From 4e8c643e02bd1f5beaecbc93fdf9492da2510997 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <timm.fitschen@ds.mpg.de>
Date: Thu, 21 Mar 2019 22:33:43 +0100
Subject: [PATCH] EHN: CheckEntityACLRoles' mode configurable
---
src/main/java/caosdb/server/ServerProperties.java | 4 ++++
.../server/jobs/core/CheckEntityACLRoles.java | 13 +++++++++++--
.../java/caosdb/server/utils/ServerMessages.java | 2 +-
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/src/main/java/caosdb/server/ServerProperties.java b/src/main/java/caosdb/server/ServerProperties.java
index 32d7fa32..1cd6078e 100644
--- a/src/main/java/caosdb/server/ServerProperties.java
+++ b/src/main/java/caosdb/server/ServerProperties.java
@@ -121,6 +121,8 @@ public class ServerProperties extends Properties {
public static final String KEY_NO_REPLY_NAME = "NO_REPLY_NAME";
+ public static final String KEY_CHECK_ENTITY_ACL_ROLES_MODE = "CHECK_ENTITY_ACL_ROLES_MODE";
+
/**
* This init_server_properties method reads the config file which contains key-value-pairs for
* such variables like the user name of the database, the port the server will be listening on
@@ -200,6 +202,8 @@ public class ServerProperties extends Properties {
serverProperties.setProperty(KEY_SUDO_PASSWORD, "");
serverProperties.setProperty(KEY_QUERY_FILTER_ENTITIES_WITHOUT_RETRIEVE_PERMISSIONS, "TRUE");
+ serverProperties.setProperty(KEY_CHECK_ENTITY_ACL_ROLES_MODE, "MUST");
+
try {
final File confFile = new File(basepath + "/conf/ext/server.conf");
if (confFile.exists()) {
diff --git a/src/main/java/caosdb/server/jobs/core/CheckEntityACLRoles.java b/src/main/java/caosdb/server/jobs/core/CheckEntityACLRoles.java
index a0a3c72a..1106a469 100644
--- a/src/main/java/caosdb/server/jobs/core/CheckEntityACLRoles.java
+++ b/src/main/java/caosdb/server/jobs/core/CheckEntityACLRoles.java
@@ -22,6 +22,8 @@
*/
package caosdb.server.jobs.core;
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
import caosdb.server.accessControl.AuthenticationUtils;
import caosdb.server.entity.EntityInterface;
import caosdb.server.jobs.ContainerJob;
@@ -43,8 +45,15 @@ public class CheckEntityACLRoles extends ContainerJob {
if (entity.getEntityACL() != null) {
for (final EntityACI aci : entity.getEntityACL().getRules()) {
if (!AuthenticationUtils.isResponsibleAgentExistent(aci.getResponsibleAgent())) {
- entity.addError(ServerMessages.ROLE_DOES_NOT_EXIST);
- entity.setEntityStatus(EntityStatus.UNQUALIFIED);
+ if (CaosDBServer.getServerProperty(ServerProperties.KEY_CHECK_ENTITY_ACL_ROLES_MODE)
+ .equalsIgnoreCase("MUST")) {
+ entity.addError(ServerMessages.ROLE_DOES_NOT_EXIST);
+ entity.setEntityStatus(EntityStatus.UNQUALIFIED);
+ } else {
+ entity.addWarning(ServerMessages.ROLE_DOES_NOT_EXIST);
+ }
+ entity.addInfo(
+ "User Role `" + aci.getResponsibleAgent().toString() + "` does not exist.");
}
}
}
diff --git a/src/main/java/caosdb/server/utils/ServerMessages.java b/src/main/java/caosdb/server/utils/ServerMessages.java
index 63cadf5f..454834e2 100644
--- a/src/main/java/caosdb/server/utils/ServerMessages.java
+++ b/src/main/java/caosdb/server/utils/ServerMessages.java
@@ -270,7 +270,7 @@ public class ServerMessages {
new Message(MessageType.Error, 0, "Cannot parse EntityACL.");
public static final Message ROLE_DOES_NOT_EXIST =
- new Message(MessageType.Error, 1104, "Role does not exist.");
+ new Message(MessageType.Error, 1104, "User Role does not exist.");
public static final Message ENTITY_NAME_DUPLICATES =
new Message(MessageType.Error, 0, "This entity cannot be identified due to name duplicates.");
--
GitLab