Started working on ckan data catalogue publish mechanism. Server side is almost complete
git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129324 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
43f7a97989
commit
1c4985b38a
8
pom.xml
8
pom.xml
|
@ -223,6 +223,14 @@
|
||||||
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!-- Metadata publisher widget -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.portlets.widgets</groupId>
|
||||||
|
<artifactId>ckan-metadata-publisher-widget</artifactId>
|
||||||
|
<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
|
||||||
|
<scope>compile</scope>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- JSON PARSER -->
|
<!-- JSON PARSER -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.json</groupId>
|
<groupId>org.json</groupId>
|
||||||
|
|
|
@ -694,4 +694,11 @@ public interface GWTWorkspaceService extends RemoteService{
|
||||||
|
|
||||||
FileModel getItemForFileTree(String itemId) throws Exception;
|
FileModel getItemForFileTree(String itemId) throws Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Allows the user to public onto the data catalogue if he has at least
|
||||||
|
* the role editor somewhere.
|
||||||
|
* @return true if he can publish, false otherwise
|
||||||
|
*/
|
||||||
|
boolean hasUserRoleAdminOrEditor();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -683,6 +683,11 @@ public interface GWTWorkspaceServiceAsync {
|
||||||
void setGcubeItemProperties(String itemId, Map<String, String> properties,
|
void setGcubeItemProperties(String itemId, Map<String, String> properties,
|
||||||
AsyncCallback<Void> callback);
|
AsyncCallback<Void> callback);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Allows the user to public onto the data catalogue if he has at least
|
||||||
|
* the role editor somewhere.
|
||||||
|
* @return true if he can publish, false otherwise
|
||||||
|
*/
|
||||||
|
void hasUserRoleAdminOrEditor(AsyncCallback<Boolean> callback);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,6 +12,7 @@ import java.util.Map;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
import javax.servlet.ServletContext;
|
||||||
|
import javax.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.apache.log4j.Logger;
|
import org.apache.log4j.Logger;
|
||||||
import org.gcube.application.framework.core.session.ASLSession;
|
import org.gcube.application.framework.core.session.ASLSession;
|
||||||
|
@ -40,6 +41,9 @@ import org.gcube.common.homelibrary.home.workspace.search.SearchItem;
|
||||||
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashFolder;
|
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashFolder;
|
||||||
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashItem;
|
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashItem;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.CKanUtilsImpl;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.models.CkanRolesIntoLiferay;
|
||||||
|
import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
|
||||||
import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
|
import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
|
||||||
import org.gcube.portlets.user.workspace.client.interfaces.GXTCategoryItemInterface;
|
import org.gcube.portlets.user.workspace.client.interfaces.GXTCategoryItemInterface;
|
||||||
import org.gcube.portlets.user.workspace.client.model.FileDetailsModel;
|
import org.gcube.portlets.user.workspace.client.model.FileDetailsModel;
|
||||||
|
@ -79,11 +83,15 @@ import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingEntryTyp
|
||||||
import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingField;
|
import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingField;
|
||||||
import org.gcube.portlets.user.workspaceapplicationhandler.ApplicationReaderFromGenericResource;
|
import org.gcube.portlets.user.workspaceapplicationhandler.ApplicationReaderFromGenericResource;
|
||||||
import org.gcube.vomanagement.usermanagement.GroupManager;
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.RoleManager;
|
||||||
import org.gcube.vomanagement.usermanagement.UserManager;
|
import org.gcube.vomanagement.usermanagement.UserManager;
|
||||||
import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
|
import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
|
||||||
import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault;
|
import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault;
|
||||||
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
|
||||||
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
||||||
|
import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
|
||||||
|
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
|
||||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
||||||
|
|
||||||
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
||||||
|
@ -104,6 +112,25 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
|
||||||
public static final String SELECTION_STATE_ATTRIBUTE = "WORKSPACE.SELECTION_STATE";
|
public static final String SELECTION_STATE_ATTRIBUTE = "WORKSPACE.SELECTION_STATE";
|
||||||
protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class);
|
protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class);
|
||||||
|
|
||||||
|
// for the data catalogue
|
||||||
|
public static final String CKAN_TOKEN_KEY = "ckanToken";
|
||||||
|
public static final String CKAN_ROLE = "ckanRole"; // editor, admin, member
|
||||||
|
|
||||||
|
// ckan utils methods
|
||||||
|
private CKanUtilsImpl instance;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void init(){
|
||||||
|
|
||||||
|
// retrieve ckan information
|
||||||
|
try{
|
||||||
|
String currentScope = ScopeProvider.instance.get();
|
||||||
|
instance = new CKanUtilsImpl(currentScope);
|
||||||
|
}catch(Exception e){
|
||||||
|
workspaceLogger.error("Unable to retrieve ckan information");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the GWT workspace builder.
|
* Gets the GWT workspace builder.
|
||||||
*
|
*
|
||||||
|
@ -3388,4 +3415,132 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
|
||||||
throw new Exception(error);
|
throw new Exception(error);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean hasUserRoleAdminOrEditor() {
|
||||||
|
ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
|
||||||
|
String username = asl.getUsername();
|
||||||
|
|
||||||
|
// check if this information was already into the ASL Session
|
||||||
|
String role = (String)asl.getAttribute(CKAN_ROLE);
|
||||||
|
|
||||||
|
if(role != null)
|
||||||
|
switch(role){
|
||||||
|
case "editor" :
|
||||||
|
case "admin" : return true;
|
||||||
|
default: return false; // member
|
||||||
|
}
|
||||||
|
|
||||||
|
try{
|
||||||
|
|
||||||
|
if(!isWithinPortal()){
|
||||||
|
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
|
||||||
|
asl.setAttribute(CKAN_ROLE, "editor");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
|
||||||
|
boolean isSysAdmin = instance.isSysAdmin(username, getUserCKanTokenFromSession());
|
||||||
|
|
||||||
|
if(isSysAdmin){
|
||||||
|
|
||||||
|
workspaceLogger.debug("The user is a sysadmin of the catalog -> he can edit/add");
|
||||||
|
asl.setAttribute(CKAN_ROLE, "admin");
|
||||||
|
return true;
|
||||||
|
|
||||||
|
}else{
|
||||||
|
|
||||||
|
// retrieve the liferay's roles for the user
|
||||||
|
UserManager userManager = new LiferayUserManager();
|
||||||
|
RoleManager roleManager = new LiferayRoleManager();
|
||||||
|
GroupManager groupManager = new LiferayGroupManager();
|
||||||
|
|
||||||
|
// we need to iterate over vres
|
||||||
|
List<GCubeGroup> groups = groupManager.listGroups();
|
||||||
|
|
||||||
|
for (GCubeGroup gCubeGroup : groups) {
|
||||||
|
|
||||||
|
String groupName = gCubeGroup.getGroupName();
|
||||||
|
|
||||||
|
// skip if it is not a vre
|
||||||
|
if(!groupManager.isVRE(gCubeGroup.getGroupId()))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userManager.getUserId(username), groupManager.getGroupId(groupName));
|
||||||
|
|
||||||
|
// the default one
|
||||||
|
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
|
||||||
|
String roleToSetInSession = null;
|
||||||
|
|
||||||
|
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
|
||||||
|
for (GCubeRole gCubeRole : roles) {
|
||||||
|
|
||||||
|
workspaceLogger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + groupName);
|
||||||
|
if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
|
||||||
|
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||||
|
roleToSetInSession = "admin";
|
||||||
|
break;
|
||||||
|
}else if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
|
||||||
|
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
|
||||||
|
roleToSetInSession = "editor";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// if the role is member, keep continuing
|
||||||
|
if(correspondentRoleToCheck.equals(RolesIntoOrganization.MEMBER))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
// with this invocation, we check if the role is present in ckan and if it is not it will be added
|
||||||
|
boolean res = instance.checkRole(username, groupName, correspondentRoleToCheck);
|
||||||
|
|
||||||
|
// set the role in the asl session
|
||||||
|
if(res){
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
return res;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}catch(Exception e){
|
||||||
|
workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
workspaceLogger.debug("Unable to check the role into ckan organization, returning FALSE");
|
||||||
|
|
||||||
|
// set the role member into the asl
|
||||||
|
asl.setAttribute(CKAN_ROLE, "member");
|
||||||
|
|
||||||
|
// return false
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get current user's token.
|
||||||
|
*
|
||||||
|
* @return String the ckan user's token
|
||||||
|
*/
|
||||||
|
private String getUserCKanTokenFromSession(){
|
||||||
|
|
||||||
|
HttpSession httpSession = this.getThreadLocalRequest().getSession();
|
||||||
|
ASLSession session = WsUtil.getAslSession(httpSession);
|
||||||
|
String username = session.getUsername();
|
||||||
|
workspaceLogger.debug("User in session is " + username);
|
||||||
|
|
||||||
|
String token = null;
|
||||||
|
if(this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY) != null)
|
||||||
|
token = (String)this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY);
|
||||||
|
else{
|
||||||
|
|
||||||
|
token = instance.getApiKeyFromUsername(username);
|
||||||
|
this.getThreadLocalRequest().getSession().setAttribute(CKAN_TOKEN_KEY, token);
|
||||||
|
workspaceLogger.debug("Ckan token has been set for user " + username);
|
||||||
|
}
|
||||||
|
|
||||||
|
workspaceLogger.debug("Found ckan token " + token + " for user " + username);
|
||||||
|
return token;
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue