diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicy.java
deleted file mode 100644
index d5da219e6..000000000
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicy.java
+++ /dev/null
@@ -1,428 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.policy;
-
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import com.hp.hpl.jena.query.Query;
-import com.hp.hpl.jena.query.QueryExecution;
-import com.hp.hpl.jena.query.QueryExecutionFactory;
-import com.hp.hpl.jena.query.QueryFactory;
-import com.hp.hpl.jena.query.QuerySolutionMap;
-import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.ModelFactory;
-import com.thoughtworks.xstream.XStream;
-import com.thoughtworks.xstream.io.xml.DomDriver;
-
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.NetId;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DefaultInconclusivePolicy;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.DropResource;
-import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
-
-/**
- * This policy looks for a netid in the IdentifierBundle and will use that netid
- * as a anchor in SPARQL queries. These queries are intended to specify the relations
- * that allow authorization.
- *
- * We could use things other than SPARQL. Other possibilities:
- * Some java driven code that worked with the the jena Model
- * Fresnel Selector Language (FSL)
- * SWRL?
- *
- * example of how to set up the xml:
- *
- *
-
- Example Policy
- PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
-PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
-PREFIX vivoa: <http://vivo.library.cornell.edu/abox#>
-PREFIX vivo: <http://vivo.library.cornell.edu/ns/0.1#>
-PREFIX vitro: <http://lowe.mannlib.cornell.edu/ns/vitro/0.1/vitro.owl#>
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
-
-
-
- * @author bdc34
- *
- */
-public class JenaNetidPolicy extends DefaultInconclusivePolicy implements PolicyIface {
-
-
- protected transient Model model = ModelFactory.createDefaultModel();
- private transient HashMap queryStrToQuery = new HashMap();
-
- /** human readable name for this policy */
- protected String name="Unnamed Policy";
-
- /** prefixes for SPARQL queries. */
- protected String prefixes = DEFAULT_PREFIXES;
-
- /** Specifies the type of Authorization returned when the SPARQL query succeeds. This allows us to
- * create a JenaNetidPolicy that returns UNAUTHORIZED when the some set of conditions are meet. */
- protected Authorization authForSuccessfulQuery = Authorization.AUTHORIZED;
-
- /** The SPARQL queries. They should all be of the type ASK and
- * they should all have the variable ?netid */
- protected HashMap> actionToQueryStr = new HashMap>();
-
- /* *************************** Constructors ******************************* */
-
- /**
- * See JenaNetidPolicy.setupDefault() for the sparql queries that will
- * be used by the default JenaNetidPolicy.
- */
- public JenaNetidPolicy(Model model){
- if( model == null ){
- this.model = ModelFactory.createDefaultModel();
- }else{
- this.model = model;
- }
- setupDefault();
- }
-
- /**
- * Loads sparql statements for policy from a JSON text file.
- *
- * @param model
- * @param sparqlStmts
- */
- public JenaNetidPolicy(Model model, InputStream policySpec){
- this(model, policySpec, Authorization.AUTHORIZED);
- }
-
- /*
- * Load xml policy files with this.getClass().getResourceAsStream()
- * Notice that / is the path seperator and strings that lack
- * a leading slash are relative to the package of the this.getClass().
- */
- public JenaNetidPolicy(Model model, String resource){
- this(model, JenaNetidPolicy.class.getResourceAsStream(resource));
- }
-
- public JenaNetidPolicy(Model model, InputStream policySpec, Authorization authForSuccessfulQuery){
- this.authForSuccessfulQuery = authForSuccessfulQuery;
- XStream x = new XStream(new DomDriver());
- //XStream x = new XStream();
- JenaNetidPolicy jnip =(JenaNetidPolicy) x.fromXML( policySpec );
- this.actionToQueryStr = jnip.actionToQueryStr;
- this.prefixes = jnip.prefixes;
- this.name = jnip.name;
- this.model = model;
- }
-
- /* *********************** Methods ************************************ */
- @Override
- public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
- RequestedAction whatToAuth) {
- BasicPolicyDecision pd = new BasicPolicyDecision(Authorization.INCONCLUSIVE,"not yet set");
- if( whoToAuth == null )
- return pd.setMessage("whoToAuth was null");
- if(whatToAuth == null)
- return pd.setMessage("whatToAuth was null");
-
- String netid = getNetid(whoToAuth);
- if (netid == null)
- return pd.setMessage("Unable to get netid from IdBundle");
-
- if (whatToAuth instanceof AddResource) {
- return visit(whoToAuth, (AddResource) whatToAuth);
- } else if (whatToAuth instanceof DropResource) {
- return visit(whoToAuth, (DropResource) whatToAuth);
- } else if (whatToAuth instanceof AddObjectPropStmt) {
- return visit(whoToAuth, (AddObjectPropStmt) whatToAuth);
- } else if (whatToAuth instanceof DropObjectPropStmt) {
- return visit(whoToAuth, (DropObjectPropStmt) whatToAuth);
- } else if (whatToAuth instanceof AddDataPropStmt) {
- return visit(whoToAuth, (AddDataPropStmt) whatToAuth);
- } else if (whatToAuth instanceof DropDataPropStmt) {
- return visit(whoToAuth, (DropDataPropStmt) whatToAuth);
- } else {
- return UNAUTH;
- }
- }
-
- /* ************************* visit methods ************************** */
- private PolicyDecision visit(IdentifierBundle ids, AddResource action) {
- log.debug("doing AddResource");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getSubjectUri() ));
-
- return doQueries(queryStrs,parameters,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropResource action) {
- log.debug("doing DropResource");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getSubjectUri() ));
-
- return doQueries(queryStrs,parameters,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, AddObjectPropStmt action) {
- log.debug("doing AddObjectPropStmt in visit()");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getUriOfSubject() )) ;
- parameters.add("object", model.createResource( action.getUriOfObject() )) ;
- parameters.add("predicate", model.createResource( action.getUriOfPredicate() )) ;
-
- return doQueries(queryStrs,parameters,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropObjectPropStmt action) {
- log.debug("doing DropObjectPropStmt");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getUriOfSubject() )) ;
- parameters.add("object", model.createResource( action.getUriOfObject() )) ;
- parameters.add("predicate", model.createResource( action.getUriOfPredicate() )) ;
-
- return doQueries(queryStrs,parameters,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, AddDataPropStmt action) {
- log.debug("doing AddDataPropStmt");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getSubjectUri() )) ;
- parameters.add("predicate", model.createResource( action.getPredicateUri() )) ;
- parameters.add("literalValue", model.createLiteral(action.getData() ));
- return doQueries(queryStrs,parameters,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropDataPropStmt action) {
- log.debug("doing DropDataPropStmt");
-
- List queryStrs = actionToQueryStr.get(action.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queries found for action" + action.getClass().getName());
-
- QuerySolutionMap parameters = new QuerySolutionMap();
- parameters.add("netid", model.createLiteral( getNetid(ids) ));
- parameters.add("subject",model.createResource( action.getSubjectUri() )) ;
- parameters.add("predicate", model.createResource( action.getPredicateUri() )) ;
- parameters.add("literalValue", model.createLiteral(action.data() )); // caution: will always do untyped things
- return doQueries(queryStrs,parameters,action);
- }
-
-
- /* ******************************** utilities ****************************** */
- private PolicyDecision doQueries(ListqueryStrs, QuerySolutionMap parameters, RequestedAction action){
- SparqlPolicyDecision pd = new SparqlPolicyDecision(Authorization.INCONCLUSIVE,"");
- for(String quStr : queryStrs){
-
- Query query = getQueryForQueryStr(quStr);
- pd.setQuery(query);
- QueryExecution qexec = QueryExecutionFactory.create(query, model, parameters);
- pd.setQexec(qexec);
-
- boolean pathFound = qexec.execAsk();
- if( pathFound ){
- pd.setAuthorized(authForSuccessfulQuery);
- pd.setMessage(action.getClass().getName() + " permited by " + quStr);
- if( log.isDebugEnabled()){
- log.debug(action.getClass().getName() + " permited by " + quStr);
- log.debug(query);
- }
- break;
- } else {
- if( log.isDebugEnabled()){
- log.debug(action.getClass().getName() + " no results for " + query);
- log.debug(query);
- }
- }
- }
- return pd;
- }
-
- private Query getQueryForQueryStr(String queryStr){
- Query q = queryStrToQuery.get(queryStr);
- if( q == null ){
- q = QueryFactory.create(prefixes + queryStr);
- queryStrToQuery.put(queryStr, q);
- }
- return q;
- }
-
- private String getNetid(IdentifierBundle whoToAuth) {
- String netidStr = null;
- for(Identifier id : whoToAuth){
- if (id instanceof NetId) {
- NetId netid = (NetId) id;
- netidStr = netid.getValue();
- break;
- }
- }
- if( log.isDebugEnabled() )
- log.debug("netid was " + (netidStr!=null?netidStr:"null") );
- return netidStr;
- }
-
- /**
- * An inner class used to setup everything that's needed for
- * a JenaNetidPolicy. This setups the JenaNetidPolicy and a
- * SelfEditingIdentifierFactory.
- *
- * @author bdc34
- *
- */
- public static class ContextSetup implements ServletContextListener {
- @Override
- public void contextInitialized(ServletContextEvent sce) {
- try{
- log.trace("Setting up JenaNetidPolicy");
-
- Model model = (Model) sce.getServletContext().getAttribute("jenaOntModel");
- if( model == null ){
- log.error("could not get jenaOntModel from JenaBaseDao, JenaNetidPolicy will not work");
- }
-
- ServletPolicyList.addPolicy(sce.getServletContext(), new JenaNetidPolicy(model));
-
- ActiveIdentifierBundleFactories.addFactory(sce, new SelfEditingIdentifierFactory());
- }catch(Exception e){
- log.error("could not create AuthorizationFactory: " + e);
- e.printStackTrace();
- }
- }
- @Override
- public void contextDestroyed(ServletContextEvent sce) { /*nothing*/ }
-
- }
-
- private void setupDefault(){
- // --- AddObjectPropStmt ---
- // may have 4 parameters: netid, object, predicate, and subject.
- ArrayList queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( AddObjectPropStmt.class.getName(), queries);
- // --- DropObjectPropStmt ---
- queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( DropObjectPropStmt.class.getName(), queries);
-
- // --- DropDataPropStmt ---
- queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( DropDataPropStmt.class.getName(), queries);
- // --- AddDataPropStmt ---
- queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( AddDataPropStmt.class.getName(), queries);
-
- // --- DropResource ---
- queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( DropObjectPropStmt.class.getName(), queries);
- // --- AddResource ---
- queries = new ArrayList();
- queries.add( "ASK WHERE { ?subject vitro:netid ?netid }");
- queries.add( "ASK WHERE { ?object vitro:netid ?netid }");
- actionToQueryStr.put( DropObjectPropStmt.class.getName(), queries);
- }
-
- public final static String netIdPropUri = VitroVocabulary.vitroURI+ "netid";
- private static final Log log = LogFactory.getLog(JenaNetidPolicy.class.getName());
- public final static String DEFAULT_PREFIXES =
- "PREFIX rdf: \n"+
- "PREFIX rdfs: \n"+
- "PREFIX vivoa: \n"+
- "PREFIX vivo: \n"+
- "PREFIX vitro: <"+ VitroVocabulary.vitroURI+">\n";
-
- private final PolicyDecision UNAUTH = new BasicPolicyDecision(
- Authorization.UNAUTHORIZED,
- "JenaNetidPolicy doesn't authorize admin or onto editing actions");
-
-}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicy.java
deleted file mode 100644
index 6184f671a..000000000
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicy.java
+++ /dev/null
@@ -1,264 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.policy;
-
-import java.io.InputStream;
-import java.util.HashMap;
-import java.util.List;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import com.hp.hpl.jena.query.Query;
-import com.hp.hpl.jena.query.QueryExecution;
-import com.hp.hpl.jena.query.QueryExecutionFactory;
-import com.hp.hpl.jena.query.QueryFactory;
-import com.hp.hpl.jena.query.QuerySolutionMap;
-import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.ModelFactory;
-import com.thoughtworks.xstream.XStream;
-import com.thoughtworks.xstream.io.xml.DomDriver;
-
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DefaultInconclusivePolicy;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.admin.UploadFile;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.DropResource;
-
-/**
- * This policy maps strings in the IdentifierBundle to a QuerySolutioinMap in order
- * to bind identifiers with unbound variables in SPARQL queries.
- * These queries are intended to specify the relations that allow authorization.
- * If the query return no rows will be interpreted as unauthorized and a
- * query returning one or more rows will be interpreted as authorized.
- *
- * @author bdc34
- *
- */
-public class SparqlPolicy extends DefaultInconclusivePolicy implements PolicyIface{
- protected Model model = ModelFactory.createDefaultModel();
- private HashMap queryStrToQuery = new HashMap();
-
- /** human readable name for this policy */
- protected String name="Unnamed Policy";
-
- /** prefixes for SPARQL queries. */
- protected String prefixes = "";
-
- /** The SPARQL queries. They should all be of the type ASK */
- protected HashMap> actionToQueryStr = new HashMap>();
-
- /** Function to transform identifiers into a QuerySolutionMap */
- private Ids2QueryBindings binder;
-
- private String resource = null;
-
- /**
- * Load XML policy files with this.getClass().getResourceAsStream()
- * Notice that / is the path separator and strings that lack
- * a leading slash are relative to the package of the this.getClass().
- */
- public SparqlPolicy(Model model, Ids2QueryBindings binder, String resource){
- if( model == null )
- throw new IllegalArgumentException("model must not be null.");
- if( binder == null )
- throw new IllegalArgumentException("binder must not be null.");
- if( resource == null )
- throw new IllegalArgumentException("resource must not be null.");
-
- this.model = model;
- this.binder = binder;
- this.resource = resource;
- loadPolicy();
- }
-
- public void loadPolicy(){
- InputStream policySpec = SparqlPolicy.class.getResourceAsStream(resource);
- XStream x = new XStream(new DomDriver());
- SparqlPolicy jnip =(SparqlPolicy) x.fromXML( policySpec );
- this.actionToQueryStr = jnip.actionToQueryStr;
- this.prefixes = jnip.prefixes;
- this.name = jnip.name;
- try{
- policySpec.close();
- }catch(Throwable th){/*ignore it?*/}
- }
-
- /* *********************** Methods ************************************ */
- @Override
- public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
- RequestedAction whatToAuth) {
- if( whoToAuth == null )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,"whoToAuth was null");
- if(whatToAuth == null)
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,"whatToAuth was null");
- List queryStrs = actionToQueryStr.get(whatToAuth.getClass().getName());
- if( queryStrs == null || queryStrs.size() ==0 )
- return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
- "no queryies found for action" + whatToAuth.getClass().getName());
-
- if (whatToAuth instanceof AddObjectPropStmt) {
- return visit(whoToAuth, (AddObjectPropStmt) whatToAuth);
- } else if (whatToAuth instanceof DropResource) {
- return visit(whoToAuth, (DropResource) whatToAuth);
- } else if (whatToAuth instanceof DropDataPropStmt) {
- return visit(whoToAuth, (DropDataPropStmt) whatToAuth);
- } else if (whatToAuth instanceof DropObjectPropStmt) {
- return visit(whoToAuth, (DropObjectPropStmt) whatToAuth);
- } else if (whatToAuth instanceof AddResource) {
- return visit(whoToAuth, (AddResource) whatToAuth);
- } else if (whatToAuth instanceof AddDataPropStmt) {
- return visit(whoToAuth, (AddDataPropStmt) whatToAuth);
- } else if (whatToAuth instanceof UploadFile) {
- return visit(whoToAuth, (UploadFile) whatToAuth);
- } else if (whatToAuth instanceof EditDataPropStmt) {
- return visit(whoToAuth, (EditDataPropStmt) whatToAuth);
- } else if (whatToAuth instanceof EditObjPropStmt) {
- return visit(whoToAuth, (EditObjPropStmt) whatToAuth);
- } else {
- return UNAUTH;
- }
- }
-
- private PolicyDecision doQueries(ListqueryStrs, IdentifierBundle ids, RequestedAction action){
- SparqlPolicyDecision pd = new SparqlPolicyDecision(Authorization.INCONCLUSIVE,"");
- List bindings = binder.makeScopeBinding(ids, action);
- for( QuerySolutionMap scope: bindings ){
- for(String quStr : queryStrs){
- Query query = getQueryForQueryStr(quStr);
- pd.setQuery(query);
- QueryExecution qexec = QueryExecutionFactory.create(query, model, scope);
- pd.setQexec(qexec);
- boolean pathFound = qexec.execAsk();
- if( pathFound ){
- pd.setAuthorized(Authorization.AUTHORIZED);
- pd.setMessage(action.getClass().getName() + " permited by " + quStr);
- if( log.isDebugEnabled()){
- log.debug(action.getClass().getName() + " permited by " + quStr);
- log.debug(query);
- }
- return pd;
- } else {
- if( log.isDebugEnabled()){
- log.debug(action.getClass().getName() + " no results for " + query);
- log.debug(query);
- }
- }
- }
- }
- return pd;
- }
-
- private Query getQueryForQueryStr(String queryStr){
- //memoize queries
- Query q = queryStrToQuery.get(queryStr);
