diff --git a/src/main/java/com/databasepreservation/common/Common.gwt.xml b/src/main/java/com/databasepreservation/common/Common.gwt.xml index ffb629ba6..3d42e3104 100644 --- a/src/main/java/com/databasepreservation/common/Common.gwt.xml +++ b/src/main/java/com/databasepreservation/common/Common.gwt.xml @@ -36,6 +36,7 @@ + diff --git a/src/main/java/com/databasepreservation/common/api/RestApplicationNoSwagger.java b/src/main/java/com/databasepreservation/common/api/RestApplicationNoSwagger.java index a824b5742..cdada5f69 100644 --- a/src/main/java/com/databasepreservation/common/api/RestApplicationNoSwagger.java +++ b/src/main/java/com/databasepreservation/common/api/RestApplicationNoSwagger.java @@ -17,7 +17,6 @@ import org.glassfish.jersey.servlet.ServletProperties; import org.springframework.context.annotation.Configuration; -import com.databasepreservation.common.api.exceptions.RestExceptionMapper; import com.databasepreservation.common.api.utils.CacheFilterFactory; import com.databasepreservation.common.api.v1.ActivityLogResource; import com.databasepreservation.common.api.v1.AuthenticationResource; @@ -66,7 +65,6 @@ public RestApplicationNoSwagger() { register(JacksonFeature.class); register(MoxyXmlFeature.class); register(MultiPartFeature.class); - register(RestExceptionMapper.class); register(CacheFilterFactory.class); register(ActivityLogResource.class); diff --git a/src/main/java/com/databasepreservation/common/api/exceptions/ApiException.java b/src/main/java/com/databasepreservation/common/api/exceptions/ApiException.java deleted file mode 100644 index 49b3dccba..000000000 --- a/src/main/java/com/databasepreservation/common/api/exceptions/ApiException.java +++ /dev/null @@ -1,33 +0,0 @@ -/** - * The contents of this file are subject to the license and copyright - * detailed in the LICENSE file at the root of the source - * tree and available online at - * - * https://github.com/keeps/dbptk-ui - */ -package com.databasepreservation.common.api.exceptions; - - -import com.databasepreservation.common.exceptions.ViewerException; - -/** - * @author Bruno Ferreira - */ -public class ApiException extends ViewerException { - private static final long serialVersionUID = 4667937307148805083L; - - public static final int INVALID_PARAMETER_VALUE = 1; - public static final int EMPTY_PARAMETER = 2; - public static final int RESOURCE_ALREADY_EXISTS = 3; - - private int code; - - public ApiException(int code, String msg) { - super(msg); - this.code = code; - } - - public int getCode() { - return code; - } -} diff --git a/src/main/java/com/databasepreservation/common/api/exceptions/RESTException.java b/src/main/java/com/databasepreservation/common/api/exceptions/RESTException.java new file mode 100644 index 000000000..dff9f5275 --- /dev/null +++ b/src/main/java/com/databasepreservation/common/api/exceptions/RESTException.java @@ -0,0 +1,70 @@ +/** + * The contents of this file are subject to the license and copyright + * detailed in the LICENSE file at the root of the source + * tree and available online at + * + * https://github.com/keeps/dbptk-ui + */ +package com.databasepreservation.common.api.exceptions; + +import com.databasepreservation.common.exceptions.SavedSearchException; +import com.google.gwt.http.client.Response; +import org.roda.core.data.exceptions.*; + +import java.io.Serial; + +/** + * @author António Lindo + */ + +public class RESTException extends RuntimeException { + @Serial + private static final long serialVersionUID = 4667937307148805083L; + + private Throwable cause; + + public RESTException() { + } + + public RESTException(Throwable cause) { + super(); + this.cause = cause; + } + + private static String getCauseMessage(Throwable e) { + StringBuilder message = new StringBuilder(); + Throwable cause = e; + + while (cause != null) { + message.append(" caused by ").append(cause.getClass().getSimpleName()).append(": "); + if (cause.getMessage() != null) { + message.append(cause.getMessage()); + } + cause = cause.getCause(); + } + return message.toString(); + } + + @Override + public synchronized Throwable getCause() { + return cause; + } + + public int getStatus() { + if (cause instanceof AuthorizationDeniedException) { + return Response.SC_UNAUTHORIZED; + } else if (cause instanceof NotFoundException) { + return Response.SC_NOT_FOUND; + } else if (cause instanceof AlreadyExistsException) { + return Response.SC_CONFLICT; + } else if (cause instanceof SavedSearchException) { + return Response.SC_BAD_REQUEST; + } else if (cause instanceof GenericException) { + return Response.SC_BAD_REQUEST; + } else if (cause instanceof RequestNotValidException) { + return Response.SC_BAD_REQUEST; + } + return Response.SC_INTERNAL_SERVER_ERROR; + } + +} diff --git a/src/main/java/com/databasepreservation/common/api/exceptions/RestExceptionMapper.java b/src/main/java/com/databasepreservation/common/api/exceptions/RestExceptionMapper.java deleted file mode 100644 index 1399a8d4c..000000000 --- a/src/main/java/com/databasepreservation/common/api/exceptions/RestExceptionMapper.java +++ /dev/null @@ -1,52 +0,0 @@ -/** - * The contents of this file are subject to the license and copyright - * detailed in the LICENSE file at the root of the source - * tree and available online at - * - * https://github.com/keeps/dbptk-ui - */ -package com.databasepreservation.common.api.exceptions; - -import jakarta.ws.rs.core.Response; -import jakarta.ws.rs.core.Response.ResponseBuilder; -import jakarta.ws.rs.ext.ExceptionMapper; -import jakarta.ws.rs.ext.Provider; - -import org.glassfish.jersey.server.ContainerRequest; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.databasepreservation.common.api.utils.ApiResponseMessage; -import com.databasepreservation.common.api.utils.ApiUtils; -import com.databasepreservation.common.client.exceptions.RESTException; - -import jakarta.inject.Inject; - -@Provider -public class RestExceptionMapper implements ExceptionMapper { - private static final Logger LOGGER = LoggerFactory.getLogger(RestExceptionMapper.class); - - @Inject - private jakarta.inject.Provider containerRequestProvider; - - @Override - public Response toResponse(RESTException e) { - ContainerRequest containerRequest = containerRequestProvider.get(); - String parameter = containerRequest.getProperty("acceptFormat") != null - ? (String) containerRequest.getProperty("acceptFormat") - : ""; - String header = containerRequest.getHeaderString("Accept"); - String mediaType = ApiUtils.getMediaType(parameter, header); - - ResponseBuilder responseBuilder; - String message = e.getClass().getSimpleName() + ": " + e.getMessage(); - if (e.getCause() != null) { - message += ", caused by " + e.getCause().getClass().getName() + ": " + e.getCause().getMessage(); - } - LOGGER.debug("Creating error response. MediaType: {}; Message: {}", mediaType, message, e); - responseBuilder = Response.status(e.getStatus()).entity(new ApiResponseMessage(ApiResponseMessage.ERROR, message)); - - return responseBuilder.type(mediaType).build(); - } - -} diff --git a/src/main/java/com/databasepreservation/common/api/exceptions/RestResponseEntityExceptionHandler.java b/src/main/java/com/databasepreservation/common/api/exceptions/RestResponseEntityExceptionHandler.java new file mode 100644 index 000000000..679f050d2 --- /dev/null +++ b/src/main/java/com/databasepreservation/common/api/exceptions/RestResponseEntityExceptionHandler.java @@ -0,0 +1,70 @@ +package com.databasepreservation.common.api.exceptions; + +import java.io.IOException; +import java.util.UUID; + +import com.databasepreservation.common.api.exceptions.model.ErrorResponseMessage; +import com.databasepreservation.common.exceptions.AuthorizationException; +import com.databasepreservation.common.exceptions.ViewerException; +import org.roda.core.data.exceptions.AlreadyExistsException; +import org.roda.core.data.exceptions.AuthenticationDeniedException; +import org.roda.core.data.exceptions.AuthorizationDeniedException; +import org.roda.core.data.exceptions.GenericException; +import org.roda.core.data.exceptions.NotFoundException; +import org.roda.core.data.exceptions.RequestNotValidException; +import org.slf4j.LoggerFactory; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.context.request.ServletWebRequest; +import org.springframework.web.context.request.WebRequest; +import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler; + +@ControllerAdvice +public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionHandler { + + @ExceptionHandler(value = {RESTException.class}) + protected ResponseEntity handleRestException(RuntimeException ex, WebRequest request) { + String message = "Internal server error"; + String details = ""; + Object objectDetails = null; + HttpStatus httpStatus = HttpStatus.INTERNAL_SERVER_ERROR; + UUID errorID = UUID.randomUUID(); + if (ex.getCause() instanceof AuthorizationDeniedException || ex.getCause() instanceof AuthorizationException) { + message = "Forbidden"; + details = ex.getCause().getMessage(); + httpStatus = HttpStatus.FORBIDDEN; + } else if (ex.getCause() instanceof AuthenticationDeniedException) { + message = "Unauthorized access"; + details = ex.getCause().getMessage(); + httpStatus = HttpStatus.UNAUTHORIZED; + } else if (ex.getCause() instanceof NotFoundException) { + message = "Resource not found"; + details = ex.getCause().getMessage(); + httpStatus = HttpStatus.NOT_FOUND; + } else if (ex.getCause() instanceof AlreadyExistsException) { + message = "Resource already exists"; + details = ex.getCause().getMessage(); + httpStatus = HttpStatus.CONFLICT; + } else if (ex.getCause() instanceof GenericException || ex.getCause() instanceof RequestNotValidException + || ex.getCause() instanceof IOException || ex.getCause() instanceof ViewerException) { + message = "Request was not valid"; + details = ex.getCause().getMessage(); + httpStatus = HttpStatus.BAD_REQUEST; + } + + String warn = "ERROR_ID: " + errorID + " - " + ex.getClass().getSimpleName() + ": " + ex.getCause().getMessage(); + LoggerFactory.getLogger(RestResponseEntityExceptionHandler.class).warn(warn); + + ErrorResponseMessage body = new ErrorResponseMessage(httpStatus.value(), errorID.toString(), message, details, + ((ServletWebRequest) request).getRequest().getRequestURI(), objectDetails); + + HttpHeaders responseHeaders = new HttpHeaders(); + responseHeaders.setContentType(MediaType.APPLICATION_JSON); + + return handleExceptionInternal(ex, body, responseHeaders, httpStatus, request); + } +} diff --git a/src/main/java/com/databasepreservation/common/api/exceptions/model/ErrorResponseMessage.java b/src/main/java/com/databasepreservation/common/api/exceptions/model/ErrorResponseMessage.java new file mode 100644 index 000000000..a95190b31 --- /dev/null +++ b/src/main/java/com/databasepreservation/common/api/exceptions/model/ErrorResponseMessage.java @@ -0,0 +1,70 @@ +package com.databasepreservation.common.api.exceptions.model; + +import java.io.Serial; +import java.io.Serializable; +import java.time.Instant; +import java.time.temporal.ChronoUnit; + +import com.fasterxml.jackson.annotation.JsonInclude; + +public class ErrorResponseMessage implements Serializable { + + @Serial + private static final long serialVersionUID = -2206131216992713872L; + + private final int status; + private final String errorId; + private final String message; + private final String details; + private final Instant timestamp; + private final String instance; + @JsonInclude(JsonInclude.Include.NON_NULL) + private Object objectDetails; + + public ErrorResponseMessage(int status, String errorId, String message, String details, String instance) { + this.status = status; + this.errorId = errorId; + this.message = message; + this.details = details; + this.timestamp = Instant.now().truncatedTo(ChronoUnit.MILLIS); + this.instance = instance; + } + + public ErrorResponseMessage(int status, String errorId, String message, String details, String instance, Object objectDetails) { + this.status = status; + this.errorId = errorId; + this.message = message; + this.details = details; + this.timestamp = Instant.now().truncatedTo(ChronoUnit.MILLIS); + this.instance = instance; + this.objectDetails = objectDetails; + } + + public int getStatus() { + return status; + } + + public String getErrorId() { + return errorId; + } + + public String getMessage() { + return message; + } + + public String getDetails() { + return details; + } + + public Instant getTimestamp() { + return timestamp; + } + + public String getInstance() { + return instance; + } + + public Object getObjectDetails() { + return objectDetails; + } +} diff --git a/src/main/java/com/databasepreservation/common/api/utils/HandlebarsUtils.java b/src/main/java/com/databasepreservation/common/api/utils/HandlebarsUtils.java index 5a4b3c0fa..56bf27e8b 100644 --- a/src/main/java/com/databasepreservation/common/api/utils/HandlebarsUtils.java +++ b/src/main/java/com/databasepreservation/common/api/utils/HandlebarsUtils.java @@ -7,6 +7,7 @@ */ package com.databasepreservation.common.api.utils; +import com.databasepreservation.common.api.exceptions.RESTException; import com.databasepreservation.common.client.tools.ViewerCelllUtils; import java.io.IOException; import java.math.BigDecimal; @@ -19,7 +20,6 @@ import org.apache.commons.lang3.StringUtils; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.models.status.collection.ColumnStatus; import com.databasepreservation.common.client.models.status.collection.NestedColumnStatus; import com.databasepreservation.common.client.models.status.collection.TableStatus; diff --git a/src/main/java/com/databasepreservation/common/api/v1/ActivityLogResource.java b/src/main/java/com/databasepreservation/common/api/v1/ActivityLogResource.java index e3a2d566e..4b625ae39 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/ActivityLogResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/ActivityLogResource.java @@ -7,6 +7,8 @@ */ package com.databasepreservation.common.api.v1; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.NotFoundException; import org.roda.core.data.exceptions.RequestNotValidException; @@ -18,7 +20,6 @@ import org.springframework.web.bind.annotation.RestController; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.index.FindRequest; import com.databasepreservation.common.client.index.IndexResult; import com.databasepreservation.common.client.models.activity.logs.ActivityLogEntry; @@ -47,18 +48,17 @@ public class ActivityLogResource implements ActivityLogService { @Override public IndexResult find(FindRequest findRequest, String locale) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; - - LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); - + User user = new User(); long count = 0; - + LogEntryState state = LogEntryState.SUCCESS; try { + user = controllerAssistant.checkRoles(request); + final IndexResult result = ViewerFactory.getSolrManager().find(ActivityLogEntry.class, findRequest.filter, findRequest.sorter, findRequest.sublist, findRequest.facets); count = result.getTotalCount(); return I18nUtility.translate(result, ActivityLogEntry.class, locale); - } catch (GenericException | RequestNotValidException e) { + } catch (GenericException | RequestNotValidException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -73,16 +73,16 @@ public IndexResult find(FindRequest findRequest, String locale @Override public ActivityLogWrapper retrieve(String logUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; - + User user = new User(); LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); try { + user = controllerAssistant.checkRoles(request); final ActivityLogEntry retrieve = ViewerFactory.getSolrManager().retrieve(ActivityLogEntry.class, logUUID); final ActivityLogStrategy strategy = ViewerFactory.getActivityLogStrategyFactory() .getStrategy(retrieve.getActionComponent(), retrieve.getActionMethod()); return strategy.apply(new ActivityLogWrapper(retrieve)); - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/CollectionResource.java b/src/main/java/com/databasepreservation/common/api/v1/CollectionResource.java index 5094577ae..baae77bab 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/CollectionResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/CollectionResource.java @@ -29,11 +29,11 @@ import com.databasepreservation.common.api.utils.ExtraMediaType; import com.databasepreservation.model.exception.ModuleException; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang.StringUtils; -import org.roda.core.data.exceptions.GenericException; -import org.roda.core.data.exceptions.NotFoundException; -import org.roda.core.data.exceptions.RequestNotValidException; +import org.roda.core.data.exceptions.*; import org.roda.core.data.utils.JsonUtils; import org.roda.core.data.v2.index.sublist.Sublist; import org.springframework.batch.core.BatchStatus; @@ -42,6 +42,7 @@ import org.springframework.batch.core.JobParameters; import org.springframework.batch.core.JobParametersBuilder; import org.springframework.batch.core.JobParametersInvalidException; +import org.springframework.batch.core.configuration.JobRegistry; import org.springframework.batch.core.explore.JobExplorer; import org.springframework.batch.core.launch.JobLauncher; import org.springframework.batch.core.launch.JobOperator; @@ -74,9 +75,7 @@ import com.databasepreservation.common.client.ViewerConstants; import com.databasepreservation.common.client.common.search.SavedSearch; import com.databasepreservation.common.client.common.search.SearchInfo; -import com.databasepreservation.common.client.exceptions.AuthorizationException; -import com.databasepreservation.common.client.exceptions.RESTException; -import com.databasepreservation.common.client.exceptions.SavedSearchException; +import com.databasepreservation.common.exceptions.SavedSearchException; import com.databasepreservation.common.client.index.FindRequest; import com.databasepreservation.common.client.index.IndexResult; import com.databasepreservation.common.client.index.filter.Filter; @@ -151,10 +150,11 @@ public ResponseEntity getReport(@PathVariable(name = "databaseUUID") S ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { - java.nio.file.Path reportPath = ViewerConfiguration.getInstance().getReportPath(databaseUUID, + user = controllerAssistant.checkRoles(request); + Path reportPath = ViewerConfiguration.getInstance().getReportPath(databaseUUID, ReporterType.BROWSE); String filename = reportPath.getFileName().toString(); if (!Files.exists(reportPath)) { @@ -165,8 +165,8 @@ public ResponseEntity getReport(@PathVariable(name = "databaseUUID") S return ResponseEntity.ok() .header("Content-Disposition", "attachment; filename=\"" + reportPath.toFile().getName() + "\"") .contentLength(reportPath.toFile().length()) - .contentType(org.springframework.http.MediaType.APPLICATION_OCTET_STREAM).body(resource); - } catch (NotFoundException | IOException e) { + .contentType(MediaType.APPLICATION_OCTET_STREAM).body(resource); + } catch (NotFoundException | IOException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -181,27 +181,28 @@ public StringResponse createCollection(String databaseUUID, String siardVersion) ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user; + User user = new User(); // Checks if property ui.plugin.loadOnAccess is enable. If so, let the // authenticated user // creates a collection for that SIARD. If the user is a guest it will throw an // AuthorizationException - final boolean loadOnAccess = ViewerFactory.getViewerConfiguration().getViewerConfigurationAsBoolean(false, - ViewerConstants.PROPERTY_PLUGIN_LOAD_ON_ACCESS); - if (loadOnAccess) { - user = UserUtility.getUser(request); - if (user.isGuest()) { - controllerAssistant.registerAction(UserUtility.getGuest(request), LogEntryState.UNAUTHORIZED); - throw new AuthorizationException("The user '" + user.getId() + "' does not have all needed permissions"); + try { + final boolean loadOnAccess = ViewerFactory.getViewerConfiguration().getViewerConfigurationAsBoolean(false, + ViewerConstants.PROPERTY_PLUGIN_LOAD_ON_ACCESS); + if (loadOnAccess) { + user = UserUtility.getUser(request); + if (user.isGuest()) { + controllerAssistant.registerAction(UserUtility.getGuest(request), LogEntryState.UNAUTHORIZED); + throw new AuthorizationDeniedException( + "The user '" + user.getId() + "' does not have all needed permissions"); + } + } else { + user = controllerAssistant.checkRoles(request); } - } else { - user = controllerAssistant.checkRoles(request); - } - try { final ViewerDatabase database = ViewerFactory.getSolrManager().retrieve(ViewerDatabase.class, databaseUUID); return new StringResponse(SIARDController.loadFromLocal(database.getPath(), databaseUUID, siardVersion)); - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException | AuthorizationDeniedException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -215,10 +216,13 @@ public ProgressData getProgressData(String databaseUUID, String collectionUUID) ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return ProgressData.getInstance(databaseUUID); + } catch (AuthorizationException e) { + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID); @@ -230,9 +234,10 @@ public Boolean deleteCollection(String databaseUUID, String collectionUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final String collectionName = SOLR_INDEX_ROW_COLLECTION_NAME_PREFIX + databaseUUID; if (SolrClientFactory.get().deleteCollection(collectionName)) { Filter savedSearchFilter = new Filter(new SimpleFilterParameter(SOLR_SEARCHES_DATABASE_UUID, databaseUUID)); @@ -242,7 +247,7 @@ public Boolean deleteCollection(String databaseUUID, String collectionUUID) { ViewerFactory.getSolrManager().markDatabaseCollection(databaseUUID, ViewerDatabaseStatus.METADATA_ONLY); return true; } - } catch (GenericException | RequestNotValidException e) { + } catch (GenericException | RequestNotValidException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -261,13 +266,14 @@ public List getCollectionConfiguration(String databaseUUID, St ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final CollectionStatus configurationCollection = ViewerFactory.getConfigurationManager() .getConfigurationCollection(databaseUUID, collectionUUID); return Collections.singletonList(configurationCollection); - } catch (GenericException e) { + } catch (GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -281,11 +287,12 @@ public Boolean updateCollectionConfiguration(String databaseUUID, String collect ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); ViewerFactory.getConfigurationManager().updateCollectionStatus(databaseUUID, status); - } catch (ViewerException e) { + } catch (ViewerException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -305,10 +312,11 @@ public DenormalizeConfiguration getDenormalizeConfigurationFile(String databaseU ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { - java.nio.file.Path path = ViewerConfiguration.getInstance().getDatabasesPath().resolve(databaseUUID) + user = controllerAssistant.checkRoles(request); + Path path = ViewerConfiguration.getInstance().getDatabasesPath().resolve(databaseUUID) .resolve(ViewerConstants.DENORMALIZATION_STATUS_PREFIX + tableUUID + ViewerConstants.JSON_EXTENSION); if (Files.exists(path)) { return JsonTransformer.readObjectFromFile(path, DenormalizeConfiguration.class); @@ -317,9 +325,9 @@ public DenormalizeConfiguration getDenormalizeConfigurationFile(String databaseU ViewerTable table = database.getMetadata().getTable(tableUUID); return new DenormalizeConfiguration(databaseUUID, table); } - } catch (ViewerException | NotFoundException | GenericException e) { + } catch (ViewerException | NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; - throw new RESTException(e.getMessage()); + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID, @@ -333,26 +341,25 @@ public synchronized Boolean createDenormalizeConfigurationFile(String databaseUU ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); - - // check if there is no job running on table - for (JobExecution runningJobExecution : jobExplorer.findRunningJobExecutions("denormalizeJob")) { - if (runningJobExecution.getJobParameters().getString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM) - .equals(tableUUID)) { - throw new RESTException("A job is already running on this table", - com.google.gwt.http.client.Response.SC_CONFLICT); - } - } + User user = new User(); try { + user = controllerAssistant.checkRoles(request); + // check if there is no job running on table + for (JobExecution runningJobExecution : jobExplorer.findRunningJobExecutions("denormalizeJob")) { + if (runningJobExecution.getJobParameters().getString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM) + .equals(tableUUID)) { + throw new RESTException(new AlreadyExistsException("A job is already running on this table")); + } + } JsonTransformer.writeObjectToFile(configuration, ViewerConfiguration.getInstance().getDatabasesPath().resolve(databaseUUID) .resolve(ViewerConstants.DENORMALIZATION_STATUS_PREFIX + tableUUID + ViewerConstants.JSON_EXTENSION)); ViewerFactory.getConfigurationManager().addDenormalization(databaseUUID, ViewerConstants.DENORMALIZATION_STATUS_PREFIX + tableUUID); - } catch (GenericException | ViewerException e) { + } catch (GenericException | ViewerException | AuthorizationException e) { state = LogEntryState.FAILURE; - throw new RESTException(e.getMessage()); + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID, @@ -366,19 +373,20 @@ public Boolean deleteDenormalizeConfigurationFile(String databaseUUID, String co ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); ViewerFactory.getConfigurationManager().removeDenormalization(databaseUUID, ViewerConstants.DENORMALIZATION_STATUS_PREFIX + tableUUID); - java.nio.file.Path path = ViewerConfiguration.getInstance().getDatabasesPath().resolve(databaseUUID) + Path path = ViewerConfiguration.getInstance().getDatabasesPath().resolve(databaseUUID) .resolve(ViewerConstants.DENORMALIZATION_STATUS_PREFIX + tableUUID + ViewerConstants.JSON_EXTENSION); if (Files.exists(path)) { Files.delete(path); } - } catch (GenericException | IOException e) { + } catch (GenericException | IOException | AuthorizationException e) { state = LogEntryState.FAILURE; - throw new RESTException(e.getMessage()); + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID, @@ -392,26 +400,27 @@ public synchronized void run(String databaseUUID, String collectionUUID, String ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); - - // check if there is no job running on table - for (JobExecution runningJobExecution : jobExplorer.findRunningJobExecutions("denormalizeJob")) { - if (runningJobExecution.getJobParameters().getString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM) - .equals(tableUUID)) { - throw new RESTException("A job is already running on this table", - com.google.gwt.http.client.Response.SC_CONFLICT); + User user = new User(); + + try { + user = controllerAssistant.checkRoles(request); + + // check if there is no job running on table + for (JobExecution runningJobExecution : jobExplorer.findRunningJobExecutions("denormalizeJob")) { + if (runningJobExecution.getJobParameters().getString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM) + .equals(tableUUID)) { + throw new RESTException(new AlreadyExistsException("A job is already running on this table")); + } } - } - JobParametersBuilder jobBuilder = new JobParametersBuilder(); - jobBuilder.addDate(ViewerConstants.SOLR_SEARCHES_DATE_ADDED, new Date()); - jobBuilder.addString(ViewerConstants.INDEX_ID, SolrUtils.randomUUID()); - jobBuilder.addString(ViewerConstants.CONTROLLER_COLLECTION_ID_PARAM, collectionUUID); - jobBuilder.addString(ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID); - jobBuilder.addString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM, tableUUID); - JobParameters jobParameters = jobBuilder.toJobParameters(); + JobParametersBuilder jobBuilder = new JobParametersBuilder(); + jobBuilder.addDate(ViewerConstants.SOLR_SEARCHES_DATE_ADDED, new Date()); + jobBuilder.addString(ViewerConstants.INDEX_ID, SolrUtils.randomUUID()); + jobBuilder.addString(ViewerConstants.CONTROLLER_COLLECTION_ID_PARAM, collectionUUID); + jobBuilder.addString(ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID); + jobBuilder.addString(ViewerConstants.CONTROLLER_TABLE_ID_PARAM, tableUUID); + JobParameters jobParameters = jobBuilder.toJobParameters(); - try { JobController.addMinimalSolrBatchJob(jobParameters); JobExecution jobExecution = jobLauncher.run(job, jobParameters); JobController.editSolrBatchJob(jobExecution); @@ -420,9 +429,9 @@ public synchronized void run(String databaseUUID, String collectionUUID, String JobController.setMessageToSolrBatchJob(jobExecution, "Queue is full, please try later"); } } catch (JobExecutionAlreadyRunningException | JobRestartException | JobInstanceAlreadyCompleteException - | JobParametersInvalidException | NotFoundException | GenericException e) { + | JobParametersInvalidException | NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; - throw new RESTException(e.getMessage()); + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, databaseUUID, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, @@ -439,17 +448,18 @@ public IndexResult findRows(String databaseUUID, String collectionUUI ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); long count = 0; try { + user = controllerAssistant.checkRoles(request); final IndexResult viewerRowIndexResult = ViewerFactory.getSolrManager().findRows(databaseUUID, findRequest.filter, findRequest.sorter, findRequest.sublist, findRequest.facets, findRequest.fieldsToReturn, findRequest.extraParameters); count = viewerRowIndexResult.getTotalCount(); return viewerRowIndexResult; - } catch (GenericException | RequestNotValidException e) { + } catch (GenericException | RequestNotValidException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -467,16 +477,17 @@ public ViewerRow retrieveRow(String databaseUUID, String collectionUUID, String ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final ViewerRow viewerRow = ViewerFactory.getSolrManager().retrieveRows(databaseUUID, rowIndex); if (viewerRow.getTableId().equals(schema + "." + table)) { return viewerRow; } else { throw new NotFoundException("Row not found"); } - } catch (NotFoundException | GenericException e) { + } catch (NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -497,11 +508,12 @@ public ResponseEntity exportLOB( ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); DatabaseRowsSolrManager solrManager = ViewerFactory.getSolrManager(); try { + user = controllerAssistant.checkRoles(request); ViewerRow row = solrManager.retrieveRows(databaseUUID, rowIndex); final ViewerDatabase database = solrManager.retrieve(ViewerDatabase.class, databaseUUID); final CollectionStatus configurationCollection = ViewerFactory.getConfigurationManager() @@ -523,7 +535,7 @@ public ResponseEntity exportLOB( return handleInternalLobDownload(database.getPath(), configTable, row, columnIndex, version); } } - } catch (NotFoundException | GenericException | IOException e) { + } catch (NotFoundException | GenericException | IOException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -568,8 +580,8 @@ private ResponseEntity handleClobDownload(TableStatus tab private ResponseEntity handleExternalLobDownload(TableStatus tableConfiguration, ViewerRow row, int columnIndex) throws IOException { final String lobLocation = row.getCells().get(tableConfiguration.getColumnByIndex(columnIndex).getId()).getValue(); - final java.nio.file.Path lobPath = Paths.get(lobLocation); - final java.nio.file.Path completeLobPath = ViewerFactory.getViewerConfiguration().getSIARDFilesPath() + final Path lobPath = Paths.get(lobLocation); + final Path completeLobPath = ViewerFactory.getViewerConfiguration().getSIARDFilesPath() .resolve(lobPath); String handlebarsFilename = HandlebarsUtils.applyExportTemplate(row, tableConfiguration, columnIndex); @@ -616,7 +628,7 @@ private ResponseEntity handleInternalLobDownload(String d Files.copy(p, zos); zos.closeEntry(); } catch (IOException e) { - throw new RESTException("Error creating zip", e); + throw new RESTException(e); } }); } @@ -666,13 +678,14 @@ public ResponseEntity exportFindToCSV( ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); DatabaseRowsSolrManager solrManager = ViewerFactory.getSolrManager(); FindRequest findRequest = null; try { + user = controllerAssistant.checkRoles(request); final ViewerDatabase database = solrManager.retrieve(ViewerDatabase.class, databaseUUID); findRequest = JsonUtils.getObjectFromJson(findRequestJson, FindRequest.class); final CollectionStatus configurationCollection = ViewerFactory.getConfigurationManager() @@ -686,7 +699,7 @@ public ResponseEntity exportFindToCSV( return handleCSVExportWithLobs(solrManager, configurationCollection, database, databaseUUID, configTable, findRequest, zipFilename, filename, exportDescription, fieldsToHeader); } - } catch (GenericException | RequestNotValidException | NotFoundException e) { + } catch (GenericException | RequestNotValidException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -725,9 +738,10 @@ public ResponseEntity exportSingleRowToCSV( DatabaseRowsSolrManager solrManager = ViewerFactory.getSolrManager(); LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final ViewerDatabase database = solrManager.retrieve(ViewerDatabase.class, databaseUUID); final ViewerRow viewerRow = solrManager.retrieveRows(databaseUUID, rowIndex); final CollectionStatus configurationCollection = ViewerFactory.getConfigurationManager() @@ -744,7 +758,7 @@ public ResponseEntity exportSingleRowToCSV( } else { throw new NotFoundException("Table not found."); } - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -828,23 +842,25 @@ public StringResponse saveSavedSearch(String databaseUUID, String collectionUUID ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); - - String searchInfoJson = JsonUtils.getJsonFromObject(searchInfo); - + User user = new User(); SavedSearch savedSearch = new SavedSearch(); - savedSearch.setUuid(SolrUtils.randomUUID()); - savedSearch.setName(name); - savedSearch.setDescription(description); - savedSearch.setDatabaseUUID(databaseUUID); - savedSearch.setTableUUID(tableUUID); - savedSearch.setTableName(tableUUID); - savedSearch.setSearchInfoJson(searchInfoJson); try { + user = controllerAssistant.checkRoles(request); + + String searchInfoJson = JsonUtils.getJsonFromObject(searchInfo); + + savedSearch.setUuid(SolrUtils.randomUUID()); + savedSearch.setName(name); + savedSearch.setDescription(description); + savedSearch.setDatabaseUUID(databaseUUID); + savedSearch.setTableUUID(tableUUID); + savedSearch.setTableName(tableUUID); + savedSearch.setSearchInfoJson(searchInfoJson); + ViewerFactory.getSolrManager().addSavedSearch(savedSearch); return new StringResponse(savedSearch.getUuid()); - } catch (NotFoundException | GenericException e) { + } catch (NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -863,16 +879,17 @@ public IndexResult findSavedSearches(String databaseUUID, String co ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); long count = 0; try { + user = controllerAssistant.checkRoles(request); final IndexResult savedSearchIndexResult = ViewerFactory.getSolrManager().find(SavedSearch.class, findRequest.filter, findRequest.sorter, findRequest.sublist, findRequest.facets); count = savedSearchIndexResult.getTotalCount(); return savedSearchIndexResult; - } catch (GenericException | RequestNotValidException e) { + } catch (GenericException | RequestNotValidException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -889,11 +906,12 @@ public SavedSearch retrieveSavedSearch(String databaseUUID, String collectionUUI ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return ViewerFactory.getSolrManager().retrieve(SavedSearch.class, savedSearchUUID); - } catch (NotFoundException | GenericException e) { + } catch (NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -909,11 +927,12 @@ public void updateSavedSearch(String databaseUUID, String collectionUUID, String ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); ViewerFactory.getSolrManager().editSavedSearch(databaseUUID, savedSearchUUID, name, description); - } catch (SavedSearchException e) { + } catch (SavedSearchException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -930,11 +949,12 @@ public void deleteSavedSearch(String databaseUUID, String collectionUUID, String ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); ViewerFactory.getSolrManager().deleteSavedSearch(savedSearchUUID); - } catch (SavedSearchException e) { + } catch (SavedSearchException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/ContextResource.java b/src/main/java/com/databasepreservation/common/api/v1/ContextResource.java index a9eb07a2b..3b46cf053 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/ContextResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/ContextResource.java @@ -14,6 +14,8 @@ import java.util.Map; import java.util.Set; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -67,7 +69,11 @@ public Map> getSharedProperties(String localeString) { @Override public Set getAuthorizationGroupsList() { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; - controllerAssistant.checkRoles(request); + try { + controllerAssistant.checkRoles(request); + } catch (AuthorizationException e) { + throw new RESTException(e); + } AuthorizationGroupsList authorizationGroupsList = ViewerConfiguration.getInstance() .getCollectionsAuthorizationGroupsWithDefault(); diff --git a/src/main/java/com/databasepreservation/common/api/v1/DatabaseResource.java b/src/main/java/com/databasepreservation/common/api/v1/DatabaseResource.java index 5377db7de..efd8ee499 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/DatabaseResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/DatabaseResource.java @@ -15,6 +15,8 @@ import java.util.Set; import java.util.UUID; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.apache.solr.client.solrj.SolrServerException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.NotFoundException; @@ -26,7 +28,6 @@ import com.databasepreservation.common.api.v1.utils.StringResponse; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.index.FindRequest; import com.databasepreservation.common.client.index.IndexResult; import com.databasepreservation.common.client.index.facets.FacetFieldResult; @@ -72,7 +73,13 @@ public IndexResult find(FindRequest findRequest, String localeSt ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user; + + try { + user = controllerAssistant.checkRoles(request); + } catch (AuthorizationException e) { + throw new RESTException(e); + } if (ViewerConfiguration.getInstance().getApplicationEnvironment().equals(ViewerConstants.APPLICATION_ENV_SERVER)) { if (user.isAdmin() || user.isWhiteList()) { @@ -97,7 +104,14 @@ public IndexResult find(FindRequest findRequest, String localeSt public IndexResult findAll(FindRequest findRequest, String localeString) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user; + + try { + user = controllerAssistant.checkRoles(request); + } catch (AuthorizationException e) { + throw new RESTException(e); + } + if (ViewerConfiguration.getInstance().getApplicationEnvironment().equals(ViewerConstants.APPLICATION_ENV_SERVER)) { if (user.isAdmin() || user.isWhiteList()) { return getCrossViewerDatabaseIndexResult(findRequest, controllerAssistant, user, state); @@ -115,11 +129,12 @@ public StringResponse create(String path, String siardVersion) { final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return new StringResponse(SIARDController.loadMetadataFromLocal(path, siardVersion)); - } catch (GenericException e) { + } catch (GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -330,13 +345,13 @@ public ViewerDatabase retrieve(String databaseUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); - - UserUtility.checkDatabasePermission(user, databaseUUID); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); + UserUtility.checkDatabasePermission(user, databaseUUID); return ViewerFactory.getSolrManager().retrieve(ViewerDatabase.class, databaseUUID); - } catch (NotFoundException | GenericException e) { + } catch (NotFoundException | GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -351,11 +366,12 @@ public Boolean delete(String databaseUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return SIARDController.deleteAll(databaseUUID); - } catch (RequestNotValidException | GenericException | NotFoundException e) { + } catch (RequestNotValidException | GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -370,12 +386,13 @@ public Set getDatabasePermissions(String databaseUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); DatabaseStatus databaseStatus = ViewerFactory.getConfigurationManager().getDatabaseStatus(databaseUUID); return databaseStatus.getPermissions(); - } catch (GenericException e) { + } catch (GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -390,11 +407,12 @@ public Set updateDatabasePermissions(String databaseUUID, Set pe ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return SIARDController.updateDatabasePermissions(databaseUUID, permissions); - } catch (GenericException | ViewerException e) { + } catch (GenericException | ViewerException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -409,11 +427,12 @@ public boolean updateDatabaseSearchAllAvailability(String databaseUUID) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return SIARDController.updateDatabaseSearchAllAvailability(databaseUUID); - } catch (GenericException | ViewerException | NotFoundException e) { + } catch (GenericException | ViewerException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/FileResource.java b/src/main/java/com/databasepreservation/common/api/v1/FileResource.java index 9b478f5dd..79ff28cbe 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/FileResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/FileResource.java @@ -19,6 +19,8 @@ import java.util.zip.ZipEntry; import java.util.zip.ZipOutputStream; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.roda.core.data.exceptions.AlreadyExistsException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.NotFoundException; @@ -37,7 +39,6 @@ import com.databasepreservation.common.api.utils.ApiResponseMessage; import com.databasepreservation.common.api.utils.ApiUtils; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.models.activity.logs.LogEntryState; import com.databasepreservation.common.client.models.user.User; import com.databasepreservation.common.client.services.FileService; @@ -63,13 +64,14 @@ public List list() { final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); - final java.nio.file.Path path = ViewerConfiguration.getInstance().getSIARDFilesPath(); try { + user = controllerAssistant.checkRoles(request); + final java.nio.file.Path path = ViewerConfiguration.getInstance().getSIARDFilesPath(); return java.nio.file.Files.walk(path).filter(java.nio.file.Files::isRegularFile).sorted(Comparator.naturalOrder()) .map(java.nio.file.Path::getFileName).map(java.nio.file.Path::toString).collect(Collectors.toList()); - } catch (IOException e) { + } catch (IOException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -83,9 +85,10 @@ public ResponseEntity getSIARDFile(String filename) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); java.nio.file.Path siardFilesPath = ViewerConfiguration.getInstance().getSIARDFilesPath(); java.nio.file.Path basePath = Paths.get(ViewerConfiguration.getInstance().getViewerConfigurationAsString("/", ViewerConfiguration.PROPERTY_BASE_UPLOAD_PATH)); @@ -105,7 +108,7 @@ public ResponseEntity getSIARDFile(String filename) { } else { throw new NotFoundException("SIARD file not found"); } - } catch (NotFoundException | FileNotFoundException e) { + } catch (NotFoundException | FileNotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } catch (IOException e) { @@ -139,13 +142,14 @@ public void deleteSiardFile(String filename) { final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); java.nio.file.Files.walk(ViewerConfiguration.getInstance().getSIARDFilesPath()).map(java.nio.file.Path::toFile) .filter(p -> p.getName().equals(filename)).forEach(File::delete); LOGGER.info("SIARD file removed from system ({})", filename); - } catch (IOException e) { + } catch (IOException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(new NotFoundException("Could not delete SIARD file: " + filename + " from the system")); } finally { @@ -159,28 +163,30 @@ public ResponseEntity createSIARDFile(MultipartFile resource ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); + String filename = ""; - String mediaType = ApiUtils.getMediaType(acceptFormat, request); - String filename = resource.getOriginalFilename(); - String fileExtension = Files.getFileExtension(filename); + // delegate action to controller + try { + user = controllerAssistant.checkRoles(request); - if (!fileExtension.equals(ViewerConstants.SIARD)) { - return ResponseEntity.status(HttpStatus.BAD_REQUEST) - .body(new ApiResponseMessage(ApiResponseMessage.ERROR, "Must be a SIARD file")); - } + String mediaType = ApiUtils.getMediaType(acceptFormat, request); + filename = resource.getOriginalFilename(); + String fileExtension = Files.getFileExtension(filename); - java.nio.file.Path path = Paths.get(ViewerConfiguration.getInstance().getSIARDFilesPath().toString(), filename); + if (!fileExtension.equals(ViewerConstants.SIARD)) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST) + .body(new ApiResponseMessage(ApiResponseMessage.ERROR, "Must be a SIARD file")); + } - // delegate action to controller - try { + java.nio.file.Path path = Paths.get(ViewerConfiguration.getInstance().getSIARDFilesPath().toString(), filename); Browser.createFile(resource.getInputStream(), filename, path); return ResponseEntity.ok().body(new ApiResponseMessage(ApiResponseMessage.OK, path.toString())); } catch (AlreadyExistsException e) { state = LogEntryState.FAILURE; return ResponseEntity.status(HttpStatus.CONFLICT) .body(new ApiResponseMessage(ApiResponseMessage.ERROR, "File already Exist")); - } catch (GenericException | IOException e) { + } catch (GenericException | IOException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/JobResource.java b/src/main/java/com/databasepreservation/common/api/v1/JobResource.java index c0c86d57b..1646fb72a 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/JobResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/JobResource.java @@ -7,6 +7,8 @@ */ package com.databasepreservation.common.api.v1; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.RequestNotValidException; import org.roda.core.data.utils.JsonUtils; @@ -15,7 +17,6 @@ import org.springframework.web.bind.annotation.RestController; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.index.FindRequest; import com.databasepreservation.common.client.index.IndexResult; import com.databasepreservation.common.client.models.activity.logs.LogEntryState; @@ -42,13 +43,14 @@ public IndexResult find(FindRequest findRequest, String locale) { ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final IndexResult result = ViewerFactory.getSolrManager().find(ViewerJob.class, findRequest.filter, findRequest.sorter, findRequest.sublist, findRequest.facets); return I18nUtility.translate(result, ViewerJob.class, locale); - } catch (GenericException | RequestNotValidException e) { + } catch (GenericException | RequestNotValidException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/MigrationResource.java b/src/main/java/com/databasepreservation/common/api/v1/MigrationResource.java index 688d7626b..2c7ed21b8 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/MigrationResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/MigrationResource.java @@ -10,6 +10,7 @@ import java.util.Collections; import java.util.List; +import com.databasepreservation.common.api.exceptions.RESTException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.NotFoundException; import org.springframework.beans.factory.annotation.Autowired; @@ -18,7 +19,6 @@ import com.databasepreservation.common.api.v1.utils.StringResponse; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.models.activity.logs.LogEntryState; import com.databasepreservation.common.client.models.dbptk.Module; import com.databasepreservation.common.client.models.structure.ViewerDatabase; diff --git a/src/main/java/com/databasepreservation/common/api/v1/SiardResource.java b/src/main/java/com/databasepreservation/common/api/v1/SiardResource.java index 434958333..5fb9a68a5 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/SiardResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/SiardResource.java @@ -14,6 +14,8 @@ import java.text.SimpleDateFormat; import java.util.Date; +import com.databasepreservation.common.api.exceptions.RESTException; +import com.databasepreservation.common.exceptions.AuthorizationException; import org.roda.core.data.exceptions.GenericException; import org.roda.core.data.exceptions.NotFoundException; import org.springframework.beans.factory.annotation.Autowired; @@ -27,7 +29,6 @@ import org.springframework.web.bind.annotation.RestController; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.models.activity.logs.LogEntryState; import com.databasepreservation.common.client.models.parameters.SIARDUpdateParameters; import com.databasepreservation.common.client.models.progress.ValidationProgressData; @@ -59,14 +60,15 @@ public void deleteSIARDFile(String databaseUUID, String siardUUID) { final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); String path = ""; try { + user = controllerAssistant.checkRoles(request); final ViewerDatabase database = ViewerFactory.getSolrManager().retrieve(ViewerDatabase.class, databaseUUID); path = database.getPath(); SIARDController.deleteSIARDFileFromPath(database.getPath(), databaseUUID); - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -90,17 +92,18 @@ public Boolean validateSiard(String databaseUUID, String siardUUID, String valid final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); String result = null; String siardPath = ""; try { + user = controllerAssistant.checkRoles(request); final ViewerDatabase database = ViewerFactory.getSolrManager().retrieve(ViewerDatabase.class, databaseUUID); java.nio.file.Path siardFilesPath = ViewerConfiguration.getInstance().getSIARDFilesPath(); siardPath = siardFilesPath.resolve(database.getPath()).toString(); result = getValidationReportPath(validationReportPath, database.getMetadata().getName()); return SIARDController.validateSIARD(databaseUUID, siardPath, result, allowedTypePath, skipAdditionalChecks); - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -116,10 +119,13 @@ public ValidationProgressData getValidationProgressData(String databaseUUID, Str ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return ValidationProgressData.getInstance(databaseUUID); + } catch (AuthorizationException e) { + throw new RESTException(e); } finally { // register action controllerAssistant.registerAction(user, state, ViewerConstants.CONTROLLER_DATABASE_ID_PARAM, databaseUUID); @@ -134,22 +140,23 @@ public ResponseEntity getValidationReportFile( ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); DatabaseRowsSolrManager solrManager = ViewerFactory.getSolrManager(); ViewerDatabase database = null; try { + user = controllerAssistant.checkRoles(request); database = solrManager.retrieve(ViewerDatabase.class, databaseUUID); File file = new File(database.getValidatorReportPath()); if (!file.exists()) { - throw new RESTException(new NotFoundException("validation report file not found")); + throw new NotFoundException("validation report file not found"); } InputStreamResource resource = new InputStreamResource(new FileInputStream(file)); return ResponseEntity.ok().header("Content-Disposition", "attachment; filename=\"" + file.getName() + "\"") .contentLength(file.length()).contentType(MediaType.APPLICATION_OCTET_STREAM).body(resource); - } catch (NotFoundException | GenericException | FileNotFoundException e) { + } catch (NotFoundException | GenericException | FileNotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -163,11 +170,12 @@ public void deleteValidationReport(String databaseUUID, String siardUUID, String final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); SIARDController.deleteValidatorReportFileFromPath(path, databaseUUID); - } catch (GenericException e) { + } catch (GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -186,11 +194,12 @@ public ViewerMetadata updateMetadataInformation(String databaseUUID, String siar final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); return SIARDController.updateMetadataInformation(databaseUUID, path, parameters, updateOnModel); - } catch (GenericException e) { + } catch (GenericException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { @@ -205,12 +214,13 @@ public ViewerMetadata getMetadataInformation(String databaseUUID, String siardUU final ControllerAssistant controllerAssistant = new ControllerAssistant() {}; LogEntryState state = LogEntryState.SUCCESS; - User user = controllerAssistant.checkRoles(request); + User user = new User(); try { + user = controllerAssistant.checkRoles(request); final ViewerDatabase database = ViewerFactory.getSolrManager().retrieve(ViewerDatabase.class, databaseUUID); return database.getMetadata(); - } catch (GenericException | NotFoundException e) { + } catch (GenericException | NotFoundException | AuthorizationException e) { state = LogEntryState.FAILURE; throw new RESTException(e); } finally { diff --git a/src/main/java/com/databasepreservation/common/api/v1/ThemeResource.java b/src/main/java/com/databasepreservation/common/api/v1/ThemeResource.java index 24b3726c5..b0cc0ae53 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/ThemeResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/ThemeResource.java @@ -10,6 +10,7 @@ import java.io.IOException; import java.io.InputStream; +import com.databasepreservation.common.api.exceptions.RESTException; import org.roda.core.data.exceptions.NotFoundException; import org.roda.core.data.v2.common.Pair; import org.springframework.http.ResponseEntity; @@ -49,7 +50,7 @@ public ResponseEntity getResource( if (themeResource.getSecond() != null) { return ApiUtils.okResponse(Theme.getThemeResourceStreamResponse(themeResource), request); } else { - throw new NotFoundException("File not found: " + resourceId); + throw new RESTException(new NotFoundException("File not found: " + resourceId)); } } } diff --git a/src/main/java/com/databasepreservation/common/client/ClientLogger.java b/src/main/java/com/databasepreservation/common/client/ClientLogger.java index 38054871e..5d1748a84 100644 --- a/src/main/java/com/databasepreservation/common/client/ClientLogger.java +++ b/src/main/java/com/databasepreservation/common/client/ClientLogger.java @@ -10,12 +10,12 @@ import java.util.logging.Level; import java.util.logging.Logger; +import com.databasepreservation.common.api.exceptions.RESTException; import com.google.gwt.http.client.Response; import org.fusesource.restygwt.client.Method; import org.fusesource.restygwt.client.MethodCallback; import com.databasepreservation.common.client.common.dialogs.Dialogs; -import com.databasepreservation.common.client.exceptions.RESTException; import com.databasepreservation.common.client.services.ClientLoggerService; import com.google.gwt.core.client.GWT; import com.google.gwt.core.client.GWT.UncaughtExceptionHandler; diff --git a/src/main/java/com/databasepreservation/common/client/exceptions/RESTException.java b/src/main/java/com/databasepreservation/common/client/exceptions/RESTException.java deleted file mode 100644 index 9b2c6e985..000000000 --- a/src/main/java/com/databasepreservation/common/client/exceptions/RESTException.java +++ /dev/null @@ -1,96 +0,0 @@ -/** - * The contents of this file are subject to the license and copyright - * detailed in the LICENSE file at the root of the source - * tree and available online at - * - * https://github.com/keeps/dbptk-ui - */ -package com.databasepreservation.common.client.exceptions; - -import org.apache.solr.client.solrj.SolrServerException; -import org.apache.solr.common.SolrException; -import org.roda.core.data.exceptions.AlreadyExistsException; -import org.roda.core.data.exceptions.AuthorizationDeniedException; -import org.roda.core.data.exceptions.GenericException; -import org.roda.core.data.exceptions.NotFoundException; - -import com.google.gwt.http.client.Response; -import org.roda.core.data.exceptions.RequestNotValidException; - -/** - * @author Miguel Guimarães - */ -public class RESTException extends RuntimeException { - - private int status = Response.SC_INTERNAL_SERVER_ERROR; - - public RESTException() { - } - - public RESTException(String message) { - super(message); - } - - public RESTException(String message, Throwable cause) { - super(message + getCauseMessage(cause)); - this.status = getResponseStatusCode(cause); - } - - public RESTException(Throwable cause) { - super("Remote exception" + getCauseMessage(cause)); - this.status = getResponseStatusCode(cause); - } - - public RESTException(String message, int status) { - super(message); - this.status = status; - } - - public RESTException(Throwable cause, int status) { - super("Remote exception" + getCauseMessage(cause)); - this.status = status; - } - - private static String getCauseMessage(Throwable e) { - StringBuilder message = new StringBuilder(); - Throwable cause = e; - - while (cause != null) { - message.append(" caused by ").append(cause.getClass().getSimpleName()).append(": "); - if (cause.getMessage() != null) { - message.append(cause.getMessage()); - } - cause = cause.getCause(); - } - return message.toString(); - } - - public int getStatus() { - return status; - } - - public void setStatus(int status) { - this.status = status; - } - - public RESTException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) { - super(message, cause, enableSuppression, writableStackTrace); - } - - private int getResponseStatusCode(Throwable cause) { - if (cause instanceof AuthorizationDeniedException) { - return Response.SC_UNAUTHORIZED; - } else if (cause instanceof NotFoundException) { - return Response.SC_NOT_FOUND; - } else if (cause instanceof AlreadyExistsException) { - return Response.SC_CONFLICT; - } else if (cause instanceof SavedSearchException) { - return Response.SC_BAD_REQUEST; - } else if (cause instanceof GenericException) { - return Response.SC_BAD_REQUEST; - } else if (cause instanceof RequestNotValidException) { - return Response.SC_BAD_REQUEST; - } - return Response.SC_INTERNAL_SERVER_ERROR; - } -} diff --git a/src/main/java/com/databasepreservation/common/client/exceptions/AuthorizationException.java b/src/main/java/com/databasepreservation/common/exceptions/AuthorizationException.java similarity index 73% rename from src/main/java/com/databasepreservation/common/client/exceptions/AuthorizationException.java rename to src/main/java/com/databasepreservation/common/exceptions/AuthorizationException.java index 92ce143a7..f38ded960 100644 --- a/src/main/java/com/databasepreservation/common/client/exceptions/AuthorizationException.java +++ b/src/main/java/com/databasepreservation/common/exceptions/AuthorizationException.java @@ -5,12 +5,13 @@ * * https://github.com/keeps/dbptk-ui */ -package com.databasepreservation.common.client.exceptions; +package com.databasepreservation.common.exceptions; + /** * @author Miguel Guimarães */ -public class AuthorizationException extends RESTException { +public class AuthorizationException extends Exception { public AuthorizationException() { } @@ -18,10 +19,6 @@ public AuthorizationException(String message) { super(message); } - public AuthorizationException(String message, int statusCode) { - super(message); - setStatus(statusCode); - } public AuthorizationException(Throwable cause) { super(cause); } diff --git a/src/main/java/com/databasepreservation/common/client/exceptions/SavedSearchException.java b/src/main/java/com/databasepreservation/common/exceptions/SavedSearchException.java similarity index 88% rename from src/main/java/com/databasepreservation/common/client/exceptions/SavedSearchException.java rename to src/main/java/com/databasepreservation/common/exceptions/SavedSearchException.java index 11793e0b5..21198afee 100644 --- a/src/main/java/com/databasepreservation/common/client/exceptions/SavedSearchException.java +++ b/src/main/java/com/databasepreservation/common/exceptions/SavedSearchException.java @@ -5,7 +5,7 @@ * * https://github.com/keeps/dbptk-ui */ -package com.databasepreservation.common.client.exceptions; +package com.databasepreservation.common.exceptions; /** * @author Miguel Guimarães diff --git a/src/main/java/com/databasepreservation/common/server/index/DatabaseRowsSolrManager.java b/src/main/java/com/databasepreservation/common/server/index/DatabaseRowsSolrManager.java index 3fd5b3279..a2eab21cc 100644 --- a/src/main/java/com/databasepreservation/common/server/index/DatabaseRowsSolrManager.java +++ b/src/main/java/com/databasepreservation/common/server/index/DatabaseRowsSolrManager.java @@ -37,7 +37,7 @@ import com.databasepreservation.common.client.ViewerConstants; import com.databasepreservation.common.client.common.search.SavedSearch; -import com.databasepreservation.common.client.exceptions.SavedSearchException; +import com.databasepreservation.common.exceptions.SavedSearchException; import com.databasepreservation.common.client.index.IndexResult; import com.databasepreservation.common.client.index.IsIndexed; import com.databasepreservation.common.client.index.facets.Facets; diff --git a/src/main/java/com/databasepreservation/common/utils/ControllerAssistant.java b/src/main/java/com/databasepreservation/common/utils/ControllerAssistant.java index d49dff0be..da1becdd6 100644 --- a/src/main/java/com/databasepreservation/common/utils/ControllerAssistant.java +++ b/src/main/java/com/databasepreservation/common/utils/ControllerAssistant.java @@ -21,7 +21,7 @@ import org.slf4j.LoggerFactory; import com.databasepreservation.common.client.ViewerConstants; -import com.databasepreservation.common.client.exceptions.AuthorizationException; +import com.databasepreservation.common.exceptions.AuthorizationException; import com.databasepreservation.common.client.models.activity.logs.LogEntryState; import com.databasepreservation.common.client.models.user.User; import com.databasepreservation.common.server.ViewerConfiguration; @@ -69,7 +69,7 @@ public User checkWhitelistedIPs(HttpServletRequest request) { return null; } - public User checkRoles(HttpServletRequest request) { + public User checkRoles(HttpServletRequest request) throws AuthorizationException { if (!ViewerFactory.getViewerConfiguration().getIsAuthenticationEnabled()) { final User noAuthenticationUser = UserUtility.getNoAuthenticationUser(); noAuthenticationUser.setIpAddress(request.getRemoteAddr()); diff --git a/src/main/java/com/databasepreservation/common/utils/UserUtility.java b/src/main/java/com/databasepreservation/common/utils/UserUtility.java index eadb113e7..79824889e 100644 --- a/src/main/java/com/databasepreservation/common/utils/UserUtility.java +++ b/src/main/java/com/databasepreservation/common/utils/UserUtility.java @@ -48,7 +48,7 @@ import com.databasepreservation.common.client.ViewerConstants; import com.databasepreservation.common.client.common.search.SavedSearch; -import com.databasepreservation.common.client.exceptions.AuthorizationException; +import com.databasepreservation.common.exceptions.AuthorizationException; import com.databasepreservation.common.client.index.IsIndexed; import com.databasepreservation.common.client.index.filter.Filter; import com.databasepreservation.common.client.index.filter.SimpleFilterParameter; @@ -129,8 +129,7 @@ public static void checkDatabasePermission(final User user, String databaseUUID) } } catch (GenericException e) { throw new AuthorizationException( - "Unable to load the configuration file needed to access database. Deny the access for that reason", - com.google.gwt.http.client.Response.SC_UNAUTHORIZED); + "Unable to load the configuration file needed to access database. Deny the access for that reason"); } } @@ -144,8 +143,7 @@ private static void checkAuthorizationGroups(final User user, Set databa // database without any permissions cannot be accessed by non-administrative // users if (databasePermissions.isEmpty()) { - throw new AuthorizationException("This database does not have any associated permissions", - com.google.gwt.http.client.Response.SC_UNAUTHORIZED); + throw new AuthorizationException("This database does not have any associated permissions"); } for (String permission : databasePermissions) { @@ -178,8 +176,7 @@ private static void checkAuthorizationGroups(final User user, Set databa } throw new AuthorizationException( - "The user '" + user.getId() + "' does not have the permissions needed to access database", - com.google.gwt.http.client.Response.SC_UNAUTHORIZED); + "The user '" + user.getId() + "' does not have the permissions needed to access database"); } private static String getPasswordOrTicket(final HttpServletRequest request, User user, String databaseUUID) diff --git a/src/main/java/com/databasepreservation/server/client/main/MainPanel.java b/src/main/java/com/databasepreservation/server/client/main/MainPanel.java index 81e0d660e..b87af1f71 100644 --- a/src/main/java/com/databasepreservation/server/client/main/MainPanel.java +++ b/src/main/java/com/databasepreservation/server/client/main/MainPanel.java @@ -136,7 +136,7 @@ public ContentPanel load(ViewerDatabase database, CollectionStatus status) { HistoryManager.gotoHome(); } } - }); + }, true); } else if (HistoryManager.ROUTE_HOME.equals(currentHistoryPath.get(0))) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override @@ -166,7 +166,7 @@ public ContentPanel load(ViewerDatabase database, CollectionStatus status) { } } } - }); + }, true); } else if (HistoryManager.ROUTE_ACTIVITY_LOG.equals(currentHistoryPath.get(0))) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override @@ -194,7 +194,7 @@ public ContentPanel load(ViewerDatabase database, CollectionStatus status) { } } } - }); + }, true); } else if (HistoryManager.ROUTE_SIARD_INFO.equals(currentHistoryPath.get(0))) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override @@ -216,7 +216,7 @@ public ContentPanel load(ViewerDatabase database, CollectionStatus status) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override public void onSuccess(User user) { - if (!user.isGuest()) { + if (user.isAdmin()) { String databaseUUID = currentHistoryPath.get(1); setContent(databaseUUID, new ContentPanelLoader() { @Override @@ -346,24 +346,32 @@ public RightPanel load(ViewerDatabase database, CollectionStatus status) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override public void onSuccess(User user) { - setContent(new ContentPanelLoader() { - @Override - public ContentPanel load(ViewerDatabase database, CollectionStatus status) { - return JobManager.getInstance(); - } - }); + if (user.isAdmin()) { + setContent(new ContentPanelLoader() { + @Override + public ContentPanel load(ViewerDatabase database, CollectionStatus status) { + return JobManager.getInstance(); + } + }); + } else { + HistoryManager.gotoHome(); + } } }, true); } else if (HistoryManager.ROUTE_PREFERENCES.equals(currentHistoryPath.get(0))) { UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { @Override public void onSuccess(User user) { - setContent(new ContentPanelLoader() { - @Override - public ContentPanel load(ViewerDatabase database, CollectionStatus status) { - return PreferencesPanel.createInstance(); - } - }); + if (user.isAdmin()) { + setContent(new ContentPanelLoader() { + @Override + public ContentPanel load(ViewerDatabase database, CollectionStatus status) { + return PreferencesPanel.createInstance(); + } + }); + } else { + HistoryManager.gotoHome(); + } } }, true); } else if (HistoryManager.ROUTE_DATABASE.equals(currentHistoryPath.get(0))) { @@ -446,200 +454,263 @@ public RightPanel load(ViewerDatabase database, CollectionStatus status) { handleErrorPath(currentHistoryPath); } } else { - UserLogin.getInstance().showSuggestLoginDialog(); + HistoryManager.gotoHome(); } } - }); + }, true); } else if (HistoryManager.ROUTE_VIEW.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() == 3) { - // #view// - String databaseUUID = currentHistoryPath.get(1); - String viewUUID = currentHistoryPath.get(2); - setContent(databaseUUID, currentHistoryPath.get(0), viewUUID, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return ViewPanel.getInstance(database, viewUUID); - } - }); - } else if (currentHistoryPath.size() == 4) { - // #view///options - String databaseUUID = currentHistoryPath.get(1); - String viewUUID = currentHistoryPath.get(2); - final String page = currentHistoryPath.get(3); - if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { - setContent(databaseUUID, currentHistoryPath.get(0), viewUUID, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return ViewPanelStructure.getInstance(database, viewUUID); + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() == 3) { + // #view// + String databaseUUID = currentHistoryPath.get(1); + String viewUUID = currentHistoryPath.get(2); + setContent(databaseUUID, currentHistoryPath.get(0), viewUUID, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return ViewPanel.getInstance(database, viewUUID); + } + }); + } else if (currentHistoryPath.size() == 4) { + // #view///options + String databaseUUID = currentHistoryPath.get(1); + String viewUUID = currentHistoryPath.get(2); + final String page = currentHistoryPath.get(3); + if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { + setContent(databaseUUID, currentHistoryPath.get(0), viewUUID, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return ViewPanelStructure.getInstance(database, viewUUID); + } + }); + } else { + // #table/... + handleErrorPath(currentHistoryPath); + } + } else { + // #table/... + handleErrorPath(currentHistoryPath); } - }); - } else { - // #table/... - handleErrorPath(currentHistoryPath); + } else { + HistoryManager.gotoHome(); + } } - } else { - // #table/... - handleErrorPath(currentHistoryPath); - } + }, true); } else if (HistoryManager.ROUTE_TABLE.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() == 5) { - // #table//data// - String databaseUUID = currentHistoryPath.get(1); - final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); - setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return TablePanel.getInstance(status, database, tableId, currentHistoryPath.get(0)); - } - }); + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() == 5) { + // #table//data//
+ String databaseUUID = currentHistoryPath.get(1); + final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); + setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return TablePanel.getInstance(status, database, tableId, currentHistoryPath.get(0)); + } + }); - } else if (currentHistoryPath.size() == 6) { - String databaseUUID = currentHistoryPath.get(1); - final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); - final String page = currentHistoryPath.get(5); - if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { - // #table//data//
/options - setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return TablePanelOptions.getInstance(status, database, tableId); - } - }); - - } else { - /// #table//data//
/ - setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return TablePanel.getInstance(status, database, tableId, page); + } else if (currentHistoryPath.size() == 6) { + String databaseUUID = currentHistoryPath.get(1); + final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); + final String page = currentHistoryPath.get(5); + if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { + // #table//data//
/options + setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return TablePanelOptions.getInstance(status, database, tableId); + } + }); + + } else { + /// #table//data//
/ + setContent(databaseUUID, HistoryManager.ROUTE_DATABASE, tableId, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return TablePanel.getInstance(status, database, tableId, page); + } + }); + } + } else { + // #table/... + handleErrorPath(currentHistoryPath); } - }); + } else { + HistoryManager.gotoHome(); + } } - } else { - // #table/... - handleErrorPath(currentHistoryPath); - } + }, true); } else if (HistoryManager.ROUTE_RECORD.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() == 6) { - // #record//data//
/ - String databaseUUID = currentHistoryPath.get(1); - final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); - final String rowIndex = currentHistoryPath.get(5); - setContent(databaseUUID, currentHistoryPath.get(0), tableId, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return RowPanel.createInstance(database, tableId, rowIndex, status); - } - }); - - } else { - // #record/... - handleErrorPath(currentHistoryPath); + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() == 6) { + // #record//data//
/ + String databaseUUID = currentHistoryPath.get(1); + final String tableId = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); + final String rowIndex = currentHistoryPath.get(5); + setContent(databaseUUID, currentHistoryPath.get(0), tableId, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return RowPanel.createInstance(database, tableId, rowIndex, status); + } + }); - } - } else if (HistoryManager.ROUTE_REFERENCES.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() == 5) { - // #references//// - String databaseUUID = currentHistoryPath.get(1); - final String tableUUID = currentHistoryPath.get(2); - final String recordUUID = currentHistoryPath.get(3); - final String columnIndex = currentHistoryPath.get(4); - setContent(databaseUUID, currentHistoryPath.get(0), tableUUID, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return ReferencesPanel.getInstance(database, tableUUID, recordUUID, columnIndex, status); + } else { + // #record/... + handleErrorPath(currentHistoryPath); + } + } else { + HistoryManager.gotoHome(); } - }); + } + }, true); + } else if (HistoryManager.ROUTE_REFERENCES.equals(currentHistoryPath.get(0))) { + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() == 5) { + // #references//// + String databaseUUID = currentHistoryPath.get(1); + final String tableUUID = currentHistoryPath.get(2); + final String recordUUID = currentHistoryPath.get(3); + final String columnIndex = currentHistoryPath.get(4); + setContent(databaseUUID, currentHistoryPath.get(0), tableUUID, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return ReferencesPanel.getInstance(database, tableUUID, recordUUID, columnIndex, status); + } + }); - } else { - // #references/... - handleErrorPath(currentHistoryPath); + } else { + // #references/... + handleErrorPath(currentHistoryPath); - } - } else if (HistoryManager.ROUTE_FOREIGN_KEY.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() >= 7) { - // #foreignkey//data//
///////... - // minimum: #foreignkey//data//
// - final String databaseUUID = currentHistoryPath.get(1); - final String tableID = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); - final List columnsAndValues = currentHistoryPath.subList(5, currentHistoryPath.size()); - String page = columnsAndValues.get(columnsAndValues.size() - 1); - if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { - setContent(databaseUUID, currentHistoryPath.get(0), tableID, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return ForeignKeyPanelOptions.getInstance(database, status, tableID, - columnsAndValues.subList(0, columnsAndValues.size() - 1)); } - }); - } else if (columnsAndValues.size() % 2 == 0) { - setContent(databaseUUID, currentHistoryPath.get(0), tableID, new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return ForeignKeyPanel.createInstance(database, tableID, columnsAndValues, status); + } else { + HistoryManager.gotoHome(); + } + } + }, true); + } else if (HistoryManager.ROUTE_FOREIGN_KEY.equals(currentHistoryPath.get(0))) { + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() >= 7) { + // #foreignkey//data//
///////... + // minimum: #foreignkey//data//
// + final String databaseUUID = currentHistoryPath.get(1); + final String tableID = currentHistoryPath.get(3) + "." + currentHistoryPath.get(4); + final List columnsAndValues = currentHistoryPath.subList(5, currentHistoryPath.size()); + String page = columnsAndValues.get(columnsAndValues.size() - 1); + if (page.equals(HistoryManager.ROUTE_TABLE_OPTIONS)) { + setContent(databaseUUID, currentHistoryPath.get(0), tableID, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return ForeignKeyPanelOptions.getInstance(database, status, tableID, + columnsAndValues.subList(0, columnsAndValues.size() - 1)); + } + }); + } else if (columnsAndValues.size() % 2 == 0) { + setContent(databaseUUID, currentHistoryPath.get(0), tableID, new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return ForeignKeyPanel.createInstance(database, tableID, columnsAndValues, status); + } + }); + } else { + handleErrorPath(currentHistoryPath); + } + } else { + handleErrorPath(currentHistoryPath); } - }); - } else { - handleErrorPath(currentHistoryPath); + } else { + HistoryManager.gotoHome(); + } } - } else { - handleErrorPath(currentHistoryPath); - } + }, true); } else if (HistoryManager.ROUTE_SAVED_SEARCHES.equals(currentHistoryPath.get(0))) { - if (currentHistoryPath.size() == 2) { - // #searches/ - final String databaseUUID = currentHistoryPath.get(1); - setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return DatabaseSearchesPanel.createInstance(database); - } - }); + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User user) { + if (!user.isGuest()) { + if (currentHistoryPath.size() == 2) { + // #searches/ + final String databaseUUID = currentHistoryPath.get(1); + setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return DatabaseSearchesPanel.createInstance(database); + } + }); - } else if (currentHistoryPath.size() == 3) { - // #searches// - final String databaseUUID = currentHistoryPath.get(1); - final String searchUUID = currentHistoryPath.get(2); - setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return TableSavedSearchPanel.createInstance(database, searchUUID, status); - } - }); + } else if (currentHistoryPath.size() == 3) { + // #searches// + final String databaseUUID = currentHistoryPath.get(1); + final String searchUUID = currentHistoryPath.get(2); + setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return TableSavedSearchPanel.createInstance(database, searchUUID, status); + } + }); - } else if (currentHistoryPath.size() == 4 - && HistoryManager.ROUTE_SAVED_SEARCHES_EDIT.equals(currentHistoryPath.get(3))) { - // #searches///edit - final String databaseUUID = currentHistoryPath.get(1); - final String searchUUID = currentHistoryPath.get(2); - setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { - @Override - public RightPanel load(ViewerDatabase database, CollectionStatus status) { - return TableSavedSearchEditPanel.createInstance(database, searchUUID); - } - }); + } else if (currentHistoryPath.size() == 4 + && HistoryManager.ROUTE_SAVED_SEARCHES_EDIT.equals(currentHistoryPath.get(3))) { + // #searches///edit + final String databaseUUID = currentHistoryPath.get(1); + final String searchUUID = currentHistoryPath.get(2); + setContent(databaseUUID, currentHistoryPath.get(0), currentHistoryPath.get(0), new RightPanelLoader() { + @Override + public RightPanel load(ViewerDatabase database, CollectionStatus status) { + return TableSavedSearchEditPanel.createInstance(database, searchUUID); + } + }); - } else { - handleErrorPath(currentHistoryPath); - } - } else if (HistoryManager.ROUTE_SIARD_EDIT_METADATA.equals(currentHistoryPath.get(0))) { - String databaseUUID = currentHistoryPath.get(1); - if (currentHistoryPath.size() == 2) { - setContent(databaseUUID, databaseUUID, new MetadataPanelLoad() { - @Override - public MetadataPanel load(ViewerDatabase database, ViewerSIARDBundle SIARDbundle) { - return MetadataInformation.getInstance(database, SIARDbundle); + } else { + handleErrorPath(currentHistoryPath); + } + } else { + HistoryManager.gotoHome(); } - }); - } else if (currentHistoryPath.size() == 3) { - final String user = currentHistoryPath.get(2); - setContent(databaseUUID, user, new MetadataPanelLoad() { - @Override - public MetadataPanel load(ViewerDatabase database, ViewerSIARDBundle SIARDbundle) { - return MetadataUsersPanel.getInstance(database, SIARDbundle); + } + }, true); + } else if (HistoryManager.ROUTE_SIARD_EDIT_METADATA.equals(currentHistoryPath.get(0))) { + UserLogin.getInstance().getAuthenticatedUser(new DefaultAsyncCallback() { + @Override + public void onSuccess(User authenticatedUser) { + if (authenticatedUser.isAdmin()) { + String databaseUUID = currentHistoryPath.get(1); + if (currentHistoryPath.size() == 2) { + setContent(databaseUUID, databaseUUID, new MetadataPanelLoad() { + @Override + public MetadataPanel load(ViewerDatabase database, ViewerSIARDBundle SIARDbundle) { + return MetadataInformation.getInstance(database, SIARDbundle); + } + }); + } else if (currentHistoryPath.size() == 3) { + final String user = currentHistoryPath.get(2); + setContent(databaseUUID, user, new MetadataPanelLoad() { + @Override + public MetadataPanel load(ViewerDatabase database, ViewerSIARDBundle SIARDbundle) { + return MetadataUsersPanel.getInstance(database, SIARDbundle); + } + }); + } + } else { + HistoryManager.gotoHome(); } - }); - } + } + }, true); + } else if (HistoryManager.ROUTE_DESKTOP_METADATA_TABLE.equals(currentHistoryPath.get(0))) { if (currentHistoryPath.size() == 3) { String databaseUUID = currentHistoryPath.get(1);