Skip to content

Commit 54e1728

Browse files
ThomasJejkalThomasJejkal
committed
Deactivated removal of ACL information for non-administrator access
1 parent 381f806 commit 54e1728

File tree

2 files changed

+14
-10
lines changed

2 files changed

+14
-10
lines changed

src/main/java/edu/kit/datamanager/repo/util/DataResourceUtils.java

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -119,9 +119,11 @@ public static ResponseEntity<DataResource> readResource(RepoBaseConfiguration ap
119119

120120
if (currentVersion > 0) {
121121
//trigger response creation and set etag...the response body is set automatically
122-
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(filterResource(resource));
122+
//return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(filterResource(resource));
123+
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(resource);
123124
} else {
124-
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(filterResource(resource));
125+
//return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(filterResource(resource));
126+
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(resource);
125127
}
126128
}
127129

@@ -371,7 +373,7 @@ public static Optional<String> getAuditInformation(RepoBaseConfiguration applica
371373
* @param resource data resource.
372374
* @return data resource without acls.
373375
*/
374-
public static DataResource filterResource(DataResource resource) {
376+
/*public static DataResource filterResource(DataResource resource) {
375377
if (!AuthenticationHelper.isAuthenticatedAsService() && !DataResourceUtils.hasPermission(resource, PERMISSION.ADMINISTRATE) && !AuthenticationHelper.hasAuthority(RepoUserRole.ADMINISTRATOR.toString())) {
376378
LOGGER.debug("Removing ACL information from resources due to non-administrator access.");
377379
//exclude ACLs if not administrate or administrator permissions are set
@@ -381,15 +383,15 @@ public static DataResource filterResource(DataResource resource) {
381383
}
382384
383385
return resource;
384-
}
386+
}*/
385387

386388
/**
387389
* Remove ACLs from a list of data resources.
388390
*
389391
* @param resources list of data resources.
390392
* @return list of data resources without acls.
391393
*/
392-
public static List<DataResource> filterResources(List<DataResource> resources) {
394+
/*public static List<DataResource> filterResources(List<DataResource> resources) {
393395
394396
if (!AuthenticationHelper.isAuthenticatedAsService() && !AuthenticationHelper.hasAuthority(RepoUserRole.ADMINISTRATOR.toString())) {
395397
LOGGER.debug("Removing ACL information from resources due to non-administrator access.");
@@ -403,7 +405,7 @@ public static List<DataResource> filterResources(List<DataResource> resources) {
403405
}
404406
405407
return resources;
406-
}
408+
}*/
407409

408410
public static Collection<? extends GrantedAuthority> getUserAuthorities(DataResource resource) {
409411
LOGGER.trace("Determining user grants from authorization context.");

src/test/java/edu/kit/datamanager/repo/web/DataResourceController.java

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -166,8 +166,8 @@ public ResponseEntity<List<DataResource>> findByExample(@RequestBody DataResourc
166166
//set content-range header for react-admin (index_start-index_end/total
167167
PageRequest request = ControllerUtils.checkPaginationInformation(pgbl);
168168
response.addHeader(CONTENT_RANGE_HEADER, ControllerUtils.getContentRangeHeader(page.getNumber(), request.getPageSize(), page.getTotalElements()));
169-
return ResponseEntity.ok().body(DataResourceUtils.filterResources(page.getContent()));
170-
169+
//return ResponseEntity.ok().body(DataResourceUtils.filterResources(page.getContent()));
170+
return ResponseEntity.ok().body(page.getContent());
171171
}
172172

173173
@Override
@@ -205,9 +205,11 @@ public ResponseEntity put(@PathVariable("id") final String identifier,
205205

206206
if (currentVersion > 0) {
207207
//trigger response creation and set etag...the response body is set automatically
208-
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(DataResourceUtils.filterResource(result));
208+
//return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(DataResourceUtils.filterResource(result));
209+
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(result);
209210
} else {
210-
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(DataResourceUtils.filterResource(result));
211+
//return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(DataResourceUtils.filterResource(result));
212+
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(result);
211213
}
212214

213215
}

0 commit comments

Comments
 (0)