NIHVIVO-736 transitioning from LoginFormBean to LoginStatusBean.
This commit is contained in:
jeb228
parent
bb07558b19
commit
30344c4af9
5 changed files with 23 additions and 69 deletions
|
|
@ -121,7 +121,7 @@ public class LoginStatusBean {
|
|||
return securityLevel > ANYBODY;
|
||||
}
|
||||
|
||||
public boolean isLoggedInAs(int level) {
|
||||
public boolean isLoggedInExactly(int level) {
|
||||
return securityLevel == level;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,14 +15,13 @@ import javax.servlet.ServletContext;
|
|||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
|
|
@ -53,7 +52,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
|
||||
private static final long serialVersionUID = 1L;
|
||||
private static final Log log = LogFactory.getLog(FreemarkerHttpServlet.class);
|
||||
private static final int FILTER_SECURITY_LEVEL = LoginFormBean.EDITOR;
|
||||
private static final int FILTER_SECURITY_LEVEL = LoginStatusBean.EDITOR;
|
||||
|
||||
protected enum Template {
|
||||
STANDARD_ERROR("error-standard.ftl"),
|
||||
|
|
@ -476,24 +475,13 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
}
|
||||
|
||||
private final Map<String, Object> getLoginValues(VitroRequest vreq) {
|
||||
|
||||
String loginName = null;
|
||||
int securityLevel;
|
||||
|
||||
HttpSession session = vreq.getSession();
|
||||
LoginFormBean loginBean = (LoginFormBean) session.getAttribute("loginHandler");
|
||||
if (loginBean != null && loginBean.testSessionLevel(vreq) > -1) {
|
||||
loginName = loginBean.getLoginName();
|
||||
securityLevel = Integer.parseInt(loginBean.getLoginRole());
|
||||
}
|
||||
|
||||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
|
||||
if (loginName != null) {
|
||||
map.put("loginName", loginName);
|
||||
LoginStatusBean loginBean = LoginStatusBean.getBean(vreq);
|
||||
if (loginBean.isLoggedIn()) {
|
||||
map.put("loginName", loginBean.getUsername());
|
||||
|
||||
securityLevel = Integer.parseInt(loginBean.getLoginRole());
|
||||
if (securityLevel >= FILTER_SECURITY_LEVEL) {
|
||||
if (loginBean.isLoggedInAtLeast(FILTER_SECURITY_LEVEL)) {
|
||||
ApplicationBean appBean = vreq.getAppBean();
|
||||
if (appBean.isFlag1Active()) {
|
||||
map.put("showFlag1SearchField", true);
|
||||
|
|
|
|||
|
|
@ -8,28 +8,17 @@ import java.util.Map;
|
|||
import java.util.Map.Entry;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.UnavailableException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.fileupload.FileItem;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.AuthorizationHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ServletIdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RequestPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditObjPropStmt;
|
||||
|
|
@ -602,7 +591,7 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
*/
|
||||
private boolean checkAuthorized(VitroRequest vreq)
|
||||
throws UserMistakeException {
|
||||
if (LoginFormBean.loggedIn(vreq, LoginFormBean.EDITOR)) {
|
||||
if (LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.EDITOR)) {
|
||||
log.debug("Authorized because logged in as Editor");
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ import com.hp.hpl.jena.shared.Lock;
|
|||
import com.hp.hpl.jena.vocabulary.RDF;
|
||||
import com.hp.hpl.jena.vocabulary.RDFS;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
|
|
@ -135,20 +135,6 @@ public class IndividualController extends FreemarkerHttpServlet {
|
|||
EditSubmission.clearAllEditSubmissionsInSession(session);
|
||||
}
|
||||
|
||||
private int getSecurityLevel(HttpSession session) {
|
||||
String loginStatus = null;
|
||||
int securityLevel = LoginFormBean.ANYBODY;
|
||||
LoginFormBean loginHandler = (LoginFormBean)session.getAttribute("loginHandler");
|
||||
if (loginHandler != null) {
|
||||
loginStatus = loginHandler.getLoginStatus();
|
||||
if ("authenticated".equals(loginStatus)) {
|
||||
securityLevel = Integer.parseInt(loginHandler.getLoginRole());
|
||||
}
|
||||
}
|
||||
return securityLevel;
|
||||
|
||||
}
|
||||
|
||||
// Set template values related to access privileges
|
||||
// RY We may want to define an EditingIndividualTemplateModel class, with methods like getAdminPanel() and
|
||||
// getEditLinks(property). The constructor would take an individual and a loginFormBean object, both of which
|
||||
|
|
@ -158,13 +144,13 @@ public class IndividualController extends FreemarkerHttpServlet {
|
|||
// which might seem opaque to template authors.
|
||||
private Map<String, Object> getEditingData(VitroRequest vreq) {
|
||||
|
||||
int securityLevel = getSecurityLevel(vreq.getSession());
|
||||
LoginStatusBean loginBean = LoginStatusBean.getBean(vreq);
|
||||
|
||||
Map<String, Object> editingData = new HashMap<String, Object>();
|
||||
|
||||
editingData.put("showEditLinks", VitroRequestPrep.isSelfEditing(vreq) || securityLevel >= LoginFormBean.NON_EDITOR);
|
||||
editingData.put("showEditLinks", VitroRequestPrep.isSelfEditing(vreq) || loginBean.isLoggedInAtLeast(LoginStatusBean.NON_EDITOR));
|
||||
|
||||
boolean showAdminPanel = securityLevel >= LoginFormBean.EDITOR;
|
||||
boolean showAdminPanel = loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR);
|
||||
editingData.put("showAdminPanel", showAdminPanel);
|
||||
|
||||
return editingData;
|
||||
|
|
@ -204,8 +190,6 @@ public class IndividualController extends FreemarkerHttpServlet {
|
|||
|
||||
IndividualDao iwDao = vreq.getWebappDaoFactory().getIndividualDao();
|
||||
|
||||
int securityLevel = getSecurityLevel(vreq.getSession());
|
||||
|
||||
individual.setKeywords(iwDao.getKeywordsForIndividualByMode(individual.getURI(),"visible"));
|
||||
individual.sortForDisplay();
|
||||
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ import java.util.Map;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -37,17 +37,12 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
|||
@Override
|
||||
protected ResponseValues processRequest(VitroRequest vreq) {
|
||||
|
||||
String loginStatus = null;
|
||||
|
||||
LoginFormBean loginHandler = (LoginFormBean)vreq.getSession().getAttribute("loginHandler");
|
||||
if (loginHandler != null) {
|
||||
loginStatus = loginHandler.getLoginStatus();
|
||||
}
|
||||
|
||||
LoginStatusBean loginBean = LoginStatusBean.getBean(vreq);
|
||||
|
||||
Map<String, Object> body = new HashMap<String, Object>();
|
||||
|
||||
// NOT LOGGED IN: just show login form
|
||||
if (loginHandler == null || !"authenticated".equals(loginStatus)) {
|
||||
if (!loginBean.isLoggedIn()) {
|
||||
// Unlike the other panels on this page, we put the data directly in the body, because the templates are also used
|
||||
// by the JSP version, where the data is placed directly in the body map.
|
||||
body.putAll(getLoginPanelData(vreq));
|
||||
|
|
@ -55,19 +50,17 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
|||
// LOGGED IN: show editing options based on user role
|
||||
} else {
|
||||
|
||||
int securityLevel = Integer.parseInt( loginHandler.getLoginRole() );
|
||||
|
||||
if (securityLevel >= LoginFormBean.EDITOR) {
|
||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR)) {
|
||||
|
||||
UrlBuilder urlBuilder = new UrlBuilder(vreq.getPortal());
|
||||
|
||||
body.put("dataInput", getDataInputData(vreq));
|
||||
|
||||
if (securityLevel >= LoginFormBean.CURATOR) {
|
||||
body.put("siteConfig", getSiteConfigurationData(vreq, securityLevel, urlBuilder));
|
||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
|
||||
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
|
||||
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
|
||||
|
||||
if (securityLevel >= LoginFormBean.DBA) {
|
||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) {
|
||||
body.put("dataTools", getDataToolsData(vreq, urlBuilder));
|
||||
|
||||
// Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
|
||||
|
|
@ -126,14 +119,14 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
|||
return map;
|
||||
}
|
||||
|
||||
private Map<String, Object> getSiteConfigurationData(VitroRequest vreq, int securityLevel, UrlBuilder urlBuilder) {
|
||||
private Map<String, Object> getSiteConfigurationData(VitroRequest vreq, UrlBuilder urlBuilder) {
|
||||
|
||||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
Map<String, String> urls = new HashMap<String, String>();
|
||||
|
||||
urls.put("tabs", urlBuilder.getPortalUrl("/listTabs"));
|
||||
|
||||
if (securityLevel >= LoginFormBean.DBA) {
|
||||
if (LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) {
|
||||
urls.put("users", urlBuilder.getPortalUrl("/listUsers"));
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue