From 33a2f10aace494b99e0962922de377a98bff5e5c Mon Sep 17 00:00:00 2001 From: MatthieuBarbet Date: Wed, 26 Feb 2025 11:37:25 +0100 Subject: [PATCH] Feat: refactor checkIfAllowedForOrganisations --- .../ElasticCollectionReferenceService.java | 19 +++---- .../services/CollectionReferenceService.java | 54 +++++++++++-------- .../rest/collections/CollectionService.java | 18 ++++--- 3 files changed, 53 insertions(+), 38 deletions(-) diff --git a/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java b/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java index 3e6655085..d65d76fec 100644 --- a/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java +++ b/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java @@ -105,17 +105,18 @@ public List getAllCollectionReferences(Optional col for (Hit hit : hits) { try { CollectionReference colRef = new CollectionReference(hit.id(), hit.source()); - checkIfAllowedForOrganisations(colRef, organisations); - if (CollectionUtil.isCollectionPublic(colRef)) { - collections.add(colRef); - } else { - for (String c : allowedCollections) { - if (CollectionUtil.matches(c, hit.id())) { - collections.add(colRef); - break; + if(checkIfAllowedForOrganisations(colRef, organisations)){ + if (CollectionUtil.isCollectionPublic(colRef)) { + collections.add(colRef); + } else { + for (String c : allowedCollections) { + if (CollectionUtil.matches(c, hit.id())) { + collections.add(colRef); + break; + } } } - } + }; } catch (CollectionUnavailableException e) { LOGGER.warn(String.format("Collection %s not available for this organisation %s", hit.id(), organisations)); diff --git a/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java b/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java index 48d4b75f7..dd327c0f5 100644 --- a/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java +++ b/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java @@ -118,20 +118,23 @@ public CollectionReference updateDisplayNamesCollectionReference(String collecti throws ArlasException { CollectionReference collectionReference = getCollectionReference(collection, Optional.ofNullable(organisations)); ColumnFilterUtil.assertCollectionsAllowed(Optional.ofNullable(columnFilter), List.of(collectionReference)); - checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - if (collectionReference.params.collectionDisplayNames == null) { - collectionReference.params.collectionDisplayNames = new CollectionDisplayNames(); - } - if(fieldsDisplayNames != null){ - collectionReference.params.collectionDisplayNames.fields = fieldsDisplayNames; - } - if(shapeColumnsDisplayNames != null){ - collectionReference.params.collectionDisplayNames.shapeColumns = shapeColumnsDisplayNames; - } - if(collectionDisplayName != null){ - collectionReference.params.collectionDisplayNames.collection = collectionDisplayName; + if (checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + if (collectionReference.params.collectionDisplayNames == null) { + collectionReference.params.collectionDisplayNames = new CollectionDisplayNames(); + } + if(fieldsDisplayNames != null){ + collectionReference.params.collectionDisplayNames.fields = fieldsDisplayNames; + } + if(shapeColumnsDisplayNames != null){ + collectionReference.params.collectionDisplayNames.shapeColumns = shapeColumnsDisplayNames; + } + if(collectionDisplayName != null){ + collectionReference.params.collectionDisplayNames.collection = collectionDisplayName; + } + return putCollectionReference(collectionReference, true); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); } - return putCollectionReference(collectionReference, true); } public CollectionReference updateOrganisationsParamsCollectionReference(String collection, @@ -142,10 +145,13 @@ public CollectionReference updateOrganisationsParamsCollectionReference(String c throws ArlasException { CollectionReference collectionReference = getCollectionReference(collection, Optional.ofNullable(organisations)); ColumnFilterUtil.assertCollectionsAllowed(Optional.ofNullable(columnFilter), List.of(collectionReference)); - checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReference.params.collectionOrganisations.isPublic = isPublic; - collectionReference.params.collectionOrganisations.sharedWith = sharedWith; - return putCollectionReference(collectionReference, true); + if (checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReference.params.collectionOrganisations.isPublic = isPublic; + collectionReference.params.collectionOrganisations.sharedWith = sharedWith; + return putCollectionReference(collectionReference, true); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } public List describeAllCollections(List collectionReferenceList, @@ -398,10 +404,10 @@ private FieldType getFieldType(String field, String index) throws ArlasException return ret.get(); } - protected void checkIfAllowedForOrganisations(CollectionReference collection, + protected Boolean checkIfAllowedForOrganisations(CollectionReference collection, Optional organisations) throws CollectionUnavailableException { - checkIfAllowedForOrganisations(collection, organisations, false); + return checkIfAllowedForOrganisations(collection, organisations, false); } public void checkIfIndexAllowedForOrganisations(CollectionReference collection, @@ -430,14 +436,14 @@ public void checkIfIndexAllowedForOrganisations(CollectionReference collection, } } - public void checkIfAllowedForOrganisations(CollectionReference collection, + public Boolean checkIfAllowedForOrganisations(CollectionReference collection, Optional organisations, boolean ownerOnly) throws CollectionUnavailableException { if (organisations.isEmpty()) { // no header, we'll trust the column filter if any LOGGER.debug("No organisation header"); - return; + return true; } if (collection.params.collectionOrganisations == null) { @@ -448,7 +454,7 @@ public void checkIfAllowedForOrganisations(CollectionReference collection, if (!ownerOnly && collection.params.collectionOrganisations.isPublic) { LOGGER.debug(String.format("Collection %s organisation is public.", collection.collectionName)); - return; + return true; } List o = new ArrayList<>(); @@ -461,7 +467,9 @@ public void checkIfAllowedForOrganisations(CollectionReference collection, o.retainAll(Arrays.stream(organisations.get().split(",")).toList()); LOGGER.debug("allowed org=" + o); if (o.isEmpty()) { - throw new CollectionUnavailableException("The collection not available with organisation header: " + organisations.get()); + LOGGER.warn("The collection not available with organisation header: " + organisations.get()); + return false; } + return true; } } diff --git a/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java b/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java index b09a71e7d..63cf72959 100644 --- a/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java +++ b/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java @@ -508,9 +508,12 @@ public CollectionReference save(String collection, CollectionReferenceParameters CheckParams.checkInvalidDublinCoreElementsForInspire(collectionReference); } CheckParams.checkInvalidInspireParameters(collectionReference); - collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReferenceService.checkIfIndexAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), Optional.ofNullable(configuration.arlasAuthPolicyClass)); - return collectionReferenceService.putCollectionReference(collectionReference, checkFields); + if (collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReferenceService.checkIfIndexAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), Optional.ofNullable(configuration.arlasAuthPolicyClass)); + return collectionReferenceService.putCollectionReference(collectionReference, checkFields); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } @Timed @@ -551,9 +554,12 @@ public Response delete( throw new NotAllowedException("Forbidden operation on '" + META_COLLECTION_NAME + "'"); } CollectionReference collectionReference = collectionReferenceService.getCollectionReference(collection,Optional.ofNullable(organisations)); - collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReferenceService.deleteCollectionReference(collection); - return ResponseFormatter.getSuccessResponse("Collection " + collection + " deleted."); + if (collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReferenceService.deleteCollectionReference(collection); + return ResponseFormatter.getSuccessResponse("Collection " + collection + " deleted."); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } private void removeMetacollection(List collectionReferences) {