[UWS] Fix HTTP status codes when a user is not allowed or when a parameter can

 * You should have received a copy of the GNU Lesser General Public License

 * along with UWSLibrary.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 * Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 *                       Astronomisches Rechen Institut (ARI)

 */

 * </i></p>

 *

 * @author Grégory Mantelet (CDS;ARI)

 * @version 4.3 (10/2017)

 * @version 4.5 (07/2020)

 *

 * @see UWSJob

 */

	 */

	public UWSJob getJob(String jobID, JobOwner user) throws UWSException {

		if (user != null && !user.hasReadPermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.readPermissionDenied(user, true, getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.readPermissionDenied(user, true, getName()));

		// Get the specified job:

		UWSJob job = jobsList.get(jobID);

		if (user != null && job != null && job.getOwner() != null) {

			JobOwner owner = job.getOwner();

			if (!owner.equals(user) && !user.hasReadPermission(job))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.readPermissionDenied(user, false, job.getJobId()));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.readPermissionDenied(user, false, job.getJobId()));

		}

		return job;

			// Check the WRITE permission of the owner of this job:

			if (owner != null && !owner.hasWritePermission(this))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

			// Set its job list:

			j.setJobList(this);

	public boolean archiveJob(final String jobId, final JobOwner user) throws UWSException {

		if (user != null) {

			if (!user.hasWritePermission(this))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

			UWSJob job = getJob(jobId);

			if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, false, jobId));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, false, jobId));

		}

		return archiveJob(jobId);

	}

	public boolean destroyJob(final String jobId, final JobOwner user) throws UWSException {

		if (user != null) {

			if (!user.hasWritePermission(this))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

			UWSJob job = getJob(jobId);

			if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))

				throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, false, jobId));

				throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, false, jobId));

		}

		return destroyJob(jobId);

	}

		if (owner == null)

			clear();

		else if (!owner.hasWritePermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

		else {

			if (ownerJobs.containsKey(owner)) {

				ArrayList<String> jobIDs = new ArrayList<String>(ownerJobs.get(owner).keySet());

			throw new NullPointerException("Missing serialization output stream!");

		if (owner != null && !owner.hasReadPermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

		String serialization = serializer.getJobList(this, owner, listRefiner, true);

		if (serialization != null) {

	@Override

	public String serialize(UWSSerializer serializer, JobOwner user) throws UWSException, Exception {

		if (user != null && !user.hasReadPermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

		return serializer.getJobList(this, user, true);

	}

 * You should have received a copy of the GNU Lesser General Public License

 * along with UWSLibrary.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 * Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 *                       Astronomisches Rechen Institut (ARI)

 */

 * </ul>

 *

 * @author	Grégory Mantelet (CDS;ARI)

 * @version	4.4 (09/2018)

 * @version	4.5 (07/2020)

 */

public class UWSJob extends SerializableUWSObject {

	private static final long serialVersionUID = 1L;

				if (inputPhase.equalsIgnoreCase(PHASE_RUN)) {

					// Forbids the execution if the user has not the required permission:

					if (user != null && !user.equals(owner) && !user.hasExecutePermission(this))

						throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.executePermissionDenied(user, jobId));

						throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.executePermissionDenied(user, jobId));

					start();

				} else if (inputPhase.equalsIgnoreCase(PHASE_ABORT)) {

					// Forbids the execution if the user has not the required permission:

					if (user != null && !user.equals(owner) && !user.hasExecutePermission(this))

						throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.executePermissionDenied(user, jobId));

						throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.executePermissionDenied(user, jobId));

					abort();

				}

			}

	public boolean addOrUpdateParameters(UWSParameters params, final JobOwner user) throws UWSException {

		// The job can be modified ONLY IF in PENDING phase:

		if (!phase.isJobUpdatable())

			throw new UWSException(UWSException.FORBIDDEN, "Forbidden parameters modification: the job is not any more in the PENDING phase!");

			throw new UWSException(UWSException.BAD_REQUEST, "Forbidden parameters modification: the job is not any more in the PENDING phase!");

		// Forbids the update if the user has not the required permission:

		if (user != null && !user.equals(owner) && !user.hasWritePermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, false, getJobId()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, false, getJobId()));

		// Load all parameters:

		String[] updated = inputParams.update(params);

	@Override

	public String serialize(UWSSerializer serializer, JobOwner user) throws UWSException, Exception {

		if (user != null && !user.equals(getOwner()) && !user.hasReadPermission(this))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.readPermissionDenied(user, false, getJobId()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.readPermissionDenied(user, false, getJobId()));

		return serializer.getJob(this, true);

	}

 * You should have received a copy of the GNU Lesser General Public License

 * along with UWSLibrary.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 * Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 *                       Astronomisches Rechen Institut (ARI)

 */

 * <p><i><u>note 2:</u> If several values have been submitted for the same UWS standard parameter, just the last occurrence is taken into account.</i></p>

 *

 * @author Grégory Mantelet (CDS;ARI)

 * @version 4.4 (07/2018)

 * @version 4.5 (07/2020)

 */

public class UWSParameters implements Iterable<Entry<String, Object>> {

				// Test whether this parameter is allowed to be modified after its initialization:

				InputParamController controller = getController(entry.getKey());

				if (controller != null && !controller.allowModification())

					throw new UWSException(UWSException.FORBIDDEN, "The parameter \"" + entry.getKey() + "\" can not be modified after initialization!");

					throw new UWSException(UWSException.BAD_REQUEST, "The parameter \"" + entry.getKey() + "\" can not be modified after initialization!");

				// Determine whether the value already exists:

				if (params.containsKey(entry.getKey()) || entry.getKey().toLowerCase().matches(UWS_RW_PARAMETERS_REGEXP)) {

					// If the value is NULL, throw an error (no parameter can be removed after job creation):

					if (entry.getValue() == null)

						throw new UWSException(UWSException.FORBIDDEN, "Removing a parameter (here: \"" + entry.getKey() + "\") from a job is forbidden!");

						throw new UWSException(UWSException.BAD_REQUEST, "Removing a parameter (here: \"" + entry.getKey() + "\") from a job is forbidden!");

					// Else update the parameter value:

					else {

						// If the parameter to replace is an uploaded file, it must be physically removed before replacement:

					}

				} else

					// No parameter can be added after job creation:

					throw new UWSException(UWSException.FORBIDDEN, "Adding a parameter (here: \"" + entry.getKey() + "\") to an existing job is forbidden by the UWS protocol!");

					throw new UWSException(UWSException.BAD_REQUEST, "Adding a parameter (here: \"" + entry.getKey() + "\") to an existing job is forbidden by the UWS protocol!");

				// Update the list of updated parameters:

				updated[i++] = entry.getKey();

			}

 * You should have received a copy of the GNU Lesser General Public License

 * along with UWSLibrary.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 * Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 *                       Astronomisches Rechen Institut (ARI)

 */

 * </p>

 *

 * @author Grégory Mantelet (CDS;ARI)

 * @version 4.4 (08/2018)

 * @version 4.5 (07/2020)

 */

public abstract class UWSServlet extends HttpServlet implements UWS, UWSFactory {

	private static final long serialVersionUID = 1L;

		// Forbids the job creation if the user has not the WRITE permission for the specified jobs list:

		if (user != null && !user.hasWritePermission(jobsList))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, jobsList.getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, jobsList.getName()));

		// Create the job:

		UWSJob newJob = createJob(req, user);

		// Forbids the action if the user has not the WRITE permission for the specified job:

		if (user != null && !user.hasWritePermission(job))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, job.getJobId()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, job.getJobId()));

		String name = requestUrl.getAttributes()[0];

		job.addOrUpdateParameter(name, UWSToolBox.getParameter(name, req, false), user);

 * You should have received a copy of the GNU Lesser General Public License

 * along with UWSLibrary.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Copyright 2012-2015 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 * Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),

 *                       Astronomisches Rechen Institut (ARI)

 */

 * The response of this action is a redirection to the new job resource (that is to say: a redirection to the job summary of the new job).</p>

 *

 * @author Grégory Mantelet (CDS;ARI)

 * @version 4.1 (04/2015)

 * @version 4.5 (07/2020)

 */

public class AddJob extends UWSAction {

	private static final long serialVersionUID = 1L;

		// Forbids the job creation if the user has not the WRITE permission for the specified jobs list:

		if (user != null && !user.hasWritePermission(jobsList))

			throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, jobsList.getName()));

			throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, jobsList.getName()));

		// Create the job:

		UWSJob newJob;