VIVO-761 Use RequestedAction instead of Actions
Modify VitroHttpServlet, similar classes, and all subclasses to use RequestedAction instead of Actions. Modify PolicyHelper also.
This commit is contained in:
Jim Blake
parent
f3daaaf6d7
commit
4baad05643
109 changed files with 281 additions and 583 deletions
|
|
@ -10,7 +10,6 @@ import java.util.Map;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleRequestedAction;
|
||||
|
||||
|
|
@ -119,7 +118,6 @@ public class SimplePermission extends Permission {
|
|||
//private final String localName;
|
||||
private final String uri;
|
||||
public final RequestedAction ACTION;
|
||||
public final Actions ACTIONS;
|
||||
|
||||
public SimplePermission(String uri) {
|
||||
super(uri);
|
||||
|
|
@ -131,7 +129,6 @@ public class SimplePermission extends Permission {
|
|||
//this.localName = localName;
|
||||
this.uri = uri;
|
||||
this.ACTION = new SimpleRequestedAction(uri);
|
||||
this.ACTIONS = new Actions(this.ACTION);
|
||||
|
||||
if (allInstances.containsKey(this.uri)) {
|
||||
throw new IllegalStateException("A SimplePermission named '"
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFa
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
|
|
@ -44,8 +44,8 @@ public class PolicyHelper {
|
|||
* policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
RequestedAction... actions) {
|
||||
return isAuthorizedForActions(req, new Actions(actions));
|
||||
AuthorizationRequest... actions) {
|
||||
return isAuthorizedForActions(req, AuthorizationRequest.and(actions));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -53,18 +53,27 @@ public class PolicyHelper {
|
|||
* policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
Actions actions) {
|
||||
Iterable<? extends AuthorizationRequest> actions) {
|
||||
return isAuthorizedForActions(req, AuthorizationRequest.and(actions));
|
||||
}
|
||||
|
||||
/**
|
||||
* Are these actions authorized for the current user by the current
|
||||
* policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
AuthorizationRequest ar) {
|
||||
PolicyIface policy = ServletPolicyList.getPolicies(req);
|
||||
IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(req);
|
||||
return isAuthorizedForActions(ids, policy, actions);
|
||||
return ar.isAuthorized(ids, policy);
|
||||
}
|
||||
|
||||
/**
|
||||
* Are these actions authorized for these identifiers by these policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(IdentifierBundle ids,
|
||||
PolicyIface policy, Actions actions) {
|
||||
return Actions.notNull(actions).isAuthorized(policy, ids);
|
||||
PolicyIface policy, AuthorizationRequest ar) {
|
||||
return ar.isAuthorized(ids, policy);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -76,8 +85,7 @@ public class PolicyHelper {
|
|||
* identifier bundle.
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
String email, String password, Actions actions) {
|
||||
|
||||
String email, String password, AuthorizationRequest ar) {
|
||||
if (password == null || email == null || password.isEmpty()
|
||||
|| email.isEmpty()) {
|
||||
return false;
|
||||
|
|
@ -106,11 +114,9 @@ public class PolicyHelper {
|
|||
IdentifierBundle ids = ActiveIdentifierBundleFactories
|
||||
.getUserIdentifierBundle(req, user);
|
||||
PolicyIface policy = ServletPolicyList.getPolicies(req);
|
||||
return PolicyHelper.isAuthorizedForActions(ids, policy, actions);
|
||||
return ar.isAuthorized(ids, policy);
|
||||
} catch (Exception ex) {
|
||||
log.error(
|
||||
"Error while attempting to authorize actions "
|
||||
+ actions.toString(), ex);
|
||||
log.error("Error while attempting to authorize actions " + ar, ex);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,282 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
|
||||
/**
|
||||
* A list of RequiredAction objects.
|
||||
*
|
||||
* Authorization is considered successful if ALL of the actions are
|
||||
* authorized, or if there are NO clauses.
|
||||
*
|
||||
* A previous version of this class had a capability to do OR clauses but
|
||||
* this feature was unused and hindered composition of Actions
|
||||
* objects. The ability to do an OR has been moved to AnyRequestedAction
|
||||
* and AllRequestedAction.
|
||||
*
|
||||
*/
|
||||
public class Actions {
|
||||
private static final Log log = LogFactory.getLog(Actions.class);
|
||||
|
||||
public static final Actions AUTHORIZED = new Actions();
|
||||
public static final Actions UNAUTHORIZED = new Actions(
|
||||
new UnauthorizedAction());
|
||||
|
||||
public static Actions notNull(Actions actions) {
|
||||
return (actions == null) ? AUTHORIZED : actions;
|
||||
}
|
||||
|
||||
/**
|
||||
* This is a set of RequestedActions that get ANDed together.
|
||||
*
|
||||
* If all of the RequestedAction objects from the
|
||||
* Sets are authorized, then the Actions object should
|
||||
* be considered authorized.
|
||||
*/
|
||||
private Set<RequestedAction> requestedActions;
|
||||
|
||||
public Actions(){
|
||||
requestedActions= Collections.emptySet();
|
||||
}
|
||||
|
||||
/**
|
||||
* AND together all the RequestedAction from all the actions.
