From 5fa140a5b8990efc650d1897a5dc16e4f93c545f Mon Sep 17 00:00:00 2001 From: Philip Durbin Date: Thu, 31 Mar 2016 16:26:15 -0400 Subject: [PATCH] index datasets when permission assigned #3039 --- .../homebrew/run-post-create-post-deploy | 2 +- .../harvard/iq/dataverse/api/Datasets.java | 32 ++++++++++ .../search/SolrIndexServiceBean.java | 1 + .../harvard/iq/dataverse/api/SearchIT.java | 64 +++++++++++++++++-- 4 files changed, 91 insertions(+), 8 deletions(-) diff --git a/scripts/database/homebrew/run-post-create-post-deploy b/scripts/database/homebrew/run-post-create-post-deploy index 6e1482f056b..b8edbeb40e9 100755 --- a/scripts/database/homebrew/run-post-create-post-deploy +++ b/scripts/database/homebrew/run-post-create-post-deploy @@ -1,5 +1,5 @@ #!/bin/sh scripts/database/homebrew/run-reference_data.sql > /tmp/run-reference_data.sql cd scripts/api -./setup-all.sh > /tmp/setup-all.sh.out 2> /tmp/setup-all.sh.err +./setup-all.sh --insecure > /tmp/setup-all.sh.out 2> /tmp/setup-all.sh.err cd ../.. diff --git a/src/main/java/edu/harvard/iq/dataverse/api/Datasets.java b/src/main/java/edu/harvard/iq/dataverse/api/Datasets.java index fb99f890143..7f5f8a9533c 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/Datasets.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/Datasets.java @@ -9,9 +9,13 @@ import edu.harvard.iq.dataverse.Dataverse; import edu.harvard.iq.dataverse.DataverseServiceBean; import edu.harvard.iq.dataverse.MetadataBlock; +import static edu.harvard.iq.dataverse.api.AbstractApiBean.errorResponse; +import edu.harvard.iq.dataverse.authorization.DataverseRole; +import edu.harvard.iq.dataverse.authorization.RoleAssignee; import edu.harvard.iq.dataverse.authorization.users.User; import edu.harvard.iq.dataverse.engine.command.Command; import edu.harvard.iq.dataverse.engine.command.DataverseRequest; +import edu.harvard.iq.dataverse.engine.command.impl.AssignRoleCommand; import edu.harvard.iq.dataverse.engine.command.impl.CreateDatasetVersionCommand; import edu.harvard.iq.dataverse.engine.command.impl.DeleteDatasetCommand; import edu.harvard.iq.dataverse.engine.command.impl.DeleteDatasetVersionCommand; @@ -45,6 +49,7 @@ import javax.json.JsonObjectBuilder; import javax.ws.rs.DELETE; import javax.ws.rs.GET; +import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; @@ -513,4 +518,31 @@ public Response getDdi(@QueryParam("id") long id, @QueryParam("persistentId") St } } + /** + * @todo Make this real. Currently only used for API testing. Copied from + * the equivalent API endpoint for dataverses and simplified with values + * hard coded. + */ + @POST + @Path("{identifier}/assignments") + public Response createAssignment(String userOrGroup, @PathParam("identifier") String id, @QueryParam("key") String apiKey) { + boolean apiTestingOnly = true; + if (apiTestingOnly) { + return errorResponse(Response.Status.FORBIDDEN, "This is only for API tests."); + } + try { + Dataset dataset = findDatasetOrDie(id); + RoleAssignee assignee = findAssignee(userOrGroup); + if (assignee == null) { + return errorResponse(Response.Status.BAD_REQUEST, "Assignee not found"); + } + DataverseRole theRole = rolesSvc.findBuiltinRoleByAlias("admin"); + return okResponse( + json(execCommand(new AssignRoleCommand(assignee, theRole, dataset, createDataverseRequest(findUserOrDie()))))); + } catch (WrappedResponse ex) { + LOGGER.log(Level.WARNING, "Can''t create assignment: {0}", ex.getMessage()); + return ex.getResponse(); + } + } + } diff --git a/src/main/java/edu/harvard/iq/dataverse/search/SolrIndexServiceBean.java b/src/main/java/edu/harvard/iq/dataverse/search/SolrIndexServiceBean.java index d8bf3497848..2c1a1620024 100644 --- a/src/main/java/edu/harvard/iq/dataverse/search/SolrIndexServiceBean.java +++ b/src/main/java/edu/harvard/iq/dataverse/search/SolrIndexServiceBean.java @@ -410,6 +410,7 @@ public IndexResponse indexPermissionsOnSelfAndChildren(DvObject definitionPoint) } else if (definitionPoint.isInstanceofDataset()) { // index the dataset itself indexPermissionsForOneDvObject(definitionPoint); + dvObjectsToReindexPermissionsFor.add(definitionPoint); // index files Dataset dataset = (Dataset) definitionPoint; for (DataFile datafile : filesToReIndexPermissionsFor(dataset)) { diff --git a/src/test/java/edu/harvard/iq/dataverse/api/SearchIT.java b/src/test/java/edu/harvard/iq/dataverse/api/SearchIT.java index be4355925d1..284dd8ff7d3 100644 --- a/src/test/java/edu/harvard/iq/dataverse/api/SearchIT.java +++ b/src/test/java/edu/harvard/iq/dataverse/api/SearchIT.java @@ -1,24 +1,19 @@ package edu.harvard.iq.dataverse.api; import com.google.common.base.Stopwatch; -import static com.jayway.restassured.RestAssured.given; import com.jayway.restassured.http.ContentType; import com.jayway.restassured.internal.path.xml.NodeChildrenImpl; import com.jayway.restassured.path.json.JsonPath; -import static com.jayway.restassured.path.json.JsonPath.with; import com.jayway.restassured.path.xml.XmlPath; -import static com.jayway.restassured.path.xml.XmlPath.from; import com.jayway.restassured.response.Response; import edu.harvard.iq.dataverse.Dataverse; import edu.harvard.iq.dataverse.search.IndexServiceBean; import edu.harvard.iq.dataverse.search.SearchFields; import edu.harvard.iq.dataverse.settings.SettingsServiceBean; import java.io.BufferedReader; -import java.io.File; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStreamReader; -import static java.lang.Thread.sleep; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; @@ -37,10 +32,14 @@ import javax.json.JsonObject; import javax.json.JsonObjectBuilder; import junit.framework.Assert; -import static junit.framework.Assert.assertEquals; import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; +import static com.jayway.restassured.RestAssured.given; +import static com.jayway.restassured.path.json.JsonPath.with; +import static com.jayway.restassured.path.xml.XmlPath.from; +import static java.lang.Thread.sleep; +import static junit.framework.Assert.assertEquals; public class SearchIT { @@ -373,6 +372,50 @@ public void homerGivesNedPermissionAtNewDv() { } + @Test + public void testAssignRoleAtDataset() throws InterruptedException { + Response createUser1 = UtilIT.createRandomUser(); + String username1 = UtilIT.getUsernameFromResponse(createUser1); + String apiToken1 = UtilIT.getApiTokenFromResponse(createUser1); + + Response createDataverse1Response = UtilIT.createRandomDataverse(apiToken1); + createDataverse1Response.prettyPrint(); + assertEquals(201, createDataverse1Response.getStatusCode()); + String dataverseAlias1 = UtilIT.getAliasFromResponse(createDataverse1Response); + + Response createDataset1Response = UtilIT.createRandomDatasetViaNativeApi(dataverseAlias1, apiToken1); + createDataset1Response.prettyPrint(); + assertEquals(201, createDataset1Response.getStatusCode()); + Integer datasetId1 = UtilIT.getDatasetIdFromResponse(createDataset1Response); + + Response createUser2 = UtilIT.createRandomUser(); + String username2 = UtilIT.getUsernameFromResponse(createUser2); + String apiToken2 = UtilIT.getApiTokenFromResponse(createUser2); + + String roleToAssign = "admin"; + Response grantUser2AccessOnDataset = grantRoleOnDataset(datasetId1.toString(), roleToAssign, username2, apiToken1); + grantUser2AccessOnDataset.prettyPrint(); + assertEquals(200, grantUser2AccessOnDataset.getStatusCode()); + sleep(500l); + Response shouldBeVisible = querySolr("id:dataset_" + datasetId1 + "_draft_permission"); + shouldBeVisible.prettyPrint(); + String discoverableBy = JsonPath.from(shouldBeVisible.asString()).getString("response.docs.discoverableBy"); + + Set actual = new HashSet<>(); + for (String userOrGroup : discoverableBy.replaceAll("\\[", "").replaceAll("\\]", "").replaceAll(" ", "").split(",")) { + actual.add(userOrGroup); + } + + Set expected = new HashSet<>(); + createUser1.prettyPrint(); + String userid1 = JsonPath.from(createUser1.asString()).getString("data.user.id"); + String userid2 = JsonPath.from(createUser2.asString()).getString("data.user.id"); + expected.add("group_user" + userid1); + expected.add("group_user" + userid2); + assertEquals(expected, actual); + + } + @Test public void homerPublishesVersion2AfterDeletingFile() throws InterruptedException { if (homerPublishesVersion2AfterDeletingFile) { @@ -744,6 +787,13 @@ private Response grantRole(String definitionPoint, String role, String roleAssig .post("api/dataverses/" + definitionPoint + "/assignments?key=" + apiToken); } + private Response grantRoleOnDataset(String definitionPoint, String role, String roleAssignee, String apiToken) { + System.out.println("Granting role on dataset \"" + definitionPoint + "\": " + role); + return given() + .body("@" + roleAssignee) + .post("api/datasets/" + definitionPoint + "/assignments?key=" + apiToken); + } + private static Response revokeRole(String definitionPoint, long doomed, String apiToken) { System.out.println("Attempting to revoke role assignment id " + doomed); /** @@ -853,7 +903,7 @@ private Response uploadZipFile(String persistentId, String zipFileName, String a Path path = Paths.get(pathToFileName); byte[] data = null; try { - data = Files.readAllBytes(path); + data = Files.readAllBytes(path); } catch (IOException ex) { logger.info("Could not read bytes from " + path + ": " + ex); }