diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java
index fea9d3788..01af0ecb5 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java
@@ -2,8 +2,6 @@
package edu.cornell.mannlib.vitro.webapp.auth.policy;
-import javax.servlet.ServletContext;
-
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -15,6 +13,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
/**
@@ -40,6 +39,8 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
PolicyDecision result;
if (whatToAuth instanceof UseAdvancedDataToolsPages) {
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
+ } else if (whatToAuth instanceof UseOntologyEditorPages) {
+ result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole);
} else {
result = defaultDecision("Unrecognized action");
}
@@ -48,6 +49,7 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
return result;
}
+ /** Authorize if user's role is at least as high as the required role. */
private PolicyDecision isAuthorized(RequestedAction whatToAuth,
RoleLevel requiredRole, RoleLevel currentRole) {
if (isRoleAtLeast(requiredRole, currentRole)) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/AllClassGroupsListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/AllClassGroupsListingController.java
index f06815cf0..e9706f0c0 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/AllClassGroupsListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/AllClassGroupsListingController.java
@@ -14,6 +14,8 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
@@ -21,6 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class AllClassGroupsListingController extends BaseEditController {
private static final long serialVersionUID = 1L;
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ClassHierarchyListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ClassHierarchyListingController.java
index 460d12303..0ba5810e8 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ClassHierarchyListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ClassHierarchyListingController.java
@@ -23,6 +23,8 @@ import com.hp.hpl.jena.vocabulary.RDFS;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
@@ -36,6 +38,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroModelProperties;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.dao.jena.WebappDaoFactoryJena;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class ClassHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(ClassHierarchyListingController.class.getName());
@@ -51,9 +54,6 @@ public class ClassHierarchyListingController extends BaseEditController {
try {
- if (!checkLoginStatus(request,response))
- return;
-
try {
super.doGet(request, response);
} catch (Exception e) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/DataPropertyHierarchyListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/DataPropertyHierarchyListingController.java
index 684f9dca6..f95320d22 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/DataPropertyHierarchyListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/DataPropertyHierarchyListingController.java
@@ -21,6 +21,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
@@ -33,6 +35,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class DataPropertyHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(DataPropertyHierarchyListingController.class.getName());
@@ -50,9 +53,6 @@ public class DataPropertyHierarchyListingController extends BaseEditController {
Portal portal = vrequest.getPortal();
try {
- if (!checkLoginStatus(request,response))
- return;
-
try {
super.doGet(request, response);
} catch (Exception e) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ObjectPropertyHierarchyListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ObjectPropertyHierarchyListingController.java
index 26fa49c91..68046ebd5 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ObjectPropertyHierarchyListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ObjectPropertyHierarchyListingController.java
@@ -22,6 +22,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
@@ -32,6 +34,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class ObjectPropertyHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(ObjectPropertyHierarchyListingController.class.getName());
@@ -48,9 +51,6 @@ public class ObjectPropertyHierarchyListingController extends BaseEditController
Portal portal = vrequest.getPortal();
try {
- if (!checkLoginStatus(request,response))
- return;
-
try {
super.doGet(request, response);
} catch (Exception e) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/OntologiesListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/OntologiesListingController.java
index 94ae467f2..7239d340e 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/OntologiesListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/OntologiesListingController.java
@@ -11,12 +11,15 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class OntologiesListingController extends BaseEditController {
@Override
@@ -24,9 +27,6 @@ public class OntologiesListingController extends BaseEditController {
VitroRequest vrequest = new VitroRequest(request);
Portal portal = vrequest.getPortal();
- if(!checkLoginStatus(request,response))
- return;
-
try {
super.doGet(request, response);
} catch (Throwable t) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/PropertyGroupsListingController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/PropertyGroupsListingController.java
index 41916f2eb..51a3feae8 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/PropertyGroupsListingController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/PropertyGroupsListingController.java
@@ -14,23 +14,22 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.Property;
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
-import edu.cornell.mannlib.vitro.webapp.beans.VClass;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
+@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class PropertyGroupsListingController extends BaseEditController {
public void doGet(HttpServletRequest request, HttpServletResponse response) {
- if(!checkLoginStatus(request,response))
- return;
-
try {
super.doGet(request, response);
} catch (Throwable t) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
index dc5bde900..0b1603b3a 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
@@ -17,6 +17,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.util.FormUtils;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
@@ -72,10 +73,10 @@ public class SiteAdminController extends FreemarkerHttpServlet {
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
}
- if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
+ if (PolicyHelper.isActionAuthorized(vreq, UseOntologyEditorPages.class)) {
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
}
- if (PolicyHelper.isActionAuthorized(vreq, UseAdvancedDataToolsPages.class)) {
+ if (PolicyHelper.isActionAuthorized(vreq, UseAdvancedDataToolsPages.class)) {
body.put("dataTools", getDataToolsData(vreq, urlBuilder));
// Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
diff --git a/webapp/web/jenaIngest/exportSelection.jsp b/webapp/web/jenaIngest/exportSelection.jsp
index 79c2bd45c..5eb1dd191 100644
--- a/webapp/web/jenaIngest/exportSelection.jsp
+++ b/webapp/web/jenaIngest/exportSelection.jsp
@@ -6,8 +6,6 @@
<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.VitroRequest"%>
<%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Ontology"%>
<%@ page import="edu.cornell.mannlib.vitro.webapp.dao.OntologyDao"%>
-<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
-