From a8d28d8be80eccc189ace963be0dde8acce850fc Mon Sep 17 00:00:00 2001
From: Jon Van Oast <jon@wildme.org>
Date: Thu, 12 Dec 2024 18:59:27 -0700
Subject: [PATCH] setPermissionsNeeded() in a few places to start

---
 src/main/java/org/ecocean/Encounter.java        | 13 +++++++------
 src/main/java/org/ecocean/OpenSearch.java       |  1 +
 src/main/java/org/ecocean/api/BaseObject.java   |  2 ++
 .../java/org/ecocean/servlet/Collaborate.java   |  1 +
 .../java/org/ecocean/servlet/EncounterForm.java | 17 +++++++----------
 .../java/org/ecocean/servlet/UserCreate.java    |  1 +
 .../servlet/importer/StandardImport.java        |  1 +
 7 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/src/main/java/org/ecocean/Encounter.java b/src/main/java/org/ecocean/Encounter.java
index e12790a359..f62470685b 100644
--- a/src/main/java/org/ecocean/Encounter.java
+++ b/src/main/java/org/ecocean/Encounter.java
@@ -3906,7 +3906,7 @@ however, very few (2 out of 5600+) encounters with such .submitters have a blank
  */
     public static void opensearchIndexPermissions() {
         Util.mark("perm start");
-        long t = System.currentTimeMillis();
+        long startT = System.currentTimeMillis();
         System.out.println("opensearchIndexPermissions(): begin...");
         // no security => everything publiclyReadable - saves us work, no?
         if (!Collaboration.securityEnabled("context0")) return;
@@ -3931,7 +3931,7 @@ public static void opensearchIndexPermissions() {
                 collab.get(user.getId()).add(col.getOtherUsername(user.getUsername()));
             }
         }
-// Util.mark("perm: user build done", t);
+// Util.mark("perm: user build done", startT);
         System.out.println("opensearchIndexPermissions(): " + usernameToId.size() +
             " total users; " + nonAdminCt + " non-admin; " + collab.size() + " have active collab");
         // now iterated over (non-public) encounters
@@ -3940,7 +3940,7 @@ public static void opensearchIndexPermissions() {
         Query query = myShepherd.getPM().newQuery(
             "SELECT FROM org.ecocean.Encounter WHERE (submitterID != null) && (submitterID != '') && (submitterID != 'N/A') && (submitterID != 'public')");
         Iterator<Encounter> it = myShepherd.getAllEncounters(query);
-// Util.mark("perm: start encs", t);
+// Util.mark("perm: start encs", startT);
         while (it.hasNext()) {
             org.json.JSONArray viewUsers = new org.json.JSONArray();
             Encounter enc = (Encounter)it.next();
@@ -3952,7 +3952,7 @@ public static void opensearchIndexPermissions() {
                 continue;
             }
             encCount++;
-            if (encCount % 1000 == 0) Util.mark("enc[" + encCount + "]", t);
+            if (encCount % 1000 == 0) Util.mark("enc[" + encCount + "]", startT);
             viewUsers.put(uid);
             if (collab.containsKey(uid)) {
                 for (String colUsername : collab.get(uid)) {
@@ -3974,9 +3974,10 @@ public static void opensearchIndexPermissions() {
                 // System.out.println("opensearchIndexPermissions(): WARNING failed to update viewUsers on enc " + enc.getId() + "; likely has not been indexed yet: " + ex);
             }
         }
-// Util.mark("perm: done encs", t);
+// Util.mark("perm: done encs", startT);
         myShepherd.rollbackAndClose();
-        System.out.println("opensearchIndexPermissions(): ...end [" + encCount + " encs]");
+        System.out.println("opensearchIndexPermissions(): ...end [" + encCount + " encs; " +
+            Math.round((System.currentTimeMillis() - startT) / 1000) + "sec]");
     }
 
     public static org.json.JSONObject opensearchQuery(final org.json.JSONObject query, int numFrom,
diff --git a/src/main/java/org/ecocean/OpenSearch.java b/src/main/java/org/ecocean/OpenSearch.java
index 34e16dd51e..6c6fd1b05b 100644
--- a/src/main/java/org/ecocean/OpenSearch.java
+++ b/src/main/java/org/ecocean/OpenSearch.java
@@ -632,6 +632,7 @@ public static JSONObject querySanitize(JSONObject query, User user, Shepherd myS
         if ((query == null) || (user == null)) return query;
         // do not add viewUsers query when we are admin, as user has no restriction
         if (user.isAdmin(myShepherd)) return query;
+        // if (!Collaboration.securityEnabled("context0")) TODO do we want to allow everything searchable?
         JSONObject permClause = new JSONObject(
             "{\"bool\": {\"should\": [{\"term\": {\"publiclyReadable\": true}}, {\"term\": {\"viewUsers\": \""
             + user.getId() + "\"}} ] }}");
diff --git a/src/main/java/org/ecocean/api/BaseObject.java b/src/main/java/org/ecocean/api/BaseObject.java
index 30cd991822..8e1abbff28 100644
--- a/src/main/java/org/ecocean/api/BaseObject.java
+++ b/src/main/java/org/ecocean/api/BaseObject.java
@@ -24,6 +24,7 @@
 import org.ecocean.media.MediaAssetFactory;
 import org.ecocean.MarkedIndividual;
 import org.ecocean.Occurrence;
+import org.ecocean.OpenSearch;
 import org.ecocean.Project;
 import org.ecocean.resumableupload.UploadServlet;
 import org.ecocean.servlet.importer.ImportTask;
@@ -175,6 +176,7 @@ protected JSONObject processPost(HttpServletRequest request, String[] args, JSON
         if ((obj != null) && (rtn.optInt("statusCode", 0) == 200)) {
             System.out.println("BaseObject.processPost() success (200) creating " + obj +
                 " from payload " + payload);
+            OpenSearch.setPermissionsNeeded(myShepherd, true);
             myShepherd.commitDBTransaction();
             MediaAsset.updateStandardChildrenBackground(context, maIds);
             if (encounterForIA != null) {
diff --git a/src/main/java/org/ecocean/servlet/Collaborate.java b/src/main/java/org/ecocean/servlet/Collaborate.java
index 8dd4557aa5..d3d5c5a141 100644
--- a/src/main/java/org/ecocean/servlet/Collaborate.java
+++ b/src/main/java/org/ecocean/servlet/Collaborate.java
@@ -253,6 +253,7 @@ else if ((approve != null) && !approve.equals("")) {
                     System.out.println("/Collaborate: new .getState() = " + collab.getState() +
                         " for collab " + collab);
                     rtn.put("success", true);
+                    OpenSearch.setPermissionsNeeded(myShepherd, true);
                     myShepherd.updateDBTransaction();
                     // myShepherd.commitDBTransaction();
                 }
diff --git a/src/main/java/org/ecocean/servlet/EncounterForm.java b/src/main/java/org/ecocean/servlet/EncounterForm.java
index 6dfb53f4b2..8857a84c19 100644
--- a/src/main/java/org/ecocean/servlet/EncounterForm.java
+++ b/src/main/java/org/ecocean/servlet/EncounterForm.java
@@ -37,6 +37,7 @@
 import org.ecocean.Measurement;
 import org.ecocean.NotificationMailer;
 import org.ecocean.Occurrence;
+import org.ecocean.OpenSearch;
 import org.ecocean.Project;
 import org.ecocean.Shepherd;
 import org.ecocean.ShepherdProperties;
@@ -104,7 +105,7 @@ private AcousticTag getAcousticTag(Map formValues) {
 
     private List<MetalTag> getMetalTags(Map formValues) {
         List<MetalTag> list = new ArrayList<MetalTag>();
-        List<String> keys = Arrays.asList("left", "right"); 
+        List<String> keys = Arrays.asList("left", "right");
 
         for (String key : keys) {
             // The keys are the location
@@ -131,8 +132,7 @@ private List<Measurement> getMeasurements(Map formValues, String encID, String c
                 try {
                     Double doubleVal = Double.valueOf(value);
                     list.add(new Measurement(encID, key, doubleVal, units, samplingProtocol));
-                } catch (Exception ex) {
-                }
+                } catch (Exception ex) {}
             }
         }
         return list;
@@ -188,7 +188,7 @@ private List<Measurement> getMeasurements(Map formValues, String encID, String c
                     if (item.isFormField()) { // plain field
                         formValues.put(item.getFieldName(),
                             ServletUtilities.preventCrossSiteScriptingAttacks(item.getString(
-                            "UTF-8").trim()));                                                                                               
+                            "UTF-8").trim()));
                         if (item.getFieldName().equals("defaultProject")) {
                             if (!projectIdSelection.contains(item.getString().trim())) {
                                 projectIdSelection.add(item.getString().trim());
@@ -262,8 +262,7 @@ private List<Measurement> getMeasurements(Map formValues, String encID, String c
         if (badmsg.equals("")) { badmsg = "none"; }
         session.setAttribute("filesBadMessage", badmsg);
         if (fileSuccess) {
-
-            // check for spamBots 
+            // check for spamBots
             boolean spamBot = false;
             String[] spamFieldsToCheck = new String[] {
                 "submitterPhone", "submitterName", "photographerName", "" + "Phone", "location",
@@ -763,7 +762,6 @@ else if (formValues.get("location") != null) {
             if ((formValues.get("lat") != null) && (formValues.get("longitude") != null) &&
                 !formValues.get("lat").toString().equals("") &&
                 !formValues.get("longitude").toString().equals("")) {
-
                 try {
                     double degrees = (new Double(formValues.get("lat").toString())).doubleValue();
                     double position = degrees;
@@ -780,7 +778,6 @@ else if (formValues.get("location") != null) {
                     e.printStackTrace();
                 }
             }
-
             enc.addComments("<p>Submitted on " + (new java.util.Date()).toString() +
                 " from address: " + ServletUtilities.getRemoteHost(request) + "</p>");
             // enc.approved = false;
@@ -897,7 +894,7 @@ else if (formValues.get("location") != null) {
                             parentTask.setParameters(tp);
                         }
                         Task task = org.ecocean.ia.IA.intakeMediaAssets(myShepherd, enc.getMedia(),
-                            parentTask);              
+                            parentTask);
                         myShepherd.storeNewTask(task);
                         Logger log = LoggerFactory.getLogger(EncounterForm.class);
                         log.info("New encounter submission: <a href=\"" + request.getScheme() +
@@ -914,6 +911,7 @@ else if (formValues.get("location") != null) {
                         enc + " bc no ia config was found.");
                     e.printStackTrace();
                 }
+                OpenSearch.setPermissionsNeeded(myShepherd, true);
                 System.out.println("ENCOUNTER SAVED???? newnum=" + newnum);
                 org.ecocean.ShepherdPMF.getPMF(context).getDataStoreCache().evictAll();
             }
@@ -1020,7 +1018,6 @@ else if (formValues.get("location") != null) {
                                 es.execute(mailer);
                             }
                         }
-
                         es.shutdown();
                     } catch (Exception e) {
                         e.printStackTrace();
diff --git a/src/main/java/org/ecocean/servlet/UserCreate.java b/src/main/java/org/ecocean/servlet/UserCreate.java
index aa2bfc73c7..d2b387612f 100644
--- a/src/main/java/org/ecocean/servlet/UserCreate.java
+++ b/src/main/java/org/ecocean/servlet/UserCreate.java
@@ -113,6 +113,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
                             newUser.setSalt(salt);
                         }
                     }
+                    OpenSearch.setPermissionsNeeded(myShepherd, true);
                     // here handle all of the other User fields (e.g., email address, etc.)
                     if ((request.getParameter("username") != null) &&
                         (!request.getParameter("username").trim().equals(""))) {
diff --git a/src/main/java/org/ecocean/servlet/importer/StandardImport.java b/src/main/java/org/ecocean/servlet/importer/StandardImport.java
index d2338cdd97..ae18a23afe 100644
--- a/src/main/java/org/ecocean/servlet/importer/StandardImport.java
+++ b/src/main/java/org/ecocean/servlet/importer/StandardImport.java
@@ -442,6 +442,7 @@ public void doImport(String filename, File dataFile, HttpServletRequest request,
                 if (itask != null) sendforACMID(itask, myShepherd, context);
                 // let's finish up and be done
                 if (itask != null) itask.setStatus("complete");
+                OpenSearch.setPermissionsNeeded(myShepherd, true);
                 myShepherd.commitDBTransaction();
                 myShepherd.closeDBTransaction();
                 if (itask != null)