diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthTestController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthTestController.java deleted file mode 100644 index dc6ccf53b..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthTestController.java +++ /dev/null @@ -1,110 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers; -import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; - -/** - * Tests and gives info about the auth sysetm - * - * @author bdc34 - * - */ -public class AuthTestController extends VitroHttpServlet { - public void doGet(HttpServletRequest req, HttpServletResponse res ) - throws IOException, ServletException{ - super.doGet(req,res); - IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(req); - ServletOutputStream out = res.getOutputStream(); - - listIdentifiers(out,ids); - - checkAuths(out,ids, getServletContext()); - - } - - private void listIdentifiers(ServletOutputStream out, IdentifierBundle ids) throws IOException{ - out.println("

Identifiers:

"); - out.println(""); - for( Object obj: ids){ - if( obj == null ){ - out.println("obj was null"); - continue; - } - out.println(""); - out.println(""); - out.println(""); - out.println(""); - } - out.println("
"+obj.getClass().getName() + ""+obj.toString() + "
"); - } - - - private void checkAuths(ServletOutputStream out, IdentifierBundle ids, ServletContext servletContext) - throws IOException{ - PolicyList policy = ServletPolicyList.getPolicies(servletContext); - out.println("

Authorization tests:

"); - - if (policy.isEmpty()) { - out.println("No Policy objects found in ServletContext. "); - } - out.println(""); - for(RequestedAction action: actions){ - out.println(""); - try { - PolicyDecision pd = policy.isAuthorized(ids, action); - if( pd == null) - out.println(""); - out.println(""); - } - } catch (Exception e) { - out.println(""); - e.printStackTrace(); - } - } - out.println("
"+action.getClass().getName()+"ERROR: PolicyDecision was null"); - else{ - out.println(""+ pd.getAuthorized() +""+ pd.getMessage() +" exception: " + e + "
"); - } - - - private static List actions = new ArrayList(); - static{ - actions.add(new AddDataPropStmt("http://some.non.existing.resource", "http://some.non.existing.dataproperty", "bogus value", null, null)); - actions.add(new AddObjectPropStmt("http://vivo.library.cornell.edu/abox#entity11821","vitro:headOf","http://vivo.library.cornell.edu/abox#entity1")); - actions.add(new AddObjectPropStmt("http://vivo.library.cornell.edu/abox#entity123","vitro:headOf","http://vivo.library.cornell.edu/abox#entity1")); - -// actions.add(new AddResource("http://bogus.REsourceType.uri","http://bogus.uri")); -// actions.add(new DropObjectPropStmt()); -// actions.add(new DefineObjectProperty()); -// actions.add(new DefineDataProperty()); -// actions.add(new RemoveOwlClass()); -// actions.add(new CreateOwlClass()); -// -// actions.add(new AddNewUser()); -// actions.add(new LoadOntology()); -// actions.add(new RebuildTextIndex()); -// actions.add(new RemoveUser()); -// actions.add(new ServerStatus()); -// actions.add(new UpdateTextIndex()); -// actions.add(new UploadFile("http://uri.of.entity.to.associate/uploaded/file/with","http://uri.of.association.property")); - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/EditByRolePermission.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/EditByRolePermission.java index ece94bfae..6d5e64363 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/EditByRolePermission.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/EditByRolePermission.java @@ -9,8 +9,8 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction; import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; /** @@ -55,10 +55,10 @@ public class EditByRolePermission extends Permission { public boolean isAuthorized(RequestedAction whatToAuth) { boolean result; - if (whatToAuth instanceof AbstractDataPropertyAction) { - result = isAuthorized((AbstractDataPropertyAction) whatToAuth); - } else if (whatToAuth instanceof AbstractObjectPropertyAction) { - result = isAuthorized((AbstractObjectPropertyAction) whatToAuth); + if (whatToAuth instanceof AbstractDataPropertyStatementAction) { + result = isAuthorized((AbstractDataPropertyStatementAction) whatToAuth); + } else if (whatToAuth instanceof AbstractObjectPropertyStatementAction) { + result = isAuthorized((AbstractObjectPropertyStatementAction) whatToAuth); } else { result = false; } @@ -76,7 +76,7 @@ public class EditByRolePermission extends Permission { * The user may add, edit, or delete this data property if they are allowed * to modify its subject and its predicate. */ - private boolean isAuthorized(AbstractDataPropertyAction action) { + private boolean isAuthorized(AbstractDataPropertyStatementAction action) { String subjectUri = action.getSubjectUri(); String predicateUri = action.getPredicateUri(); return canModifyResource(subjectUri) @@ -87,10 +87,10 @@ public class EditByRolePermission extends Permission { * The user may add, edit, or delete this data property if they are allowed * to modify its subject, its predicate, and its object. */ - private boolean isAuthorized(AbstractObjectPropertyAction action) { - String subjectUri = action.getUriOfSubject(); - String predicateUri = action.getUriOfPredicate(); - String objectUri = action.getUriOfObject(); + private boolean isAuthorized(AbstractObjectPropertyStatementAction action) { + String subjectUri = action.getSubjectUri(); + String predicateUri = action.getPredicateUri(); + String objectUri = action.getObjectUri(); return canModifyResource(subjectUri) && canModifyPredicate(predicateUri) && canModifyResource(objectUri); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionRegistry.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionRegistry.java index 44461249a..775ace11b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionRegistry.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionRegistry.java @@ -145,6 +145,11 @@ public class PermissionRegistry { } } + /** + * There is no DisplayByRolePermission for self-editors. They get the + * same rights as PUBLIC. Other permissions give them their self-editing + * privileges. + */ private Collection createDisplayByRolePermissions( ServletContext ctx) { List list = new ArrayList(); @@ -159,13 +164,20 @@ public class PermissionRegistry { return list; } + /** + * There is no EditByRolePermission for PUBLIC or for self-editors. A + * property may be given an edit-level of "PUBLIC", but that may also + * simply be the default assigned to it when editing, and we don't want + * to recognize that. + * + * Other permissions give self-editors their editing privileges. + */ private Collection createEditByRolePermissions( ServletContext ctx) { List list = new ArrayList(); list.add(new EditByRolePermission("Admin", RoleLevel.DB_ADMIN, ctx)); list.add(new EditByRolePermission("Curator", RoleLevel.CURATOR, ctx)); list.add(new EditByRolePermission("Editor", RoleLevel.EDITOR, ctx)); - list.add(new EditByRolePermission("Public", RoleLevel.PUBLIC, ctx)); return list; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java index 896a2f3c8..0f432cf0c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java @@ -7,7 +7,10 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; import com.hp.hpl.jena.rdf.model.Model; +import com.hp.hpl.jena.rdf.model.ModelFactory; import com.hp.hpl.jena.rdf.model.Property; import com.hp.hpl.jena.rdf.model.RDFNode; import com.hp.hpl.jena.rdf.model.Resource; @@ -19,10 +22,10 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; /** * A collection of static methods to help determine whether requested actions @@ -60,35 +63,14 @@ public class PolicyHelper { } /** - * Do the current policies authorize the current user to add all of the - * statements in this model? - */ - public static boolean isAuthorizedToAdd(HttpServletRequest req, Model model) { - if ((req == null) || (model == null)) { - return false; - } - - StmtIterator stmts = model.listStatements(); - try { - while (stmts.hasNext()) { - if (!isAuthorizedToAdd(req, stmts.next())) { - return false; - } - } - return true; - } finally { - stmts.close(); - } - } - - /** - * Do the current policies authorize the current user to add this statement? + * Do the current policies authorize the current user to add this statement + * to this model? * * The statement is expected to be fully-populated, with no null fields. */ public static boolean isAuthorizedToAdd(HttpServletRequest req, - Statement stmt) { - if ((req == null) || (stmt == null)) { + Statement stmt, OntModel modelToBeModified) { + if ((req == null) || (stmt == null) || (modelToBeModified == null)) { return false; } @@ -101,46 +83,25 @@ public class PolicyHelper { RequestedAction action; if (objectNode.isResource()) { - action = new AddObjectPropStmt(subject.getURI(), - predicate.getURI(), objectNode.asResource().getURI()); + action = new AddObjectPropertyStatement(modelToBeModified, + subject.getURI(), predicate.getURI(), objectNode + .asResource().getURI()); } else { - action = new AddDataPropStmt(subject.getURI(), predicate.getURI(), - objectNode.asLiteral()); + action = new AddDataPropertyStatement(modelToBeModified, + subject.getURI(), predicate.getURI()); } return isAuthorizedForActions(req, action); } /** - * Do the current policies authorize the current user to drop all of the - * statements in this model? - */ - public static boolean isAuthorizedToDrop(HttpServletRequest req, Model model) { - if ((req == null) || (model == null)) { - return false; - } - - StmtIterator stmts = model.listStatements(); - try { - while (stmts.hasNext()) { - if (!isAuthorizedToDrop(req, stmts.next())) { - return false; - } - } - return true; - } finally { - stmts.close(); - } - } - - /** - * Do the current policies authorize the current user to drop this - * statement? + * Do the current policies authorize the current user to drop this statement + * from this model? * * The statement is expected to be fully-populated, with no null fields. */ public static boolean isAuthorizedToDrop(HttpServletRequest req, - Statement stmt) { - if ((req == null) || (stmt == null)) { + Statement stmt, OntModel modelToBeModified) { + if ((req == null) || (stmt == null) || (modelToBeModified == null)) { return false; } @@ -153,15 +114,152 @@ public class PolicyHelper { RequestedAction action; if (objectNode.isResource()) { - action = new DropObjectPropStmt(subject.getURI(), - predicate.getURI(), objectNode.asResource().getURI()); + action = new DropObjectPropertyStatement(modelToBeModified, + subject.getURI(), predicate.getURI(), objectNode + .asResource().getURI()); } else { - action = new DropDataPropStmt(subject.getURI(), predicate.getURI(), - objectNode.asLiteral()); + action = new DropDataPropertyStatement(modelToBeModified, + subject.getURI(), predicate.getURI()); } return isAuthorizedForActions(req, action); } + /** + * Do the current policies authorize the current user to modify this model + * by adding all of the statments in the additions model and dropping all of + * the statements in the retractions model? + * + * This differs from the other calls to "isAuthorized..." because we always + * expect the answer to be true. If the answer is false, it should be logged + * as an error. + * + * Even if a statement fails the test, continue to test the others, so the + * log will contain a full record of all failures. This is no more expensive + * than if all statements succeeded. + */ + public static boolean isAuthorizedAsExpected(HttpServletRequest req, + Model additions, Model retractions, OntModel modelBeingModified) { + if (req == null) { + log.warn("Can't evaluate authorization if req is null"); + return false; + } + if (additions == null) { + log.warn("Can't evaluate authorization if additions model is null"); + return false; + } + if (retractions == null) { + log.warn("Can't evaluate authorization if retractions model is null"); + return false; + } + if (modelBeingModified == null) { + log.warn("Can't evaluate authorization if model being modified is null"); + return false; + } + + /* + * The naive way to test the additions is to test each statement against + * the JenaOntModel. However, some of the statements may not be + * authorized unless others are added first. The client code should not + * need to know which sequence will be successful. The client code only + * cares that such a sequence does exist. + * + * There are 3 obvious ways to test this, ranging from the most rigorous + * (and most costly) to the least costly (and least rigorous). + * + * 1. Try all sequences to find one that works. First, try to add each + * statement to the modelBeingModified. If any statement