diff --git a/afs/afs-local/src/main/java/com/powsybl/afs/local/storage/LocalAppStorage.java b/afs/afs-local/src/main/java/com/powsybl/afs/local/storage/LocalAppStorage.java index a435e7d2f4a..2cd06f0f065 100644 --- a/afs/afs-local/src/main/java/com/powsybl/afs/local/storage/LocalAppStorage.java +++ b/afs/afs-local/src/main/java/com/powsybl/afs/local/storage/LocalAppStorage.java @@ -193,6 +193,31 @@ public void setDescription(String nodeId, String description) { throw new AssertionError(); } + @Override + public void modifyUserAccessRights(String nodeId, String userName, Integer rights) { + throw new AssertionError(); + } + + @Override + public void modifyGroupAccessRights(String nodeId, String groupName, Integer rights) { + throw new AssertionError(); + } + + @Override + public void modifyOthersAccessRights(String nodeId, Integer rights) { + throw new AssertionError(); + } + + @Override + public boolean removeUserAccessRights(String nodeId, String userName) { + throw new AssertionError(); + } + + @Override + public boolean removeGroupAccessRights(String nodeId, String groupName) { + throw new AssertionError(); + } + @Override public void setConsistent(String nodeId) { throw new AssertionError(); diff --git a/afs/afs-mapdb-storage/src/main/java/com/powsybl/afs/mapdb/storage/MapDbAppStorage.java b/afs/afs-mapdb-storage/src/main/java/com/powsybl/afs/mapdb/storage/MapDbAppStorage.java index d5677a5a22c..0b0e0db9728 100644 --- a/afs/afs-mapdb-storage/src/main/java/com/powsybl/afs/mapdb/storage/MapDbAppStorage.java +++ b/afs/afs-mapdb-storage/src/main/java/com/powsybl/afs/mapdb/storage/MapDbAppStorage.java @@ -308,6 +308,55 @@ public void setDescription(String nodeId, String description) { nodeInfoMap.put(nodeUuid, nodeInfo); } + @Override + public void modifyUserAccessRights(String nodeId, String userName, Integer rights) { + UUID nodeUuid = checkNodeId(nodeId); + Objects.requireNonNull(userName); + Objects.requireNonNull(rights); + NodeInfo nodeInfo = getNodeInfo(nodeId); + nodeInfo.getAccessRights().setUserRights(userName, rights); + nodeInfoMap.put(nodeUuid, nodeInfo); + } + + @Override + public void modifyGroupAccessRights(String nodeId, String groupName, Integer rights) { + UUID nodeUuid = checkNodeId(nodeId); + Objects.requireNonNull(groupName); + Objects.requireNonNull(rights); + NodeInfo nodeInfo = getNodeInfo(nodeId); + nodeInfo.getAccessRights().setGroupRights(groupName, rights); + nodeInfoMap.put(nodeUuid, nodeInfo); + } + + @Override + public void modifyOthersAccessRights(String nodeId, Integer rights) { + UUID nodeUuid = checkNodeId(nodeId); + Objects.requireNonNull(rights); + NodeInfo nodeInfo = getNodeInfo(nodeId); + nodeInfo.getAccessRights().setOthersRights(rights); + nodeInfoMap.put(nodeUuid, nodeInfo); + } + + @Override + public boolean removeUserAccessRights(String nodeId, String userName) { + UUID nodeUuid = checkNodeId(nodeId); + Objects.requireNonNull(userName); + NodeInfo nodeInfo = getNodeInfo(nodeId); + nodeInfo.getAccessRights().getUsersRights().remove(userName); + nodeInfoMap.put(nodeUuid, nodeInfo); + return !nodeInfo.getAccessRights().getUsersRights().containsKey(userName); + } + + @Override + public boolean removeGroupAccessRights(String nodeId, String groupName) { + UUID nodeUuid = checkNodeId(nodeId); + Objects.requireNonNull(groupName); + NodeInfo nodeInfo = getNodeInfo(nodeId); + nodeInfo.getAccessRights().getGroupsRights().remove(groupName); + nodeInfoMap.put(nodeUuid, nodeInfo); + return !nodeInfo.getAccessRights().getGroupsRights().containsKey(groupName); + } + @Override