|
|
|
@ -3,10 +3,14 @@ import java.util.ArrayList;
|
|
|
|
|
import java.util.List;
|
|
|
|
|
|
|
|
|
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
|
|
|
|
|
|
|
|
|
|
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
|
|
|
|
import org.gcube.common.portal.PortalContext;
|
|
|
|
|
import org.gcube.common.scope.api.ScopeProvider;
|
|
|
|
|
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
|
|
|
|
|
import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
|
|
|
|
|
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.RoleManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.UserManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
|
|
@ -30,7 +34,9 @@ public class WorkspaceCreateAccountThread implements Runnable {
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public void run() {
|
|
|
|
|
|
|
|
|
|
getWS(newUserUserName, "/"+PortalContext.getConfiguration().getInfrastructureName());
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
public static void getWS(String currentUsername, String context) {
|
|
|
|
|
String username = currentUsername;
|
|
|
|
@ -38,6 +44,7 @@ public class WorkspaceCreateAccountThread implements Runnable {
|
|
|
|
|
SecurityTokenProvider.instance.set(authorizationToken);
|
|
|
|
|
ScopeProvider.instance.set(context);
|
|
|
|
|
String previousToken = authorizationToken;
|
|
|
|
|
String previousUMAToken = UmaJWTProvider.instance.get();
|
|
|
|
|
try {
|
|
|
|
|
//get the super user
|
|
|
|
|
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
|
|
|
|
@ -52,6 +59,7 @@ public class WorkspaceCreateAccountThread implements Runnable {
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
GCubeUser theAdmin = users.get(0);
|
|
|
|
|
_log.debug("Using admin user: " + theAdmin.getUsername() + " to trigger ws creation for new user: " + username);
|
|
|
|
|
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, theAdmin.getUsername());
|
|
|
|
|
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), groupId);
|
|
|
|
|
List<String> rolesString = new ArrayList<String>();
|
|
|
|
@ -59,10 +67,27 @@ public class WorkspaceCreateAccountThread implements Runnable {
|
|
|
|
|
rolesString.add(gCubeRole.getRoleName());
|
|
|
|
|
}
|
|
|
|
|
authorizationService().setTokenRoles(theAdminToken, rolesString);
|
|
|
|
|
_log.debug("setTokenRoles performed on context: " + infraContext + " with token" + theAdminToken + " ("+rolesString+")");
|
|
|
|
|
SecurityTokenProvider.instance.set(theAdminToken);
|
|
|
|
|
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal("/" + PortalContext.getConfiguration().getInfrastructureName());
|
|
|
|
|
_log.info("\n\n\n*** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n");
|
|
|
|
|
StorageHubClient shc = new StorageHubClient();
|
|
|
|
|
shc.createUserAccount(currentUsername);
|
|
|
|
|
try {
|
|
|
|
|
shc.createUserAccount(currentUsername);
|
|
|
|
|
}
|
|
|
|
|
catch (UserNotAuthorizedException e) {
|
|
|
|
|
_log.error("shub.createUserAccount failed for "+username + " trying with super mega admin ...");
|
|
|
|
|
theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, "lucio.lelii");
|
|
|
|
|
SecurityTokenProvider.instance.set(theAdminToken);
|
|
|
|
|
shc = new StorageHubClient();
|
|
|
|
|
shc.createUserAccount(currentUsername);
|
|
|
|
|
SecurityTokenProvider.instance.set(previousToken);
|
|
|
|
|
UmaJWTProvider.instance.set(previousUMAToken);
|
|
|
|
|
_log.info("shub.createUserAccount performed for "+username + " with super mega admin (Hopefully)");
|
|
|
|
|
}
|
|
|
|
|
_log.debug("shub.createUserAccount completed for "+username);
|
|
|
|
|
SecurityTokenProvider.instance.set(previousToken);
|
|
|
|
|
UmaJWTProvider.instance.set(previousUMAToken);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e) {
|
|
|
|
|