add fields to support servers-side node size

cadc-test-vos/build.gradle

@@ -16,7 +16,7 @@ sourceCompatibility = 1.8
 
 group = 'org.opencadc'
 
-version = '2.1.6'
+version = '2.1.8'
 
 description = 'OpenCADC VOSpace test library'
 def git_url = 'https://github.com/opencadc/vos'

cadc-test-vos/src/main/java/org/opencadc/conformance/vos/NodesTest.java

@@ -967,7 +967,8 @@ public void testPermissions() throws Exception {
         final URL childURL = getNodeURL(nodesServiceURL, childPath);
 
         // cleanup
-        delete(childURL, false);
+        HttpDelete deleteChildAction = new HttpDelete(childURL, true);
+        Subject.doAs(groupMember, new RunnableAction(deleteChildAction));
         delete(nodeURL, false);
 
         // PUT the node
@@ -1010,9 +1011,26 @@ public void testPermissions() throws Exception {
                 201, putAction.getResponseCode());
         Assert.assertNull("expected PUT throwable == null", putAction.getThrowable());
 
-        log.debug("Delete node " + childURL);
+        // test owner of root directory fails to read and delete due to a lack of explicit permission
+        getAction = new HttpGet(childURL, true);
+        Subject.doAs(authSubject, new RunnableAction(getAction));
+        Assert.assertEquals(403, getAction.getResponseCode());
         HttpDelete deleteAction = new HttpDelete(childURL, true);
-        Subject.doAs(groupMember, new RunnableAction(deleteAction));
+        Subject.doAs(authSubject, new RunnableAction(deleteAction));
+        Assert.assertEquals(403, getAction.getResponseCode());
+
+        // Allocation owners have read and write access over their tree allocation.
+        // Make root node an allocation node by adding the quota properties and test that the owner of
+        // that node (authSubject) in their new role can now perform the above actions.
+        testNode.getProperties().add(new NodeProperty(VOS.PROPERTY_URI_QUOTA, "123456"));
+        post(nodeURL, nodeURI, testNode);
+
+        getAction = new HttpGet(childURL, true);
+        Subject.doAs(authSubject, new RunnableAction(getAction));
+        Assert.assertEquals(200, getAction.getResponseCode());
+        log.debug("Delete node " + childURL);
+        deleteAction = new HttpDelete(childURL, true);
+        Subject.doAs(authSubject, new RunnableAction(deleteAction));
         log.debug("DELETE responseCode: " + deleteAction.getResponseCode());
         Assert.assertEquals("expected PUT response code = 200",
                 200, deleteAction.getResponseCode());

cadc-test-vos/src/main/java/org/opencadc/conformance/vos/VOSTest.java

@@ -100,6 +100,7 @@
 import org.opencadc.vospace.DataNode;
 import org.opencadc.vospace.Node;
 import org.opencadc.vospace.NodeNotSupportedException;
+import org.opencadc.vospace.NodeProperty;
 import org.opencadc.vospace.VOS;
 import org.opencadc.vospace.VOSURI;
 import org.opencadc.vospace.io.NodeParsingException;
@@ -139,12 +140,12 @@ protected VOSTest(URI resourceID, File testCert) {
     @Before
     public void initTestContainer() throws Exception {
         String name = rootTestFolderName;
-        URL nodeURL = getNodeURL(nodesServiceURL, null); // method already puts test folder name in
-        VOSURI nodeURI = getVOSURI(null);
         ContainerNode testNode = new ContainerNode(name);
         testNode.isPublic = true;
         testNode.inheritPermissions = false;
 
+        URL nodeURL = getNodeURL(nodesServiceURL, null); // method already puts test folder name in
+        VOSURI nodeURI = getVOSURI(null);
         NodeReader.NodeReaderResult result = get(nodeURL, 200, XML_CONTENT_TYPE, false);
         if (result == null) {
             put(nodeURL, nodeURI, testNode);

cadc-vos-server/build.gradle

@@ -16,7 +16,7 @@ sourceCompatibility = 1.8
 
 group = 'org.opencadc'
 
