getHighestRole changed. Now also the workspace can discover in another scope for the catalogue, according to the current url at which it is deplouyed

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@131437 82a268e6-3cf1-43bd-a215-b396298e98cf
2016-09-16 09:12:03 +00:00 · 2016-09-16 09:12:03 +00:00 · 0afb6d804f
parent e55eb13007
commit 0afb6d804f
5 changed files with 63 additions and 75 deletions
--- a/src/main/java/org/gcube/portlets/user/workspace/client/AppControllerExplorer.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/AppControllerExplorer.java
@ -2276,7 +2276,8 @@ public class AppControllerExplorer implements EventHandler, TreeAppControllerInt
 	 */
 	private void loadMyLogin(){

-		rpcWorkspaceService.getMyLogin(new AsyncCallback<UserBean>() {
+		String currentUrl = Window.Location.getHref().split("\\?")[0];
+		rpcWorkspaceService.getMyLogin(currentUrl, new AsyncCallback<UserBean>() {

 			@Override
 			public void onFailure(Throwable caught) {
--- a/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceService.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceService.java
@ -528,10 +528,10 @@ public interface GWTWorkspaceService extends RemoteService{

 	/**
 	 * Gets the my login.
-	 *
+	 * @param the current url of the portlet
 	 * @return the my login
 	 */
-	UserBean getMyLogin();
+	UserBean getMyLogin(String currentPortletUrl);

 	/**
 	 * Update acl for vr eby group name.
@ -694,13 +694,6 @@ public interface GWTWorkspaceService extends RemoteService{

 	FileModel getItemForFileTree(String itemId) throws Exception;

-	/**
-	 * Allows the user to public onto the data catalogue if he has at least
-	 * the role admin somewhere.
-	 * @return true if he can publish, false otherwise
-	 */
-	boolean hasUserRoleAdmin();
-
 	/**
 	 * Retrieve the username of the user into the session
 	 * @return the username of the current user
--- a/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceServiceAsync.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceServiceAsync.java
@ -525,11 +525,11 @@ public interface GWTWorkspaceServiceAsync {

 	/**
 	 * Gets the my login.
-	 *
+	 * @param the current url of the portlet
 	 * @param callback the callback
 	 * @return the my login
 	 */
-	void getMyLogin(AsyncCallback<UserBean> callback);
+	void getMyLogin(String currentPortletUrl, AsyncCallback<UserBean> callback);

 	/**
 	 * Update acl for vr eby group name.
@ -694,15 +694,6 @@ public interface GWTWorkspaceServiceAsync {
 	void setGcubeItemProperties(String itemId, Map<String, String> properties,
 			AsyncCallback<Void> callback);

-	/**
-	 * Allows the user to public onto the data catalogue if he has at least
-	 * the role admin somewhere.
-	 *
-	 * @param callback the callback
-	 * @return true if he can publish, false otherwise
-	 */
-	void hasUserRoleAdmin(AsyncCallback<Boolean> callback);
-
 	/**
 	 * Retrieve the username of the user into the session.
 	 *
@ -727,6 +718,6 @@ public interface GWTWorkspaceServiceAsync {
 	 * @param callback the callback
 	 */
 	void markFolderAsPublicForFolderItemId(
-		String itemId, boolean setPublic, AsyncCallback<PublicLink> callback);
+			String itemId, boolean setPublic, AsyncCallback<PublicLink> callback);

 }
--- a/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
@ -41,8 +41,11 @@ import org.gcube.common.homelibrary.home.workspace.search.SearchItem;
 import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashFolder;
 import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashItem;
 import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.datacatalogue.ckanutillibrary.ApplicationProfileScopePerUrlReader;
 import org.gcube.datacatalogue.ckanutillibrary.CKanUtils;
 import org.gcube.datacatalogue.ckanutillibrary.CkanUtilsFactory;
+import org.gcube.datacatalogue.ckanutillibrary.utils.SessionCatalogueAttributes;
+import org.gcube.datacatalogue.ckanutillibrary.utils.UtilMethods;
 import org.gcube.portlets.user.urlshortener.UrlShortener;
 import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
 import org.gcube.portlets.user.workspace.client.interfaces.GXTCategoryItemInterface;
@ -1889,10 +1892,10 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT

 				NotificationsProducer np = getNotificationProducer();
 				List<InfoContactModel> purgeMyContact = new ArrayList<InfoContactModel>(contacts.size()-1);
-				String myLogin = getMyLogin().getUsername();
+				String myLogin = getMyLogin(null).getUsername();
 				workspaceLogger.trace("Preparing list of contacts to send un share notification");
 				for (InfoContactModel infoContactModel : contacts) {
-					if(infoContactModel.getLogin().compareToIgnoreCase(getMyLogin().getUsername())==0)
+					if(infoContactModel.getLogin().compareToIgnoreCase(getMyLogin(null).getUsername())==0)
 						workspaceLogger.trace("skipping my login "+myLogin);
 					else
 						purgeMyContact.add(infoContactModel);
@ -2667,7 +2670,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 	 * @see org.gcube.portlets.user.workspace.client.rpc.GWTWorkspaceService#getMyLogin()
 	 */
 	@Override
-	public UserBean getMyLogin(){
+	public UserBean getMyLogin(String currentPortletUrl){
 		ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
 		String username = asl.getUsername();
 		String email = username+"@isti.cnr.it";
@ -2684,7 +2687,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 				email = user.getEmail();

 				// check if he has catalogue role
-				publishRights = hasUserRoleAdmin();
+				publishRights = enablePublishOnCatalogue(currentPortletUrl);
 			}catch (UserManagementSystemException e) {
 				workspaceLogger.error("UserManagementSystemException for username: "+username);
 			}
@ -3460,16 +3463,17 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 		return instance;
 	}

-	/* (non-Javadoc)
-	 * @see org.gcube.portlets.user.workspace.client.rpc.GWTWorkspaceService#hasUserRoleAdmin()
+
+	/**
+	 * Check if the current user has publish rights on the data catalogue
+	 * @param currentPortletUrl
+	 * @return
 	 */
-	@Override
-	public boolean hasUserRoleAdmin() {
+	private boolean enablePublishOnCatalogue(String currentPortletUrl) {
+
 		HttpSession httpSession = this.getThreadLocalRequest().getSession();
 		ASLSession asl = WsUtil.getAslSession(httpSession);
 		String username = asl.getUsername();
-		String currentScope = asl.getScope();
-		String groupName = asl.getGroupName();

 		if(!isWithinPortal()){
 			workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
@ -3481,12 +3485,19 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 			return false;
 		}

+		// retrieve scope per current portlet url
+		String scopePerCurrentUrl = ApplicationProfileScopePerUrlReader.getScopePerUrl(currentPortletUrl);
+
+		// save it
+		this.getThreadLocalRequest().getSession().setAttribute(SessionCatalogueAttributes.SCOPE_CLIENT_PORTLET_URL, scopePerCurrentUrl);
+
 		// get key per scope
-		String keyPerScope = concatenateSessionKeyScope(CKAN_ROLE, asl.getScope());
+		String keyPerScopeRole = UtilMethods.concatenateSessionKeyScope(SessionCatalogueAttributes.CKAN_PUBLISH_WORKSPACE, scopePerCurrentUrl);
+		String keyPerScopeOrganizations = UtilMethods.concatenateSessionKeyScope(SessionCatalogueAttributes.CKAN_ORGANIZATIONS_PUBLISH_KEY, scopePerCurrentUrl);

 		// check if this information was already into the ASL Session (true means the user has at least in one org
-		// the role admin), false that he is just a member so he cannot publish
-		Boolean role = (Boolean)httpSession.getAttribute(keyPerScope);
+		// the role editor), false that he is just a member so he cannot publish
+		Boolean role = (Boolean)httpSession.getAttribute(keyPerScopeRole);

 		// if the attribute was already set..
 		if(role != null)
@ -3496,15 +3507,18 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 			try{
 				role = false;

-				// we build up also a list that keeps track of the scopes (orgs) in which the user has role ADMIN
-				List<OrganizationBean> orgsInWhichAdminRole = new ArrayList<OrganizationBean>();
-				role = UserUtil.hasAdminRole(currentScope, username, groupName, this, orgsInWhichAdminRole);
+				GroupManager gm = new LiferayGroupManager();
+				String groupName = gm.getGroup(gm.getGroupIdFromInfrastructureScope(scopePerCurrentUrl)).getGroupName();

-				// if he is an admin preload:
+				// we build up also a list that keeps track of the scopes (orgs) in which the user has role ADMIN/EDITOR
+				List<OrganizationBean> orgsInWhichAtLeastEditorRole = new ArrayList<OrganizationBean>();
+				role = UserUtil.getHighestRole(scopePerCurrentUrl, username, groupName, this, orgsInWhichAtLeastEditorRole);
+
+				// if he is an admin/editor preload:
 				// 1) organizations in which he can publish (the widget will find these info in session)
 				if(role){
-					httpSession.setAttribute(concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), orgsInWhichAdminRole);
-					workspaceLogger.info("Set organizations in which he can publish to " + orgsInWhichAdminRole + " into session for user " + username);
+					httpSession.setAttribute(keyPerScopeOrganizations, orgsInWhichAtLeastEditorRole);
+					workspaceLogger.info("Set organizations in which he can publish to " + orgsInWhichAtLeastEditorRole + " into session for user " + username);
 				}
 			}catch(Exception e){
 				workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
@ -3512,10 +3526,10 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 			}
 		}

-		// set role in session
-		httpSession.setAttribute(CKAN_ROLE, role);
+		// set role in session for this scope
+		httpSession.setAttribute(keyPerScopeRole, role);

-		workspaceLogger.info("Do have the user the right to publish on the catalogue? " + role);
+		workspaceLogger.info("Does the user have the right to publish on the catalogue? " + role);

 		// return false
 		return role;
@ -3526,22 +3540,10 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 	 */
 	@Override
 	public String getUser() {
-		HttpSession httpSession = this.getThreadLocalRequest().getSession();
-		ASLSession session = WsUtil.getAslSession(httpSession);
+		ASLSession session = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
 		return session.getUsername();
 	}

-	/**
-	 * Builds a string made of key + scope.
-	 *
-	 * @param key the key
-	 * @param scope the scope
-	 * @return the string
-	 */
-	public static String concatenateSessionKeyScope(String key, String scope){
-		return key.concat(scope);
-	}
-

 	/* (non-Javadoc)
 	 * @see org.gcube.portlets.user.workspace.client.rpc.GWTWorkspaceService#markFolderAsPublicForFolderItemId(java.lang.String, boolean)
--- a/src/main/java/org/gcube/portlets/user/workspace/server/util/UserUtil.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/util/UserUtil.java
@ -162,16 +162,15 @@ public class UserUtil {
 	}

 	/**
-	 * Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin role.
-	 *
+	 * Retrieve the highest ckan role the user has and also retrieve the list of organizations (scopes) in which the user has the ckan-admin or ckan-editor role
 	 * @param currentScope the current scope
 	 * @param username  the current username
 	 * @param groupName the current groupName
 	 * @param workspaceInstance the workspace instance
-	 * @param orgsInWhichAdminRole the orgs in which admin role
+	 * @param orgsInWhichAtLeastEditorRole the orgs in which admin/editor role
 	 * @return true, if successful
 	 */
-	public static boolean hasAdminRole(String currentScope, String username, String groupName, GWTWorkspaceServiceImpl workspaceInstance, List<OrganizationBean> orgsInWhichAdminRole){
+	public static boolean getHighestRole(String currentScope, String username, String groupName, GWTWorkspaceServiceImpl workspaceInstance, List<OrganizationBean> orgsInWhichAtLeastEditorRole){

 		// base role as default value
 		boolean toReturn = false;
@ -214,7 +213,7 @@ public class UserUtil {
 						continue;

 					checkIfRoleIsSetInCkanInstance(username, gCubeGroupName, correspondentRoleToCheck, workspaceInstance,
-							groupManager, gCubeGroup.getGroupId(), orgsInWhichAdminRole);
+							groupManager, gCubeGroup.getGroupId(), orgsInWhichAtLeastEditorRole);
 				}

 			}else if(groupManager.isVO(currentGroupId)){
@ -239,7 +238,7 @@ public class UserUtil {
 						continue;

 					checkIfRoleIsSetInCkanInstance(username, gCubeGroupName, correspondentRoleToCheck, workspaceInstance,
-							groupManager, gCubeGroup.getGroupId(), orgsInWhichAdminRole);
+							groupManager, gCubeGroup.getGroupId(), orgsInWhichAtLeastEditorRole);
 				}

 			}else if(groupManager.isVRE(currentGroupId)){
@ -254,7 +253,7 @@ public class UserUtil {
 				if(correspondentRoleToCheck.equals(RolesIntoOrganization.ADMIN)){

 					checkIfRoleIsSetInCkanInstance(username, groupName, correspondentRoleToCheck, workspaceInstance,
-							groupManager, currentGroupId, orgsInWhichAdminRole);
+							groupManager, currentGroupId, orgsInWhichAtLeastEditorRole);
 				}
 			}
 		}catch(Exception e){
@ -262,8 +261,8 @@ public class UserUtil {
 			return false;
 		}

-		//ok, somewhere he is admin
-		if(orgsInWhichAdminRole.size() > 0)
+		//ok, somewhere he is admin/editor
+		if(orgsInWhichAtLeastEditorRole.size() > 0)
 			toReturn = true;

 		// return the role
@ -301,12 +300,11 @@ public class UserUtil {
 				// get the orgs of the user
 				List<CkanOrganization> ckanOrgs = ckanUtils.getOrganizationsByUser(username);
 				for (CkanOrganization ckanOrganization : ckanOrgs) {
-					/*TODO @COSTANTINO MUST CHECK*/
+					if(ckanOrganization.getName().equals(gCubeGroupName.toLowerCase())){//|| ckanOrganization.getName().equals(CKanUtilsImpl.PRODUCTION_CKAN_ORGNAME_ROOT)){
+						orgsInWhichAdminRole.add(new OrganizationBean(ckanOrganization.getTitle(), ckanOrganization.getName()));
+						break;
+					}

-					//if(ckanOrganization.getName().equals(gCubeGroupName.toLowerCase()) || ckanOrganization.getName().equals(CKanUtilsImpl.PRODUCTION_CKAN_ORGNAME_ROOT)){
-					//	orgsInWhichAdminRole.add(new OrganizationBean(ckanOrganization.getTitle(), ckanOrganization.getName()));
-					//	break;
-					//}
 				}
 			}
 		}else
@ -315,18 +313,21 @@ public class UserUtil {
 	}

 	/**
-	 * Retrieve the ckan roles among a list of liferay roles.
-	 *
-	 * @param roles the roles
-	 * @return the liferay highest role in org
+	 * Retrieve the ckan role among a list of liferay roles
+	 * @param roles
+	 * @return MEMBER/EDITOR/ADMIN role
 	 */
 	private static RolesIntoOrganization getLiferayHighestRoleInOrg(
 			List<GCubeRole> roles) {
+
 		// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
 		for (GCubeRole gCubeRole : roles) {
 			if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_ADMIN.getRoleName())){
 				return RolesIntoOrganization.ADMIN;
 			}
+			if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
+				return RolesIntoOrganization.EDITOR;
+			}
 		}
 		return RolesIntoOrganization.MEMBER;
 	}