tape REST api: additional fix tohandling of prefixed paths

modules/dcache-frontend/src/main/java/org/dcache/restful/resources/tape/ReleaseResources.java

@@ -159,6 +159,9 @@ public Response release(
         JSONArray paths;
         List<String> targetPaths;
 
+	FsPath userRoot = LoginAttributes.getUserRoot(getLoginAttributes(request));
+        FsPath rootPath = pathMapper.effectiveRoot(userRoot, ForbiddenException::new);
+
         try {
             JSONObject reqPayload = new JSONObject(requestPayload);
             paths = reqPayload.getJSONArray("paths");
@@ -170,16 +173,16 @@ public Response release(
             int len = paths.length();
             targetPaths = new ArrayList<>();
             for (int i = 0; i < len; ++i) {
-                targetPaths.add(paths.getString(i));
+		String requestPath = paths.getString(i);
+		String path = rootPath.chroot(requestPath).toString();
+		targetPaths.add(path);
             }
         } catch (JSONException e) {
             throw newBadRequestException(requestPayload, e);
         }
 
         Subject subject = getSubject();
         Restriction restriction = getRestriction();
-        FsPath userRoot = LoginAttributes.getUserRoot(getLoginAttributes(request));
-        FsPath rootPath = pathMapper.effectiveRoot(userRoot, ForbiddenException::new);
 
         /*
          *  For WLCG, this is a fire-and-forget request, so it does not need to

modules/dcache-frontend/src/main/java/org/dcache/restful/resources/tape/StageResources.java

@@ -167,6 +167,8 @@ public StageRequestInfo getStageInfo(@ApiParam("The unique id of the request.")
     @PathParam("id") String id) {
         Subject subject = getSubject();
         Restriction restriction = getRestriction();
+        FsPath userRoot = LoginAttributes.getUserRoot(getLoginAttributes(request));
+        FsPath rootPath = pathMapper.effectiveRoot(userRoot, ForbiddenException::new);
 
         BulkRequestInfo lastInfo = null;
         List<BulkRequestTargetInfo> targetInfos = new ArrayList<>();
@@ -187,6 +189,7 @@ public StageRequestInfo getStageInfo(@ApiParam("The unique id of the request.")
             offset = lastInfo.getNextId();
         }
 
+	targetInfos.forEach(ti -> ti.setTarget(FsPath.create(ti.getTarget()).stripPrefix(rootPath)));
         lastInfo.setTargets(targetInfos);
 
         return new StageRequestInfo(lastInfo);
@@ -218,7 +221,9 @@ public Response cancel(
                 + "does not belong to that stage request, this request will fail.", required = true)
                 String requestPayload) {
 
-        JSONObject reqPayload;
+	FsPath userRoot = LoginAttributes.getUserRoot(getLoginAttributes(request));
+        FsPath rootPath = pathMapper.effectiveRoot(userRoot, ForbiddenException::new);
+	JSONObject reqPayload;
         JSONArray paths;
         try {
             reqPayload = new JSONObject(requestPayload);
@@ -233,7 +238,9 @@ public Response cancel(
         List<String> targetPaths = new ArrayList<>();
         int len = paths.length();
         for (int i = 0; i < len; ++i) {
-            targetPaths.add(paths.getString(i));
+	    String requestPath = paths.getString(i);
+	    String path = rootPath.chroot(requestPath).toString();
+            targetPaths.add(path);
         }
 
         Subject subject = getSubject();
@@ -390,7 +397,8 @@ private BulkRequest toBulkRequest(String requestPayload, FsPath rootPath) {
                 if (!file.has("path")) {
                     throw new BadRequestException("file object " + i + " has no path.");
                 }
-                String path = file.getString("path");
+                String requestPath = file.getString("path");
+		String path = rootPath.chroot(requestPath).toString();
                 paths.add(path);
                 if (file.has("diskLifetime")) {
                     jsonLifetimes.put(path,