succeeds, + * construct a temporary model that joins that statement to the + * modelBeingModified. Now try the remaining statements against that + * temporary model, adding the statement each time we are successful. If + * we eventually find all of the statements authorized, declare success. + * This is logically rigorous, but could become geometrically expensive + * as statements are repeatedly tried against incremented models. O(n!). + * + * 2. Try each statement on the assumption that all of the others have + * already been added. So for each statement we create a temporary + * modeol that joins the other additions to the JenaOntModel. If all + * statements pass this test, declare success. This is logically flawed + * since it is possible that two statements would circularly authorize + * each other, but that neither statement could be added first. However, + * that seems like a small risk, and the algorithm is considerably less + * expensive. O(n). + * + * 3. Try each statement on the assumption that all of the statements + * (including itself) have already been added. If all statements pass + * this test, declare success. This has the additional minor flaw of + * allowing a statement to authorize its own addition, but this seems + * very unlikely. This is about as expensive as choice 2., but much + * simpler to code. + * + * For now, I am going with choice 3. + */ + + boolean result = true; + + OntModel modelToTestAgainst = ModelFactory + .createOntologyModel(OntModelSpec.OWL_MEM); + modelToTestAgainst.addSubModel(additions); + modelToTestAgainst.addSubModel(modelBeingModified); + + StmtIterator addStmts = additions.listStatements(); + try { + while (addStmts.hasNext()) { + Statement stmt = addStmts.next(); + if (isAuthorizedToAdd(req, stmt, modelToTestAgainst)) { + if (log.isDebugEnabled()) { + log.debug("Last-chance authorization check: " + + "authorized to add statement: " + + formatStatement(stmt)); + } + } else { + log.warn("Last-chance authorization check reveals not " + + "authorized to add statement: " + + formatStatement(stmt)); + result = false; + } + } + } finally { + addStmts.close(); + } + + /* + * For retractions, there is no such conundrum. Assume that all of the + * additions have been added, and check the authorization of each + * retraction. + */ + + StmtIterator dropStmts = retractions.listStatements(); + try { + while (dropStmts.hasNext()) { + Statement stmt = dropStmts.next(); + if (isAuthorizedToDrop(req, stmt, modelToTestAgainst)) { + if (log.isDebugEnabled()) { + log.debug("Last-chance authorization check: " + + "authorized to drop statement: " + + formatStatement(stmt)); + } + } else { + log.warn("Last-chance authorization check reveals not " + + "authorized to drop statement: " + + formatStatement(stmt)); + result = false; + } + } + } finally { + dropStmts.close(); + } + + return result; + } + + private static String formatStatement(Statement stmt) { + if (stmt == null) { + return "null statement"; + } + return "<" + stmt.getSubject() + "> <" + stmt.getPredicate() + "> <" + + stmt.getObject() + ">"; + } + /** * No need to instantiate this helper class - all methods are static. */ diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java index 4ed30639b..25795b470 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java @@ -10,9 +10,9 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary; /** @@ -23,19 +23,20 @@ public class RestrictHomeMenuItemEditingPolicy implements PolicyIface { @Override public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, RequestedAction whatToAuth) { - if (whatToAuth instanceof EditObjPropStmt) { - return isAuthorized((EditObjPropStmt) whatToAuth); - } else if (whatToAuth instanceof DropObjectPropStmt) { - return isAuthorized((DropObjectPropStmt) whatToAuth); + if (whatToAuth instanceof EditObjectPropertyStatement) { + return isAuthorized((EditObjectPropertyStatement) whatToAuth); + } else if (whatToAuth instanceof DropObjectPropertyStatement) { + return isAuthorized((DropObjectPropertyStatement) whatToAuth); } else { return notHandled(); } } - private PolicyDecision isAuthorized(AbstractObjectPropertyAction whatToAuth) { - if (whatToAuth.getUriOfPredicate() + private PolicyDecision isAuthorized( + AbstractObjectPropertyStatementAction whatToAuth) { + if (whatToAuth.getPredicateUri() .equals(DisplayVocabulary.HAS_ELEMENT) - && whatToAuth.getUriOfObject().equals( + && whatToAuth.getObjectUri().equals( DisplayVocabulary.HOME_MENU_ITEM)) { return notAuthorized(); } else { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java index c50e3223f..e3a6b8dec 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java @@ -12,8 +12,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasAssociatedIndi import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractResourceAction; import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; @@ -44,14 +44,14 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements return inconclusiveDecision("Not self-editing."); } - if (whatToAuth instanceof AbstractObjectPropertyAction) { + if (whatToAuth instanceof AbstractObjectPropertyStatementAction) { return isAuthorizedForObjectPropertyAction(userUris, - (AbstractObjectPropertyAction) whatToAuth); + (AbstractObjectPropertyStatementAction) whatToAuth); } - if (whatToAuth instanceof AbstractDataPropertyAction) { + if (whatToAuth instanceof AbstractDataPropertyStatementAction) { return isAuthorizedForDataPropertyAction(userUris, - (AbstractDataPropertyAction) whatToAuth); + (AbstractDataPropertyStatementAction) whatToAuth); } if (whatToAuth instanceof AbstractResourceAction) { @@ -67,10 +67,10 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements * about him. */ private PolicyDecision isAuthorizedForObjectPropertyAction( - List userUris, AbstractObjectPropertyAction action) { - String subject = action.getUriOfSubject(); - String predicate = action.getUriOfPredicate(); - String object = action.getUriOfObject(); + List userUris, AbstractObjectPropertyStatementAction action) { + String subject = action.getSubjectUri(); + String predicate = action.getPredicateUri(); + String object = action.getObjectUri(); if (!canModifyResource(subject)) { return cantModifyResource(subject); @@ -94,7 +94,7 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements * about him. */ private PolicyDecision isAuthorizedForDataPropertyAction( - List userUris, AbstractDataPropertyAction action) { + List userUris, AbstractDataPropertyStatementAction action) { String subject = action.getSubjectUri(); String predicate = action.getPredicateUri(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/bean/PropertyRestrictionPolicyHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/bean/PropertyRestrictionPolicyHelper.java index 273b9baa0..68ee18b04 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/bean/PropertyRestrictionPolicyHelper.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/bean/PropertyRestrictionPolicyHelper.java @@ -46,8 +46,7 @@ public class PropertyRestrictionPolicyHelper { .getLog(PropertyRestrictionPolicyHelper.class); private static final Collection PROHIBITED_NAMESPACES = Arrays - .asList(new String[] { VitroVocabulary.vitroURI, - VitroVocabulary.OWL, "" }); + .asList(new String[] { VitroVocabulary.vitroURI, "" }); private static final Collection PERMITTED_EXCEPTIONS = Arrays .asList(new String[] { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/AbstractRelationshipPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/AbstractRelationshipPolicy.java index c238d246c..f04053f71 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/AbstractRelationshipPolicy.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/AbstractRelationshipPolicy.java @@ -2,30 +2,17 @@ package edu.cornell.mannlib.vitro.webapp.auth.policy.specialrelationships; -import java.util.ArrayList; -import java.util.List; - import javax.servlet.ServletContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import com.hp.hpl.jena.ontology.OntModel; -import com.hp.hpl.jena.rdf.model.Property; -import com.hp.hpl.jena.rdf.model.RDFNode; -import com.hp.hpl.jena.rdf.model.Resource; -import com.hp.hpl.jena.rdf.model.Selector; -import com.hp.hpl.jena.rdf.model.SimpleSelector; -import com.hp.hpl.jena.rdf.model.StmtIterator; -import com.hp.hpl.jena.shared.Lock; - import edu.cornell.mannlib.vitro.webapp.auth.policy.BasicPolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; -import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; /** * A collection of building-block methods so we can code a policy based on the @@ -37,11 +24,9 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface { .getLog(AbstractRelationshipPolicy.class); protected final ServletContext ctx; - protected final OntModel model; - public AbstractRelationshipPolicy(ServletContext ctx, OntModel model) { + public AbstractRelationshipPolicy(ServletContext ctx) { this.ctx = ctx; - this.model = model; } protected boolean canModifyResource(String uri) { @@ -54,133 +39,6 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface { uri, RoleLevel.SELF); } - protected boolean isResourceOfType(String resourceUri, String typeUri) { - Selector selector = createSelector(resourceUri, - VitroVocabulary.RDF_TYPE, typeUri); - - StmtIterator stmts = null; - model.enterCriticalSection(Lock.READ); - try { - stmts = model.listStatements(selector); - if (stmts.hasNext()) { - log.debug("resource '" + resourceUri + "' is of type '" - + typeUri + "'"); - return true; - } else { - log.debug("resource '" + resourceUri + "' is not of type '" - + typeUri + "'"); - return false; - } - } finally { - if (stmts != null) { - stmts.close(); - } - model.leaveCriticalSection(); - } - } - - protected List getObjectsOfProperty(String resourceUri, - String propertyUri) { - List list = new ArrayList(); - - Selector selector = createSelector(resourceUri, propertyUri, null); - - StmtIterator stmts = null; - model.enterCriticalSection(Lock.READ); - try { - stmts = model.listStatements(selector); - while (stmts.hasNext()) { - list.add(stmts.next().getObject().toString()); - } - log.debug("Objects of property '" + propertyUri + "' on resource '" - + resourceUri + "': " + list); - return list; - } finally { - if (stmts != null) { - stmts.close(); - } - model.leaveCriticalSection(); - } - } - - protected List getObjectsOfLinkedProperty(String resourceUri, - String linkUri, String propertyUri) { - List list = new ArrayList(); - - Selector selector = createSelector(resourceUri, linkUri, null); - - StmtIterator stmts = null; - - model.enterCriticalSection(Lock.READ); - try { - stmts = model.listStatements(selector); - while (stmts.hasNext()) { - RDFNode objectNode = stmts.next().getObject(); - if (objectNode.isResource()) { - log.debug("found authorship for '" + resourceUri + "': " - + objectNode); - list.addAll(getUrisOfAuthors(objectNode.asResource(), - propertyUri)); - } - } - log.debug("Objects of linked properties '" + linkUri + "' ==> '" - + propertyUri + "' on '" + resourceUri + "': " + list); - return list; - } finally { - if (stmts != null) { - stmts.close(); - } - model.leaveCriticalSection(); - } - } - - /** Note that we must already be in a critical section! */ - private List getUrisOfAuthors(Resource authorship, - String propertyUri) { - List list = new ArrayList(); - - Selector selector = createSelector(authorship, propertyUri, null); - - StmtIterator stmts = null; - try { - stmts = model.listStatements(selector); - while (stmts.hasNext()) { - list.add(stmts.next().getObject().toString()); - } - return list; - } finally { - if (stmts != null) { - stmts.close(); - } - } - } - - protected Selector createSelector(String subjectUri, String predicateUri, - String objectUri) { - Resource subject = (subjectUri == null) ? null : model - .getResource(subjectUri); - return createSelector(subject, predicateUri, objectUri); - } - - protected Selector createSelector(Resource subject, String predicateUri, - String objectUri) { - Property predicate = (predicateUri == null) ? null : model - .getProperty(predicateUri); - RDFNode object = (objectUri == null) ? null : model - .getResource(objectUri); - return new SimpleSelector(subject, predicate, object); - } - - protected boolean anyUrisInCommon(List userUris, - List editorsOrAuthors) { - for (String userUri : userUris) { - if (editorsOrAuthors.contains(userUri)) { - return true; - } - } - return false; - } - protected PolicyDecision cantModifyResource(String uri) { return inconclusiveDecision("No access to admin resources; cannot modify " + uri); @@ -201,10 +59,4 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface { .getSimpleName() + ": " + message); } - /** An AUTHORIZED decision with a message like "PolicyClass: message". */ - protected PolicyDecision authorizedDecision(String message) { - return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass() - .getSimpleName() + ": " + message); - } - } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/RelationshipChecker.