- if( q == null ){
- q = QueryFactory.create(prefixes + queryStr);
- queryStrToQuery.put(queryStr, q);
- }
- return q;
- }
-
- /* ***************** Visit methods ********************** */
- private final String pkg = "edu.cornell.mannlib.vitro.webapp.auth.requestedAction.";
-
- private PolicyDecision visit(IdentifierBundle ids, AddObjectPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"AddObjectPropStmt"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropResource action) {
- return doQueries(actionToQueryStr.get(pkg +"DropResource"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropDataPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"DropDataPropStmt"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, DropObjectPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"DropObjectPropStmt"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, AddResource action) {
- return doQueries(actionToQueryStr.get(pkg +"AddResource"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, AddDataPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"AddDataPropStmt"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, UploadFile action) {
- return doQueries(actionToQueryStr.get(pkg +"UploadFile"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, EditDataPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"EditDataPropStmt"),ids,action);
- }
-
- private PolicyDecision visit(IdentifierBundle ids, EditObjPropStmt action) {
- return doQueries(actionToQueryStr.get(pkg +"EditObjPropStmt"),ids,action);
- }
-
- private static final Log log = LogFactory.getLog(SparqlPolicy.class.getName());
-
- private final PolicyDecision UNAUTH = new BasicPolicyDecision(
- Authorization.UNAUTHORIZED,
- name + " SparqlPolicy doesn't authorize admin or onto editing actions");
-
-/*
- * example of how to set up the xml:
- *
- *
-
-
- Example Policy
- PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
-PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
-PREFIX vivoa: <http://vivo.library.cornell.edu/abox#>
-PREFIX vivo: <http://vivo.library.cornell.edu/ns/0.1#>
-PREFIX vitro: <http://lowe.mannlib.cornell.edu/ns/vitro/0.1/vitro.owl#>
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
-
-
-
- */
-}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicyDecision.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicyDecision.java
deleted file mode 100644
index 05abf69b2..000000000
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SparqlPolicyDecision.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.policy;
-
-import com.hp.hpl.jena.query.Query;
-import com.hp.hpl.jena.query.QueryExecution;
-
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
-
-/**
- * Extends the BasicPolicyDecision with additional debugging information about the
- * sparql queries that were run to create the decision.
- *
- * @author bdc34
- *
- */
-public class SparqlPolicyDecision extends BasicPolicyDecision {
- Query query = null;
- QueryExecution qexec = null;
-
- public SparqlPolicyDecision(Authorization authorized, String message) {
- super(authorized, message);
- }
-
- public QueryExecution getQexec() {
- return qexec;
- }
-
- public void setQexec(QueryExecution qexec) {
- this.qexec = qexec;
- }
-
- public Query getQuery() {
- return query;
- }
-
- public void setQuery(Query query) {
- this.query = query;
- }
-
- @Override
- public String getDebuggingInfo() {
- String msg = "";
- if( super.getDebuggingInfo() != null && super.getDebuggingInfo().length() > 0)
- msg = super.getDebuggingInfo() + '\n';
-
- if( query != null )
- msg= msg + "query: \n" + query.toString() + '\n';
- else
- msg = msg + " query was null \n";
-
- if( qexec != null )
- msg = msg + "query exec: \n" + qexec.toString();
- else
- msg = msg + " query exec was null \n";
-
- return msg;
- }
-
-
-}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/JenaNetidPolicySetup.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/JenaNetidPolicySetup.java
deleted file mode 100644
index 29810e6de..000000000
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/JenaNetidPolicySetup.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.policy.setup;
-
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import com.hp.hpl.jena.ontology.OntModel;
-
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.JenaNetidPolicy;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
-
-/**
- * Class used to setup a JenaNetidPolicy using the default.
- * This setups the JenaNetidPolicy and a SelfEditingIdentifierFactory.
- *
- * See JenaNetidPolicy.setupDefault() for the sparql queries that will
- * be used by the default JenaNetidPolicy.
- *
- * @author bdc34
- *
- */
-public class JenaNetidPolicySetup implements ServletContextListener {
-
- private static final Log log = LogFactory.getLog(JenaNetidPolicySetup.class.getName());
-
- @Override
- public void contextInitialized(ServletContextEvent sce) {
- try{
- log.debug("Setting up JenaNetidPolicy");
-
- JenaNetidPolicy jnip = new JenaNetidPolicy((OntModel) sce.getServletContext().getAttribute("jenaOntModel"));
- ServletPolicyList.addPolicy(sce.getServletContext(), jnip);
-
- SelfEditingIdentifierFactory niif =new SelfEditingIdentifierFactory();
- ActiveIdentifierBundleFactories.addFactory(sce, niif);
-
- }catch(Exception e){
- log.error("could not create AuthorizationFactory: " + e);
- e.printStackTrace();
- }
- }
-
- @Override
- public void contextDestroyed(ServletContextEvent sce) {
- /*nothing*/
- }
-
-}
-
diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicyTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicyTest.java
deleted file mode 100644
index 0f6827722..000000000
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/JenaNetidPolicyTest.java
+++ /dev/null
@@ -1,228 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.policy;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
-import java.io.InputStream;
-
-import org.apache.log4j.Level;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.hp.hpl.jena.ontology.OntModel;
-import com.hp.hpl.jena.ontology.OntModelSpec;
-import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.ModelFactory;
-import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler;
-
-import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
-import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
-
-/**
- * Simple test of JenaNetidPolicyTest that uses the ExamplePolicy.xml
- * It expects that the model will have the resource
- * will have
- * the datatype property vitro:netid of "bdc34".
- *
- * @author bdc34
- *
- */
-
-public class JenaNetidPolicyTest extends AbstractTestClass {
- static transient JenaNetidPolicy jniPolicy;
- static transient JenaNetidPolicy unAuthPolicy;
- static transient Model model;
- static IdentifierBundle idb;
-
- static String onts[] ={
- "/testontologies/smallVivo-20070809.owl",
- "/testontologies/vitro1.owl",
- "/testontologies/vivo-users.owl"
- };
-
-
- /*
- * Loading files with this.getClass().getResourceAsStream()
- * Notice that / is the path seperator and strings that lack
- * a leading slash are relative to the package of the this.getClass().
- */
- @BeforeClass
- public static void setUpForClass() throws Exception {
- // Suppress warnings from creating default model.
- setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF);
- model = ModelFactory.createDefaultModel();
-
- for( String ont : onts){
- InputStream in = JenaNetidPolicyTest.class.getResourceAsStream(ont);
- model.read(in,null);
- in.close();
- }
- OntModel ontModel = ModelFactory.createOntologyModel(ONT_MODEL_SPEC,model);
- ontModel.prepare();
-
- InputStream in = JenaNetidPolicyTest.class.getResourceAsStream("resources/examplePolicy.xml");
- jniPolicy = new JenaNetidPolicy(model,in);
- in.close();
-
- in = JenaNetidPolicyTest.class.getResourceAsStream("resources/examplePolicy.xml");
- unAuthPolicy = new JenaNetidPolicy(model,in, Authorization.UNAUTHORIZED);
- in.close();
-
- idb = new ArrayIdentifierBundle();
- idb.add(new SelfEditingIdentifierFactory.NetId("bdc34"));
- }
-
- @Test public void testOfSetupFromXml(){
- assertNotNull(model);
- JenaNetidPolicy j = jniPolicy;
- assertNotNull(j);
- assertNotNull(j.model);
- assertNotNull(j.prefixes);
- assertNotNull( j.actionToQueryStr );
- assertNotNull(j.name);
- assertEquals(j.name, "Example Policy");
- assertTrue(j.prefixes.length() > 0);
- assertTrue( j.actionToQueryStr.size() > 0);
- }
-
- @Test public void testAddDataProps(){
- RequestedAction act; PolicyDecision pd;
-
- act = new AddDataPropStmt(
- "http://some.non.existing.resource",
- "http://some.non.existing.dataproperty",
- "bogus value", null, null);
- pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
- }
