From 373538c86888c6697e2b93c9da1253e13f51a386 Mon Sep 17 00:00:00 2001 From: jeb228 Date: Mon, 6 Dec 2010 19:53:16 +0000 Subject: [PATCH] NIHVIVO-1232 Create a base class so methods can be shared between SelfEditingPolicy and InformationResourceEditingPolicy --- .../auth/policy/BaseSelfEditingPolicy.java | 60 +++++++++++++++++++ .../webapp/auth/policy/SelfEditingPolicy.java | 60 +++---------------- 2 files changed, 68 insertions(+), 52 deletions(-) create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java new file mode 100644 index 000000000..516a6951a --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java @@ -0,0 +1,60 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.policy; + +import java.util.ArrayList; +import java.util.List; + +import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; + +/** + * A base class with utility methods for policies involving self-editing. + */ +public abstract class BaseSelfEditingPolicy { + + protected List getUrisOfSelfEditor(IdentifierBundle ids) { + List uris = new ArrayList(); + if (ids != null) { + for (Identifier id : ids) { + if (id instanceof SelfEditing) { + SelfEditing selfEditId = (SelfEditing) id; + if (selfEditId.getBlacklisted() == null) { + uris.add(selfEditId.getValue()); + } + } + } + } + return uris; + } + + protected PolicyDecision cantModifyResource(String uri) { + return inconclusiveDecision("No access to admin resources; cannot modify " + + uri); + } + + protected PolicyDecision cantModifyPredicate(String uri) { + return inconclusiveDecision("No access to admin predicates; cannot modify " + + uri); + } + + protected PolicyDecision userNotAuthorizedToStatement() { + return inconclusiveDecision("User has no access to this statement."); + } + + /** An INCONCLUSIVE decision with a message like "PolicyClass: message". */ + protected PolicyDecision inconclusiveDecision(String message) { + return new BasicPolicyDecision(Authorization.INCONCLUSIVE, getClass() + .getSimpleName() + ": " + message); + } + + /** An AUTHORIZED decision with a message like "PolicyClass: message". */ + protected PolicyDecision authorizedDecision(String message) { + return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass() + .getSimpleName() + ": " + message); + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java index cee52aa90..c80c2ea53 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java @@ -2,7 +2,6 @@ package edu.cornell.mannlib.vitro.webapp.auth.policy; -import java.util.ArrayList; import java.util.List; import java.util.Set; @@ -11,10 +10,7 @@ import org.apache.commons.logging.LogFactory; import com.hp.hpl.jena.ontology.OntModel; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; @@ -26,7 +22,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractRe * Policy to use for Vivo Self-Editing based on NetId for use at Cornell. All * methods in this class should be thread safe and side effect free. */ -public class SelfEditingPolicy implements PolicyIface { +public class SelfEditingPolicy extends BaseSelfEditingPolicy implements + PolicyIface { protected static Log log = LogFactory.getLog(SelfEditingPolicy.class); protected final OntModel model; @@ -40,38 +37,36 @@ public class SelfEditingPolicy implements PolicyIface { prohibitedResources, prohibitedNamespaces, editableVitroUris); } - private static final Authorization DEFAULT_AUTHORIZATION = Authorization.INCONCLUSIVE; - public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, RequestedAction whatToAuth) { if (whoToAuth == null) { - return defaultDecision("whoToAuth was null"); + return inconclusiveDecision("whoToAuth was null"); } if (whatToAuth == null) { - return defaultDecision("whatToAuth was null"); + return inconclusiveDecision("whatToAuth was null"); } List userUris = getUrisOfSelfEditor(whoToAuth); if (userUris.isEmpty()) { - return defaultDecision("Not self-editing."); + return inconclusiveDecision("Not self-editing."); } if (whatToAuth instanceof AbstractObjectPropertyAction) { return isAuthorizedForObjectPropertyAction(userUris, (AbstractObjectPropertyAction) whatToAuth); } - + if (whatToAuth instanceof AbstractDataPropertyAction) { return isAuthorizedForDataPropertyAction(userUris, (AbstractDataPropertyAction) whatToAuth); } - + if (whatToAuth instanceof AbstractResourceAction) { return isAuthorizedForResourceAction((AbstractResourceAction) whatToAuth); } - return defaultDecision("Does not authorize " + return inconclusiveDecision("Does not authorize " + whatToAuth.getClass().getSimpleName() + " actions"); } @@ -165,45 +160,6 @@ public class SelfEditingPolicy implements PolicyIface { return false; } - private List getUrisOfSelfEditor(IdentifierBundle ids) { - List uris = new ArrayList(); - if (ids != null) { - for (Identifier id : ids) { - if (id instanceof SelfEditing) { - SelfEditing selfEditId = (SelfEditing) id; - if (selfEditId.getBlacklisted() == null) { - uris.add(selfEditId.getValue()); - } - } - } - } - return uris; - } - - protected PolicyDecision cantModifyResource(String uri) { - return defaultDecision("No access to admin resources; cannot modify " - + uri); - } - - protected PolicyDecision cantModifyPredicate(String uri) { - return defaultDecision("No access to admin predicates; cannot modify " - + uri); - } - - private PolicyDecision userNotAuthorizedToStatement() { - return defaultDecision("User has no access to this statement."); - } - - private PolicyDecision defaultDecision(String message) { - return new BasicPolicyDecision(DEFAULT_AUTHORIZATION, - "SelfEditingPolicy: " + message); - } - - private PolicyDecision authorizedDecision(String message) { - return new BasicPolicyDecision(Authorization.AUTHORIZED, - "SelfEditingPolicy: " + message); - } - @Override public String toString() { return "SelfEditingPolicy " + hashCode() + "[" + restrictor + "]";