Search in sources :

Example 1 with PermissionFetchingException

use of nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException in project timbuctoo by HuygensING.

the class DataSetRepository method removeDataSet.

public void removeDataSet(String ownerId, String dataSetName, User user) throws IOException, NotEnoughPermissionsException, DataSetDoesNotExistException {
    try {
        DataSet dataSet = dataSetMap.get(ownerId).get(dataSetName);
        if (dataSet == null) {
            LOG.warn("DataSet '{}' of user with id '{}' does not exist (anymore).", dataSetName, ownerId);
            throw new DataSetDoesNotExistException(dataSetName, ownerId);
        }
        String combinedId = dataSet.getMetadata().getCombinedId();
        if (!permissionFetcher.getPermissions(user, dataSet.getMetadata()).contains(Permission.ADMIN)) {
            throw new NotEnoughPermissionsException(String.format("User '%s' is not allowed to remove dataset '%s'", user.getDisplayName(), combinedId));
        }
        dataSet.stop();
        dataSetMap.get(ownerId).remove(dataSetName);
        permissionFetcher.removeAuthorizations(combinedId);
    } catch (PermissionFetchingException e) {
        throw new IOException(e);
    }
    // remove folder
    dataStorage.getDataSetStorage(ownerId, dataSetName).clear();
}
Also used : PermissionFetchingException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException) DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) NotEnoughPermissionsException(nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.NotEnoughPermissionsException) IOException(java.io.IOException)

Example 2 with PermissionFetchingException

use of nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException in project timbuctoo by HuygensING.

the class Index method createNew.

@POST
public Response createNew(@PathParam("collection") String collectionName, @HeaderParam("Authorization") String authHeader, ObjectNode body) throws URISyntaxException {
    Optional<User> user;
    try {
        user = userValidator.getUserFromAccessToken(authHeader);
    } catch (UserValidationException e) {
        user = Optional.empty();
    }
    Optional<User> newUser = user;
    if (!user.isPresent()) {
        return Response.status(Response.Status.UNAUTHORIZED).build();
    } else {
        return transactionEnforcer.executeAndReturn(timbuctooActions -> {
            JsonCrudService crudService = crudServiceFactory.newJsonCrudService(timbuctooActions);
            try {
                UUID id = crudService.create(collectionName, body, newUser.get());
                return commitAndReturn(Response.created(SingleEntity.makeUrl(collectionName, id)).build());
            } catch (InvalidCollectionException e) {
                return rollbackAndReturn(Response.status(Response.Status.NOT_FOUND).entity(jsnO("message", jsn(e.getMessage()))).build());
            } catch (IOException e) {
                return rollbackAndReturn(Response.status(Response.Status.BAD_REQUEST).entity(jsnO("message", jsn(e.getMessage()))).build());
            } catch (PermissionFetchingException e) {
                return rollbackAndReturn(Response.status(Response.Status.FORBIDDEN).entity(jsnO("message", jsn(e.getMessage()))).build());
            }
        });
    }
}
Also used : UserValidationException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.UserValidationException) User(nl.knaw.huygens.timbuctoo.v5.security.dto.User) PermissionFetchingException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException) JsonCrudService(nl.knaw.huygens.timbuctoo.crud.JsonCrudService) InvalidCollectionException(nl.knaw.huygens.timbuctoo.crud.InvalidCollectionException) IOException(java.io.IOException) UUID(java.util.UUID) POST(javax.ws.rs.POST)

Example 3 with PermissionFetchingException

use of nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException in project timbuctoo by HuygensING.

the class SingleEntity method put.

