Review of endpoint to return all resources

src/core/model/src/main/java/it/geosolutions/geostore/core/model/Resource.java

@@ -47,7 +47,6 @@
 import javax.persistence.TemporalType;
 import javax.persistence.UniqueConstraint;
 import javax.xml.bind.annotation.XmlElementWrapper;
-import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlTransient;
 
 /**
@@ -70,7 +69,6 @@
             @Index(name = "idx_resource_category", columnList = "category_id")
         })
 // @Cache(usage = CacheConcurrencyStrategy.READ_WRITE, region = "gs_resource")
-@XmlRootElement(name = "Resource")
 public class Resource implements Serializable, CycleRecoverable {
 
     private static final long serialVersionUID = 4852100679788007328L;

src/core/model/src/main/java/it/geosolutions/geostore/core/model/SecurityRule.java

@@ -256,6 +256,11 @@ public String toString() {
             builder.append("group=").append(group);
         }
 
+        if (user != null) {
+            builder.append(", ");
+            builder.append("user=").append(user);
+        }
+
         // if ( category != null ) {
         // builder.append(", ");
         // builder.append("category=").append(category);

src/core/model/src/main/java/it/geosolutions/geostore/core/model/UserGroup.java

@@ -186,6 +186,11 @@ public String toString() {
             builder.append("groupName=").append(groupName);
         }
 
+        if (users != null) {
+            builder.append(", ");
+            builder.append("users=").append(users);
+        }
+
         builder.append(']');
 
         return builder.toString();

src/core/persistence/src/main/java/it/geosolutions/geostore/core/dao/SecurityDAO.java

@@ -54,5 +54,9 @@ public interface SecurityDAO extends RestrictedGenericDAO<SecurityRule> {
      * @param resourceId
      * @return List<SecurityRule>
      */
-    public List<SecurityRule> findSecurityRules(long resourceId);
+    public List<SecurityRule> findResourceSecurityRules(long resourceId);
+
+    List<SecurityRule> findUserSecurityRules(long userId);
+
+    List<SecurityRule> findUserGroupSecurityRules(long userGroupId);
 }

src/core/persistence/src/main/java/it/geosolutions/geostore/core/dao/impl/ExternalSecurityDAOImpl.java

@@ -175,16 +175,16 @@ public List<SecurityRule> findUserSecurityRule(String userName, long resourceId)
     }
 
     @Override
-    public List<SecurityRule> findSecurityRules(long resourceId) {
-        return fillFromNames(super.findSecurityRules(resourceId));
+    public List<SecurityRule> findResourceSecurityRules(long resourceId) {
+        return fillFromNames(super.findResourceSecurityRules(resourceId));
     }
 
     /* (non-Javadoc)
      * @see it.geosolutions.geostore.core.dao.ResourceDAO#findGroupSecurityRule(java.lang.String, long)
      */
     @Override
     public List<SecurityRule> findGroupSecurityRule(List<String> groupNames, long resourceId) {
-        List<SecurityRule> rules = findSecurityRules(resourceId);
+        List<SecurityRule> rules = findResourceSecurityRules(resourceId);
         // WORKAROUND
         List<SecurityRule> filteredRules = new ArrayList<SecurityRule>();
         for (SecurityRule sr : rules) {

src/core/persistence/src/main/java/it/geosolutions/geostore/core/dao/impl/SecurityDAOImpl.java

@@ -236,7 +236,7 @@ public List<SecurityRule> findUserSecurityRule(String userName, long resourceId)
      * @return List<SecurityRule>
      */
     @Override
-    public List<SecurityRule> findSecurityRules(long resourceId) {
+    public List<SecurityRule> findResourceSecurityRules(long resourceId) {
         Search searchCriteria = new Search(SecurityRule.class);
 
         Filter securityFilter = Filter.equal("resource.id", resourceId);
@@ -246,12 +246,42 @@ public List<SecurityRule> findSecurityRules(long resourceId) {
         return super.search(searchCriteria);
     }
 
