Compare commits

...

17 Commits

Author SHA1 Message Date
Giancarlo Panichi 349db51069 Update CHANGELOG.md 2024-10-29 18:12:31 +01:00
Massimiliano Assante 4d1db984eb ready to release 2024-10-28 18:25:32 +01:00
Alfredo Oliviero dca84c0eda changelog 2024-10-24 12:10:06 +02:00
Alfredo Oliviero d3ce0062d0 updated gitignore 2024-10-24 12:09:33 +02:00
Alfredo Oliviero 9bfa40bc1d maven-parent 1.2.0
maven-portal-bom 4.0.0-SNAPSHOT
Feature #27999 - [StorageHub] downstream components to upgrade in order to work with storagehub 1.5.0
2024-09-20 14:16:54 +02:00
Massimiliano Assante d9c73f679b updated bom 2021-06-24 17:31:50 +02:00
Massimiliano Assante 669a8e248a ready to release 2021-06-24 10:51:09 +02:00
Massimiliano Assante 40633c6ed9 removed wrong use of token provider 2021-05-25 18:31:42 +02:00
Massimiliano Assante e82dfa44d1 #21506: Updated to support new UMATokensProvider class 2021-05-25 17:05:11 +02:00
Massimiliano Assante c964fea2b4 updated pom for release 2021-04-12 17:06:09 +02:00
Massimiliano Assante 12a11644aa removed obsolete Home library deps which were forgotten in prev. release 2021-04-12 10:01:11 +02:00
Massimiliano Assante bf740de4f6 jadded a log at info when the workspace via shubis created for a user 2021-02-04 17:44:19 +01:00
Massimiliano Assante f634c525ef Now the workspace creation is done with the UMA Token 2021-02-03 18:19:53 +01:00
Massimiliano Assante 44db458e1a restored the call to shub create workspace without UMA 2020-12-11 18:00:07 +01:00
Massimiliano Assante 61fff62b8a added funding.md 2020-11-19 15:55:24 +01:00
Massimiliano Assante f54736ad08 upate changelog 2020-11-13 09:39:36 +01:00
Massimiliano Assante 37d75491ae upated changelog and pom for release 2020-11-13 09:16:35 +01:00
17 changed files with 310 additions and 177 deletions

View File

@ -1,33 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
<attribute name="test" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

175
.gitignore vendored
View File

@ -1 +1,174 @@
/target/
#
ignore_me
tomcat
target
.classpath
.visual
.project
.settings
/**/.DS_Store
# Created by https://www.toptal.com/developers/gitignore/api/java,macos,linux,visualstudiocode,eclipse
# Edit at https://www.toptal.com/developers/gitignore?templates=java,macos,linux,visualstudiocode,eclipse
### Eclipse ###
.metadata
bin/
tmp/
*.tmp
*.bak
*.swp
*~.nib
local.properties
.settings/
.loadpath
.recommenders
# External tool builders
.externalToolBuilders/
# Locally stored "Eclipse launch configurations"
*.launch
# PyDev specific (Python IDE for Eclipse)
*.pydevproject
# CDT-specific (C/C++ Development Tooling)
.cproject
# CDT- autotools
.autotools
# Java annotation processor (APT)
.factorypath
# PDT-specific (PHP Development Tools)
.buildpath
# sbteclipse plugin
.target
# Tern plugin
.tern-project
# TeXlipse plugin
.texlipse
# STS (Spring Tool Suite)
.springBeans
# Code Recommenders
.recommenders/
# Annotation Processing
.apt_generated/
.apt_generated_test/
# Scala IDE specific (Scala & Java development for Eclipse)
.cache-main
.scala_dependencies
.worksheet
# Uncomment this line if you wish to ignore the project description file.
# Typically, this file would be tracked if it contains build/dependency configurations:
#.project
### Eclipse Patch ###
# Spring Boot Tooling
.sts4-cache/
### Java ###
# Compiled class file
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
replay_pid*
### Linux ###
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
### macOS ###
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
### macOS Patch ###
# iCloud generated files
*.icloud
### VisualStudioCode ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
!.vscode/*.code-snippets
# Local History for Visual Studio Code
.history/
# Built Visual Studio Code Extensions
*.vsix
### VisualStudioCode Patch ###
# Ignore all local history of files
.history
.ionide
# End of https://www.toptal.com/developers/gitignore/api/java,macos,linux,visualstudiocode,eclipse

View File

@ -1,43 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>user-registration-hook</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
<nature>com.liferay.ide.core.liferayNature</nature>
</natures>
</projectDescription>

View File

@ -1,13 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src/main/webapp"/>
<classpathentry kind="src" path="target/m2e-wtp/web-resources"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
<attributes>
<attribute name="hide" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
<classpathentry kind="output" path=""/>
</classpath>

View File

@ -1,4 +0,0 @@
eclipse.preferences.version=1
encoding//src/main/java=UTF-8
encoding//src/main/resources=UTF-8
encoding/<project>=UTF-8

View File

@ -1,9 +0,0 @@
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
org.eclipse.jdt.core.compiler.compliance=1.8
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
org.eclipse.jdt.core.compiler.release=disabled
org.eclipse.jdt.core.compiler.source=1.8

View File

@ -1,4 +0,0 @@
activeProfiles=Liferay-v6.2-CE-(Tomcat-7)-(2)
eclipse.preferences.version=1
resolveWorkspaceProjects=true
version=1

View File

@ -1,10 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
<wb-module deploy-name="user-registration-hook">
<wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
<property name="context-root" value="user-registration-hook"/>
<property name="java-output-path" value="/user-registration-hook/target/classes"/>
</wb-module>
</project-modules>

View File

@ -1,8 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<fixed facet="wst.jsdt.web"/>
<installed facet="jst.web" version="2.4"/>
<installed facet="liferay.hook" version="6.0"/>
<installed facet="wst.jsdt.web" version="1.0"/>
<installed facet="java" version="1.8"/>
</faceted-project>

View File

@ -1 +0,0 @@
org.eclipse.wst.jsdt.launching.baseBrowserLibrary

View File

@ -1 +0,0 @@
Window

View File

@ -1,2 +0,0 @@
disabled=06target
eclipse.preferences.version=1

View File

@ -1,21 +1,35 @@
# Changelog for user-registration-hook
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [v2.0.2-SNAPSHOT] - 2020-11-13
## [v2.1.0]
Feature #20108, remove user deletion from ldap upon remove account (offloaded to keycloak)
- maven-parent 1.2.0
- maven-portal-bom 4.0.0
- StorageHub downstream components to upgrade in order to work with storagehub 1.5.0 [#27999]
## [v2.0.4] - 2021-05-25
- Updated to support new UMATokensProvider class [#21506]
## [v2.0.3] - 2021-04-12
- Just removed obsolete Home library deps from pom which were forgotten there in 6.8.0 release
## [v2.0.2] - 2020-11-13
- Remove user deletion from ldap upon remove account (offloaded to keycloak) [#20108]
## [v2.0.0] - 2017-11-29
Ported to git
- Provide user workspace drop API [#10483]
- Remove user from LDAP upon D4Science user account [#10484]
## [v1.1.0] - 2016-07-30
Update for Liferay 6.2.5
- Update for Liferay 6.2.5
## [v1.0.0] - 2015-06-30
First release
- First release

