forked from IQSS/dataverse
-
Notifications
You must be signed in to change notification settings - Fork 1
/
MediaResourceManagerImpl.java
402 lines (370 loc) · 22 KB
/
MediaResourceManagerImpl.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
package edu.harvard.iq.dataverse.api.datadeposit;
import edu.harvard.iq.dataverse.DataFile;
import edu.harvard.iq.dataverse.DataFileServiceBean;
import edu.harvard.iq.dataverse.Dataset;
import edu.harvard.iq.dataverse.DatasetServiceBean;
import edu.harvard.iq.dataverse.DatasetVersion;
import edu.harvard.iq.dataverse.Dataverse;
import edu.harvard.iq.dataverse.EjbDataverseEngine;
import edu.harvard.iq.dataverse.PermissionServiceBean;
import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;
import edu.harvard.iq.dataverse.dataaccess.StorageIO;
import edu.harvard.iq.dataverse.datacapturemodule.DataCaptureModuleUtil;
import edu.harvard.iq.dataverse.datasetutility.FileExceedsMaxSizeException;
import edu.harvard.iq.dataverse.engine.command.DataverseRequest;
import edu.harvard.iq.dataverse.engine.command.exception.CommandException;
import edu.harvard.iq.dataverse.engine.command.impl.UpdateDatasetVersionCommand;
import edu.harvard.iq.dataverse.ingest.IngestServiceBean;
import edu.harvard.iq.dataverse.settings.SettingsServiceBean;
import edu.harvard.iq.dataverse.util.BundleUtil;
import edu.harvard.iq.dataverse.util.FileUtil;
import edu.harvard.iq.dataverse.util.config.SystemConfig;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.ejb.EJB;
import javax.ejb.EJBException;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.validation.ConstraintViolation;
import javax.validation.ConstraintViolationException;
import org.swordapp.server.AuthCredentials;
import org.swordapp.server.Deposit;
import org.swordapp.server.DepositReceipt;
import org.swordapp.server.MediaResource;
import org.swordapp.server.MediaResourceManager;
import org.swordapp.server.SwordAuthException;
import org.swordapp.server.SwordConfiguration;
import org.swordapp.server.SwordError;
import org.swordapp.server.SwordServerException;
import org.swordapp.server.UriRegistry;
public class MediaResourceManagerImpl implements MediaResourceManager {
private static final Logger logger = Logger.getLogger(MediaResourceManagerImpl.class.getCanonicalName());
@EJB
EjbDataverseEngine commandEngine;
@EJB
DatasetServiceBean datasetService;
@EJB
DataFileServiceBean dataFileService;
@EJB
IngestServiceBean ingestService;
@EJB
PermissionServiceBean permissionService;
@EJB
SettingsServiceBean settingsSvc;
@EJB
SystemConfig systemConfig;
@Inject
SwordAuth swordAuth;
@Inject
UrlManager urlManager;
private HttpServletRequest httpRequest;
@Override
public MediaResource getMediaResourceRepresentation(String uri, Map<String, String> map, AuthCredentials authCredentials, SwordConfiguration swordConfiguration) throws SwordError, SwordServerException, SwordAuthException {
AuthenticatedUser user = swordAuth.auth(authCredentials);
DataverseRequest dvReq = new DataverseRequest(user, httpRequest);
urlManager.processUrl(uri);
String globalId = urlManager.getTargetIdentifier();
if (urlManager.getTargetType().equals("study") && globalId != null) {
logger.fine("looking up dataset with globalId " + globalId);
Dataset dataset = datasetService.findByGlobalId(globalId);
if (dataset != null) {
/**
* @todo: support downloading of files (SWORD 2.0 Profile 6.4. -
* Retrieving the content)
* http://swordapp.github.io/SWORDv2-Profile/SWORDProfile.html#protocoloperations_retrievingcontent
*
* This ticket is mostly about terms of use:
* https://github.com/IQSS/dataverse/issues/183
*/
boolean getMediaResourceRepresentationSupported = false;
if (getMediaResourceRepresentationSupported) {
Dataverse dvThatOwnsDataset = dataset.getOwner();
/**
* @todo Add Dataverse 4 style permission check here. Is
* there a Command we use for downloading files as zip?
*/
boolean authorized = false;
if (authorized) {
/**
* @todo Zip file download is being implemented in
* https://github.com/IQSS/dataverse/issues/338
*/
InputStream fixmeInputStream = new ByteArrayInputStream("FIXME: replace with zip of all dataset files".getBytes());
String contentType = "application/zip";
String packaging = UriRegistry.PACKAGE_SIMPLE_ZIP;
boolean isPackaged = true;
MediaResource mediaResource = new MediaResource(fixmeInputStream, contentType, packaging, isPackaged);
return mediaResource;
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "user " + user.getDisplayInfo().getTitle() + " is not authorized to get a media resource representation of the dataset with global ID " + dataset.getGlobalIdString());
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Downloading files via the SWORD-based Dataverse Data Deposit API is not (yet) supported: https://github.com/IQSS/dataverse/issues/183");
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Couldn't find dataset with global ID of " + globalId);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Couldn't dermine target type or identifier from URL: " + uri);
}
}
@Override
public DepositReceipt replaceMediaResource(String uri, Deposit deposit, AuthCredentials authCredentials, SwordConfiguration swordConfiguration) throws SwordError, SwordServerException, SwordAuthException {
/**
* @todo: Perhaps create a new version of a dataset here?
*
* "The server MUST effectively replace all the existing content in the
* item, although implementations may choose to provide versioning or
* some other mechanism for retaining the overwritten content." --
* http://swordapp.github.io/SWORDv2-Profile/SWORDProfile.html#protocoloperations_editingcontent_binary
*
* Also, if you enable this method, think about the SwordError currently
* being returned by replaceOrAddFiles with shouldReplace set to true
* and an empty zip uploaded. If no files are unzipped the user will see
* a error about this but the files will still be deleted!
*/
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Replacing the files of a dataset is not supported. Please delete and add files separately instead.");
}
@Override
public void deleteMediaResource(String uri, AuthCredentials authCredentials, SwordConfiguration swordConfiguration) throws SwordError, SwordServerException, SwordAuthException {
AuthenticatedUser user = swordAuth.auth(authCredentials);
DataverseRequest dvReq = new DataverseRequest(user, httpRequest);
urlManager.processUrl(uri);
String targetType = urlManager.getTargetType();
String fileId = urlManager.getTargetIdentifier();
if (targetType != null && fileId != null) {
if ("file".equals(targetType)) {
String fileIdString = urlManager.getTargetIdentifier();
if (fileIdString != null) {
Long fileIdLong;
try {
fileIdLong = Long.valueOf(fileIdString);
} catch (NumberFormatException ex) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "File id must be a number, not '" + fileIdString + "'. URL was: " + uri);
}
if (fileIdLong != null) {
logger.fine("preparing to delete file id " + fileIdLong);
DataFile fileToDelete = dataFileService.find(fileIdLong);
if (fileToDelete != null) {
boolean deleteCommandSuccess = false;
Dataset dataset = fileToDelete.getOwner();
Dataset datasetThatOwnsFile = fileToDelete.getOwner();
Dataverse dataverseThatOwnsFile = datasetThatOwnsFile.getOwner();
String deleteStorageLocation = null;
deleteStorageLocation = dataFileService.getPhysicalFileToDelete(fileToDelete);
/**
* @todo it would be nice to have this check higher
* up. Do we really need the file ID? Should the
* last argument to isUserAllowedOn be changed from
* "dataset" to "fileToDelete"?
*/
UpdateDatasetVersionCommand updateDatasetCommand = new UpdateDatasetVersionCommand(dataset, dvReq, fileToDelete);
if (!permissionService.isUserAllowedOn(user, updateDatasetCommand, dataset)) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "User " + user.getDisplayInfo().getTitle() + " is not authorized to modify " + dataverseThatOwnsFile.getAlias());
}
try {
commandEngine.submit(updateDatasetCommand);
deleteCommandSuccess = true;
} catch (CommandException ex) {
throw SwordUtil.throwSpecialSwordErrorWithoutStackTrace(UriRegistry.ERROR_BAD_REQUEST, "Could not delete file: " + ex);
}
if (deleteCommandSuccess) {
if (deleteStorageLocation != null) {
// Finalize the delete of the physical file
// (File service will double-check that the datafile no
// longer exists in the database, before proceeding to
// delete the physical file)
try {
dataFileService.finalizeFileDelete(fileIdLong, deleteStorageLocation);
} catch (IOException ioex) {
logger.warning("Failed to delete the physical file associated with the deleted datafile id="
+ fileIdLong + ", storage location: " + deleteStorageLocation);
}
}
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unable to find file id " + fileIdLong + " from URL: " + uri);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unable to find file id in URL: " + uri);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Could not file file to delete in URL: " + uri);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unsupported file type found in URL: " + uri);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Target or identifer not specified in URL: " + uri);
}
}
@Override
public DepositReceipt addResource(String uri, Deposit deposit, AuthCredentials authCredentials, SwordConfiguration swordConfiguration) throws SwordError, SwordServerException, SwordAuthException {
boolean shouldReplace = false;
return replaceOrAddFiles(uri, deposit, authCredentials, swordConfiguration, shouldReplace);
}
DepositReceipt replaceOrAddFiles(String uri, Deposit deposit, AuthCredentials authCredentials, SwordConfiguration swordConfiguration, boolean shouldReplace) throws SwordError, SwordAuthException, SwordServerException {
if (!systemConfig.isHTTPUpload()) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, BundleUtil.getStringFromBundle("file.api.httpDisabled"));
}
AuthenticatedUser user = swordAuth.auth(authCredentials);
DataverseRequest dvReq = new DataverseRequest(user, httpRequest);
urlManager.processUrl(uri);
String globalId = urlManager.getTargetIdentifier();
if (urlManager.getTargetType().equals("study") && globalId != null) {
logger.fine("looking up dataset with globalId " + globalId);
Dataset dataset = datasetService.findByGlobalId(globalId);
if (dataset == null) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Could not find dataset with global ID of " + globalId);
}
UpdateDatasetVersionCommand updateDatasetCommand = new UpdateDatasetVersionCommand(dataset, dvReq);
if (!permissionService.isUserAllowedOn(user, updateDatasetCommand, dataset)) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "user " + user.getDisplayInfo().getTitle() + " is not authorized to modify dataset with global ID " + dataset.getGlobalIdString());
}
//---------------------------------------
// Make sure that the upload type is not rsync - handled above for dual mode
// -------------------------------------
if (dataset.getEditVersion().isHasPackageFile()) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, BundleUtil.getStringFromBundle("file.api.alreadyHasPackageFile"));
}
// Right now we are only supporting UriRegistry.PACKAGE_SIMPLE_ZIP but
// in the future maybe we'll support other formats? Rdata files? Stata files?
/**
* @todo decide if we want non zip files to work. Technically, now
* that we're letting ingestService.createDataFiles unpack the zip
* for us, the following *does* work:
*
* curl--data-binary @path/to/trees.png -H "Content-Disposition:
* filename=trees.png" -H "Content-Type: image/png" -H "Packaging:
* http://purl.org/net/sword/package/SimpleZip"
*
* We *might* want to continue to force API users to only upload zip
* files so that some day we can support a including a file or files
* that contain the metadata (i.e. description) for each file in the
* zip: https://github.com/IQSS/dataverse/issues/723
*/
if (!deposit.getPackaging().equals(UriRegistry.PACKAGE_SIMPLE_ZIP)) {
throw new SwordError(UriRegistry.ERROR_CONTENT, 415, "Package format " + UriRegistry.PACKAGE_SIMPLE_ZIP + " is required but format specified in 'Packaging' HTTP header was " + deposit.getPackaging());
}
String uploadedZipFilename = deposit.getFilename();
DatasetVersion editVersion = dataset.getEditVersion();
if (deposit.getInputStream() == null) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Deposit input stream was null.");
}
int bytesAvailableInInputStream = 0;
try {
bytesAvailableInInputStream = deposit.getInputStream().available();
} catch (IOException ex) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Could not determine number of bytes available in input stream: " + ex);
}
if (bytesAvailableInInputStream == 0) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Bytes available in input stream was " + bytesAvailableInInputStream + ". Please check the file you are attempting to deposit.");
}
/**
* @todo Think about if we should instead pass in "application/zip"
* rather than letting ingestService.createDataFiles() guess the
* contentType by passing it "null". See also the note above about
* SimpleZip vs. other contentTypes.