-version = '2.0.9'
+version = '2.0.11'
 
 description = 'OpenCADC VOSpace server'
 def git_url = 'https://github.com/opencadc/vos'

cadc-vos-server/src/main/java/org/opencadc/vospace/server/NodePersistence.java

@@ -3,7 +3,7 @@
  *******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
  **************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
  *
- *  (c) 2023.                            (c) 2023.
+ *  (c) 2024.                            (c) 2024.
  *  Government of Canada                 Gouvernement du Canada
  *  National Research Council            Conseil national de recherches
  *  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
@@ -71,15 +71,11 @@
 
 import ca.nrc.cadc.io.ResourceIterator;
 import ca.nrc.cadc.net.TransientException;
-import ca.nrc.cadc.util.FileMetadata;
 import java.net.URI;
-import java.util.List;
 import java.util.Set;
 import org.opencadc.vospace.ContainerNode;
-import org.opencadc.vospace.DataNode;
 import org.opencadc.vospace.Node;
 import org.opencadc.vospace.NodeNotSupportedException;
-import org.opencadc.vospace.NodeProperty;
 import org.opencadc.vospace.server.transfers.TransferGenerator;
 
 /**
@@ -108,6 +104,18 @@ public interface NodePersistence {
      */
     ContainerNode getRootNode();
 
+    /**
+     * Determine if a container node is an "allocation". Allocations are container 
+     * nodes that belong to users. 
+     * Use case: VOSpaceAuthorizer needs to identity allocations in order to grant 
+     * the allocation owner extra permissions to manage content in a multi-user/project 
+     * environment.
+     * 
+     * @param node the container node to check
+     * @return set of configured containers where allocations can be found
+     */
+    boolean isAllocation(ContainerNode node);
+
     /**
      * Get the set of properties that are only writable by admins.
      * 

cadc-vos-server/src/main/java/org/opencadc/vospace/server/auth/VOSpaceAuthorizer.java

@@ -131,6 +131,12 @@ public VOSpaceAuthorizer(NodePersistence nodePersistence) {
         this.nodePersistence = nodePersistence;
     }
 
+    // for unit tests
+    VOSpaceAuthorizer() {
+        this.nodePersistence = null;
+    }
+
+
     public void setDisregardLocks(boolean disregardLocks) {
         this.disregardLocks = disregardLocks;
     }
@@ -182,6 +188,11 @@ public boolean hasSingleNodeReadPermission(Node node, Subject subject) {
                 return true; // OK
             }
 
+            if (isAllocationOwner(node, subject)) {
+                log.debug("Allocation owner granted read permission.");
+                return true; // OK
+            }
+
             checkDelegation(node, subject);
 
             if (log.isDebugEnabled()) {
@@ -228,6 +239,11 @@ public boolean hasSingleNodeWritePermission(Node node, Subject subject) {
                 return true; // OK
             }
 
+            if (isAllocationOwner(node, subject)) {
+                log.debug("Allocation owner granted write permission");
+                return true; // OK
+            }
+
             checkDelegation(node, subject);
 
             if (log.isDebugEnabled()) {
@@ -315,7 +331,7 @@ private boolean hasMembership(Set<GroupURI> groups, Subject subject) {
      * @param node    node to check
      * @return true of the current subject is the owner, otherwise false
      */
-    private boolean isOwner(Node node, Subject subject) {
+    boolean isOwner(Node node, Subject subject) {
         Subject owner = node.owner;
         if (owner == null) {
             throw new IllegalStateException("BUG: no owner found for node: " + node);
@@ -339,6 +355,27 @@ private boolean isOwner(Node node, Subject subject) {
         return false;
     }
 
+    /**
+     * Check if the specified subject is the owner of the allocation a node belongsto. Allocation owner
+     * is identified as the owner of the first node in the path that has an associated quota attribute set.
+     * @param node
+     * @param subject
+     * @return
+     */
+    boolean isAllocationOwner(Node node, Subject subject) {
+        log.debug("isAllocationOwner: START");
+        Node parent = node.parent;
+        while (parent != null) {
+            if (parent.getProperty(VOS.PROPERTY_URI_QUOTA) != null) {
+                log.debug("found allocation owner: " + parent.ownerID + " at " + parent.getName());
+                return isOwner(parent, subject);
+            }
+            parent = parent.parent;
+        }
+        log.debug("not found: allocation owner");
+        return false;
+    }
+
     /**
      * check for delegation cookie and, if present, does an authorization
      * against it.

cadc-vos-server/src/test/java/org/opencadc/vospace/server/auth/VOSpaceAuthorizerTest.java

@@ -0,0 +1,196 @@
+/*
+************************************************************************
+*******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
+**************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
+*
+*  (c) 2024.                            (c) 2024.
+*  Government of Canada                 Gouvernement du Canada
+*  National Research Council            Conseil national de recherches
+*  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
+*  All rights reserved                  Tous droits réservés
+*
+*  NRC disclaims any warranties,        Le CNRC dénie toute garantie
+*  expressed, implied, or               énoncée, implicite ou légale,
+*  statutory, of any kind with          de quelque nature que ce
+*  respect to the software,             soit, concernant le logiciel,
+*  including without limitation         y compris sans restriction
+*  any warranty of merchantability      toute garantie de valeur
+*  or fitness for a particular          marchande ou de pertinence
+*  purpose. NRC shall not be            pour un usage particulier.
+*  liable in any event for any          Le CNRC ne pourra en aucun cas
+*  damages, whether direct or           être tenu responsable de tout
+*  indirect, special or general,        dommage, direct ou indirect,
+*  consequential or incidental,         particulier ou général,
+*  arising from the use of the          accessoire ou fortuit, résultant
+*  software.  Neither the name          de l'utilisation du logiciel. Ni
+*  of the National Research             le nom du Conseil National de
+*  Council of Canada nor the            Recherches du Canada ni les noms
+*  names of its contributors may        de ses  participants ne peuvent
+*  be used to endorse or promote        être utilisés pour approuver ou
+*  products derived from this           promouvoir les produits dérivés
+*  software without specific prior      de ce logiciel sans autorisation
+*  written permission.                  préalable et particulière
+*                                       par écrit.
+*
+*  This file is part of the             Ce fichier fait partie du projet
+*  OpenCADC project.                    OpenCADC.
+*
+*  OpenCADC is free software:           OpenCADC est un logiciel libre ;
+*  you can redistribute it and/or       vous pouvez le redistribuer ou le
+*  modify it under the terms of         modifier suivant les termes de
+*  the GNU Affero General Public        la “GNU Affero General Public
+*  License as published by the          License” telle que publiée
+*  Free Software Foundation,            par la Free Software Foundation
+*  either version 3 of the              : soit la version 3 de cette
+*  License, or (at your option)         licence, soit (à votre gré)
+*  any later version.                   toute version ultérieure.
+*
+*  OpenCADC is distributed in the       OpenCADC est distribué
+*  hope that it will be useful,         dans l’espoir qu’il vous
+*  but WITHOUT ANY WARRANTY;            sera utile, mais SANS AUCUNE
+*  without even the implied             GARANTIE : sans même la garantie
+*  warranty of MERCHANTABILITY          implicite de COMMERCIALISABILITÉ
+*  or FITNESS FOR A PARTICULAR          ni d’ADÉQUATION À UN OBJECTIF
+*  PURPOSE.  See the GNU Affero         PARTICULIER. Consultez la Licence
+*  General Public License for           Générale Publique GNU Affero
+*  more details.                        pour plus de détails.
+*
+*  You should have received             Vous devriez avoir reçu une
+*  a copy of the GNU Affero             copie de la Licence Générale
+*  General Public License along         Publique GNU Affero avec
+*  with OpenCADC.  If not, see          OpenCADC ; si ce n’est
+*  <http://www.gnu.org/licenses/>.      pas le cas, consultez :
+*                                       <http://www.gnu.org/licenses/>.
+*
+************************************************************************
+*/
+
+package org.opencadc.vospace.server.auth;
+
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.auth.NumericPrincipal;
+import java.util.UUID;
+import javax.security.auth.Subject;
+import org.apache.log4j.Logger;
+import org.junit.Assert;
+import org.junit.Test;
+import org.opencadc.vospace.ContainerNode;
+import org.opencadc.vospace.NodeProperty;
+import org.opencadc.vospace.VOS;
+
+/**
+ *
+ * @author pdowler
+ */
+public class VOSpaceAuthorizerTest {
+    private static final Logger log = Logger.getLogger(VOSpaceAuthorizerTest.class);
+
+    public VOSpaceAuthorizerTest() { 
+    }
+
+    @Test
+    public void testAllocationOwner() {
+        NumericPrincipal n1 = new NumericPrincipal(UUID.randomUUID());
+        HttpPrincipal h1 = new HttpPrincipal("somebody");
+        Subject allocationOwner = new Subject();
+        allocationOwner.getPrincipals().add(n1);
+        allocationOwner.getPrincipals().add(h1);
+
+        Subject other = new Subject();
+        other.getPrincipals().add(new NumericPrincipal(UUID.randomUUID()));
+        other.getPrincipals().add(new HttpPrincipal("other"));
+
+        ContainerNode root = new ContainerNode(new UUID(0L, 0L), "");
+        root.owner = new Subject();
+        root.owner.getPrincipals().add(new NumericPrincipal(UUID.randomUUID()));
+
+        ContainerNode home = new ContainerNode("home");
+        home.parent = root;
+        home.owner = root.owner;
+
+        ContainerNode alloc = new ContainerNode("alloc");
+        alloc.parent = home;
+        alloc.owner = allocationOwner;
+
+        ContainerNode sub1 = new ContainerNode("sub1");
+        sub1.parent = alloc;
+        sub1.owner = other;
+
+        ContainerNode sub2 = new ContainerNode("sub2");
+        sub2.parent = sub1;
+        sub2.owner = other;
+
+        final Subject caller = new Subject();
+        final VOSpaceAuthorizer auth = new VOSpaceAuthorizer();
+
+        // no quota to denote an allocation
+        caller.getPrincipals().addAll(allocationOwner.getPrincipals());
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // owner of child nodes
+        caller.getPrincipals().clear();
+        caller.getPrincipals().addAll(other.getPrincipals());
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // anon
+        caller.getPrincipals().clear();
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // random caller
+        caller.getPrincipals().add(new NumericPrincipal(UUID.randomUUID()));
+        caller.getPrincipals().add(new HttpPrincipal("caller"));
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        alloc.getProperties().add(new NodeProperty(VOS.PROPERTY_URI_QUOTA, "1234"));
+
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // alloc owner
+        caller.getPrincipals().clear();
+        caller.getPrincipals().add(h1);
+        Assert.assertTrue("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertTrue("sub1", auth.isAllocationOwner(sub1, caller));
+        //Assert.assertTrue("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // root owner is never an alloc owner
+        caller.getPrincipals().clear();
+        caller.getPrincipals().addAll(root.owner.getPrincipals());
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        Assert.assertFalse("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertFalse("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+
+        // this makes a parent allocation that includes the previous allocation
+        root.getProperties().add(new NodeProperty(VOS.PROPERTY_URI_QUOTA, "1234"));
+        Assert.assertFalse("sub2", auth.isAllocationOwner(sub2, caller));
+        Assert.assertFalse("sub1", auth.isAllocationOwner(sub1, caller));
+        // here we bypass the alloc quota and see the root quota
+        // TODO: is this the right behaviour??
+        Assert.assertTrue("alloc", auth.isAllocationOwner(alloc, caller));
+        Assert.assertTrue("home", auth.isAllocationOwner(home, caller));
+        Assert.assertFalse("root", auth.isAllocationOwner(root, caller));
+    }
+}