NIHVIVO-2509 add InformationResource "features" Individual

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/InformationResourceEditingPolicy.java

@@ -45,6 +45,7 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 			+ "informationResourceInAuthorship";
 	private static final String URI_LINKED_AUTHOR_PROPERTY = NS_CORE
 			+ "linkedAuthor";
+	private static final String URI_FEATURES_PROPERTY = NS_CORE + "features";
 
 	private final OntModel model;
 
@@ -85,7 +86,8 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 
 	/**
 	 * The user can edit a data property if it is not restricted and if it is
-	 * about an information resource which he authored or edited.
+	 * about an information resource which he authored or edited, or in which he
+	 * is featured.
 	 */
 	private PolicyDecision isAuthorizedForDataPropertyAction(
 			List<String> userUris, AbstractDataPropertyAction action) {
@@ -106,6 +108,9 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 			if (anyUrisInCommon(userUris, getUrisOfAuthors(subject))) {
 				return authorizedSubjectAuthor();
 			}
+			if (anyUrisInCommon(userUris, getUrisOfFeatured(subject))) {
+				return authorizedSubjectFeatured();
+			}
 		}
 
 		return userNotAuthorizedToStatement();
@@ -113,7 +118,8 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 
 	/**
 	 * The user can edit an object property if it is not restricted and if it is
-	 * about an information resource which he authored or edited.
+	 * about an information resource which he authored or edited, or in which he
+	 * is featured.
 	 */
 	private PolicyDecision isAuthorizedForObjectPropertyAction(
 			List<String> userUris, AbstractObjectPropertyAction action) {
@@ -138,6 +144,9 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 			if (anyUrisInCommon(userUris, getUrisOfAuthors(subject))) {
 				return authorizedSubjectAuthor();
 			}
+			if (anyUrisInCommon(userUris, getUrisOfFeatured(subject))) {
+				return authorizedSubjectFeatured();
+			}
 		}
 
 		if (isInformationResource(object)) {
@@ -147,6 +156,9 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 			if (anyUrisInCommon(userUris, getUrisOfAuthors(object))) {
 				return authorizedObjectAuthor();
 			}
+			if (anyUrisInCommon(userUris, getUrisOfFeatured(object))) {
+				return authorizedObjectFeatured();
+			}
 		}
 
 		return userNotAuthorizedToStatement();
@@ -224,6 +236,28 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 		}
 	}
 
+	private List<String> getUrisOfFeatured(String infoResourceUri) {
+		List<String> list = new ArrayList<String>();
+
+		Selector selector = createSelector(infoResourceUri,
+				URI_FEATURES_PROPERTY, null);
+
+		StmtIterator stmts = null;
+		model.enterCriticalSection(Lock.READ);
+		try {
+			stmts = model.listStatements(selector);
+			while (stmts.hasNext()) {
+				list.add(stmts.next().getObject().toString());
+			}
+			return list;
+		} finally {
+			if (stmts != null) {
+				stmts.close();
+			}
+			model.leaveCriticalSection();
+		}
+	}
+
 	/** Note that we must already be in a critical section! */
 	private List<String> getUrisOfAuthors(Resource authorship) {
 		List<String> list = new ArrayList<String>();
@@ -287,4 +321,12 @@ public class InformationResourceEditingPolicy extends BaseSelfEditingPolicy
 	private PolicyDecision authorizedObjectAuthor() {
 		return authorizedDecision("User is author of the object of the statement");
 	}
+	
+	private PolicyDecision authorizedSubjectFeatured() {
+		return authorizedDecision("User is featured in the subject of the statement");
+	}
+	
+	private PolicyDecision authorizedObjectFeatured() {
+		return authorizedDecision("User is featured in the object of the statement");
+	}
 }

webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/InformationResourceEditingPolicyTest.java

@@ -4,6 +4,7 @@ package edu.cornell.mannlib.vitro.webapp.auth.policy;
 
 import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.AUTHORIZED;
 import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.INCONCLUSIVE;
+import static org.junit.Assert.*;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 
@@ -84,9 +85,13 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 			+ "bozoWroteIt";
 	private static final String URI_BOZO_EDITED_IT = NS_PERMITTED
 			+ "bozoEditedIt";
+	private static final String URI_BOZO_FEATURED_IN_IT = NS_PERMITTED
+			+ "bozoFeaturedInIt";
 	private static final String URI_JOE_WROTE_IT = NS_PERMITTED + "joeWroteIt";
 	private static final String URI_JOE_EDITED_IT = NS_PERMITTED
 			+ "joeEditedIt";
+	private static final String URI_JOE_FEATURED_IN_IT = NS_PERMITTED
+			+ "joeFeaturedInIt";
 
 	private static OntModel ontModel;
 
