You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by is...@apache.org on 2022/10/14 11:53:28 UTC
[airavata-data-lake] branch master updated: permisison error
This is an automated email from the ASF dual-hosted git repository.
isjarana pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-data-lake.git
The following commit(s) were added to refs/heads/master by this push:
new b6e93c2 permisison error
new 2f34742 Merge pull request #192 from isururanawaka/mysql_conversion
b6e93c2 is described below
commit b6e93c27c79b2d3c2fc4279a73c9e7d708f0422f
Author: Isuru Ranawaka <ir...@gmail.com>
AuthorDate: Fri Oct 14 07:52:28 2022 -0400
permisison error
---
.../drms/api/handlers/ResourceServiceHandler.java | 33 +++++++++----
.../api/persistance/mapper/ResourceMapper.java | 56 +++++++++++++++-------
.../airavata/drms/api/utils/CustosUtils.java | 41 +++++++++++++++-
3 files changed, 101 insertions(+), 29 deletions(-)
diff --git a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/handlers/ResourceServiceHandler.java b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/handlers/ResourceServiceHandler.java
index 5c1e6a4..f1e9ade 100644
--- a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/handlers/ResourceServiceHandler.java
+++ b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/handlers/ResourceServiceHandler.java
@@ -45,6 +45,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import java.io.IOException;
import java.util.*;
import java.util.stream.Collectors;
@@ -186,9 +187,10 @@ public class ResourceServiceHandler extends ResourceServiceGrpc.ResourceServiceI
limit = -1;
}
- boolean status = CustosUtils.userHasAccess(custosClientProvider, callUser.getTenantId(),
- callUser.getUsername(), resourceId, new String[]{SharingConstants.PERMISSION_TYPE_VIEWER, SharingConstants.PERMISSION_TYPE_EDITOR, SharingConstants.PERMISSION_TYPE_OWNER});
- if (status) {
+ boolean access = CustosUtils.userHasAccess(custosClientProvider, callUser.getTenantId(),
+ callUser.getUsername(), resourceId, new String[]{SharingConstants.PERMISSION_TYPE_VIEWER,
+ SharingConstants.PERMISSION_TYPE_EDITOR, SharingConstants.PERMISSION_TYPE_OWNER});
+ if (access) {
try (SharingManagementClient sharingManagementClient = custosClientProvider.getSharingManagementClient()) {
List<GenericResource> genericResources = new ArrayList<>();
List<Resource> resources;
@@ -203,9 +205,19 @@ public class ResourceServiceHandler extends ResourceServiceGrpc.ResourceServiceI
resources.forEach(resource -> {
String id = resource.getId();
Entity entity = Entity.newBuilder().setId(id).build();
- if(sharingManagementClient.isEntityExists(callUser.getTenantId(),entity).getStatus()) {
+ if (sharingManagementClient.isEntityExists(callUser.getTenantId(), entity).getStatus()) {
Entity exEntity = sharingManagementClient.getEntity(callUser.getTenantId(), entity);
- genericResources.add(ResourceMapper.map(resource, exEntity));
+ try {
+ List<String> allAccess = CustosUtils.getAllAccess(custosClientProvider, callUser.getTenantId(),
+ callUser.getUsername(), resourceId, new String[]{SharingConstants.PERMISSION_TYPE_VIEWER,
+ SharingConstants.PERMISSION_TYPE_EDITOR, SharingConstants.PERMISSION_TYPE_OWNER});
+ genericResources.add(ResourceMapper.map(resource, exEntity, allAccess));
+ } catch (IOException e) {
+ logger.error("Permission fetching error for entity {}", exEntity.getId());
+ responseObserver.onError(Status.PERMISSION_DENIED.asRuntimeException());
+ }
+
+
}
@@ -294,7 +306,7 @@ public class ResourceServiceHandler extends ResourceServiceGrpc.ResourceServiceI
.setValue(searchQuery.getValue()).build();
searchRequestBuilder = searchRequestBuilder.addSearchCriteria(searchCriteria);
- } else if(!searchQuery.getField().equalsIgnoreCase("sharedWith")){
+ } else if (!searchQuery.getField().equalsIgnoreCase("sharedWith")) {
searchMap.put(searchQuery.getField(), searchQuery.getValue());
}
@@ -335,7 +347,7 @@ public class ResourceServiceHandler extends ResourceServiceGrpc.ResourceServiceI
Entities entities = sharingManagementClient.searchEntities(callUser.getTenantId(), searchRequest);
List<GenericResource> metadataList = new ArrayList<>();
- entities.getEntityArrayList().stream().filter(en->en.getType().equals(type)).forEach(shrMetadata -> {
+ entities.getEntityArrayList().stream().filter(en -> en.getType().equals(type)).forEach(shrMetadata -> {
if (!searchMap.isEmpty()) {
searchMap.forEach((key, val) -> {
@@ -436,15 +448,16 @@ public class ResourceServiceHandler extends ResourceServiceGrpc.ResourceServiceI
String parentId = optionalResource.get().getParentResourceId();
- boolean status = CustosUtils.userHasAccess(custosClientProvider, callUser.getTenantId(),
+ List<String> allAccess = CustosUtils.getAllAccess(custosClientProvider, callUser.getTenantId(),
callUser.getUsername(), parentId, new String[]{SharingConstants.PERMISSION_TYPE_VIEWER, SharingConstants.PERMISSION_TYPE_EDITOR, SharingConstants.PERMISSION_TYPE_OWNER});
- if (status) {
+ if (!allAccess.isEmpty()) {
try (SharingManagementClient sharingManagementClient = custosClientProvider.getSharingManagementClient()) {
Entity enitity = Entity.newBuilder().setId(parentId).build();
Entity exEntity = sharingManagementClient.getEntity(callUser.getTenantId(), enitity);
Optional<Resource> parentResourceOp = resourceRepository.findById(parentId);
- GenericResource resource = ResourceMapper.map(parentResourceOp.get(), exEntity);
+ GenericResource resource = ResourceMapper.map(parentResourceOp.get(), exEntity, allAccess);
+
Map<String, GenericResource> genericResourceMap = new HashMap<>();
genericResourceMap.put(String.valueOf(0), resource);
ParentResourcesFetchResponse resourcesFetchResponse = ParentResourcesFetchResponse
diff --git a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/persistance/mapper/ResourceMapper.java b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/persistance/mapper/ResourceMapper.java
index 9bdb79d..c23db9f 100644
--- a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/persistance/mapper/ResourceMapper.java
+++ b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/persistance/mapper/ResourceMapper.java
@@ -9,11 +9,7 @@ import org.apache.custos.sharing.service.Entity;
import org.apache.custos.sharing.service.PermissionType;
import org.apache.custos.sharing.service.SharingMetadata;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.atomic.AtomicReference;
+import java.util.*;
public class ResourceMapper {
@@ -34,13 +30,18 @@ public class ResourceMapper {
Set<ResourceProperty> resourcePropertySet = resource.getResourceProperty();
- SharingMetadata sharingMetadata = entity.getSharingMetadata();
- if(sharingMetadata != null && !sharingMetadata.getPermissionsList().isEmpty()) {
- String permission="";
- for(PermissionType permissionType: sharingMetadata.getPermissionsList()){
- permission = permission +" "+permissionType.getId();
- }
- genericResourceBuilder.putProperties("permission",permission);
+ SharingMetadata sharingMetadata = entity.getSharingMetadata();
+ if (sharingMetadata != null && !sharingMetadata.getPermissionsList().isEmpty()) {
+ String permission = "";
+ for (PermissionType permissionType : sharingMetadata.getPermissionsList()) {
+ if (permission.length() == 0) {
+ permission = permissionType.getId();
+ } else {
+ permission = permissionType.getId() + " " + permission;
+ }
+
+ }
+ genericResourceBuilder.putProperties("permission", permission);
}
@@ -51,15 +52,15 @@ public class ResourceMapper {
if (resourceProperty.getPropertyKey().equals("resourcePath")) {
genericResourceBuilder.setResourcePath(resourceProperty.getPropertyValue());
}
- if (resourceProperty.getPropertyKey().equals("note")){
- genericResourceBuilder.putProperties(resourceProperty.getPropertyKey(),resourceProperty.getPropertyValue());
+ if (resourceProperty.getPropertyKey().equals("note")) {
+ genericResourceBuilder.putProperties(resourceProperty.getPropertyKey(), resourceProperty.getPropertyValue());
}
- if (resourceProperty.getPropertyKey().equals("image") || resourceProperty.getPropertyKey().equals("thumbnail")){
+ if (resourceProperty.getPropertyKey().equals("image") || resourceProperty.getPropertyKey().equals("thumbnail")) {
String[] urlArrays = resourceProperty.getPropertyValue().split("/");
String imagePath = "https://gateway.iubemcenter.indiana.edu/resource-images/";
- String fullPath = imagePath+ urlArrays[urlArrays.length-1];
- genericResourceBuilder.putProperties(resourceProperty.getPropertyKey(),fullPath);
+ String fullPath = imagePath + urlArrays[urlArrays.length - 1];
+ genericResourceBuilder.putProperties(resourceProperty.getPropertyKey(), fullPath);
}
@@ -69,6 +70,27 @@ public class ResourceMapper {
return genericResourceBuilder.build();
}
+ public static GenericResource map(Resource resource, Entity entity, List<String> permissions) {
+
+ GenericResource genericResource = map(resource, entity);
+ GenericResource.Builder builder =null;
+ if (!permissions.isEmpty()) {
+ String perm = "";
+ for (String permission : permissions) {
+ if (perm.isEmpty()) {
+ perm = permission;
+ } else {
+
+ perm = perm + " " + permission;
+ }
+
+ }
+ builder = genericResource.toBuilder().putProperties("permission", perm);
+ }
+ return builder.build();
+
+ }
+
public static Resource map(GenericResource resource, Entity entity, AuthenticatedUser authenticatedUser) {
Map<Descriptors.FieldDescriptor, Object> allFields = resource.getAllFields();
diff --git a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/utils/CustosUtils.java b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/utils/CustosUtils.java
index 2d459c1..77ed201 100644
--- a/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/utils/CustosUtils.java
+++ b/data-resource-management-service/drms-rdbms-impl/drms-server/src/main/java/org/apache/airavata/drms/api/utils/CustosUtils.java
@@ -139,10 +139,47 @@ public class CustosUtils {
org.apache.custos.sharing.service.Status status = sharingManagementClient
.userHasAccess(tenantId, sharingRequest);
- statusArray.add(status.getStatus());
+ if(status.getStatus()){
+ return true;
+ }
}
}
- return statusArray.contains(Boolean.TRUE);
+ return false;
+ }
+
+ public static List<String> getAllAccess(CustosClientProvider custosClientProvider,
+ String tenantId, String username, String resourceId, String[] permission) throws IOException {
+
+ List<String> statusArray = new ArrayList<>();
+
+ for (String perm : permission) {
+ Entity sharedEntity = Entity
+ .newBuilder()
+ .setId(resourceId)
+ .build();
+
+ PermissionType permissionType = PermissionType.newBuilder().setId(perm)
+ .build();
+
+ SharingRequest sharingRequest = SharingRequest
+ .newBuilder()
+ .setEntity(sharedEntity)
+ .setPermissionType(permissionType)
+ .addOwnerId(username)
+ .build();
+
+ try (SharingManagementClient sharingManagementClient = custosClientProvider.getSharingManagementClient()) {
+
+
+ org.apache.custos.sharing.service.Status status = sharingManagementClient
+ .userHasAccess(tenantId, sharingRequest);
+ if(status.getStatus()){
+ statusArray.add(perm);
+ }
+ }
+
+ }
+ return statusArray;
}
}