Search in sources :

Example 16 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SeriesWorkflowOperationHandlerTest method setUp.

@Before
public void setUp() throws Exception {
    MediaPackageBuilder builder = MediaPackageBuilderFactory.newInstance().newMediaPackageBuilder();
    mp = builder.loadFromXml(getClass().getResourceAsStream("/series_mediapackage.xml"));
    URI uri = getClass().getResource("/dublincore.xml").toURI();
    File file = new File(uri);
    seriesCatalog = DublinCores.mkOpencast().getCatalog();
    seriesCatalog.set(DublinCore.PROPERTY_TITLE, "Series 1");
    SeriesService seriesService = EasyMock.createNiceMock(SeriesService.class);
    EasyMock.expect(seriesService.getSeries(EasyMock.anyString())).andReturn(seriesCatalog).anyTimes();
    EasyMock.expect(seriesService.getSeriesAccessControl(EasyMock.anyString())).andReturn(new AccessControlList()).anyTimes();
    EasyMock.expect(seriesService.getSeriesElementData(EasyMock.anyString(), EasyMock.anyString())).andReturn(Opt.some(FileUtils.readFileToByteArray(file))).anyTimes();
    EasyMock.replay(seriesService);
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.replay(securityService);
    capturedStream = Capture.newInstance(CaptureType.FIRST);
    Workspace workspace = EasyMock.createNiceMock(Workspace.class);
    EasyMock.expect(workspace.get(EasyMock.anyObject(URI.class))).andReturn(file).anyTimes();
    EasyMock.expect(workspace.read(EasyMock.anyObject(URI.class))).andAnswer(() -> getClass().getResourceAsStream("/dublincore.xml")).anyTimes();
    EasyMock.expect(workspace.put(EasyMock.anyString(), EasyMock.anyString(), EasyMock.anyString(), EasyMock.capture(capturedStream))).andReturn(uri).anyTimes();
    EasyMock.replay(workspace);
    AuthorizationService authorizationService = EasyMock.createNiceMock(AuthorizationService.class);
    EasyMock.replay(authorizationService);
    SeriesCatalogUIAdapter adapter = EasyMock.createNiceMock(SeriesCatalogUIAdapter.class);
    EasyMock.expect(adapter.getOrganization()).andReturn(new DefaultOrganization().getId()).anyTimes();
    EasyMock.expect(adapter.getFlavor()).andReturn("creativecommons/series").anyTimes();
    EasyMock.replay(adapter);
    SeriesCatalogUIAdapter seriesAdapter = EasyMock.createNiceMock(SeriesCatalogUIAdapter.class);
    EasyMock.expect(seriesAdapter.getOrganization()).andReturn(new DefaultOrganization().getId()).anyTimes();
    EasyMock.expect(seriesAdapter.getFlavor()).andReturn("dublincore/series").anyTimes();
    EasyMock.replay(seriesAdapter);
    // set up the handler
    operationHandler = new SeriesWorkflowOperationHandler();
    operationHandler.setSeriesService(seriesService);
    operationHandler.setSecurityService(securityService);
    operationHandler.setWorkspace(workspace);
    operationHandler.setAuthorizationService(authorizationService);
    operationHandler.addCatalogUIAdapter(adapter);
    operationHandler.addCatalogUIAdapter(seriesAdapter);
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) MediaPackageBuilder(org.opencastproject.mediapackage.MediaPackageBuilder) SeriesService(org.opencastproject.series.api.SeriesService) AuthorizationService(org.opencastproject.security.api.AuthorizationService) SecurityService(org.opencastproject.security.api.SecurityService) SeriesCatalogUIAdapter(org.opencastproject.metadata.dublincore.SeriesCatalogUIAdapter) URI(java.net.URI) File(java.io.File) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Workspace(org.opencastproject.workspace.api.Workspace) Before(org.junit.Before)

Example 17 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class IndexServiceImpl method createSeries.

@Override
public String createSeries(String metadata) throws IllegalArgumentException, IndexServiceException, UnauthorizedException {
    JSONObject metadataJson = null;
    try {
        metadataJson = (JSONObject) new JSONParser().parse(metadata);
    } catch (Exception e) {
        logger.warn("Unable to parse metadata {}", metadata);
        throw new IllegalArgumentException("Unable to parse metadata" + metadata);
    }
    if (metadataJson == null)
        throw new IllegalArgumentException("No metadata set to create series");
    JSONArray seriesMetadataJson = (JSONArray) metadataJson.get("metadata");
    if (seriesMetadataJson == null)
        throw new IllegalArgumentException("No metadata field in metadata");
    JSONObject options = (JSONObject) metadataJson.get("options");
    if (options == null)
        throw new IllegalArgumentException("No options field in metadata");
    Opt<Long> themeId = Opt.none();
    Long theme = (Long) metadataJson.get("theme");
    if (theme != null) {
        themeId = Opt.some(theme);
    }
    Map<String, String> optionsMap;
    try {
        optionsMap = JSONUtils.toMap(new org.codehaus.jettison.json.JSONObject(options.toJSONString()));
    } catch (JSONException e) {
        logger.warn("Unable to parse options to map: {}", getStackTrace(e));
        throw new IllegalArgumentException("Unable to parse options to map");
    }
    DublinCoreCatalog dc = DublinCores.mkOpencastSeries().getCatalog();
    dc.set(PROPERTY_IDENTIFIER, UUID.randomUUID().toString());
    dc.set(DublinCore.PROPERTY_CREATED, EncodingSchemeUtils.encodeDate(new Date(), Precision.Second));
    for (Entry<String, String> entry : optionsMap.entrySet()) {
        dc.set(new EName(DublinCores.OC_PROPERTY_NS_URI, entry.getKey()), entry.getValue());
    }
    MetadataList metadataList;
    try {
        metadataList = getMetadataListWithAllSeriesCatalogUIAdapters();
        metadataList.fromJSON(seriesMetadataJson.toJSONString());
    } catch (Exception e) {
        logger.warn("Not able to parse the series metadata {}: {}", seriesMetadataJson, getStackTrace(e));
        throw new IllegalArgumentException("Not able to parse the series metadata");
    }
    Opt<MetadataCollection> seriesMetadata = metadataList.getMetadataByFlavor(MediaPackageElements.SERIES.toString());
    if (seriesMetadata.isSome()) {
        DublinCoreMetadataUtil.updateDublincoreCatalog(dc, seriesMetadata.get());
    }
    AccessControlList acl = getAccessControlList(metadataJson);
    String seriesId;
    try {
        DublinCoreCatalog createdSeries = seriesService.updateSeries(dc);
        seriesId = createdSeries.getFirst(PROPERTY_IDENTIFIER);
        seriesService.updateAccessControl(seriesId, acl);
        for (Long id : themeId) seriesService.updateSeriesProperty(seriesId, THEME_PROPERTY_NAME, Long.toString(id));
    } catch (Exception e) {
        logger.error("Unable to create new series: {}", getStackTrace(e));
        throw new IndexServiceException("Unable to create new series");
    }
    updateSeriesMetadata(seriesId, metadataList);
    return seriesId;
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) EName(org.opencastproject.mediapackage.EName) JSONArray(org.json.simple.JSONArray) JSONException(org.codehaus.jettison.json.JSONException) SchedulerException(org.opencastproject.scheduler.api.SchedulerException) IngestException(org.opencastproject.ingest.api.IngestException) WebApplicationException(javax.ws.rs.WebApplicationException) MetadataParsingException(org.opencastproject.metadata.dublincore.MetadataParsingException) EventCommentException(org.opencastproject.event.comment.EventCommentException) IOException(java.io.IOException) JSONException(org.codehaus.jettison.json.JSONException) SearchIndexException(org.opencastproject.matterhorn.search.SearchIndexException) ParseException(java.text.ParseException) SeriesException(org.opencastproject.series.api.SeriesException) WorkflowException(org.opencastproject.workflow.api.WorkflowException) MediaPackageException(org.opencastproject.mediapackage.MediaPackageException) IndexServiceException(org.opencastproject.index.service.exception.IndexServiceException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) WorkflowDatabaseException(org.opencastproject.workflow.api.WorkflowDatabaseException) AssetManagerException(org.opencastproject.assetmanager.api.AssetManagerException) Date(java.util.Date) MetadataList(org.opencastproject.index.service.catalog.adapter.MetadataList) JSONObject(org.json.simple.JSONObject) JSONParser(org.json.simple.parser.JSONParser) MetadataCollection(org.opencastproject.metadata.dublincore.MetadataCollection) DublinCoreCatalog(org.opencastproject.metadata.dublincore.DublinCoreCatalog) IndexServiceException(org.opencastproject.index.service.exception.IndexServiceException)

Example 18 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class IndexServiceImpl method updateMediaPackageMetadata.

private void updateMediaPackageMetadata(MediaPackage mp, MetadataList metadataList) {
    String oldSeriesId = mp.getSeries();
    for (EventCatalogUIAdapter catalogUIAdapter : getEventCatalogUIAdapters()) {
        Opt<MetadataCollection> metadata = metadataList.getMetadataByAdapter(catalogUIAdapter);
        if (metadata.isSome() && metadata.get().isUpdated()) {
            catalogUIAdapter.storeFields(mp, metadata.get());
        }
    }
    // update series catalogs
    if (!StringUtils.equals(oldSeriesId, mp.getSeries())) {
        List<String> seriesDcTags = new ArrayList<>();
        List<String> seriesAclTags = new ArrayList<>();
        Map<String, List<String>> seriesExtDcTags = new HashMap<>();
        if (StringUtils.isNotBlank(oldSeriesId)) {
            // remove series dublincore from the media package
            for (MediaPackageElement mpe : mp.getElementsByFlavor(MediaPackageElements.SERIES)) {
                mp.remove(mpe);
                for (String tag : mpe.getTags()) {
                    seriesDcTags.add(tag);
                }
            }
            // remove series ACL from the media package
            for (MediaPackageElement mpe : mp.getElementsByFlavor(MediaPackageElements.XACML_POLICY_SERIES)) {
                mp.remove(mpe);
                for (String tag : mpe.getTags()) {
                    seriesAclTags.add(tag);
                }
            }
            // remove series extended metadata from the media package
            try {
                Opt<Map<String, byte[]>> oldSeriesElementsOpt = seriesService.getSeriesElements(oldSeriesId);
                for (Map<String, byte[]> oldSeriesElements : oldSeriesElementsOpt) {
                    for (String oldSeriesElementType : oldSeriesElements.keySet()) {
                        for (MediaPackageElement mpe : mp.getElementsByFlavor(MediaPackageElementFlavor.flavor(oldSeriesElementType, "series"))) {
                            mp.remove(mpe);
                            String elementType = mpe.getFlavor().getType();
                            if (StringUtils.isNotBlank(elementType)) {
                                // remember the tags for this type of element
                                if (!seriesExtDcTags.containsKey(elementType)) {
                                    // initialize the tags list on the first occurrence of this element type
                                    seriesExtDcTags.put(elementType, new ArrayList<>());
                                }
                                for (String tag : mpe.getTags()) {
                                    seriesExtDcTags.get(elementType).add(tag);
                                }
                            }
                        }
                    }
                }
            } catch (SeriesException e) {
                logger.info("Unable to retrieve series element types from series service for the series {}", oldSeriesId, e);
            }
        }
        if (StringUtils.isNotBlank(mp.getSeries())) {
            // add updated series dublincore to the media package
            try {
                DublinCoreCatalog seriesDC = seriesService.getSeries(mp.getSeries());
                if (seriesDC != null) {
                    mp.setSeriesTitle(seriesDC.getFirst(DublinCore.PROPERTY_TITLE));
                    try (InputStream in = IOUtils.toInputStream(seriesDC.toXmlString(), "UTF-8")) {
                        String elementId = UUID.randomUUID().toString();
                        URI catalogUrl = workspace.put(mp.getIdentifier().compact(), elementId, "dublincore.xml", in);
                        MediaPackageElement mpe = mp.add(catalogUrl, MediaPackageElement.Type.Catalog, MediaPackageElements.SERIES);
                        mpe.setIdentifier(elementId);
                        mpe.setChecksum(Checksum.create(ChecksumType.DEFAULT_TYPE, workspace.read(catalogUrl)));
                        if (StringUtils.isNotBlank(oldSeriesId)) {
                            for (String tag : seriesDcTags) {
                                mpe.addTag(tag);
                            }
                        } else {
                            // add archive tag to the element if the media package had no series set before
                            mpe.addTag("archive");
                        }
                    } catch (IOException e) {
                        throw new IllegalStateException("Unable to add the series dublincore to the media package " + mp.getIdentifier(), e);
                    }
                }
            } catch (SeriesException e) {
                throw new IllegalStateException("Unable to retrieve series dublincore catalog for the series " + mp.getSeries(), e);
            } catch (NotFoundException | UnauthorizedException e) {