@PUT
public Response put(@PathParam("collection") String collectionName, @HeaderParam("Authorization") String authHeader, @PathParam("id") UUIDParam id, ObjectNode body) {
    Optional<User> user;
    try {
        user = userValidator.getUserFromAccessToken(authHeader);
    } catch (UserValidationException e) {
        user = Optional.empty();
    }
    Optional<User> newUser = user;
    if (!newUser.isPresent()) {
        return Response.status(Response.Status.UNAUTHORIZED).build();
    } else {
        UpdateMessage updateMessage = transactionEnforcer.executeAndReturn(timbuctooActions -> {
            JsonCrudService crudService = crudServiceFactory.newJsonCrudService(timbuctooActions);
            try {
                crudService.replace(collectionName, id.get(), body, newUser.get());
                return commitAndReturn(UpdateMessage.success());
            } catch (InvalidCollectionException e) {
                return rollbackAndReturn(UpdateMessage.failure(e.getMessage(), Response.Status.NOT_FOUND));
            } catch (NotFoundException e) {
                return rollbackAndReturn(UpdateMessage.failure("not found", Response.Status.NOT_FOUND));
            } catch (IOException e) {
                return rollbackAndReturn(UpdateMessage.failure(e.getMessage(), Response.Status.BAD_REQUEST));
            } catch (AlreadyUpdatedException e) {
                return rollbackAndReturn(UpdateMessage.failure("Entry was already updated", Response.Status.EXPECTATION_FAILED));
            } catch (PermissionFetchingException e) {
                return rollbackAndReturn(UpdateMessage.failure(e.getMessage(), Response.Status.FORBIDDEN));
            }
        });
        // committed in the database
        if (updateMessage.isSuccess()) {
            return transactionEnforcer.executeAndReturn(timbuctooActions -> {
                JsonCrudService crudService = crudServiceFactory.newJsonCrudService(timbuctooActions);
                try {
                    JsonNode jsonNode = crudService.get(collectionName, id.get());
                    return commitAndReturn(Response.ok(jsonNode).build());
                } catch (InvalidCollectionException e) {
                    return rollbackAndReturn(Response.status(Response.Status.NOT_FOUND).entity(jsnO("message", jsn("Collection '" + collectionName + "' was available a moment ago, but not anymore: " + e.getMessage()))).build());
                } catch (NotFoundException e) {
                    return rollbackAndReturn(Response.status(Response.Status.NOT_FOUND).entity(jsnO("message", jsn("not found"))).build());
                }
            });
        } else {
            return Response.status(updateMessage.getResponseStatus()).entity(jsnO("message", jsn(updateMessage.getException().get()))).build();
        }
    }
}
Also used : UserValidationException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.UserValidationException) User(nl.knaw.huygens.timbuctoo.v5.security.dto.User) AlreadyUpdatedException(nl.knaw.huygens.timbuctoo.core.AlreadyUpdatedException) PermissionFetchingException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException) JsonCrudService(nl.knaw.huygens.timbuctoo.crud.JsonCrudService) InvalidCollectionException(nl.knaw.huygens.timbuctoo.crud.InvalidCollectionException) NotFoundException(nl.knaw.huygens.timbuctoo.core.NotFoundException) JsonNode(com.fasterxml.jackson.databind.JsonNode) IOException(java.io.IOException) PUT(javax.ws.rs.PUT)

Example 4 with PermissionFetchingException

use of nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException in project timbuctoo by HuygensING.

the class DataSetRepository method publishDataSet.

public void publishDataSet(User user, String ownerId, String dataSetName) throws DataSetPublishException {
    Optional<DataSet> dataSet = getDataSet(user, ownerId, dataSetName);
    try {
        if (dataSet.isPresent() && permissionFetcher.getPermissions(user, dataSet.get().getMetadata()).contains(Permission.ADMIN)) {
            DataSetMetaData dataSetMetaData = dataSet.get().getMetadata();
            dataSetMetaData.publish();
            try {
                dataStorage.getDataSetStorage(ownerId, dataSetName).saveMetaData(dataSetMetaData);
            } catch (DataStorageSaveException e) {
                throw new DataSetPublishException(e);
            }
        }
    } catch (PermissionFetchingException e) {
        throw new DataSetPublishException(e);
    }
}
Also used : DataStorageSaveException(nl.knaw.huygens.timbuctoo.v5.datastorage.exceptions.DataStorageSaveException) DataSetPublishException(nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.DataSetPublishException) PermissionFetchingException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException) DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) DataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSetMetaData) BasicDataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData)

Example 5 with PermissionFetchingException

use of nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException in project timbuctoo by HuygensING.

the class DataSetRepository method createDataSet.

public DataSet createDataSet(User user, String dataSetId) throws DataStoreCreationException, IllegalDataSetNameException {
    // The ownerId might not be valid (i.e. a safe string). We make it safe here:
    // dataSetId is under the control of the user so we simply throw if it's not valid
    String ownerPrefix = "u" + user.getPersistentId();
    final String baseUri = rdfIdHelper.dataSetBaseUri(ownerPrefix, dataSetId);
    String uriPrefix;
    if (!baseUri.endsWith("/") && !baseUri.endsWith("#") && !baseUri.endsWith("?")) {
        // #boo&foo=bar
        if (baseUri.contains("#") || baseUri.contains("?")) {
            if (baseUri.endsWith("&")) {
                uriPrefix = baseUri;
            } else {
                uriPrefix = baseUri + "&";
            }
        } else {
            uriPrefix = baseUri + "/";
        }
    } else {
        uriPrefix = baseUri;
    }
    final DataSetMetaData dataSet = new BasicDataSetMetaData(ownerPrefix, dataSetId, baseUri, uriPrefix, false, publicByDefault);
    try {
        dataStorage.getDataSetStorage(ownerPrefix, dataSetId).saveMetaData(dataSet);
    } catch (DataStorageSaveException e) {
        throw new DataStoreCreationException(e);
    }
    synchronized (dataSetMap) {
        Map<String, DataSet> userDataSets = dataSetMap.computeIfAbsent(ownerPrefix, key -> new HashMap<>());
        if (!userDataSets.containsKey(dataSetId)) {
            try {
                permissionFetcher.initializeOwnerAuthorization(user, dataSet.getOwnerId(), dataSet.getDataSetId());
                userDataSets.put(dataSetId, dataSet(dataSet, executorService, rdfBaseUri, dataStoreFactory, () -> onUpdated.accept(dataSet.getCombinedId()), dataStorage.getDataSetStorage(ownerPrefix, dataSetId)));
            } catch (PermissionFetchingException | AuthorizationCreationException | IOException e) {
                throw new DataStoreCreationException(e);
            }
        }
        return userDataSets.get(dataSetId);
    }
}
Also used : DataStorageSaveException(nl.knaw.huygens.timbuctoo.v5.datastorage.exceptions.DataStorageSaveException) PermissionFetchingException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException) DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) BasicDataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData) IOException(java.io.IOException) DataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSetMetaData) BasicDataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData) DataStoreCreationException(nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.DataStoreCreationException) AuthorizationCreationException(nl.knaw.huygens.timbuctoo.v5.security.exceptions.AuthorizationCreationException)

Aggregations

PermissionFetchingException (nl.knaw.huygens.timbuctoo.v5.security.exceptions.PermissionFetchingException)6 IOException (java.io.IOException)5 InvalidCollectionException (nl.knaw.huygens.timbuctoo.crud.InvalidCollectionException)3 JsonCrudService (nl.knaw.huygens.timbuctoo.crud.JsonCrudService)3 DataSet (nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet)3 User (nl.knaw.huygens.timbuctoo.v5.security.dto.User)3 UserValidationException (nl.knaw.huygens.timbuctoo.v5.security.exceptions.UserValidationException)3 NotFoundException (nl.knaw.huygens.timbuctoo.core.NotFoundException)2 BasicDataSetMetaData (nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData)2 DataSetMetaData (nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSetMetaData)2 DataStorageSaveException (nl.knaw.huygens.timbuctoo.v5.datastorage.exceptions.DataStorageSaveException)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 UUID (java.util.UUID)1 DELETE (javax.ws.rs.DELETE)1 POST (javax.ws.rs.POST)1 PUT (javax.ws.rs.PUT)1 AlreadyUpdatedException (nl.knaw.huygens.timbuctoo.core.AlreadyUpdatedException)1 DataSetPublishException (nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.DataSetPublishException)1 DataStoreCreationException (nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.DataStoreCreationException)1 NotEnoughPermissionsException (nl.knaw.huygens.timbuctoo.v5.dataset.exceptions.NotEnoughPermissionsException)1