*/
String guessContentTypeForMe = null;
List<DataFile> dataFiles = new ArrayList<>();
try {
try {
dataFiles = FileUtil.createDataFiles(editVersion, deposit.getInputStream(), uploadedZipFilename, guessContentTypeForMe, null, null, systemConfig);
} catch (EJBException ex) {
Throwable cause = ex.getCause();
if (cause != null) {
if (cause instanceof IllegalArgumentException) {
/**
* @todo should be safe to remove this catch of
* EJBException and IllegalArgumentException once
* this ticket is resolved:
*
* IllegalArgumentException: MALFORMED when
* uploading certain zip files
* https://github.com/IQSS/dataverse/issues/1021
*/
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Exception caught calling ingestService.createDataFiles. Problem with zip file, perhaps: " + cause);
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Exception caught calling ingestService.createDataFiles: " + cause);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Exception caught calling ingestService.createDataFiles. No cause: " + ex.getMessage());
}
} /*TODO: L.A. 4.6! catch (FileExceedsMaxSizeException ex) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Exception caught calling ingestService.createDataFiles: " + ex.getMessage());
//Logger.getLogger(MediaResourceManagerImpl.class.getName()).log(Level.SEVERE, null, ex);
}*/
} catch (IOException ex) {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unable to add file(s) to dataset: " + ex.getMessage());
}
if (!dataFiles.isEmpty()) {
Set<ConstraintViolation> constraintViolations = editVersion.validate();
if (constraintViolations.size() > 0) {
ConstraintViolation violation = constraintViolations.iterator().next();
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unable to add file(s) to dataset: " + violation.getMessage() + " The invalid value was \"" + violation.getInvalidValue() + "\".");
} else {
ingestService.saveAndAddFilesToDataset(editVersion, dataFiles, null);
}
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "No files to add to dataset. Perhaps the zip file was empty.");
}
try {
dataset = commandEngine.submit(updateDatasetCommand);
} catch (CommandException ex) {
throw returnEarly("Couldn't update dataset " + ex);
} catch (EJBException ex) {
/**
* @todo stop bothering to catch an EJBException once this has
* been implemented:
*
* Have commands catch ConstraintViolationException and turn
* them into something that inherits from CommandException ·
* https://github.com/IQSS/dataverse/issues/1009
*/
Throwable cause = ex;
StringBuilder sb = new StringBuilder();
sb.append(ex.getLocalizedMessage());
while (cause.getCause() != null) {
cause = cause.getCause();
sb.append(cause + " ");
if (cause instanceof ConstraintViolationException) {
ConstraintViolationException constraintViolationException = (ConstraintViolationException) cause;
for (ConstraintViolation<?> violation : constraintViolationException.getConstraintViolations()) {
sb.append(" Invalid value \"").append(violation.getInvalidValue()).append("\" for ")
.append(violation.getPropertyPath()).append(" at ")
.append(violation.getLeafBean()).append(" - ")
.append(violation.getMessage());
}
}
}
throw returnEarly("EJBException: " + sb.toString());
}
ingestService.startIngestJobsForDataset(dataset, user);
ReceiptGenerator receiptGenerator = new ReceiptGenerator();
String baseUrl = urlManager.getHostnamePlusBaseUrlPath(uri);
DepositReceipt depositReceipt = receiptGenerator.createDatasetReceipt(baseUrl, dataset);
return depositReceipt;
} else {
throw new SwordError(UriRegistry.ERROR_BAD_REQUEST, "Unable to determine target type or identifier from URL: " + uri);
}
}
/**
* @todo get rid of this method
*/
private SwordError returnEarly(String error) {
SwordError swordError = new SwordError(error);
StackTraceElement[] emptyStackTrace = new StackTraceElement[0];
swordError.setStackTrace(emptyStackTrace);
return swordError;
}
public void setHttpRequest(HttpServletRequest httpRequest) {
this.httpRequest = httpRequest;
}
}