Started working on ckan data catalogue publish mechanism. Server side is almost complete
git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129324 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
43f7a97989
commit
1c4985b38a
8
pom.xml
8
pom.xml
|
@ -223,6 +223,14 @@
|
|||
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Metadata publisher widget -->
|
||||
<dependency>
|
||||
<groupId>org.gcube.portlets.widgets</groupId>
|
||||
<artifactId>ckan-metadata-publisher-widget</artifactId>
|
||||
<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<!-- JSON PARSER -->
|
||||
<dependency>
|
||||
<groupId>org.json</groupId>
|
||||
|
|
|
@ -694,4 +694,11 @@ public interface GWTWorkspaceService extends RemoteService{
|
|||
|
||||
FileModel getItemForFileTree(String itemId) throws Exception;
|
||||
|
||||
/**
|
||||
* Allows the user to public onto the data catalogue if he has at least
|
||||
* the role editor somewhere.
|
||||
* @return true if he can publish, false otherwise
|
||||
*/
|
||||
boolean hasUserRoleAdminOrEditor();
|
||||
|
||||
}
|
||||
|
|
|
@ -683,6 +683,11 @@ public interface GWTWorkspaceServiceAsync {
|
|||
void setGcubeItemProperties(String itemId, Map<String, String> properties,
|
||||
AsyncCallback<Void> callback);
|
||||
|
||||
|
||||
/**
|
||||
* Allows the user to public onto the data catalogue if he has at least
|
||||
* the role editor somewhere.
|
||||
* @return true if he can publish, false otherwise
|
||||
*/
|
||||
void hasUserRoleAdminOrEditor(AsyncCallback<Boolean> callback);
|
||||
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ import java.util.Map;
|
|||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.gcube.application.framework.core.session.ASLSession;
|
||||
|
@ -40,6 +41,9 @@ import org.gcube.common.homelibrary.home.workspace.search.SearchItem;
|
|||
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashFolder;
|
||||
import org.gcube.common.homelibrary.home.workspace.trash.WorkspaceTrashItem;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.datacatalogue.ckanutillibrary.CKanUtilsImpl;
|
||||
import org.gcube.datacatalogue.ckanutillibrary.models.CkanRolesIntoLiferay;
|
||||
import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
|
||||
import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
|
||||
import org.gcube.portlets.user.workspace.client.interfaces.GXTCategoryItemInterface;
|
||||
import org.gcube.portlets.user.workspace.client.model.FileDetailsModel;
|
||||
|
@ -79,11 +83,15 @@ import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingEntryTyp
|
|||
import org.gcube.portlets.user.workspace.shared.accounting.GxtAccountingField;
|
||||
import org.gcube.portlets.user.workspaceapplicationhandler.ApplicationReaderFromGenericResource;
|
||||
import org.gcube.vomanagement.usermanagement.GroupManager;
|
||||
import org.gcube.vomanagement.usermanagement.RoleManager;
|
||||
import org.gcube.vomanagement.usermanagement.UserManager;
|
||||
import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
|
||||
import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault;
|
||||
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
||||
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
|
||||
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
||||
|
||||
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
||||
|
@ -104,6 +112,25 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
|
|||
public static final String SELECTION_STATE_ATTRIBUTE = "WORKSPACE.SELECTION_STATE";
|
||||
protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class);
|
||||
|
||||
// for the data catalogue
|
||||
public static final String CKAN_TOKEN_KEY = "ckanToken";
|
||||
public static final String CKAN_ROLE = "ckanRole"; // editor, admin, member
|
||||
|
||||
// ckan utils methods
|
||||
private CKanUtilsImpl instance;
|
||||
|
||||
@Override
|
||||
public void init(){
|
||||
|
||||
// retrieve ckan information
|
||||
try{
|
||||
String currentScope = ScopeProvider.instance.get();
|
||||
instance = new CKanUtilsImpl(currentScope);
|
||||
}catch(Exception e){
|
||||
workspaceLogger.error("Unable to retrieve ckan information");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the GWT workspace builder.
