diff --git a/src/main/java/org/gcube/data/access/storagehub/handlers/CredentialHandler.java b/src/main/java/org/gcube/data/access/storagehub/handlers/CredentialHandler.java new file mode 100644 index 0000000..3b3b70c --- /dev/null +++ b/src/main/java/org/gcube/data/access/storagehub/handlers/CredentialHandler.java @@ -0,0 +1,18 @@ +package org.gcube.data.access.storagehub.handlers; + +import javax.jcr.SimpleCredentials; +import javax.servlet.ServletContext; + +import org.gcube.data.access.storagehub.Constants; + +public class CredentialHandler { + + private static SimpleCredentials credentials; + + public static SimpleCredentials getAdminCredentials(ServletContext context) { + if (credentials==null) + credentials = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); + return credentials; + } + +} diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ACLManager.java b/src/main/java/org/gcube/data/access/storagehub/services/ACLManager.java index 32cfb53..f72ea90 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/ACLManager.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/ACLManager.java @@ -6,7 +6,6 @@ import java.util.List; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; import javax.jcr.Session; -import javax.jcr.SimpleCredentials; import javax.jcr.security.AccessControlEntry; import javax.jcr.security.Privilege; import javax.servlet.ServletContext; @@ -20,13 +19,12 @@ import javax.ws.rs.core.MediaType; import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils; -import org.gcube.common.authorization.library.provider.AuthorizationProvider; import org.gcube.common.authorization.library.provider.CalledMethodProvider; import org.gcube.common.storagehub.model.acls.ACL; import org.gcube.common.storagehub.model.acls.AccessType; import org.gcube.common.storagehub.model.types.ACLList; import org.gcube.data.access.storagehub.AuthorizationChecker; -import org.gcube.data.access.storagehub.Constants; +import org.gcube.data.access.storagehub.handlers.CredentialHandler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -47,9 +45,7 @@ public class ACLManager { @Inject AuthorizationChecker authChecker; - - SimpleCredentials credential = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); - + @Produces(MediaType.APPLICATION_JSON) @GET @Path("{id}/acls") @@ -58,7 +54,7 @@ public class ACLManager { Session ses = null; List acls = new ArrayList<>(); try{ - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); String path = ses.getNodeByIdentifier(id).getPath(); log.info("checking acces for path {}",path); diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java b/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java index 28cf190..f4e6847 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/ItemSharing.java @@ -34,6 +34,7 @@ import org.gcube.data.access.storagehub.AuthorizationChecker; import org.gcube.data.access.storagehub.Constants; import org.gcube.data.access.storagehub.Utils; import org.gcube.data.access.storagehub.accounting.AccountingHandler; +import org.gcube.data.access.storagehub.handlers.CredentialHandler; import org.gcube.data.access.storagehub.handlers.ItemHandler; import org.gcube.data.access.storagehub.handlers.VersionHandler; import org.glassfish.jersey.media.multipart.FormDataParam; @@ -63,8 +64,6 @@ public class ItemSharing { @Inject VersionHandler versionHandler; - - SimpleCredentials credential = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); @PUT @Path("{id}/share") @@ -75,7 +74,7 @@ public class ItemSharing { Session ses = null; try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkWriteAuthorizationControl(ses, id, false); Item item = ItemHandler.getItem(ses.getNodeByIdentifier(id), Arrays.asList(NodeConstants.ACCOUNTING_NAME, NodeConstants.CONTENT_NAME, NodeConstants.METADATA_NAME)); diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ItemsCreator.java b/src/main/java/org/gcube/data/access/storagehub/services/ItemsCreator.java index 53a8f6e..de20266 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/ItemsCreator.