VIVO-695 VIVO-699 Refactor and optimize the PropertyRestrictionBean
Formerly the PropertyRestrictionPolicyHelper.
This commit is contained in:
parent
da9e244c18
commit
481d3fc1d8
30 changed files with 1321 additions and 1116 deletions
|
@ -12,7 +12,7 @@ import static org.junit.Assert.assertNull;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBeanStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
@ -23,7 +23,6 @@ import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
|
@ -71,9 +70,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
public void setUp() throws Exception {
|
||||
ctx = new ServletContextStub();
|
||||
|
||||
PropertyRestrictionPolicyHelper prph = PropertyRestrictionPolicyHelperStub
|
||||
PropertyRestrictionBeanStub
|
||||
.getInstance(new String[] { UNSAFE_NS });
|
||||
PropertyRestrictionPolicyHelper.setBean(ctx, prph);
|
||||
|
||||
policy = new SelfEditingPolicy(ctx);
|
||||
|
||||
|
@ -87,14 +85,13 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
|
||||
@Test
|
||||
public void testProhibitedProperties() {
|
||||
PropertyRestrictionPolicyHelper prph = PropertyRestrictionPolicyHelperStub
|
||||
PropertyRestrictionBeanStub
|
||||
.getInstance(new String[] { UNSAFE_NS }, new String[] {
|
||||
"http://mannlib.cornell.edu/bad#prp234",
|
||||
"http://mannlib.cornell.edu/bad#prp999",
|
||||
"http://mannlib.cornell.edu/bad#prp333",
|
||||
"http://mannlib.cornell.edu/bad#prp777",
|
||||
"http://mannlib.cornell.edu/bad#prp0020" });
|
||||
PropertyRestrictionPolicyHelper.setBean(ctx, prph);
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
new Property("http://mannlib.cornell.edu/bad#prp234"), SAFE_RESOURCE);
|
||||
|
|
|
@ -10,7 +10,7 @@ import org.junit.Assert;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBeanStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
@ -22,7 +22,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
|
@ -78,9 +77,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
@Before
|
||||
public void setUp() throws Exception {
|
||||
ServletContextStub ctx = new ServletContextStub();
|
||||
PropertyRestrictionPolicyHelper.setBean(ctx,
|
||||
PropertyRestrictionPolicyHelperStub
|
||||
.getInstance(new String[] { ADMIN_NS }));
|
||||
PropertyRestrictionBeanStub.getInstance(new String[] { ADMIN_NS });
|
||||
|
||||
policy = new SelfEditingPolicy(ctx);
|
||||
Assert.assertNotNull(policy);
|
||||
|
|
|
@ -0,0 +1,511 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.policy.bean;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionLevels.Which.DISPLAY;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionLevels.Which.MODIFY;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionLevels.Which.PUBLISH;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.CURATOR;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.DB_ADMIN;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.EDITOR;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.NOBODY;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.DataPropertyDaoStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.FauxPropertyDaoStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDaoStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.modelaccess.ContextModelAccessStub;
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionLevels.Which;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.FauxProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyDao.FullPropertyKey;
|
||||
|
||||
/**
|
||||
* If we believe that authorization will succeed regardless of user role, check
|
||||
* that it succeeds with the lowest role.
|
||||
*
|
||||
* If we believe that authorization will fail regardless of user role, check
|
||||
* that it fails with the highest role.
|
||||
*
|
||||
* If we believe that authorization depends on the user role, it should pass if
|
||||
* the user role is higher than or equal to the threshold, and fail if the user
|
||||
* role is less than the threshold.
|
||||
*
|
||||
* Note that we can't set a threshold to be tested to either the lowest or
|
||||
* highest role, or the attempt to test with higher or lower role will throw an
|
||||
* exception.
|
||||
*/
|
||||
public class PropertyRestrictionBeanImplTest extends AbstractTestClass {
|
||||
private static final String NS_PROHIBITED = "http://prbi.prohibited/";
|
||||
private static final String URI_RESOURCE_EXCEPTIONAL = NS_PROHIBITED
|
||||
+ "exceptionalResource";
|
||||
private static final String URI_PREDICATE_EXCEPTIONAL = NS_PROHIBITED
|
||||
+ "exceptionalPredicate";
|
||||
|
||||
private static final List<String> PROHIBITED_NAMESPACES = Arrays
|
||||
.asList(new String[] { NS_PROHIBITED });
|
||||
private static final List<String> PERMITTED_EXCEPTIONS = Arrays
|
||||
.asList(new String[] { URI_RESOURCE_EXCEPTIONAL,
|
||||
URI_PREDICATE_EXCEPTIONAL });
|
||||
|
||||
private static final String URI_RESOURCE_ANY = "http://prbi.test/anyResource";
|
||||
private static final String URI_RESOURCE_PROHIBITED = NS_PROHIBITED
|
||||
+ "resource";
|
||||
|
||||
private static final String URI_PREDICATE_BARE = "http://prbi.test/barePredicate";
|
||||
private static final String URI_PREDICATE_PROHIBITED = NS_PROHIBITED
|
||||
+ "predicate";
|
||||
private static final String URI_PREDICATE_UNKNOWN = "http://prbi.test/unknownPredicate";
|
||||
|
||||
private static final String URI_DOMAIN_1 = "http://prbi.test/domain1";
|
||||
private static final String URI_RANGE_1 = "http://prbi.test/range1";
|
||||