+    /**
+     * @param userId
+     * @return List<SecurityRule>
+     */
+    @Override
+    public List<SecurityRule> findUserSecurityRules(long userId) {
+        Search searchCriteria = new Search(SecurityRule.class);
+
+        Filter securityFilter = Filter.equal("user.id", userId);
+
+        searchCriteria.addFilter(securityFilter);
+
+        return super.search(searchCriteria);
+    }
+
+    /**
+     * @param userGroupId
+     * @return List<SecurityRule>
+     */
+    @Override
+    public List<SecurityRule> findUserGroupSecurityRules(long userGroupId) {
+        Search searchCriteria = new Search(SecurityRule.class);
+
+        Filter securityFilter = Filter.equal("group.id", userGroupId);
+
+        searchCriteria.addFilter(securityFilter);
+
+        return super.search(searchCriteria);
+    }
+
     /* (non-Javadoc)
      * @see it.geosolutions.geostore.core.dao.ResourceDAO#findGroupSecurityRule(java.lang.String, long)
      */
     @Override
     public List<SecurityRule> findGroupSecurityRule(List<String> groupNames, long resourceId) {
-        List<SecurityRule> rules = findSecurityRules(resourceId);
+        List<SecurityRule> rules = findResourceSecurityRules(resourceId);
         // WORKAROUND
         List<SecurityRule> filteredRules = new ArrayList<SecurityRule>();
         for (SecurityRule sr : rules) {

src/core/services-api/src/main/java/it/geosolutions/geostore/services/PermissionService.java

@@ -0,0 +1,50 @@
+package it.geosolutions.geostore.services;
+
+import it.geosolutions.geostore.core.model.Resource;
+import it.geosolutions.geostore.core.model.User;
+
+public interface PermissionService {
+    /**
+     * This method allows us to know if we filter out "unadvertised" resources for
+     * non-admin/non-owners, keeping only owned resources.
+     *
+     * <p>Be aware to fetch the user security rules prior to call this method.
+     *
+     * @param resource
+     * @param user
+     * @return <code>true</code> if the resource should be visible to the user, <code>false</code>
+     *     otherwise
+     * @throws IllegalArgumentException if the user security rules have not been initialized
+     *     properly
+     */
+    boolean isResourceAvailableForUser(Resource resource, User user);
+
+    /**
+     * Check if the user has at least one {@link it.geosolutions.geostore.core.model.SecurityRule}
+     * associated in which he is the user.
+     *
+     * <p>Be aware to fetch the user security rules prior to call this method.
+     *
+     * @param user
+     * @param resource
+     * @return @return <code>true</code> if the user is the owner of the resource, <code>false
+     *     </code> otherwise
+     * @throws IllegalArgumentException if the user security rules have not been initialized
+     *     properly
+     */
+    boolean isUserOwner(User user, Resource resource);
+
+    /**
+     * GUEST users can not access to the delete and edit (resource, data blob is editable) services,
+     * so only admins and authenticated users with write permissions can.
+     *
+     * <p>Be aware to fetch the user security rules prior to call this method.
+     *
+     * @param user
+     * @param resource
+     * @return <code>true</code> if the user can access the resource, <code>false</code> otherwise
+     * @throws IllegalArgumentException if the user security rules have not been initialized
+     *     properly
+     */
+    boolean canUserAccessResource(User user, Resource resource);
+}

src/core/services-api/src/main/java/it/geosolutions/geostore/services/ResourceService.java

@@ -32,6 +32,7 @@
 import it.geosolutions.geostore.core.model.SecurityRule;
 import it.geosolutions.geostore.core.model.User;
 import it.geosolutions.geostore.core.model.enums.DataType;
+import it.geosolutions.geostore.services.dto.ResourceSearchParameters;
 import it.geosolutions.geostore.services.dto.ShortAttribute;
 import it.geosolutions.geostore.services.dto.ShortResource;
 import it.geosolutions.geostore.services.dto.search.SearchFilter;
@@ -91,25 +92,22 @@ long insert(Resource resource)
     Resource get(long id);
 
     /**
-     * @param nameLike
-     * @param page
-     * @param entries
-     * @param authUser
+     * @param resourceSearchParameters the object encapsulating search criteria such as pagination,
+     *     sorting options, filters, user context, and additional settings for resource retrieval.
      * @return List<ShortResource>
      * @throws BadRequestServiceEx
      */
-    List<ShortResource> getList(String nameLike, Integer page, Integer entries, User authUser)
-            throws BadRequestServiceEx;
+    List<ShortResource> getList(ResourceSearchParameters resourceSearchParameters)
+            throws BadRequestServiceEx, InternalErrorServiceEx;
 
     /**
-     * @param page
-     * @param entries
-     * @param authUser
+     * @param resourceSearchParameters the object encapsulating search criteria such as pagination,
+     *     sorting options, filters, user context, and additional settings for resource retrieval.
      * @return List<ShortResource>
      * @throws BadRequestServiceEx
      */
-    List<ShortResource> getAll(Integer page, Integer entries, User authUser)
-            throws BadRequestServiceEx;
+    List<ShortResource> getAll(ResourceSearchParameters resourceSearchParameters)
+            throws BadRequestServiceEx, InternalErrorServiceEx;
 
     /**
      * @param nameLike
@@ -159,54 +157,34 @@ List<ShortResource> getAll(Integer page, Integer entries, User authUser)
     long updateAttribute(long id, String name, String value) throws InternalErrorServiceEx;
 
     /**
-     * @param filter
-     * @param authUser
-     * @return List<ShortResource>
+     * @param resourceSearchParameters the object encapsulating search criteria such as pagination,
+     *     sorting options, filters, user context, and additional settings for resource retrieval.
+     * @return List<Resource>
      * @throws BadRequestServiceEx
      * @throws InternalErrorServiceEx
      */
-    List<ShortResource> getResources(SearchFilter filter, User authUser)
+    List<Resource> getResources(ResourceSearchParameters resourceSearchParameters)
             throws BadRequestServiceEx, InternalErrorServiceEx;
 
     /**
-     * @param filter
-     * @param page
-     * @param entries
-     * @param authUser
+     * @param resourceSearchParameters the object encapsulating search criteria such as pagination,
+     *     sorting options, filters, user context, and additional settings for resource retrieval.
      * @return List<ShortResource>
      * @throws BadRequestServiceEx
      * @throws InternalErrorServiceEx
      */
-    List<ShortResource> getResources(
-            SearchFilter filter, Integer page, Integer entries, User authUser)
-            throws BadRequestServiceEx, InternalErrorServiceEx;
-
-    /**
-     * @param filter
-     * @param page
-     * @param entries
-     * @param includeAttributes
-     * @param includeData
-     * @return List<Resource>
-     * @throws BadRequestServiceEx
-     * @throws InternalErrorServiceEx
-     */
-    List<Resource> getResources(
-            SearchFilter filter,
-            Integer page,
-            Integer entries,
-            boolean includeAttributes,
-            boolean includeData,
-            User authUser)
+    List<ShortResource> getShortResources(ResourceSearchParameters resourceSearchParameters)
             throws BadRequestServiceEx, InternalErrorServiceEx;
 
     /**
      * Return a list of resources joined with their data. This call can be very heavy for the system. Please use this method only when you are sure a
-     * few data will be returned, otherwise consider using
-     * {@link #getResources(it.geosolutions.geostore.services.dto.search.SearchFilter, it.geosolutions.geostore.core.model.User) getResources) if you
-     * need less data.
+     * few data will be returned, otherwise consider using {@link #getShortResources(ResourceSearchParameters)) if you need less data.
+     *
+     * @param resourceSearchParameters the object encapsulating search criteria such as pagination,
+     *                                 sorting options, filters, user context, and additional settings
+     *                                 for resource retrieval.
      */
-    public List<Resource> getResourcesFull(SearchFilter filter, User authUser)
+    List<Resource> getResourcesFull(ResourceSearchParameters resourceSearchParameters)
             throws BadRequestServiceEx, InternalErrorServiceEx;
 
     /**
@@ -215,8 +193,7 @@ public List<Resource> getResourcesFull(SearchFilter filter, User authUser)
      * @param id
      * @return
      */
-    public List<SecurityRule> getSecurityRules(long id)
-            throws BadRequestServiceEx, InternalErrorServiceEx;
+    List<SecurityRule> getSecurityRules(long id);
 
     /**
      * Replaces the list of security rules for the given resource.
@@ -227,7 +204,7 @@ public List<SecurityRule> getSecurityRules(long id)
      * @throws InternalErrorServiceEx
      * @throws NotFoundServiceEx
      */
-    public void updateSecurityRules(long id, List<SecurityRule> rules)
+    void updateSecurityRules(long id, List<SecurityRule> rules)
             throws BadRequestServiceEx, InternalErrorServiceEx, NotFoundServiceEx;
 
     /**

src/core/services-api/src/main/java/it/geosolutions/geostore/services/UserService.java

@@ -74,7 +74,7 @@ public interface UserService {
     /**
      * @param name
      * @return User
-     * @throws NotFoundWebEx
+     * @throws NotFoundServiceEx
      */
     public User get(String name) throws NotFoundServiceEx;
 
@@ -128,4 +128,14 @@ List<User> getAll(Integer page, Integer entries, String nameLike, boolean includ
     public Collection<User> getByAttribute(UserAttribute attribute);
 
     public Collection<User> getByGroup(UserGroup group);
+
+    /**
+     * Initialize the user entity by fetching its security rules and group security rules from the
+     * database.
+     *
+     * @param user
+     */
+    default void fetchSecurityRules(User user) {
+        /* no-op */
+    }
 }