|
||||
*
|
||||
|
@ -3388,4 +3415,132 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
|
|||
throw new Exception(error);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasUserRoleAdminOrEditor() {
|
||||
ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
|
||||
String username = asl.getUsername();
|
||||
|
||||
// check if this information was already into the ASL Session
|
||||
String role = (String)asl.getAttribute(CKAN_ROLE);
|
||||
|
||||
if(role != null)
|
||||
switch(role){
|
||||
case "editor" :
|
||||
case "admin" : return true;
|
||||
default: return false; // member
|
||||
}
|
||||
|
||||
try{
|
||||
|
||||
if(!isWithinPortal()){
|
||||
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
|
||||
asl.setAttribute(CKAN_ROLE, "editor");
|
||||
return true;
|
||||
}
|
||||
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
|
||||
boolean isSysAdmin = instance.isSysAdmin(username, getUserCKanTokenFromSession());
|
||||
|
||||
if(isSysAdmin){
|
||||
|
||||
workspaceLogger.debug("The user is a sysadmin of the catalog -> he can edit/add");
|
||||
asl.setAttribute(CKAN_ROLE, "admin");
|
||||
return true;
|
||||
|
||||
}else{
|
||||
|
||||
// retrieve the liferay's roles for the user
|
||||
UserManager userManager = new LiferayUserManager();
|
||||
RoleManager roleManager = new LiferayRoleManager();
|
||||
GroupManager groupManager = new LiferayGroupManager();
|
||||
|
||||
// we need to iterate over vres
|
||||
List<GCubeGroup> groups = groupManager.listGroups();
|
||||
|
||||
for (GCubeGroup gCubeGroup : groups) {
|
||||
|
||||
String groupName = gCubeGroup.getGroupName();
|
||||
|
||||
// skip if it is not a vre
|
||||
if(!groupManager.isVRE(gCubeGroup.getGroupId()))
|
||||
continue;
|
||||
|
||||
List<GCubeRole> roles = roleManager.listRolesByUserAndGroup(userManager.getUserId(username), groupManager.getGroupId(groupName));
|
||||
|
||||
// the default one
|
||||
RolesIntoOrganization correspondentRoleToCheck = RolesIntoOrganization.MEMBER;
|
||||
String roleToSetInSession = null;
|
||||
|
||||
// NOTE: it is supposed that there is just one role for this person correspondent to the one in the catalog
|
||||
for (GCubeRole gCubeRole : roles) {
|
||||
|
||||
workspaceLogger.debug("User " + username + " has role " + gCubeRole.getRoleName() + " in " + groupName);
|
||||
if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_ADMIN.toString())){
|
||||
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||
roleToSetInSession = "admin";
|
||||
break;
|
||||
}else if(gCubeRole.getRoleName().equalsIgnoreCase(CkanRolesIntoLiferay.CATALOG_EDITOR.toString())){
|
||||
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
|
||||
roleToSetInSession = "editor";
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// if the role is member, keep continuing
|
||||
if(correspondentRoleToCheck.equals(RolesIntoOrganization.MEMBER))
|
||||
continue;
|
||||
|
||||
// with this invocation, we check if the role is present in ckan and if it is not it will be added
|
||||
boolean res = instance.checkRole(username, groupName, correspondentRoleToCheck);
|
||||
|
||||
// set the role in the asl session
|
||||
if(res){
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
return res;
|
||||
|
||||
}
|
||||
}
|
||||
}catch(Exception e){
|
||||
workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
|
||||
}
|
||||
|
||||
workspaceLogger.debug("Unable to check the role into ckan organization, returning FALSE");
|
||||
|
||||
// set the role member into the asl
|
||||
asl.setAttribute(CKAN_ROLE, "member");
|
||||
|
||||
// return false
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get current user's token.
|
||||
*
|
||||
* @return String the ckan user's token
|
||||
*/
|
||||
private String getUserCKanTokenFromSession(){
|
||||
|
||||
HttpSession httpSession = this.getThreadLocalRequest().getSession();
|
||||
ASLSession session = WsUtil.getAslSession(httpSession);
|
||||
String username = session.getUsername();
|
||||
workspaceLogger.debug("User in session is " + username);
|
||||
|
||||
String token = null;
|
||||
if(this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY) != null)
|
||||
token = (String)this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY);
|
||||
else{
|
||||
|
||||
token = instance.getApiKeyFromUsername(username);
|
||||
this.getThreadLocalRequest().getSession().setAttribute(CKAN_TOKEN_KEY, token);
|
||||
workspaceLogger.debug("Ckan token has been set for user " + username);
|
||||
}
|
||||
|
||||
workspaceLogger.debug("Found ckan token " + token + " for user " + username);
|
||||
return token;
|
||||
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue