Example 36 with FileMetadata
use of edu.harvard.iq.dataverse.FileMetadata in project dataverse by IQSS.
the class Index method getFileMetadataByDatasetId.
@GET
@Path("filemetadata/{dataset_id}")
public Response getFileMetadataByDatasetId(@PathParam("dataset_id") long datasetIdToLookUp, @QueryParam("maxResults") int maxResults, @QueryParam("sort") String sortField, @QueryParam("order") String sortOrder) {
JsonArrayBuilder data = Json.createArrayBuilder();
List<FileMetadata> fileMetadatasFound = new ArrayList<>();
try {
fileMetadatasFound = dataFileService.findFileMetadataByDatasetVersionId(datasetIdToLookUp, maxResults, sortField, sortOrder);
} catch (Exception ex) {
return error(Status.BAD_REQUEST, "error: " + ex.getCause().getMessage() + ex);
}
for (FileMetadata fileMetadata : fileMetadatasFound) {
data.add(fileMetadata.getLabel());
}
return ok(data);
}
Also used :
FileMetadata(edu.harvard.iq.dataverse.FileMetadata)
ArrayList(java.util.ArrayList)
JsonArrayBuilder(javax.json.JsonArrayBuilder)
SearchException(edu.harvard.iq.dataverse.search.SearchException)
SolrServerException(org.apache.solr.client.solrj.SolrServerException)
EJBException(javax.ejb.EJBException)
IOException(java.io.IOException)
ConstraintViolationException(javax.validation.ConstraintViolationException)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Example 37 with FileMetadata
use of edu.harvard.iq.dataverse.FileMetadata in project dataverse by IQSS.
the class Access method isAccessAuthorized.
private boolean isAccessAuthorized(DataFile df, String apiToken) {
// First, check if the file belongs to a released Dataset version:
boolean published = false;
if (df.getOwner().getReleasedVersion() != null) {
// logger.fine("file belongs to a dataset with a released version.");
if (df.getOwner().getReleasedVersion().getFileMetadatas() != null) {
// logger.fine("going through the list of filemetadatas that belong to the released version.");
for (FileMetadata fm : df.getOwner().getReleasedVersion().getFileMetadatas()) {
if (df.equals(fm.getDataFile())) {
// logger.fine("found a match!");
published = true;
}
}
}
}
// TODO: (IMPORTANT!)
// Business logic like this should NOT be maintained in individual
// application fragments.
// At the moment it is duplicated here, and inside the Dataset page.
// There are also stubs for file-level permission lookups and caching
// inside Gustavo's view-scoped PermissionsWrapper.
// All this logic needs to be moved to the PermissionServiceBean where it will be
// centrally maintained; with the PermissionsWrapper providing
// efficient cached lookups to the pages (that often need to make
// repeated lookups on the same files). Care will need to be taken
// to preserve the slight differences in logic utilized by the page and
// this Access call (the page checks the restriction flag on the
// filemetadata, not the datafile - as it needs to reflect the permission
// status of the file in the version history).
// I will open a 4.[34] ticket.
//
// -- L.A. 4.2.1
// We don't need to check permissions on files that are
// from released Dataset versions and not restricted:
boolean restricted = false;
if (df.isRestricted()) {
restricted = true;
} else {
// !df.isReleased() really means just this: new file, only exists in a Draft version!
if (!df.isReleased()) {
if (df.getFileMetadata().isRestricted()) {
restricted = true;
}
}
}
if (!restricted) {
// be handled below)
if (published) {
return true;
}
}
User user = null;
if (session != null) {
if (session.getUser() != null) {
if (session.getUser().isAuthenticated()) {
user = session.getUser();
} else {
logger.fine("User associated with the session is not an authenticated user.");
if (session.getUser() instanceof PrivateUrlUser) {
logger.fine("User associated with the session is a PrivateUrlUser user.");
user = session.getUser();
}
if (session.getUser() instanceof GuestUser) {
logger.fine("User associated with the session is indeed a guest user.");
}
}
} else {
logger.fine("No user associated with the session.");
}
} else {
logger.fine("Session is null.");
}
User apiTokenUser = null;
if ((apiToken != null) && (apiToken.length() != 64)) {
try {
logger.fine("calling apiTokenUser = findUserOrDie()...");
apiTokenUser = findUserOrDie();
} catch (WrappedResponse wr) {
logger.log(Level.FINE, "Message from findUserOrDie(): {0}", wr.getMessage());
}
if (apiTokenUser == null) {
logger.warning("API token-based auth: Unable to find a user with the API token provided.");
}
}
if (!restricted) {
if (user != null) {
// used in JSF context
if (permissionService.requestOn(dvRequestService.getDataverseRequest(), df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
// it's not unthinkable, that a null user (i.e., guest user) could be given
// the ViewUnpublished permission!
logger.log(Level.FINE, "Session-based auth: user {0} has access rights on the non-restricted, unpublished datafile.", user.getIdentifier());
return true;
}
}
if (apiTokenUser != null) {
// used in an API context
if (permissionService.requestOn(createDataverseRequest(apiTokenUser), df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
logger.log(Level.FINE, "Session-based auth: user {0} has access rights on the non-restricted, unpublished datafile.", apiTokenUser.getIdentifier());
return true;
}
}
// Guset user is impled by the code above.
if (permissionService.requestOn(dvRequestService.getDataverseRequest(), df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
return true;
}
// We don't want to return false just yet.
// If all else fails, we'll want to use the special WorldMapAuth
// token authentication before we give up.
// return false;
} else {
// OK, this is a restricted file.
boolean hasAccessToRestrictedBySession = false;
boolean hasAccessToRestrictedByToken = false;
if (permissionService.on(df).has(Permission.DownloadFile)) {
// Note: PermissionServiceBean.on(Datafile df) will obtain the
// User from the Session object, just like in the code fragment
// above. That's why it's not passed along as an argument.
hasAccessToRestrictedBySession = true;
} else if (apiTokenUser != null && permissionService.requestOn(createDataverseRequest(apiTokenUser), df).has(Permission.DownloadFile)) {
hasAccessToRestrictedByToken = true;
}
if (hasAccessToRestrictedBySession || hasAccessToRestrictedByToken) {
if (published) {
if (hasAccessToRestrictedBySession) {
if (user != null) {
logger.log(Level.FINE, "Session-based auth: user {0} is granted access to the restricted, published datafile.", user.getIdentifier());
} else {
logger.fine("Session-based auth: guest user is granted access to the restricted, published datafile.");
}
} else {
logger.log(Level.FINE, "Token-based auth: user {0} is granted access to the restricted, published datafile.", apiTokenUser.getIdentifier());
}
return true;
} else {
// user with the ViewUnpublished permission, or vice versa!
if (hasAccessToRestrictedBySession) {
if (permissionService.on(df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
if (user != null) {
logger.log(Level.FINE, "Session-based auth: user {0} is granted access to the restricted, unpublished datafile.", user.getIdentifier());
} else {
logger.fine("Session-based auth: guest user is granted access to the restricted, unpublished datafile.");
}
return true;
}
} else {
if (apiTokenUser != null && permissionService.requestOn(createDataverseRequest(apiTokenUser), df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
logger.log(Level.FINE, "Token-based auth: user {0} is granted access to the restricted, unpublished datafile.", apiTokenUser.getIdentifier());
return true;
}
}
}
}
}
if ((apiToken != null) && (apiToken.length() == 64)) {
/*
WorldMap token check
- WorldMap tokens are 64 chars in length
- Use the worldMapTokenServiceBean to verify token
and check permissions against the requested DataFile
*/
if (!(this.worldMapTokenServiceBean.isWorldMapTokenAuthorizedForDataFileDownload(apiToken, df))) {
return false;
}
// Yes! User may access file
//
logger.fine("WorldMap token-based auth: Token is valid for the requested datafile");
return true;
} else if ((apiToken != null) && (apiToken.length() != 64)) {
try {
logger.fine("calling user = findUserOrDie()...");
user = findUserOrDie();
} catch (WrappedResponse wr) {
logger.log(Level.FINE, "Message from findUserOrDie(): {0}", wr.getMessage());
}
if (user == null) {
logger.warning("API token-based auth: Unable to find a user with the API token provided.");
return false;
}
if (permissionService.requestOn(createDataverseRequest(user), df).has(Permission.DownloadFile)) {
if (published) {
logger.log(Level.FINE, "API token-based auth: User {0} has rights to access the datafile.", user.getIdentifier());
return true;
} else {
// unpublished versions:
if (permissionService.requestOn(createDataverseRequest(user), df.getOwner()).has(Permission.ViewUnpublishedDataset)) {
logger.log(Level.FINE, "API token-based auth: User {0} has rights to access the (unpublished) datafile.", user.getIdentifier());
return true;
} else {
logger.log(Level.FINE, "API token-based auth: User {0} is not authorized to access the (unpublished) datafile.", user.getIdentifier());
}
}
} else {
logger.log(Level.FINE, "API token-based auth: User {0} is not authorized to access the datafile.", user.getIdentifier());
}
return false;
}
if (user != null) {
logger.log(Level.FINE, "Session-based auth: user {0} has NO access rights on the requested datafile.", user.getIdentifier());
}
if (apiTokenUser != null) {
logger.log(Level.FINE, "Token-based auth: user {0} has NO access rights on the requested datafile.", apiTokenUser.getIdentifier());
}
if (user == null && apiTokenUser == null) {
logger.fine("Unauthenticated access: No guest access to the datafile.");
}
return false;
}
Also used :
GuestUser(edu.harvard.iq.dataverse.authorization.users.GuestUser)
AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)
User(edu.harvard.iq.dataverse.authorization.users.User)
PrivateUrlUser(edu.harvard.iq.dataverse.authorization.users.PrivateUrlUser)
GuestUser(edu.harvard.iq.dataverse.authorization.users.GuestUser)
PrivateUrlUser(edu.harvard.iq.dataverse.authorization.users.PrivateUrlUser)
FileMetadata(edu.harvard.iq.dataverse.FileMetadata)
Example 38 with FileMetadata
use of edu.harvard.iq.dataverse.FileMetadata in project dataverse by IQSS.
the class Access method datafileBundle.
// @EJB
// TODO:
// versions? -- L.A. 4.0 beta 10
@Path("datafile/bundle/{fileId}")
@GET
@Produces({ "application/zip" })
public BundleDownloadInstance datafileBundle(@PathParam("fileId") Long fileId, @QueryParam("gbrecs") Boolean gbrecs, @QueryParam("key") String apiToken, @Context UriInfo uriInfo, @Context HttpHeaders headers, @Context HttpServletResponse response) /*throws NotFoundException, ServiceUnavailableException, PermissionDeniedException, AuthorizationRequiredException*/
{
DataFile df = dataFileService.find(fileId);
GuestbookResponse gbr = null;
if (df == null) {
logger.warning("Access: datafile service could not locate a DataFile object for id " + fileId + "!");
throw new NotFoundException();
}
if (apiToken == null || apiToken.equals("")) {
apiToken = headers.getHeaderString(API_KEY_HEADER);
}
// This will throw a ForbiddenException if access isn't authorized:
checkAuthorization(df, apiToken);
if (gbrecs == null && df.isReleased()) {
// Write Guestbook record if not done previously and file is released
User apiTokenUser = findAPITokenUser(apiToken);
gbr = guestbookResponseService.initAPIGuestbookResponse(df.getOwner(), df, session, apiTokenUser);
guestbookResponseService.save(gbr);
}
DownloadInfo dInfo = new DownloadInfo(df);
BundleDownloadInstance downloadInstance = new BundleDownloadInstance(dInfo);
FileMetadata fileMetadata = df.getFileMetadata();
DatasetVersion datasetVersion = df.getOwner().getLatestVersion();
downloadInstance.setFileCitationEndNote(datasetService.createCitationXML(datasetVersion, fileMetadata));
downloadInstance.setFileCitationRIS(datasetService.createCitationRIS(datasetVersion, fileMetadata));
downloadInstance.setFileCitationBibtex(new BibtexCitation(datasetVersion).toString());
ByteArrayOutputStream outStream = null;
outStream = new ByteArrayOutputStream();
try {
ddiExportService.exportDataFile(fileId, outStream, null, null);
downloadInstance.setFileDDIXML(outStream.toString());
} catch (Exception ex) {
// if we can't generate the DDI, it's ok;
// we'll just generate the bundle without it.
}
return downloadInstance;
}
Also used :
DataFile(edu.harvard.iq.dataverse.DataFile)
AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)
User(edu.harvard.iq.dataverse.authorization.users.User)
PrivateUrlUser(edu.harvard.iq.dataverse.authorization.users.PrivateUrlUser)
GuestUser(edu.harvard.iq.dataverse.authorization.users.GuestUser)
GuestbookResponse(edu.harvard.iq.dataverse.GuestbookResponse)
FileMetadata(edu.harvard.iq.dataverse.FileMetadata)
NotFoundException(javax.ws.rs.NotFoundException)
DatasetVersion(edu.harvard.iq.dataverse.DatasetVersion)
BibtexCitation(edu.harvard.iq.dataverse.BibtexCitation)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
BadRequestException(javax.ws.rs.BadRequestException)
NotFoundException(javax.ws.rs.NotFoundException)
ServiceUnavailableException(javax.ws.rs.ServiceUnavailableException)
WebApplicationException(javax.ws.rs.WebApplicationException)
ForbiddenException(javax.ws.rs.ForbiddenException)
IOException(java.io.IOException)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 39 with FileMetadata
use of edu.harvard.iq.dataverse.FileMetadata in project dataverse by IQSS.
the class SolrIndexServiceBean method filesToReIndexPermissionsFor.
private List<DataFile> filesToReIndexPermissionsFor(Dataset dataset) {
List<DataFile> filesToReindexPermissionsFor = new ArrayList<>();
Map<DatasetVersion.VersionState, Boolean> desiredCards = searchPermissionsService.getDesiredCards(dataset);
for (DatasetVersion version : datasetVersionsToBuildCardsFor(dataset)) {
boolean cardShouldExist = desiredCards.get(version.getVersionState());
if (cardShouldExist) {
for (FileMetadata fileMetadata : version.getFileMetadatas()) {
filesToReindexPermissionsFor.add(fileMetadata.getDataFile());
}
}
}
return filesToReindexPermissionsFor;
}
Also used :
DataFile(edu.harvard.iq.dataverse.DataFile)
ArrayList(java.util.ArrayList)
FileMetadata(edu.harvard.iq.dataverse.FileMetadata)
DatasetVersion(edu.harvard.iq.dataverse.DatasetVersion)
Example 40 with FileMetadata
use of edu.harvard.iq.dataverse.FileMetadata in project dataverse by IQSS.
the class SolrIndexServiceBean method constructDatafileSolrDocsFromDataset.
private List<DvObjectSolrDoc> constructDatafileSolrDocsFromDataset(Dataset dataset) {
List<DvObjectSolrDoc> datafileSolrDocs = new ArrayList<>();
Map<DatasetVersion.VersionState, Boolean> desiredCards = searchPermissionsService.getDesiredCards(dataset);
for (DatasetVersion datasetVersionFileIsAttachedTo : datasetVersionsToBuildCardsFor(dataset)) {
boolean cardShouldExist = desiredCards.get(datasetVersionFileIsAttachedTo.getVersionState());
if (cardShouldExist) {
List<String> perms = new ArrayList<>();
if (unpublishedDataRelatedToMeModeEnabled) {
if (datasetVersionFileIsAttachedTo.isReleased()) {
perms.add(IndexServiceBean.getPublicGroupString());
} else {
perms = searchPermissionsService.findDatasetVersionPerms(datasetVersionFileIsAttachedTo);
}
} else {
perms = searchPermissionsService.findDatasetVersionPerms(datasetVersionFileIsAttachedTo);
}
for (FileMetadata fileMetadata : datasetVersionFileIsAttachedTo.getFileMetadatas()) {
Long fileId = fileMetadata.getDataFile().getId();
String solrIdStart = IndexServiceBean.solrDocIdentifierFile + fileId;
String solrIdEnd = getDatasetOrDataFileSolrEnding(datasetVersionFileIsAttachedTo.getVersionState());
String solrId = solrIdStart + solrIdEnd;
DvObjectSolrDoc dataFileSolrDoc = new DvObjectSolrDoc(fileId.toString(), solrId, datasetVersionFileIsAttachedTo.getId(), fileMetadata.getLabel(), perms);
logger.fine("adding fileid " + fileId);
datafileSolrDocs.add(dataFileSolrDoc);
}
}
}
return datafileSolrDocs;
}
Also used :
ArrayList(java.util.ArrayList)
FileMetadata(edu.harvard.iq.dataverse.FileMetadata)
DatasetVersion(edu.harvard.iq.dataverse.DatasetVersion)
Aggregations
FileMetadata (edu.harvard.iq.dataverse.FileMetadata)54
DataFile (edu.harvard.iq.dataverse.DataFile)30
DatasetVersion (edu.harvard.iq.dataverse.DatasetVersion)26
ArrayList (java.util.ArrayList)23
Dataset (edu.harvard.iq.dataverse.Dataset)18
Test (org.junit.Test)13
Date (java.util.Date)12
IOException (java.io.IOException)10
Timestamp (java.sql.Timestamp)10
DataTable (edu.harvard.iq.dataverse.DataTable)5
DatasetField (edu.harvard.iq.dataverse.DatasetField)5
AuthenticatedUser (edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)5
MocksFactory.makeDataset (edu.harvard.iq.dataverse.mocks.MocksFactory.makeDataset)5
SimpleDateFormat (java.text.SimpleDateFormat)5
HashMap (java.util.HashMap)5
Dataverse (edu.harvard.iq.dataverse.Dataverse)4
File (java.io.File)4
FileNotFoundException (java.io.FileNotFoundException)4
JsonObjectBuilder (javax.json.JsonObjectBuilder)4
DataFileTag (edu.harvard.iq.dataverse.DataFileTag)3
