Merge pull request #1062 from kosarko/licensing_issue

Licensing issue

dspace-api/src/main/java/cz/cuni/mff/ufal/dspace/runnable/CheckLicenses.java

@@ -0,0 +1,84 @@
+package cz.cuni.mff.ufal.dspace.runnable;
+
+import cz.cuni.mff.ufal.DSpaceApi;
+import cz.cuni.mff.ufal.lindat.utilities.HibernateFunctionalityManager;
+import cz.cuni.mff.ufal.lindat.utilities.hibernate.LicenseResourceMapping;
+import cz.cuni.mff.ufal.lindat.utilities.interfaces.IFunctionalities;
+import org.dspace.content.*;
+import org.dspace.core.Constants;
+import org.dspace.core.Context;
+
+import java.sql.SQLException;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+
+public class CheckLicenses {
+    static private IFunctionalities f = DSpaceApi.getFunctionalityManager();
+    static private Context ctx = null;
+
+    public static void main(String[] args){
+        f.openSession();
+        try {
+            ctx = new Context();
+            ctx.turnOffAuthorisationSystem();
+            ItemIterator items = Item.findAll(ctx);
+            while (items.hasNext()) {
+                Item item = items.next();
+                checkMetadataAndDatabaseMatch(item);
+            }
+            checkUnexpectedAnonymousConfirmation();
+            ctx.restoreAuthSystemState();
+        } catch (SQLException e) {
+            throw new RuntimeException(e);
+        }finally {
+            f.closeSession();
+            if (ctx != null) {
+                ctx.abort();
+            }
+        }
+    }
+
+    private static void checkUnexpectedAnonymousConfirmation() throws SQLException {
+        HibernateFunctionalityManager hf = (HibernateFunctionalityManager)f;
+        List<Integer> bitstreamIdsOfAskOnlyOnceWhereConfirmedByAnonymous = hf.getBitstreamIdsOfAskOnlyOnceWhereConfirmedByAnonymous();
+
+        HashSet<Item> items = new HashSet<Item>();
+        for(int bitstream_id : bitstreamIdsOfAskOnlyOnceWhereConfirmedByAnonymous){
+            Bitstream b =  Bitstream.find(ctx, bitstream_id);
+            if(b == null){
+                System.out.println("ERR: Bitstream " + bitstream_id + " not found");
+            }else{
+                DSpaceObject parentObject = b.getParentObject();
+                if(parentObject.getType() == Constants.ITEM) {
+                    items.add((Item) parentObject);
+                }
+            }
+        }
+        for(Item i :items){
+            System.out.println("ERR: Item " + i.getID() + " has unexpected anonymous confirmation");
+        }
+    }
+
+    private static void checkMetadataAndDatabaseMatch(Item item) throws SQLException {
+        if(item.hasUploadedFiles()){
+            Metadatum[] mds = item.getMetadataByMetadataString("dc.rights.uri");
+            if(mds.length != 1){
+                System.out.println("ERR: Item " + item.getID() + " has " + mds.length + " dc.rights.uri");
+            }else{
+                String uri = mds[0].value;
+                // this should be fine we've checked hasUploadedFiles
+                Bitstream b = item.getNonInternalBitstreams()[0];
+                List<LicenseResourceMapping> mappings = f.getAllMappings(b.getID());
+                for(LicenseResourceMapping mapping : mappings){
+                    if(mapping.isActive()){
+                        if(!uri.equals(mapping.getLicenseDefinition().getDefinition())){
+                            System.out.println("ERR: Item " + item.getID() + " has dc.rights.uri " + uri + " " +
+                                    "but database has " + mapping.getLicenseDefinition().getDefinition());
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

dspace-xmlui/src/main/java/cz/cuni/mff/ufal/UFALLicenceAgreementAgreed.java

@@ -8,8 +8,10 @@
 import java.util.Set;
 
 
+import cz.cuni.mff.ufal.lindat.utilities.hibernate.*;
 import org.apache.cocoon.environment.ObjectModelHelper;
 import org.apache.cocoon.environment.Request;
+import org.dspace.authorize.AuthorizeException;
 import org.dspace.content.Bitstream;
 import org.dspace.content.Bundle;
 import org.dspace.content.Item;
@@ -20,10 +22,6 @@
 import org.dspace.handle.HandleManager;
 import static org.dspace.app.xmlui.cocoon.AbstractDSpaceTransformer.encodeForURL;
 
-import cz.cuni.mff.ufal.lindat.utilities.hibernate.LicenseResourceMapping;
-import cz.cuni.mff.ufal.lindat.utilities.hibernate.LicenseResourceUserAllowance;
-import cz.cuni.mff.ufal.lindat.utilities.hibernate.UserMetadata;
-import cz.cuni.mff.ufal.lindat.utilities.hibernate.UserRegistration;
 import cz.cuni.mff.ufal.lindat.utilities.interfaces.IFunctionalities;
 
 /**
@@ -49,7 +47,7 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 
 			int eID = 0;
 			EPerson eperson = context.getCurrentUser();
-			if(eperson!=null) {
+			if (eperson != null) {
 				eID = eperson.getID();
 			}
 
@@ -78,7 +76,7 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 					actions.add(exField);
 				}
 			}
-			
+
 			StringBuilder ids = new StringBuilder();
 
 			functionalityManager.openSession();
@@ -96,6 +94,12 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 				bss[0] = Bitstream.find(context, requestedBitstreamId);
 			}
 
+			for (LicenseDefinition ld : functionalityManager.getLicenses(bss[0].getID())) {
+				// LicenseForm.LicenseConfirmation.ALLOW_ANONYMOUS
+				if (ld.getConfirmation() != 3 && eID == 0) {
+					throw new AuthorizeException("Anonymous user is not allowed to download this file. Please login.");
+				}
+			}
 			String token = Utils.generateHexKey();
 
 			for (Bitstream bitstream : bss) {
@@ -128,7 +132,7 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 
 						functionalityManager.update(LicenseResourceUserAllowance.class, allowance);
 					}
-					
+
 					// add IP address
 					UserMetadata metaData = new UserMetadata();
 					metaData.setMetadataKey("IP");
@@ -138,7 +142,7 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 					functionalityManager.persist(UserMetadata.class, metaData);
 
 					functionalityManager.update(LicenseResourceUserAllowance.class, allowance);
-					
+
 
 				}
 
@@ -163,11 +167,11 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 			/*
 			 * AK: this is not working well with some requirements commenting
 			 * this out for now.
-			 * 
+			 *
 			 * After signing the license add the bitstream to session so that
 			 * for the current session the system will not check for licenses
 			 * again
-			 * 
+			 *
 			 * HttpSession session =
 			 * dspace.getSessionService().getCurrentSession(); String
 			 * authorizedBistreams = (String)
@@ -210,6 +214,10 @@ public String agree(Context context, Map objectModel,  boolean allzip, int reque
 				return contextPath + "/handle/" + handle;
 			}
 
+		} catch (AuthorizeException e){
+			log.error(e);
+			functionalityManager.close();
+			throw new RuntimeException(e);
 		} catch (Exception e) {
 			log.error(e);
 			functionalityManager.close();

utilities/src/main/java/cz/cuni/mff/ufal/lindat/utilities/HibernateFunctionalityManager.java

@@ -853,7 +853,22 @@ public boolean unSubscribe(int epersonId, int itemId) {
 
 		return true;
 	}
-
+
+	public List<Integer> getBitstreamIdsOfAskOnlyOnceWhereConfirmedByAnonymous(){
+		/**
+		 * This is `select * from license_definition d join license_resource_mapping m on d.license_id = m.license_id
+		 * and d.confirmation = 1 and m.active = true join license_resource_user_allowance al on m.mapping_id = al
+		 * .mapping_id and al.eperson_id = 0;` but in HQL
+		 */
+
+		String query = "select m.bitstreamId FROM LicenseDefinition d"
+				+ " JOIN d.licenseResourceMappings m"
+				+ " JOIN m.licenseResourceUserAllowances al"
+				+ " WHERE d.confirmation=1 AND m.active=true"
+				+ " AND al.userRegistration.epersonId=0";
+		return (List<Integer>)hibernateUtil.findByQuery(query, null);
+	}
+
 	public static void shutdown() {
 		HibernateUtil.getSessionFactory().close();
 	}