WIP: fixing server issue #196

b9185db0 · Timm Fitschen · d7ba14fa · b9185db0 · b9185db0 · b9185db0
Verified Commit b9185db0 authored 2 years ago by Timm Fitschen
--- a/DEPENDENCIES.md
+++ b/DEPENDENCIES.md
@@ -7,6 +7,7 @@
 * `>=Java 11`
 * `>=Apache Maven 3.6.0`
 * `>=Make 4.2`
+* `>=gcc 8` (if PAM authentication is required)
 * `libpam` (if PAM authentication is required)
 * More dependencies are being pulled and installed automatically by Maven. See the complete list of dependencies in the [pom.xml](pom.xml)


--- a/README_SETUP.md
+++ b/README_SETUP.md
@@ -15,12 +15,18 @@ See [DEPENDENCIES.md](DEPENDENCIES.md).

 On Debian, the required packages can be installed with:

-    apt-get install git make mariadb-server maven openjdk-11-jdk-headless \
-      python3-pip screen libpam0g-dev unzip
+    apt-get install make mariadb-server maven openjdk-11-jdk-headless \
+      python3-pip libpam0g-dev unzip

 Note that installing MariaDB will uninstall existing MySQL packages and vice
 versa.

+#### Install the requirements on Fedora
+
+On Fedora, the required packages can be installed with:
+
+    sudo dnf install make pam-devel mariadb-server mariadb python3 java-17-openjdk-headless unzip gcc
+
 ### System

 * `>=Linux 4.0.0`, `x86_64`, e.g. Ubuntu 18.04
@@ -160,20 +166,47 @@ sources (if you called `make run` previously).

 ## Setup Eclipse

-1. Open Eclipse (recommended version: Oxygen.1a Release (4.7.1a))
-2. `File > New > Java Project`: Choose a project name and specify the location
-   of this repo. The JRE and Project layout should be configured automatically.
-   Now, the project should initially have two source-folders: `./src/main/java`
-   and `./src/test/java`. After a build, another one,
-   `./target/generated-sources/antlr4` should be generated. If there are more
-   than these three source-folders, reconfigure the projects source folders
-   appropriately with `Project > Properties > Java Build Path > Source`.
-3. In the `Package Explorer` view, right-click on the project and `Configure >
-   Convert to Maven Project`.
-4. In the `Package Explorer` view, right-click on the project and `Maven >
-   Update Project`.
-5. Usually a build of the project is started automatically. Otherwise `Project >
-   Build Project`.
+1. Open Eclipse (tested with 2022-R12)
+2. File > Import > Maven > Existing Maven Projects: Specify location.
+3. You will most likely encounter "Plugin execution not covered by lifecycle
+   configuration: ..." errors. Adapt the file
+   `<eclipse-workspace>/.metadata/.plugins/org.eclipse.m2e.core/lifecycle-mapping-metadata.xml`.
+
+   Example:
+
+   ```xml 
+   <?xml version="1.0" encoding="UTF-8"?>
+   <lifecycleMappingMetadata>
+     <pluginExecutions>
+       <pluginExecution>
+         <pluginExecutionFilter>
+           <groupId>com.coveo</groupId>
+           <artifactId>fmt-maven-plugin</artifactId>
+           <versionRange>2.5.1</versionRange>
+           <goals>
+             <goal>format</goal>
+           </goals>
+         </pluginExecutionFilter>
+         <action>
+           <ignore />
+         </action>
+       </pluginExecution>
+       <pluginExecution>
+         <pluginExecutionFilter>
+           <groupId>org.codehaus.mojo</groupId>
+           <artifactId>buildnumber-maven-plugin</artifactId>
+           <versionRange>1.4</versionRange>
+           <goals>
+             <goal>create-metadata</goal>
+           </goals>
+         </pluginExecutionFilter>
+         <action>
+           <ignore />
+         </action>
+       </pluginExecution>
+     </pluginExecutions>
+   </lifecycleMappingMetadata>
+   ```

 Done!


--- a/conf/core/server.conf
+++ b/conf/core/server.conf
@@ -67,7 +67,7 @@ MYSQL_DATABASE_NAME=caosdb
 # User name for connecting to mysql
 MYSQL_USER_NAME=caosdb
 # Password for the user
-MYSQL_USER_PASSWORD=caosdb
+MYSQL_USER_PASSWORD=random1234
 # Schema of mysql procedures and tables which is required by this CaosDB instance
 MYSQL_SCHEMA_VERSION=v5.0


--- a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
+++ b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
@@ -25,9 +25,10 @@ package org.caosdb.server.jobs.core;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.subject.Subject;
 import org.caosdb.server.accessControl.ACMPermissions;
-import org.caosdb.server.database.backend.transaction.RetrieveSparseEntity;
+import org.caosdb.server.entity.DeleteEntity;
 import org.caosdb.server.entity.EntityInterface;
-import org.caosdb.server.entity.wrapper.Parent;
+import org.caosdb.server.entity.InsertEntity;
+import org.caosdb.server.entity.UpdateEntity;
 import org.caosdb.server.jobs.ContainerJob;
 import org.caosdb.server.jobs.JobAnnotation;
 import org.caosdb.server.jobs.TransactionStage;
@@ -80,12 +81,6 @@ public class AccessControl extends ContainerJob {
  protected void run() {
    final Subject subject = SecurityUtils.getSubject();

-    // subject has complete permissions for this kind of transaction
-    if (subject.isPermitted(
-        TRANSACTION_PERMISSIONS.toString(getTransaction().getClass().getSimpleName(), null))) {
-      return;
-    }
-
    if (getTransaction() instanceof Retrieve) {
      return;
    }
@@ -93,25 +88,20 @@ public class AccessControl extends ContainerJob {
    for (final EntityInterface e : getContainer()) {

      // per role permission
-      if (subject.isPermitted(
-          TRANSACTION_PERMISSIONS.toString(
-              getTransaction().getClass().getSimpleName(), e.getRole().toString()))) {
-        continue;
-      }
-
-      // special annotations permission
-      if (e.hasParents() && e.getParents().size() == 1) {
-        final Parent par1 = e.getParents().get(0);
-        if (par1.hasId() && !par1.getId().isTemporary()) {
-          execute(new RetrieveSparseEntity(par1));
+      if (e instanceof InsertEntity) {
+        if (subject.isPermitted(INSERT.toString(e.getRole().toString()))) {
+          continue;
+        }
+      } else if (e instanceof DeleteEntity) {
+        if (subject.isPermitted(DELETE.toString(e.getRole().toString()))) {
+          continue;
        }
-        if (par1.hasName()
-            && par1.getName().equals("CommentAnnotation")
-            && subject.isPermitted(
-                getTransaction().getClass().getSimpleName() + ":CommentAnnotation")) {
+      } else if (e instanceof UpdateEntity) {
+        if (subject.isPermitted(UPDATE.toString(e.getRole().toString()))) {
          continue;
        }
      }
+
      e.setEntityStatus(EntityStatus.UNQUALIFIED);
      e.addMessage(ServerMessages.AUTHORIZATION_ERROR);
    }