public void setConsistent(String nodeId) { UUID nodeUuid = checkNodeId(nodeId); diff --git a/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/AppStorage.java b/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/AppStorage.java index c90780163f4..9a7f5b1245a 100644 --- a/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/AppStorage.java +++ b/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/AppStorage.java @@ -59,6 +59,43 @@ default boolean isConsistent(String nodeId) { void setDescription(String nodeId, String description); + /** + * + * @param nodeId Id of the node whose user rights have to be modified + * @param userName User name + * @param rights Access rights for the user + */ + void modifyUserAccessRights(String nodeId, String userName, Integer rights); + + /** + * + * @param nodeId Id of the node whose group rights have to be modified + * @param groupName Group name + * @param rights Access rights for the group + */ + void modifyGroupAccessRights(String nodeId, String groupName, Integer rights); + + /** + * + * @param nodeId Id of the node whose others rights have to be modified + * @param rights Access rights for other users + */ + void modifyOthersAccessRights(String nodeId, Integer rights); + + /** + * + * @param nodeId Id of the node whose user rights have to be removed + * @param userName User name + */ + boolean removeUserAccessRights(String nodeId, String userName); + + /** + * + * @param nodeId Id of the node whose group rights have to be removed + * @param groupName User name + */ + boolean removeGroupAccessRights(String nodeId, String groupName); + /** * mark the node with ID {@code nodeId} as consistent node. */ diff --git a/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/ForwardingAppStorage.java b/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/ForwardingAppStorage.java index 4b81aebb3cc..f71cdc45358 100644 --- a/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/ForwardingAppStorage.java +++ b/afs/afs-storage-api/src/main/java/com/powsybl/afs/storage/ForwardingAppStorage.java @@ -62,6 +62,31 @@ public void setDescription(String nodeId, String description) { storage.setDescription(nodeId, description); } + @Override + public void modifyUserAccessRights(String nodeId, String userName, Integer rights) { + storage.modifyUserAccessRights(nodeId, userName, rights); + } + + @Override + public void modifyGroupAccessRights(String nodeId, String groupName, Integer rights) { + storage.modifyGroupAccessRights(nodeId, groupName, rights); + } + + @Override + public void modifyOthersAccessRights(String nodeId, Integer rights) { + storage.modifyOthersAccessRights(nodeId, rights); + } + + @Override + public boolean removeUserAccessRights(String nodeId, String userName) { + return storage.removeUserAccessRights(nodeId, userName); + } + + @Override + public boolean removeGroupAccessRights(String nodeId, String groupName) { + return storage.removeGroupAccessRights(nodeId, groupName); + } + @Override public void setConsistent(String nodeId) { storage.setConsistent(nodeId); diff --git a/afs/afs-storage-api/src/test/java/com/powsybl/afs/storage/AbstractAppStorageTest.java b/afs/afs-storage-api/src/test/java/com/powsybl/afs/storage/AbstractAppStorageTest.java index 147b44f0262..a29102f8056 100644 --- a/afs/afs-storage-api/src/test/java/com/powsybl/afs/storage/AbstractAppStorageTest.java +++ b/afs/afs-storage-api/src/test/java/com/powsybl/afs/storage/AbstractAppStorageTest.java @@ -298,9 +298,25 @@ public void test() throws IOException, InterruptedException { assertEquals(ImmutableMap.of("d1", 1d), testData2Info.getGenericMetadata().getDoubles()); assertEquals(ImmutableMap.of("i1", 2), testData2Info.getGenericMetadata().getInts()); assertEquals(ImmutableMap.of("b1", false), testData2Info.getGenericMetadata().getBooleans()); + + // check access rights assertEquals(ImmutableMap.of("user1", 2, "user2", 4), testData2Info.getAccessRights().getUsersRights()); assertEquals(ImmutableMap.of("group1", 6), testData2Info.getAccessRights().getGroupsRights()); + storage.modifyUserAccessRights(testData2Info.getId(), "user1", 4); + storage.modifyGroupAccessRights(testData2Info.getId(), "group1", 4); + storage.flush(); + + assertEquals(ImmutableMap.of("user1", 4, "user2", 4), storage.getNodeInfo(testData2Info.getId()).getAccessRights().getUsersRights()); + assertEquals(ImmutableMap.of("group1", 4), storage.getNodeInfo(testData2Info.getId()).getAccessRights().getGroupsRights()); + + storage.removeUserAccessRights(testData2Info.getId(), "user1"); + storage.removeGroupAccessRights(testData2Info.getId(), "group1"); + storage.flush(); + + assertEquals(ImmutableMap.of("user2", 4), storage.getNodeInfo(testData2Info.getId()).getAccessRights().getUsersRights()); + assertEquals(ImmutableMap.of(), storage.getNodeInfo(testData2Info.getId()).getAccessRights().getGroupsRights()); + // 10) check data node 2 binary data write try (OutputStream os = storage.writeBinaryData(testData2Info.getId(), "blob")) { os.write("word2".getBytes(StandardCharsets.UTF_8)); diff --git a/afs/afs-ws/afs-ws-server/src/main/java/com/powsybl/afs/ws/server/AppStorageServer.java b/afs/afs-ws/afs-ws-server/src/main/java/com/powsybl/afs/ws/server/AppStorageServer.java index 37053c71452..353f91c53ee 100644 --- a/afs/afs-ws/afs-ws-server/src/main/java/com/powsybl/afs/ws/server/AppStorageServer.java +++ b/afs/afs-ws/afs-ws-server/src/main/java/com/powsybl/afs/ws/server/AppStorageServer.java @@ -195,6 +195,73 @@ public Response setDescription(@ApiParam(value = "File system name") @PathParam( return Response.ok().build(); } + @PUT + @Consumes(MediaType.TEXT_PLAIN) + @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/userRights/{userName}") + @ApiOperation (value = "") + @ApiResponses (value = {@ApiResponse(code = 200, message = ""), @ApiResponse(code = 500, message = "Error")}) + public Response modifyUserAccessRights(@ApiParam(value = "File system name") @PathParam("fileSystemName") String fileSystemName, + @ApiParam(value = "Node ID") @PathParam("nodeId") String nodeId, + @ApiParam(value = "User Name") @PathParam("userName") String userName, + @ApiParam(value = "Rights") @QueryParam("rights") Integer rights) { + AppStorage storage = appDataBean.getStorage(fileSystemName); + storage.modifyUserAccessRights(nodeId, userName, rights); + return Response.ok().build(); + } + + @PUT + @Consumes(MediaType.TEXT_PLAIN) + @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/groupRights/{groupName}") + @ApiOperation (value = "") + @ApiResponses (value = {@ApiResponse(code = 200, message = ""), @ApiResponse(code = 500, message = "Error")}) + public Response modifyGroupAccessRights(@ApiParam(value = "File system name") @PathParam("fileSystemName") String fileSystemName, + @ApiParam(value = "Node ID") @PathParam("nodeId") String nodeId, + @ApiParam(value = "Group Name") @PathParam("groupName") String groupName, + @ApiParam(value = "Rights") @QueryParam("rights") Integer rights) { + AppStorage storage = appDataBean.getStorage(fileSystemName); + storage.modifyGroupAccessRights(nodeId, groupName, rights); + return