                throw new IllegalArgumentException("Unable to retrieve series dublincore catalog for the series " + mp.getSeries(), e);
            }
            // add updated series ACL to the media package
            try {
                AccessControlList seriesAccessControl = seriesService.getSeriesAccessControl(mp.getSeries());
                if (seriesAccessControl != null) {
                    mp = authorizationService.setAcl(mp, AclScope.Series, seriesAccessControl).getA();
                    for (MediaPackageElement seriesAclMpe : mp.getElementsByFlavor(MediaPackageElements.XACML_POLICY_SERIES)) {
                        if (StringUtils.isNotBlank(oldSeriesId)) {
                            for (String tag : seriesAclTags) {
                                seriesAclMpe.addTag(tag);
                            }
                        } else {
                            // add archive tag to the element if the media package had no series set before
                            seriesAclMpe.addTag("archive");
                        }
                    }
                }
            } catch (SeriesException e) {
                throw new IllegalStateException("Unable to retrieve series ACL for series " + oldSeriesId, e);
            } catch (NotFoundException e) {
                logger.debug("There is no ACL set for the series {}", mp.getSeries());
            }
            // add updated series extended metadata to the media package
            try {
                Opt<Map<String, byte[]>> seriesElementsOpt = seriesService.getSeriesElements(mp.getSeries());
                for (Map<String, byte[]> seriesElements : seriesElementsOpt) {
                    for (String seriesElementType : seriesElements.keySet()) {
                        try (InputStream in = new ByteArrayInputStream(seriesElements.get(seriesElementType))) {
                            String elementId = UUID.randomUUID().toString();
                            URI catalogUrl = workspace.put(mp.getIdentifier().compact(), elementId, "dublincore.xml", in);
                            MediaPackageElement mpe = mp.add(catalogUrl, MediaPackageElement.Type.Catalog, MediaPackageElementFlavor.flavor(seriesElementType, "series"));
                            mpe.setIdentifier(elementId);
                            mpe.setChecksum(Checksum.create(ChecksumType.DEFAULT_TYPE, workspace.read(catalogUrl)));
                            if (StringUtils.isNotBlank(oldSeriesId)) {
                                if (seriesExtDcTags.containsKey(seriesElementType)) {
                                    for (String tag : seriesExtDcTags.get(seriesElementType)) {
                                        mpe.addTag(tag);
                                    }
                                }
                            } else {
                                // add archive tag to the element if the media package had no series set before
                                mpe.addTag("archive");
                            }
                        } catch (IOException e) {
                            throw new IllegalStateException(String.format("Unable to serialize series element %s for the series %s", seriesElementType, mp.getSeries()), e);
                        } catch (NotFoundException e) {
                            throw new IllegalArgumentException("Unable to retrieve series element dublincore catalog for the series " + mp.getSeries(), e);
                        }
                    }
                }
            } catch (SeriesException e) {
                throw new IllegalStateException("Unable to retrieve series elements for the series " + mp.getSeries(), e);
            }
        }
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) LinkedHashMap(java.util.LinkedHashMap) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) NotFoundException(org.opencastproject.util.NotFoundException) URI(java.net.URI) MediaPackageElement(org.opencastproject.mediapackage.MediaPackageElement) CommonEventCatalogUIAdapter(org.opencastproject.index.service.catalog.adapter.events.CommonEventCatalogUIAdapter) EventCatalogUIAdapter(org.opencastproject.metadata.dublincore.EventCatalogUIAdapter) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) MetadataCollection(org.opencastproject.metadata.dublincore.MetadataCollection) MetadataList(org.opencastproject.index.service.catalog.adapter.MetadataList) ArrayList(java.util.ArrayList) AccessControlList(org.opencastproject.security.api.AccessControlList) List(java.util.List) LinkedList(java.util.LinkedList) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) SeriesException(org.opencastproject.series.api.SeriesException) IOException(java.io.IOException) ByteArrayInputStream(java.io.ByteArrayInputStream) DublinCoreCatalog(org.opencastproject.metadata.dublincore.DublinCoreCatalog) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap) HashMap(java.util.HashMap)