private static final String URI_DOMAIN_2 = "http://prbi.test/domain2";
|
||||
private static final String URI_RANGE_2 = "http://prbi.test/range2";
|
||||
|
||||
private PropertyRestrictionBeanImpl bean;
|
||||
|
||||
private ObjectProperty barePredicate;
|
||||
private ObjectProperty prohibitedPredicate;
|
||||
private ObjectProperty exceptionalPredicate;
|
||||
private ObjectProperty unknownPredicate;
|
||||
|
||||
private FauxProperty emptyFaux;
|
||||
private FauxProperty restrictedFaux;
|
||||
private FauxProperty unknownFaux;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
barePredicate = createObjectProperty(null, URI_PREDICATE_BARE, null,
|
||||
EDITOR, CURATOR, DB_ADMIN);
|
||||
unknownPredicate = createObjectProperty(null, URI_PREDICATE_UNKNOWN,
|
||||
null, null, null, null);
|
||||
prohibitedPredicate = createObjectProperty(null,
|
||||
URI_PREDICATE_PROHIBITED, null, null, null, null);
|
||||
exceptionalPredicate = createObjectProperty(null,
|
||||
URI_PREDICATE_EXCEPTIONAL, null, CURATOR, EDITOR, EDITOR);
|
||||
|
||||
emptyFaux = createFauxProperty(URI_DOMAIN_1, URI_PREDICATE_BARE,
|
||||
URI_RANGE_1, null, null, null);
|
||||
restrictedFaux = createFauxProperty(URI_DOMAIN_2, URI_PREDICATE_BARE,
|
||||
URI_RANGE_2, EDITOR, DB_ADMIN, CURATOR);
|
||||
unknownFaux = createFauxProperty(URI_DOMAIN_1, URI_PREDICATE_UNKNOWN,
|
||||
URI_RANGE_1, NOBODY, NOBODY, NOBODY);
|
||||
|
||||
ObjectPropertyDaoStub opDao = new ObjectPropertyDaoStub();
|
||||
opDao.addObjectProperty(barePredicate);
|
||||
opDao.addObjectProperty(prohibitedPredicate);
|
||||
opDao.addObjectProperty(exceptionalPredicate);
|
||||
|
||||
DataPropertyDaoStub dpDao = new DataPropertyDaoStub();
|
||||
|
||||
FauxPropertyDaoStub fpDao = new FauxPropertyDaoStub();
|
||||
fpDao.insertFauxProperty(emptyFaux);
|
||||
fpDao.insertFauxProperty(restrictedFaux);
|
||||
|
||||
WebappDaoFactoryStub wadf = new WebappDaoFactoryStub();
|
||||
wadf.setObjectPropertyDao(opDao);
|
||||
wadf.setDataPropertyDao(dpDao);
|
||||
wadf.setFauxPropertyDao(fpDao);
|
||||
|
||||
ContextModelAccessStub models = new ContextModelAccessStub();
|
||||
models.setWebappDaoFactory(wadf);
|
||||
|
||||
bean = new PropertyRestrictionBeanImpl(PROHIBITED_NAMESPACES,
|
||||
PERMITTED_EXCEPTIONS, models);
|
||||
}
|
||||
|
||||
private ObjectProperty createObjectProperty(String domainUri, String uri,
|
||||
String rangeUri, RoleLevel displayThreshold,
|
||||
RoleLevel modifyThreshold, RoleLevel publishThreshold) {
|
||||
ObjectProperty op = new ObjectProperty();
|
||||
op.setURI(uri);
|
||||
op.setDomainVClassURI(domainUri);
|
||||
op.setRangeVClassURI(rangeUri);
|
||||
op.setHiddenFromDisplayBelowRoleLevel(displayThreshold);
|
||||
op.setProhibitedFromUpdateBelowRoleLevel(modifyThreshold);
|
||||
op.setHiddenFromPublishBelowRoleLevel(publishThreshold);
|
||||
return op;
|
||||
}
|
||||
|
||||
private FauxProperty createFauxProperty(String domainUri, String uri,
|
||||
String rangeUri, RoleLevel displayThreshold,
|
||||
RoleLevel modifyThreshold, RoleLevel publishThreshold) {
|
||||
FauxProperty fp = new FauxProperty(domainUri, uri, rangeUri);
|
||||
fp.setHiddenFromDisplayBelowRoleLevel(displayThreshold);
|
||||
fp.setProhibitedFromUpdateBelowRoleLevel(modifyThreshold);
|
||||
fp.setHiddenFromPublishBelowRoleLevel(publishThreshold);
|
||||
return fp;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Resources
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void nullResource_display_false() {
|
||||
assertFalse(bean.canDisplayResource(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void anyResource_display_true() {
|
||||
assertTrue(bean.canDisplayResource(URI_RESOURCE_ANY, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void anyResource_nullUserRole_display_false() {
|
||||
assertFalse(bean.canDisplayResource(URI_RESOURCE_ANY, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void nullResource_modify_false() {
|
||||
assertFalse(bean.canModifyResource(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void prohibitedResource_modify_false() {
|
||||
assertFalse(bean.canModifyResource(URI_RESOURCE_PROHIBITED,
|
||||
highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void exceptionalResource_modify_true() {
|
||||
assertTrue(bean.canModifyResource(URI_RESOURCE_EXCEPTIONAL,
|
||||
lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unremarkableResource_modify_true() {
|
||||
assertTrue(bean.canModifyResource(URI_RESOURCE_ANY, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unremarkableResource_nullUserRole_modify_false() {
|
||||
assertFalse(bean.canModifyResource(URI_RESOURCE_ANY, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void nullResource_publish_false() {
|
||||
assertFalse(bean.canPublishResource(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void anyResource_publish_true() {
|
||||
assertTrue(bean.canPublishResource(URI_RESOURCE_ANY, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void anyResource_nullUserRole_publish_false() {
|
||||
assertFalse(bean.canPublishResource(URI_RESOURCE_ANY, null));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Predicates
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
// ----- display
|
||||
|
||||
@Test
|
||||
public void nullPredicate_display_false() {
|
||||
assertFalse(bean.canDisplayPredicate(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void barePredicate_display_byRole() {
|
||||
assertTrue(bean.canDisplayPredicate(barePredicate,
|
||||
higherRole(barePredicate, DISPLAY)));