-
- @Test public void testAddDataProps2(){
- RequestedAction act; PolicyDecision pd;
-
- act = new AddDataPropStmt(
- "http://vivo.library.cornell.edu/abox#entity11821",
- "vitro:description",
- "a description of some kind.", null, null);
- pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue("authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.AUTHORIZED);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.UNAUTHORIZED);
- }
-
- @Test public void testDropDataProps1(){
- RequestedAction act; PolicyDecision pd;
-
- DataPropertyStatementImpl dp = new DataPropertyStatementImpl();
- dp.setIndividualURI("http://vivo.library.cornell.edu/abox#entity11821");
- dp.setData("a description of some kind.");
- dp.setDatapropURI("vitro:description");
- act = new DropDataPropStmt( dp );
-
- pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue("authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.AUTHORIZED);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.UNAUTHORIZED);
- }
-
- @Test public void testDropDataProps2(){
- RequestedAction act; PolicyDecision pd;
-
- DataPropertyStatementImpl dp = new DataPropertyStatementImpl();
- dp.setIndividualURI("http://mannlib.cornell.edu/non.existing.resource");
- dp.setData("a description of some kind.");
- dp.setDatapropURI("vitro:description");
- act = new DropDataPropStmt( dp );
-
- pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue("authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
-
- }
-
- @Test public void testObjectProps(){
- RequestedAction act = new AddObjectPropStmt(
- "http://vivo.library.cornell.edu/abox#entity11821",
- "vitro:headOf",
- "http://vivo.library.cornell.edu/abox#entity1");
- PolicyDecision pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue("authorization was " + pd.getAuthorized(),
- pd.getAuthorized() == Authorization.AUTHORIZED);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.UNAUTHORIZED);
-
- act = new AddObjectPropStmt(
- "http://vivo.library.cornell.edu/abox#entity123",
- "vitro:headOf",
- "http://vivo.library.cornell.edu/abox#entity1");
- pd = jniPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue("authorization was " + pd.getAuthorized(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
-
- pd = unAuthPolicy.isAuthorized(idb, act);
- assertNotNull(pd);
- assertTrue( "authorization was " + pd.getAuthorized() +
- '\n' + pd.getDebuggingInfo(),
- pd.getAuthorized() == Authorization.INCONCLUSIVE);
- }
-
-// static String ONTOLOGY_ADDR = "http://caruso.mannlib.cornell.edu/xml/rdf/smallVivo-20070809.owl";
-// static String VITRO_ADDR = "http://ivy.mannlib.cornell.edu/ontologies/vitro/vitro1.owl";
-// static String USERS_ADDR = "http://ivy.mannlib.cornell.edu/ontologies/vivo/vivo-users.owl";
- //String ONTOLOGY_ADDR = "http://lowe.mannlib.cornell.edu/ontologies/fao/geopolitical_Ontology_v_0_2.owl";
- //String ONTOLOGY_ADDR = "http://lowe.mannlib.cornell.edu/ontologies/fao/languagecode.owl";
- //String ONTOLOGY_ADDR = "http://localhost/~bjl23/ontologies/VitroFacultyReporting.0.2.owl";
-
- static OntModelSpec ONT_MODEL_SPEC = OntModelSpec.OWL_DL_MEM; // no additional entailment reasoning
- //OntModelSpec ONT_MODEL_SPEC = OntModelSpec.OWL_MEM_MICRO_RULE_INF; // some additional OWL entailment reasoning
- //OntModelSpec ONT_MODEL_SPEC = OntModelSpec.RDFS_MEM_RDFS_INF;
-
-}
diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/examplePolicy.xml b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/examplePolicy.xml
deleted file mode 100644
index 506c124d4..000000000
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/examplePolicy.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-
-
-
-
- Example Policy
- PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
-PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
-PREFIX vivoa: <http://vivo.library.cornell.edu/abox#>
-PREFIX vivo: <http://vivo.library.cornell.edu/ns/0.1#>
-PREFIX vitro: <http://lowe.mannlib.cornell.edu/ns/vitro/0.1/vitro.owl#>
-
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
- ASK WHERE { ?object vitro:netid ?netid }
-
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
-
-
-
- edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt
-
- ASK WHERE { ?subject vitro:netid ?netid }
-
-
-
-
-