26
FUNDING.md Normal file
View File

@ -0,0 +1,26 @@
# Acknowledgments
The projects leading to this software have received funding from a series of European Union programmes including:
- the Sixth Framework Programme for Research and Technological Development
- [DILIGENT](https://cordis.europa.eu/project/id/004260) (grant no. 004260).
- the Seventh Framework Programme for research, technological development and demonstration
- [D4Science](https://cordis.europa.eu/project/id/212488) (grant no. 212488);
- [D4Science-II](https://cordis.europa.eu/project/id/239019) (grant no.239019);
- [ENVRI](https://cordis.europa.eu/project/id/283465) (grant no. 283465);
- [iMarine](https://cordis.europa.eu/project/id/283644) (grant no. 283644);
- [EUBrazilOpenBio](https://cordis.europa.eu/project/id/288754) (grant no. 288754).
- the H2020 research and innovation programme
- [SoBigData](https://cordis.europa.eu/project/id/654024) (grant no. 654024);
- [PARTHENOS](https://cordis.europa.eu/project/id/654119) (grant no. 654119);
- [EGI-Engage](https://cordis.europa.eu/project/id/654142) (grant no. 654142);
- [ENVRI PLUS](https://cordis.europa.eu/project/id/654182) (grant no. 654182);
- [BlueBRIDGE](https://cordis.europa.eu/project/id/675680) (grant no. 675680);
- [PerformFISH](https://cordis.europa.eu/project/id/727610) (grant no. 727610);
- [AGINFRA PLUS](https://cordis.europa.eu/project/id/731001) (grant no. 731001);
- [DESIRA](https://cordis.europa.eu/project/id/818194) (grant no. 818194);
- [ARIADNEplus](https://cordis.europa.eu/project/id/823914) (grant no. 823914);
- [RISIS 2](https://cordis.europa.eu/project/id/824091) (grant no. 824091);
- [EOSC-Pillar](https://cordis.europa.eu/project/id/857650) (grant no. 857650);
- [Blue Cloud](https://cordis.europa.eu/project/id/862409) (grant no. 862409);
- [SoBigData-PlusPlus](https://cordis.europa.eu/project/id/871042) (grant no. 871042);

View File

@ -1,6 +1,6 @@
# gCube System - User Registration Hook
This component is a Liferay 6.2.6 CE Hook which intercepts new user accounts creation and removal and performs the related Workspace actions (on sHub and LDAP and Auth)
This component is a Liferay 6.2.6 CE Hook which intercepts new user accounts creation and removal and performs the related Workspace actions
* The source code is present in the src folder.

22
pom.xml
View File

@ -6,14 +6,14 @@
<parent>
<artifactId>maven-parent</artifactId>
<groupId>org.gcube.tools</groupId>
<version>1.1.0</version>
<version>1.2.0</version>
<relativePath />
</parent>
<groupId>org.gcube.portal.liferay</groupId>
<artifactId>user-registration-hook</artifactId>
<packaging>war</packaging>
<name>user-registration-hook Hook</name>
<version>2.0.2-SNAPSHOT</version>
<version>2.1.0</version>
<scm>
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</connection>
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
@ -32,7 +32,7 @@
<dependency>
<groupId>org.gcube.distribution</groupId>
<artifactId>maven-portal-bom</artifactId>
<version>3.6.0</version>
<version>4.0.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
@ -40,21 +40,6 @@
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>home-library</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>home-library-jcr</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>home-library-model</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.core</groupId>
<artifactId>common-encryption</artifactId>
@ -82,7 +67,6 @@
<dependency>
<groupId>org.gcube.portal</groupId>
<artifactId>oidc-library-portal</artifactId>
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
<scope>provided</scope>
</dependency>
<dependency>