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/ItemsCreator.java @@ -16,7 +16,6 @@ import javax.inject.Inject; import javax.jcr.Node; import javax.jcr.PathNotFoundException; import javax.jcr.Session; -import javax.jcr.SimpleCredentials; import javax.servlet.ServletContext; import javax.ws.rs.Consumes; import javax.ws.rs.POST; @@ -40,11 +39,11 @@ import org.gcube.common.storagehub.model.items.FolderItem; import org.gcube.common.storagehub.model.items.Item; import org.gcube.common.storagehub.model.types.ItemAction; import org.gcube.data.access.storagehub.AuthorizationChecker; -import org.gcube.data.access.storagehub.Constants; import org.gcube.data.access.storagehub.MetaInfo; import org.gcube.data.access.storagehub.MultipleOutputStream; import org.gcube.data.access.storagehub.Utils; import org.gcube.data.access.storagehub.accounting.AccountingHandler; +import org.gcube.data.access.storagehub.handlers.CredentialHandler; import org.gcube.data.access.storagehub.handlers.ItemHandler; import org.gcube.data.access.storagehub.handlers.VersionHandler; import org.gcube.data.access.storagehub.handlers.content.ContentHandler; @@ -76,7 +75,6 @@ public class ItemsCreator { @Inject AccountingHandler accountingHandler; - SimpleCredentials credential = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); @POST @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @@ -92,7 +90,7 @@ public class ItemsCreator { long start = System.currentTimeMillis(); //TODO check if it is possible to change all the ACL on a workspace - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); //validate input parameters for Item Type @@ -164,7 +162,7 @@ public class ItemsCreator { final String login = AuthorizationProvider.instance.get().getClient().getId(); //TODO check if it is possible to change all the ACL on a workspace - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); //TODO: validate input parameters for Item Type Node destination = ses.getNodeByIdentifier(id); diff --git a/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java b/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java index 42df11b..1366186 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/ItemsManager.java @@ -21,7 +21,6 @@ import javax.inject.Inject; import javax.jcr.Node; import javax.jcr.NodeIterator; import javax.jcr.Session; -import javax.jcr.SimpleCredentials; import javax.jcr.version.Version; import javax.servlet.ServletContext; import javax.ws.rs.DELETE; @@ -57,6 +56,7 @@ import org.gcube.data.access.storagehub.Range; import org.gcube.data.access.storagehub.SingleFileStreamingOutput; import org.gcube.data.access.storagehub.Utils; import org.gcube.data.access.storagehub.accounting.AccountingHandler; +import org.gcube.data.access.storagehub.handlers.CredentialHandler; import org.gcube.data.access.storagehub.handlers.ItemHandler; import org.gcube.data.access.storagehub.handlers.VersionHandler; import org.slf4j.Logger; @@ -85,9 +85,7 @@ public class ItemsManager { @Inject VersionHandler versionHandler; - - SimpleCredentials credential = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); - + @GET @Path("{id}") @Produces(MediaType.APPLICATION_JSON) @@ -96,8 +94,7 @@ public class ItemsManager { Session ses = null; Item toReturn = null; try{ - String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); toReturn = ItemHandler.getItem(ses.getNodeByIdentifier(id), excludes); }catch(Throwable e){ @@ -119,8 +116,7 @@ public class ItemsManager { Session ses = null; List toReturn = new ArrayList<>(); try{ - String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); NodeIterator it = ses.getNodeByIdentifier(id).getNodes(name); while (it.hasNext()) @@ -145,8 +141,7 @@ public class ItemsManager { Session ses = null; Long toReturn = null; try{ - String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); toReturn = Utils.getItemCount(ses.getNodeByIdentifier(id), showHidden==null?false:showHidden); }catch(Throwable e){ @@ -167,7 +162,7 @@ public class ItemsManager { Session ses = null; List toReturn = null; try{ - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); toReturn = Utils.getItemList(ses.getNodeByIdentifier(id), excludes, null, showHidden==null?false:showHidden); }catch(Throwable e){ @@ -189,7 +184,7 @@ public class ItemsManager { Session ses = null; List toReturn = null; try{ - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); toReturn = Utils.getItemList(ses.getNodeByIdentifier(id), excludes, new Range(start, limit),showHidden==null?false:showHidden); }catch(Throwable e){ @@ -211,7 +206,7 @@ public class ItemsManager { Session ses = null; try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); Item item = ItemHandler.getItem(ses.getNodeByIdentifier(id), Arrays.asList(NodeConstants.ACCOUNTING_NAME, NodeConstants.METADATA_NAME)); @@ -239,7 +234,7 @@ public class ItemsManager { CalledMethodProvider.instance.set("getRootSharedFolder"); Session ses = null; try{ - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); Item currentItem = ItemHandler.getItem(ses.getNodeByIdentifier(id), excludes); if (!currentItem.isShared()) @@ -270,7 +265,7 @@ public class ItemsManager { List toReturn = new LinkedList<>(); try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkReadAuthorizationControl(ses, id); Item currentItem = ItemHandler.getItem(ses.getNodeByIdentifier(id), excludes); log.trace("current node is {}",currentItem.getPath()); @@ -312,7 +307,7 @@ public class ItemsManager { Session ses = null; try{ final String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); final Node node = ses.getNodeByIdentifier(id); authChecker.checkReadAuthorizationControl(ses, id); final Item item = ItemHandler.getItem(node, null); @@ -382,7 +377,7 @@ public class ItemsManager { final String login = AuthorizationProvider.instance.get().getClient().getId(); //ses = RepositoryInitializer.getRepository().login(new SimpleCredentials(login,Utils.getSecurePassword(login).toCharArray())); //TODO check if it is possible to change all the ACL on a workspace - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkWriteAuthorizationControl(ses, destinationId, true); authChecker.checkWriteAuthorizationControl(ses, identifier, false); @@ -439,7 +434,7 @@ public class ItemsManager { log.info("removing node with id {}", identifier); //TODO check if it is possible to change all the ACL on a workspace - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); authChecker.checkWriteAuthorizationControl(ses, identifier, false); diff --git a/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java b/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java index 7d08b4a..722a2ee 100644 --- a/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java +++ b/src/main/java/org/gcube/data/access/storagehub/services/WorkspaceManager.java @@ -38,6 +38,7 @@ import org.gcube.data.access.storagehub.AuthorizationChecker; import org.gcube.data.access.storagehub.Constants; import org.gcube.data.access.storagehub.Range; import org.gcube.data.access.storagehub.Utils; +import org.gcube.data.access.storagehub.handlers.CredentialHandler; import org.gcube.data.access.storagehub.handlers.ItemHandler; import org.gcube.data.access.storagehub.handlers.VRE; import org.gcube.data.access.storagehub.handlers.VREManager; @@ -72,9 +73,6 @@ public class WorkspaceManager { @RequestScoped @QueryParam("exclude") private List excludes = Collections.emptyList(); - - SimpleCredentials credential = new SimpleCredentials(context.getInitParameter(Constants.ADMIN_PARAM_NAME),context.getInitParameter(Constants.ADMIN_PARAM_PWD).toCharArray()); - @Path("") @@ -92,7 +90,7 @@ public class WorkspaceManager { try{ String login = AuthorizationProvider.instance.get().getClient().getId(); long start = System.currentTimeMillis(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); log.trace("time to connect to repo {}",(System.currentTimeMillis()-start)); Node node = ses.getNode(absolutePath.toPath()); authChecker.checkReadAuthorizationControl(ses, node.getIdentifier()); @@ -138,7 +136,7 @@ public class WorkspaceManager { Session ses = null; try { String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); return new ItemWrapper(getVreFolderItem(ses).getVreFolder()); }catch(Throwable e){ log.error("error reading vreNode for context {}",ScopeProvider.instance.get(),e); @@ -158,7 +156,7 @@ public class WorkspaceManager { try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); VRE vre = getVreFolderItem(ses); log.trace("VRE retrieved {}",vre.getVreFolder().getTitle()); @@ -187,7 +185,7 @@ public class WorkspaceManager { try{ String login = AuthorizationProvider.instance.get().getClient().getId(); long start = System.currentTimeMillis(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); log.info("time to connect to repo {}",(System.currentTimeMillis()-start)); @@ -217,7 +215,7 @@ public class WorkspaceManager { List toReturn = null; try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); toReturn = Utils.getItemList(ses.getNode(vrePath.toPath()) , excludes, null, false); }catch(Throwable e){ log.error("error reading the node children of {}",vrePath,e); @@ -241,7 +239,7 @@ public class WorkspaceManager { List toReturn = null; try{ String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); toReturn = Utils.getItemList(ses.getNode(vrePath.toPath()) , excludes, new Range(start, limit), false); }catch(Throwable e){ log.error("(paged) error reading the node children of {}",vrePath,e); @@ -282,7 +280,7 @@ public class WorkspaceManager { String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(credential); + ses = repository.getRepository().login(CredentialHandler.getAdminCredentials(context)); Query jcrQuery = ses.getWorkspace().getQueryManager().createQuery(sql2Query, Constants.QUERY_LANGUAGE); if (limit!