|
||||
*/
|
||||
public Actions(Actions... actions){
|
||||
Set<RequestedAction> newActs = new HashSet<RequestedAction>();
|
||||
|
||||
for( Actions actionToAnd : actions){
|
||||
if( actionToAnd != null && actionToAnd.requestedActions != null ){
|
||||
newActs.addAll( actionToAnd.requestedActions );
|
||||
}
|
||||
}
|
||||
|
||||
this.requestedActions = Collections.unmodifiableSet( newActs );
|
||||
}
|
||||
|
||||
public Actions(RequestedAction... actions) {
|
||||
this(Arrays.asList(actions));
|
||||
}
|
||||
|
||||
public Actions(Collection<RequestedAction> actions) {
|
||||
this(Collections.<RequestedAction> emptySet(), actions);
|
||||
}
|
||||
|
||||
private Actions(Set<RequestedAction> oldList,
|
||||
Collection<RequestedAction> newActions) {
|
||||
|
||||
Set<RequestedAction> newActs = new HashSet<RequestedAction>();
|
||||
|
||||
if( oldList != null ){
|
||||
newActs.addAll(oldList);
|
||||
}
|
||||
|
||||
if ( newActions != null ) {
|
||||
newActs.addAll( newActions );
|
||||
}
|
||||
|
||||
this.requestedActions = Collections.unmodifiableSet(newActs);
|
||||
}
|
||||
|
||||
/** require all RequestedActions on this and the ones in newActions to authorize.*/
|
||||
public Actions and(RequestedAction... newActions){
|
||||
return and(Arrays.asList( newActions));
|
||||
}
|
||||
|
||||
/** require all RequestedActions on this and the ones in newActions to authorize.*/
|
||||
public Actions and(Collection<RequestedAction> newActions){
|
||||
if( newActions == null || newActions.size() == 0)
|
||||
return this;
|
||||
else
|
||||
return new Actions( this.requestedActions, newActions);
|
||||
}
|
||||
|
||||
/** require all RequestedActions on this and the ones in newActions to authorize.*/
|
||||
public Actions and(Actions newActions){
|
||||
return new Actions( this.requestedActions, newActions.requestedActions);
|
||||
}
|
||||
|
||||
public Actions or(RequestedAction... newActions) {
|
||||
return or(Arrays.asList(newActions));
|
||||
}
|
||||
|
||||
/**
|
||||
* OR together this.requestedActions and newActions.
|
||||
*/
|
||||
public Actions or(Collection<RequestedAction> newActions) {
|
||||
RequestedAction acts;
|
||||
|
||||
if( newActions == null || newActions.size() == 0 ){
|
||||
return this;
|
||||
}
|
||||
|
||||
int thisActionCount = this.requestedActions.size();
|
||||
int newActionCount = newActions.size();
|
||||
|
||||
/* This minimizes the number of extra RequestedActions
|
||||
* that get created when there is only one in this
|
||||
* or newActions.*/
|
||||
if( thisActionCount == 1 && newActionCount == 1 ){
|
||||
return new Actions(
|
||||
new AnyRequestedAction(
|
||||
this.requestedActions.iterator().next(),
|
||||
newActions.iterator().next() ));
|
||||
}
|
||||
|
||||
if( thisActionCount == 1 && newActionCount > 1 ){
|
||||
return new Actions(
|
||||
new AnyRequestedAction(
|
||||
this.requestedActions.iterator().next(),
|
||||
new AllRequestedAction( newActions )));
|
||||
}
|
||||
|
||||
if( thisActionCount > 1 && newActionCount == 1){
|
||||
return new Actions( new AnyRequestedAction(
|
||||
new AllRequestedAction( this.requestedActions),
|
||||
newActions.iterator().next()));
|
||||
}
|
||||
|
||||
if( thisActionCount > 1 && newActionCount > 1 ){
|
||||
return new Actions(
|
||||
new AnyRequestedAction(
|
||||
new AllRequestedAction( this.requestedActions ),
|
||||
new AllRequestedAction( newActions )));
|
||||
}
|
||||
//should never be reached.
|
||||
log.error("Could not properly create disjunction");
|
||||
return null;
|
||||
}
|
||||
|
||||
public boolean isEmpty() {
|
||||
return this.requestedActions.isEmpty();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Are the RequestedAction objects for this Actions authorized
|
||||
* with the ids and policy?
|
||||
*/
|
||||
public boolean isAuthorized(PolicyIface policy, IdentifierBundle ids) {
|
||||
/* No clauses means everything is authorized */
|
||||
if (requestedActions.isEmpty()) {
|
||||
log.debug("Empty Actions is authorized");
|
||||
return true;
|
||||
}
|
||||
|
||||
/* Are all the RequestedAction object authorized? */
|
||||
List<PolicyDecision> decisions = new ArrayList<PolicyDecision>();
|
||||
for (RequestedAction action : requestedActions) {
|
||||
PolicyDecision decision = policy.isAuthorized(ids, action);
|
||||
log.debug("decision for '" + action.getClass().getSimpleName() + "' was: "
|
||||
+ decision);
|
||||
decisions.add( decision );
|
||||
}
|
||||
return areAllAuthorized( decisions );
|
||||
}
|
||||
|
||||
private boolean areAllAuthorized( List<PolicyDecision> decisions ){
|
||||
for( PolicyDecision dec : decisions){
|
||||
if( dec == null || dec.getAuthorized() != Authorization.AUTHORIZED ){
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
// /** All actions in a clause must be authorized. */
|
||||
// private static boolean isAuthorizedForClause(PolicyIface policy,
|
||||
// IdentifierBundle ids, Set<RequestedAction> clause) {
|
||||
// for (RequestedAction action : clause) {
|
||||
// if (!isAuthorizedForAction(policy, ids, action)) {
|
||||
// log.debug("not authorized");
|
||||
// return false;
|
||||
// }
|
||||
// }
|
||||
// return true;
|
||||
// }
|
||||
//
|
||||
// /** Is this action authorized? */
|
||||
// private static boolean isAuthorizedForAction(PolicyIface policy,
|
||||
// IdentifierBundle ids, RequestedAction action) {
|
||||
// PolicyDecision decision = policy.isAuthorized(ids, action);
|
||||
// log.debug("decision for '" + action.getClass().getSimpleName() + "' was: "
|
||||
// + decision);
|
||||
// return (decision != null)
|
||||
// && (decision.getAuthorized() == Authorization.AUTHORIZED);
|
||||
// }
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
StringBuffer sb = new StringBuffer("Actions[");
|
||||
Iterator<RequestedAction> it = this.requestedActions.iterator();
|
||||
while( it.hasNext() ){
|
||||
RequestedAction act = it.next();
|
||||
sb.append( act.toString() );
|
||||
if (it.hasNext()) {
|
||||
sb.append(", ");
|
||||
}
|
||||
}
|
||||
sb.append("]");
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* AND for Actions.
|
||||
* ANDing with an Action with multiple disjoint clauses is not supported.
|
||||
*
|
||||
* To do the AND, we take each ORed clause, and add all of the RequestedActions
|
||||
* so now in each of the alternative clauses, all of the singleClauseToAnd
|
||||
* RequestedActions are required.
|
||||
*
|
||||
* @throws Exception when multiple disjoint clauses are present on both Actions.
|
||||
*/
|
||||
//private void andWithAction( Actions otherAct ) throws Exception{
|
||||
// Set<RequestedAction> singleClauseToAnd;
|
||||
// List<Set<RequestedAction>> clauses;
|
||||
//
|
||||
// if( otherAct.singleAndClause() ){
|
||||
// clauses = this.requestedActions;
|
||||
// singleClauseToAnd = otherAct.requestedActions.get(0);
|
||||
// }else if( this.singleAndClause() ){
|
||||
// clauses = new ArrayList<Set<RequestedAction>>( otherAct.requestedActions );
|
||||
// singleClauseToAnd = this.requestedActions.get(0);
|
||||
// }else{
|
||||
// //both have multiple ORed clauses, give up
|
||||
// throw new Exception("ANDing with an Action with multiple disjoint clauses is not supported.");
|
||||
// }
|
||||
//
|
||||
// //
|
||||
// for( Set<RequestedAction> clause : clauses){
|
||||
// clause.addAll( singleClauseToAnd );
|
||||
// }
|
||||
// this.requestedActions = clauses;
|
||||
//}
|
||||
|
||||
// private boolean singleAndClause(){
|
||||
// return requestedActions.size() == 1;
|
||||
// }
|
||||
|
||||
// /**
|
||||
// * Nobody knows about this action class, so only the root user should be
|
||||
// * authorized for it.
|
||||
// */
|
||||
// private static class UnauthorizedAction extends RequestedAction {
|
||||
// // no members
|
||||
// }
|
||||
}
|
||||
|
|
@ -72,7 +72,7 @@ public class SparqlQueryBuilderServlet extends BaseEditController {
|
|||
throws ServletException, IOException
|
||||
{
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLEncoder;
|
||||
|
|
@ -28,8 +30,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ResourceBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LogoutRedirector;
|
||||
|
|
@ -116,9 +117,9 @@ public class VitroHttpServlet extends HttpServlet implements MultipartRequestWra
|
|||
* the RequestedActions that must be authorized.
|
||||
*/
|
||||
protected boolean isAuthorizedToDisplayPage(HttpServletRequest request,
|
||||
HttpServletResponse response, RequestedAction... actions) {
|
||||
HttpServletResponse response, AuthorizationRequest... actions) {
|
||||
return isAuthorizedToDisplayPage(request, response,
|
||||
new Actions(Arrays.asList(actions)));
|
||||
AuthorizationRequest.and(actions));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -128,9 +129,9 @@ public class VitroHttpServlet extends HttpServlet implements MultipartRequestWra
|
|||
* the combination of RequestedActions that must be authorized.
|
||||
*/
|
||||
protected boolean isAuthorizedToDisplayPage(HttpServletRequest request,
|
||||
HttpServletResponse response, Actions actions) {
|
||||
HttpServletResponse response, AuthorizationRequest actions) {
|
||||
// Record restricted pages so we won't return to them on logout
|
||||
if (!actions.isEmpty()) {
|
||||
if (actions != AUTHORIZED) {
|
||||
LogoutRedirector.recordRestrictedPageUri(request);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
|
|
@ -28,8 +28,8 @@ public class UserAccountsAdminController extends FreemarkerHttpServlet {
|
|||
private static final String ACTION_EDIT = "/edit";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_USER_ACCOUNTS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_USER_ACCOUNTS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
|
||||
|
|
@ -25,8 +25,8 @@ public class UserAccountsAjaxController extends VitroAjaxController {
|
|||
private static final String PARAMETER_ACTION = "action";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_USER_ACCOUNTS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_USER_ACCOUNTS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.AbstractPageHandler.Message;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
|
|
@ -26,8 +26,8 @@ public class ManageProxiesController extends FreemarkerHttpServlet {
|
|||
private static final String ACTION_EDIT = "/edit";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_PROXIES.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_PROXIES.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
|
||||
|
|
@ -25,8 +25,8 @@ public class ManageProxiesAjaxController extends VitroAjaxController {
|
|||
private static final String PARAMETER_ACTION = "action";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_OWN_PROXIES.ACTIONS
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.MANAGE_OWN_PROXIES.ACTION
|
||||
.or(SimplePermission.MANAGE_PROXIES.ACTION);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -204,7 +204,7 @@ public class UserAccountsMyAccountPage extends UserAccountsPage {
|
|||
|
||||
boolean isProxyPanelAuthorized() {
|
||||
return PolicyHelper.isAuthorizedForActions(vreq,
|
||||
SimplePermission.MANAGE_OWN_PROXIES.ACTIONS)
|
||||
SimplePermission.MANAGE_OWN_PROXIES.ACTION)
|
||||
&& (getProfilePage(userAccount) != null);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.accounts.user;
|
||||
|
||||
import static edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource.EXTERNAL;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
|
|
@ -10,7 +11,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -35,13 +36,13 @@ public class UserAccountsUserController extends FreemarkerHttpServlet {
|
|||
private static final String ACTION_FIRST_TIME_EXTERNAL = "/firstTimeExternal";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
String action = vreq.getPathInfo();
|
||||
|
||||
if (ACTION_MY_ACCOUNT.equals(action)) {
|
||||
return SimplePermission.EDIT_OWN_ACCOUNT.ACTIONS;
|
||||
return SimplePermission.EDIT_OWN_ACCOUNT.ACTION;
|
||||
} else {
|
||||
return Actions.AUTHORIZED;
|
||||
return AUTHORIZED;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.AbstractPageHandler;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
|
||||
|
|
@ -31,8 +31,8 @@ public class RestrictLoginsController extends FreemarkerHttpServlet {
|
|||
public static final String MESSAGE_ALREADY_OPEN = "messageAlreadyOpen";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.LOGIN_DURING_MAINTENANCE.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.LOGIN_DURING_MAINTENANCE.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.admin;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction.SOME_PREDICATE;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction.SOME_URI;
|
||||
|
||||
|
|
@ -21,7 +22,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasAssociatedIndividual;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
|
||||
|
|
@ -38,8 +39,8 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
|
|||
public class ShowAuthController extends FreemarkerHttpServlet {