|
||||
assertTrue(bean.canDisplayPredicate(barePredicate,
|
||||
sameRole(barePredicate, DISPLAY)));
|
||||
assertFalse(bean.canDisplayPredicate(barePredicate,
|
||||
lowerRole(barePredicate, DISPLAY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownBarePredicate_display_true() {
|
||||
assertTrue(bean.canDisplayPredicate(unknownPredicate, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void emptyQualifiedPredicate_display_byBareRole() {
|
||||
assertTrue(bean.canDisplayPredicate(asProperty(emptyFaux),
|
||||
higherRole(barePredicate, DISPLAY)));
|
||||
assertTrue(bean.canDisplayPredicate(asProperty(emptyFaux),
|
||||
sameRole(barePredicate, DISPLAY)));
|
||||
assertFalse(bean.canDisplayPredicate(asProperty(emptyFaux),
|
||||
lowerRole(barePredicate, DISPLAY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void restrictedQualifiedPredicate_display_byRole() {
|
||||
assertTrue(bean.canDisplayPredicate(asProperty(restrictedFaux),
|
||||
higherRole(restrictedFaux, DISPLAY)));
|
||||
assertTrue(bean.canDisplayPredicate(asProperty(restrictedFaux),
|
||||
sameRole(restrictedFaux, DISPLAY)));
|
||||
assertFalse(bean.canDisplayPredicate(asProperty(restrictedFaux),
|
||||
lowerRole(restrictedFaux, DISPLAY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownQualifiedPredicate_display_true() {
|
||||
assertTrue(bean.canDisplayPredicate(asProperty(unknownFaux),
|
||||
lowestRole()));
|
||||
}
|
||||
|
||||
// ----- modify
|
||||
|
||||
@Test
|
||||
public void nullPredicate_modify_false() {
|
||||
assertFalse(bean.canModifyPredicate(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void prohibitedPredicate_modify_false() {
|
||||
assertFalse(bean.canModifyPredicate(prohibitedPredicate, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void exceptionalPredicate_modify_byRole() {
|
||||
assertTrue(bean.canModifyPredicate(exceptionalPredicate,
|
||||
higherRole(exceptionalPredicate, MODIFY)));
|
||||
assertTrue(bean.canModifyPredicate(exceptionalPredicate,
|
||||
sameRole(exceptionalPredicate, MODIFY)));
|
||||
assertFalse(bean.canModifyPredicate(exceptionalPredicate,
|
||||
lowerRole(exceptionalPredicate, MODIFY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void barePredicate_modify_byRole() {
|
||||
assertTrue(bean.canModifyPredicate(barePredicate,
|
||||
higherRole(barePredicate, MODIFY)));
|
||||
assertTrue(bean.canModifyPredicate(barePredicate,
|
||||
sameRole(barePredicate, MODIFY)));
|
||||
assertFalse(bean.canModifyPredicate(barePredicate,
|
||||
lowerRole(barePredicate, MODIFY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownBarePredicate_modify_true() {
|
||||
assertTrue(bean.canModifyPredicate(unknownPredicate, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void emptyQualifiedPredicate_modify_byBareRole() {
|
||||
assertTrue(bean.canModifyPredicate(asProperty(emptyFaux),
|
||||
higherRole(barePredicate, MODIFY)));
|
||||
assertTrue(bean.canModifyPredicate(asProperty(emptyFaux),
|
||||
sameRole(barePredicate, MODIFY)));
|
||||
assertFalse(bean.canModifyPredicate(asProperty(emptyFaux),
|
||||
lowerRole(barePredicate, MODIFY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void restrictedQualifiedPredicate_modify_byRole() {
|
||||
assertTrue(bean.canModifyPredicate(asProperty(restrictedFaux),
|
||||
higherRole(restrictedFaux, MODIFY)));
|
||||
assertTrue(bean.canModifyPredicate(asProperty(restrictedFaux),
|
||||
sameRole(restrictedFaux, MODIFY)));
|
||||
assertFalse(bean.canModifyPredicate(asProperty(restrictedFaux),
|
||||
lowerRole(restrictedFaux, MODIFY)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownQualifiedPredicate_modify_true() {
|
||||
assertTrue(bean.canModifyPredicate(asProperty(unknownFaux),
|
||||
lowestRole()));
|
||||
}
|
||||
|
||||
// ----- publish
|
||||
|
||||
@Test
|
||||
public void nullPredicate_publish_false() {
|
||||
assertFalse(bean.canPublishPredicate(null, highestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void barePredicate_publish_byRole() {
|
||||
assertTrue(bean.canPublishPredicate(barePredicate,
|
||||
higherRole(barePredicate, PUBLISH)));
|
||||
assertTrue(bean.canPublishPredicate(barePredicate,
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
assertFalse(bean.canPublishPredicate(barePredicate,
|
||||
lowerRole(barePredicate, PUBLISH)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownBarePredicate_publish_true() {
|
||||
assertTrue(bean.canPublishPredicate(unknownPredicate, lowestRole()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void emptyQualifiedPredicate_publish_byBareRole() {
|
||||
assertTrue(bean.canPublishPredicate(asProperty(emptyFaux),
|
||||
higherRole(barePredicate, PUBLISH)));
|
||||
assertTrue(bean.canPublishPredicate(asProperty(emptyFaux),
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
assertFalse(bean.canPublishPredicate(asProperty(emptyFaux),
|
||||
lowerRole(barePredicate, PUBLISH)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void restrictedQualifiedPredicate_publish_byRole() {
|
||||
assertTrue(bean.canPublishPredicate(asProperty(restrictedFaux),
|
||||
higherRole(restrictedFaux, PUBLISH)));
|
||||
assertTrue(bean.canPublishPredicate(asProperty(restrictedFaux),
|
||||
sameRole(restrictedFaux, PUBLISH)));
|
||||
assertFalse(bean.canPublishPredicate(asProperty(restrictedFaux),
|
||||
lowerRole(restrictedFaux, PUBLISH)));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unknownQualifiedPredicate_publish_true() {
|
||||
assertTrue(bean.canPublishPredicate(asProperty(unknownFaux),
