Started working on ckan data catalogue publish mechanism. Server side is almost complete

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129324 82a268e6-3cf1-43bd-a215-b396298e98cf
2016-06-22 16:41:51 +00:00 · 2016-06-22 16:41:51 +00:00 · 1c4985b38a
parent 43f7a97989
commit 1c4985b38a
4 changed files with 331 additions and 156 deletions
--- a/pom.xml
+++ b/pom.xml
@ -223,6 +223,14 @@
 			<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
 		</dependency>

+		<!-- Metadata publisher widget -->
+		<dependency>
+			<groupId>org.gcube.portlets.widgets</groupId>
+			<artifactId>ckan-metadata-publisher-widget</artifactId>
+			<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
+			<scope>compile</scope>
+		</dependency>
+
 		<!-- JSON PARSER -->
 		<dependency>
 			<groupId>org.json</groupId>
--- a/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceService.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceService.java
@ -694,4 +694,11 @@ public interface GWTWorkspaceService extends RemoteService{

 	FileModel getItemForFileTree(String itemId) throws Exception;
 	
+	/**
+	 * Allows the user to public onto the data catalogue if he has at least 
+	 * the role editor somewhere.
+	 * @return true if he can publish, false otherwise
+	 */
+	boolean hasUserRoleAdminOrEditor();
+
 }
--- a/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceServiceAsync.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceServiceAsync.java
@ -683,6 +683,11 @@ public interface GWTWorkspaceServiceAsync {
 	void setGcubeItemProperties(String itemId, Map<String, String> properties,
 			AsyncCallback<Void> callback);

-
+	/**
+	 * Allows the user to public onto the data catalogue if he has at least 
+	 * the role editor somewhere.
+	 * @return true if he can publish, false otherwise
+	 */
+	void hasUserRoleAdminOrEditor(AsyncCallback<Boolean> callback);

 }
--- a/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
@ -12,6 +12,7 @@ import java.util.Map;
 import java.util.concurrent.TimeUnit;

 import javax.servlet.ServletContext;
+import javax.servlet.http.HttpSession;

 import org.apache.log4j.Logger;
 import org.gcube.application.framework.core.session.ASLSession;
@ -40,6 +41,9 @@ import org.gcube.common.homelibrary.home.workspace.search.SearchItem;
 import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashFolder;
 import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashItem;
 import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.datacatalogue.ckanutillibrary.CKanUtilsImpl;
+import org.gcube.datacatalogue.ckanutillibrary.models.CkanRolesIntoLiferay;
+import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
 import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
 import org.gcube.portlets.user.workspace.client.interfaces.GXTCategoryItemInterface;
 import org.gcube.portlets.user.workspace.client.model.FileDetailsModel;
@ -79,11 +83,15 @@ import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingEntryTyp
 import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingField;
 import org.gcube.portlets.user.workspaceapplicationhandler.ApplicationReaderFromGenericResource;
 import org.gcube.vomanagement.usermanagement.GroupManager;
+import org.gcube.vomanagement.usermanagement.RoleManager;
 import org.gcube.vomanagement.usermanagement.UserManager;
 import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
 import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault;
 import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
+import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
 import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
+import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
+import org.gcube.vomanagement.usermanagement.model.GCubeRole;
 import org.gcube.vomanagement.usermanagement.model.GCubeUser;

 import com.google.gwt.user.server.rpc.RemoteServiceServlet;
@ -104,6 +112,25 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 	public static final String SELECTION_STATE_ATTRIBUTE = "WORKSPACE.SELECTION_STATE";
 	protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class);

+	// for the data catalogue 
+	public static final String CKAN_TOKEN_KEY = "ckanToken";
+	public static final String CKAN_ROLE = "ckanRole"; // editor, admin, member
+
+	// ckan utils methods
+	private CKanUtilsImpl instance;
+
+	@Override
+	public void init(){
+
+		// retrieve ckan information
+		try{
+			String currentScope = ScopeProvider.instance.get();
+			instance = new CKanUtilsImpl(currentScope);
+		}catch(Exception e){
+			workspaceLogger.error("Unable to retrieve ckan information");
+		}
+	}
+
 	/**
 	 * Gets the GWT workspace builder.
 	 *
@ -3388,4 +3415,132 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 			throw new Exception(error);
 		}
 	}
+
+	@Override
+	public boolean hasUserRoleAdminOrEditor() {
+		ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
+		String username = asl.getUsername();
+
+		// check if this information was already into the ASL Session
+		String role = (String)asl.getAttribute(CKAN_ROLE);
+
+		if(role != null)
+			switch(role){
+			case "editor" : 
+			case "admin" : return true;
+			default: return false; // member
+			}
+
+		try{
+
+			if(!isWithinPortal()){
+				workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
+				asl.setAttribute(CKAN_ROLE, "editor");
+				return true;
+			}
+			// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
+			boolean isSysAdmin = instance.isSysAdmin(username, getUserCKanTokenFromSession());
+
+			if(isSysAdmin){
+
+				workspaceLogger.debug("The user is a sysadmin of the catalog -> he can edit/add");
+				asl.setAttribute(CKAN_ROLE, "admin");
+				return true;
+
+			}else{
+
+				// retrieve the liferay's roles for the user
+				UserManager userManager = new LiferayUserManager();
+				RoleManager roleManager = new LiferayRoleManager();
+				GroupManager groupManager = new LiferayGroupManager();
+
+				// we need to iterate over vres
+				List<GCubeGroup> groups = groupManager.listGroups();
+
+				for (GCubeGroup gCubeGroup : groups) {
+					
+					String groupName = gCubeGroup.getGroupName();
+
+					// skip if it is not a vre
+					if(!groupManager.isVRE(gCubeGroup.getGroupId()))
+						continue;
+
+					List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userManager.getUserId(username), groupManager.getGroupId(groupName));
+
+					// the default one
+					RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
+					String roleToSetInSession = null;
+
+					// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
+					for (GCubeRole gCubeRole : roles) {
+
+						workspaceLogger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + groupName);
+						if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
+							correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
+							roleToSetInSession = "admin";
+							break;
+						}else if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
+							correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
+							roleToSetInSession = "editor";
+							break;
+						}
+					}
+					
+					// if the role is member, keep continuing
+					if(correspondentRoleToCheck.equals(RolesIntoOrganization.MEMBER))
+						continue;
+
+					// with this invocation, we check if the role is present in ckan and if it is not it will be added
+					boolean res = instance.checkRole(username, groupName, correspondentRoleToCheck);
+
+					// set the role in the asl session
+					if(res){
+						
+						
+						
+						
+					}
+					return res;
+
+				}
+			}
+		}catch(Exception e){
+			workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
+		}
+
+		workspaceLogger.debug("Unable to check the role into ckan organization, returning FALSE");
+		
+		// set the role member into the asl
+		asl.setAttribute(CKAN_ROLE, "member");
+
+		// return false
+		return false;
+	}
+
+	/**
+	 * Get current user's token.
+	 *
+	 * @return String the ckan user's token
+	 */
+	private String getUserCKanTokenFromSession(){
+
+		HttpSession httpSession = this.getThreadLocalRequest().getSession();
+		ASLSession session = WsUtil.getAslSession(httpSession);
+		String username = session.getUsername();
+		workspaceLogger.debug("User in session is " + username);
+
+		String token = null;
+		if(this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY) != null)
+			token = (String)this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY);
+		else{
+
+			token = instance.getApiKeyFromUsername(username);
+			this.getThreadLocalRequest().getSession().setAttribute(CKAN_TOKEN_KEY, token);
+			workspaceLogger.debug("Ckan token has been set for user " + username);
+		}
+
+		workspaceLogger.debug("Found ckan token " + token + " for user " + username);
+		return token;
+
+	}
 }