gCubeSystem
/
workspace-tree-widget
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

publish on data catalogue is only allowed to admins and sysadmins 

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@130559 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-07-19 15:56:50 +00:00
parent f2c95d4cdd
commit 8181d4ce19
4 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceService.java
View File

@ -696,10 +696,10 @@ public interface GWTWorkspaceService extends RemoteService{
/** /**
* Allows the user to public onto the data catalogue if he has at least * Allows the user to public onto the data catalogue if he has at least
* the role editor somewhere. * the role admin somewhere.
* @return true if he can publish, false otherwise * @return true if he can publish, false otherwise
*/ */
boolean hasUserRoleAdminOrEditor(); boolean hasUserRoleAdminOrSysadmin();
/** /**
* Retrieve the username of the user into the session * Retrieve the username of the user into the session

4
src/main/java/org/gcube/portlets/user/workspace/client/rpc/GWTWorkspaceServiceAsync.java
View File

@ -685,10 +685,10 @@ public interface GWTWorkspaceServiceAsync {
/** /**
* Allows the user to public onto the data catalogue if he has at least * Allows the user to public onto the data catalogue if he has at least
* the role editor somewhere. * the role admin somewhere.
* @return true if he can publish, false otherwise * @return true if he can publish, false otherwise
*/ */
void hasUserRoleAdminOrEditor(AsyncCallback<Boolean> callback); void hasUserRoleAdminOrSysadmin(AsyncCallback<Boolean> callback);
/** /**
* Retrieve the username of the user into the session * Retrieve the username of the user into the session

37
src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
View File

@ -119,7 +119,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
private static final String CKAN_LICENSES_KEY = "ckanLicenses"; // licenses private static final String CKAN_LICENSES_KEY = "ckanLicenses"; // licenses
private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish
private static final String CKAN_PROFILES_KEY = "ckanProfiles"; // product profiles private static final String CKAN_PROFILES_KEY = "ckanProfiles"; // product profiles
/** /**
* Since it needs the scope, we need to check if it is null or not * Since it needs the scope, we need to check if it is null or not
* @return * @return
@ -2695,7 +2695,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
String email = username+"@isti.cnr.it"; String email = username+"@isti.cnr.it";
String firstName = "Testing"; String firstName = "Testing";
String lastName = "User"; String lastName = "User";
boolean catalogueEditor = false; boolean publishRights = false;
if (isWithinPortal() && username.compareTo(WsUtil.TEST_USER) != 0) { if (isWithinPortal() && username.compareTo(WsUtil.TEST_USER) != 0) {
try { try {
@ -2706,7 +2706,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
email = user.getEmail(); email = user.getEmail();
// check if he has catalogue role // check if he has catalogue role
catalogueEditor = hasUserRoleAdminOrEditor(); publishRights = hasUserRoleAdminOrSysadmin();
}catch (UserManagementSystemException e) { }catch (UserManagementSystemException e) {
workspaceLogger.error("UserManagementSystemException for username: "+username); workspaceLogger.error("UserManagementSystemException for username: "+username);
} }
@ -2715,7 +2715,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
} }
} }
return new UserBean(username, firstName, lastName, email, catalogueEditor); return new UserBean(username, firstName, lastName, email, publishRights);
} }
/** /**
@ -3430,12 +3430,12 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
} }
@Override @Override
public boolean hasUserRoleAdminOrEditor() { public boolean hasUserRoleAdminOrSysadmin() {
HttpSession httpSession = this.getThreadLocalRequest().getSession(); HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession asl = WsUtil.getAslSession(httpSession); ASLSession asl = WsUtil.getAslSession(httpSession);
String username = asl.getUsername(); String username = asl.getUsername();
String currentScope = asl.getScope(); String currentScope = asl.getScope();
if(!isWithinPortal()){ if(!isWithinPortal()){
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE"); workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
return false; return false;
@ -3445,7 +3445,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
workspaceLogger.warn("Session expired"); workspaceLogger.warn("Session expired");
return false; return false;
} }
// get key per scope // get key per scope
String keyPerScope = concatenateSessionKeyScope(CKAN_ROLE, asl.getScope()); String keyPerScope = concatenateSessionKeyScope(CKAN_ROLE, asl.getScope());
@ -3480,7 +3480,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// we need to iterate over vres of the user // we need to iterate over vres of the user
List<GCubeGroup> groups = groupManager.listGroupsByUser(userManager.getUserId(username)); List<GCubeGroup> groups = groupManager.listGroupsByUser(userManager.getUserId(username));
// user id // user id
long userid = userManager.getUserId(username); long userid = userManager.getUserId(username);
@ -3509,11 +3509,12 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
correspondentRoleToCheck = RolesIntoOrganization.ADMIN; correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
toReturn = true; toReturn = true;
break; break;
}else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
toReturn = true;
break;
} }
// }else if(gCubeRole.getRoleName().equalsIgnoreCase(GatewayRolesNames.CATALOGUE_EDITOR.getRoleName())){
// correspondentRoleToCheck = RolesIntoOrganization.EDITOR;
// toReturn = true;
// break;
// }
} }
// if the role is member, continue // if the role is member, continue
@ -3530,17 +3531,17 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
result = toReturn; result = toReturn;
httpSession.setAttribute(keyPerScope, result); httpSession.setAttribute(keyPerScope, result);
} }
// if result is true, preload ckan licenses, organizations, profiles // if result is true, preload ckan licenses, organizations, profiles
if(result){ if(result){
workspaceLogger.debug("It seems that the user has editor/admin roles"); workspaceLogger.debug("It seems that the user has editor/admin roles");
UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils); UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils);
UserUtil.getUserOrganizationsList(httpSession, username, isSysAdmin, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession()); UserUtil.getUserOrganizationsList(httpSession, username, isSysAdmin, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession());
UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils); UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils);
} }
return result; return result;
}catch(Exception e){ }catch(Exception e){
@ -3554,7 +3555,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
return false; return false;
} }
} }
/** /**
* Get current user's token * Get current user's token
* @return String the ckan user's token * @return String the ckan user's token
@ -3607,7 +3608,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
ASLSession session = WsUtil.getAslSession(httpSession); ASLSession session = WsUtil.getAslSession(httpSession);
return session.getUsername(); return session.getUsername();
} }
/** /**
* Builds a string made of key + scope * Builds a string made of key + scope
* @param key * @param key

5
src/main/java/org/gcube/portlets/user/workspace/server/util/UserUtil.java
View File

@ -220,9 +220,8 @@ public class UserUtil {
}else{ }else{
// We need to retrieve orgs in which the user has the roles ADMIN or EDITOR // We need to retrieve orgs in which the user has the roles ADMIN
List<RolesIntoOrganization> rolesToMatch = new ArrayList<RolesIntoOrganization>(); List<RolesIntoOrganization> rolesToMatch = new ArrayList<RolesIntoOrganization>();
rolesToMatch.add(RolesIntoOrganization.EDITOR);
rolesToMatch.add(RolesIntoOrganization.ADMIN); rolesToMatch.add(RolesIntoOrganization.ADMIN);
Map<String, List<RolesIntoOrganization>> orgsAndRoles = ckanUtils.getGroupsAndRolesByUser(username, rolesToMatch); Map<String, List<RolesIntoOrganization>> orgsAndRoles = ckanUtils.getGroupsAndRolesByUser(username, rolesToMatch);
@ -234,7 +233,7 @@ public class UserUtil {
Map.Entry<String, List<RolesIntoOrganization>> entry = (Map.Entry<String, List<RolesIntoOrganization>>) iterator Map.Entry<String, List<RolesIntoOrganization>> entry = (Map.Entry<String, List<RolesIntoOrganization>>) iterator
.next(); .next();
orgsName.add(entry.getKey()); orgsName.add(entry.getKey());
logger.debug("The user has a role ADMIN/EDITOR into org " + entry.getKey()); logger.debug("The user has a role ADMIN into org " + entry.getKey());
} }
} }
session.setAttribute(ckanOrganizationsPublishKey, orgsName); session.setAttribute(ckanOrganizationsPublishKey, orgsName);