|
||||
lowestRole()));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// update permissions
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void updateToAllowDisplay() {
|
||||
RoleLevel desiredDisplayLevel = lowerRole(barePredicate, DISPLAY);
|
||||
|
||||
assertFalse(bean
|
||||
.canDisplayPredicate(barePredicate, desiredDisplayLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate, desiredDisplayLevel,
|
||||
sameRole(barePredicate, MODIFY),
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
|
||||
assertTrue(bean.canDisplayPredicate(barePredicate, desiredDisplayLevel));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateToAllowModify() {
|
||||
RoleLevel desiredModifyLevel = lowerRole(barePredicate, MODIFY);
|
||||
|
||||
assertFalse(bean.canModifyPredicate(barePredicate, desiredModifyLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate,
|
||||
sameRole(barePredicate, DISPLAY), desiredModifyLevel,
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
|
||||
assertTrue(bean.canModifyPredicate(barePredicate, desiredModifyLevel));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateToAllowPublish() {
|
||||
RoleLevel desiredPublishLevel = lowerRole(barePredicate, PUBLISH);
|
||||
|
||||
assertFalse(bean
|
||||
.canPublishPredicate(barePredicate, desiredPublishLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate,
|
||||
sameRole(barePredicate, DISPLAY),
|
||||
sameRole(barePredicate, MODIFY), desiredPublishLevel));
|
||||
|
||||
assertTrue(bean.canPublishPredicate(barePredicate, desiredPublishLevel));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateToDisallowDisplay() {
|
||||
RoleLevel desiredDisplayLevel = sameRole(barePredicate, DISPLAY);
|
||||
|
||||
assertTrue(bean.canDisplayPredicate(barePredicate, desiredDisplayLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate,
|
||||
higherRole(barePredicate, DISPLAY),
|
||||
sameRole(barePredicate, MODIFY),
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
|
||||
assertFalse(bean
|
||||
.canDisplayPredicate(barePredicate, desiredDisplayLevel));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateToDisallowModify() {
|
||||
RoleLevel desiredModifyLevel = sameRole(barePredicate, MODIFY);
|
||||
|
||||
assertTrue(bean.canModifyPredicate(barePredicate, desiredModifyLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate,
|
||||
sameRole(barePredicate, DISPLAY),
|
||||
higherRole(barePredicate, MODIFY),
|
||||
sameRole(barePredicate, PUBLISH)));
|
||||
|
||||
assertFalse(bean.canModifyPredicate(barePredicate, desiredModifyLevel));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateToDisallowPublish() {
|
||||
RoleLevel desiredPublishLevel = sameRole(barePredicate, PUBLISH);
|
||||
|
||||
assertTrue(bean.canPublishPredicate(barePredicate, desiredPublishLevel));
|
||||
|
||||
bean.updateProperty(updatedLevels(barePredicate,
|
||||
sameRole(barePredicate, DISPLAY),
|
||||
sameRole(barePredicate, MODIFY),
|
||||
higherRole(barePredicate, PUBLISH)));
|
||||
|
||||
assertFalse(bean
|
||||
.canPublishPredicate(barePredicate, desiredPublishLevel));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Helper methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private RoleLevel lowestRole() {
|
||||
return RoleLevel.values()[0];
|
||||
}
|
||||
|
||||
private RoleLevel highestRole() {
|
||||
RoleLevel[] values = RoleLevel.values();
|
||||
return values[values.length - 1];
|
||||
}
|
||||
|
||||
private RoleLevel sameRole(RoleRestrictedProperty p, Which which) {
|
||||
switch (which) {
|
||||
case DISPLAY:
|
||||
return p.getHiddenFromDisplayBelowRoleLevel();
|
||||
case MODIFY:
|
||||
return p.getProhibitedFromUpdateBelowRoleLevel();
|
||||
default: // PUBLISH
|
||||
return p.getHiddenFromPublishBelowRoleLevel();
|
||||
}
|
||||
}
|
||||
|
||||
private RoleLevel lowerRole(RoleRestrictedProperty p, Which which) {
|
||||
return RoleLevel.values()[sameRole(p, which).ordinal() - 1];
|
||||
}
|
||||
|
||||
private RoleLevel higherRole(RoleRestrictedProperty p, Which which) {
|
||||
return RoleLevel.values()[sameRole(p, which).ordinal() + 1];
|
||||
}
|
||||
|
||||
private Property asProperty(FauxProperty fp) {
|
||||
Property p = new Property();
|
||||
p.setURI(fp.getBaseURI());
|
||||
p.setDomainVClassURI(fp.getDomainURI());
|
||||
p.setRangeVClassURI(fp.getRangeURI());
|
||||
return p;
|
||||
}
|
||||
|
||||
private PropertyRestrictionLevels updatedLevels(RoleRestrictedProperty p,
|
||||
RoleLevel displayLevel, RoleLevel modifyLevel,
|
||||
RoleLevel publishLevel) {
|
||||
return new PropertyRestrictionLevels(new FullPropertyKey(p),
|
||||
displayLevel, modifyLevel, publishLevel);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,331 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.policy.bean;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.CURATOR;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.DB_ADMIN;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.EDITOR;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.NOBODY;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.PUBLIC;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel.SELF;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
import com.hp.hpl.jena.rdf.model.Resource;
|
||||
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyDao.FullPropertyKey;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
|
||||
/**
|
||||
* Check that the bean gets built properly, and check that the bean works
|
||||
* properly.
|
||||
*/
|
||||
public class PropertyRestrictionPolicyHelperTest extends AbstractTestClass {
|
||||
private static final Log log = LogFactory
|
||||
.getLog(PropertyRestrictionPolicyHelperTest.class);
|
||||
|
||||
private static final String PROPERTY_DISPLAY_THRESHOLD = VitroVocabulary.HIDDEN_FROM_DISPLAY_BELOW_ROLE_LEVEL_ANNOT;
|
||||
private static final String PROPERTY_MODIFY_THRESHOLD = VitroVocabulary.PROHIBITED_FROM_UPDATE_BELOW_ROLE_LEVEL_ANNOT;
|
||||
private static final String PROPERTY_PUBLISH_THRESHOLD = VitroVocabulary.HIDDEN_FROM_PUBLISH_BELOW_ROLE_LEVEL_ANNOT;
|
||||
|
||||
private static final String[] PROHIBITED_NAMESPACES = new String[] {
|
||||
VitroVocabulary.vitroURI, "" };
|
||||
|
||||
private static final String[] PERMITTED_EXCEPTIONS = new String[] { VitroVocabulary.MONIKER };
|
||||
|
||||
private OntModel ontModel;
|
||||
private ModelWrapper wrapper;
|
||||
private PropertyRestrictionPolicyHelper bean;
|
||||
|
||||
@Before
|
||||
public void setLoggingLevel() {
|
||||
// setLoggerLevel(PropertyRestrictionPolicyHelper.class, Level.DEBUG);
|
||||
}
|
||||
|
||||
private FullPropertyKey key(String predicateURI) {
|
||||
return new FullPropertyKey(predicateURI);
|
||||
}
|
||||
|
||||
@Before
|
||||
public void createTheBean() {
|
||||
Map<FullPropertyKey, RoleLevel> displayLevels = new HashMap<>();
|
||||
displayLevels.put(key("http://predicates#display_curator"), CURATOR);
|
||||
displayLevels.put(key("http://predicates#display_hidden"), NOBODY);
|
||||
|
||||
Map<FullPropertyKey, RoleLevel> modifyLevels = new HashMap<>();
|
||||
modifyLevels.put(key("http://predicates#modify_self"), SELF);
|
||||
modifyLevels.put(key("http://predicates#modify_curator"), CURATOR);
|
||||
modifyLevels.put(key("http://predicates#modify_hidden"), NOBODY);
|
||||
|
||||
Map<FullPropertyKey, RoleLevel> publishLevels = new HashMap<>();
|
||||
publishLevels.put(key("http://predicates#publish_curator"), CURATOR);
|
||||
publishLevels.put(key("http://predicates#publish_hidden"), NOBODY);
|
||||
|
||||
bean = new PropertyRestrictionPolicyHelper(
|
||||
Arrays.asList(PROHIBITED_NAMESPACES),
|
||||
Arrays.asList(PERMITTED_EXCEPTIONS), displayLevels,
|
||||
modifyLevels, publishLevels);
|
||||
}
|
||||
|
||||
@Before
|
||||
public void createTheModel() {
|
||||
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM);
|
||||
|
||||
wrapper = new ModelWrapper(ontModel);
|
||||
|
||||
wrapper.add("http://thresholds#display_public",
|
||||
PROPERTY_DISPLAY_THRESHOLD, PUBLIC.getURI());
|
||||
wrapper.add("http://thresholds#display_hidden",
|
||||
PROPERTY_DISPLAY_THRESHOLD, NOBODY.getURI());
|
||||
|
||||
wrapper.add("http://thresholds#modify_editor",
|
||||
PROPERTY_MODIFY_THRESHOLD, EDITOR.getURI());
|
||||
wrapper.add("http://thresholds#modify_curator",
|
||||
PROPERTY_MODIFY_THRESHOLD, CURATOR.getURI());
|
||||
|
||||
wrapper.add("http://thresholds#publish_public",
|
||||
PROPERTY_PUBLISH_THRESHOLD, PUBLIC.getURI());
|
||||
wrapper.add("http://thresholds#publish_hidden",
|
||||
PROPERTY_PUBLISH_THRESHOLD, NOBODY.getURI());
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// test the bean
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void displayResource() {
|
||||
assertEquals("display a random resource", true,
|
||||
bean.canDisplayResource("http://someRandom#string", null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyResourceNoRestriction() {
|
||||
assertEquals("modify a random resource", true,
|
||||
bean.canModifyResource("http://someRandom#string", null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyResourceProhibitedNamespace() {
|
||||
assertEquals("modify a prohibited resource", false,
|
||||
bean.canModifyResource(PROHIBITED_NAMESPACES[0] + "random",
|
||||
null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishResource() {
|
||||
assertEquals("publish a random resource", true,
|
||||
bean.canPublishResource("http://someRandom#string", null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyResourcePermittedException() {
|
||||
assertEquals("modify a exception resource", true,
|
||||
bean.canModifyResource(PERMITTED_EXCEPTIONS[0], null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void displayPredicateNoRestriction() {
|
||||
assertEquals("displayPredicate: open", true, bean.canDisplayPredicate(
|
||||
createVitroProperty("http://predicates#open"), PUBLIC));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void displayPredicateRestrictionLower() {
|
||||
assertEquals("displayPredicate: lower restriction", true,
|
||||
bean.canDisplayPredicate(
|
||||
createVitroProperty("http://predicates#display_self"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void displayPredicateRestrictionEqual() {
|
||||
assertEquals(
|
||||
"displayPredicate: equal restriction",
|
||||
true,
|
||||
bean.canDisplayPredicate(
|
||||
createVitroProperty("http://predicates#display_curator"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void displayPredicateRestrictionHigher() {
|
||||
assertEquals(
|
||||
"displayPredicate: higher restriction",
|
||||
false,
|
||||
bean.canDisplayPredicate(
|
||||
createVitroProperty("http://predicates#display_hidden"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicateNoRestriction() {
|
||||
assertEquals("modifyPredicate: open", true, bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
"http://predicates#open"), PUBLIC));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicateRestrictionLower() {
|
||||
assertEquals("modifyPredicate: lower restriction", true,
|
||||
bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
"http://predicates#modify_self"), CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicateRestrictionEqual() {
|
||||
assertEquals("modifyPredicate: equal restriction", true,
|
||||
bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