Example 19 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class IndexServiceImpl method createEvent.

@Override
public String createEvent(JSONObject metadataJson, MediaPackage mp) throws ParseException, IOException, MediaPackageException, IngestException, NotFoundException, SchedulerException, UnauthorizedException {
    if (metadataJson == null)
        throw new IllegalArgumentException("No metadata set");
    JSONObject source = (JSONObject) metadataJson.get("source");
    if (source == null)
        throw new IllegalArgumentException("No source field in metadata");
    JSONObject processing = (JSONObject) metadataJson.get("processing");
    if (processing == null)
        throw new IllegalArgumentException("No processing field in metadata");
    JSONArray allEventMetadataJson = (JSONArray) metadataJson.get("metadata");
    if (allEventMetadataJson == null)
        throw new IllegalArgumentException("No metadata field in metadata");
    AccessControlList acl = getAccessControlList(metadataJson);
    MetadataList metadataList = getMetadataListWithAllEventCatalogUIAdapters();
    try {
        metadataList.fromJSON(allEventMetadataJson.toJSONString());
    } catch (MetadataParsingException e) {
        logger.warn("Unable to parse event metadata {}", allEventMetadataJson.toJSONString());
        throw new IllegalArgumentException("Unable to parse metadata set");
    }
    EventHttpServletRequest eventHttpServletRequest = new EventHttpServletRequest();
    eventHttpServletRequest.setAcl(acl);
    eventHttpServletRequest.setMetadataList(metadataList);
    eventHttpServletRequest.setMediaPackage(mp);
    eventHttpServletRequest.setProcessing(processing);
    eventHttpServletRequest.setSource(source);
    return createEvent(eventHttpServletRequest);
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) MetadataList(org.opencastproject.index.service.catalog.adapter.MetadataList) EventHttpServletRequest(org.opencastproject.index.service.impl.index.event.EventHttpServletRequest) MetadataParsingException(org.opencastproject.metadata.dublincore.MetadataParsingException) JSONObject(org.json.simple.JSONObject) JSONArray(org.json.simple.JSONArray)

Example 20 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class EventHttpServletRequest method setFormField.

/**
 * Set a value for creating a new event from a form field.
 *
 * @param eventCatalogUIAdapters
 *          The list of event catalog ui adapters used for loading the metadata for the new event.
 * @param eventHttpServletRequest
 *          The current details of the request that have been loaded.
 * @param item
 *          The content of the field.
 * @param fieldName
 *          The key of the field.
 * @param startDatePattern
 *          The pattern to use to parse the start date from the request.
 * @param startTimePattern
 *          The pattern to use to parse the start time from the request.
 * @throws IOException
 *           Thrown if unable to laod the content of the field.
 * @throws NotFoundException
 *           Thrown if unable to find a metadata catalog or field that matches an input catalog or field.
 */
private static void setFormField(List<EventCatalogUIAdapter> eventCatalogUIAdapters, EventHttpServletRequest eventHttpServletRequest, FileItemStream item, String fieldName, Opt<String> startDatePattern, Opt<String> startTimePattern) throws IOException, NotFoundException {
    if (METADATA_JSON_KEY.equals(fieldName)) {
        String metadata = Streams.asString(item.openStream());
        try {
            MetadataList metadataList = deserializeMetadataList(metadata, eventCatalogUIAdapters, startDatePattern, startTimePattern);
            eventHttpServletRequest.setMetadataList(metadataList);
        } catch (IllegalArgumentException e) {
            throw e;
        } catch (ParseException e) {
            throw new IllegalArgumentException(String.format("Unable to parse event metadata because: '%s'", e.toString()));
        } catch (NotFoundException e) {
            throw e;
        } catch (java.text.ParseException e) {
            throw new IllegalArgumentException(String.format("Unable to parse event metadata because: '%s'", e.toString()));
        }
    } else if ("acl".equals(item.getFieldName())) {
        String access = Streams.asString(item.openStream());
        try {
            AccessControlList acl = deserializeJsonToAcl(access, true);
            eventHttpServletRequest.setAcl(acl);
        } catch (Exception e) {
            logger.warn("Unable to parse acl {}", access);
            throw new IllegalArgumentException("Unable to parse acl");
        }
    } else if ("processing".equals(item.getFieldName())) {
        String processing = Streams.asString(item.openStream());
        JSONParser parser = new JSONParser();
        try {
            eventHttpServletRequest.setProcessing((JSONObject) parser.parse(processing));
        } catch (Exception e) {
            logger.warn("Unable to parse processing configuration {}", processing);
            throw new IllegalArgumentException("Unable to parse processing configuration");
        }
    }
}
Also used : MetadataList(org.opencastproject.index.service.catalog.adapter.MetadataList) AccessControlList(org.opencastproject.security.api.AccessControlList) NotFoundException(org.opencastproject.util.NotFoundException) JSONParser(org.json.simple.parser.JSONParser) ParseException(org.json.simple.parser.ParseException) ParseException(org.json.simple.parser.ParseException) NotFoundException(org.opencastproject.util.NotFoundException) IOException(java.io.IOException) MediaPackageException(org.opencastproject.mediapackage.MediaPackageException) IngestException(org.opencastproject.ingest.api.IngestException) IndexServiceException(org.opencastproject.index.service.exception.IndexServiceException) FileUploadException(org.apache.commons.fileupload.FileUploadException)

Aggregations

AccessControlList (org.opencastproject.security.api.AccessControlList)108 NotFoundException (org.opencastproject.util.NotFoundException)46 UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)38 AccessControlEntry (org.opencastproject.security.api.AccessControlEntry)30 MediaPackage (org.opencastproject.mediapackage.MediaPackage)27 Test (org.junit.Test)26 IOException (java.io.IOException)22 Organization (org.opencastproject.security.api.Organization)22 User (org.opencastproject.security.api.User)21 DublinCoreCatalog (org.opencastproject.metadata.dublincore.DublinCoreCatalog)19 ArrayList (java.util.ArrayList)18 SeriesException (org.opencastproject.series.api.SeriesException)18 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)16 MediaPackageException (org.opencastproject.mediapackage.MediaPackageException)16 Date (java.util.Date)15 SchedulerException (org.opencastproject.scheduler.api.SchedulerException)14 Path (javax.ws.rs.Path)13 RestQuery (org.opencastproject.util.doc.rest.RestQuery)13 WebApplicationException (javax.ws.rs.WebApplicationException)12 File (java.io.File)10