=null && limit!=-1 ) diff --git a/src/main/java/org/gcube/data/access/storagehub/services/WriteOperation.java b/src/main/java/org/gcube/data/access/storagehub/services/WriteOperation.java deleted file mode 100644 index 71c3737..0000000 --- a/src/main/java/org/gcube/data/access/storagehub/services/WriteOperation.java +++ /dev/null @@ -1,118 +0,0 @@ -package org.gcube.data.access.storagehub.services; - -import java.util.List; - -import javax.inject.Inject; -import javax.jcr.Node; -import javax.jcr.Session; -import javax.jcr.SimpleCredentials; -import javax.ws.rs.PUT; -import javax.ws.rs.Path; -import javax.ws.rs.QueryParam; - -import org.gcube.common.authorization.library.provider.AuthorizationProvider; -import org.gcube.common.storagehub.model.Paths; -import org.gcube.common.storagehub.model.items.AbstractFileItem; -import org.gcube.common.storagehub.model.items.FolderItem; -import org.gcube.common.storagehub.model.items.Item; -import org.gcube.common.storagehub.model.items.SharedFolder; -import org.gcube.common.storagehub.model.types.PrimaryNodeType; -import org.gcube.data.access.storagehub.StorageFactory; -import org.gcube.data.access.storagehub.Utils; -import org.gcube.data.access.storagehub.handlers.ItemHandler; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -@Path("modify") -public class WriteOperation { - - private static final Logger log = LoggerFactory.getLogger(WriteOperation.class); - - @Inject - RepositoryInitializer repository; -/* - @PUT - @Path("copy") - public String copy(@QueryParam("destinationPath") String destinationPath, @QueryParam("sourcePath") String origin){ - Session ses = null; - try{ - String login = AuthorizationProvider.instance.get().getClient().getId(); - ses = repository.getRepository().login(new SimpleCredentials(login,Utils.getSecurePassword(login).toCharArray())); - Node originNode = ses.getNode(origin); - Item originItem = ItemHandler.getItem(originNode, null); - Node destinationNode = ses.getNode(destinationPath); - Item destinationItem = ItemHandler.getItem(destinationNode, null); - - if (!(destinationItem instanceof FolderItem)) throw new Exception("an Item must be copyed to another directory"); - - if (originItem instanceof SharedFolder) throw new Exception("trying to copy a sharedFolder into a normal folder"); - - ses.getWorkspace().getLockManager().lock(origin, true, true, 0,login); - ses.getWorkspace().getLockManager().lock(destinationPath, true, true, 0,login); - - - if (!destinationItem.getPrimaryType().equals(PrimaryNodeType.NT_WORKSPACE_FOLDER) || - !destinationItem.getPrimaryType().equals(PrimaryNodeType.NT_WORKSPACE_SHARED_FOLDER)) - throw new Exception("origin is not a folder"); - - ses.getWorkspace().getLockManager().lock(origin, true, true, Long.MAX_VALUE, login); - ses.getWorkspace().getLockManager().lock(destinationPath, false, true, Long.MAX_VALUE, login); - - ses.getWorkspace().copy(origin, destinationPath); - - org.gcube.common.storagehub.model.Path newNodePath = Paths.append(Paths.getPath(destinationPath), Paths.getPath(origin).getLastDirName()); - - if (originItem instanceof FolderItem ){ - //copying a folder - - StorageFactory.getGcubeStorage().copyDir().from(origin).to(destinationPath); - - - List items= Utils.getItemList(originNode,null, null); - for (Item item: items){ - if (item instanceof FolderItem){ - //TODO iterate on it recursively - } else if (item instanceof AbstractFileItem) { - String storageId = ((AbstractFileItem) item).getContent().getStorageId(); - //String newStorageId = StorageFactory.getGcubeStorage().copyById(storageId); - //TODO set the new storageId into the item - } //else nothing to do - - } - } else { - //copying item that is not a folder - - } - - ItemHandler handler = new ItemHandler(); - - //itera su i nodi e modifica solo quelli che non sono di tipo folder facendo la copy del content (con le nuovi api dello storage) - //e setta il nuovo id del content - - //copy also the content of the directory - ses.save(); - return destinationPath; - }catch(Exception e){ - log.error("error copying {} to {}", origin, destinationPath); - return null; - } finally { - if (ses!=null){ - try { - ses.getWorkspace().getLockManager().unlock(destinationPath); - } catch (Throwable t){ - log.warn("error unlocking {}", destinationPath); - } - try { - ses.getWorkspace().getLockManager().unlock(origin); - } catch (Throwable t){ - log.warn("error unlocking {}", origin); - } - ses.logout(); - } - } - } - - */ - - -}