Provide user information into model change

api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java

@@ -28,6 +28,7 @@
 import edu.cornell.mannlib.vedit.util.FormUtils;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSets;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
 import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
@@ -226,36 +227,37 @@ public String getDefaultLandingPage(HttpServletRequest request) {
     }
 
     protected static void addAccessAttributes(HttpServletRequest req, String entityURI, AccessObjectType aot) {
-        // Add the permissionsEntityURI (if we are creating a new property, this will be empty)
-        req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
-        String[] namedKeys = new String[0];
-        // Get the available permission sets
-        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
-        List<RoleInfo> roles = new ArrayList<>();
-
-        for (PermissionSet permissionSet : permissionSets) {
-            roles.add(new RoleInfo(permissionSet));
-        }
-        List<AccessOperation> accessOperations = AccessOperation.getOperations(aot);
-        // Operation, list of roles>
-        Map<String, List<RoleInfo>> operationsToRoles = new LinkedHashMap<>();
-        for (AccessOperation operation : accessOperations) {
-            List<RoleInfo> roleInfos = new LinkedList<>();
-            String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
-            operationsToRoles.put(operationName, roleInfos);
-            for (RoleInfo role : roles) {
-                RoleInfo roleCopy = role.clone();
-                roleInfos.add(roleCopy);
-                if (isPublicForbiddenOperation(operation)) {
-                    if (roleCopy.isPublic) {
-                        roleCopy.setEnabled(false);
-                        roleCopy.setGranted(false);
+        try (UserOnThread uot = new UserOnThread(req)) {
+            // Add the permissionsEntityURI (if we are creating a new property, this will be empty)
+            req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
+            String[] namedKeys = new String[0];
+            // Get the available permission sets
+            List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
+            List<RoleInfo> roles = new ArrayList<>();
+            for (PermissionSet permissionSet : permissionSets) {
+                roles.add(new RoleInfo(permissionSet));
+            }
+            List<AccessOperation> accessOperations = AccessOperation.getOperations(aot);
+            // Operation, list of roles>
+            Map<String, List<RoleInfo>> operationsToRoles = new LinkedHashMap<>();
+            for (AccessOperation operation : accessOperations) {
+                List<RoleInfo> roleInfos = new LinkedList<>();
+                String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+                operationsToRoles.put(operationName, roleInfos);
+                for (RoleInfo role : roles) {
+                    RoleInfo roleCopy = role.clone();
+                    roleInfos.add(roleCopy);
+                    if (isPublicForbiddenOperation(operation)) {
+                        if (roleCopy.isPublic) {
+                            roleCopy.setEnabled(false);
+                            roleCopy.setGranted(false);
+                        }
                     }
                 }
+                getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
             }
-            getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+            req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles);
         }
-        req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles);
     }
 
     private static void getRolePolicyInformation(String entityURI, AccessObjectType aot, String[] namedKeys,

api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java

@@ -36,6 +36,7 @@
 import edu.cornell.mannlib.vedit.validator.Validator;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
 import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
@@ -132,11 +133,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) {
             }
 
             String action = getAction(request);
-
-            boolean status = performEdit(epo, newObj, action);
-            if (status == FAILURE) {
-            	retry(request, response, epo);
-            	return;
+            try (UserOnThread uot = new UserOnThread(request)) {
+                boolean status = performEdit(epo, newObj, action);
+                if (status == FAILURE) {
+                    retry(request, response, epo);
+                    return;
+                }
             }
 
             // If contains restrictions
@@ -214,7 +216,9 @@ private void updateUriSuppressions(HttpServletRequest request) {
         if (aot == null) {
             return;
         }
-        updateUriSuppressions(request, aot, entityUri);
+        try (UserOnThread uot = new UserOnThread(request)) {
+            updateUriSuppressions(request, aot, entityUri);
+        }
     }
 
     private void updatePermissions(HttpServletRequest request) {
@@ -231,10 +235,12 @@ private void updatePermissions(HttpServletRequest request) {
         if (aot == null) {
             return;
         }
-        updateEntityPermissions(request, entityUri, aot);
-        updateTypeSuppressions(request, aot, entityUri);
-        updateNotRelatedTypeSuppressions(request, aot, entityUri);
-        updateNotRelatedPropertySuppressions(request, aot, entityUri);
+        try (UserOnThread uot = new UserOnThread(request)) {
+            updateEntityPermissions(request, entityUri, aot);
+            updateTypeSuppressions(request, aot, entityUri);
+            updateNotRelatedTypeSuppressions(request, aot, entityUri);
+            updateNotRelatedPropertySuppressions(request, aot, entityUri);
+        }
     }
 
     private void updateEntityPermissions(HttpServletRequest request, String entityUri, AccessObjectType aot) {

api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/UserOnThread.java

@@ -0,0 +1,30 @@
+/* $This file is distributed under the terms of the license in LICENSE$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.checks;
+
+import javax.servlet.http.HttpServletRequest;
+
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+
+public class UserOnThread implements AutoCloseable {
+
+    private static ThreadLocal<String> threadLocal = new ThreadLocal<>();
+
+    public UserOnThread(String userId) {
+        threadLocal.set(userId);
+    }
+
+    public UserOnThread(HttpServletRequest vreq) {
+        threadLocal.set(PolicyHelper.getUserAccount(vreq).getUri());
+    }
+
+    @Override
+    public void close() {
+        threadLocal.remove();
+    }
+
+    public static String get() {
+        return threadLocal.get();
+    }
+
+}

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsAdminController.java

@@ -6,8 +6,9 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
 import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@@ -73,7 +74,9 @@ private ResponseValues handleEditRequest(VitroRequest vreq) {
 		if (page.isBogus()) {
 			return showHomePage(vreq, page.getBogusMessage());
 		} else if (page.isSubmit() && page.isValid()) {
-			page.updateAccount();
+		    try (UserOnThread uot = new UserOnThread(vreq)) {
+		        page.updateAccount();
+		    }
 
 			UserAccountsListPage.Message.showUpdatedAccount(vreq,
 					page.getUpdatedAccount(), page.wasPasswordEmailSent());

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ManageProxiesController.java

@@ -6,7 +6,7 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.AbstractPageHandler.Message;
@@ -69,7 +69,9 @@ private ResponseValues handleEditRequest(VitroRequest vreq) {
 		ManageProxiesEditPage page = new ManageProxiesEditPage(vreq);
 
 		if (page.isValid()) {
-			page.applyEdits();
+		    try (UserOnThread uot = new UserOnThread(vreq)) {
+		        page.applyEdits();
+		    }
 			Message.setMessage(vreq, new SuccessMessage());
 		} else {
 			Message.setMessage(vreq, new FailureMessage());

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/api/SparqlUpdateApiController.java

@@ -33,6 +33,7 @@
 import org.apache.jena.sparql.modify.UsingList;
 
 import edu.cornell.mannlib.vitro.webapp.application.ApplicationUtils;
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@@ -129,7 +130,7 @@ private void executeUpdate(HttpServletRequest req, UpdateRequest parsed) {
 		SearchIndexer indexer = ApplicationUtils.instance().getSearchIndexer();
 		Dataset ds = new RDFServiceDataset(vreq.getUnfilteredRDFService());
 		GraphStore graphStore = GraphStoreFactory.create(ds);
-	    try {
+		try (UserOnThread uot = new UserOnThread(req)) {
 	        if(indexer != null) {
 	            indexer.pause();
 	        }

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/datatools/dumprestore/DumpRestoreController.java

@@ -12,7 +12,7 @@
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang3.StringUtils;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
@@ -88,7 +88,7 @@ public void doPost(HttpServletRequest req, HttpServletResponse resp)
 			resp.sendError(HttpServletResponse.SC_FORBIDDEN);
 		}
 
-		try {
+		try (UserOnThread uot = new UserOnThread(req)) {
 			if (ACTION_RESTORE.equals(req.getPathInfo())) {
 				long tripleCount = new RestoreModelsAction(req, resp)
 						.restoreModels();

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java

@@ -30,6 +30,7 @@
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
@@ -468,8 +469,10 @@ private void transitionToForcedPasswordChange(HttpServletRequest request) {
 	private void transitionToLoggedIn(HttpServletRequest request,
 			UserAccount user) throws LoginNotPermitted {
 		log.debug("Completed login: " + user.getEmailAddress());
-		getAuthenticator(request).recordLoginAgainstUserAccount(user,
+		try (UserOnThread uot = new UserOnThread(user.getUri())) {
+			getAuthenticator(request).recordLoginAgainstUserAccount(user,
 				AuthenticationSource.INTERNAL);
+		}
 	}
 
 	/**

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/MenuManagementEdit.java

@@ -24,7 +24,7 @@
 import org.apache.jena.rdf.model.Resource;
 import org.apache.jena.rdf.model.ResourceFactory;
 import org.apache.jena.shared.Lock;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
@@ -51,15 +51,15 @@ protected void doPost(HttpServletRequest rawRequest, HttpServletResponse resp)
 
     	String command = getCommand(vreq);
     	if(command != null) {
-    		processCommand(command, vreq, resp);
+    	    try (UserOnThread uot = new UserOnThread(vreq)) {
+    	        processCommand(command, vreq, resp);
+    	    }
     	} else {
     		log.error("Command is null");
     	}
         //Need to redirect correctly
     	if(!isReorder(command)){
     		resp.sendRedirect(rawRequest.getContextPath() + REDIRECT_URL);
-    	} else {
-
     	}
     }
 

api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadController.java

@@ -34,6 +34,7 @@
 import org.apache.jena.shared.Lock;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
@@ -434,7 +435,7 @@ private void readIntoModel(InputStream in, String language,
         ChangeSet cs = makeChangeSet(rdfService);
         cs.addAddition(in, RDFServiceUtils.getSerializationFormatFromJenaString(
                         language), modelName, userId);
-        try {
+        try (UserOnThread uot = new UserOnThread(userId)) {
             rdfService.changeSetUpdate(cs);
         } catch (RDFServiceException e) {
             throw new RuntimeException(e);
@@ -446,7 +447,7 @@ private void removeFromModel(InputStream in, String language,
         ChangeSet cs = makeChangeSet(rdfService);
         cs.addRemoval(in, RDFServiceUtils.getSerializationFormatFromJenaString(
                         language), modelName, userId);
-        try {
+        try (UserOnThread uot = new UserOnThread(userId)) {
             rdfService.changeSetUpdate(cs);
         } catch (RDFServiceException e) {
             throw new RuntimeException(e);

api/src/main/java/edu/cornell/mannlib/vitro/webapp/dwr/PropertyDWR.java

@@ -11,7 +11,7 @@
 import org.apache.commons.logging.LogFactory;
 import org.directwebremoting.WebContext;
 import org.directwebremoting.WebContextFactory;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
@@ -86,14 +86,19 @@ public int insertProp( PropertyInstance prop) {
         WebContext ctx = WebContextFactory.get();
         HttpServletRequest req = ctx.getHttpServletRequest();
         VitroRequest vreq = new VitroRequest(req);
-        return vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().insertProp(prop);
+        try (UserOnThread uot = new UserOnThread(vreq)) {
+            return vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().insertProp(prop);
+        }
     }
 
     public int deleteProp(String subjectUri, String predicateUri, String objectUri){
         WebContext ctx = WebContextFactory.get();
         HttpServletRequest req = ctx.getHttpServletRequest();
         VitroRequest vreq = new VitroRequest(req);
-        vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().deleteObjectPropertyStatement(subjectUri, predicateUri, objectUri);
+        try (UserOnThread uot = new UserOnThread(vreq)) {
+            vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().deleteObjectPropertyStatement(subjectUri,
+                    predicateUri, objectUri);
+        }
         return 0;
     }
 

api/src/main/java/edu/cornell/mannlib/vitro/webapp/edit/n3editing/VTwo/ProcessRdfForm.java

@@ -26,7 +26,7 @@
 import org.apache.jena.rdf.model.ResourceFactory;
 import org.apache.jena.rdf.model.Statement;
 import org.apache.jena.vocabulary.RDF;
-
+import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.InsertException;
 import edu.cornell.mannlib.vitro.webapp.dao.jena.DependentResourceDeleteJena;
@@ -303,7 +303,7 @@ public static void applyChangesToWriteModel(AdditionsAndRetractions changes,
         cs.addRemoval(retractionsInputStream,
                 RDFServiceUtils.getSerializationFormatFromJenaString("N3"), graphUri, editorUri);
 
-        try {
+        try (UserOnThread uot = new UserOnThread(editorUri)) {
             rdfService.changeSetUpdate(cs);
         } catch (RDFServiceException e) {
             log.error(e, e);

api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/ChangeSet.java

@@ -46,7 +46,6 @@ public interface ChangeSet {
 	 * @param serializationFormat - format of the serialized RDF model
 	 * @param graphURI - URI of the graph to which the RDF model should be added
 	 */
-	@Deprecated
 	public void addAddition(InputStream model,
 			                RDFService.ModelSerializationFormat serializationFormat,
 			                String graphURI);
@@ -58,7 +57,6 @@ public void addAddition(InputStream model,
 	 * @param serializationFormat - format of the serialized RDF model
 	 * @param graphURI - URI of the graph from which the RDF model should be removed
 	 */
-	@Deprecated
 	public void addRemoval(InputStream model,
 			               RDFService.ModelSerializationFormat serializationFormat,
 			               String graphURI);
@@ -159,6 +157,7 @@ public ModelChange manufactureModelChange(InputStream serializedModel, ModelSeri
      */
     public List<Object> getPostChangeEvents();
 
+    public void setUserFromThread();
 
 
 }