View File

@ -1,38 +1,102 @@
package org.gcube.portal.usersaccount;
import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeRole;
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class WorkspaceCreateAccountThread implements Runnable {
private static Logger _log = LoggerFactory.getLogger(WorkspaceCreateAccountThread.class);
public static final String AUTORISED_INFRA_ROLE = "Infrastructure-Manager";
private String newUserUserName;
private static Logger _log = LoggerFactory.getLogger(WorkspaceCreateAccountThread.class);
public WorkspaceCreateAccountThread(String newUserUserName, String newUserFullName, String newUserEmailAddress) {
super();
this.newUserUserName = newUserUserName;
_log.info("Calling StorageHub for Workspace creation to new user: " + newUserUserName + " ("+newUserFullName+")");
}
private String newUserUserName;
@Override
public void run() {
public WorkspaceCreateAccountThread(String newUserUserName, String newUserFullName, String newUserEmailAddress) {
super();
this.newUserUserName = newUserUserName;
_log.info("Calling SHUB for Workspace creation to new user: " + newUserUserName + " (" + newUserFullName + ")");
}
getWS(newUserUserName, "/"+PortalContext.getConfiguration().getInfrastructureName());
@Override
public void run() {
String context = "/" + PortalContext.getConfiguration().getInfrastructureName();
String authorizationToken = PortalContext.getConfiguration().getCurrentUserToken(context, newUserUserName);
SecurityTokenProvider.instance.set(authorizationToken);
ScopeProvider.instance.set(context);
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal(context);
try {
StorageHubClient shc = new StorageHubClient();
shc.createUserAccount(newUserUserName);
_log.info("Done Workspace creation for user: " + newUserUserName);
} catch (Exception e) {
_log.error("Creating new account on the storage HUB", e);
}
}
}
public static void getWS(String currentUsername, String context) {
String username = currentUsername;
String authorizationToken = PortalContext.getConfiguration().getCurrentUserToken(context, username);
SecurityTokenProvider.instance.set(authorizationToken);
ScopeProvider.instance.set(context);
String previousToken = authorizationToken;
String previousUMAToken = AccessTokenProvider.instance.get();
try {
//get the super user
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
long groupId = new LiferayGroupManager().getGroupIdFromInfrastructureScope(infraContext);
RoleManager rm = new LiferayRoleManager();
UserManager uMan = new LiferayUserManager();
long roleId = rm.getRoleId(AUTORISED_INFRA_ROLE, groupId);
List<GCubeUser> users = uMan.listUsersByGroupAndRole(groupId, roleId);
if (users.isEmpty()) {
_log.error("Cannot create this user account on storageHub there is no user having role {} on context {}", AUTORISED_INFRA_ROLE , infraContext);
return;
}
else {
GCubeUser theAdmin = users.get(0);
_log.debug("Using admin user: " + theAdmin.getUsername() + " to trigger ws creation for new user: " + username);
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, theAdmin.getUsername());
List<GCubeRole> theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), groupId);
List<String> rolesString = new ArrayList<String>();
for (GCubeRole gCubeRole : theAdminRoles) {
rolesString.add(gCubeRole.getRoleName());
}
authorizationService().setTokenRoles(theAdminToken, rolesString);
_log.debug("setTokenRoles performed on context: " + infraContext + " with token" + theAdminToken + " ("+rolesString+")");
SecurityTokenProvider.instance.set(theAdminToken);
OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal("/" + PortalContext.getConfiguration().getInfrastructureName());
_log.info("\n\n\n*** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n");
StorageHubClient shc = new StorageHubClient();
try {
shc.createUserAccount(currentUsername);
_log.info("\n*** shub.createUserAccount done for " + currentUsername);
}
catch (UserNotAuthorizedException e) {
_log.error("shub.createUserAccount failed for "+username + " trying with super mega admin ...");
theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, "lucio.lelii");
SecurityTokenProvider.instance.set(theAdminToken);
shc = new StorageHubClient();
shc.createUserAccount(currentUsername);
SecurityTokenProvider.instance.set(previousToken);
AccessTokenProvider.instance.set(previousUMAToken);
_log.info("shub.createUserAccount performed for "+username + " with super mega admin (Hopefully)");
}
_log.debug("shub.createUserAccount completed for "+username);
SecurityTokenProvider.instance.set(previousToken);
AccessTokenProvider.instance.set(previousUMAToken);
}
}
catch (Exception e) {
e.printStackTrace();
SecurityTokenProvider.instance.set(previousToken);
return;
}
}
}