litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-2492 Restrict pages by UseOntologyEditorPages requested action.

Browse source
This commit is contained in:
j2blake 2011-04-18 19:55:31 +00:00
parent b2b3086ef6
commit 5d44fa50f7
9 changed files with 25 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java
View file

@ -2,8 +2,6 @@
package edu.cornell.mannlib.vitro.webapp.auth.policy;
import javax.servlet.ServletContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -15,6 +13,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
/**
@ -40,6 +39,8 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
PolicyDecision result;
if (whatToAuth instanceof UseAdvancedDataToolsPages) {
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
} else if (whatToAuth instanceof UseOntologyEditorPages) {
result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole);
} else {
result = defaultDecision("Unrecognized action");
}
@ -48,6 +49,7 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
return result;
}
/** Authorize if user's role is at least as high as the required role. */
private PolicyDecision isAuthorized(RequestedAction whatToAuth,
RoleLevel requiredRole, RoleLevel currentRole) {
if (isRoleAtLeast(requiredRole, currentRole)) {

3
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/AllClassGroupsListingController.java
View file

@ -14,6 +14,8 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
@ -21,6 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class AllClassGroupsListingController extends BaseEditController {
private static final long serialVersionUID = 1L;

6
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ClassHierarchyListingController.java
View file

@ -23,6 +23,8 @@ import com.hp.hpl.jena.vocabulary.RDFS;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
@ -36,6 +38,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroModelProperties;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.dao.jena.WebappDaoFactoryJena;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class ClassHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(ClassHierarchyListingController.class.getName());
@ -51,9 +54,6 @@ public class ClassHierarchyListingController extends BaseEditController {
try {
if (!checkLoginStatus(request,response))
return;
try {
super.doGet(request, response);
} catch (Exception e) {

6
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/DataPropertyHierarchyListingController.java
View file

@ -21,6 +21,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
@ -33,6 +35,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class DataPropertyHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(DataPropertyHierarchyListingController.class.getName());
@ -50,9 +53,6 @@ public class DataPropertyHierarchyListingController extends BaseEditController {
Portal portal = vrequest.getPortal();
try {
if (!checkLoginStatus(request,response))
return;
try {
super.doGet(request, response);
} catch (Exception e) {

6
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/ObjectPropertyHierarchyListingController.java
View file

@ -22,6 +22,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.ButtonForm;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
@ -32,6 +34,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class ObjectPropertyHierarchyListingController extends BaseEditController {
private static final Log log = LogFactory.getLog(ObjectPropertyHierarchyListingController.class.getName());
@ -48,9 +51,6 @@ public class ObjectPropertyHierarchyListingController extends BaseEditController
Portal portal = vrequest.getPortal();
try {
if (!checkLoginStatus(request,response))
return;
try {
super.doGet(request, response);
} catch (Exception e) {

6
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/OntologiesListingController.java
View file

@ -11,12 +11,15 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class OntologiesListingController extends BaseEditController {
@Override
@ -24,9 +27,6 @@ public class OntologiesListingController extends BaseEditController {
VitroRequest vrequest = new VitroRequest(request);
Portal portal = vrequest.getPortal();
if(!checkLoginStatus(request,response))
return;
try {
super.doGet(request, response);
} catch (Throwable t) {

7
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/listing/PropertyGroupsListingController.java
View file

@ -14,23 +14,22 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
import edu.cornell.mannlib.vitro.webapp.beans.Property;
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
public class PropertyGroupsListingController extends BaseEditController {
public void doGet(HttpServletRequest request, HttpServletResponse response) {
if(!checkLoginStatus(request,response))
return;
try {
super.doGet(request, response);
} catch (Throwable t) {

3
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java
View file

@ -17,6 +17,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.util.FormUtils;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
@ -72,7 +73,7 @@ public class SiteAdminController extends FreemarkerHttpServlet {
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
}
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
if (PolicyHelper.isActionAuthorized(vreq, UseOntologyEditorPages.class)) {
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
}
if (PolicyHelper.isActionAuthorized(vreq, UseAdvancedDataToolsPages.class)) {

2
webapp/web/jenaIngest/exportSelection.jsp
View file

@ -6,8 +6,6 @@
<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.VitroRequest"%>
<%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Ontology"%>
<%@ page import="edu.cornell.mannlib.vitro.webapp.dao.OntologyDao"%>
<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
<div class="staticPageBackground">