@@ -199,7 +204,7 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 	}
 
 	@Test
-	public void dataPropSubjectIsInfoResourceButNoAuthorsOrEditors() {
+	public void dataPropSubjectIsInfoResourceButNoAuthorsOrEditorsOrFeatured() {
 		action = new AddDataPropStmt(URI_NOBODY_WROTE_IT,
 				URI_PERMITTED_PREDICATE, "junk", null, null);
 		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
@@ -220,6 +225,13 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
 	}
 
+	@Test
+	public void dataPropSubjectIsInfoResourceButWrongFeatured() {
+		action = new AddDataPropStmt(URI_BOZO_FEATURED_IN_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
 	@Test
 	public void dataPropSubjectIsInfoResourceWithSelfEditingAuthor() {
 		action = new AddDataPropStmt(URI_JOE_WROTE_IT, URI_PERMITTED_PREDICATE,
@@ -236,6 +248,14 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
 	}
 
+	@Test
+	public void dataPropSubjectIsInfoResourceWithSelfEditingFeatured() {
+		action = new AddDataPropStmt(URI_JOE_FEATURED_IN_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
 	@Test
 	public void objectPropSubjectIsRestricted() {
 		action = new AddObjectPropStmt(URI_RESTRICTED_RESOURCE,
@@ -272,7 +292,7 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 	}
 
 	@Test
-	public void objectPropSubjectIsInfoResourceButNoAuthorsOrEditors() {
+	public void objectPropSubjectIsInfoResourceButNoAuthorsOrEditorsOrFeatured() {
 		action = new AddObjectPropStmt(URI_NOBODY_WROTE_IT,
 				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
 		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
@@ -293,6 +313,13 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
 	}
 
+	@Test
+	public void objectPropSubjectIsInfoResourceButWrongFeatured() {
+		action = new AddObjectPropStmt(URI_BOZO_FEATURED_IN_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
 	@Test
 	public void objectPropSubjectIsInfoResourceWithSelfEditingAuthor() {
 		action = new AddObjectPropStmt(URI_JOE_WROTE_IT,
@@ -309,6 +336,14 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
 	}
 
+	@Test
+	public void objectPropSubjectIsInfoResourceWithSelfEditingFeatured() {
+		action = new AddObjectPropStmt(URI_JOE_FEATURED_IN_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
 	@Test
 	public void objectPropObjectIsInfoResourcebutNobodyIsSelfEditing() {
 		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
@@ -338,6 +373,13 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
 	}
 
+	@Test
+	public void objectPropObjectIsInfoResourceButWrongFeatured() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_BOZO_FEATURED_IN_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
 	@Test
 	public void objectPropObjectIsInfoResourceWithSelfEditingAuthor() {
 		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
@@ -354,6 +396,14 @@ public class InformationResourceEditingPolicyTest extends AbstractTestClass {
 		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
 	}
 
+	@Test
+	public void objectPropObjectIsInfoResourceWithSelfEditingFeatured() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_JOE_FEATURED_IN_IT);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
 	// ----------------------------------------------------------------------
 	// helper methods
 	// ----------------------------------------------------------------------

webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/InformationResourceEditingPolicyTest.n3

@@ -86,6 +86,19 @@ mydomain:bozoEditedIt
 	bib:editor mydomain:bozo ;
 	.
 
+#
+# info resource with Bozo featured 
+#
+mydomain:bozoFeaturedInIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Bozo is featured" ;
+	core:features mydomain:bozo ;
+	.
+
 #
 # info resource with Joe as author
 #
@@ -119,3 +132,16 @@ mydomain:joeEditedIt
 	rdfs:label "Joe is editor" ;
 	bib:editor mydomain:joe ;
 	.
+
+#
+# info resource with Joe featured 
+#
+mydomain:joeFeaturedInIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Joe is featured" ;
+	core:features mydomain:joe ;
+	.