VIVO-769 Merge branch 'feature/orcid' into develop
Conflicts: webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java
This commit is contained in:
Jim Blake
commit
2cd3f36db0
7 changed files with 89 additions and 28 deletions
BIN
webapp/lib/cxf-xjc-runtime-2.6.2.jar
Normal file
BIN
webapp/lib/cxf-xjc-runtime-2.6.2.jar
Normal file
Binary file not shown.
BIN
webapp/lib/cxf-xjc-ts-2.6.2.jar
Normal file
BIN
webapp/lib/cxf-xjc-ts-2.6.2.jar
Normal file
Binary file not shown.
BIN
webapp/lib/javax.json-1.0.4.jar
Normal file
BIN
webapp/lib/javax.json-1.0.4.jar
Normal file
Binary file not shown.
BIN
webapp/lib/javax.json-api-1.0.jar
Normal file
BIN
webapp/lib/javax.json-api-1.0.jar
Normal file
Binary file not shown.
|
|
@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.auth.permissions;
|
|||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
|
@ -20,15 +19,19 @@ import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
|||
import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus;
|
||||
|
||||
/**
|
||||
* An immutable collection of Permission objects, keyed by URI. Resides in the
|
||||
* A collection of Permission objects, keyed by URI. Resides in the
|
||||
* ServletContext.
|
||||
*
|
||||
* This is not thread-safe, so all Permissions should be added during context
|
||||
* This is not thread-safe, so Permissions should be added only during context
|
||||
* initialization.
|
||||
*/
|
||||
public class PermissionRegistry {
|
||||
private static final Log log = LogFactory.getLog(PermissionRegistry.class);
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// The factory
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private static final String ATTRIBUTE_NAME = PermissionRegistry.class
|
||||
.getName();
|
||||
|
||||
|
|
@ -55,7 +58,8 @@ public class PermissionRegistry {
|
|||
"PermissionRegistry has already been set.");
|
||||
}
|
||||
|
||||
PermissionRegistry registry = new PermissionRegistry(permissions);
|
||||
PermissionRegistry registry = new PermissionRegistry();
|
||||
registry.addPermissions(permissions);
|
||||
ctx.setAttribute(ATTRIBUTE_NAME, registry);
|
||||
}
|
||||
|
||||
|
|
@ -80,11 +84,27 @@ public class PermissionRegistry {
|
|||
return (PermissionRegistry) o;
|
||||
}
|
||||
|
||||
private final Map<String, Permission> permissionsMap;
|
||||
// ----------------------------------------------------------------------
|
||||
// The instance
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
public PermissionRegistry(Collection<? extends Permission> permissions) {
|
||||
Map<String, Permission> map = new HashMap<String, Permission>();
|
||||
private final Map<String, Permission> map = new HashMap<>();
|
||||
|
||||
/**
|
||||
* This class is not thread-safe, so permissions should be added only during
|
||||
* context initialization.
|
||||
*/
|
||||
public void addPermissions(Collection<? extends Permission> permissions) {
|
||||
for (Permission p : permissions) {
|
||||
addPermission(p);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This class is not thread-safe, so permissions should be added only during
|
||||
* context initialization.
|
||||
*/
|
||||
public void addPermission(Permission p) {
|
||||
String uri = p.getUri();
|
||||
if (map.containsKey(uri)) {
|
||||
throw new IllegalStateException("A Permission is already "
|
||||
|
|
@ -92,14 +112,12 @@ public class PermissionRegistry {
|
|||
}
|
||||
map.put(uri, p);
|
||||
}
|
||||
this.permissionsMap = Collections.unmodifiableMap(map);
|
||||
}
|
||||
|
||||
/**
|
||||
* Is there a Permission registered with this URI?
|
||||
*/
|
||||
public boolean isPermission(String uri) {
|
||||
return permissionsMap.containsKey(uri);
|
||||
return map.containsKey(uri);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -110,7 +128,7 @@ public class PermissionRegistry {
|
|||
* this URI, call isPermission() instead.
|
||||
*/
|
||||
public Permission getPermission(String uri) {
|
||||
Permission p = permissionsMap.get(uri);
|
||||
Permission p = map.get(uri);
|
||||
if (p == null) {
|
||||
log.warn("No Permission is registered for '" + uri + "'");
|
||||
return new BrokenPermission(uri);
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.TemplateProcessing
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.Route;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ExceptionResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ForwardResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.NotAuthorizedResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.RdfResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.RedirectResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
|
|
@ -229,7 +230,9 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
response.setStatus(statusCode);
|
||||
}
|
||||
|
||||
if (values instanceof ExceptionResponseValues) {
|
||||
if (values instanceof NotAuthorizedResponseValues) {
|
||||
doNotAuthorized(vreq, response, (NotAuthorizedResponseValues)values);
|
||||
} else if (values instanceof ExceptionResponseValues) {
|
||||
doException(vreq, response, values);
|
||||
} else if (values instanceof TemplateResponseValues) {
|
||||
doTemplate(vreq, response, values);
|
||||
|
|
@ -247,6 +250,14 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
private void doNotAuthorized(VitroRequest vreq,
|
||||
HttpServletResponse response, NotAuthorizedResponseValues values) {
|
||||
// This method does a redirect if the required authorizations are
|
||||
// not met (and they won't be), so just return.
|
||||
isAuthorizedToDisplayPage(vreq, response, values.getUnauthorizedAction());
|
||||
return;
|
||||
}
|
||||
|
||||
protected void doTemplate(VitroRequest vreq, HttpServletResponse response,
|
||||
ResponseValues values) throws TemplateProcessingException {
|
||||
|
||||
|
|
@ -548,4 +559,5 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
// to set up the data model.
|
||||
new FreemarkerComponentGenerator(request);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
|
||||
/**
|
||||
* This allows processRequest() in sub-classes of FreemarkerHttpServlet to
|
||||
* decide that the request is not authorized, and properly handle the
|
||||
* redirection.
|
||||
*/
|
||||
public class NotAuthorizedResponseValues extends BaseResponseValues {
|
||||
/**
|
||||
* If logging is turned on, this will be written to the log as a reason for
|
||||
* rejecting the servlet.
|
||||
*/
|
||||
private final String logMessage;
|
||||
|
||||
public NotAuthorizedResponseValues(String logMessage) {
|
||||
this.logMessage = logMessage;
|
||||
}
|
||||
|
||||
public RequestedAction getUnauthorizedAction() {
|
||||
return new RequestedAction() {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "Servlet not authorized: " + logMessage;
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue