Search in sources :

Example 21 with Permissions

use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.

the class Items method queryLogicalData.

private List<LogicalDataWrapped> queryLogicalData(MyData myData, int limit, PreparedStatement ps1, PreparedStatement ps2, MyPrincipal mp, Connection cn) throws Exception {
    List<LogicalDataWrapped> ldwl = new LinkedList<>();
    Queue<MyData> dirs = new LinkedList<>();
    dirs.offer(myData);
    MyData dir;
    while ((dir = dirs.poll()) != null) {
        ps1.setLong(1, dir.getUid());
        ps1.setInt(20, limit + 1);
        try (ResultSet resultSet = ps1.executeQuery()) {
            while (resultSet.next()) {
                Long uid = resultSet.getLong(1);
                String datatype = resultSet.getString(4);
                String ldName = resultSet.getString(5);
                String owner = resultSet.getString(3);
                Permissions p = getCatalogue().getPermissions(uid, owner, cn);
                if (mp.canRead(p) && uid != 1) {
                    LogicalData logicalData = new LogicalData();
                    logicalData.setUid(uid);
                    logicalData.setParentRef(dir.getUid());
                    logicalData.setOwner(owner);
                    logicalData.setType(datatype);
                    logicalData.setName(ldName);
                    logicalData.setCreateDate(resultSet.getTimestamp(6).getTime());
                    logicalData.setModifiedDate(resultSet.getTimestamp(7).getTime());
                    logicalData.setLength(resultSet.getLong(8));
                    logicalData.setContentTypesAsString(resultSet.getString(9));
                    logicalData.setPdriGroupId(resultSet.getLong(10));
                    logicalData.setSupervised(resultSet.getBoolean(11));
                    logicalData.setChecksum(resultSet.getString(12));
                    logicalData.setLastValidationDate(resultSet.getLong(13));
                    logicalData.setLockTokenID(resultSet.getString(14));
                    logicalData.setLockScope(resultSet.getString(15));
                    logicalData.setLockType(resultSet.getString(16));
                    logicalData.setLockedByUser(resultSet.getString(17));
                    logicalData.setLockDepth(resultSet.getString(18));
                    logicalData.setLockTimeout(resultSet.getLong(19));
                    logicalData.setDescription(resultSet.getString(20));
                    // logicalData.setDataLocationPreference(resultSet.getString(21));
                    logicalData.setStatus(resultSet.getString(22));
                    LogicalDataWrapped ldw = new LogicalDataWrapped();
                    ldw.setGlobalID(getCatalogue().getGlobalID(uid, cn));
                    ldw.setLogicalData(logicalData);
                    ldw.setPermissions(p);
                    ldw.setPath(dir.getPath().concat("/").concat(logicalData.getName()));
                    if (!logicalData.isFolder() && mp.isAdmin()) {
                        List<PDRIDescr> pdriDescr = getCatalogue().getPdriDescrByGroupId(logicalData.getPdriGroupId(), cn);
                        for (PDRIDescr pdri : pdriDescr) {
                            if (pdri.getResourceUrl().startsWith("lfc") || pdri.getResourceUrl().startsWith("srm") || pdri.getResourceUrl().startsWith("gftp")) {
                                pdriDescr.remove(pdri);
                                GridHelper.initGridProxy(pdri.getUsername(), pdri.getPassword(), null, false);
                                pdri.setPassword(GridHelper.getProxyAsBase64String());
                                pdriDescr.add(pdri);
                            }
                        }
                        ldw.setPdriList(pdriDescr);
                    }
                    ldwl.add(ldw);
                    limit--;
                }
                if (limit == 0) {
                    break;
                }
            }
        }
        if (limit != 0) {
            ps2.setLong(1, dir.getUid());
            try (ResultSet resultSet = ps2.executeQuery()) {
                while (resultSet.next()) {
                    Long myUid = resultSet.getLong(1);
                    String myOwner = resultSet.getString(2);
                    String myPath = dir.getPath().concat("/").concat(resultSet.getString(3));
                    Permissions p = getCatalogue().getPermissions(myUid, myOwner, cn);
                    if (mp.canRead(p) && myUid != 1) {
                        dirs.offer(new MyData(myUid, myPath));
                    }
                }
            }
        } else {
            break;
        }
    }
    return ldwl;
}
Also used : LogicalData(nl.uva.cs.lobcder.resources.LogicalData) PDRIDescr(nl.uva.cs.lobcder.resources.PDRIDescr) ResultSet(java.sql.ResultSet) Permissions(nl.uva.cs.lobcder.auth.Permissions) LogicalDataWrapped(nl.uva.cs.lobcder.rest.wrappers.LogicalDataWrapped) LinkedList(java.util.LinkedList)

Example 22 with Permissions

use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.

the class PermissionsResource method addPermissionsRecursive.