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/RelationshipChecker.java new file mode 100644 index 000000000..b06407887 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/RelationshipChecker.java @@ -0,0 +1,172 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.policy.specialrelationships; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.rdf.model.Property; +import com.hp.hpl.jena.rdf.model.RDFNode; +import com.hp.hpl.jena.rdf.model.Resource; +import com.hp.hpl.jena.rdf.model.Selector; +import com.hp.hpl.jena.rdf.model.SimpleSelector; +import com.hp.hpl.jena.rdf.model.StmtIterator; +import com.hp.hpl.jena.shared.Lock; + +import edu.cornell.mannlib.vitro.webapp.auth.policy.BasicPolicyDecision; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; +import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; + +/** + * Look for relationships within an OntModel. Types of resources, links between + * resources, and links between resources via a context node. + * + * Also provides some convenience methods for test lists of URIs and for + * creating PolicyDecisions. + */ +public class RelationshipChecker { + private static final Log log = LogFactory.getLog(RelationshipChecker.class); + + private final OntModel ontModel; + + public RelationshipChecker(OntModel ontModel) { + this.ontModel = ontModel; + } + + /** + * Are there any URIs that appear in both of these lists? + */ + public boolean anyUrisInCommon(List list1, List list2) { + List urisInCommon = new ArrayList(list1); + urisInCommon.retainAll(list2); + return !urisInCommon.isEmpty(); + } + + /** + * Is this resource a member of this type? That is, is there an statement of + * the form: rdfs:type + */ + public boolean isResourceOfType(String resourceUri, String typeUri) { + Selector selector = createSelector(resourceUri, + VitroVocabulary.RDF_TYPE, typeUri); + + StmtIterator stmts = null; + ontModel.enterCriticalSection(Lock.READ); + try { + stmts = ontModel.listStatements(selector); + if (stmts.hasNext()) { + log.debug("resource '" + resourceUri + "' is of type '" + + typeUri + "'"); + return true; + } else { + log.debug("resource '" + resourceUri + "' is not of type '" + + typeUri + "'"); + return false; + } + } finally { + if (stmts != null) { + stmts.close(); + } + ontModel.leaveCriticalSection(); + } + } + + /** + * Get a list of the object URIs that satisfy this statement: + * + * + * + * May return an empty list, but never returns null. + */ + public List getObjectsOfProperty(String resourceUri, + String propertyUri) { + List list = new ArrayList(); + + Selector selector = createSelector(resourceUri, propertyUri, null); + + StmtIterator stmts = null; + ontModel.enterCriticalSection(Lock.READ); + try { + stmts = ontModel.listStatements(selector); + while (stmts.hasNext()) { + list.add(stmts.next().getObject().toString()); + } + log.debug("Objects of property '" + propertyUri + "' on resource '" + + resourceUri + "': " + list); + return list; + } finally { + if (stmts != null) { + stmts.close(); + } + ontModel.leaveCriticalSection(); + } + } + + /** + * Get a list of the object URIs that satisfy these statements: + * + * + * + * + * + * May return an empty list, but never returns null. + */ + public List getObjectsOfLinkedProperty(String resourceUri, + String linkUri, String propertyUri) { + List list = new ArrayList(); + + Selector selector = createSelector(resourceUri, linkUri, null); + + StmtIterator stmts = null; + + ontModel.enterCriticalSection(Lock.READ); + try { + stmts = ontModel.listStatements(selector); + while (stmts.hasNext()) { + RDFNode contextNode = stmts.next().getObject(); + if (contextNode.isResource()) { + log.debug("found context node for '" + resourceUri + "': " + + contextNode); + list.addAll(getObjectsOfProperty(contextNode.asResource() + .getURI(), propertyUri)); + } + } + log.debug("Objects of linked properties '" + linkUri + "' ==> '" + + propertyUri + "' on '" + resourceUri + "': " + list); + return list; + } finally { + if (stmts != null) { + stmts.close(); + } + ontModel.leaveCriticalSection(); + } + } + + public Selector createSelector(String subjectUri, String predicateUri, + String objectUri) { + Resource subject = (subjectUri == null) ? null : ontModel + .getResource(subjectUri); + return createSelector(subject, predicateUri, objectUri); + } + + public Selector createSelector(Resource subject, String predicateUri, + String objectUri) { + Property predicate = (predicateUri == null) ? null : ontModel + .getProperty(predicateUri); + RDFNode object = (objectUri == null) ? null : ontModel + .getResource(objectUri); + return new SimpleSelector(subject, predicate, object); + } + + /** An AUTHORIZED decision with a message like "PolicyClass: message". */ + protected PolicyDecision authorizedDecision(String message) { + return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass() + .getSimpleName() + ": " + message); + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayDataProperty.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayDataProperty.java index 9341cdd20..69d7f68e9 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayDataProperty.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayDataProperty.java @@ -16,4 +16,9 @@ public class DisplayDataProperty extends RequestedAction { public DataProperty getDataProperty() { return dataProperty; } + + @Override + public String toString() { + return "DisplayDataProperty[" + dataProperty + "]"; + } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayObjectProperty.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayObjectProperty.java index 49161abe1..3d3e8c4f7 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayObjectProperty.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayObjectProperty.java @@ -16,4 +16,9 @@ public class DisplayObjectProperty extends RequestedAction { public ObjectProperty getObjectProperty() { return objectProperty; } + + @Override + public String toString() { + return "DisplayObjectProperty[" + objectProperty.getLocalName() + "]"; + } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyAction.java deleted file mode 100644 index c6418fdd9..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyAction.java +++ /dev/null @@ -1,32 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; - -/** - * A base class for requestion actions that relate to data properties. - */ -public abstract class AbstractDataPropertyAction extends RequestedAction { - private final String subjectUri; - private final String predicateUri; - - public AbstractDataPropertyAction(String subjectUri, String predicateUri) { - this.subjectUri = subjectUri; - this.predicateUri = predicateUri; - } - - public String getSubjectUri() { - return subjectUri; - } - - public String getPredicateUri() { - return predicateUri; - } - - @Override - public String toString() { - return getClass().getSimpleName() + ": <" + subjectUri + "> <" - + predicateUri + ">"; - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java new file mode 100644 index 000000000..5ea769755 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java @@ -0,0 +1,52 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; + +/** + * A base class for requested actions that involve adding, editing, or dropping + * data property statements from a model. + */ +public abstract class AbstractDataPropertyStatementAction extends + AbstractPropertyStatementAction { + private final String subjectUri; + private final String predicateUri; + + public AbstractDataPropertyStatementAction(OntModel ontModel, + String subjectUri, String predicateUri) { + super(ontModel); + this.subjectUri = subjectUri; + this.predicateUri = predicateUri; + } + + public AbstractDataPropertyStatementAction(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel); + this.subjectUri = (dps.getIndividual() == null) ? dps + .getIndividualURI() : dps.getIndividual().getURI(); + this.predicateUri = dps.getDatapropURI(); + } + + public String getSubjectUri() { + return subjectUri; + } + + @Override + public String getPredicateUri() { + return predicateUri; + } + + @Override + public String[] getResourceUris() { + return new String[] {subjectUri}; + } + + @Override + public String toString() { + return getClass().getSimpleName() + ": <" + subjectUri + "> <" + + predicateUri + ">"; + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyAction.java deleted file mode 100644 index 611015f03..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyAction.java +++ /dev/null @@ -1,40 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; - -/** - * A base class for requested actions that involve manipulating an object - * property. - */ -public abstract class AbstractObjectPropertyAction extends RequestedAction { - public final String uriOfSubject; - public final String uriOfPredicate; - public final String uriOfObject; - - public AbstractObjectPropertyAction(String uriOfSubject, String uriOfPredicate, - String uriOfObject) { - this.uriOfSubject = uriOfSubject; - this.uriOfPredicate = uriOfPredicate; - this.uriOfObject = uriOfObject; - } - - public String getUriOfSubject() { - return uriOfSubject; - } - - public String getUriOfPredicate() { - return uriOfPredicate; - } - - public String getUriOfObject() { - return uriOfObject; - } - - @Override - public String toString() { - return this.getClass().getSimpleName() + ": <" + uriOfSubject + "> <" - + uriOfPredicate + "> <" + uriOfObject + ">"; - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java new file mode 100644 index 000000000..da380c383 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java @@ -0,0 +1,60 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; + +/** + * A base class for requested actions that involve adding, editing, or deleting + * object property statements from a model. + */ +public abstract class AbstractObjectPropertyStatementAction extends + AbstractPropertyStatementAction { + private final String subjectUri; + private final String predicateUri; + private final String objectUri; + + public AbstractObjectPropertyStatementAction(OntModel ontModel, String subjectUri, + String predicateUri, String objectUri) { + super(ontModel); + this.subjectUri = subjectUri; + this.predicateUri = predicateUri; + this.objectUri = objectUri; + } + + public AbstractObjectPropertyStatementAction(OntModel ontModel, ObjectPropertyStatement ops) { + super(ontModel); + this.subjectUri = (ops.getSubject() == null) ? ops.getSubjectURI() + : ops.getSubject().getURI(); + this.predicateUri = (ops.getProperty() == null) ? ops.getPropertyURI() + : ops.getProperty().getURI(); + this.objectUri = (ops.getObject() == null) ? ops.getObjectURI() : ops + .getObject().getURI(); + } + + public String getSubjectUri() { + return subjectUri; + } + + public String getObjectUri() { + return objectUri; + } + + @Override + public String getPredicateUri() { + return predicateUri; + } + + @Override + public String[] getResourceUris() { + return new String[] {subjectUri, objectUri}; + } + + @Override + public String toString() { + return this.getClass().getSimpleName() + ": <" + subjectUri + "> <" + + predicateUri + "> <" + objectUri + ">"; + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java new file mode 100644 index 000000000..82434a2bd --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java @@ -0,0 +1,31 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; + +/** + * A base class for requested actions that involve adding, editing, or deleting + * statements from a model. + */ +public abstract class AbstractPropertyStatementAction extends RequestedAction { + private final OntModel ontModel; + + public AbstractPropertyStatementAction(OntModel ontModel) { + this.ontModel = ontModel; + } + + public OntModel getOntModel() { + return ontModel; + } + + /** + * Get the URI of the Resources that are involved in this statement. Those + * are the Subject, and the Object if this is an ObjectProperty request. + */ + public abstract String[] getResourceUris(); + + public abstract String getPredicateUri(); +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropStmt.java deleted file mode 100644 index ef2170321..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropStmt.java +++ /dev/null @@ -1,38 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import com.hp.hpl.jena.rdf.model.Literal; - -/** Should we allow the user to add this DataPropertyStatement? */ -public class AddDataPropStmt extends AbstractDataPropertyAction { - protected String data; - protected String dataType; - protected String lang; - - public AddDataPropStmt(String subjectUri, String predicateUri, String value, String dataType, String lang) { - super(subjectUri, predicateUri); - this.data= value; - this.dataType = dataType; - this.lang = lang; - } - - public AddDataPropStmt(String subjectUri, String predicateUri, Literal literal) { - super(subjectUri, predicateUri); - this.data= literal.getValue().toString(); - this.dataType = literal.getDatatypeURI(); - this.lang = literal.getLanguage(); - } - - public String getData() { - return data; - } - - public String getDataType() { - return dataType; - } - - public String getLang() { - return lang; - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java new file mode 100644 index 000000000..5f550d058 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java @@ -0,0 +1,24 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; + +/** + * Should we allow the user to add this DataPropertyStatement to this model? + */ +public class AddDataPropertyStatement extends + AbstractDataPropertyStatementAction { + + public AddDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); + } + + public AddDataPropertyStatement(OntModel ontModel, DataPropertyStatement dps) { + super(ontModel, dps); + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropStmt.java deleted file mode 100644 index 60a0e15d3..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropStmt.java +++ /dev/null @@ -1,11 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -/** Should we allow the user to add this ObjectPropertyStatement? */ -public class AddObjectPropStmt extends AbstractObjectPropertyAction { - - public AddObjectPropStmt(String uriOfSub, String uriOfPred, String uriOfObj) { - super(uriOfSub, uriOfPred, uriOfObj); - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java new file mode 100644 index 000000000..423893328 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java @@ -0,0 +1,23 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; + +/** + * Should we allow the user to add this ObjectPropertyStatement to this model? + */ +public class AddObjectPropertyStatement extends + AbstractObjectPropertyStatementAction { + public AddObjectPropertyStatement(OntModel ontModel, String uriOfSub, + String uriOfPred, String uriOfObj) { + super(ontModel, uriOfSub, uriOfPred, uriOfObj); + } + + public AddObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropStmt.java deleted file mode 100644 index 44af36e89..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropStmt.java +++ /dev/null @@ -1,41 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import com.hp.hpl.jena.rdf.model.Literal; - -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; - -/** Should we allow the user to delete this DataPropertyStatement? */ -public class DropDataPropStmt extends AbstractDataPropertyAction { - - private final DataPropertyStatement dataPropStmt; - - public DropDataPropStmt(DataPropertyStatement dps){ - super(dps.getIndividualURI(),dps.getDatapropURI() ); - this.dataPropStmt = dps; - } - - public DropDataPropStmt(String subjectUri, String predicateUri, String data) { - super(subjectUri, predicateUri); - dataPropStmt = new DataPropertyStatementImpl(); - dataPropStmt.setIndividualURI(subjectUri); - dataPropStmt.setDatapropURI(predicateUri); - dataPropStmt.setData(data); - } - - public DropDataPropStmt(String subjectUri, String predicateUri, Literal data) { - super(subjectUri, predicateUri); - dataPropStmt = new DataPropertyStatementImpl(); - dataPropStmt.setIndividualURI(subjectUri); - dataPropStmt.setDatapropURI(predicateUri); - dataPropStmt.setData(data.getValue().toString()); - } - - public String data(){ return dataPropStmt.getData(); } - public String lang(){ return dataPropStmt.getLanguage(); } - public String datatype(){return dataPropStmt.getDatatypeURI(); } - - // TODO: needs to be fixed to work with lang/datatype literals -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java new file mode 100644 index 000000000..07138aa8f --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java @@ -0,0 +1,25 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; + +/** + * Should we allow the user to delete this DataPropertyStatement from this + * model? + */ +public class DropDataPropertyStatement extends + AbstractDataPropertyStatementAction { + + public DropDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); + } + + public DropDataPropertyStatement(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel, dps); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropStmt.java deleted file mode 100644 index 0b42365ae..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropStmt.java +++ /dev/null @@ -1,11 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -/** Should we allow the user to delete this ObjectPropertyStatement? */ -public class DropObjectPropStmt extends AbstractObjectPropertyAction { - - public DropObjectPropStmt(String sub, String pred, String obj) { - super(sub, pred, obj); - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java new file mode 100644 index 000000000..c994a39e8 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java @@ -0,0 +1,24 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; + +/** + * Should we allow the user to delete this ObjectPropertyStatement from this + * model? + */ +public class DropObjectPropertyStatement extends + AbstractObjectPropertyStatementAction { + public DropObjectPropertyStatement(OntModel ontModel, String sub, + String pred, String obj) { + super(ontModel, sub, pred, obj); + } + + public DropObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropStmt.java deleted file mode 100644 index 8edfb31f6..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropStmt.java +++ /dev/null @@ -1,21 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; - -/** Should we allow the user to edit this DataPropertyStatement? */ -public class EditDataPropStmt extends AbstractDataPropertyAction { - - private final DataPropertyStatement dataPropStmt; - - public EditDataPropStmt(DataPropertyStatement dps){ - super(dps.getIndividualURI(), dps.getDatapropURI()); - this.dataPropStmt = dps; - } - - public String data(){ return dataPropStmt.getData(); } - public String lang(){ return dataPropStmt.getLanguage(); } - public String datatype(){return dataPropStmt.getDatatypeURI(); } - -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java new file mode 100644 index 000000000..5ef3b918f --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java @@ -0,0 +1,23 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; + +/** + * Should we allow the user to edit this DataPropertyStatement in this model? + */ +public class EditDataPropertyStatement extends + AbstractDataPropertyStatementAction { + public EditDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); + } + + public EditDataPropertyStatement(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel, dps); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjPropStmt.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjPropStmt.java deleted file mode 100644 index e5c53ec77..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjPropStmt.java +++ /dev/null @@ -1,19 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; - -import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; - -/** Should we allow the user to edit this ObjectPropertyStatement? */ -public class EditObjPropStmt extends AbstractObjectPropertyAction { - - public EditObjPropStmt(ObjectPropertyStatement ops) { - super(ops.getSubjectURI(), ops.getPropertyURI(), ops.getObjectURI()); - } - - public EditObjPropStmt(String subjectUri, String keywordPredUri, - String objectUri) { - super(subjectUri, keywordPredUri, objectUri); - } - -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java new file mode 100644 index 000000000..732c3fa31 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java @@ -0,0 +1,23 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; + +/** + * Should we allow the user to edit this ObjectPropertyStatement in this model? + */ +public class EditObjectPropertyStatement extends + AbstractObjectPropertyStatementAction { + public EditObjectPropertyStatement(OntModel ontModel, String subjectUri, + String keywordPredUri, String objectUri) { + super(ontModel, subjectUri, keywordPredUri, objectUri); + } + + public EditObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java index 7f6fc8e4a..d91301a43 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java @@ -21,7 +21,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator; @@ -58,7 +58,7 @@ public class ShowAuthController extends FreemarkerHttpServlet { private List getSortedIdentifiers(VitroRequest vreq) { Map idMap = new TreeMap(); - for (Identifier id: RequestIdentifiers.getIdBundleForRequest(vreq)) { + for (Identifier id : RequestIdentifiers.getIdBundleForRequest(vreq)) { idMap.put(id.toString(), id); } return new ArrayList(idMap.values()); @@ -89,7 +89,8 @@ public class ShowAuthController extends FreemarkerHttpServlet { * this individual? */ private boolean mayEditIndividual(VitroRequest vreq, String individualUri) { - RequestedAction action = new EditObjPropStmt(individualUri, + RequestedAction action = new EditObjectPropertyStatement( + vreq.getJenaOntModel(), individualUri, RequestActionConstants.SOME_URI, RequestActionConstants.SOME_URI); return PolicyHelper.isAuthorizedForActions(vreq, action); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java index 6acc48f91..cc02de81c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java @@ -32,7 +32,7 @@ public class PrimitiveRdfEdit extends VitroAjaxController { private static final long serialVersionUID = 1L; - //Using the same setsup as primitive delete + //Using the same setup as primitive delete @Override protected Actions requiredActions(VitroRequest vreq) { return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerSetup.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerSetup.java index 0395ad07d..c7e390e19 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerSetup.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerSetup.java @@ -9,8 +9,6 @@ import javax.servlet.ServletContextListener; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel; - public class FreemarkerSetup implements ServletContextListener { private static final Log log = LogFactory.getLog(FreemarkerSetup.class); @@ -18,7 +16,6 @@ public class FreemarkerSetup implements ServletContextListener { @Override public void contextInitialized(ServletContextEvent event) { ServletContext sc = event.getServletContext(); - BaseTemplateModel.setServletContext(sc); FreemarkerComponentGenerator.setServletContext(sc); UrlBuilder.contextPath = sc.getContextPath(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java index bbcce862f..842a6201d 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java @@ -19,9 +19,9 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -138,14 +138,16 @@ public class ImageUploadController extends FreemarkerHttpServlet { RequestedAction ra; if (ACTION_DELETE.equals(action) || ACTION_DELETE_EDIT.equals(action)) { - ra = new DropObjectPropStmt(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, imageUri); + ra = new DropObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, + imageUri); } else if (imageUri != null) { - ra = new EditObjPropStmt(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, imageUri); + ra = new EditObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, + imageUri); } else { - ra = new AddObjectPropStmt(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, + ra = new AddObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, RequestActionConstants.SOME_URI); } return new Actions(ra); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/configuration/generators/RDFSLabelGenerator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/configuration/generators/RDFSLabelGenerator.java index 591ca667e..55d56536c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/configuration/generators/RDFSLabelGenerator.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/configuration/generators/RDFSLabelGenerator.java @@ -45,7 +45,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; */ public class RDFSLabelGenerator implements EditConfigurationGenerator { - private Log log = LogFactory.getLog(DefaultObjectPropertyFormGenerator.class); + private Log log = LogFactory.getLog(RDFSLabelGenerator.class); private String subjectUri = null; private String predicateUri = null; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/filestorage/serving/FileServingServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/filestorage/serving/FileServingServlet.java index 6feb5c1c6..ea73f4587 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/filestorage/serving/FileServingServlet.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/filestorage/serving/FileServingServlet.java @@ -110,7 +110,7 @@ public class FileServingServlet extends VitroHttpServlet { in = fileStorage.getInputStream(fileInfo.getBytestreamUri(), actualFilename); } catch (FileNotFoundException e) { - log.error(e, e); + log.error("Expected file doesn't exist: " + e); response.sendError(SC_INTERNAL_SERVER_ERROR, e.toString()); return; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/BaseTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/BaseTemplateModel.java index 740377a49..282076feb 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/BaseTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/BaseTemplateModel.java @@ -4,8 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.web.templatemodels; import java.util.Map; -import javax.servlet.ServletContext; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -20,8 +18,6 @@ public abstract class BaseTemplateModel { private static final String URI_CHARACTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~:/?#[]@!$&%'()*+,;="; - protected static ServletContext servletContext; - // Convenience method so subclasses can call getUrl(path) protected String getUrl(String path) { return UrlBuilder.getUrl(path); @@ -73,12 +69,4 @@ public abstract class BaseTemplateModel { AntiScript.cleanMapValues(map); } - protected static ServletContext getServletContext() { - return servletContext; - } - - public static void setServletContext(ServletContext context) { - servletContext = context; - } - } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/edit/EditConfigurationTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/edit/EditConfigurationTemplateModel.java index bfea72c7d..2d442d048 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/edit/EditConfigurationTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/edit/EditConfigurationTemplateModel.java @@ -450,7 +450,7 @@ public class EditConfigurationTemplateModel extends BaseTemplateModel { predicateUri, objectKey, statementDisplay, - false, null, vreq); + null, vreq); ReadOnlyBeansWrapper wrapper = new ReadOnlyBeansWrapper(); return wrapper.wrap(osm); } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java index b01efe97c..0c4b09e72 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java @@ -6,6 +6,8 @@ import java.util.Collection; import java.util.List; import java.util.Map; +import javax.servlet.ServletContext; + import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -15,8 +17,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.VClass; @@ -37,12 +39,14 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { protected final Individual individual; protected final LoginStatusBean loginStatusBean; protected final VitroRequest vreq; + private final ServletContext ctx; private final boolean editing; protected GroupedPropertyList propertyList; public BaseIndividualTemplateModel(Individual individual, VitroRequest vreq) { this.vreq = vreq; + this.ctx = vreq.getSession().getServletContext(); this.individual = individual; this.loginStatusBean = LoginStatusBean.getBean(vreq); // Needed for getting portal-sensitive urls. Remove if multi-portal support is removed. @@ -54,7 +58,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { boolean isVClass = individual.isVClass(vClassUri); // If reasoning is asynchronous (under RDB), this inference may not have been made yet. // Check the superclasses of the individual's vclass. - SimpleReasoner simpleReasoner = (SimpleReasoner)getServletContext().getAttribute(SimpleReasoner.class.getName()); + SimpleReasoner simpleReasoner = (SimpleReasoner) ctx.getAttribute(SimpleReasoner.class.getName()); if (!isVClass && simpleReasoner != null && simpleReasoner.isABoxReasoningAsynchronous()) { log.debug("Checking superclasses to see if individual is a " + vClassUri + " because reasoning is asynchronous"); List directVClasses = individual.getVClasses(true); @@ -108,10 +112,11 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { * an object property to the Individual being shown. */ public boolean isEditable() { - AddDataPropStmt adps = new AddDataPropStmt(individual.getURI(), - RequestActionConstants.SOME_URI, - RequestActionConstants.SOME_LITERAL, null, null); - AddObjectPropStmt aops = new AddObjectPropStmt(individual.getURI(), + AddDataPropertyStatement adps = new AddDataPropertyStatement( + vreq.getJenaOntModel(), individual.getURI(), + RequestActionConstants.SOME_URI); + AddObjectPropertyStatement aops = new AddObjectPropertyStatement( + vreq.getJenaOntModel(), individual.getURI(), RequestActionConstants.SOME_URI, RequestActionConstants.SOME_URI); return PolicyHelper.isAuthorizedForActions(vreq, new Actions(adps).or(aops)); @@ -127,7 +132,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { * are handled like ordinary ObjectProperty instances. */ public NameStatementTemplateModel getNameStatement() { - return new NameStatementTemplateModel(getUri(), vreq, editing); + return new NameStatementTemplateModel(getUri(), vreq); } /* These methods simply forward to the methods of the wrapped individual. It would be desirable to @@ -216,7 +221,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { public String selfEditingId() { String id = null; String idMatchingProperty = - ConfigurationProperties.getBean(getServletContext()).getProperty("selfEditing.idMatchingProperty"); + ConfigurationProperties.getBean(ctx).getProperty("selfEditing.idMatchingProperty"); if (! StringUtils.isBlank(idMatchingProperty)) { WebappDaoFactory wdf = vreq.getUnfilteredWebappDaoFactory(); Collection ids = diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java index 8ad485992..fd634595e 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java @@ -218,7 +218,7 @@ public class CollatedObjectPropertyTemplateModel extends ObjectPropertyTemplateM } listForThisSubclass.add(new ObjectPropertyStatementTemplateModel(subjectUri, - propertyUri, objectKey, map, editing, getTemplateName(), vreq)); + propertyUri, objectKey, map, getTemplateName(), vreq)); } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java index 46d29bb1c..f9fa1bf1a 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java @@ -9,8 +9,8 @@ import com.hp.hpl.jena.rdf.model.Literal; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -20,97 +20,61 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; import edu.cornell.mannlib.vitro.webapp.edit.n3editing.processEdit.RdfLiteralHash; public class DataPropertyStatementTemplateModel extends PropertyStatementTemplateModel { - private static final Log log = LogFactory.getLog(DataPropertyStatementTemplateModel.class); - private static final String EDIT_PATH = "editRequestDispatch"; - protected String value; + private final Literal literalValue; + private final String deleteUrl; + private final String editUrl; //Extended to include vitro request to check for special parameters public DataPropertyStatementTemplateModel(String subjectUri, String propertyUri, - Literal literal, boolean editing, VitroRequest vreq) { + Literal literal, VitroRequest vreq) { super(subjectUri, propertyUri, vreq); - //attempt to strip any odd HTML - this.value = cleanTextForDisplay( literal.getLexicalForm() ); + this.literalValue = literal; - setEditUrls(literal, editing, propertyUri); - } - - /* - * This method handles the special case where we are creating a DataPropertyStatementTemplateModel outside the GroupedPropertyList. - * Specifically, it allows rdfs:label to be treated like a data property statement and thus have editing links. It is not possible - * to handle rdfs:label like vitro links and vitroPublic image, because it is not possible to construct a DataProperty from - * rdfs:label. - */ - DataPropertyStatementTemplateModel(String subjectUri, String propertyUri, VitroRequest vreq) { - super(subjectUri, propertyUri, vreq); - } - - public void setValue(String value) { - this.value = value; - } - - protected void setEditUrls(Literal value, boolean editing, String propertyUri) { - - if ( ! editing ) { - return; - } - - DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri, propertyUri, value.getLexicalForm()); - // Language and datatype are needed to get the correct hash value - dps.setLanguage(value.getLanguage()); - dps.setDatatypeURI(value.getDatatypeURI()); - String dataPropHash = String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps)); - // Do delete url first, since used in building edit url - setDeleteUrl(propertyUri, dps, dataPropHash); - setEditUrl(propertyUri, dps, dataPropHash); + this.deleteUrl = makeDeleteUrl(); + this.editUrl = makeEditUrl(); } - - protected void setDeleteUrl(String propertyUri, DataPropertyStatement dps, String dataPropHash) { - - // Hack for rdfs:label - the policy doesn't prevent deletion. - if (propertyUri.equals(VitroVocabulary.LABEL)) { - return; - } - + private String makeDeleteUrl() { // Determine whether the statement can be deleted - RequestedAction action = new DropDataPropStmt(dps); + DataPropertyStatement dps = makeStatement(); + RequestedAction action = new DropDataPropertyStatement(vreq.getJenaOntModel(), dps); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { - return; + return ""; } ParamMap params = new ParamMap( "subjectUri", subjectUri, "predicateUri", propertyUri, - "datapropKey", dataPropHash, + "datapropKey", makeHash(dps), "cmd", "delete"); params.putAll(UrlBuilder.getModelParams(vreq)); - deleteUrl = UrlBuilder.getUrl(EDIT_PATH, params); - } - - protected void setEditUrl(String propertyUri, DataPropertyStatement dps, String dataPropHash) { + return UrlBuilder.getUrl(EDIT_PATH, params); + } + private String makeEditUrl() { // vitro:moniker is deprecated. We display existing data values so editors can // move them to other properties and delete, but don't allow editing. if ( propertyUri.equals(VitroVocabulary.MONIKER) ) { - return; + return ""; } // Determine whether the statement can be edited - RequestedAction action = new EditDataPropStmt(dps); + DataPropertyStatement dps = makeStatement(); + RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { - return; + return ""; } ParamMap params = new ParamMap( "subjectUri", subjectUri, "predicateUri", propertyUri, - "datapropKey", dataPropHash); + "datapropKey", makeHash(dps)); if ( deleteUrl.isEmpty() ) { params.put("deleteProhibited", "prohibited"); @@ -118,14 +82,36 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat params.putAll(UrlBuilder.getModelParams(vreq)); - editUrl = UrlBuilder.getUrl(EDIT_PATH, params); - } - + return UrlBuilder.getUrl(EDIT_PATH, params); + } + private DataPropertyStatement makeStatement() { + DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri, propertyUri, literalValue.getLexicalForm()); + // Language and datatype are needed to get the correct hash value + dps.setLanguage(literalValue.getLanguage()); + dps.setDatatypeURI(literalValue.getDatatypeURI()); + return dps; + } + + private String makeHash(DataPropertyStatement dps) { + // Language and datatype are needed to get the correct hash value + return String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps)); + } + /* Template properties */ public String getValue() { - return value; + //attempt to strip any odd HTML + return cleanTextForDisplay( literalValue.getLexicalForm() ); } + @Override + public String getDeleteUrl() { + return deleteUrl; + } + + @Override + public String getEditUrl() { + return editUrl; + } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java index 57fac3899..2452851ff 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java @@ -11,9 +11,8 @@ import org.apache.commons.logging.LogFactory; import com.hp.hpl.jena.rdf.model.Literal; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.DataProperty; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.Property; @@ -47,7 +46,7 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel { DataPropertyStatementDao dpDao = vreq.getWebappDaoFactory().getDataPropertyStatementDao(); List values = dpDao.getDataPropertyValuesForIndividualByProperty(subject, dp); for (Literal value : values) { - statements.add(new DataPropertyStatementTemplateModel(subjectUri, propertyUri, value, editing, vreq)); + statements.add(new DataPropertyStatementTemplateModel(subjectUri, propertyUri, value, vreq)); } } else { log.debug("Data property " + getUri() + " is unpopulated."); @@ -77,7 +76,8 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel { } // Determine whether a new statement can be added - RequestedAction action = new AddDataPropStmt(subjectUri, propertyUri, RequestActionConstants.SOME_LITERAL, null, null); + RequestedAction action = new AddDataPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/EditLinkSuppressor.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/EditLinkSuppressor.java new file mode 100644 index 000000000..87682ba6b --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/EditLinkSuppressor.java @@ -0,0 +1,94 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual; + +import java.util.Arrays; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; + +/** + * Sometimes we don't want to show an Add, Edit, or Delete link for a particular + * property, no matter who the user is. + * + * TODO These are hard-coded while we wait for the Application Ontology to be + * implemented. + */ +public class EditLinkSuppressor { + private static final Log log = LogFactory.getLog(EditLinkSuppressor.class); + + private static final String CORE = "http://vivoweb.org/ontology/core#"; + private static final String PUB_TO_AUTHORSHIP = core("informationResourceInAuthorship"); + private static final String PERSON_TO_AUTHORSHIP = core("authorInAuthorship"); + private static final String AUTHORSHIP_TO_PERSON = core("linkedAuthor"); + private static final String AUTHORSHIP_TO_PUB = core("linkedInformationResource"); + private static final String INDIVIDUAL_TO_WEBPAGE = core("webpage"); + private static final String WEBPAGE_TO_INDIVIDUAL = core("webpageOf"); + private static final String HAS_RESEARCH_AREA = core("hasResearchArea"); + private static final String HAS_SUBJECT_AREA = core("hasSubjectArea"); + private static final String RESEARCH_AREA_OF = core("researchAreaOf"); + private static final String SUBJECT_AREA_FOR = core("subjectAreaFor"); + + private static String core(String localName) { + return CORE + localName; + } + + private static final List suppressAddLinksForThese = Arrays + .asList(new String[] { AUTHORSHIP_TO_PERSON, AUTHORSHIP_TO_PUB, + WEBPAGE_TO_INDIVIDUAL }); + + private static final List suppressEditLinksForThese = Arrays + .asList(new String[] { WEBPAGE_TO_INDIVIDUAL }); + + private static final List suppressDeleteLinksForThese = Arrays + .asList(new String[] { PUB_TO_AUTHORSHIP, PERSON_TO_AUTHORSHIP, + AUTHORSHIP_TO_PERSON, AUTHORSHIP_TO_PUB, + INDIVIDUAL_TO_WEBPAGE, WEBPAGE_TO_INDIVIDUAL, + HAS_RESEARCH_AREA, RESEARCH_AREA_OF, HAS_SUBJECT_AREA, + SUBJECT_AREA_FOR }); + + // TODO When we remove the hard-coding, vreq will allow us to find the + // application ontology model. + @SuppressWarnings("unused") + private final VitroRequest vreq; + + public EditLinkSuppressor(VitroRequest vreq) { + this.vreq = vreq; + } + + /** + * Should we suppress the Add link on this property? + */ + public boolean isAddLinkSuppressed(String propertyUri) { + if (propertyUri == null) { + log.error("Suppressing the add link on a null property."); + return true; + } + return suppressAddLinksForThese.contains(propertyUri); + } + + /** + * Should we suppress the Edit link on this property? + */ + public boolean isEditLinkSuppressed(String propertyUri) { + if (propertyUri == null) { + log.error("Suppressing the edit link on a null property."); + return true; + } + return suppressEditLinksForThese.contains(propertyUri); + } + + /** + * Should we suppress the Delete link on this property? + */ + public boolean isDeleteLinkSuppressed(String propertyUri) { + if (propertyUri == null) { + log.error("Suppressing the delete link on a null property."); + return true; + } + return suppressDeleteLinksForThese.contains(propertyUri); + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java index fd8d37f78..982a4561c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java @@ -7,42 +7,105 @@ import org.apache.commons.logging.LogFactory; import org.openrdf.model.URI; import org.openrdf.model.impl.URIImpl; +import com.hp.hpl.jena.rdf.model.Literal; + +import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; +import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder; +import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; import edu.cornell.mannlib.vitro.webapp.edit.EditLiteral; +import edu.cornell.mannlib.vitro.webapp.edit.n3editing.processEdit.RdfLiteralHash; -public class NameStatementTemplateModel extends - DataPropertyStatementTemplateModel { +/** + * This allows the template to treat an rdfs:label like a data property statement, and thus + * have an editing link. + * + * This has the same accessor methods as a DataPropertyStatementTemplateModel, but it is never + * part of the GroupedPropertyList, and it never has a deleteUrl. + */ +public class NameStatementTemplateModel extends PropertyStatementTemplateModel { + private static final Log log = LogFactory.getLog(NameStatementTemplateModel.class); - private static final Log log = LogFactory.getLog(NameStatementTemplateModel.class); + private final String stringValue; + private final String editUrl; - /* - * This method handles the special case where we are creating a DataPropertyStatementTemplateModel outside the GroupedPropertyList. - * Specifically, it allows rdfs:label to be treated like a data property statement and thus have editing links. - */ - NameStatementTemplateModel(String subjectUri, VitroRequest vreq, boolean editing) { + NameStatementTemplateModel(String subjectUri, VitroRequest vreq) { super(subjectUri, VitroVocabulary.LABEL, vreq); - WebappDaoFactory wdf = vreq.getWebappDaoFactory(); - // NIHVIVO-2466 Use the same methods to get the label that are used elsewhere in the // application, to guarantee consistent results for individuals with multiple labels // across the application. + WebappDaoFactory wdf = vreq.getWebappDaoFactory(); IndividualDao iDao = wdf.getIndividualDao(); EditLiteral literal = iDao.getLabelEditLiteral(subjectUri); - if (literal != null) { - value = cleanTextForDisplay( literal.getLexicalForm() ); - setEditUrls(literal, editing, propertyUri); + if (literal == null) { + // If the individual has no rdfs:label, use the local name. It will not be editable. (This replicates previous behavior; + // perhaps we would want to allow a label to be added. But such individuals do not usually have their profiles viewed or + // edited directly.) + URI uri = new URIImpl(subjectUri); + this.stringValue = uri.getLocalName(); + this.editUrl = ""; } else { - // If the individual has no rdfs:label, use the local name. It will not be editable. (This replicates previous behavior; - // perhaps we would want to allow a label to be added. But such individuals do not usually have their profiles viewed or - // edited directly.) - URI uri = new URIImpl(subjectUri); - value = uri.getLocalName(); + this.stringValue = cleanTextForDisplay( literal.getLexicalForm() ); + this.editUrl = makeEditUrl(literal); } } + + private String makeEditUrl(Literal literal) { + // Determine whether the statement can be edited + DataPropertyStatement dps = makeStatement(literal); + RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps); + if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { + return ""; + } + + ParamMap params = new ParamMap( + "subjectUri", subjectUri, + "predicateUri", propertyUri, + "datapropKey", makeHash(dps), + "deleteProhibited", "prohibited"); + + params.putAll(UrlBuilder.getModelParams(vreq)); + + return UrlBuilder.getUrl(EDIT_PATH, params); + } + + private DataPropertyStatement makeStatement(Literal literalValue) { + DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri, + propertyUri, literalValue.getLexicalForm()); + // Language and datatype are needed to get the correct hash value + dps.setLanguage(literalValue.getLanguage()); + dps.setDatatypeURI(literalValue.getDatatypeURI()); + return dps; + } + + private String makeHash(DataPropertyStatement dps) { + // Language and datatype are needed to get the correct hash value + return String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps)); + } + + /* Template properties */ + public String getValue() { + return stringValue; + } + + @Override + public String getDeleteUrl() { + return ""; + } + + @Override + public String getEditUrl() { + return editUrl; + } + } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java index 5c7d778ea..28ff330c3 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual; +import java.util.Collections; +import java.util.HashMap; import java.util.Map; import org.apache.commons.logging.Log; @@ -9,8 +11,8 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatementImpl; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -19,107 +21,104 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMa import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; public class ObjectPropertyStatementTemplateModel extends PropertyStatementTemplateModel { - private static final Log log = LogFactory.getLog(ObjectPropertyStatementTemplateModel.class); - private static final String EDIT_PATH = "editRequestDispatch"; - private final Map data; - // Used for editing private final String objectUri; private final String templateName; private final String objectKey; + private final String editUrl; + private final String deleteUrl; + public ObjectPropertyStatementTemplateModel(String subjectUri, String propertyUri, String objectKey, - Map data, boolean editing, String templateName, VitroRequest vreq) { + Map data, String templateName, VitroRequest vreq) { super(subjectUri, propertyUri, vreq); - this.data = data; + this.data = Collections.unmodifiableMap(new HashMap(data)); this.objectUri = data.get(objectKey); this.templateName = templateName; //to keep track of later this.objectKey = objectKey; - if ( editing ) { - setEditUrls(); - } + ObjectPropertyStatement ops = new ObjectPropertyStatementImpl(subjectUri, propertyUri, objectUri); + + // Do delete url first, since it is used in building edit url + this.deleteUrl = makeDeleteUrl(); + this.editUrl = makeEditUrl(ops); } - protected void setEditUrls() { - // If we are in edit mode, create the list of editing permissions. - // We do this now rather than in getEditUrl() and getDeleteUrl(), because getEditUrl() also needs to know - // whether a delete is allowed. - ObjectPropertyStatement ops = new ObjectPropertyStatementImpl(subjectUri, propertyUri, objectUri); - - // Do delete url first, since used in building edit url - setDeleteUrl(); - setEditUrl(ops); - } - - protected void setDeleteUrl() { + private String makeDeleteUrl() { + // Is the delete link suppressed for this property? + if (new EditLinkSuppressor(vreq).isDeleteLinkSuppressed(propertyUri)) { + return ""; + } // Determine whether the statement can be deleted - RequestedAction action = new DropObjectPropStmt(subjectUri, propertyUri, objectUri); + RequestedAction action = new DropObjectPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri, objectUri); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { - return; + return ""; } if (propertyUri.equals(VitroVocabulary.IND_MAIN_IMAGE)) { - deleteUrl = ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "delete"); - } else { - ParamMap params = new ParamMap( - "subjectUri", subjectUri, - "predicateUri", propertyUri, - "objectUri", objectUri, - "cmd", "delete", - "objectKey", objectKey); - - for ( String key : data.keySet() ) { - String value = data.get(key); - // Remove an entry with a null value instead of letting it get passed - // as a param with an empty value, in order to align with behavior on - // profile page. E.g., if statement.moniker is null, a test for - // statement.moniker?? will yield different results if null on the - // profile page but an empty string on the deletion page. - if (value != null) { - params.put("statement_" + key, data.get(key)); - } - } - - params.put("templateName", templateName); - - params.putAll(UrlBuilder.getModelParams(vreq)); - - deleteUrl = UrlBuilder.getUrl(EDIT_PATH, params); - } - } - - protected void setEditUrl(ObjectPropertyStatement ops) { + return ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "delete"); + } - // Determine whether the statement can be edited - RequestedAction action = new EditObjPropStmt(ops); + ParamMap params = new ParamMap( + "subjectUri", subjectUri, + "predicateUri", propertyUri, + "objectUri", objectUri, + "cmd", "delete", + "objectKey", objectKey); + + for ( String key : data.keySet() ) { + String value = data.get(key); + // Remove an entry with a null value instead of letting it get passed + // as a param with an empty value, in order to align with behavior on + // profile page. E.g., if statement.moniker is null, a test for + // statement.moniker?? will yield different results if null on the + // profile page but an empty string on the deletion page. + if (value != null) { + params.put("statement_" + key, data.get(key)); + } + } + + params.put("templateName", templateName); + params.putAll(UrlBuilder.getModelParams(vreq)); + + return UrlBuilder.getUrl(EDIT_PATH, params); + } + + private String makeEditUrl(ObjectPropertyStatement ops) { + // Is the edit link suppressed for this property? + if (new EditLinkSuppressor(vreq).isEditLinkSuppressed(propertyUri)) { + return ""; + } + + // Determine whether the statement can be edited + RequestedAction action = new EditObjectPropertyStatement(vreq.getJenaOntModel(), ops); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { - return; + return ""; } if (propertyUri.equals(VitroVocabulary.IND_MAIN_IMAGE)) { - editUrl = ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "edit"); - } else { - ParamMap params = new ParamMap( - "subjectUri", subjectUri, - "predicateUri", propertyUri, - "objectUri", objectUri); - - if ( deleteUrl.isEmpty() ) { - params.put("deleteProhibited", "prohibited"); - } - - params.putAll(UrlBuilder.getModelParams(vreq)); - - editUrl = UrlBuilder.getUrl(EDIT_PATH, params); - } - } - + return ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "edit"); + } + + ParamMap params = new ParamMap( + "subjectUri", subjectUri, + "predicateUri", propertyUri, + "objectUri", objectUri); + + if ( deleteUrl.isEmpty() ) { + params.put("deleteProhibited", "prohibited"); + } + + params.putAll(UrlBuilder.getModelParams(vreq)); + + return UrlBuilder.getUrl(EDIT_PATH, params); + } /* Template methods */ @@ -130,5 +129,15 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl public String uri(String key) { return cleanURIForDisplay(data.get(key)); } + + @Override + public String getDeleteUrl() { + return deleteUrl; + } + @Override + public String getEditUrl() { + return editUrl; + } + } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java index 8761bf0e1..ec0acabf3 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java @@ -17,7 +17,7 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty; import edu.cornell.mannlib.vitro.webapp.beans.Property; @@ -102,9 +102,15 @@ public abstract class ObjectPropertyTemplateModel extends PropertyTemplateModel } protected void setAddUrl(Property property) { + // Is the add link suppressed for this property? + if (new EditLinkSuppressor(vreq).isAddLinkSuppressed(propertyUri)) { + return; + } // Determine whether a new statement can be added - RequestedAction action = new AddObjectPropStmt(subjectUri, propertyUri, RequestActionConstants.SOME_URI); + RequestedAction action = new AddObjectPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri, + RequestActionConstants.SOME_URI); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyStatementTemplateModel.java index 7f3466c3d..1dfc9d2db 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyStatementTemplateModel.java @@ -2,46 +2,28 @@ package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel; public abstract class PropertyStatementTemplateModel extends BaseTemplateModel { + protected static final String EDIT_PATH = "editRequestDispatch"; - private static final Log log = LogFactory.getLog(PropertyStatementTemplateModel.class); - protected final VitroRequest vreq; - // Used for editing protected final String subjectUri; protected final String propertyUri; - protected String editUrl; - protected String deleteUrl; - PropertyStatementTemplateModel(String subjectUri, String propertyUri, VitroRequest vreq) { this.vreq = vreq; this.subjectUri = subjectUri; this.propertyUri = propertyUri; - editUrl = ""; - deleteUrl = ""; } - - /* Template properties */ - public String getEditUrl() { - return editUrl; - } - - public String getDeleteUrl() { - return deleteUrl; - } - + public abstract String getEditUrl(); + public abstract String getDeleteUrl(); public boolean isEditable() { - return ! editUrl.isEmpty(); + return ! getEditUrl().isEmpty(); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/UncollatedObjectPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/UncollatedObjectPropertyTemplateModel.java index b9a79c11e..15f53b4c4 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/UncollatedObjectPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/UncollatedObjectPropertyTemplateModel.java @@ -41,7 +41,7 @@ public class UncollatedObjectPropertyTemplateModel extends ObjectPropertyTemplat String objectKey = getObjectKey(); for (Map map : statementData) { statements.add(new ObjectPropertyStatementTemplateModel(subjectUri, - propertyUri, objectKey, map, editing, getTemplateName(), vreq)); + propertyUri, objectKey, map, getTemplateName(), vreq)); } postprocessStatementList(statements); diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java new file mode 100644 index 000000000..888e488cb --- /dev/null +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java @@ -0,0 +1,370 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.policy; + +import static org.junit.Assert.assertEquals; + +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.Method; +import java.lang.reflect.Proxy; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +import org.apache.log4j.Level; +import org.junit.Before; +import org.junit.Test; + +import stubs.javax.servlet.ServletContextStub; +import stubs.javax.servlet.http.HttpServletRequestStub; +import stubs.javax.servlet.http.HttpSessionStub; + +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; +import com.hp.hpl.jena.rdf.model.Model; +import com.hp.hpl.jena.rdf.model.ModelFactory; +import com.hp.hpl.jena.rdf.model.Property; +import com.hp.hpl.jena.rdf.model.Resource; +import com.hp.hpl.jena.rdf.model.Statement; +import com.hp.hpl.jena.rdf.model.StmtIterator; +import com.hp.hpl.jena.util.iterator.NiceIterator; + +import edu.cornell.mannlib.vitro.testing.AbstractTestClass; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractPropertyStatementAction; + +/** + * Test the function of PolicyHelper in authorizing models of additions and + * retractions. + * + * It is vital that these methods work even if the statements are presented in + * the "wrong" order: one statement being authorized by a statement that appears + * later in the list. + * + * In order to test that, we need to create a Model that will list the + * statements in an order that we can predict, vis. the order in which they were + * added. + * + * To avoid creating a SortedModel that implements dozens of methods, we instead + * create a Proxy class that keeps the statements in order and lists them on + * demand. + */ +public class PolicyHelper_ModelsTest extends AbstractTestClass { + private static final String PRIMARY_RESOURCE_URI = "http://primaryResource"; + private static final String OTHER_RESOURCE_URI = "http://otherResource"; + private static final String FRIEND_PREDICATE_URI = "http://friend"; + private static final String SOME_PREDICATE_URI = "http://something"; + + private ServletContextStub ctx; + private HttpSessionStub session; + private HttpServletRequestStub req; + private OntModel ontModel = ModelFactory + .createOntologyModel(OntModelSpec.OWL_MEM); + + private Model additions; + private Model retractions; + + @Before + public void setup() { + ctx = new ServletContextStub(); + + session = new HttpSessionStub(); + session.setServletContext(ctx); + + req = new HttpServletRequestStub(); + req.setSession(session); + + setLoggerLevel(ServletPolicyList.class, Level.WARN); + ServletPolicyList.addPolicy(ctx, new MySimplePolicy()); + + setLoggerLevel(PolicyHelper.class, Level.DEBUG); + } + + // ---------------------------------------------------------------------- + // The tests. + // ---------------------------------------------------------------------- + + @Test + public void rejectNullRequest() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + req = null; + additions = model(); + retractions = model(); + assertAuthorized("reject null request", false); + } + + @Test + public void rejectNullAdditions() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + additions = null; + retractions = model(); + assertAuthorized("reject null additions", false); + } + + @Test + public void rejectNullRetractions() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + additions = model(); + retractions = null; + assertAuthorized("reject null retractions", false); + } + + @Test + public void rejectNullOntModel() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + additions = model(); + retractions = model(); + ontModel = null; + assertAuthorized("reject null OntModel", false); + } + + @Test + public void acceptEmptyChanges() { + additions = model(); + retractions = model(); + assertAuthorized("accept empty changes add", true); + } + + @Test + public void acceptSimpleAdd() { + additions = model(dataStatement(PRIMARY_RESOURCE_URI, + SOME_PREDICATE_URI)); + retractions = model(); + assertAuthorized("accept simple add", true); + } + + @Test + public void acceptSimpleDrop() { + additions = model(); + retractions = model(dataStatement(PRIMARY_RESOURCE_URI, + SOME_PREDICATE_URI)); + assertAuthorized("accept simple add", true); + } + + @Test + public void rejectSimpleAdd() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + additions = model(dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI)); + retractions = model(); + assertAuthorized("reject simple add", false); + } + + @Test + public void rejectSimpleDrop() { + setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning + additions = model(); + retractions = model(dataStatement(OTHER_RESOURCE_URI, + SOME_PREDICATE_URI)); + assertAuthorized("reject simple drop", false); + } + + @Test + public void acceptAddBecauseOfExistingStatement() { + ontModel.add(objectStatement(PRIMARY_RESOURCE_URI, + FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI)); + additions = model(dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI)); + retractions = model(); + assertAuthorized("accept add because of existing statement", true); + } + + @Test + public void acceptDropBecauseOfExistingStatement() { + ontModel.add(objectStatement(PRIMARY_RESOURCE_URI, + FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI)); + additions = model(); + retractions = model(dataStatement(OTHER_RESOURCE_URI, + SOME_PREDICATE_URI)); + assertAuthorized("accept drop because of existing statement", true); + } + + /** + * This test is the whole reason for the funky model that lists statements + * in a known order. We need to know that the DataStatement is authorized + * even though it relies on an ObjectStatement that appears later in the + * list. + */ + @Test + public void acceptAddBecauseOfOtherAdd() { + additions = model( + dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI), + objectStatement(PRIMARY_RESOURCE_URI, FRIEND_PREDICATE_URI, + OTHER_RESOURCE_URI)); + retractions = model(); + assertAuthorized("accept add because of other add", true); + } + + @Test + public void acceptDropBecauseOfAdd() { + additions = model(objectStatement(PRIMARY_RESOURCE_URI, + FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI)); + retractions = model(dataStatement(OTHER_RESOURCE_URI, + SOME_PREDICATE_URI)); + assertAuthorized("accept drop because of add", true); + } + + // ---------------------------------------------------------------------- + // Helper methods + // ---------------------------------------------------------------------- + + /** Build a data statement. */ + private Statement dataStatement(String subjectUri, String predicateUri) { + Model model = ModelFactory.createDefaultModel(); + Resource subject = model.createResource(subjectUri); + Property predicate = model.createProperty(predicateUri); + return model.createStatement(subject, predicate, "whoCares?"); + } + + /** Build an object statement. */ + private Statement objectStatement(String subjectUri, String predicateUri, + String objectUri) { + Model model = ModelFactory.createDefaultModel(); + Resource subject = model.createResource(subjectUri); + Resource object = model.createResource(objectUri); + Property predicate = model.createProperty(predicateUri); + return model.createStatement(subject, predicate, object); + } + + /** Build a model. */ + private Model model(Statement... stmts) { + Model innerModel = ModelFactory.createDefaultModel(); + Model proxy = (Model) Proxy.newProxyInstance( + OrderedModelInvocationHandler.class.getClassLoader(), + new Class[] { Model.class }, new OrderedModelInvocationHandler( + innerModel)); + proxy.add(stmts); + return proxy; + } + + /** + * Check whether we are authorized to make the additions and retractions to + * the model. + */ + private void assertAuthorized(String message, boolean expected) { + boolean actual = PolicyHelper.isAuthorizedAsExpected(req, additions, + retractions, ontModel); + assertEquals(message, expected, actual); + } + + // ---------------------------------------------------------------------- + // Helper