minor fix for ckan roles handling

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129675 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-06-30 10:22:35 +00:00
parent 77ad08ddc6
commit 30050a874b
1 changed files with 21 additions and 17 deletions

View File

@ -114,7 +114,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// for the data catalogue
public static final String CKAN_TOKEN_KEY = "ckanToken";
public static final String CKAN_ROLE = "ckanRole"; // editor, admin, member
public static final String CKAN_ROLE = "ckanRole"; // a true value means the user has editor/admin role, false means member
// ckan utils methods
private CKanUtilsImpl instance;
@ -2704,7 +2704,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
firstName = user.getFirstName();
lastName = user.getLastName();
email = user.getEmail();
// check if he has catalogue role
catalogueEditor = hasUserRoleAdminOrEditor();
}catch (UserManagementSystemException e) {
@ -3433,13 +3433,18 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
public boolean hasUserRoleAdminOrEditor() {
ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
String username = asl.getUsername();
if(!isWithinPortal()){
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
asl.setAttribute(CKAN_ROLE, "editor");
asl.setAttribute(CKAN_ROLE, true);
return true;
}
if(username.equals(WsUtil.TEST_USER)){
workspaceLogger.warn("Session expired");
return false;
}
// check if this information was already into the ASL Session (true means the user has at least in one org
// the role editor/admin), false that he is just a member so he cannot publish
Boolean role = (Boolean)asl.getAttribute(CKAN_ROLE);
@ -3449,9 +3454,11 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
return role;
else{
CKanUtilsImpl ckanUtils = getCkanUtils();
try{
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
boolean isSysAdmin = getCkanUtils().isSysAdmin(username, getUserCKanTokenFromSession());
boolean isSysAdmin = ckanUtils.isSysAdmin(username, getUserCKanTokenFromSession());
if(isSysAdmin){
@ -3468,9 +3475,9 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// we need to iterate over vres of the user
List<GCubeGroup> groups = groupManager.listGroupsByUser(userManager.getUserId(username));
workspaceLogger.debug("The list of organizations of the user " + username + " is " + groups);
boolean toReturn = false;
for (GCubeGroup gCubeGroup : groups) {
@ -3506,16 +3513,16 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
continue;
// with this invocation, we check if the role is present in ckan and if it is not it will be added
toReturn &= getCkanUtils().checkRole(username, groupName, correspondentRoleToCheck);
toReturn &= ckanUtils.checkRole(username, groupName, correspondentRoleToCheck);
}
// set true in the asl session
workspaceLogger.debug("Setting CKAN_ROLE for " + username + " to " + toReturn);
asl.setAttribute(CKAN_ROLE, toReturn);
return toReturn;
}
}catch(Exception e){
workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
}
@ -3536,25 +3543,22 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
* @return String the ckan user's token
*/
private String getUserCKanTokenFromSession(){
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = WsUtil.getAslSession(httpSession);
String username = session.getUsername();
workspaceLogger.debug("User in session is " + username);
String token = null;
if(this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY) != null)
token = (String)this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY);
if(session.getAttribute(CKAN_TOKEN_KEY) != null)
token = (String)session.getAttribute(CKAN_TOKEN_KEY);
else{
token = getCkanUtils().getApiKeyFromUsername(username);
this.getThreadLocalRequest().getSession().setAttribute(CKAN_TOKEN_KEY, token);
session.setAttribute(CKAN_TOKEN_KEY, token);
workspaceLogger.debug("Ckan token has been set for user " + username);
}
workspaceLogger.debug("Found ckan token " + token + " for user " + username);
workspaceLogger.debug("Found ckan token " + token.substring(0, 3) + "********************" + " for user " + username);
return token;
}
@Override