Skip to content
Snippets Groups Projects
Commit 9713a744 authored by Nicola Fulvio Calabria's avatar Nicola Fulvio Calabria
Browse files

Task #3619 - Automatically set creator property when creating node.

Permission denied error (403) on payload/token userID mismatch enforced.
parent 386de80c
No related branches found
No related tags found
No related merge requests found
Pipeline #1039 passed
package it.inaf.oats.vospace; package it.inaf.oats.vospace;
import it.inaf.ia2.aa.data.User; import it.inaf.ia2.aa.data.User;
import it.inaf.oats.vospace.datamodel.NodeProperties;
import it.inaf.oats.vospace.datamodel.NodeUtils; import it.inaf.oats.vospace.datamodel.NodeUtils;
import net.ivoa.xml.vospace.v2.Node; import net.ivoa.xml.vospace.v2.Node;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
...@@ -13,6 +14,8 @@ import org.springframework.web.bind.annotation.PutMapping; ...@@ -13,6 +14,8 @@ import org.springframework.web.bind.annotation.PutMapping;
import it.inaf.oats.vospace.exception.*; import it.inaf.oats.vospace.exception.*;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import net.ivoa.xml.vospace.v2.Property;
import java.util.List;
@RestController @RestController
public class CreateNodeController extends BaseNodeController { public class CreateNodeController extends BaseNodeController {
...@@ -68,6 +71,25 @@ public class CreateNodeController extends BaseNodeController { ...@@ -68,6 +71,25 @@ public class CreateNodeController extends BaseNodeController {
throw new PermissionDeniedException(path); throw new PermissionDeniedException(path);
} }
// Check if node creator property is set. If not set it according to
// token. In case of creator mistmatch between node and token throw
// exception
String creator = NodeProperties.getNodePropertyByURI(
node, NodeProperties.CREATOR_URI);
if(creator == null)
{
Property creatorProperty = new Property();
creatorProperty.setUri(NodeProperties.CREATOR_URI);
creatorProperty.setValue(principal.getName());
node.getProperties().add(creatorProperty);
} else {
if(!creator.equals(principal.getName()))
// maybe a more specific exception would be more appropriate?
throw new PermissionDeniedException(path);
}
nodeDao.createNode(node); nodeDao.createNode(node);
return node; return node;
......
...@@ -5,6 +5,7 @@ import java.io.InputStream; ...@@ -5,6 +5,7 @@ import java.io.InputStream;
import java.net.URI; import java.net.URI;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import net.ivoa.xml.vospace.v2.Property; import net.ivoa.xml.vospace.v2.Property;
import it.inaf.oats.vospace.datamodel.NodeProperties;
import net.ivoa.xml.vospace.v2.UnstructuredDataNode; import net.ivoa.xml.vospace.v2.UnstructuredDataNode;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import static org.mockito.ArgumentMatchers.argThat; import static org.mockito.ArgumentMatchers.argThat;
...@@ -272,6 +273,57 @@ public class CreateNodeControllerTest { ...@@ -272,6 +273,57 @@ public class CreateNodeControllerTest {
verify(nodeDao, times(1)).createNode(any()); verify(nodeDao, times(1)).createNode(any());
} }
@Test
public void testWriteOwnerAbsent() throws Exception {
String requestBody =
getResourceFileContent("create-unstructured-data-node.xml");
when(nodeDao.listNode(eq("/")))
.thenReturn(Optional.of(getContainerParentNodeWithCreator("/")));
// no node creator specified in xml file
mockMvc.perform(put("/nodes/mydata1")
.header("Authorization", "Bearer user2_token")
.content(requestBody)
.contentType(MediaType.APPLICATION_XML)
.accept(MediaType.APPLICATION_XML))
.andDo(print())
.andExpect(status().is2xxSuccessful());
// assert creator properties now matches user2
verify(nodeDao, times(1)).createNode(argThat(node->{
UnstructuredDataNode udn = (UnstructuredDataNode) node;
String creator = NodeProperties.getNodePropertyByURI(
udn, NodeProperties.CREATOR_URI);
return (creator != null && creator.equals("user2"));
}
));
}
@Test
public void testWriteOwnerMismatch() throws Exception {
String requestBody =
getResourceFileContent("create-unstructured-data-node-user1.xml");
when(nodeDao.listNode(eq("/")))
.thenReturn(Optional.of(getContainerParentNodeWithCreator("/")));
// no node creator specified in xml file
mockMvc.perform(put("/nodes/mydata1")
.header("Authorization", "Bearer user2_token")
.content(requestBody)
.contentType(MediaType.APPLICATION_XML)
.accept(MediaType.APPLICATION_XML))
.andDo(print())
.andExpect(status().is4xxClientError());
// assert createNode is not called
verify(nodeDao, times(0)).createNode(any());
}
@Test @Test
public void testSubPath() throws Exception { public void testSubPath() throws Exception {
......
<vos:node xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:vos="http://www.ivoa.net/xml/VOSpace/v2.0" xsi:type="vos:UnstructuredDataNode" uri="vos://example.com!vospace/mydata1">
<vos:properties>
<vos:property uri="ivo://ivoa.net/vospace/core#description">test value</vos:property>
<vos:property uri="ivo://ivoa.net/vospace/core#creator">user1</vos:property>
</vos:properties>
<vos:accepts/>
<vos:provides/>
<vos:capabilities/>
</vos:node>
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment