NIHVIVO-1232 Create InformationResourceEditingPolicySetup, add to web.xml, and modify EditProhibitionListener to keep it current.

webapp/config/web.xml

@@ -136,6 +136,11 @@
 		</listener-class>
 	</listener>  -->
 
+<!--  -->    
+  <listener>
+    <listener-class> edu.cornell.mannlib.vitro.webapp.auth.policy.setup.InformationResourceEditingPolicySetup</listener-class>
+  </listener> --> 
+    
     <listener>
         <listener-class>
             edu.cornell.mannlib.vitro.webapp.auth.identifier.UserToIndIdentifierFactorySetup

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/InformationResourceEditingPolicySetup.java

@@ -0,0 +1,96 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.policy.setup;
+
+import java.util.EnumSet;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import com.hp.hpl.jena.ontology.OntModel;
+import com.hp.hpl.jena.rdf.model.ResIterator;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.rdf.model.ResourceFactory;
+
+import edu.cornell.mannlib.vitro.webapp.auth.policy.AdministrativeUriRestrictor;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.InformationResourceEditingPolicy;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
+import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean;
+import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
+
+/**
+ * Set up the InformationResourceEditingPolicy. This is tied to the SelfEditor
+ * identifier, but has enough of its own logic to merit its own policy class.
+ */
+public class InformationResourceEditingPolicySetup implements
+		ServletContextListener {
+	private static final Log log = LogFactory
+			.getLog(InformationResourceEditingPolicySetup.class);
+
+	@Override
+	public void contextInitialized(ServletContextEvent sce) {
+		try {
+			log.debug("Setting up InformationResourceEditingPolicy");
+
+			OntModel model = (OntModel) sce.getServletContext().getAttribute(
+					"jenaOntModel");
+			replacePolicy(sce.getServletContext(), model);
+
+			log.debug("InformationResourceEditingPolicy has been setup. ");
+		} catch (Exception e) {
+			log.error("could not run SelfEditingPolicySetup: " + e);
+			e.printStackTrace();
+		}
+	}
+
+	public static InformationResourceEditingPolicy makePolicyFromModel(
+			OntModel model) {
+		InformationResourceEditingPolicy policy = null;
+		if (model == null)
+			policy = new InformationResourceEditingPolicy(null,
+					new AdministrativeUriRestrictor(null, null, null, null));
+		else {
+			Set<String> prohibitedProps = new HashSet<String>();
+
+			// need to iterate through one level higher than SELF (the lowest
+			// level where restrictions make sense) plus all higher levels
+			for (BaseResourceBean.RoleLevel e : EnumSet.range(
+					BaseResourceBean.RoleLevel.EDITOR,
+					BaseResourceBean.RoleLevel.NOBODY)) {
+				ResIterator it = model
+						.listSubjectsWithProperty(
+								model.createProperty(VitroVocabulary.PROHIBITED_FROM_UPDATE_BELOW_ROLE_LEVEL_ANNOT),
+								ResourceFactory.createResource(e.getURI()));
+				while (it.hasNext()) {
+					Resource resource = it.nextResource();
+					if (resource != null && resource.getURI() != null) {
+						log.debug("adding '"
+								+ resource.getURI()
+								+ "' to properties prohibited from information resource editing ("
+								+ e.getLabel() + ")");
+						prohibitedProps.add(resource.getURI());
+					}
+				}
+			}
+			policy = new InformationResourceEditingPolicy(model,
+					new AdministrativeUriRestrictor(prohibitedProps, null, null, null));
+		}
+		return policy;
+	}
+
+	public static void replacePolicy(ServletContext sc, OntModel model) {
+		ServletPolicyList.replacePolicy(sc, makePolicyFromModel(model));
+	}
+
+	@Override
+	public void contextDestroyed(ServletContextEvent sce) {
+		// Nothing to do.
+	}
+
+}

webapp/src/edu/cornell/mannlib/vitro/webapp/edit/listener/impl/EditProhibitionListener.java

@@ -14,6 +14,7 @@ import edu.cornell.mannlib.vedit.listener.ChangeListener;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.setup.CuratorEditingPolicySetup;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.setup.DbAdminEditingPolicySetup;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.setup.EditorEditingPolicySetup;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.setup.InformationResourceEditingPolicySetup;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.setup.SelfEditingPolicySetup;
 import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean;
 import edu.cornell.mannlib.vitro.webapp.beans.Property;
@@ -35,6 +36,7 @@ public class EditProhibitionListener implements ChangeListener {
             // do you want to do something more selective, such as seeing whether only certain policies are affected?
             // But, some (lower) will be affected if higher levels change (or will they if the object has been deleted?)
             SelfEditingPolicySetup.replaceSelfEditing(context,model);
+            InformationResourceEditingPolicySetup.replacePolicy(context,model);
             EditorEditingPolicySetup.replaceEditorEditing(context,model);
             CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
             DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);
@@ -63,24 +65,29 @@ public class EditProhibitionListener implements ChangeListener {
             if (newRoleLevel.compareTo(BaseResourceBean.RoleLevel.SELF)==0) {
                 log.debug("replacing self editing editing policies after insertion of \"self\" update level");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
             } else if (newRoleLevel.compareTo(BaseResourceBean.RoleLevel.EDITOR)==0) {
                 log.debug("replacing editor and lower editing policies after insertion of new \"editor\" update level");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
                 EditorEditingPolicySetup.replaceEditorEditing(context,model);
             } else if (newRoleLevel.compareTo(BaseResourceBean.RoleLevel.CURATOR)==0) {
                 log.debug("replacing curator and lower editing policies after insertion of new \"curator\" update level");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
                 EditorEditingPolicySetup.replaceEditorEditing(context,model);
                 CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
             } else if (newRoleLevel.compareTo(BaseResourceBean.RoleLevel.DB_ADMIN)==0) {
                 log.debug("replacing db_admin and lower editing policies after insertion of new \"db_admin\" update level");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
                 EditorEditingPolicySetup.replaceEditorEditing(context,model);
                 CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
                 DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);
             } else if (newRoleLevel.compareTo(BaseResourceBean.RoleLevel.NOBODY)==0) {
                 log.debug("replacing db_admin and lower editing policies after insertion of new \"nobody\" update level");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
                 EditorEditingPolicySetup.replaceEditorEditing(context,model);
                 CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
                 DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);
@@ -99,6 +106,7 @@ public class EditProhibitionListener implements ChangeListener {
                 if (newRoleLevel.compareTo(oldRoleLevel)!=0) {
                     log.debug("replacing all editing policies after update when new level different from old");
                     SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                    InformationResourceEditingPolicySetup.replacePolicy(context,model);
                     EditorEditingPolicySetup.replaceEditorEditing(context,model);
                     CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
                     DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);
@@ -108,6 +116,7 @@ public class EditProhibitionListener implements ChangeListener {
             } else {
                 log.debug("replacing all editing policies after update when a role level introduced");
                 SelfEditingPolicySetup.replaceSelfEditing(context,model);
+                InformationResourceEditingPolicySetup.replacePolicy(context,model);
                 EditorEditingPolicySetup.replaceEditorEditing(context,model);
                 CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
                 DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);
@@ -115,6 +124,7 @@ public class EditProhibitionListener implements ChangeListener {
         } else if (oldRoleLevel != null) { // with fixed selections, not likely to happen
             log.debug("replacing all editing policies after update when old role level removed");
             SelfEditingPolicySetup.replaceSelfEditing(context,model);
+            InformationResourceEditingPolicySetup.replacePolicy(context,model);
             EditorEditingPolicySetup.replaceEditorEditing(context,model);
             CuratorEditingPolicySetup.replaceCuratorEditing(context,model);
             DbAdminEditingPolicySetup.replaceDbAdminEditing(context,model);