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return Actions.AUTHORIZED;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return AUTHORIZED;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import java.util.SortedMap;
|
|||
import java.util.TreeMap;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
|
|
@ -21,8 +21,8 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
|
|||
*/
|
||||
public class ShowConfiguration extends FreemarkerHttpServlet {
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.SEE_CONFIGURATION.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.SEE_CONFIGURATION.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
|||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.api.sparqlquery.InvalidQueryTypeException;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.api.sparqlquery.ResultSetMediaType;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.api.sparqlquery.SparqlQueryApiExecutor;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
|
||||
|
|
@ -92,7 +91,7 @@ public class SparqlQueryController extends FreemarkerHttpServlet {
|
|||
public void doGet(HttpServletRequest req, HttpServletResponse resp)
|
||||
throws IOException, ServletException {
|
||||
if (!isAuthorizedToDisplayPage(req, resp,
|
||||
SimplePermission.USE_SPARQL_QUERY_PAGE.ACTIONS)) {
|
||||
SimplePermission.USE_SPARQL_QUERY_PAGE.ACTION)) {
|
||||
return;
|
||||
}
|
||||
if (req.getParameterMap().containsKey("query")) {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
|
|
@ -19,8 +19,8 @@ import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus;
|
|||
public class StartupStatusController extends FreemarkerHttpServlet {
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.SEE_STARTUP_STATUS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.SEE_STARTUP_STATUS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ import com.hp.hpl.jena.query.Query;
|
|||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.SparqlUtils.AjaxControllerException;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess;
|
||||
|
|
@ -40,12 +40,12 @@ public class SparqlQueryAjaxController extends VitroAjaxController {
|
|||
public static final String OPTION_MODEL_USER_ACCOUNTS = "userAccounts";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
String modelParam = getModelParam(vreq);
|
||||
if (OPTION_MODEL_USER_ACCOUNTS.equals(modelParam)) {
|
||||
return SimplePermission.QUERY_USER_ACCOUNTS_MODEL.ACTIONS;
|
||||
return SimplePermission.QUERY_USER_ACCOUNTS_MODEL.ACTION;
|
||||
} else {
|
||||
return SimplePermission.QUERY_FULL_MODEL.ACTIONS;
|
||||
return SimplePermission.QUERY_FULL_MODEL.ACTION;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,11 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.ajax;
|
||||
|
||||
import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
|
||||
import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
|
|
@ -26,11 +23,6 @@ import com.hp.hpl.jena.query.ResultSetFormatter;
|
|||
import com.hp.hpl.jena.query.Syntax;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.OntModelSelector;
|
||||
|
||||
/**
|
||||
* Handle an AJAX request for a SPARQL query. On entry, the "query" parameter
|
||||
* contains the query string.
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.ajax;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.util.Map;
|
||||
|
|
@ -15,7 +17,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.freemarker.config.FreemarkerConfiguration;
|
||||
import freemarker.template.Configuration;
|
||||
|
|
@ -65,8 +67,8 @@ public abstract class VitroAjaxController extends HttpServlet {
|
|||
* In some cases, the choice of actions will depend on the contents of the request.
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return Actions.AUTHORIZED;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return AUTHORIZED;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ import javax.servlet.http.HttpServletResponse;
|
|||
import com.hp.hpl.jena.query.QueryParseException;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.api.sparqlquery.InvalidQueryTypeException;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.api.sparqlquery.SparqlQueryApiExecutor;
|
||||
import edu.cornell.mannlib.vitro.webapp.rdfservice.RDFService;
|
||||
|
|
@ -42,7 +42,7 @@ import edu.cornell.mannlib.vitro.webapp.utils.http.NotAcceptableException;
|
|||
*/
|
||||
public class SparqlQueryApiController extends VitroApiServlet {
|
||||
|
||||
private static final Actions REQUIRED_ACTIONS = SimplePermission.USE_SPARQL_QUERY_API.ACTIONS;
|
||||
private static final AuthorizationRequest REQUIRED_ACTIONS = SimplePermission.USE_SPARQL_QUERY_API.ACTION;
|
||||
|
||||
@Override
|
||||
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ import com.hp.hpl.jena.update.UpdateFactory;
|
|||
import com.hp.hpl.jena.update.UpdateRequest;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.RDFServiceDataset;
|
||||
import edu.cornell.mannlib.vitro.webapp.search.indexing.IndexBuilder;
|
||||
|
|
@ -50,7 +50,7 @@ public class SparqlUpdateApiController extends VitroApiServlet {
|
|||
private static final Log log = LogFactory
|
||||
.getLog(SparqlUpdateApiController.class);
|
||||
|
||||
private static final Actions REQUIRED_ACTIONS = SimplePermission.USE_SPARQL_UPDATE_API.ACTIONS;
|
||||
private static final AuthorizationRequest REQUIRED_ACTIONS = SimplePermission.USE_SPARQL_UPDATE_API.ACTION;
|
||||
|
||||
@Override
|
||||
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
|
||||
|
||||
|
|
@ -36,7 +36,7 @@ public class VitroApiServlet extends HttpServlet {
|
|||
* them for this action, throw an AuthException.
|
||||
*/
|
||||
protected void confirmAuthorization(HttpServletRequest req,
|
||||
Actions requiredActions) throws AuthException {
|
||||
AuthorizationRequest requiredActions) throws AuthException {
|
||||
String email = req.getParameter("email");
|
||||
String password = req.getParameter("password");
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
|
||||
|
||||
import static edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource.INTERNAL;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.UserAccount.MAX_PASSWORD_LENGTH;
|
||||
import static edu.cornell.mannlib.vitro.webapp.beans.UserAccount.MIN_PASSWORD_LENGTH;
|
||||
|
||||
|
|
@ -12,7 +13,7 @@ import java.util.Map;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator.LoginNotPermitted;
|
||||
|
|
@ -53,8 +54,8 @@ public class AdminLoginController extends FreemarkerHttpServlet {
|
|||
private static final String MESSAGE_NEW_PASSWORD_MATCHES_OLD = "errorNewPasswordMatchesOld";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return Actions.AUTHORIZED; // No requirements to use this page.
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return AUTHORIZED; // No requirements to use this page.
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ public class LoginRedirector {
|
|||
|
||||
private boolean canSeeSiteAdminPage() {
|
||||
return PolicyHelper.isAuthorizedForActions(request,
|
||||
SimplePermission.SEE_SITE_ADMIN_PAGE.ACTIONS);
|
||||
SimplePermission.SEE_SITE_ADMIN_PAGE.ACTION);
|
||||
}
|
||||
|
||||
private boolean isLoginPage(String page) {
|
||||
|
|
|
|||
|
|
@ -7,15 +7,11 @@ import java.util.List;
|
|||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
|
|
@ -58,7 +54,7 @@ public class RestrictedAuthenticator extends Authenticator {
|
|||
|
||||
return PolicyHelper.isAuthorizedForActions(ids,
|
||||
ServletPolicyList.getPolicies(req),
|
||||
SimplePermission.LOGIN_DURING_MAINTENANCE.ACTIONS);
|
||||
SimplePermission.LOGIN_DURING_MAINTENANCE.ACTION);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ public class ApplicationBeanRetryController extends BaseEditController {
|
|||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.EDIT_SITE_INFORMATION.ACTIONS)) {
|
||||
SimplePermission.EDIT_SITE_INFORMATION.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ public class Classes2ClassesOperationController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(Classes2ClassesOperationController.class.getName());
|
||||
|
||||
public void doGet(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ public class Classes2ClassesRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(Classes2ClassesRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ public class ClassgroupRetryController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ public class DataPropertyStatementRetryController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ public class DatapropEditController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(DatapropEditController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -36,7 +36,6 @@ import edu.cornell.mannlib.vitro.webapp.dao.DataPropertyDao;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
|
||||
|
|
@ -46,7 +45,7 @@ public class DatapropRetryController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ public class DatatypeRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(DatatypeRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ public class EntityEditController extends BaseEditController {
|
|||
|
||||
public void doGet (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ public class EntityRetryController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ public class IndividualTypeOperationController extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,17 +2,11 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
|
|
@ -42,7 +36,7 @@ public class IndividualTypeRetryController extends BaseEditController {
|
|||
|
||||
public void doGet (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ public class NamespacePrefixOperationController extends BaseEditController {
|
|||
|
||||
public void doPost(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ public class NamespacePrefixRetryController extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,9 +2,6 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
|
|
@ -42,7 +39,7 @@ public class ObjectPropertyStatementRetryController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ public class OntologyEditController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ public class OntologyRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(OntologyRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
|
|
@ -23,8 +23,8 @@ public class PrimitiveDelete extends VitroAjaxController {
|
|||
private static final Log log = LogFactory.getLog(PrimitiveDelete.class);
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ import com.hp.hpl.jena.rdf.model.Model;
|
|||
import com.hp.hpl.jena.shared.Lock;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.DependentResourceDeleteJena;
|
||||
|
|
@ -34,8 +34,8 @@ public class PrimitiveRdfEdit extends VitroAjaxController {
|
|||
|
||||
//Using the same setup as primitive delete
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ public class Properties2PropertiesOperationController extends
|
|||
private static final boolean REMOVE = true;
|
||||
|
||||
public void doPost(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.ListIterator;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -34,7 +28,7 @@ public class Properties2PropertiesRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(Properties2PropertiesRetryController.class.getName());
|
||||
|
||||
public void doGet (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ public class PropertyEditController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ public class PropertyGroupRetryController extends BaseEditController {
|
|||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -4,14 +4,10 @@ package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.net.URLEncoder;
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.ListIterator;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -48,7 +44,7 @@ public class PropertyRetryController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -453,7 +453,7 @@ public class RefactorOperationController extends BaseEditController {
|
|||
}
|
||||
|
||||
public void doPost(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,9 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.ListIterator;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -102,7 +97,7 @@ public class RefactorRetryController extends BaseEditController {
|
|||
}
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ import com.hp.hpl.jena.rdf.model.ResourceFactory;
|
|||
import com.hp.hpl.jena.shared.Lock;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
|
|
@ -45,8 +45,8 @@ public class ReorderController extends VitroAjaxController {
|
|||
private static String INDIVIDUAL_PREDICATE_PARAMETER_NAME = "individuals";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ import com.hp.hpl.jena.rdf.model.Model;
|
|||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Resource;
|
||||
import com.hp.hpl.jena.shared.Lock;
|
||||
import com.hp.hpl.jena.vocabulary.DAML_OIL;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.EditProcessObject;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
|
|
@ -38,7 +37,7 @@ public class RestrictionOperationController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(RestrictionOperationController.class.getName());
|
||||
|
||||
public void doPost(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ import edu.cornell.mannlib.vedit.beans.Option;
|
|||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ResourceBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
|
|
@ -37,7 +36,7 @@ public class RestrictionRetryController extends BaseEditController {
|
|||
private static final boolean OBJECT = false;
|
||||
|
||||
public void doGet(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import edu.cornell.mannlib.vedit.beans.EditProcessObject;
|
|||
import edu.cornell.mannlib.vedit.beans.FormObject;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
|
|
@ -28,7 +29,6 @@ import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
|
||||
public class VclassEditController extends BaseEditController {
|
||||
|
||||
|
|
@ -36,7 +36,7 @@ public class VclassEditController extends BaseEditController {
|
|||
private static final int NUM_COLS = 14;
|
||||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ public class VclassRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(VclassRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ public class AllClassGroupsListingController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
|||
public class DataPropertyStatementListingController extends BaseEditController {