"http://predicates#modify_curator"), CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicateRestrictionHigher() {
|
||||
assertEquals("modifyPredicate: higher restriction", false,
|
||||
bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
"http://predicates#modify_hidden"), CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicateProhibitedNamespace() {
|
||||
assertEquals(
|
||||
"modifyPredicate: prohibited namespace",
|
||||
false,
|
||||
bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
PROHIBITED_NAMESPACES[0] + "randoom"), DB_ADMIN));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void modifyPredicatePermittedException() {
|
||||
assertEquals("modifyPredicate: permitted exception", true,
|
||||
bean.canModifyPredicate(
|
||||
new edu.cornell.mannlib.vitro.webapp.beans.Property(
|
||||
PERMITTED_EXCEPTIONS[0]), DB_ADMIN));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishPredicateNoRestriction() {
|
||||
assertEquals("publishPredicate: open", true, bean.canPublishPredicate(
|
||||
createVitroProperty("http://predicates#open"), PUBLIC));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishPredicateRestrictionLower() {
|
||||
assertEquals("publishPredicate: lower restriction", true,
|
||||
bean.canPublishPredicate(
|
||||
createVitroProperty("http://predicates#publish_self"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishPredicateRestrictionEqual() {
|
||||
assertEquals(
|
||||
"publishPredicate: equal restriction",
|
||||
true,
|
||||
bean.canPublishPredicate(
|
||||
createVitroProperty("http://predicates#publish_curator"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishPredicateRestrictionHigher() {
|
||||
assertEquals(
|
||||
"publishPredicate: higher restriction",
|
||||
false,
|
||||
bean.canPublishPredicate(
|
||||
createVitroProperty("http://predicates#publish_hidden"),
|
||||
CURATOR));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// test the bean builder
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void buildDisplayThresholds() {
|
||||
Map<FullPropertyKey, BaseResourceBean.RoleLevel> expectedMap = new HashMap<>();
|
||||
expectedMap.put(key("http://thresholds#display_public"), PUBLIC);
|
||||
expectedMap.put(key("http://thresholds#display_hidden"), NOBODY);
|
||||
|
||||
Map<String, RoleLevel> actualMap = populateThresholdMap(PROPERTY_DISPLAY_THRESHOLD);
|
||||
assertEquals("display thresholds", expectedMap, actualMap);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void buildModifyThresholds() {
|
||||
Map<FullPropertyKey, BaseResourceBean.RoleLevel> expectedMap = new HashMap<>();
|
||||
expectedMap.put(key("http://thresholds#modify_editor"), EDITOR);
|
||||
expectedMap.put(key("http://thresholds#modify_curator"), CURATOR);
|
||||
|
||||
Map<String, RoleLevel> actualMap = populateThresholdMap(PROPERTY_MODIFY_THRESHOLD);
|
||||
assertEquals("modify thresholds", expectedMap, actualMap);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void buildPublishThresholds() {
|
||||
Map<FullPropertyKey, BaseResourceBean.RoleLevel> expectedMap = new HashMap<>();
|
||||
expectedMap.put(key("http://thresholds#publish_public"), PUBLIC);
|
||||
expectedMap.put(key("http://thresholds#publish_hidden"), NOBODY);
|
||||
|
||||
Map<String, RoleLevel> actualMap = populateThresholdMap(PROPERTY_PUBLISH_THRESHOLD);
|
||||
assertEquals("publish thresholds", expectedMap, actualMap);
|
||||
}
|
||||
|
||||
/** Invoke the private static method "populateThresholdMap" */
|
||||
private Map<String, RoleLevel> populateThresholdMap(String propertyUri) {
|
||||
Map<String, RoleLevel> map = new HashMap<String, BaseResourceBean.RoleLevel>();
|
||||
try {
|
||||
Class<?> clazz = PropertyRestrictionPolicyHelper.class;
|
||||
Method method = clazz.getDeclaredMethod("populateThresholdMap",
|
||||
OntModel.class, Map.class, String.class);
|
||||
method.setAccessible(true);
|
||||
method.invoke(null, ontModel, map, propertyUri);
|
||||
return map;
|
||||
} catch (Exception e) {
|
||||
fail("failed to populate the map: propertyUri='" + propertyUri
|
||||
+ "', " + e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private static class ModelWrapper {
|
||||
private final OntModel model;
|
||||
|
||||
public ModelWrapper(OntModel model) {
|
||||
this.model = model;
|
||||
}
|
||||
|
||||
public void add(String subjectUri, String propertyUri, String objectUri) {
|
||||
Resource subject = model.getResource(subjectUri);
|
||||
Property property = model.getProperty(propertyUri);
|
||||
Resource object = model.getResource(objectUri);
|
||||
model.add(subject, property, object);
|
||||
}
|
||||
}
|
||||
|
||||
private edu.cornell.mannlib.vitro.webapp.beans.Property createVitroProperty(
|
||||
String propertyURI) {
|
||||
return new edu.cornell.mannlib.vitro.webapp.beans.Property(propertyURI);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,122 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import com.hp.hpl.jena.rdf.model.impl.Util;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionLevels;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
|
||||
/**
|
||||
* Allow the unit test to specify a variety of restrictions
|
||||
*/
|
||||
public class PropertyRestrictionBeanStub extends PropertyRestrictionBean {
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub infrastructure
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
/** Don't prohibit or restrict anything. */
|
||||
public static PropertyRestrictionBean getInstance() {
|
||||
return getInstance(null, null);
|
||||
}
|
||||
|
||||
/** Prohibit some namespaces. */
|
||||
public static PropertyRestrictionBeanStub getInstance(
|
||||
String[] restrictedNamespaces) {
|
||||
return getInstance(restrictedNamespaces, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Prohibit some namespaces and restrict some properties from modification
|
||||
* by anybody. They may still be displayed or published.
|
||||
*
|
||||
* We can implement more granular control if we need it.
|
||||
*/
|
||||
public static PropertyRestrictionBeanStub getInstance(
|
||||
String[] restrictedNamespaces, String[] restrictedProperties) {
|
||||
PropertyRestrictionBeanStub stub = new PropertyRestrictionBeanStub(
|
||||
restrictedNamespaces, restrictedProperties);
|
||||
PropertyRestrictionBean.instance = stub;
|
||||
return stub;
|
||||
}
|
||||
|
||||
private final Set<String> restrictedNamespaces;
|
||||
private final Set<String> restrictedProperties;
|
||||
|
||||
private PropertyRestrictionBeanStub(String[] restrictedNamespaces,
|
||||
String[] restrictedProperties) {
|
||||
this.restrictedNamespaces = (restrictedNamespaces == null) ? Collections
|
||||
.<String> emptySet() : new HashSet<>(
|
||||
Arrays.asList(restrictedNamespaces));
|
||||
this.restrictedProperties = (restrictedProperties == null) ? Collections
|
||||
.<String> emptySet() : new HashSet<>(
|
||||
Arrays.asList(restrictedProperties));
|
||||
}
|
||||
|
||||
private boolean isPermittedNamespace(String uri) {
|
||||
return !restrictedNamespaces.contains(namespace(uri));
|
||||
}
|
||||
|
||||
private String namespace(String uri) {
|
||||
return uri.substring(0, Util.splitNamespace(uri));
|
||||
}
|
||||
|
||||
private boolean isPermittedProperty(String uri) {
|
||||
return !restrictedProperties.contains(uri);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public boolean canDisplayResource(String resourceUri, RoleLevel userRole) {
|
||||
return isPermittedNamespace(resourceUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canModifyResource(String resourceUri, RoleLevel userRole) {
|
||||
return isPermittedNamespace(resourceUri)
|
||||
&& isPermittedProperty(resourceUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canPublishResource(String resourceUri, RoleLevel userRole) {
|
||||
return isPermittedNamespace(resourceUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canDisplayPredicate(Property predicate, RoleLevel userRole) {
|
||||
return isPermittedNamespace(predicate.getURI());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canModifyPredicate(Property predicate, RoleLevel userRole) {
|
||||
return isPermittedNamespace(predicate.getURI())
|
||||
&& isPermittedProperty(predicate.getURI());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canPublishPredicate(Property predicate, RoleLevel userRole) {
|
||||
return isPermittedNamespace(predicate.getURI());
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Un-implemented methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public void updateProperty(PropertyRestrictionLevels levels) {
|
||||
throw new RuntimeException(
|
||||
"PropertyRestrictionBeanStub.updateProperty() not implemented.");
|
||||
}
|
||||
|
||||
}
|
|
@ -1,63 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyDao.FullPropertyKey;
|
||||
|
||||
/**
|
||||
* Allow the unit test to specify a variety of restrictions
|
||||
*/
|
||||
public class PropertyRestrictionPolicyHelperStub extends
|
||||
PropertyRestrictionPolicyHelper {
|
||||
|
||||
/** Don't prohibit or restrict anything. */
|
||||
public static PropertyRestrictionPolicyHelper getInstance() {
|
||||
return getInstance(null, null);
|
||||
}
|
||||
|
||||
/** Prohibit some namespaces. */
|
||||
public static PropertyRestrictionPolicyHelperStub getInstance(
|
||||
String[] restrictedNamespaces) {
|
||||
return getInstance(restrictedNamespaces, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Prohibit some namespaces and restrict some properties from modification
|
||||
* by anybody.
|
||||
*/
|
||||
public static PropertyRestrictionPolicyHelperStub getInstance(
|
||||
String[] restrictedNamespaces, String[] restrictedProperties) {
|
||||
Set<String> namespaceSet = new HashSet<String>();
|
||||
if (restrictedNamespaces != null) {
|
||||
namespaceSet.addAll(Arrays.asList(restrictedNamespaces));
|
||||
}
|
||||
|
||||
Map<FullPropertyKey, RoleLevel> thresholdMap = new HashMap<>();
|
||||
if (restrictedProperties != null) {
|
||||
for (String prop : restrictedProperties) {
|
||||
thresholdMap.put(new FullPropertyKey(prop), RoleLevel.NOBODY);
|
||||
}
|
||||
}
|
||||
|
||||
return new PropertyRestrictionPolicyHelperStub(namespaceSet, null,
|
||||
null, thresholdMap, null);
|
||||
}
|
||||
|
||||
private PropertyRestrictionPolicyHelperStub(
|
||||
Set<String> modifyRestrictedNamespaces,
|
||||
Set<String> modifyPermittedExceptions,
|
||||
Map<FullPropertyKey, RoleLevel> displayThresholds,
|
||||
Map<FullPropertyKey, RoleLevel> modifyThresholds,
|
||||
Map<FullPropertyKey, RoleLevel> publishThresholds) {
|
||||
super(modifyRestrictedNamespaces, modifyPermittedExceptions,
|
||||
displayThresholds, modifyThresholds, publishThresholds);
|
||||
}
|
||||
}
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
package stubs.edu.cornell.mannlib.vitro.webapp.dao;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
@ -57,6 +58,11 @@ public class DataPropertyDaoStub implements DataPropertyDao {
|
|||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public List<DataProperty> getAllDataProperties() {
|
||||
return new ArrayList<>(dpMap.values());
|
||||
}
|
||||
|
||||
@Override
|
||||
public DataProperty getDataPropertyByURI(String dataPropertyURI) {
|
||||
return dpMap.get(dataPropertyURI);
|
||||
|
@ -189,12 +195,6 @@ public class DataPropertyDaoStub implements DataPropertyDao {
|
|||
"PropertyDao.getClassesWithRestrictionOnProperty() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List getAllDataProperties() {
|
||||
throw new RuntimeException(
|
||||
"DataPropertyDao.getAllDataProperties() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List getAllExternalIdDataProperties() {
|
||||
throw new RuntimeException(
|
||||
|
|
|
@ -2,9 +2,11 @@
|
|||
|
||||
package stubs.edu.cornell.mannlib.vitro.webapp.dao;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.FauxProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.FauxPropertyDao;
|
||||
|
@ -19,7 +21,7 @@ public class FauxPropertyDaoStub implements FauxPropertyDao {
|
|||
// ----------------------------------------------------------------------
|
||||
|
||||
private final Map<FullPropertyKey, FauxProperty> props = new HashMap<>();
|
||||
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
@ -30,28 +32,32 @@ public class FauxPropertyDaoStub implements FauxPropertyDao {
|
|||
return props.get(new FullPropertyKey(domainUri, baseUri, rangeUri));
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<FauxProperty> getFauxPropertiesForBaseUri(String uri) {
|
||||
List<FauxProperty> list = new ArrayList<>();
|
||||
for (FauxProperty fp : props.values()) {
|
||||
if (Objects.equals(fp.getBaseURI(), uri)) {
|
||||
list.add(fp);
|
||||
}
|
||||
}
|
||||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void insertFauxProperty(FauxProperty fp) {
|
||||
props.put(new FullPropertyKey(fp), fp);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Un-implemented methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public List<FauxProperty> getFauxPropertiesForBaseUri(String uri) {
|
||||
throw new RuntimeException(
|
||||
"FauxPropertyDaoStub.getFauxPropertiesForBaseUri() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public FauxProperty getFauxPropertyFromContextUri(String contextUri) {
|
||||
throw new RuntimeException(
|
||||
"FauxPropertyDaoStub.getFauxPropertyFromContextUri() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void insertFauxProperty(FauxProperty fp) {
|
||||
throw new RuntimeException(
|
||||
"FauxPropertyDaoStub.insertFauxProperty() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateFauxProperty(FauxProperty fp) {
|
||||
throw new RuntimeException(
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
package stubs.edu.cornell.mannlib.vitro.webapp.dao;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -40,17 +41,18 @@ public class ObjectPropertyDaoStub implements ObjectPropertyDao {
|
|||
|
||||
opMap.put(uri, property);
|
||||
}
|
||||
|
||||
public void setCustomListViewConfigFileName(ObjectProperty property, String filename) {
|
||||
|
||||
public void setCustomListViewConfigFileName(ObjectProperty property,
|
||||
String filename) {
|
||||
if (property == null) {
|
||||
throw new NullPointerException("property may not be null.");
|
||||
}
|
||||
|
||||
|
||||
String uri = property.getURI();
|
||||
if (uri == null) {
|
||||
throw new NullPointerException("uri may not be null.");
|
||||
}
|
||||
|
||||
|
||||
configFilesMap.put(uri, filename);
|
||||
}
|
||||
|
||||
|
@ -58,6 +60,11 @@ public class ObjectPropertyDaoStub implements ObjectPropertyDao {
|
|||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public List<ObjectProperty> getAllObjectProperties() {
|
||||
return new ArrayList<>(opMap.values());
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectProperty getObjectPropertyByURI(String objectPropertyURI) {
|
||||
if (objectPropertyURI == null) {
|
||||
|
@ -65,18 +72,18 @@ public class ObjectPropertyDaoStub implements ObjectPropertyDao {
|
|||
}
|
||||
return opMap.get(objectPropertyURI);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectProperty getObjectPropertyByURIs(String objectPropertyURI,
|
||||
String domainURI, String rangeURI) {
|
||||
return getObjectPropertyByURI(objectPropertyURI);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectProperty getObjectPropertyByURIs(String objectPropertyURI,
|
||||
String domainURI, String rangeURI, ObjectProperty base) {
|
||||
return getObjectPropertyByURI(objectPropertyURI);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectProperty getObjectPropertyByURIs(String objectPropertyURI,
|
||||
String domainURI, String rangeURI) {
|
||||
return getObjectPropertyByURI(objectPropertyURI);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectProperty getObjectPropertyByURIs(String objectPropertyURI,
|
||||
String domainURI, String rangeURI, ObjectProperty base) {
|
||||
return getObjectPropertyByURI(objectPropertyURI);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getCustomListViewConfigFileName(ObjectProperty objectProperty) {
|
||||
|
@ -194,12 +201,6 @@ public class ObjectPropertyDaoStub implements ObjectPropertyDao {
|
|||
"ObjectPropertyDaoStub.getClassesWithRestrictionOnProperty() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ObjectProperty> getAllObjectProperties() {
|
||||
throw new RuntimeException(
|
||||
"ObjectPropertyDaoStub.getAllObjectProperties() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ObjectProperty> getObjectPropertiesForObjectPropertyStatements(
|
||||
List objectPropertyStatements) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue