solved error on group creation

2020-01-16 18:11:23 +01:00 · 2020-01-16 18:11:23 +01:00 · c1ab8333b8
parent 67fe556a4f
commit c1ab8333b8
2 changed files with 29 additions and 25 deletions
--- a/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/GroupManager.java
@ -57,6 +57,7 @@ import org.gcube.data.access.storagehub.handlers.Node2ItemConverter;
 import org.gcube.data.access.storagehub.handlers.VRE;
 import org.gcube.data.access.storagehub.handlers.VREManager;
 import org.gcube.smartgears.utils.InnerMethodName;
 import org.glassfish.jersey.media.multipart.FormDataParam;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -119,9 +120,9 @@ public class GroupManager {
 	@POST
 	@Path("")
-	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+	@Consumes(MediaType.MULTIPART_FORM_DATA)
 	@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
-	public String createGroup(@FormParam("group") String group, @FormParam("accessType") AccessType accessType){
+	public String createGroup(@FormDataParam("group") String group, @FormDataParam("accessType") AccessType accessType, @FormDataParam("folderOwner") String folderOwner){
 		InnerMethodName.instance.set("createGroup");
@ -129,9 +130,6 @@ public class GroupManager {
 		String groupId = null;
 		try {
 			if (!isValidGroupForContext(groupId))
 				throw new UserNotAuthorizedException("only VREManager can execute this operation");
 			session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
@ -139,7 +137,7 @@ public class GroupManager {
 			Group createdGroup = usrManager.createGroup(group);
 			groupId = createdGroup.getID();
-			createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER);
+			createVreFolder(groupId, session, accessType!=null?accessType:AccessType.WRITE_OWNER, folderOwner);
 			session.save();
 		}catch(Exception e) {
@ -162,10 +160,7 @@ public class GroupManager {
 		JackrabbitSession session = null;
 		try {
-
+			
 			if (!isValidGroupForContext(group))
 				throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
 			session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			org.apache.jackrabbit.api.security.user.UserManager usrManager = session.getUserManager();
@ -207,7 +202,7 @@ public class GroupManager {
 				throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
 			session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
-			VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
+
 			org.apache.jackrabbit.api.security.user.UserManager usrManager = ((JackrabbitSession)session).getUserManager();
@ -218,13 +213,13 @@ public class GroupManager {
 			if (!group.isMember(authUser)) 
 				throw new InvalidCallParameters("user "+userId+" is not in the group "+groupId);
-			Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
+			Node vreFolder = getVreFolderNode(session, groupId);
 			AccessControlManager acm = session.getAccessControlManager();
-			JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
+			JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
 			Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
 			Principal principal = AccessControlUtils.getPrincipal(session, userId);
 			acls.addAccessControlEntry(principal, userPrivileges);
-			acm.setPolicy(node.getPath(), acls);
+			acm.setPolicy(vreFolder.getPath(), acls);
 			session.save();
 		}catch(StorageHubException she ){
@ -255,11 +250,11 @@ public class GroupManager {
 				throw new UserNotAuthorizedException("only VREManager of the selected VRE can execute this operation");
 			session = (JackrabbitSession) repository.getRepository().login(CredentialHandler.getAdminCredentials(context));
 			VRE vreFolder = Utils.getVreFolderItemByGroupNameAndUser(session, groupId, userId, node2Item, vreManager, Excludes.ALL);
-			Node node = session.getNodeByIdentifier(vreFolder.getVreFolder().getId());
+			
 			Node vreFolder = getVreFolderNode(session, groupId);
 			AccessControlManager acm = session.getAccessControlManager();
-			JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, node.getPath());
+			JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, vreFolder.getPath());
 			AccessControlEntry toRemove = null;
 			for (AccessControlEntry acl: acls.getAccessControlEntries())
@ -269,7 +264,7 @@ public class GroupManager {
 				}
 			acls.removeAccessControlEntry(toRemove);
-			acm.setPolicy(node.getPath(), acls);
+			acm.setPolicy(vreFolder.getPath(), acls);
 			session.save();
 		}catch(StorageHubException she ){
 			log.error(she.getErrorMessage(), she);
@ -461,7 +456,7 @@ public class GroupManager {
 		return users;
 	}
-	private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType) throws Exception{
+	private void createVreFolder(String groupId, JackrabbitSession session, AccessType defaultAccessType, String owner ) throws Exception{
 		Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
@ -469,7 +464,7 @@ public class GroupManager {
 		String title = groupId.substring(groupId.lastIndexOf("-")+1);
-		Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, AuthorizationProvider.instance.get().getClient().getId(), null);
+		Node folder= Utils.createFolderInternally(session, sharedRootNode, name, "VREFolder for "+groupId, false, owner, null);
 		folder.setPrimaryType(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER);
 		folder.setProperty(NodeProperty.IS_VRE_FOLDER.toString(), true);
 		folder.setProperty(NodeProperty.TITLE.toString(), name);
@ -478,8 +473,12 @@ public class GroupManager {
 		AccessControlManager acm = session.getAccessControlManager();
 		JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
-		Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
+		
 		/*Privilege[] adminPrivileges = new Privilege[] { acm.privilegeFromName(AccessType.ADMINISTRATOR.getValue()) };
 		acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session, AuthorizationProvider.instance.get().getClient().getId()), adminPrivileges );
 		*/
 		Privilege[] usersPrivileges = new Privilege[] { acm.privilegeFromName(defaultAccessType.getValue()) };
 		acls.addAccessControlEntry(AccessControlUtils.getPrincipal(session,groupId), usersPrivileges );
@ -487,7 +486,7 @@ public class GroupManager {
 	}
-	private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, Exception {
+	private Node getVreFolderNode(JackrabbitSession session, String name) throws InvalidItemException, RepositoryException {
 		Node sharedRootNode = session.getNode(Constants.SHARED_FOLDER_PATH);
 		Node vreFolder = null;
--- a/src/main/java/org/gcube/data/access/storagehub/services/UserManager.java
+++ b/src/main/java/org/gcube/data/access/storagehub/services/UserManager.java
@ -38,6 +38,7 @@ import org.gcube.data.access.storagehub.Utils;
 import org.gcube.data.access.storagehub.exception.MyAuthException;
 import org.gcube.data.access.storagehub.handlers.CredentialHandler;
 import org.gcube.data.access.storagehub.handlers.UnshareHandler;
 import org.gcube.smartgears.utils.InnerMethodName;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -60,7 +61,9 @@ public class UserManager {
 	@Path("")
 	@Produces(MediaType.APPLICATION_JSON)
 	public List<String> getUsers(){
-
+		
 		InnerMethodName.instance.set("getUsers");
 		JackrabbitSession session = null;
 		List<String> users= new ArrayList<>();
 		try {
@ -94,7 +97,9 @@ public class UserManager {
 	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
 	@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
 	public String createUser(@FormParam("user") String user, @FormParam("password") String password){
-
+		
 		InnerMethodName.instance.set("createUser");
 		JackrabbitSession session = null;
 		String userId = null;
 		try {
@ -133,8 +138,8 @@ public class UserManager {
 	@Path("{user}")
 	@AuthorizationControl(allowedRoles={INFRASTRUCTURE_MANAGER_ROLE}, exception=MyAuthException.class)
 	public String deleteUser(@PathParam("user") String user){
 		InnerMethodName.instance.set("deleteUser");
 		JackrabbitSession session = null;
 		String userId = null;