Google Git
Sign in
apache / airavata / 305cccab1d8eab8aff28e0fa06ebe9f01ffdde2e / . / modules / sharing-registry / sharing-service-docs / index.html
blob: e6a89f0b5ac6fe5b5a6c1d0fcf00356cd6f8ed4d [file] [log] [blame]
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<html>
<head>
<title>Airavata Sharing Registry Service</title>
<link href="style.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div class="container-fluid">
<h2>Welcome to Airavata Sharing Registry Service Documentation</h2>
<p>Airavata Data Sharing Registry Service is a general purpose <b>Collaborative Workspace Management Component</b>
that can solve
your Scientific Data Management requirements related to sharing and access controlling.</p>
<p><span style="color: red; ">N.B. This component is under active development and this document will keep on evolving. Click <a href="./api-docs/index.html">here</a>
to see the API docs</span>
</p>
<div id="#concepts">
<h3>Concepts & Terminology</h3>
<img src="sharing_overview.png" alt="Sharing Concepts" height="600" width="800">
</div>
<br/>
<div id="#getting-started">
<h3>Getting started with the Java client</h3>
<div>
<ol start="0">
<li><a href="#requirements">Requirements</a></li>
<li><a href="#thrift-client">Create a thrift client</a></li>
<li><a href="#create-domain">Create a Domain</a></li>
<li><a href="#create-users">Create Users</a></li>
<li><a href="#create-groups">Create Groups</a></li>
<li><a href="#assign-users-to-group">Assign Users to a Group</a></li>
<li><a href="#assign-groups-to-group">Assign Groups to a Group</a></li>
<li><a href="#create-permission-types">Create Permission Types for your Domain</a></li>
<li><a href="#create-entity-types">Create Entity Types for your Domain</a></li>
<li><a href="#create-entities">Create Entities</a></li>
<li><a href="#sharing-entities">Share Entities</a></li>
<li><a href="#checking-user-has-access">Checking User has Permission</a></li>
<li><a href="#search-entities">Searching Entities</a></li>
</ol>
</div>
<br/>
<div class="definition" id="requirements">
<h4>0. Required maven dependencies</h4>
<pre>
&lt;dependency&gt;
&lt;groupId>org.apache.airavata&lt;/groupId&gt;
&lt;artifactId>airavata-sharing-registry-stubs&lt;/artifactId&gt;
&lt;version>0.17-SNAPSHOT&lt;/version&gt;
&lt;/dependency&gt;
&lt;dependency&gt;
&lt;groupId>org.apache.thrift&lt;/groupId&gt;
&lt;artifactId>libthrift&lt;/artifactId&gt;
&lt;version>0.9.3&lt;/version&gt;
&lt;/dependency&gt;
</pre>
</div>
<div class="definition" id="thrift-client">
<h4>1. Creating the thrift client</h4>
<pre>
//should use the correct host name and port here
String serverHost = "gw56.iu.xsede.org";
int serverPort = 7878;
TTransport transport = new TSocket(serverHost, serverPort);
transport.open();
TProtocol protocol = new TBinaryProtocol(transport);
SharingRegistryService.Client sharingServiceClient = new SharingRegistryService.Client(protocol);
</pre>
</div>
<div class="definition" id="create-domain">
<h4>2. Create a domain</h4>
<pre>
Domain domain = new Domain();
//has to be one word
domain.setName("test-domain");
//optional
domain.setDescription("test domain description");
//domain id will be same as domain name
String domainId = sharingServiceClient.createDomain(domain);
</pre>
</div>
<div class="definition" id="create-users">
<h4>2. Create Users</h4>
<pre>
User user1 = new User();
String userName = "test-user-1";
String userId1 = "test-user-1";
//required
user1.setUserId(userId1);
//required
user.setUserName(userName);
//required
user1.setDomainId(domainId);
//required
user1.setFirstName("John");
//required
user1.setLastName("Doe");
//required
user1.setEmail("john.doe@abc.com");
//optional - this should be bytes of the users image icon
//byte[] icon = new byte[10];
//user1.setIcon(icon);
sharingServiceClient.createUser(user1);
//Similarly create two more users user2 and user3.
.
.
.
</pre>
</div>
<div class="definition" id="create-groups">
<h4>3. Create User Groups</h4>
<pre>
UserGroup userGroup1 = new UserGroup();
//required
userGroup1.setGroupId("test-group-1");
//required
userGroup1.setDomainId(domainId);
//required
userGroup1.setName("test-group-1");
//optional
userGroup1.setDescription("test group description");
//required
userGroup1.setOwnerId("test-user-1");
//required
userGroup1.setGroupType(GroupType.USER_LEVEL_GROUP);
sharingServiceClient.createGroup(userGroup1);
//Similarly create another group "userGroup2" with the owner being "test-user-2".
.
.
.
</pre>
</div>
<div class="definition" id="assign-users-to-group">
<h4>4. Assign Users to a Group</h4>
<pre>
sharingServiceClient.addUsersToGroup(domainId, Arrays.asList("test-user-3"), "test-group-2");
</pre>
</div>
<div class="definition" id="assign-groups-to-group">
<h4>5. Assign groups to a group</h4>
<pre>
sharingServiceClient.addChildGroupsToParentGroup(domainId, Arrays.asList("test-group-2"), "test-group-1");
/********************************************/
/* test-group-1 */
/* / \ */
/* / \ */
/* test-user-1 test-group-2 */
/* / \ */
/* test-user-2 test-user-3 */
/********************************************/
</pre>
</div>
<div class="definition" id="create-permission-types">
<h4>6. Create Permission types for your Domain</h4>
<pre>
PermissionType permissionType1 = new PermissionType();
//required
permissionType1.setPermissionTypeId("READ");
//required
permissionType1.setDomainId(domainId);
//required
permissionType1.setName("READ");
//optional
permissionType1.setDescription("READ description");
sharingServiceClient.createPermissionType(permissionType1);
PermissionType permissionType2 = new PermissionType();
permissionType2.setPermissionTypeId("WRITE");
permissionType2.setDomainId(domainId);
permissionType2.setName("WRITE");
permissionType2.setDescription("WRITE description");
sharingServiceClient.createPermissionType(permissionType2);
PermissionType permissionType3 = new PermissionType();
permissionType3.setPermissionTypeId("CLONE");
permissionType3.setDomainId(domainId);
permissionType3.setName("CLONE");
permissionType3.setDescription("CLONE description");
sharingServiceClient.createPermissionType(permissionType3);
</pre>
</div>
<div class="definition" id="create-entity-types">
<h4>7. Create Entity Types for your Domain</h4>
<pre>
EntityType entityType1 = new EntityType();
//required
entityType1.setEntityTypeId("PROJECT");
//required
entityType1.setDomainId(domainId);
//required
entityType1.setName("PROJECT");
//optional
entityType1.setDescription("PROJECT entity type description");
sharingServiceClient.createEntityType(entityType1);
EntityType entityType2 = new EntityType();
entityType2.setEntityTypeId("EXPERIMENT");
entityType2.setDomainId(domainId);
entityType2.setName("EXPERIMENT");
entityType2.setDescription("EXPERIMENT entity type");
sharingServiceClient.createEntityType(entityType2);
EntityType entityType3 = new EntityType();
entityType3.setEntityTypeId("FILE");
entityType3.setDomainId(domainId);
entityType3.setName("FILE");
entityType3.setDescription("FILE entity type");
sharingServiceClient.createEntityType(entityType3);
</pre>
</div>
<div class="definition" id="create-entities">
<h4>8. Create Entities</h4>
<pre>
Entity entity1 = new Entity();
//required
entity1.setEntityId("test-project-1");
//required
entity1.setDomainId(domainId);
//required
entity1.setEntityTypeId("PROJECT");
//required
entity1.setOwnerId("test-user-1");
//required
entity1.setName("test-project-1");
//optional
entity1.setDescription("test project 1 description");
//optional
entity1.setFullText("test project 1 stampede gaussian seagrid");
//optional - If not set this will be default to current system time
entity1.setOriginalEntityCreationTime(System.currentTimeMillis());
Entity entity2 = new Entity();
entity2.setEntityId("test-experiment-1");
entity2.setDomainId(domainId);
entity2.setEntityTypeId("EXPERIMENT");
entity2.setOwnerId("test-user-1");
entity2.setName("test-experiment-1");
entity2.setDescription("test experiment 1 description");
entity2.setParentEntityId("test-project-1");
entity2.setFullText("test experiment 1 benzene");
sharingServiceClient.createEntity(entity2);
Entity entity3 = new Entity();
entity3.setEntityId("test-experiment-2");
entity3.setDomainId(domainId);
entity3.setEntityTypeId("EXPERIMENT");
entity3.setOwnerId("test-user-1");
entity3.setName("test-experiment-2");
entity3.setDescription("test experiment 2 description");
entity3.setParentEntityId("test-project-1");
entity3.setFullText("test experiment 1 3-methyl 1-butanol stampede");
sharingServiceClient.createEntity(entity3);
Entity entity4 = new Entity();
entity4.setEntityId("test-file-1");
entity4.setDomainId(domainId);
entity4.setEntityTypeId("FILE");
entity4.setOwnerId("test-user-1");
entity4.setName("test-file-1");
entity4.setDescription("test file 1 description");
entity4.setParentEntityId("test-experiment-2");
entity4.setFullText("test input file 1 for experiment 2");
sharingServiceClient.createEntity(entity4);
</pre>
</div>
<div class="definition" id="sharing-entities">
<h4>9. Share Entities with Users and Groups</h4>
<pre>
//shared with cascading permissions
sharingServiceClient.shareEntityWithUsers(domainId, "test-project-1", Arrays.asList("test-user-2"), "WRITE", true);
sharingServiceClient.shareEntityWithGroups(domainId, "test-experiment-2", Arrays.asList("test-group-2"), "READ", true);
//shared with non cascading permissions
sharingServiceClient.shareEntityWithGroups(domainId, "test-experiment-2", Arrays.asList("test-group-2"), "CLONE", false);
/************************************************************************************************************/
/* test-project-1 (OWNER:test-user-1, WRITE:test-user-2) */
/* / \ */
/* test-experiment-1 test-experiment-2 */
/* (OWNER:test-user-1,WRITE:test-user-2) (OWNER:test-user-1, WRITE:test-user-2, READ/CLONE:test-group-2) */
/* | */
/* test-file-1 */
/* (OWNER:test-user-1, WRITE:test-user-2, READ:test-group-2) */
/************************************************************************************************************/
</pre>
</div>
<div class="definition" id="checking-user-has-access">
<h4>9. Checking whether a User has Permission to access an Entity with specified Permission</h4>
<pre>
//test-project-1 is explicitly shared with test-user-2 with WRITE permission
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-2", "test-project-1", "WRITE"));
//test-user-2 has WRITE permission to test-experiment-1 and test-experiment-2 indirectly
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-2", "test-experiment-1", "WRITE"));
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-2", "test-experiment-2", "WRITE"));
//test-user-2 does not have READ permission to test-experiment-1 and test-experiment-2
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-2", "test-experiment-1", "READ"));
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-2", "test-experiment-2", "READ"));
//test-user-3 does not have READ permission to test-project-1
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-3", "test-project-1", "READ"));
//test-experiment-2 is shared with test-group-2 with READ permission. Therefore test-user-3 has READ permission
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-3", "test-experiment-2", "READ"));
//test-user-3 does not have WRITE permission to test-experiment-2
System.out.println(sharingServiceClient.userHasAccess(domainId, "test-user-3", "test-experiment-2", "WRITE"));
//test-user-3 has CLONE permission to test-experiment-2
System.out.println((sharingServiceClient.userHasAccess(domainId, "test-user-3", "test-experiment-2", "CLONE")));
//test-user-3 does not have CLONE permission to test-file-1
System.out.println((sharingServiceClient.userHasAccess(domainId, "test-user-3", "test-file-1", "CLONE")));
</pre>
</div>
<div class="definition" id="search-entities">
<h4>10. Searching Entities</h4>
<pre>
ArrayList&lt;SearchCriteria&gt; filters = new ArrayList<>();
SearchCriteria searchCriteria = new SearchCriteria();
searchCriteria.setSearchCondition(SearchCondition.FULL_TEXT);
searchCriteria.setValue("experiment stampede methyl");
searchCriteria.setSearchField(EntitySearchField.FULL_TEXT);
filters.add(searchCriteria);
searchCriteria = new SearchCriteria();
searchCriteria.setSearchCondition(SearchCondition.EQUAL);
searchCriteria.setValue("EXPERIMENT");
searchCriteria.setSearchField(EntitySearchField.ENTITY_TYPE_ID);
filters.add(searchCriteria);
searchCriteria = new SearchCriteria();
searchCriteria.setSearchCondition(SearchCondition.EQUAL);
searchCriteria.setValue("READ");
searchCriteria.setSearchField(EntitySearchField.PERMISSION_TYPE_ID);
filters.add(searchCriteria);
System.out.println(sharingServiceClient.searchEntities(domainId, "test-user-2", "EXPERIMENT", filters, 0, -1).size());
</pre>
</div>
</div>
</div>
</body>
</html>