ckan role, licenses, profiles and organizations in which the user can publish are saved into http session

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129848 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-07-04 12:15:31 +00:00
parent 30d5b6d852
commit d203fb1836
2 changed files with 240 additions and 34 deletions

View File

@ -113,8 +113,11 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class); protected Logger workspaceLogger = Logger.getLogger(GWTWorkspaceServiceImpl.class);
// for the data catalogue // for the data catalogue
public static final String CKAN_TOKEN_KEY = "ckanToken"; private static final String CKAN_TOKEN_KEY = "ckanToken";
public static final String CKAN_ROLE = "ckanRole"; // a true value means the user has editor/admin role, false means member private static final String CKAN_ROLE = "ckanRole"; // a true value means the user has editor/admin role, false means member
private static final String CKAN_LICENSES_KEY = "ckanLicenses"; // licenses
private static final String CKAN_ORGANIZATIONS_PUBLISH_KEY = "ckanOrganizationsPublish"; // here he can publish
private static final String CKAN_PROFILES_KEY = "ckanProfiles"; // product profiles
// ckan utils methods // ckan utils methods
private CKanUtilsImpl instance; private CKanUtilsImpl instance;
@ -3431,13 +3434,14 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
@Override @Override
public boolean hasUserRoleAdminOrEditor() { public boolean hasUserRoleAdminOrEditor() {
ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession()); HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession asl = WsUtil.getAslSession(httpSession);
String username = asl.getUsername(); String username = asl.getUsername();
String currentScope = asl.getScope();
if(!isWithinPortal()){ if(!isWithinPortal()){
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE"); workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
asl.setAttribute(CKAN_ROLE, true); return false;
return true;
} }
if(username.equals(WsUtil.TEST_USER)){ if(username.equals(WsUtil.TEST_USER)){
@ -3445,9 +3449,12 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
return false; return false;
} }
// get key per scope
String keyPerScope = concatenateSessionKeyScope(CKAN_ROLE, asl.getScope());
// check if this information was already into the ASL Session (true means the user has at least in one org // check if this information was already into the ASL Session (true means the user has at least in one org
// the role editor/admin), false that he is just a member so he cannot publish // the role editor/admin), false that he is just a member so he cannot publish
Boolean role = (Boolean)asl.getAttribute(CKAN_ROLE); Boolean role = (Boolean)httpSession.getAttribute(keyPerScope);
// if the attribute was already set.. // if the attribute was already set..
if(role != null) if(role != null)
@ -3455,6 +3462,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
else{ else{
CKanUtilsImpl ckanUtils = getCkanUtils(); CKanUtilsImpl ckanUtils = getCkanUtils();
boolean result = false;
try{ try{
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything) // first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
@ -3463,8 +3471,8 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
if(isSysAdmin){ if(isSysAdmin){
workspaceLogger.debug("The user is a sysadmin of the catalog -> he can edit/add"); workspaceLogger.debug("The user is a sysadmin of the catalog -> he can edit/add");
asl.setAttribute(CKAN_ROLE, true); httpSession.setAttribute(keyPerScope, true);
return true; result = true;
}else{ }else{
@ -3522,16 +3530,28 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// set true in the asl session // set true in the asl session
workspaceLogger.debug("Setting CKAN_ROLE for " + username + " to " + toReturn); workspaceLogger.debug("Setting CKAN_ROLE for " + username + " to " + toReturn);
asl.setAttribute(CKAN_ROLE, toReturn); result = toReturn;
return toReturn; httpSession.setAttribute(keyPerScope, result);
} }
// if result is true, preload ckan licenses, organizations, profiles
if(result){
workspaceLogger.debug("It seems that the user has editor/admin roles");
UserUtil.getLicenses(httpSession, username, concatenateSessionKeyScope(CKAN_LICENSES_KEY, currentScope), ckanUtils);
UserUtil.getUserOrganizationsList(httpSession, username, isSysAdmin, concatenateSessionKeyScope(CKAN_ORGANIZATIONS_PUBLISH_KEY, currentScope), ckanUtils, getUserCKanTokenFromSession());
UserUtil.getMetadataProfilesList(httpSession, username, concatenateSessionKeyScope(CKAN_PROFILES_KEY, currentScope), ckanUtils);
}
return result;
}catch(Exception e){ }catch(Exception e){
workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e); workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
} }
// set the role member into the asl // set the role member into the asl
asl.setAttribute(CKAN_ROLE, false); httpSession.setAttribute(CKAN_ROLE, false);
// return false // return false
return false; return false;
@ -3539,26 +3559,48 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
} }
/** /**
* Get current user's token. * Get current user's token
*
* @return String the ckan user's token * @return String the ckan user's token
*/ */
private String getUserCKanTokenFromSession(){ private String getUserCKanTokenFromSession(){
HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = WsUtil.getAslSession(httpSession);
String username = session.getUsername();
workspaceLogger.debug("User in session is " + username);
String token = null; String token = null;
if(session.getAttribute(CKAN_TOKEN_KEY) != null)
token = (String)session.getAttribute(CKAN_TOKEN_KEY);
else{
if(!isWithinPortal()){
workspaceLogger.warn("You are running outside the portal");
}else{
// store info in the http session
HttpSession httpSession = getThreadLocalRequest().getSession();
ASLSession aslSession = WsUtil.getAslSession(httpSession);
String username = aslSession.getUsername();
// get the key per scope
String keyPerScope = concatenateSessionKeyScope(CKAN_TOKEN_KEY, aslSession.getScope());
// check if session expired
if(username.equals(WsUtil.TEST_USER)){
workspaceLogger.warn("Session expired, returning null token");
token = null;
}else{
try{
workspaceLogger.debug("User in session is " + username);
if(httpSession.getAttribute(keyPerScope) != null)
token = (String)httpSession.getAttribute(keyPerScope);
else{
token = getCkanUtils().getApiKeyFromUsername(username); token = getCkanUtils().getApiKeyFromUsername(username);
session.setAttribute(CKAN_TOKEN_KEY, token); httpSession.setAttribute(keyPerScope, token);
workspaceLogger.debug("Ckan token has been set for user " + username); workspaceLogger.debug("Ckan token has been set for user " + username);
} }
workspaceLogger.debug("Found ckan token " + token.substring(0, 3) + "********************" + " for user " + username); workspaceLogger.debug("Found ckan token " + token.substring(0, 3) + "************************" + " for user " + username);
}catch(Exception e){
workspaceLogger.error("Error while retrieving the key" , e);
}
}
}
return token; return token;
} }
@ -3568,4 +3610,14 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
ASLSession session = WsUtil.getAslSession(httpSession); ASLSession session = WsUtil.getAslSession(httpSession);
return session.getUsername(); return session.getUsername();
} }
/**
* Builds a string made of key + scope
* @param key
* @param scope
* @return
*/
public static String concatenateSessionKeyScope(String key, String scope){
return key.concat(scope);
}
} }

View File

@ -1,10 +1,27 @@
package org.gcube.portlets.user.workspace.server.util; package org.gcube.portlets.user.workspace.server.util;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger; import org.apache.log4j.Logger;
import org.gcube.datacatalogue.ckanutillibrary.CKanUtils;
import org.gcube.datacatalogue.ckanutillibrary.models.RolesIntoOrganization;
import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader;
import org.gcube.datacatalogue.metadatadiscovery.bean.MetadataType;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataField;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataFormat;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataValidator;
import org.gcube.datacatalogue.metadatadiscovery.bean.jaxb.MetadataVocabulary;
import org.gcube.portlets.user.workspace.client.model.InfoContactModel; import org.gcube.portlets.user.workspace.client.model.InfoContactModel;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.LicensesBean;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataProfileBean;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetaDataTypeWrapper;
import org.gcube.portlets.widgets.ckandatapublisherwidget.shared.MetadataFieldWrapper;
import org.gcube.vomanagement.usermanagement.UserManager; import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException; import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault; import org.gcube.vomanagement.usermanagement.exception.UserRetrievalFault;
@ -31,9 +48,9 @@ public class UserUtil {
* @return the user full name if is available, the input parameter portalLogin otherwise * @return the user full name if is available, the input parameter portalLogin otherwise
*/ */
public static String getUserFullName(String portalLogin){ public static String getUserFullName(String portalLogin){
// return user.getPortalLogin(); //for testing in eclipse // return user.getPortalLogin(); //for testing in eclipse
// logger.trace("Finding full name for: "+portalLogin); // logger.trace("Finding full name for: "+portalLogin);
if(portalLogin==null) if(portalLogin==null)
return ""; return "";
@ -60,7 +77,7 @@ public class UserUtil {
} }
if (curr != null){ if (curr != null){
// logger.trace("Return "+curr.getFullname() +" full name for: "+portalLogin); // logger.trace("Return "+curr.getFullname() +" full name for: "+portalLogin);
return curr.getFullname(); return curr.getFullname();
} }
}else{ }else{
@ -125,13 +142,13 @@ public class UserUtil {
//N-1 MEMBERS //N-1 MEMBERS
for (int i = 0; i < listLogin.size()-1; i++) { for (int i = 0; i < listLogin.size()-1; i++) {
// logger.trace("Converting: "+i+") "+listLogin.get(i)); // logger.trace("Converting: "+i+") "+listLogin.get(i));
users+= getUserFullName(listLogin.get(i)) + ", "; users+= getUserFullName(listLogin.get(i)) + ", ";
} }
//LAST MEMBER //LAST MEMBER
if(listLogin.size()>=1){ if(listLogin.size()>=1){
// logger.trace("Converting: "+(listLogin.size()-1)+") " +listLogin.get(listLogin.size()-1)); // logger.trace("Converting: "+(listLogin.size()-1)+") " +listLogin.get(listLogin.size()-1));
users += getUserFullName(listLogin.get(listLogin.size()-1)); users += getUserFullName(listLogin.get(listLogin.size()-1));
} }
@ -147,9 +164,146 @@ public class UserUtil {
*/ */
public static void main(String[] args) { public static void main(String[] args) {
List<String> login = new ArrayList<String>(); List<String> login = new ArrayList<String>();
// login.add("ale"); // login.add("ale");
// login.add("pepe"); // login.add("pepe");
System.out.println(separateFullNameToCommaForPortalLogin(login)); System.out.println(separateFullNameToCommaForPortalLogin(login));
} }
/**
* Load the licenses list and put them into the asl session (the publisher widget will use it)
* @param session
* @param ckanLicensesKey
* @param ckanUtils
*/
public static void getLicenses(HttpSession session, String username, String ckanLicensesKey, CKanUtils ckanUtils) {
try{
logger.debug("User in session is " + username);
List<String> titlesLicenses = ckanUtils.getLicenseTitles();
LicensesBean licensesBean = new LicensesBean(titlesLicenses);
session.setAttribute(ckanLicensesKey, licensesBean);
logger.info("List of licenses has been saved into session" + licensesBean);
}
catch(Exception e){
logger.error("Failed to preload licenses list", e);
