[Fixes #9583] Unadvertised resources

doc/sql/002_create_schema_oracle.sql

@@ -26,6 +26,7 @@
         metadata varchar2(4000 char),
         name varchar2(255 char) not null,
         category_id number(19,0) not null,
+        advertised bool not null,
         primary key (id),
         unique (name)
     );

doc/sql/002_create_schema_postgres.sql

@@ -41,6 +41,7 @@ psql -U geostore_test -d geostore -f 002_create_schema_postgres.sql
         metadata varchar(30000),
         name varchar(255) not null,
         category_id int8 not null,
+        advertised bool not null,
         primary key (id),
         unique (name)
     );

doc/sql/migration/h2/h2-migration-from-v.1.5.0-to-v2.0.0 → doc/sql/migration/h2/h2-migration-from-v.1.5.0-to-v2.0.0.sql

@@ -14,3 +14,5 @@ create index idx_user_group_attr_text on gs_user_group_attribute (string);
 create index idx_attr_user_group on gs_user_group_attribute (userGroup_id);
 
 alter table gs_user_group_attribute add constraint fk_ugattrib_user_group foreign key (userGroup_id) references gs_usergroup;
+
+alter table gs_resource add column advertised bool not null;

doc/sql/migration/oracle/oracle-migration-from-v.1.5.0-to-v2.0.0 → doc/sql/migration/oracle/oracle-migration-from-v.1.5.0-to-v2.0.0.sql

@@ -15,3 +15,5 @@ create index idx_user_group_attr_text on gs_user_group_attribute (string);
 create index idx_attr_user_group on gs_user_group_attribute (userGroup_id);
 
 alter table gs_user_group_attribute add constraint fk_ugattrib_user_group foreign key (userGroup_id) references gs_usergroup;
+
+alter table gs_resource add column advertised bool not null;

doc/sql/migration/postgresql/postgresql-migration-from-v.1.5.0-to-v2.0.0 → doc/sql/migration/postgresql/postgresql-migration-from-v.1.5.0-to-v2.0.0.sql

@@ -15,3 +15,5 @@ create index idx_user_group_attr_text on gs_user_group_attribute (string);
 create index idx_attr_user_group on gs_user_group_attribute (userGroup_id);
 
 alter table gs_user_group_attribute add constraint fk_ugattrib_user_group foreign key (userGroup_id) references gs_usergroup;
+
+alter table gs_resource add column advertised bool not null;

src/core/model/src/main/java/it/geosolutions/geostore/core/model/Resource.java

@@ -68,6 +68,7 @@
         @Index(name = "idx_resource_creation", columnList = "creation"),
         @Index(name = "idx_resource_update", columnList = "lastUpdate"),
         @Index(name = "idx_resource_metadata", columnList = "metadata"),
+        @Index(name = "idx_resource_metadata", columnList = "advertised"),
         @Index(name = "idx_resource_category", columnList = "category_id")
 })
 // @Cache(usage = CacheConcurrencyStrategy.READ_WRITE, region = "gs_resource")
@@ -94,6 +95,9 @@ public class Resource implements Serializable, CycleRecoverable {
     @Temporal(TemporalType.TIMESTAMP)
     private Date lastUpdate;
 
+    @Column(nullable = true, updatable = true)
+    private Boolean advertised = true;
+
     @Column(nullable = true, updatable = true, length = 30000)
     private String metadata;
 
@@ -183,6 +187,20 @@ public void setLastUpdate(Date lastUpdate) {
         this.lastUpdate = lastUpdate;
     }
 
+    /**
+     * @return the advertised
+     */
+    public Boolean isAdvertised() {
+        return advertised;
+    }
+
+    /**
+     * @param advertised the advertised to set
+     */
+    public void setAdvertised(Boolean advertised) {
+        this.advertised = advertised;
+    }
+
     /**
      * @return the metadata
      */
@@ -303,6 +321,11 @@ public String toString() {
             builder.append("category=").append(category.toString());
         }
 
+        if (advertised != null) {
+            builder.append(", ");
+            builder.append("advertised=").append(advertised);
+        }
+
         builder.append(']');
 
         return builder.toString();
@@ -325,6 +348,7 @@ public int hashCode() {
         result = (prime * result) + ((metadata == null) ? 0 : metadata.hashCode());
         result = (prime * result) + ((name == null) ? 0 : name.hashCode());
         result = (prime * result) + ((security == null) ? 0 : security.hashCode());
+        result = (prime * result) + ((advertised == null) ? 0 : advertised.hashCode());
 
         return result;
     }
@@ -394,6 +418,13 @@ public boolean equals(Object obj) {
         } else if (!lastUpdate.equals(other.lastUpdate)) {
             return false;
         }
+        if (advertised == null) {
+            if (other.advertised != null) {
+                return false;
+            }
+        } else if (!advertised.equals(other.advertised)) {
+            return false;
+        }
         if (metadata == null) {
             if (other.metadata != null) {
                 return false;
@@ -428,6 +459,7 @@ public Object onCycleDetected(Context arg0) {
         r.setCreation(this.creation);
         r.setDescription(this.description);
         r.setLastUpdate(this.lastUpdate);
+        r.setAdvertised(this.advertised);
         r.setMetadata(this.metadata);
         r.setName(this.name);
         r.setAttribute(null);

src/core/persistence/src/main/java/it/geosolutions/geostore/core/dao/impl/SecurityDAOImpl.java

@@ -135,24 +135,37 @@ public void addReadSecurityConstraints(Search searchCriteria, User user)
             return;
         }
 
+        // User filtering based on user and groups
         Filter userFiltering = Filter.equal("user.name", user.getName());
 
-        if(! user.getGroups().isEmpty()) {
+        // Combine owner and advertisedFilter using OR
+        /**
+         * The user is the owner of the resource or the resource is advertised.
+         */
+        Filter advertisedFiltering = Filter.or(
+                Filter.equal("user.name", user.getName()),
+                Filter.equal("resource.advertised", true));
+
+        if(user.getGroups() != null && !user.getGroups().isEmpty()) {
             List<Long> groupsId = new ArrayList<>();
             for (UserGroup group : user.getGroups()) {
                 groupsId.add(group.getId());
             }
 
-            userFiltering = Filter.or( userFiltering, Filter.in("group.id", groupsId));
+            /* userFiltering = Filter.and(
+                    advertisedFiltering,
+                    Filter.or(userFiltering, Filter.in("group.id", groupsId))
+            ); */
+            userFiltering = Filter.or(userFiltering, Filter.in("group.id", groupsId));
         }
 
         Filter securityFilter = Filter.some(
-                "security",
-                Filter.and(
-                        Filter.equal("canRead", true),
-                        userFiltering
-                        )
-                );
+            "security",
+            Filter.and(
+                    Filter.equal("canRead", true),
+                    userFiltering
+            )
+        );
 
         searchCriteria.addFilter(securityFilter);
     }
@@ -172,7 +185,7 @@ public List<SecurityRule> findUserSecurityRule(String userName, long resourceId)
         searchCriteria.addFilter(securityFilter);
         // now rules are not properly filtered. 
         // so no user rules have to be removed externally (see RESTServiceImpl > ResourceServiceImpl)
-        // TODO: apply same worakaround of findGroupSecurityRule or fix searchCriteria issue (when this unit is well tested).
+        // TODO: apply same workaround of findGroupSecurityRule or fix searchCriteria issue (when this unit is well tested).
         return super.search(searchCriteria);
     }
 
@@ -214,6 +227,5 @@ public UserGroupDAO getUserGroupDAO() {
     public void setUserGroupDAO(UserGroupDAO userGroupDAO) {
         this.userGroupDAO = userGroupDAO;
     }
-
-
+
 }

src/core/services-api/src/main/java/it/geosolutions/geostore/services/dto/ShortResource.java

@@ -60,6 +60,8 @@ public class ShortResource implements Serializable {
 
     private boolean canDelete = false;
 
+    private boolean advertised = true;
+
     public ShortResource() {
 
     }
@@ -73,6 +75,7 @@ public ShortResource(Resource resource) {
         this.creation = resource.getCreation();
         this.description = resource.getDescription();
         this.lastUpdate = resource.getLastUpdate();
+        this.advertised = resource.isAdvertised();
     }
 
     /**
@@ -173,6 +176,20 @@ public void setCanDelete(boolean canDelete) {
         this.canDelete = canDelete;
     }
 
+    /**
+     * @return the advertised
+     */
+    public Boolean isAdvertised() {
+        return advertised;
+    }
+
+    /**
+     * @param advertised the advertised to set
+     */
+    public void setAdvertised(Boolean advertised) {
+        this.advertised = advertised;
+    }
+
     /*
      * (non-Javadoc)
      * 
@@ -201,6 +218,9 @@ public String toString() {
         if (canDelete)
             builder.append("canDelete=").append(canDelete);
 
+        if (advertised)
+            builder.append("advertised=").append(advertised);
+
         builder.append(']');
         return builder.toString();
     }

src/core/services-impl/src/main/java/it/geosolutions/geostore/services/ResourceServiceImpl.java

@@ -189,6 +189,7 @@ public long insert(Resource resource) throws BadRequestServiceEx, NotFoundServic
         r.setMetadata(resource.getMetadata());
         r.setName(resource.getName());
         r.setCategory(loadedCategory);
+        r.setAdvertised(resource.isAdvertised());
 
         try {
             resourceDAO.persist(r);
@@ -511,16 +512,19 @@ private List<ShortResource> convertToShortList(List<Resource> list, User authUse
             // the loaded resource (and associated attributes and stored data).
             // This to inform the client in HTTP response result.
             // ///////////////////////////////////////////////////////////////////////
+            boolean resourceCanBeListed = true;
             if (authUser != null) {
                 if (authUser.getRole().equals(Role.ADMIN)) {
                     shortResource.setCanEdit(true);
                     shortResource.setCanDelete(true);
                 } else {
+                    boolean authUserIsOwner = false;
                     for (SecurityRule rule : resource.getSecurity()) {
                         User owner = rule.getUser();
                         UserGroup userGroup = rule.getGroup();
                         if (owner != null) {
                             if (owner.getId().equals(authUser.getId())) {
+                                authUserIsOwner = true;
                                 if (rule.isCanWrite()) {
                                     shortResource.setCanEdit(true);
                                     shortResource.setCanDelete(true);
@@ -529,7 +533,7 @@ private List<ShortResource> convertToShortList(List<Resource> list, User authUse
                                 }
                             }
                         } else if (userGroup != null) {
-                            List<String> groups = extratcGroupNames(authUser.getGroups());
+                            List<String> groups = extractGroupNames(authUser.getGroups());
                             if (groups.contains(userGroup.getGroupName())) {
                                 if (rule.isCanWrite()) {
                                     shortResource.setCanEdit(true);
@@ -540,16 +544,21 @@ private List<ShortResource> convertToShortList(List<Resource> list, User authUse
                             }
                         }
                     }
+                    if (!authUserIsOwner)
+                        resourceCanBeListed = resource.isAdvertised();
                 }
+            } else {
+                resourceCanBeListed = resource.isAdvertised();
             }
 
-            swList.add(shortResource);
+            if (resourceCanBeListed)
+                swList.add(shortResource);
         }
 
         return swList;
     }
 
-    public static List<String> extratcGroupNames(Set<UserGroup> groups)
+    public static List<String> extractGroupNames(Set<UserGroup> groups)
     {
         List<String> groupNames = new ArrayList<String>();
         if (groups == null) {
@@ -949,7 +958,7 @@ public long getCountByFilterAndUser(SearchFilter filter, User user) throws BadRe
     }
 
     /**
-     * Get filter count by namerLike and user
+     * Get filter count by nameLike and user
      *
      * @param nameLike
      * @param user

src/core/services-impl/src/main/java/it/geosolutions/geostore/services/UserGroupServiceImpl.java

@@ -321,7 +321,7 @@ public List<ShortResource> updateSecurityRules(Long groupId, List<Long> resource
 
                 ShortResource out = new ShortResource(resource);
                 // In this case the short resource to return is not related to the permission available by the user
-                // who call the sevrice (like in other service) but can Delete/Edit are set as the rule updated.
+                // who call the service (like in other service) but can Delete/Edit are set as the rule updated.
                 out.setCanDelete(canWrite);
                 out.setCanEdit(canWrite);
                 updated.add(out);