes(MediaType.MULTIPART_FORM_DATA)
|
||||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||||
public String createGroup(@FormParam("group") String group, @FormParam("accessType") AccessType accessType){
|
public String createGroup(@FormDataParam("group") String group, @FormDataParam("accessType") AccessType accessType, @FormDataParam("folderOwner") String folderOwner){
|
||||||
|
|
||||||
InnerMethodName.instance.set("createGroup");
|
InnerMethodName.instance.set("createGroup");
|
||||||
|
|
||||||
|
@ -129,9 +130,6 @@ public class GroupManager {
|
||||||
String groupId = null;
|
String groupId = null;
|
||||||
try {
|
try {
|
||||||
|
|
||||||
if (!isValidGroupForContext(groupId))
|
|
||||||
throw new UserNotAuthorizedException("only VREManager can execute this operation");
|
|
||||||
|
|
||||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||||
|
|
||||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
||||||
|
@ -139,7 +137,7 @@ public class GroupManager {
|
||||||
Group createdGroup = usrManager.createGroup(group);
|
Group createdGroup = usrManager.createGroup(group);
|
||||||
groupId = createdGroup.getID();
|
groupId = createdGroup.getID();
|
||||||
|
|
||||||
createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER);
|
createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER, folderOwner);
|
||||||
|
|
||||||
session.save();
|
session.save();
|
||||||
}catch(Exception e) {
|
}catch(Exception e) {
|
||||||
|
@ -163,9 +161,6 @@ public class GroupManager {
|
||||||
JackrabbitSession session = null;
|
JackrabbitSession session = null;
|
||||||
try {
|
try {
|
||||||
|
|
||||||
if (!isValidGroupForContext(group))
|
|
||||||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
|
||||||
|
|
||||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||||
|
|
||||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
|
||||||
|
@ -207,7 +202,7 @@ public class GroupManager {
|
||||||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
||||||
|
|
||||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||||
VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
|
|
||||||
|
|
||||||
org.apache.jackrabbit.api.security.user.UserManager usrManager = ((JackrabbitSession)session).getUserManager();
|
org.apache.jackrabbit.api.security.user.UserManager usrManager = ((JackrabbitSession)session).getUserManager();
|
||||||
|
|
||||||
|
@ -218,13 +213,13 @@ public class GroupManager {
|
||||||
if (!group.isMember(authUser))
|
if (!group.isMember(authUser))
|
||||||
throw new InvalidCallParameters("user "+userId+" is not in the group "+groupId);
|
throw new InvalidCallParameters("user "+userId+" is not in the group "+groupId);
|
||||||
|
|
||||||
Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
|
Node vreFolder = getVreFolderNode(session, groupId);
|
||||||
AccessControlManager acm = session.getAccessControlManager();
|
AccessControlManager acm = session.getAccessControlManager();
|
||||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
|
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
|
||||||
Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||||
Principal principal = AccessControlUtils.getPrincipal(session, userId);
|
Principal principal = AccessControlUtils.getPrincipal(session, userId);
|
||||||
acls.addAccessControlEntry(principal, userPrivileges);
|
acls.addAccessControlEntry(principal, userPrivileges);
|
||||||
acm.setPolicy(node.getPath(), acls);
|
acm.setPolicy(vreFolder.getPath(), acls);
|
||||||
|
|
||||||
session.save();
|
session.save();
|
||||||
}catch(StorageHubException she ){
|
}catch(StorageHubException she ){
|
||||||
|
@ -255,11 +250,11 @@ public class GroupManager {
|
||||||
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
|
||||||
|
|
||||||
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
|
||||||
VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
|
|
||||||
|
|
||||||
Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
|
|
||||||
|
Node vreFolder = getVreFolderNode(session, groupId);
|
||||||
AccessControlManager acm = session.getAccessControlManager();
|
AccessControlManager acm = session.getAccessControlManager();
|
||||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
|
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
|
||||||
|
|
||||||
AccessControlEntry toRemove = null;
|
AccessControlEntry toRemove = null;
|
||||||
for (AccessControlEntry acl: acls.getAccessControlEntries())
|
for (AccessControlEntry acl: acls.getAccessControlEntries())
|
||||||
|
@ -269,7 +264,7 @@ public class GroupManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
acls.removeAccessControlEntry(toRemove);
|
acls.removeAccessControlEntry(toRemove);
|
||||||