}
}
/**
* Load the list of organizations in which he can publish and put them into the asl session (the publisher widget will use it)
* @param session
* @param ckanOrganizationsPublishKey
* @param ckanUtils
*/
public static void getUserOrganizationsList(HttpSession session, String username, boolean isSysAdmin,
String ckanOrganizationsPublishKey, CKanUtils ckanUtils, String token) {
try{
logger.debug("Request for user " + username + " organizations list");
List<String> orgsName = new ArrayList<String>();
if(isSysAdmin){
logger.info("The user " + username + " is a sysadmin. He can publish everywhere");
orgsName = ckanUtils.getOrganizationsNames(); // get all organizations' names
}else{
// We need to retrieve orgs in which the user has the roles ADMIN or EDITOR
List<RolesIntoOrganization> rolesToMatch = new ArrayList<RolesIntoOrganization>();
rolesToMatch.add(RolesIntoOrganization.EDITOR);
rolesToMatch.add(RolesIntoOrganization.ADMIN);
Map<String, List<RolesIntoOrganization>> orgsAndRoles = ckanUtils.getGroupsAndRolesByUser(username, rolesToMatch);
logger.debug("Result is " + orgsAndRoles);
Iterator<Entry<String, List<RolesIntoOrganization>>> iterator = orgsAndRoles.entrySet().iterator();
// get the names
while (iterator.hasNext()) {
Map.Entry<String, List<RolesIntoOrganization>> entry = (Map.Entry<String, List<RolesIntoOrganization>>) iterator
.next();
orgsName.add(entry.getKey());
logger.debug("The user has a role ADMIN/EDITOR into org " + entry.getKey());
}
}
session.setAttribute(ckanOrganizationsPublishKey, orgsName);
logger.info("Organizations name for user " + username + " has been saved into session");
}catch(Exception e){
logger.error("Failed to preload list of organizations in which the user can publish", e);
}
}
/**
* Load the list of product profiles and put them into the asl session (the publisher widget will use it)
* @param session
* @param ckanOrganizationsPublishKey
* @param ckanUtils
*/
public static void getMetadataProfilesList(HttpSession session, String username,
String ckanProfilesKey, CKanUtils ckanUtils) {
try{
logger.debug("User in session is " + username);
List<MetaDataProfileBean> beans = new ArrayList<MetaDataProfileBean>();
try {
DataCalogueMetadataFormatReader reader = new DataCalogueMetadataFormatReader();
for (MetadataType mt : reader.getListOfMetadataTypes()) {
MetadataFormat metadata = reader.getMetadataFormatForMetadataType(mt);
// we need to wrap the list of metadata
List<MetadataFieldWrapper> wrapperList = new ArrayList<MetadataFieldWrapper>();
List<MetadataField> toWrap = metadata.getMetadataFields();
for(MetadataField metadataField: toWrap){
MetadataFieldWrapper wrapperObj = new MetadataFieldWrapper();
wrapperObj.setDefaulValue(metadataField.getDefaulValue());
wrapperObj.setFieldName(metadataField.getFieldName());
wrapperObj.setIsBoolean(metadataField.getIsBoolean());
wrapperObj.setMandatory(metadataField.getMandatory());
wrapperObj.setNote(metadataField.getNote());
MetadataValidator validator = metadataField.getValidator();
if(validator != null)
wrapperObj.setValidator(validator.getRegularExpression());
MetadataVocabulary vocabulary = metadataField.getVocabulary();
if(vocabulary != null)
wrapperObj.setVocabulary(vocabulary.getVocabularyFields());
// add to the list
wrapperList.add(wrapperObj);
}
// wrap the mt as well
MetaDataTypeWrapper typeWrapper = new MetaDataTypeWrapper();
typeWrapper.setDescription(mt.getDescription());
typeWrapper.setId(mt.getId());
typeWrapper.setName(mt.getName());
MetaDataProfileBean bean = new MetaDataProfileBean(typeWrapper, wrapperList);
beans.add(bean);
}
logger.info("List of beans is " + beans);
session.setAttribute(ckanProfilesKey, beans);
logger.debug("List of profiles has been saved into session");
} catch (Exception e) {
logger.error("Error while retrieving metadata beans ", e);
}
}
catch(Exception e){
logger.error("Failed to retrieve the list of product profiles", e);
}
}
} }