diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java index 06f677691..38a811b50 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java @@ -9,6 +9,7 @@ import java.util.Comparator; import java.util.List; import java.util.Random; +import com.hp.hpl.jena.ontology.OntClass; import com.hp.hpl.jena.ontology.OntModel; import com.hp.hpl.jena.ontology.OntResource; import com.hp.hpl.jena.rdf.model.Resource; @@ -50,6 +51,10 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao return null; } + if (!isResourceOfType(r, USERACCOUNT)) { + return null; + } + UserAccount u = new UserAccount(); u.setUri(r.getURI()); u.setEmailAddress(getPropertyStringValue(r, @@ -90,6 +95,7 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao if (stmts.hasNext()) { userUri = stmts.next().getSubject().getURI(); } + stmts.close(); } finally { getOntModel().leaveCriticalSection(); } @@ -227,6 +233,9 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao if (r == null) { return null; } + if (!isResourceOfType(r, PERMISSIONSET)) { + return null; + } PermissionSet ps = new PermissionSet(); ps.setUri(uri); @@ -291,6 +300,23 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao + errMsg); } + /** + * Since there is no reasoner on the UserAccountModel, this will return a + * false negative for a subtype of the specified type. + * + * There should already be a lock on the model when this is called. + */ + private boolean isResourceOfType(OntResource r, OntClass type) { + StmtIterator stmts = getOntModel().listStatements(r, RDF.type, type); + if (stmts.hasNext()) { + stmts.close(); + return true; + } else { + stmts.close(); + return false; + } + } + private static class PermissionSetsByUri implements Comparator { @Override diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJenaTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJenaTest.java index 157f826f1..330ea9428 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJenaTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJenaTest.java @@ -103,6 +103,13 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass { UserAccount u = dao.getUserAccountByUri("bogusUri"); assertNull("null result", u); } + + @Test + public void getUserAccountByUriWrongType() { + UserAccount u = dao.getUserAccountByUri(URI_ROLE1); + System.out.println(u); + assertNull("null result", u); + } @Test public void getUserAccountByEmailSuccess() { @@ -264,6 +271,12 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass { assertNull("null result", ps); } + @Test + public void getPermissionSetByUriWrongType() { + PermissionSet ps = dao.getPermissionSetByUri(URI_USER1); + assertNull("null result", ps); + } + @Test public void getAllPermissionSets() { setLoggerLevel(JenaBaseDao.class, Level.DEBUG);