Compare commits
No commits in common. "master" and "feature/20108" have entirely different histories.
master
...
feature/20
|
@ -1,7 +0,0 @@
|
||||||
<root>
|
|
||||||
<facet id="jst.jaxrs">
|
|
||||||
<node name="libprov">
|
|
||||||
<attribute name="provider-id" value="jaxrs-no-op-library-provider"/>
|
|
||||||
</node>
|
|
||||||
</facet>
|
|
||||||
</root>
|
|
|
@ -5,5 +5,4 @@
|
||||||
<installed facet="liferay.hook" version="6.0"/>
|
<installed facet="liferay.hook" version="6.0"/>
|
||||||
<installed facet="wst.jsdt.web" version="1.0"/>
|
<installed facet="wst.jsdt.web" version="1.0"/>
|
||||||
<installed facet="java" version="1.8"/>
|
<installed facet="java" version="1.8"/>
|
||||||
<installed facet="jst.jaxrs" version="2.0"/>
|
|
||||||
</faceted-project>
|
</faceted-project>
|
||||||
|
|
20
CHANGELOG.md
20
CHANGELOG.md
|
@ -4,29 +4,13 @@
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
## [v2.1.0-SNAPSHOT] - 2024-09-20
|
## [v2.0.2-SNAPSHOT] - 2020-11-13
|
||||||
|
|
||||||
maven-parent 1.2.0
|
|
||||||
maven-portal-bom 4.0.0-SNAPSHOT
|
|
||||||
Feature #27999 - [StorageHub] downstream components to upgrade in order to work with storagehub 1.5.0
|
|
||||||
|
|
||||||
## [v2.0.4] - 2021-05-25
|
|
||||||
|
|
||||||
- Feature #21506: Updated to support new UMATokensProvider class
|
|
||||||
|
|
||||||
## [v2.0.3] - 2021-04-12
|
|
||||||
|
|
||||||
Just removed obsolete Home library deps from pom which were forgotten there in 6.8.0 release
|
|
||||||
|
|
||||||
## [v2.0.2] - 2020-11-13
|
|
||||||
|
|
||||||
Feature #20108, remove user deletion from ldap upon remove account (offloaded to keycloak)
|
Feature #20108, remove user deletion from ldap upon remove account (offloaded to keycloak)
|
||||||
|
|
||||||
## [v2.0.0] - 2017-11-29
|
## [v2.0.0] - 2017-11-29
|
||||||
|
|
||||||
Feature #10483: Provide user workspace drop API
|
Ported to git
|
||||||
|
|
||||||
Feature #10484: Remove user from LDAP upon D4Science user account
|
|
||||||
|
|
||||||
## [v1.1.0] - 2016-07-30
|
## [v1.1.0] - 2016-07-30
|
||||||
|
|
||||||
|
|
26
FUNDING.md
26
FUNDING.md
|
@ -1,26 +0,0 @@
|
||||||
# Acknowledgments
|
|
||||||
|
|
||||||
The projects leading to this software have received funding from a series of European Union programmes including:
|
|
||||||
|
|
||||||
- the Sixth Framework Programme for Research and Technological Development
|
|
||||||
- [DILIGENT](https://cordis.europa.eu/project/id/004260) (grant no. 004260).
|
|
||||||
- the Seventh Framework Programme for research, technological development and demonstration
|
|
||||||
- [D4Science](https://cordis.europa.eu/project/id/212488) (grant no. 212488);
|
|
||||||
- [D4Science-II](https://cordis.europa.eu/project/id/239019) (grant no.239019);
|
|
||||||
- [ENVRI](https://cordis.europa.eu/project/id/283465) (grant no. 283465);
|
|
||||||
- [iMarine](https://cordis.europa.eu/project/id/283644) (grant no. 283644);
|
|
||||||
- [EUBrazilOpenBio](https://cordis.europa.eu/project/id/288754) (grant no. 288754).
|
|
||||||
- the H2020 research and innovation programme
|
|
||||||
- [SoBigData](https://cordis.europa.eu/project/id/654024) (grant no. 654024);
|
|
||||||
- [PARTHENOS](https://cordis.europa.eu/project/id/654119) (grant no. 654119);
|
|
||||||
- [EGI-Engage](https://cordis.europa.eu/project/id/654142) (grant no. 654142);
|
|
||||||
- [ENVRI PLUS](https://cordis.europa.eu/project/id/654182) (grant no. 654182);
|
|
||||||
- [BlueBRIDGE](https://cordis.europa.eu/project/id/675680) (grant no. 675680);
|
|
||||||
- [PerformFISH](https://cordis.europa.eu/project/id/727610) (grant no. 727610);
|
|
||||||
- [AGINFRA PLUS](https://cordis.europa.eu/project/id/731001) (grant no. 731001);
|
|
||||||
- [DESIRA](https://cordis.europa.eu/project/id/818194) (grant no. 818194);
|
|
||||||
- [ARIADNEplus](https://cordis.europa.eu/project/id/823914) (grant no. 823914);
|
|
||||||
- [RISIS 2](https://cordis.europa.eu/project/id/824091) (grant no. 824091);
|
|
||||||
- [EOSC-Pillar](https://cordis.europa.eu/project/id/857650) (grant no. 857650);
|
|
||||||
- [Blue Cloud](https://cordis.europa.eu/project/id/862409) (grant no. 862409);
|
|
||||||
- [SoBigData-PlusPlus](https://cordis.europa.eu/project/id/871042) (grant no. 871042);
|
|
22
pom.xml
22
pom.xml
|
@ -6,14 +6,14 @@
|
||||||
<parent>
|
<parent>
|
||||||
<artifactId>maven-parent</artifactId>
|
<artifactId>maven-parent</artifactId>
|
||||||
<groupId>org.gcube.tools</groupId>
|
<groupId>org.gcube.tools</groupId>
|
||||||
<version>1.2.0</version>
|
<version>1.1.0</version>
|
||||||
<relativePath />
|
<relativePath />
|
||||||
</parent>
|
</parent>
|
||||||
<groupId>org.gcube.portal.liferay</groupId>
|
<groupId>org.gcube.portal.liferay</groupId>
|
||||||
<artifactId>user-registration-hook</artifactId>
|
<artifactId>user-registration-hook</artifactId>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
<name>user-registration-hook Hook</name>
|
<name>user-registration-hook Hook</name>
|
||||||
<version>2.1.0-SNAPSHOT</version>
|
<version>2.0.2-SNAPSHOT</version>
|
||||||
<scm>
|
<scm>
|
||||||
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</connection>
|
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</connection>
|
||||||
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
|
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.distribution</groupId>
|
<groupId>org.gcube.distribution</groupId>
|
||||||
<artifactId>maven-portal-bom</artifactId>
|
<artifactId>maven-portal-bom</artifactId>
|
||||||
<version>4.0.0-SNAPSHOT</version>
|
<version>3.6.0</version>
|
||||||
<type>pom</type>
|
<type>pom</type>
|
||||||
<scope>import</scope>
|
<scope>import</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
@ -40,6 +40,21 @@
|
||||||
</dependencyManagement>
|
</dependencyManagement>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>home-library</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>home-library-jcr</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>home-library-model</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>common-encryption</artifactId>
|
<artifactId>common-encryption</artifactId>
|
||||||
|
@ -67,6 +82,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.portal</groupId>
|
<groupId>org.gcube.portal</groupId>
|
||||||
<artifactId>oidc-library-portal</artifactId>
|
<artifactId>oidc-library-portal</artifactId>
|
||||||
|
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
|
|
@ -1,102 +1,38 @@
|
||||||
package org.gcube.portal.usersaccount;
|
package org.gcube.portal.usersaccount;
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
|
|
||||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
|
||||||
import org.gcube.common.portal.PortalContext;
|
import org.gcube.common.portal.PortalContext;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
|
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
|
||||||
import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
|
|
||||||
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
|
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
|
||||||
import org.gcube.vomanagement.usermanagement.RoleManager;
|
|
||||||
import org.gcube.vomanagement.usermanagement.UserManager;
|
|
||||||
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
||||||
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
|
|
||||||
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
|
||||||
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
|
|
||||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
public class WorkspaceCreateAccountThread implements Runnable {
|
public class WorkspaceCreateAccountThread implements Runnable {
|
||||||
private static Logger _log = LoggerFactory.getLogger(WorkspaceCreateAccountThread.class);
|
|
||||||
public static final String AUTORISED_INFRA_ROLE = "Infrastructure-Manager";
|
|
||||||
private String newUserUserName;
|
|
||||||
|
|
||||||
public WorkspaceCreateAccountThread(String newUserUserName, String newUserFullName, String newUserEmailAddress) {
|
private static Logger _log = LoggerFactory.getLogger(WorkspaceCreateAccountThread.class);
|
||||||
super();
|
|
||||||
this.newUserUserName = newUserUserName;
|
|
||||||
_log.info("Calling StorageHub for Workspace creation to new user: " + newUserUserName + " ("+newUserFullName+")");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
private String newUserUserName;
|
||||||
public void run() {
|
|
||||||
|
|
||||||
getWS(newUserUserName, "/"+PortalContext.getConfiguration().getInfrastructureName());
|
public WorkspaceCreateAccountThread(String newUserUserName, String newUserFullName, String newUserEmailAddress) {
|
||||||
|
super();
|
||||||
|
this.newUserUserName = newUserUserName;
|
||||||
|
_log.info("Calling SHUB for Workspace creation to new user: " + newUserUserName + " (" + newUserFullName + ")");
|
||||||
|
}
|
||||||
|
|
||||||
}
|
@Override
|
||||||
public static void getWS(String currentUsername, String context) {
|
public void run() {
|
||||||
String username = currentUsername;
|
String context = "/" + PortalContext.getConfiguration().getInfrastructureName();
|
||||||
String authorizationToken = PortalContext.getConfiguration().getCurrentUserToken(context, username);
|
String authorizationToken = PortalContext.getConfiguration().getCurrentUserToken(context, newUserUserName);
|
||||||
SecurityTokenProvider.instance.set(authorizationToken);
|
SecurityTokenProvider.instance.set(authorizationToken);
|
||||||
ScopeProvider.instance.set(context);
|
ScopeProvider.instance.set(context);
|
||||||
String previousToken = authorizationToken;
|
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(context);
|
||||||
String previousUMAToken = AccessTokenProvider.instance.get();
|
try {
|
||||||
try {
|
StorageHubClient shc = new StorageHubClient();
|
||||||
//get the super user
|
shc.createUserAccount(newUserUserName);
|
||||||
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
|
_log.info("Done Workspace creation for user: " + newUserUserName);
|
||||||
long groupId = new LiferayGroupManager().getGroupIdFromInfrastructureScope(infraContext);
|
} catch (Exception e) {
|
||||||
RoleManager rm = new LiferayRoleManager();
|
_log.error("Creating new account on the storage HUB", e);
|
||||||
UserManager uMan = new LiferayUserManager();
|
}
|
||||||
long roleId = rm.getRoleId(AUTORISED_INFRA_ROLE, groupId);
|
}
|
||||||
List<GCubeUser> users = uMan.listUsersByGroupAndRole(groupId, roleId);
|
|
||||||
if (users.isEmpty()) {
|
|
||||||
_log.error("Cannot create this user account on storageHub there is no user having role {} on context {}", AUTORISED_INFRA_ROLE , infraContext);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
GCubeUser theAdmin = users.get(0);
|
|
||||||
_log.debug("Using admin user: " + theAdmin.getUsername() + " to trigger ws creation for new user: " + username);
|
|
||||||
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, theAdmin.getUsername());
|
|
||||||
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), groupId);
|
|
||||||
List<String> rolesString = new ArrayList<String>();
|
|
||||||
for (GCubeRole gCubeRole : theAdminRoles) {
|
|
||||||
rolesString.add(gCubeRole.getRoleName());
|
|
||||||
}
|
|
||||||
authorizationService().setTokenRoles(theAdminToken, rolesString);
|
|
||||||
_log.debug("setTokenRoles performed on context: " + infraContext + " with token" + theAdminToken + " ("+rolesString+")");
|
|
||||||
SecurityTokenProvider.instance.set(theAdminToken);
|
|
||||||
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal("/" + PortalContext.getConfiguration().getInfrastructureName());
|
|
||||||
_log.info("\n\n\n*** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n");
|
|
||||||
StorageHubClient shc = new StorageHubClient();
|
|
||||||
try {
|
|
||||||
shc.createUserAccount(currentUsername);
|
|
||||||
_log.info("\n*** shub.createUserAccount done for " + currentUsername);
|
|
||||||
}
|
|
||||||
catch (UserNotAuthorizedException e) {
|
|
||||||
_log.error("shub.createUserAccount failed for "+username + " trying with super mega admin ...");
|
|
||||||
theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, "lucio.lelii");
|
|
||||||
SecurityTokenProvider.instance.set(theAdminToken);
|
|
||||||
shc = new StorageHubClient();
|
|
||||||
shc.createUserAccount(currentUsername);
|
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
|
||||||
AccessTokenProvider.instance.set(previousUMAToken);
|
|
||||||
_log.info("shub.createUserAccount performed for "+username + " with super mega admin (Hopefully)");
|
|
||||||
}
|
|
||||||
_log.debug("shub.createUserAccount completed for "+username);
|
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
|
||||||
AccessTokenProvider.instance.set(previousUMAToken);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch (Exception e) {
|
|
||||||
e.printStackTrace();
|
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue