Skip to content

[Access control] Private individual page

Georgy Litvinov requested to merge github/fork/litvinovg/individual_access_object into main

VIVO PR

What does this pull request do?

Created individual access object to check access permission to display individual pages. Created policy templates to restrict access to individual pages: Created useConfiguration object property to provide sparql query when sparql query results tested against provided values. Suppress display of individual by uri (has priority 5000 ) template_suppress_display_individual_page_by_uri.n3 On individual editing form added checkboxes to suppress display of individual for roles image Suppress individual page display for a role by type (has priority 1500 ) template_suppress_display_individual_page_by_type.n3 Suppress display of individual by type if individual is not related to self editor profile (has priority 1500 ) template_suppress_display_not_related_individual_page_by_type.n3 On Class Editing Form added checkboxes to suppress display of individual in this class for roles image

Allow display of page individual (if access wasn't denied by policies with higher priority, this policy has priority 1000) policy_allow_display_individual_page.n3 Suppress display of properties not related to self editor profiles template_suppress_display_not_related_property_by_uri.n3 On property editing form page added checkbox to suppress display of property in not related individuals image

Added tests to for new policy templates.

Removed duplicate authorization checks without statement details and graph. Added named key components to access data sets and value sets by keys named_key_components.n3 Refactoring: Store model in AccessObject instead of AccessObjectStatement Renamed sparql variable personUri to profileUri as it better suits related profiles and leaving it the same could cause confusion in future. Removed uris String array parameter in PolicyLoader.getDataSetUriByKey method as it is not used anymore, use varargs for literal identifiers. Refactored all related methods. Replaced ProximityChecker with more abstract SparqlSelectQueryResultsChecker. Added safety check to AttributeValueSetFactory to avoid reusing not related value set returned by key. Improved logging in PolicyLoader.

How to test

Policy templates are tested in automatic tests. Build Vitro and VIVO, try using checkboxes to suppress display of individual pages and properties.

Interested parties

@chenejac

Merge request reports