@Path("recursive/{uid}/")
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public UIDS addPermissionsRecursive(@PathParam("uid") Long uid_p, @DefaultValue("False") @QueryParam("getall") Boolean getall, JAXBElement<Permissions> jbPermissions) {
    UIDS result = new UIDS();
    try (Connection connection = catalogue.getConnection()) {
        try {
            Permissions permissions = jbPermissions.getValue();
            MyPrincipal principal = (MyPrincipal) request.getAttribute("myprincipal");
            LogicalData ld = catalogue.getLogicalDataByUid(uid_p, connection);
            Stack<Long> folders = new Stack<>();
            ArrayList<Long> elements = new ArrayList<>();
            ArrayList<Long> changeOwner = new ArrayList<>();
            Permissions p = catalogue.getPermissions(ld.getUid(), ld.getOwner(), connection);
            if (ld.isFolder() && principal.canRead(p)) {
                folders.add(ld.getUid());
            }
            if (principal.canWrite(p)) {
                elements.add(ld.getUid());
                if (permissions.getOwner() != null && !ld.getOwner().equals(permissions.getOwner())) {
                    changeOwner.add(ld.getUid());
                }
            }
            try (PreparedStatement ps = connection.prepareStatement("SELECT uid, ownerId, datatype FROM ldata_table WHERE parentRef = ?")) {
                while (!folders.isEmpty()) {
                    Long curUid = folders.pop();
                    ps.setLong(1, curUid);
                    try (ResultSet resultSet = ps.executeQuery()) {
                        while (resultSet.next()) {
                            Long entry_uid = resultSet.getLong(1);
                            String entry_owner = resultSet.getString(2);
                            String entry_datatype = resultSet.getString(3);
                            Permissions entry_p = catalogue.getPermissions(entry_uid, entry_owner, connection);
                            if (entry_datatype.equals(Constants.LOGICAL_FOLDER) && principal.canRead(entry_p)) {
                                folders.push(entry_uid);
                            }
                            if (principal.canWrite(entry_p)) {
                                elements.add(entry_uid);
                                if (permissions.getOwner() != null && !entry_owner.equals(permissions.getOwner())) {
                                    changeOwner.add(entry_uid);
                                }
                            }
                        }
                    }
                }
            }
            try (PreparedStatement ps = connection.prepareStatement("SELECT permType, roleName, ldUidRef, id  FROM permission_table WHERE permission_table.ldUidRef = ?", java.sql.ResultSet.TYPE_FORWARD_ONLY, java.sql.ResultSet.CONCUR_UPDATABLE)) {
                for (Long uid : elements) {
                    ps.setLong(1, uid);
                    ResultSet rs = ps.executeQuery();
                    Set<String> read = new HashSet<>(permissions.getRead());
                    Set<String> write = new HashSet<>(permissions.getWrite());
                    while (rs.next()) {
                        String permType = rs.getString(1);
                        String roleName = rs.getString(2);
                        if (permType.equals("read")) {
                            read.remove(roleName);
                        } else if (permType.equals("write")) {
                            write.remove(roleName);
                        }
                    }
                    for (String role : read) {
                        rs.moveToInsertRow();
                        rs.updateString(1, "read");
                        rs.updateString(2, role);
                        rs.updateLong(3, uid);
                        rs.insertRow();
                    }
                    for (String role : write) {
                        rs.moveToInsertRow();
                        rs.updateString(1, "write");
                        rs.updateString(2, role);
                        rs.updateLong(3, uid);
                        rs.insertRow();
                    }
                    if (getall || !read.isEmpty() || !write.isEmpty()) {
                        String myuid = catalogue.getGlobalID(uid, connection);
                        if (myuid != null) {
                            result.uids.add(myuid);
                        }
                    }
                }
            }
            if (permissions.getOwner() != null && !permissions.getOwner().isEmpty()) {
                try (PreparedStatement ps = connection.prepareStatement("SELECT ownerId, uid from ldata_table WHERE uid = ?", java.sql.ResultSet.TYPE_FORWARD_ONLY, java.sql.ResultSet.CONCUR_UPDATABLE)) {
                    for (Long uid : changeOwner) {
                        ps.setLong(1, uid);
                        ResultSet rs = ps.executeQuery();
                        if (rs.next()) {
                            rs.updateString(1, permissions.getOwner());
                            rs.updateRow();
                            if (!getall) {
                                result.uids.add(catalogue.getGlobalID(uid, connection));
                            }
                        }
                    }
                }
            }
            connection.commit();
            return result;
        } catch (SQLException ex) {
            Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
            connection.rollback();
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
    } catch (SQLException ex) {
        Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
        throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
    }
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) ArrayList(java.util.ArrayList) PreparedStatement(java.sql.PreparedStatement) Stack(java.util.Stack) LogicalData(nl.uva.cs.lobcder.resources.LogicalData) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) Permissions(nl.uva.cs.lobcder.auth.Permissions) ResultSet(java.sql.ResultSet) HashSet(java.util.HashSet)

