NIHVIVO-1232 Create a base class so methods can be shared between SelfEditingPolicy and InformationResourceEditingPolicy

2010-12-06 19:53:16 +00:00 · 2010-12-06 19:53:16 +00:00 · 373538c868
commit 373538c868
parent 19bc848fe7
2 changed files with 68 additions and 52 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/BaseSelfEditingPolicy.java
@ -0,0 +1,60 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
+
+/**
+ * A base class with utility methods for policies involving self-editing.
+ */
+public abstract class BaseSelfEditingPolicy {
+
+	protected List<String> getUrisOfSelfEditor(IdentifierBundle ids) {
+		List<String> uris = new ArrayList<String>();
+		if (ids != null) {
+			for (Identifier id : ids) {
+				if (id instanceof SelfEditing) {
+					SelfEditing selfEditId = (SelfEditing) id;
+					if (selfEditId.getBlacklisted() == null) {
+						uris.add(selfEditId.getValue());
+					}
+				}
+			}
+		}
+		return uris;
+	}
+
+	protected PolicyDecision cantModifyResource(String uri) {
+		return inconclusiveDecision("No access to admin resources; cannot modify "
+				+ uri);
+	}
+
+	protected PolicyDecision cantModifyPredicate(String uri) {
+		return inconclusiveDecision("No access to admin predicates; cannot modify "
+				+ uri);
+	}
+
+	protected PolicyDecision userNotAuthorizedToStatement() {
+		return inconclusiveDecision("User has no access to this statement.");
+	}
+
+	/** An INCONCLUSIVE decision with a message like "PolicyClass: message". */
+	protected PolicyDecision inconclusiveDecision(String message) {
+		return new BasicPolicyDecision(Authorization.INCONCLUSIVE, getClass()
+				.getSimpleName() + ": " + message);
+	}
+
+	/** An AUTHORIZED decision with a message like "PolicyClass: message". */
+	protected PolicyDecision authorizedDecision(String message) {
+		return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass()
+				.getSimpleName() + ": " + message);
+	}
+
+}
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java
@ -2,7 +2,6 @@

 package edu.cornell.mannlib.vitro.webapp.auth.policy;

-import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;

@ -11,10 +10,7 @@ import org.apache.commons.logging.LogFactory;

 import com.hp.hpl.jena.ontology.OntModel;

-import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
@ -26,7 +22,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractRe
 * Policy to use for Vivo Self-Editing based on NetId for use at Cornell. All
 * methods in this class should be thread safe and side effect free.
 */
-public class SelfEditingPolicy implements PolicyIface {
+public class SelfEditingPolicy extends BaseSelfEditingPolicy implements
+		PolicyIface {
 	protected static Log log = LogFactory.getLog(SelfEditingPolicy.class);

 	protected final OntModel model;
@ -40,21 +37,19 @@ public class SelfEditingPolicy implements PolicyIface {
 				prohibitedResources, prohibitedNamespaces, editableVitroUris);
 	}

-	private static final Authorization DEFAULT_AUTHORIZATION = Authorization.INCONCLUSIVE;
-
 	public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
 			RequestedAction whatToAuth) {
 		if (whoToAuth == null) {
-			return defaultDecision("whoToAuth was null");
+			return inconclusiveDecision("whoToAuth was null");
 		}
 		if (whatToAuth == null) {
-			return defaultDecision("whatToAuth was null");
+			return inconclusiveDecision("whatToAuth was null");
 		}

 		List<String> userUris = getUrisOfSelfEditor(whoToAuth);

 		if (userUris.isEmpty()) {
-			return defaultDecision("Not self-editing.");
+			return inconclusiveDecision("Not self-editing.");
 		}

 		if (whatToAuth instanceof AbstractObjectPropertyAction) {
@ -71,7 +66,7 @@ public class SelfEditingPolicy implements PolicyIface {
 			return isAuthorizedForResourceAction((AbstractResourceAction) whatToAuth);
 		}

-		return defaultDecision("Does not authorize "
+		return inconclusiveDecision("Does not authorize "
 				+ whatToAuth.getClass().getSimpleName() + " actions");
 	}

@ -165,45 +160,6 @@ public class SelfEditingPolicy implements PolicyIface {
 		return false;
 	}

-	private List<String> getUrisOfSelfEditor(IdentifierBundle ids) {
-		List<String> uris = new ArrayList<String>();
-		if (ids != null) {
-			for (Identifier id : ids) {
-				if (id instanceof SelfEditing) {
-					SelfEditing selfEditId = (SelfEditing) id;
-					if (selfEditId.getBlacklisted() == null) {
-						uris.add(selfEditId.getValue());
-					}
-				}
-			}
-		}
-		return uris;
-	}
-
-	protected PolicyDecision cantModifyResource(String uri) {
-		return defaultDecision("No access to admin resources; cannot modify "
-				+ uri);
-	}
-
-	protected PolicyDecision cantModifyPredicate(String uri) {
-		return defaultDecision("No access to admin predicates; cannot modify "
-				+ uri);
-	}
-
-	private PolicyDecision userNotAuthorizedToStatement() {
-		return defaultDecision("User has no access to this statement.");
-	}
-
-	private PolicyDecision defaultDecision(String message) {
-		return new BasicPolicyDecision(DEFAULT_AUTHORIZATION,
-				"SelfEditingPolicy: " + message);
-	}
-
-	private PolicyDecision authorizedDecision(String message) {
-		return new BasicPolicyDecision(Authorization.AUTHORIZED,
-				"SelfEditingPolicy: " + message);
-	}
-
 	@Override
 	public String toString() {
 		return "SelfEditingPolicy " + hashCode() + "[" + restrictor + "]";