Change individual display so labels for moniker, blurb, citation, and description only appear if the user has edit permissions for those properties. NIHVIVO-275

2010-04-02 23:13:09 +00:00 · 2010-04-02 23:13:09 +00:00 · 5da58324b8
commit 5da58324b8
parent 4a3ef8d03d
4 changed files with 153 additions and 84 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java
@ -194,13 +194,13 @@ public class SelfEditingPolicy implements VisitingPolicyIface {
        if( uri == null || uri.length() == 0 )
            return false;
        if( editableVitroUris.contains( uri ) )
            return true;
        if( prohibitedProperties.contains(uri)) {
            log.debug("The uri "+uri+" represents a predicate that cannot be modified because it is on a list of properties prohibited from self editing");
            return false;
        }
        if( editableVitroUris.contains( uri ) )
            return true;
        String namespace = uri.substring(0, Util.splitNamespace(uri));
        //Matcher match = ns.matcher(uri);
@ -276,7 +276,7 @@ public class SelfEditingPolicy implements VisitingPolicyIface {
        }
        //many predicates are prohibited by namespace but there are many ones that self editors need to work with
-        if(  prohibitedNs.contains(action.uriOfPredicate() ) && ! editableVitroUris.contains( action.uriOfPredicate() ) ) {
+        if(  prohibitedNs.contains(action.uriOfPredicate() )  ) {
            log.debug("SelfEditingPolicy for DropDatapropStmt is inconclusive because it does not grant access to admin controls");
            return new BasicPolicyDecision(this.defaultFailure,"SelfEditingPolicy does not grant access to admin controls");
        }
@ -338,10 +338,8 @@ public class SelfEditingPolicy implements VisitingPolicyIface {
        if(  prohibitedNs.contains( action.getResourceUri() ) )
            return new BasicPolicyDecision(this.defaultFailure,"SelfEditingPolicy does not grant access to admin resources");
-        //many predicates are prohibited by namespace but there are many ones that self editors need to work with
+        if(  prohibitedProperties.contains( action.getDataPropUri() ) )
        if(  prohibitedNs.contains(action.getDataPropUri() ) && ! editableVitroUris.contains( action.getDataPropUri() ) )
            return new BasicPolicyDecision(this.defaultFailure,"SelfEditingPolicy does not grant access to admin controls");
        if( !canModifyPredicate( action.getDataPropUri() ) )
            return new BasicPolicyDecision(this.defaultFailure,"SelfEditingPolicy does not grant access to admin predicates; " +
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java
@ -17,6 +17,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddObjectPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropDataPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditDataPropStmt;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditObjPropStmt;
@ -178,7 +179,63 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
        Assert.assertNotNull(dec);
        Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
    }
-
+    
    @Test
    public void testForbiddenMoniker(){
    	  Set<String> badProps = new HashSet<String>();
          badProps.add(VitroVocabulary.MONIKER);          
          SelfEditingPolicy badPropPolicy = new SelfEditingPolicy(badProps,null,null,null);
          RequestedAction whatToAuth = null;
          whatToAuth = new AddDataPropStmt(
                  SELFEDITOR_URI, VitroVocabulary.MONIKER ,"someValue", null, null);                
          PolicyDecision dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
          whatToAuth = new AddDataPropStmt(
                  SAFE_RESOURCE ,VitroVocabulary.MONIKER , "somevalue", null, null);                
          dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
          DataPropertyStatement dps = new DataPropertyStatementImpl();
          dps.setIndividualURI(SELFEDITOR_URI);
          dps.setDatapropURI(VitroVocabulary.MONIKER);
          dps.setData("some moniker");
          whatToAuth = new EditDataPropStmt(dps);                      
          dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
          //try where moniker is permitted
          badProps = new HashSet<String>();                   
          badPropPolicy = new SelfEditingPolicy(badProps,null,null,null);                    
          whatToAuth = new AddDataPropStmt(
                  SELFEDITOR_URI, VitroVocabulary.MONIKER ,"somevalue", null, null);                
          dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized());
          whatToAuth = new AddDataPropStmt(
        		  UNSAFE_RESOURCE ,VitroVocabulary.MONIKER , "somevalue", null, null);                
          dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
          dps = new DataPropertyStatementImpl();
          dps.setIndividualURI(SAFE_RESOURCE);
          dps.setDatapropURI(VitroVocabulary.MONIKER);
          dps.setData("some moniker");
          whatToAuth = new EditDataPropStmt(dps);                      
          dec = badPropPolicy.isAuthorized(ids, whatToAuth);
          Assert.assertNotNull(dec);
          Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
    }
    @Test
    public void testVisitIdentifierBundleAddObjectPropStmt() {
        AddObjectPropStmt whatToAuth = new AddObjectPropStmt(
--- a/webapp/web/templates/entity/entityBasic.jsp
+++ b/webapp/web/templates/entity/entityBasic.jsp
@ -119,10 +119,13 @@ if (VitroRequestPrep.isSelfEditing(request) || LoginFormBean.loggedIn(request, L
                        <%-- Moniker. Wrap in the div only if editing. If not editing, displays inline next to label. --%>
                        <c:if test="${showEdits}">
-                            <div id="dprop-vitro-moniker" class="propsItem ${editingClass}">                              
+                        	<c:set var="monikerEditLinks"><edLnk:editLinks item="<%= VitroVocabulary.MONIKER %>" icons="false"/></c:set>
-                                <h3 class="propertyName">moniker</h3>
+                        	<c:if test="${!empty monikerEditLinks }">
-                                <edLnk:editLinks item="<%= VitroVocabulary.MONIKER %>" icons="false"/>
+                            	<div id="dprop-vitro-moniker" class="propsItem ${editingClass}">                              
                                	<h3 class="propertyName">moniker</h3>
                            </c:if>
                        </c:if>
                        <c:if test="${!empty entity.moniker}">
                            <div class="datatypeProperties">
                                <div class="datatypePropertyValue" id="moniker">
@ -136,17 +139,19 @@ if (VitroRequestPrep.isSelfEditing(request) || LoginFormBean.loggedIn(request, L
                                </div>
                            </div>
                        </c:if>
-                        <c:if test="${showEdits}"></div></c:if> <%-- end dprop-vitro-moniker --%>                             
+                        
                        <c:if test="${showEdits && !empty monikerEditLinks}"></div></c:if> <%-- end dprop-vitro-moniker --%>                             
                    </c:otherwise>
                </c:choose>
            </div> <!-- end labelAndMoniker -->
-            <%-- Links --%>
+            <%-- Links --%>                                                                                       
            <c:if test="${ showEdits || !empty entity.url || !empty entity.linksList }"> 
                <div id="dprop-vitro-links" class="propsItem ${editingClass}">
-                    <c:if test="${showEdits}">
+	                <c:set var="canEditPrimaryLinks"><edLnk:editLinks item="<%= VitroVocabulary.PRIMARY_LINK %>" icons="false"/></c:set>
    		        <c:set var="canEditAdditionalLinks"><edLnk:editLinks item="<%= VitroVocabulary.ADDITIONAL_LINK %>" icons="false"/></c:set>
                    <c:if test="${showEdits and !empty canEditPrimaryLinks and !empty canEditAdditionalLinks}">
                        <h3 class="propertyName">links</h3>
                        <c:choose>
                            <c:when test="${empty entity.url}">
@ -208,7 +213,8 @@ if (VitroRequestPrep.isSelfEditing(request) || LoginFormBean.loggedIn(request, L
            <%-- Thumbnail (with citation) --%>
            <c:if test="${showEdits || !empty entity.imageThumb}">
 	            <div id="dprop-vitro-image" class="propsItem ${editingClass}"> 
-	                <c:if test="${showEdits}">
+	            	<c:set var="mayEditThumbnail"><edLnk:editLinks item="<%= VitroVocabulary.IMAGETHUMB %>" icons="false" /></c:set>
 	                <c:if test="${showEdits and !empty mayEditThumbnail}">
 	                    <h3 class="propertyName">image</h3>
 	                    <edLnk:editLinks item="<%= VitroVocabulary.IMAGETHUMB %>" icons="false" />
 	                </c:if>
@ -242,55 +248,61 @@ if (VitroRequestPrep.isSelfEditing(request) || LoginFormBean.loggedIn(request, L
 	            </div>
            </c:if>
-            <p:process>
+           	
            <%-- Blurb --%>
            <c:if test="${showEdits || !empty entity.blurb}">
