NIHVIVO-2492 Restrict pages by UseOntologyEditorPages requested action.
This commit is contained in:
j2blake
parent
b2b3086ef6
commit
5d44fa50f7
9 changed files with 25 additions and 22 deletions
|
|
@ -2,8 +2,6 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.policy;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
|
|
@ -15,6 +13,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
|
||||
/**
|
||||
|
|
@ -40,6 +39,8 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
|
|||
PolicyDecision result;
|
||||
if (whatToAuth instanceof UseAdvancedDataToolsPages) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
||||
} else if (whatToAuth instanceof UseOntologyEditorPages) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole);
|
||||
} else {
|
||||
result = defaultDecision("Unrecognized action");
|
||||
}
|
||||
|
|
@ -48,6 +49,7 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
|
|||
return result;
|
||||
}
|
||||
|
||||
/** Authorize if user's role is at least as high as the required role. */
|
||||
private PolicyDecision isAuthorized(RequestedAction whatToAuth,
|
||||
RoleLevel requiredRole, RoleLevel currentRole) {
|
||||
if (isRoleAtLeast(requiredRole, currentRole)) {
|
||||
|
|
|
|||
|
|
@ -14,6 +14,8 @@ import javax.servlet.http.HttpServletResponse;
|
|||
import org.apache.commons.lang.StringUtils;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
|
|
@ -21,6 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class AllClassGroupsListingController extends BaseEditController {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
|
|
|||
|
|
@ -23,6 +23,8 @@ import com.hp.hpl.jena.vocabulary.RDFS;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.ButtonForm;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
|
|
@ -36,6 +38,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroModelProperties;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.WebappDaoFactoryJena;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class ClassHierarchyListingController extends BaseEditController {
|
||||
|
||||
private static final Log log = LogFactory.getLog(ClassHierarchyListingController.class.getName());
|
||||
|
|
@ -51,9 +54,6 @@ public class ClassHierarchyListingController extends BaseEditController {
|
|||
|
||||
try {
|
||||
|
||||
if (!checkLoginStatus(request,response))
|
||||
return;
|
||||
|
||||
try {
|
||||
super.doGet(request, response);
|
||||
} catch (Exception e) {
|
||||
|
|
|
|||
|
|
@ -21,6 +21,8 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.ButtonForm;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Datatype;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
|
|
@ -33,6 +35,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class DataPropertyHierarchyListingController extends BaseEditController {
|
||||
|
||||
private static final Log log = LogFactory.getLog(DataPropertyHierarchyListingController.class.getName());
|
||||
|
|
@ -50,9 +53,6 @@ public class DataPropertyHierarchyListingController extends BaseEditController {
|
|||
Portal portal = vrequest.getPortal();
|
||||
try {
|
||||
|
||||
if (!checkLoginStatus(request,response))
|
||||
return;
|
||||
|
||||
try {
|
||||
super.doGet(request, response);
|
||||
} catch (Exception e) {
|
||||
|
|
|
|||
|
|
@ -22,6 +22,8 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.ButtonForm;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
|
|
@ -32,6 +34,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class ObjectPropertyHierarchyListingController extends BaseEditController {
|
||||
|
||||
private static final Log log = LogFactory.getLog(ObjectPropertyHierarchyListingController.class.getName());
|
||||
|
|
@ -48,9 +51,6 @@ public class ObjectPropertyHierarchyListingController extends BaseEditController
|
|||
Portal portal = vrequest.getPortal();
|
||||
try {
|
||||
|
||||
if (!checkLoginStatus(request,response))
|
||||
return;
|
||||
|
||||
try {
|
||||
super.doGet(request, response);
|
||||
} catch (Exception e) {
|
||||
|
|
|
|||
|
|
@ -11,12 +11,15 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class OntologiesListingController extends BaseEditController {
|
||||
|
||||
@Override
|
||||
|
|
@ -24,9 +27,6 @@ public class OntologiesListingController extends BaseEditController {
|
|||
VitroRequest vrequest = new VitroRequest(request);
|
||||
Portal portal = vrequest.getPortal();
|
||||
|
||||
if(!checkLoginStatus(request,response))
|
||||
return;
|
||||
|
||||
try {
|
||||
super.doGet(request, response);
|
||||
} catch (Throwable t) {
|
||||
|
|
|
|||
|
|
@ -14,23 +14,22 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseOntologyEditorPages.class)
|
||||
public class PropertyGroupsListingController extends BaseEditController {
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
|
||||
if(!checkLoginStatus(request,response))
|
||||
return;
|
||||
|
||||
try {
|
||||
super.doGet(request, response);
|
||||
} catch (Throwable t) {
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
|
||||
|
|
@ -72,10 +73,10 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
|||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
|
||||
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
|
||||
}
|
||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
|
||||
if (PolicyHelper.isActionAuthorized(vreq, UseOntologyEditorPages.class)) {
|
||||
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
|
||||
}
|
||||
if (PolicyHelper.isActionAuthorized(vreq, UseAdvancedDataToolsPages.class)) {
|
||||
if (PolicyHelper.isActionAuthorized(vreq, UseAdvancedDataToolsPages.class)) {
|
||||
body.put("dataTools", getDataToolsData(vreq, urlBuilder));
|
||||
|
||||
// Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@
|
|||
<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.VitroRequest"%>
|
||||
<%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Ontology"%>
|
||||
<%@ page import="edu.cornell.mannlib.vitro.webapp.dao.OntologyDao"%>
|
||||
<%@ taglib prefix="vitro" uri="/WEB-INF/tlds/VitroUtils.tld" %>
|
||||
<vitro:requiresAuthorizationFor classNames="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages" />
|
||||
|
||||
<div class="staticPageBackground">
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue