[UWS] Fix HTTP status codes when a user is not allowed or when a parameter can (30dc11cb) · Commits · Sonia Zorba / vollt

src/uws/job/JobList.java

+84 −84

Original line number	Original line	Diff line number	Diff line
	@@ -16,7 +16,7 @@ package uws.job;
	* You should have received a copy of the GNU Lesser General Public License		* You should have received a copy of the GNU Lesser General Public License
	* along with UWSLibrary. If not, see <http://www.gnu.org/licenses/>.		* along with UWSLibrary. If not, see <http://www.gnu.org/licenses/>.
	*		*
	* Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),		* Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),
	* Astronomisches Rechen Institut (ARI)		* Astronomisches Rechen Institut (ARI)
	*/		*/

	@@ -175,7 +175,7 @@ import uws.service.log.UWSLog.LogLevel;
	* </i></p>		* </i></p>
	*		*
	* @author Grégory Mantelet (CDS;ARI)		* @author Grégory Mantelet (CDS;ARI)
	* @version 4.3 (10/2017)		* @version 4.5 (07/2020)
	*		*
	* @see UWSJob		* @see UWSJob
	*/		*/
	@@ -521,7 +521,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	*/		*/
	public UWSJob getJob(String jobID, JobOwner user) throws UWSException {		public UWSJob getJob(String jobID, JobOwner user) throws UWSException {
	if (user != null && !user.hasReadPermission(this))		if (user != null && !user.hasReadPermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.readPermissionDenied(user, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.readPermissionDenied(user, true, getName()));

	// Get the specified job:		// Get the specified job:
	UWSJob job = jobsList.get(jobID);		UWSJob job = jobsList.get(jobID);
	@@ -530,7 +530,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	if (user != null && job != null && job.getOwner() != null) {		if (user != null && job != null && job.getOwner() != null) {
	JobOwner owner = job.getOwner();		JobOwner owner = job.getOwner();
	if (!owner.equals(user) && !user.hasReadPermission(job))		if (!owner.equals(user) && !user.hasReadPermission(job))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.readPermissionDenied(user, false, job.getJobId()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.readPermissionDenied(user, false, job.getJobId()));
	}		}

	return job;		return job;
	@@ -693,7 +693,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {

	// Check the WRITE permission of the owner of this job:		// Check the WRITE permission of the owner of this job:
	if (owner != null && !owner.hasWritePermission(this))		if (owner != null && !owner.hasWritePermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

	// Set its job list:		// Set its job list:
	j.setJobList(this);		j.setJobList(this);
	@@ -784,10 +784,10 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	public boolean archiveJob(final String jobId, final JobOwner user) throws UWSException {		public boolean archiveJob(final String jobId, final JobOwner user) throws UWSException {
	if (user != null) {		if (user != null) {
	if (!user.hasWritePermission(this))		if (!user.hasWritePermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));
	UWSJob job = getJob(jobId);		UWSJob job = getJob(jobId);
	if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))		if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, false, jobId));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, false, jobId));
	}		}
	return archiveJob(jobId);		return archiveJob(jobId);
	}		}
	@@ -948,10 +948,10 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	public boolean destroyJob(final String jobId, final JobOwner user) throws UWSException {		public boolean destroyJob(final String jobId, final JobOwner user) throws UWSException {
	if (user != null) {		if (user != null) {
	if (!user.hasWritePermission(this))		if (!user.hasWritePermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));
	UWSJob job = getJob(jobId);		UWSJob job = getJob(jobId);
	if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))		if (job != null && job.getOwner() != null && !user.equals(job.getOwner()) && !user.hasWritePermission(job))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, false, jobId));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, false, jobId));
	}		}
	return destroyJob(jobId);		return destroyJob(jobId);
	}		}
	@@ -993,7 +993,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	if (owner == null)		if (owner == null)
	clear();		clear();
	else if (!owner.hasWritePermission(this))		else if (!owner.hasWritePermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));
	else {		else {
	if (ownerJobs.containsKey(owner)) {		if (ownerJobs.containsKey(owner)) {
	ArrayList<String> jobIDs = new ArrayList<String>(ownerJobs.get(owner).keySet());		ArrayList<String> jobIDs = new ArrayList<String>(ownerJobs.get(owner).keySet());
	@@ -1033,7 +1033,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	throw new NullPointerException("Missing serialization output stream!");		throw new NullPointerException("Missing serialization output stream!");

	if (owner != null && !owner.hasReadPermission(this))		if (owner != null && !owner.hasReadPermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(owner, true, getName()));

	String serialization = serializer.getJobList(this, owner, listRefiner, true);		String serialization = serializer.getJobList(this, owner, listRefiner, true);
	if (serialization != null) {		if (serialization != null) {
	@@ -1049,7 +1049,7 @@ public class JobList extends SerializableUWSObject implements Iterable<UWSJob> {
	@Override		@Override
	public String serialize(UWSSerializer serializer, JobOwner user) throws UWSException, Exception {		public String serialize(UWSSerializer serializer, JobOwner user) throws UWSException, Exception {
	if (user != null && !user.hasReadPermission(this))		if (user != null && !user.hasReadPermission(this))
	throw new UWSException(UWSException.PERMISSION_DENIED, UWSExceptionFactory.writePermissionDenied(user, true, getName()));		throw new UWSException(UWSException.FORBIDDEN, UWSExceptionFactory.writePermissionDenied(user, true, getName()));

	return serializer.getJobList(this, user, true);		return serializer.getJobList(this, user, true);
	}		}

src/uws/job/UWSJob.java

+187 −187

src/uws/job/parameters/UWSParameters.java

+79 −79

src/uws/service/UWSServlet.java

+162 −162

src/uws/service/actions/AddJob.java

+21 −21

Original line number	Original line	Diff line number	Diff line
	@@ -16,7 +16,7 @@ package uws.job.parameters;
	* You should have received a copy of the GNU Lesser General Public License		* You should have received a copy of the GNU Lesser General Public License
	* along with UWSLibrary. If not, see <http://www.gnu.org/licenses/>.		* along with UWSLibrary. If not, see <http://www.gnu.org/licenses/>.
	*		*
	* Copyright 2012-2018 - UDS/Centre de Données astronomiques de Strasbourg (CDS),		* Copyright 2012-2020 - UDS/Centre de Données astronomiques de Strasbourg (CDS),
	* Astronomisches Rechen Institut (ARI)		* Astronomisches Rechen Institut (ARI)
	*/		*/

	@@ -117,7 +117,7 @@ import uws.service.request.UploadFile;
	* <p><i><u>note 2:</u> If several values have been submitted for the same UWS standard parameter, just the last occurrence is taken into account.</i></p>		* <p><i><u>note 2:</u> If several values have been submitted for the same UWS standard parameter, just the last occurrence is taken into account.</i></p>
	*		*
	* @author Grégory Mantelet (CDS;ARI)		* @author Grégory Mantelet (CDS;ARI)
	* @version 4.4 (07/2018)		* @version 4.5 (07/2020)
	*/		*/
	public class UWSParameters implements Iterable<Entry<String, Object>> {		public class UWSParameters implements Iterable<Entry<String, Object>> {

	@@ -431,12 +431,12 @@ public class UWSParameters implements Iterable<Entry<String, Object>> {
	// Test whether this parameter is allowed to be modified after its initialization:		// Test whether this parameter is allowed to be modified after its initialization:
	InputParamController controller = getController(entry.getKey());		InputParamController controller = getController(entry.getKey());
	if (controller != null && !controller.allowModification())		if (controller != null && !controller.allowModification())
	throw new UWSException(UWSException.FORBIDDEN, "The parameter \"" + entry.getKey() + "\" can not be modified after initialization!");		throw new UWSException(UWSException.BAD_REQUEST, "The parameter \"" + entry.getKey() + "\" can not be modified after initialization!");
	// Determine whether the value already exists:		// Determine whether the value already exists:
	if (params.containsKey(entry.getKey()) \|\| entry.getKey().toLowerCase().matches(UWS_RW_PARAMETERS_REGEXP)) {		if (params.containsKey(entry.getKey()) \|\| entry.getKey().toLowerCase().matches(UWS_RW_PARAMETERS_REGEXP)) {
	// If the value is NULL, throw an error (no parameter can be removed after job creation):		// If the value is NULL, throw an error (no parameter can be removed after job creation):
	if (entry.getValue() == null)		if (entry.getValue() == null)
	throw new UWSException(UWSException.FORBIDDEN, "Removing a parameter (here: \"" + entry.getKey() + "\") from a job is forbidden!");		throw new UWSException(UWSException.BAD_REQUEST, "Removing a parameter (here: \"" + entry.getKey() + "\") from a job is forbidden!");
	// Else update the parameter value:		// Else update the parameter value:
	else {		else {
	// If the parameter to replace is an uploaded file, it must be physically removed before replacement:		// If the parameter to replace is an uploaded file, it must be physically removed before replacement:
	@@ -452,7 +452,7 @@ public class UWSParameters implements Iterable<Entry<String, Object>> {
	}		}
	} else		} else
	// No parameter can be added after job creation:		// No parameter can be added after job creation:
	throw new UWSException(UWSException.FORBIDDEN, "Adding a parameter (here: \"" + entry.getKey() + "\") to an existing job is forbidden by the UWS protocol!");		throw new UWSException(UWSException.BAD_REQUEST, "Adding a parameter (here: \"" + entry.getKey() + "\") to an existing job is forbidden by the UWS protocol!");
	// Update the list of updated parameters:		// Update the list of updated parameters:
	updated[i++] = entry.getKey();		updated[i++] = entry.getKey();
	}		}