 	             <div id="dprop-vitro-blurb" class="propsItem ${editingClass}">
 				 <c:if test="${not empty entity.blurb }">                          	 
           	 	 	<c:set var="editLinksForExistingBlurb"><edLnk:editLinks item="<%= VitroVocabulary.BLURB %>" data="${entity.blurb}" icons="false"/></c:set>
 				 </c:if>
          	 	 <c:set var="editLinksForNewBlurb"><edLnk:editLinks item="<%= VitroVocabulary.BLURB %>" icons="false"/></c:set>            	              	 
                 <c:if test="${showEdits || (( empty entity.blurb and not empty editLinksForNewBlurb)or( not empty entity.blurb and not empty editLinksForExistingBlurb)) }">                           
                     <h3 class="propertyName">blurb</h3>
                     ${editLinksForNewBlurb}
                 </c:if>                 
                 <c:if test="${!empty entity.blurb}">
                     <div class="datatypeProperties">
                         <div class="datatypePropertyValue">
                             <div class="statementWrap">
                                 <div class="description"><p:process>${entity.blurb}</p:process></div>                        
                                 <c:if test="${showEdits && !empty editLinksForExistingBlurb}">	                                   
                                		<span class="editLinks">${editLinksForExistingBlurb}</span>                                                                     
                                 </c:if> 
                             </div>
                         </div>
                     </div>
                 </c:if>     
             </div>
            </c:if>
-                <%-- Blurb --%>
+            <%-- Description --%>              
-                <c:if test="${showEdits || !empty entity.blurb}">
+            <c:if test="${ showEdits || !empty entity.description}">
-	                <div id="dprop-vitro-blurb" class="propsItem ${editingClass}">   
+              	<div id="dprop-vitro-description" class="propsItem ${editingClass}">
-	                    <c:if test="${showEdits}">                           
+            	<c:if test="${not empty entity.description }">
-	                        <h3 class="propertyName">blurb</h3>
+					<c:set var="editLinksForExisitngDesc"><edLnk:editLinks item="<%= VitroVocabulary.DESCRIPTION %>" data="${entity.description}" icons="false"/></c:set>
-	                        <edLnk:editLinks item="<%= VitroVocabulary.BLURB %>" icons="false"/>
+            	</c:if>
-	                    </c:if>
+            	<c:set var="editLinksForNewDesc"><edLnk:editLinks item="<%= VitroVocabulary.DESCRIPTION %>" icons="false"/></c:set>
-	                    <c:if test="${!empty entity.blurb}">
+            	
-	                        <div class="datatypeProperties">
+            	<c:if test="${showEdits || ((empty entity.description and not empty editLinksForNewDesc)or(not empty entity.description and not empty editLinksForExisitngDesc))}">
-	                            <div class="datatypePropertyValue">
+                     <h3 class="propertyName">description</h3>
-	                                <div class="statementWrap">
+                      ${editLinksForNewDesc}
-	                                    <div class="description">${entity.blurb}</div>
+                 </c:if>
-	                                    <c:if test="${showEdits}">
+                 <c:if test="${!empty entity.description}">
-	                                        <c:set var="editLinks"><edLnk:editLinks item="<%= VitroVocabulary.BLURB %>" data="${entity.blurb}" icons="false"/></c:set>
+                     <div class="datatypeProperties">
-	                                        <c:if test="${!empty editLinks}"><span class="editLinks">${editLinks}</span></c:if>                                                                     
+                         <div class="datatypePropertyValue">
-	                                    </c:if> 
+                             <div class="statementWrap">
-	                                </div>
+                                 <div class="description"><p:process>${entity.description}</p:process></div>                                 
-	                            </div>
+                                 <c:if test="${showEdits && !empty editLinksForExisitngDesc}">	                                    
-	                        </div>
+                                 	<span class="editLinks">${editLinksForExisitngDesc}</span>                                                                     
-	                    </c:if>     
+                                 </c:if> 
-	                </div>
+                             </div>
-                </c:if>
+                         </div>
-
+                     </div>
-                <%-- Description --%>   
+                 </c:if>     
-                <c:if test="${showEdits || !empty entity.description}">                
+             </div>
-	                <div id="dprop-vitro-description" class="propsItem ${editingClass}">   
+            </c:if>
-	                    <c:if test="${showEdits}">                           
+                            
-	                        <h3 class="propertyName">description</h3>
+        
 	                        <edLnk:editLinks item="<%= VitroVocabulary.DESCRIPTION %>" icons="false"/>
 	                    </c:if>
 	                    <c:if test="${!empty entity.description}">
 	                        <div class="datatypeProperties">
 	                            <div class="datatypePropertyValue">
 	                                <div class="statementWrap">
 	                                    <div class="description">${entity.description}</div>
 	                                    <c:if test="${showEdits}">
 	                                        <c:set var="editLinks"><edLnk:editLinks item="<%= VitroVocabulary.DESCRIPTION %>" data="${entity.description}" icons="false"/></c:set>
 	                                        <c:if test="${!empty editLinks}"><span class="editLinks">${editLinks}</span></c:if>                                                                     
 	                                    </c:if> 
 	                                </div>
 	                            </div>
 	                        </div>
 	                    </c:if>     
 	                </div>
                </c:if>
            </p:process>
            <%-- Properties --%>
            <c:import url="${entityMergedPropsListJsp}">
--- a/webapp/web/templates/entity/entityCitation.jsp
+++ b/webapp/web/templates/entity/entityCitation.jsp
@ -1,28 +1,30 @@
 <%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
 <%@ page import="edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary" %>
 <%@ taglib uri="http://vitro.mannlib.cornell.edu/vitro/tags/PropertyEditLink" prefix="edLnk" %>
 <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
 <c:if test="${showEdits || !empty entity.citation}">
-    <div id="dprop-vitro-citation" class="propsItem ${editingClass}">   
+	<div id="dprop-vitro-citation" class="propsItem ${editingClass}">
-        <c:if test="${showEdits}">                           
+		<c:if test="${not empty entity.citation }">                          	 
-            <h3 class="propertyName">citation</h3>
+			<c:set var="editLinksForExisting"><edLnk:editLinks item="<%= VitroVocabulary.CITATION %>" data="${entity.citation}" icons="false"/></c:set>
-            <edLnk:editLinks item="<%= VitroVocabulary.CITATION %>" icons="false"/>
+		</c:if>
-        </c:if>
+		<c:set var="editLinksForNew"><edLnk:editLinks item="<%= VitroVocabulary.CITATION %>" icons="false"/></c:set>            	              	 
-        <c:if test="${!empty entity.citation}">
+		<c:if test="${showEdits or (( empty entity.citation and !empty editLinksForNew)or( ! empty entity.citation and !empty editLinksForExisting)) }">                           
-            <div class="datatypeProperties">
+			<h3 class="propertyName">citation</h3>
-                <div class="datatypePropertyValue">
+			${editLinksForNew}
-                    <div class="statementWrap">
+		</c:if>                 
-                        ${entity.citation}
+		<c:if test="${!empty entity.citation}">
-                        <c:if test="${showEdits}">
+			<div class="datatypeProperties">
-                            <c:set var="editLinks"><edLnk:editLinks item="<%= VitroVocabulary.CITATION %>" data="${entity.citation}" icons="false"/></c:set>
+				<div class="datatypePropertyValue">
-                            <c:if test="${!empty editLinks}"><span class="editLinks">${editLinks}</span></c:if>                                                                     
+					<div class="statementWrap">
-                        </c:if> 
+						<p:process>${entity.citation}</p:process>                        
-                    </div>
+						<c:if test="${showEdits && !empty editLinksForExisting}">
-                </div>
+							<span class="editLinks">${editLinksForExisting}</span>
-            </div>
+						</c:if> 
-        </c:if>     
+					</div>
-    </div>
+				</div>
 			</div>
 		</c:if>     
 	</div>
 </c:if>