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ public class IndividualsListingController extends BaseEditController {
|
|||
//private static final int MAX_INDIVIDUALS = 50;
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ public class ObjectPropertyStatementListingController extends
|
|||
BaseEditController {
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ public class OntologiesListingController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ public class PropertyGroupsListingController extends BaseEditController {
|
|||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,9 +3,7 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.edit.listing;
|
||||
|
||||
import java.net.URLEncoder;
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Comparator;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -16,7 +14,6 @@ import javax.servlet.http.HttpServletResponse;
|
|||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -28,7 +25,7 @@ public class VClassWebappWithInstancesListingController extends BaseEditControll
|
|||
private int NUM_COLS = 6;
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ public class NamespacesListingController extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ public class RestrictionsListingController extends BaseEditController {
|
|||
private EditProcessObject epo = null;
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ import edu.cornell.mannlib.vedit.beans.Option;
|
|||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
|
||||
|
|
@ -34,10 +34,10 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
private static final Log log = LogFactory.getLog(BaseSiteAdminController.class);
|
||||
protected static final String TEMPLATE_DEFAULT = "siteAdmin-main.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = SimplePermission.SEE_SITE_ADMIN_PAGE.ACTIONS;
|
||||
public static final AuthorizationRequest REQUIRED_ACTIONS = SimplePermission.SEE_SITE_ADMIN_PAGE.ACTION;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
|
|
@ -64,7 +64,7 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
|
||||
Map<String, String> urls = new HashMap<String, String>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
urls.put("recomputeInferences", UrlBuilder.getUrl("/RecomputeInferences"));
|
||||
}
|
||||
|
||||
|
|
@ -72,11 +72,11 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
urls.put("rebuildSearchIndex", UrlBuilder.getUrl("/SearchIndex"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.LOGIN_DURING_MAINTENANCE.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.LOGIN_DURING_MAINTENANCE.ACTION)) {
|
||||
urls.put("restrictLogins", UrlBuilder.getUrl("/admin/restrictLogins"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.ENABLE_DEVELOPER_PANEL.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.ENABLE_DEVELOPER_PANEL.ACTION)) {
|
||||
urls.put("activateDeveloperPanel", "javascript:new DeveloperPanel(developerAjaxUrl).setupDeveloperPanel({developer_enabled: true});");
|
||||
}
|
||||
|
||||
|
|
@ -88,7 +88,7 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTION)) {
|
||||
|
||||
map.put("formAction", UrlBuilder.getUrl("/editRequestDispatch"));
|
||||
|
||||
|
|
@ -125,27 +125,27 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
|
||||
Map<String, Object> data = new HashMap<String, Object>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_USER_ACCOUNTS.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_USER_ACCOUNTS.ACTION)) {
|
||||
data.put("userAccounts", UrlBuilder.getUrl("/accountsAdmin"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_PROXIES.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_PROXIES.ACTION)) {
|
||||
data.put("manageProxies", UrlBuilder.getUrl("/manageProxies"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_SITE_INFORMATION.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_SITE_INFORMATION.ACTION)) {
|
||||
data.put("siteInfo", UrlBuilder.getUrl("/editForm", "controller", "ApplicationBean"));
|
||||
}
|
||||
|
||||
//TODO: Add specific permissions for page management
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_MENUS.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.MANAGE_MENUS.ACTION)) {
|
||||
data.put("menuManagement", UrlBuilder.getUrl("/individual",
|
||||
"uri", "http://vitro.mannlib.cornell.edu/ontologies/display/1.1#DefaultMenu",
|
||||
"switchToDisplayModel", "true"));
|
||||
data.put("pageManagement", UrlBuilder.getUrl("/pageList"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.SEE_STARTUP_STATUS.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.SEE_STARTUP_STATUS.ACTION)) {
|
||||
data.put("startupStatus", UrlBuilder.getUrl("/startupStatus"));
|
||||
data.put("startupStatusAlert", !StartupStatus.getBean(getServletContext()).allClear());
|
||||
}
|
||||
|
|
@ -157,7 +157,7 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
|
||||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_ONTOLOGY.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_ONTOLOGY.ACTION)) {
|
||||
|
||||
String pelletError = null;
|
||||
String pelletExplanation = null;
|
||||
|
|
@ -199,13 +199,13 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
|
||||
Map<String, String> urls = new HashMap<String, String>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
urls.put("ingest", UrlBuilder.getUrl("/ingest"));
|
||||
urls.put("rdfData", UrlBuilder.getUrl("/uploadRDFForm"));
|
||||
urls.put("rdfExport", UrlBuilder.getUrl("/export"));
|
||||
urls.put("sparqlQueryBuilder", UrlBuilder.getUrl("/admin/sparqlquerybuilder"));
|
||||
}
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_SPARQL_QUERY_PAGE.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_SPARQL_QUERY_PAGE.ACTION)) {
|
||||
urls.put("sparqlQuery", UrlBuilder.getUrl("/admin/sparqlquery"));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
|
|
@ -20,7 +20,6 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Red
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess.FactoryID;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.EditConfigurationUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.N3EditUtils;
|
||||
|
|
@ -33,8 +32,8 @@ public class DeletePropertyController extends FreemarkerHttpServlet {
|
|||
private static final Log log = LogFactory.getLog(DeletePropertyController.class);
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS ;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION ;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||
|
||||
import static javax.mail.Message.RecipientType.*;
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.AUTHORIZED;
|
||||
import static javax.mail.Message.RecipientType.TO;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
|
|
@ -27,7 +28,7 @@ import com.github.jsonldjava.utils.JSONUtils;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
|
||||
|
|
@ -43,7 +44,6 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
|
|||
import edu.cornell.mannlib.vitro.webapp.email.FreemarkerEmailFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.email.FreemarkerEmailMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.freemarker.config.FreemarkerConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.rdfservice.RDFServiceException;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.Tags;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.User;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.menu.MainMenu;
|
||||
|
|
@ -169,7 +169,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
boolean sentEmail = false;
|
||||
|
||||
// If the user is authorized, display the error data on the page
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
templateMap.put("adminErrorData", adminErrorData);
|
||||
|
||||
// Else send the data to the site administrator
|
||||
|
|
@ -211,8 +211,8 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
* REQUIRED_ACTIONS which is overridden in the subclass.
|
||||
*
|
||||
*/
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return Actions.AUTHORIZED;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return AUTHORIZED;
|
||||
}
|
||||
|
||||
// Subclasses will override
|
||||
|
|
@ -374,7 +374,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
requestUrls.put("currentPage", getCurrentPageUrl(vreq));
|
||||
requestUrls.put("referringPage", getReferringPageUrl(vreq));
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_OWN_ACCOUNT.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_OWN_ACCOUNT.ACTION)) {
|
||||
requestUrls.put("myAccount", UrlBuilder.getUrl("/accounts/myAccount"));
|
||||
}
|
||||
} catch (TemplateModelException e) {
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||
|
||||
import static edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest.UNAUTHORIZED;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.UnavailableException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -10,7 +12,7 @@ import org.apache.commons.fileupload.FileItem;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
|
||||
|
|
@ -150,7 +152,7 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
* The required action depends on what we are trying to do.
|
||||
*/
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
try {
|
||||
String action = vreq.getParameter(PARAMETER_ACTION);
|
||||
Individual entity = validateEntityUri(vreq);
|
||||
|
|
@ -174,9 +176,9 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
entity.getURI(), indMainImage,
|
||||
RequestedAction.SOME_URI);
|
||||
}
|
||||
return new Actions(ra);
|
||||
return ra;
|
||||
} catch (UserMistakeException e) {
|
||||
return Actions.UNAUTHORIZED;
|
||||
return UNAUTHORIZED;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -31,8 +31,8 @@ public class ListClassGroupsController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "siteAdmin-classHierarchy.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
|||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
|
|
@ -17,10 +16,9 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -39,8 +37,8 @@ public class ListDatatypePropertiesController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "siteAdmin-objectPropHierarchy.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
|
|
@ -33,8 +33,8 @@ public class ListPropertyGroupsController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "siteAdmin-objectPropHierarchy.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
|
|
@ -40,8 +40,8 @@ public class ListPropertyWebappsController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "siteAdmin-objectPropHierarchy.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||
|
||||
import java.net.URLEncoder;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
|
@ -15,7 +14,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
|
|
@ -36,8 +35,8 @@ public class ListVClassWebappsController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "siteAdmin-classHierarchy.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -2,15 +2,8 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Enumeration;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
|
@ -18,18 +11,14 @@ import org.apache.commons.logging.LogFactory;
|
|||
import com.hp.hpl.jena.query.QuerySolution;
|
||||
import com.hp.hpl.jena.query.ResultSet;
|
||||
import com.hp.hpl.jena.rdf.model.Literal;
|
||||
import com.hp.hpl.jena.rdf.model.RDFNode;
|
||||
import com.hp.hpl.jena.datatypes.RDFDatatype ;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.QueryUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
|
||||
public class ManageLabelsForIndividualController extends FreemarkerHttpServlet {
|
||||
|
|
@ -38,8 +27,8 @@ public class ManageLabelsForIndividualController extends FreemarkerHttpServlet {
|
|||
private static final String TEMPLATE_NAME = "manageLabelsForIndividual.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.RevisionInfoBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
|
|
@ -19,10 +19,10 @@ public class RevisionInfoController extends FreemarkerHttpServlet {
|
|||
private static final long serialVersionUID = 1L;
|
||||
private static final String TEMPLATE_DEFAULT = "revisionInfo.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = SimplePermission.SEE_REVISION_INFO.ACTIONS;
|
||||
public static final AuthorizationRequest REQUIRED_ACTIONS = SimplePermission.SEE_REVISION_INFO.ACTION;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
|||
|
||||
import java.net.URLEncoder;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedList;
|
||||
|
|
@ -19,7 +18,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
import com.hp.hpl.jena.vocabulary.OWL;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
|
|
@ -44,8 +43,8 @@ public class ShowClassHierarchyController extends FreemarkerHttpServlet {
|
|||
private int previous_posn = 0;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -2,10 +2,7 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedList;
|
||||
|
|
@ -18,10 +15,9 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -50,8 +46,8 @@ public class ShowDataPropertyHierarchyController extends FreemarkerHttpServlet {
|
|||
private int previous_posn = 0;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
|
|
@ -47,8 +47,8 @@ public class ShowObjectPropertyHierarchyController extends FreemarkerHttpServlet
|
|||
private int previous_posn = 0;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.EDIT_ONTOLOGY.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ExceptionResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
|
|
@ -26,8 +26,8 @@ public class SimpleReasonerRecomputeController extends FreemarkerHttpServlet {
|
|||
private static final String RECOMPUTE_INFERENCES_FTL = "recomputeInferences.ftl";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION;
|
||||
}
|
||||
|
||||
protected ResponseValues processRequest(VitroRequest vreq) {
|
||||
|
|
|
|||
|
|
@ -3,12 +3,8 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.controller.individual;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.lang.Integer;
|
||||
import java.lang.String;
|
||||
import java.sql.SQLException;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
|
|
@ -29,15 +25,14 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Res
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.QueryUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.QueryUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.i18n.selection.SelectedLocale;
|
||||
import edu.cornell.mannlib.vitro.webapp.utils.dataGetter.ExecuteDataRetrieval;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.beanswrappers.ReadOnlyBeansWrapper;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual.IndividualTemplateModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.individuallist.ListedIndividual;
|
||||
import edu.ucsf.vitro.opensocial.OpenSocialManager;
|
||||
import freemarker.ext.beans.BeansWrapper;
|
||||
import freemarker.template.TemplateModel;
|
||||
|
|
@ -191,7 +186,7 @@ class IndividualResponseBuilder {
|
|||
private Map<String, Object> getVerbosePropertyValues() {
|
||||
Map<String, Object> map = null;
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.SEE_VERBOSE_PROPERTY_INFORMATION.ACTIONS)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.SEE_VERBOSE_PROPERTY_INFORMATION.ACTION)) {
|
||||
// Get current verbose property display value
|
||||
String verbose = vreq.getParameter("verbose");
|
||||
Boolean verboseValue;
|
||||
|
|
|
|||
|
|
@ -237,7 +237,7 @@ public class JenaAdminActions extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTIONS)) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, SimplePermission.USE_MISCELLANEOUS_ADMIN_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ public class JenaCsv2RdfController extends JenaIngestController {
|
|||
public void doPost(HttpServletRequest rawRequest,
|
||||
HttpServletResponse response) throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(rawRequest, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ import com.hp.hpl.jena.shared.Lock;
|
|||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ModelAccess;
|
||||
|
|
@ -39,7 +39,7 @@ import edu.cornell.mannlib.vitro.webapp.servlet.setup.JenaDataSourceSetupBase;
|
|||
import edu.cornell.mannlib.vitro.webapp.utils.jena.JenaOutputUtils;
|
||||
|
||||
public class JenaExportController extends BaseEditController {
|
||||
private static final Actions REQUIRED_ACTIONS = SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS
|
||||
private static final AuthorizationRequest REQUIRED_ACTIONS = SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION
|
||||
.or(SimplePermission.EDIT_ONTOLOGY.ACTION);
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -127,7 +127,7 @@ public class JenaIngestController extends BaseEditController {
|
|||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ public class JenaXMLFileUpload extends JenaIngestController {
|
|||
}
|
||||
|
||||
if (!isAuthorizedToDisplayPage(request, resp,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -162,7 +162,7 @@ public class JenaXMLFileUpload extends JenaIngestController {
|
|||
public void doGet(HttpServletRequest request,
|
||||
HttpServletResponse response) throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -68,7 +68,7 @@ public class RDFUploadController extends JenaIngestController {
|
|||
public void doPost(HttpServletRequest req,
|
||||
HttpServletResponse response) throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ public class RDFUploadFormController extends BaseEditController {
|
|||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_ADVANCED_DATA_TOOLS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ import com.hp.hpl.jena.rdf.model.Literal;
|
|||
import com.hp.hpl.jena.vocabulary.RDFS;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
|
|
@ -277,7 +276,7 @@ public class ManageLabelsForIndividualGenerator extends BaseEditConfigurationGen
|
|||
AddObjectPropertyStatement aops = new AddObjectPropertyStatement(
|
||||
vreq.getJenaOntModel(), individual.getURI(),
|
||||
SOME_PREDICATE, SOME_URI);
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, new Actions(adps).or(aops));
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, adps.or(aops));
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.EditConfigurationVTwo;
|
||||
|
|
@ -35,8 +35,8 @@ public class EditRequestAJAXController extends VitroHttpServlet {
|
|||
public static Log log = LogFactory.getLog(EditRequestDispatchController.class);
|
||||
|
||||
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
import com.hp.hpl.jena.vocabulary.RDFS;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
|
|
@ -58,8 +58,8 @@ public class EditRequestDispatchController extends FreemarkerHttpServlet {
|
|||
final String DEFAULT_DELETE_FORM = "edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.generators.DefaultDeleteGenerator";
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
|
||||
|
|
@ -32,8 +32,8 @@ public class PostEditCleanupController extends FreemarkerHttpServlet{
|
|||
private static Log log = LogFactory.getLog(PostEditCleanupController.class);
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -12,14 +12,13 @@ import org.apache.commons.lang.StringUtils;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.rdf.model.Literal;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
import com.hp.hpl.jena.rdf.model.ResourceFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -52,8 +51,8 @@ public class ProcessRdfFormController extends FreemarkerHttpServlet{
|
|||
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -43,9 +43,9 @@ public class ModelSwitcher {
|
|||
*/
|
||||
public static boolean authorizedForSpecialModel(HttpServletRequest req) {
|
||||
if (isParameterPresent(req, SWITCH_TO_DISPLAY_MODEL)) {
|
||||
return PolicyHelper.isAuthorizedForActions(req, SimplePermission.MANAGE_MENUS.ACTIONS);
|
||||
return PolicyHelper.isAuthorizedForActions(req, SimplePermission.MANAGE_MENUS.ACTION);
|
||||
} else if (anyOtherSpecialProperties(req)){
|
||||
return PolicyHelper.isAuthorizedForActions(req, SimplePermission.ACCESS_SPECIAL_DATA_MODELS.ACTIONS);
|
||||
return PolicyHelper.isAuthorizedForActions(req, SimplePermission.ACCESS_SPECIAL_DATA_MODELS.ACTION);
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ import org.json.JSONObject;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.application.ApplicationUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.modules.searchEngine.SearchEngine;
|
||||
|
|
@ -54,8 +54,8 @@ public class AutocompleteController extends VitroAjaxController {
|
|||
public static final int MAX_QUERY_LENGTH = 500;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ import com.hp.hpl.jena.rdf.model.Literal;
|
|||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.SparqlUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.SparqlUtils.AjaxControllerException;
|
||||
|
|
@ -54,9 +54,9 @@ public class DataAutocompleteController extends VitroAjaxController {
|
|||
public static final int MAX_QUERY_LENGTH = 500;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
//used to be basic vitro ajax permission but need to query full model
|
||||
return SimplePermission.QUERY_FULL_MODEL.ACTIONS;
|
||||
return SimplePermission.QUERY_FULL_MODEL.ACTION;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -18,7 +18,8 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.application.ApplicationUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
|
||||
|
|
@ -82,10 +83,10 @@ public class IndexController extends FreemarkerHttpServlet {
|
|||
private static final String PAGE_URL = "/SearchIndex";
|
||||
private static final String TEMPLATE_NAME = "searchIndex.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = SimplePermission.MANAGE_SEARCH_INDEX.ACTIONS;
|
||||
public static final RequestedAction REQUIRED_ACTIONS = SimplePermission.MANAGE_SEARCH_INDEX.ACTION;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
protected AuthorizationRequest requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ public class SearchServiceController extends FreemarkerHttpServlet {
|
|||
}
|
||||
// For other functions, your credentials must have moxie.
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, email, pw,
|
||||
SimplePermission.MANAGE_SEARCH_INDEX.ACTIONS)) {
|
||||
SimplePermission.MANAGE_SEARCH_INDEX.ACTION)) {
|
||||
return;
|
||||
}
|
||||
// Otherwise, you can't do this.
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ public class GetAllClasses extends BaseEditController {
|
|||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@ package edu.cornell.mannlib.vitro.webapp.sparql;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.text.Collator;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -58,7 +57,7 @@ public class GetAllPrefix extends BaseEditController {
|
|||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTION)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Reference in a new issue