litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Test for self-editing by Identifiers, not by role level.

Browse source
This commit is contained in:
j2blake 2011-06-22 15:48:10 +00:00
parent 355c5aafa6
commit 61afec8de0
1 changed files with 0 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/DisplayRestrictedDataToSelfPolicy.java
View file

@ -11,7 +11,6 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasAssociatedIndividual;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
@ -57,11 +56,6 @@ public class DisplayRestrictedDataToSelfPolicy implements PolicyIface {
return defaultDecision("whatToAuth was null");
}
RoleLevel userRole = HasRoleLevel.getUsersRoleLevel(whoToAuth);
if (userRole != RoleLevel.SELF) {
return defaultDecision("not a self-editor");
}
Collection<String> associated = HasAssociatedIndividual
.getIndividualUris(whoToAuth);
if (associated.isEmpty()) {