From 20c7ab300fcc64d6f34260f18cc46942cca43140 Mon Sep 17 00:00:00 2001 From: MatthieuBarbet Date: Wed, 26 Feb 2025 11:37:25 +0100 Subject: [PATCH] Feat: refactor checkIfAllowedForOrganisations --- .../ElasticCollectionReferenceService.java | 22 +++---- .../services/CollectionReferenceService.java | 66 +++++++++++-------- .../rest/collections/CollectionService.java | 18 +++-- .../io/arlas/server/tests/CollectionTool.java | 2 +- 4 files changed, 61 insertions(+), 47 deletions(-) diff --git a/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java b/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java index 3e6655085..2506db436 100644 --- a/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java +++ b/arlas-core/src/main/java/io/arlas/server/core/impl/elastic/services/ElasticCollectionReferenceService.java @@ -103,23 +103,19 @@ public List getAllCollectionReferences(Optional col } hits = client.search(requestBuilder.build(), CollectionReferenceParameters.class).hits().hits(); for (Hit hit : hits) { - try { CollectionReference colRef = new CollectionReference(hit.id(), hit.source()); - checkIfAllowedForOrganisations(colRef, organisations); - if (CollectionUtil.isCollectionPublic(colRef)) { - collections.add(colRef); - } else { - for (String c : allowedCollections) { - if (CollectionUtil.matches(c, hit.id())) { - collections.add(colRef); - break; + if (checkIfAllowedForOrganisations(colRef, organisations)) { + if (CollectionUtil.isCollectionPublic(colRef)) { + collections.add(colRef); + } else { + for (String c : allowedCollections) { + if (CollectionUtil.matches(c, hit.id())) { + collections.add(colRef); + break; + } } } } - } catch (CollectionUnavailableException e) { - LOGGER.warn(String.format("Collection %s not available for this organisation %s", - hit.id(), organisations)); - } } } while (!hits.isEmpty()); } catch (NotFoundException e) { diff --git a/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java b/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java index 48d4b75f7..89cbf8b63 100644 --- a/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java +++ b/arlas-core/src/main/java/io/arlas/server/core/services/CollectionReferenceService.java @@ -81,12 +81,16 @@ public CollectionReference getCollectionReference(String ref, Optional o collectionReference = getCollectionReferenceFromDao(ref); cacheManager.putCollectionReference(ref, collectionReference); } - checkIfAllowedForOrganisations(collectionReference, organisations); - if (!getMapping(collectionReference.params.indexName).isEmpty()){ - return collectionReference; + if (checkIfAllowedForOrganisations(collectionReference, organisations)) { + if (!getMapping(collectionReference.params.indexName).isEmpty()) { + return collectionReference; + } else { + throw new ArlasException("Collection " + ref + " exists but can not be described. Check if index or template ".concat(collectionReference.params.indexName).concat(" exists")); + } } else { - throw new ArlasException("Collection " + ref + " exists but can not be described. Check if index or template ".concat(collectionReference.params.indexName).concat(" exists")); + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); } + } protected Map> getMapping(String indexName) throws ArlasException { @@ -118,20 +122,23 @@ public CollectionReference updateDisplayNamesCollectionReference(String collecti throws ArlasException { CollectionReference collectionReference = getCollectionReference(collection, Optional.ofNullable(organisations)); ColumnFilterUtil.assertCollectionsAllowed(Optional.ofNullable(columnFilter), List.of(collectionReference)); - checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - if (collectionReference.params.collectionDisplayNames == null) { - collectionReference.params.collectionDisplayNames = new CollectionDisplayNames(); - } - if(fieldsDisplayNames != null){ - collectionReference.params.collectionDisplayNames.fields = fieldsDisplayNames; - } - if(shapeColumnsDisplayNames != null){ - collectionReference.params.collectionDisplayNames.shapeColumns = shapeColumnsDisplayNames; - } - if(collectionDisplayName != null){ - collectionReference.params.collectionDisplayNames.collection = collectionDisplayName; + if (checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + if (collectionReference.params.collectionDisplayNames == null) { + collectionReference.params.collectionDisplayNames = new CollectionDisplayNames(); + } + if(fieldsDisplayNames != null){ + collectionReference.params.collectionDisplayNames.fields = fieldsDisplayNames; + } + if(shapeColumnsDisplayNames != null){ + collectionReference.params.collectionDisplayNames.shapeColumns = shapeColumnsDisplayNames; + } + if(collectionDisplayName != null){ + collectionReference.params.collectionDisplayNames.collection = collectionDisplayName; + } + return putCollectionReference(collectionReference, true); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); } - return putCollectionReference(collectionReference, true); } public CollectionReference updateOrganisationsParamsCollectionReference(String collection, @@ -142,10 +149,13 @@ public CollectionReference updateOrganisationsParamsCollectionReference(String c throws ArlasException { CollectionReference collectionReference = getCollectionReference(collection, Optional.ofNullable(organisations)); ColumnFilterUtil.assertCollectionsAllowed(Optional.ofNullable(columnFilter), List.of(collectionReference)); - checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReference.params.collectionOrganisations.isPublic = isPublic; - collectionReference.params.collectionOrganisations.sharedWith = sharedWith; - return putCollectionReference(collectionReference, true); + if (checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReference.params.collectionOrganisations.isPublic = isPublic; + collectionReference.params.collectionOrganisations.sharedWith = sharedWith; + return putCollectionReference(collectionReference, true); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } public List describeAllCollections(List collectionReferenceList, @@ -398,10 +408,10 @@ private FieldType getFieldType(String field, String index) throws ArlasException return ret.get(); } - protected void checkIfAllowedForOrganisations(CollectionReference collection, + protected Boolean checkIfAllowedForOrganisations(CollectionReference collection, Optional organisations) throws CollectionUnavailableException { - checkIfAllowedForOrganisations(collection, organisations, false); + return checkIfAllowedForOrganisations(collection, organisations, false); } public void checkIfIndexAllowedForOrganisations(CollectionReference collection, @@ -430,14 +440,14 @@ public void checkIfIndexAllowedForOrganisations(CollectionReference collection, } } - public void checkIfAllowedForOrganisations(CollectionReference collection, + public Boolean checkIfAllowedForOrganisations(CollectionReference collection, Optional organisations, boolean ownerOnly) throws CollectionUnavailableException { if (organisations.isEmpty()) { // no header, we'll trust the column filter if any LOGGER.debug("No organisation header"); - return; + return true; } if (collection.params.collectionOrganisations == null) { @@ -448,7 +458,7 @@ public void checkIfAllowedForOrganisations(CollectionReference collection, if (!ownerOnly && collection.params.collectionOrganisations.isPublic) { LOGGER.debug(String.format("Collection %s organisation is public.", collection.collectionName)); - return; + return true; } List o = new ArrayList<>(); @@ -461,7 +471,9 @@ public void checkIfAllowedForOrganisations(CollectionReference collection, o.retainAll(Arrays.stream(organisations.get().split(",")).toList()); LOGGER.debug("allowed org=" + o); if (o.isEmpty()) { - throw new CollectionUnavailableException("The collection not available with organisation header: " + organisations.get()); + // the collection not available with the provided organisation header + return false; } + return true; } } diff --git a/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java b/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java index b09a71e7d..63cf72959 100644 --- a/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java +++ b/arlas-rest/src/main/java/io/arlas/server/rest/collections/CollectionService.java @@ -508,9 +508,12 @@ public CollectionReference save(String collection, CollectionReferenceParameters CheckParams.checkInvalidDublinCoreElementsForInspire(collectionReference); } CheckParams.checkInvalidInspireParameters(collectionReference); - collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReferenceService.checkIfIndexAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), Optional.ofNullable(configuration.arlasAuthPolicyClass)); - return collectionReferenceService.putCollectionReference(collectionReference, checkFields); + if (collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReferenceService.checkIfIndexAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), Optional.ofNullable(configuration.arlasAuthPolicyClass)); + return collectionReferenceService.putCollectionReference(collectionReference, checkFields); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } @Timed @@ -551,9 +554,12 @@ public Response delete( throw new NotAllowedException("Forbidden operation on '" + META_COLLECTION_NAME + "'"); } CollectionReference collectionReference = collectionReferenceService.getCollectionReference(collection,Optional.ofNullable(organisations)); - collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true); - collectionReferenceService.deleteCollectionReference(collection); - return ResponseFormatter.getSuccessResponse("Collection " + collection + " deleted."); + if (collectionReferenceService.checkIfAllowedForOrganisations(collectionReference, Optional.ofNullable(organisations), true)) { + collectionReferenceService.deleteCollectionReference(collection); + return ResponseFormatter.getSuccessResponse("Collection " + collection + " deleted."); + } else { + throw new CollectionUnavailableException("The collection not available with organisation header: " + Optional.ofNullable(organisations).get()); + } } private void removeMetacollection(List collectionReferences) { diff --git a/arlas-tests/src/test/java/io/arlas/server/tests/CollectionTool.java b/arlas-tests/src/test/java/io/arlas/server/tests/CollectionTool.java index b8e9af72e..ad6b2358e 100644 --- a/arlas-tests/src/test/java/io/arlas/server/tests/CollectionTool.java +++ b/arlas-tests/src/test/java/io/arlas/server/tests/CollectionTool.java @@ -170,10 +170,10 @@ public void loadCsw(long sleepAfter) throws IOException { } public void delete() throws IOException, ArlasException { - DataSetTool.clearDataSet(); //DELETE collection when().delete(getUrlPath()).then().statusCode(200); when().delete(arlasPath + "collections/" + COLLECTION_NAME_ACTOR).then().statusCode(200); + DataSetTool.clearDataSet(); } public void deleteCsw() throws IOException, ArlasException {