acm.setPolicy(node.getPath(), acls);
|
acm.setPolicy(vreFolder.getPath(), acls);
|
||||||
session.save();
|
session.save();
|
||||||
}catch(StorageHubException she ){
|
}catch(StorageHubException she ){
|
||||||
log.error(she.getErrorMessage(), she);
|
log.error(she.getErrorMessage(), she);
|
||||||
|
@ -461,7 +456,7 @@ public class GroupManager {
|
||||||
return users;
|
return users;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType) throws Exception{
|
private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType, String owner ) throws Exception{
|
||||||
|
|
||||||
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
||||||
|
|
||||||
|
@ -469,7 +464,7 @@ public class GroupManager {
|
||||||
|
|
||||||
String title = groupId.substring(groupId.lastIndexOf("-")+1);
|
String title = groupId.substring(groupId.lastIndexOf("-")+1);
|
||||||
|
|
||||||
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null);
|
Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, owner, null);
|
||||||
folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
|
folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
|
||||||
folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
|
folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
|
||||||
folder.setProperty(NodeProperty.TITLE.toString(), name);
|
folder.setProperty(NodeProperty.TITLE.toString(), name);
|
||||||
|
@ -478,8 +473,12 @@ public class GroupManager {
|
||||||
|
|
||||||
AccessControlManager acm = session.getAccessControlManager();
|
AccessControlManager acm = session.getAccessControlManager();
|
||||||
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
|
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
|
||||||
Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
|
||||||
|
|
||||||
|
/*Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
|
||||||
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
|
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(defaultAccessType.getValue()) };
|
Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(defaultAccessType.getValue()) };
|
||||||
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session,groupId), usersPrivileges );
|
acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session,groupId), usersPrivileges );
|
||||||
|
@ -487,7 +486,7 @@ public class GroupManager {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, Exception {
|
private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, RepositoryException {
|
||||||
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
|
||||||
|
|
||||||
Node vreFolder = null;
|
Node vreFolder = null;
|
||||||
|
|
|
@ -38,6 +38,7 @@ import org.gcube.data.access.storagehub.Utils;
|
||||||
import org.gcube.data.access.storagehub.exception.MyAuthException;
|
import org.gcube.data.access.storagehub.exception.MyAuthException;
|
||||||
import org.gcube.data.access.storagehub.handlers.CredentialHandler;
|
import org.gcube.data.access.storagehub.handlers.CredentialHandler;
|
||||||
import org.gcube.data.access.storagehub.handlers.UnshareHandler;
|
import org.gcube.data.access.storagehub.handlers.UnshareHandler;
|
||||||
|
import org.gcube.smartgears.utils.InnerMethodName;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
@ -61,6 +62,8 @@ public class UserManager {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public List<String> getUsers(){
|
public List<String> getUsers(){
|
||||||
|
|
||||||
|
InnerMethodName.instance.set("getUsers");
|
||||||
|
|
||||||
JackrabbitSession session = null;
|
JackrabbitSession session = null;
|
||||||
List<String> users= new ArrayList<>();
|
List<String> users= new ArrayList<>();
|
||||||
try {
|
try {
|
||||||
|
@ -95,6 +98,8 @@ public class UserManager {
|
||||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||||
public String createUser(@FormParam("user") String user, @FormParam("password") String password){
|
public String createUser(@FormParam("user") String user, @FormParam("password") String password){
|
||||||
|
|
||||||
|
InnerMethodName.instance.set("createUser");
|
||||||
|
|
||||||
JackrabbitSession session = null;
|
JackrabbitSession session = null;
|
||||||
String userId = null;
|
String userId = null;
|
||||||
try {
|
try {
|
||||||
|
@ -134,7 +139,7 @@ public class UserManager {
|
||||||
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
|
||||||
public String deleteUser(@PathParam("user") String user){
|
public String deleteUser(@PathParam("user") String user){
|
||||||
|
|
||||||
|
InnerMethodName.instance.set("deleteUser");
|
||||||
|
|
||||||
JackrabbitSession session = null;
|
JackrabbitSession session = null;
|
||||||
String userId = null;
|
String userId = null;
|
||||||
|
|
Loading…
Reference in New Issue