Example 23 with Permissions

use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.

the class PermissionsResource method delPermissionsRecursive.

@Path("recursive/{uid}/")
@DELETE
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public UIDS delPermissionsRecursive(@PathParam("uid") Long uid_p, @DefaultValue("False") @QueryParam("getall") Boolean getall, JAXBElement<Permissions> jbPermissions) {
    UIDS result = new UIDS();
    try (Connection connection = catalogue.getConnection()) {
        try {
            Permissions permissions = jbPermissions.getValue();
            MyPrincipal principal = (MyPrincipal) request.getAttribute("myprincipal");
            LogicalData ld = catalogue.getLogicalDataByUid(uid_p, connection);
            Stack<Long> folders = new Stack<>();
            ArrayList<Long> elements = new ArrayList<>();
            Permissions p = catalogue.getPermissions(ld.getUid(), ld.getOwner(), connection);
            if (ld.isFolder() && principal.canRead(p)) {
                folders.add(ld.getUid());
            }
            if (principal.canWrite(p)) {
                elements.add(ld.getUid());
            }
            try (PreparedStatement ps = connection.prepareStatement("SELECT uid, ownerId, datatype FROM ldata_table WHERE parentRef = ?")) {
                while (!folders.isEmpty()) {
                    Long curUid = folders.pop();
                    ps.setLong(1, curUid);
                    try (ResultSet resultSet = ps.executeQuery()) {
                        while (resultSet.next()) {
                            Long entry_uid = resultSet.getLong(1);
                            String entry_owner = resultSet.getString(2);
                            String entry_datatype = resultSet.getString(3);
                            Permissions entry_p = catalogue.getPermissions(entry_uid, entry_owner, connection);
                            if (entry_datatype.equals(Constants.LOGICAL_FOLDER) && principal.canRead(entry_p)) {
                                folders.push(entry_uid);
                            }
                            if (principal.canWrite(entry_p)) {
                                elements.add(entry_uid);
                            }
                        }
                    }
                }
            }
            try (PreparedStatement ps = connection.prepareStatement("DELETE FROM permission_table WHERE permType = ? AND ldUidRef = ? AND roleName=?")) {
                for (Long uid : elements) {
                    for (String cr : permissions.getRead()) {
                        ps.setString(1, "read");
                        ps.setLong(2, uid);
                        ps.setString(3, cr);
                        ps.addBatch();
                    }
                    for (String cw : permissions.getWrite()) {
                        ps.setString(1, "write");
                        ps.setLong(2, uid);
                        ps.setString(3, cw);
                        ps.addBatch();
                    }
                    for (int i : ps.executeBatch()) {
                        if (getall || (i > 0)) {
                            String myuid = catalogue.getGlobalID(uid, connection);
                            if (myuid != null) {
                                result.uids.add(myuid);
                            }
                            break;
                        }
                    }
                }
            }
            connection.commit();
            return result;
        } catch (SQLException ex) {
            Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
            connection.rollback();
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
    } catch (SQLException ex) {
        Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
        throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
    }
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) ArrayList(java.util.ArrayList) PreparedStatement(java.sql.PreparedStatement) Stack(java.util.Stack) LogicalData(nl.uva.cs.lobcder.resources.LogicalData) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) Permissions(nl.uva.cs.lobcder.auth.Permissions) ResultSet(java.sql.ResultSet)

Example 24 with Permissions

use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.

the class PermissionsResource method getPermissions.

/**
 * Gets the resource's permissions: owner, read, write
 *
 * @param uid the id of the resource
 * @return the resource's permissions: owner, read, write
 */
@Path("{uid}/")
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Permissions getPermissions(@PathParam("uid") Long uid) {
    try (Connection cn = catalogue.getConnection()) {
        LogicalData res = catalogue.getLogicalDataByUid(uid, cn);
        if (res == null) {
            throw new WebApplicationException(Response.Status.NOT_FOUND);
        }
        MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
        Permissions p = catalogue.getPermissions(uid, res.getOwner(), cn);
        if (!mp.canRead(p)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
        return p;
    } catch (SQLException ex) {
        Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
        throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
    }
}
Also used : LogicalData(nl.uva.cs.lobcder.resources.LogicalData) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) SQLException(java.sql.SQLException) Connection(java.sql.Connection) Permissions(nl.uva.cs.lobcder.auth.Permissions)

Example 25 with Permissions

use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.

the class PermissionsResource method setPermissions.

/**
 * Sets the resource's permissions: owner, read, write
 *
 * @param uid the id of the resource
 * @param jbPermissions the permissions: owner, read, write
 */
@Path("{uid}/")
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public void setPermissions(@PathParam("uid") Long uid, JAXBElement<Permissions> jbPermissions) {
    try (Connection cn = catalogue.getConnection()) {
        try {
            LogicalData res = catalogue.getLogicalDataByUid(uid, cn);
            if (res == null) {
                throw new WebApplicationException(Response.Status.NOT_FOUND);
            }
            MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
            Permissions p = catalogue.getPermissions(uid, res.getOwner(), cn);
            if (!mp.canWrite(p)) {
                throw new WebApplicationException(Response.Status.UNAUTHORIZED);
            }
            Permissions permissions = jbPermissions.getValue();
            catalogue.updateOwner(uid, permissions.getOwner(), cn);
            catalogue.setPermissions(uid, permissions, cn);
            cn.commit();
        } catch (SQLException ex) {
            Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
            cn.rollback();
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
    } catch (SQLException ex) {
        Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
        throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
    }
}
Also used : LogicalData(nl.uva.cs.lobcder.resources.LogicalData) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) SQLException(java.sql.SQLException) Connection(java.sql.Connection) Permissions(nl.uva.cs.lobcder.auth.Permissions)

Aggregations

Permissions (nl.uva.cs.lobcder.auth.Permissions)40 LogicalData (nl.uva.cs.lobcder.resources.LogicalData)29 SQLException (java.sql.SQLException)23 Connection (java.sql.Connection)22 MyPrincipal (nl.uva.cs.lobcder.auth.MyPrincipal)21 ArrayList (java.util.ArrayList)7 BadRequestException (io.milton.http.exceptions.BadRequestException)6 NotAuthorizedException (io.milton.http.exceptions.NotAuthorizedException)6 PDRIDescr (nl.uva.cs.lobcder.resources.PDRIDescr)5 PreparedStatement (java.sql.PreparedStatement)4 ResultSet (java.sql.ResultSet)4 Stack (java.util.Stack)4 Path (io.milton.common.Path)3 Path (javax.ws.rs.Path)3 JAXBElement (javax.xml.bind.JAXBElement)3 QName (javax.xml.namespace.QName)3 LogicalDataWrapped (nl.uva.cs.lobcder.rest.wrappers.LogicalDataWrapped)3 ConflictException (io.milton.http.exceptions.ConflictException)2 IOException (java.io.IOException)2 URISyntaxException (java.net.URISyntaxException)2