Response.ok().build(); + } + + @PUT + @Consumes(MediaType.TEXT_PLAIN) + @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/othersRights") + @ApiOperation (value = "") + @ApiResponses (value = {@ApiResponse(code = 200, message = ""), @ApiResponse(code = 500, message = "Error")}) + public Response modifyUserAccessRights(@ApiParam(value = "File system name") @PathParam("fileSystemName") String fileSystemName, + @ApiParam(value = "Node ID") @PathParam("nodeId") String nodeId, + @ApiParam(value = "Rights") @QueryParam("rights") Integer rights) { + AppStorage storage = appDataBean.getStorage(fileSystemName); + storage.modifyOthersAccessRights(nodeId, rights); + return Response.ok().build(); + } + + @DELETE + @Produces(MediaType.TEXT_PLAIN) + @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/userRights/{userName}") + @ApiOperation (value = "", response = Boolean.class) + @ApiResponses (value = {@ApiResponse(code = 200, message = ""), @ApiResponse(code = 404, message = ""), @ApiResponse(code = 500, message = "Error")}) + public Response removeUserAccessRights(@ApiParam(value = "File system name") @PathParam("fileSystemName") String fileSystemName, + @ApiParam(value = "Node ID") @PathParam("nodeId") String nodeId, + @ApiParam(value = "User name") @PathParam("userName") String userName) { + AppStorage storage = appDataBean.getStorage(fileSystemName); + boolean removed = storage.removeUserAccessRights(nodeId, userName); + return Response.ok().entity(removed).build(); + } + + @DELETE + @Produces(MediaType.TEXT_PLAIN) + @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/groupRights/{groupName}") + @ApiOperation (value = "", response = Boolean.class) + @ApiResponses (value = {@ApiResponse(code = 200, message = ""), @ApiResponse(code = 404, message = ""), @ApiResponse(code = 500, message = "Error")}) + public Response removeGroupAccessRights(@ApiParam(value = "File system name") @PathParam("fileSystemName") String fileSystemName, + @ApiParam(value = "Node ID") @PathParam("nodeId") String nodeId, + @ApiParam(value = "Group name") @PathParam("groupName") String groupName) { + AppStorage storage = appDataBean.getStorage(fileSystemName); + boolean removed = storage.removeGroupAccessRights(nodeId, groupName); + return Response.ok().entity(removed).build(); + } + @PUT @Consumes(MediaType.APPLICATION_JSON) @Path("fileSystems/{fileSystemName}/nodes/{nodeId}/consistent") diff --git a/afs/afs-ws/afs-ws-storage/src/main/java/com/powsybl/afs/ws/storage/RemoteAppStorage.java b/afs/afs-ws/afs-ws-storage/src/main/java/com/powsybl/afs/ws/storage/RemoteAppStorage.java index 753f5951039..365e84da2e5 100644 --- a/afs/afs-ws/afs-ws-storage/src/main/java/com/powsybl/afs/ws/storage/RemoteAppStorage.java +++ b/afs/afs-ws/afs-ws-storage/src/main/java/com/powsybl/afs/ws/storage/RemoteAppStorage.java @@ -225,6 +225,137 @@ public void setDescription(String nodeId, String description) { } } + @Override + public void modifyUserAccessRights(String nodeId, String userName, Integer rights) { + Objects.requireNonNull(nodeId); + Objects.requireNonNull(userName); + Objects.requireNonNull(rights); + + // flush buffer to keep change order + changeBuffer.flush(); + + LOGGER.debug("modifyUserAccessRights(fileSystemName={}, nodeId={}, userName={}, rights={})", fileSystemName, nodeId, userName, rights); + + Response response = webTarget.path("fileSystems/{fileSystemName}/nodes/{nodeId}/userRights/{userName}") + .resolveTemplate(FILE_SYSTEM_NAME, fileSystemName) + .resolveTemplate(NODE_ID, nodeId) + .resolveTemplate("userName", userName) + .queryParam("rights", rights) + .request() + .header(HttpHeaders.AUTHORIZATION, token) + .header(HttpHeaders.CONTENT_ENCODING, "gzip") + .acceptEncoding("gzip") + .put(Entity.text("")); + try { + checkOk(response); + } finally { + response.close(); + } + } + + @Override + public void modifyGroupAccessRights(String nodeId, String groupName, Integer rights) { + Objects.requireNonNull(nodeId); + Objects.requireNonNull(groupName); + Objects.requireNonNull(rights); + + // flush buffer to keep change order + changeBuffer.flush(); + + LOGGER.debug("modifyGroupAccessRights(fileSystemName={}, nodeId={}, groupName={}, rights={})", fileSystemName, nodeId, groupName, rights); + + Response response = webTarget.path("fileSystems/{fileSystemName}/nodes/{nodeId}/groupRights/{groupName}") + .resolveTemplate(FILE_SYSTEM_NAME, fileSystemName) + .resolveTemplate(NODE_ID, nodeId) + .resolveTemplate("groupName", groupName) + .queryParam("rights", rights) + .request() + .header(HttpHeaders.AUTHORIZATION, token) + .header(HttpHeaders.CONTENT_ENCODING, "gzip") + .acceptEncoding("gzip") + .put(Entity.text("")); + try { + checkOk(response); + } finally { + response.close(); + } + } + + @Override + public void modifyOthersAccessRights(String nodeId, Integer rights) { + Objects.requireNonNull(nodeId); + Objects.requireNonNull(rights); + + // flush buffer to keep change order + changeBuffer.flush(); + + LOGGER.debug("modifyOthersAccessRights(fileSystemName={}, nodeId={}, rights={})", fileSystemName, nodeId, rights); + + Response response = webTarget.path("fileSystems/{fileSystemName}/nodes/{nodeId}/othersRights") + .resolveTemplate(FILE_SYSTEM_NAME, fileSystemName) + .resolveTemplate(NODE_ID, nodeId) + .queryParam("rights", rights) + .request() + .header(HttpHeaders.AUTHORIZATION, token) + .header(HttpHeaders.CONTENT_ENCODING, "gzip") + .acceptEncoding("gzip") + .put(Entity.text("")); + try { + checkOk(response); + } finally { + response.close(); + } + } + + @Override + public boolean removeUserAccessRights(String nodeId, String userName) { + Objects.requireNonNull(nodeId); + Objects.requireNonNull(userName); + + // flush buffer to keep change order + changeBuffer.flush(); + + LOGGER.debug("removeUserAccessRights(fileSystemName={}, nodeId={}, userName={})", fileSystemName, nodeId, userName); + + Response response = webTarget.path("fileSystems/{fileSystemName}/nodes/{nodeId}/userRights/{userName}") + .resolveTemplate(FILE_SYSTEM_NAME, fileSystemName) + .resolveTemplate(NODE_ID, nodeId) + .resolveTemplate("userName", userName) + .request() + .header(HttpHeaders.AUTHORIZATION, token) + .delete(); + try { + return readEntityIfOk(response, Boolean.class); + } finally { + response.close(); + } + + } + + @Override + public boolean removeGroupAccessRights(String nodeId, String groupName) { + Objects.requireNonNull(nodeId); + Objects.requireNonNull(groupName); + + // flush buffer to keep change order + changeBuffer.flush(); + + LOGGER.debug("removeGroupAccessRights(fileSystemName={}, nodeId={}, userName={})", fileSystemName, nodeId, groupName); + + Response response = webTarget.path("fileSystems/{fileSystemName}/nodes/{nodeId}/groupRights/{groupName}") + .resolveTemplate(FILE_SYSTEM_NAME, fileSystemName) + .resolveTemplate(NODE_ID, nodeId) + .resolveTemplate("groupName", groupName) + .request() + .header(HttpHeaders.AUTHORIZATION, token) + .delete(); + try { + return readEntityIfOk(response, Boolean.class); + } finally { + response.close(); + } + } + @Override public void setConsistent(String nodeId) { Objects.requireNonNull(nodeId);