classes + // ---------------------------------------------------------------------- + + /** + * A model Proxy object built around this will list statements in the order + * they were added. + * + * This only works if the statements were added by a call to + * add(Statement[]), and if they are listed by a call to listStatements(). + * If the test used other methods to add statements, or if the PolicyHelper + * used a different method to query the model, we would not be assured of + * the order of the statements from the iterator. + */ + public static class OrderedModelInvocationHandler implements + InvocationHandler { + private final Model proxied; + private final List stmts = new ArrayList(); + + public OrderedModelInvocationHandler(Model proxied) { + this.proxied = proxied; + } + + @Override + public Object invoke(Object proxy, Method method, Object[] args) + throws Throwable { + if (method.getName().equals("add") && (args.length == 1) + && (args[0] instanceof Statement[])) { + stmts.addAll(Arrays.asList((Statement[]) args[0])); + return method.invoke(proxied, args); + } + if (method.getName().equals("listStatements") + && ((args == null) || (args.length == 0))) { + return new StatementListIterator(stmts); + } + + return method.invoke(proxied, args); + } + } + + /** + * A StmtIterator that iterates over a list of statements. + */ + public static class StatementListIterator extends NiceIterator + implements StmtIterator { + private final Iterator innerIterator; + + public StatementListIterator(List stmts) { + this.innerIterator = new ArrayList(stmts).iterator(); + } + + @Override + public Statement nextStatement() throws NoSuchElementException { + return next(); + } + + @Override + public boolean hasNext() { + return innerIterator.hasNext(); + } + + @Override + public Statement next() { + return innerIterator.next(); + } + + } + + /** + * A Policy that authorizes a statement iff (1) The subject is the primary + * resource, or (2) The subject is related to the primary resource by a + * "friend" property statement. + */ + private class MySimplePolicy implements PolicyIface { + @Override + public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, + RequestedAction whatToAuth) { + if (!(whatToAuth instanceof AbstractPropertyStatementAction)) { + return inconclusive(); + } + + AbstractPropertyStatementAction action = (AbstractPropertyStatementAction) whatToAuth; + + String subjectUri = action.getResourceUris()[0]; + if (PRIMARY_RESOURCE_URI.equals(subjectUri)) { + return authorized(); + } + + Statement friendStmt = objectStatement(PRIMARY_RESOURCE_URI, + FRIEND_PREDICATE_URI, subjectUri); + if (statementExists(action.getOntModel(), friendStmt)) { + return authorized(); + } + + return inconclusive(); + } + + private boolean statementExists(OntModel oModel, Statement stmt) { + StmtIterator stmts = oModel.listStatements(stmt.getSubject(), + stmt.getPredicate(), stmt.getObject()); + try { + return stmts.hasNext(); + } finally { + stmts.close(); + } + } + + private PolicyDecision authorized() { + return new BasicPolicyDecision(Authorization.AUTHORIZED, ""); + } + + private PolicyDecision inconclusive() { + return new BasicPolicyDecision(Authorization.INCONCLUSIVE, ""); + } + } + +} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java index 86da9b457..946c0eafd 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java @@ -12,7 +12,8 @@ import stubs.javax.servlet.ServletContextStub; import stubs.javax.servlet.http.HttpServletRequestStub; import stubs.javax.servlet.http.HttpSessionStub; -import com.hp.hpl.jena.rdf.model.Model; +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; import com.hp.hpl.jena.rdf.model.ModelFactory; import com.hp.hpl.jena.rdf.model.Property; import com.hp.hpl.jena.rdf.model.Resource; @@ -24,8 +25,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction; /** * Test the function of PolicyHelper in authorizing statements and models. @@ -39,6 +40,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { private ServletContextStub ctx; private HttpSessionStub session; private HttpServletRequestStub req; + private OntModel ontModel; @Before public void setup() { @@ -50,18 +52,20 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { req = new HttpServletRequestStub(); req.setSession(session); + ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM); + setLoggerLevel(ServletPolicyList.class, Level.WARN); ServletPolicyList.addPolicy(ctx, new MySimplePolicy()); } // ---------------------------------------------------------------------- - // Statement-level tests. + // The tests. // ---------------------------------------------------------------------- @Test public void addNullStatement() { assertEquals("null statement", false, - PolicyHelper.isAuthorizedToAdd(req, (Statement) null)); + PolicyHelper.isAuthorizedToAdd(req, null, ontModel)); } @Test @@ -69,29 +73,53 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("null request", false, - PolicyHelper.isAuthorizedToAdd(null, stmt)); + PolicyHelper.isAuthorizedToAdd(null, stmt, ontModel)); } @Test - public void addAuthorizedStatement() { + public void addStatementToNullModel() { + Statement stmt = dataStatement(APPROVED_SUBJECT_URI, + APPROVED_PREDICATE_URI); + assertEquals("authorized", false, + PolicyHelper.isAuthorizedToAdd(req, stmt, null)); + } + + @Test + public void addAuthorizedDataStatement() { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("authorized", true, - PolicyHelper.isAuthorizedToAdd(req, stmt)); + PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel)); } @Test - public void addUnauthorizedStatement() { + public void addAuthorizedObjectStatement() { + Statement stmt = objectStatement(APPROVED_SUBJECT_URI, + APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI); + assertEquals("authorized", true, + PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel)); + } + + @Test + public void addUnauthorizedDataStatement() { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI); assertEquals("not authorized", false, - PolicyHelper.isAuthorizedToAdd(req, stmt)); + PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel)); + } + + @Test + public void addUnauthorizedObjectStatement() { + Statement stmt = objectStatement(APPROVED_SUBJECT_URI, + UNAPPROVED_PREDICATE_URI, APPROVED_OBJECT_URI); + assertEquals("not authorized", false, + PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel)); } @Test public void dropNullStatement() { - assertEquals("null statement", false, - PolicyHelper.isAuthorizedToDrop(req, (Statement) null)); + assertEquals("null statement", false, PolicyHelper.isAuthorizedToDrop( + req, (Statement) null, ontModel)); } @Test @@ -99,103 +127,47 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("null request", false, - PolicyHelper.isAuthorizedToDrop(null, stmt)); + PolicyHelper.isAuthorizedToDrop(null, stmt, ontModel)); } @Test - public void dropAuthorizedStatement() { + public void dropStatementFromNullModel() { + Statement stmt = dataStatement(APPROVED_SUBJECT_URI, + APPROVED_PREDICATE_URI); + assertEquals("authorized", false, + PolicyHelper.isAuthorizedToDrop(req, stmt, null)); + } + + @Test + public void dropAuthorizedDataStatement() { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("authorized", true, - PolicyHelper.isAuthorizedToDrop(req, stmt)); + PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel)); } @Test - public void dropUnauthorizedStatement() { + public void dropAuthorizedObjectStatement() { + Statement stmt = objectStatement(APPROVED_SUBJECT_URI, + APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI); + assertEquals("authorized", true, + PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel)); + } + + @Test + public void dropUnauthorizedDataStatement() { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI); assertEquals("not authorized", false, - PolicyHelper.isAuthorizedToDrop(req, stmt)); - } - - // ---------------------------------------------------------------------- - // Model-level tests - // ---------------------------------------------------------------------- - - @Test - public void addNullModel() { - assertEquals("null statement", false, - PolicyHelper.isAuthorizedToAdd(req, (Model) null)); + PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel)); } @Test - public void addModelWithNullRequest() { - assertEquals("empty model", false, - PolicyHelper.isAuthorizedToAdd(null, model())); - } - - @Test - public void addEmptyModel() { - assertEquals("empty model", true, - PolicyHelper.isAuthorizedToAdd(req, model())); - } - - @Test - public void addAuthorizedModel() { - Model model = model( - dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI), - objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, - APPROVED_OBJECT_URI)); - assertEquals("authorized model", true, - PolicyHelper.isAuthorizedToAdd(req, model)); - } - - @Test - public void addUnauthorizedModel() { - Model model = model( - dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI), - objectStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI, - APPROVED_OBJECT_URI)); - assertEquals("unauthorized model", false, - PolicyHelper.isAuthorizedToAdd(req, model)); - } - - @Test - public void dropNullModel() { - assertEquals("null statement", false, - PolicyHelper.isAuthorizedToDrop(req, (Model) null)); - } - - @Test - public void dropModelWithNullRequest() { - assertEquals("empty model", false, - PolicyHelper.isAuthorizedToDrop(null, model())); - } - - @Test - public void dropEmptyModel() { - assertEquals("empty model", true, - PolicyHelper.isAuthorizedToDrop(req, model())); - } - - @Test - public void dropAuthorizedModel() { - Model model = model( - dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI), - objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, - APPROVED_OBJECT_URI)); - assertEquals("authorized model", true, - PolicyHelper.isAuthorizedToDrop(req, model)); - } - - @Test - public void dropUnauthorizedModel() { - Model model = model( - dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI), - objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, - APPROVED_OBJECT_URI)); - assertEquals("unauthorized model", false, - PolicyHelper.isAuthorizedToDrop(req, model)); + public void dropUnauthorizedObjectStatement() { + Statement stmt = objectStatement(APPROVED_SUBJECT_URI, + UNAPPROVED_PREDICATE_URI, APPROVED_OBJECT_URI); + assertEquals("not authorized", false, + PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel)); } // ---------------------------------------------------------------------- @@ -204,27 +176,18 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { /** Build a data statement. */ private Statement dataStatement(String subjectUri, String predicateUri) { - Model model = ModelFactory.createDefaultModel(); - Resource subject = model.createResource(subjectUri); - Property predicate = model.createProperty(predicateUri); - return model.createStatement(subject, predicate, "whoCares?"); + Resource subject = ontModel.createResource(subjectUri); + Property predicate = ontModel.createProperty(predicateUri); + return ontModel.createStatement(subject, predicate, "whoCares?"); } /** Build a object statement. */ private Statement objectStatement(String subjectUri, String predicateUri, String objectUri) { - Model model = ModelFactory.createDefaultModel(); - Resource subject = model.createResource(subjectUri); - Resource object = model.createResource(objectUri); - Property predicate = model.createProperty(predicateUri); - return model.createStatement(subject, predicate, object); - } - - /** Build a model. */ - private Model model(Statement... stmts) { - Model model = ModelFactory.createDefaultModel(); - model.add(stmts); - return model; + Resource subject = ontModel.createResource(subjectUri); + Resource object = ontModel.createResource(objectUri); + Property predicate = ontModel.createProperty(predicateUri); + return ontModel.createStatement(subject, predicate, object); } // ---------------------------------------------------------------------- @@ -235,17 +198,17 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { @Override public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, RequestedAction whatToAuth) { - if (whatToAuth instanceof AbstractDataPropertyAction) { - return isAuthorized((AbstractDataPropertyAction) whatToAuth); - } else if (whatToAuth instanceof AbstractObjectPropertyAction) { - return isAuthorized((AbstractObjectPropertyAction) whatToAuth); + if (whatToAuth instanceof AbstractDataPropertyStatementAction) { + return isAuthorized((AbstractDataPropertyStatementAction) whatToAuth); + } else if (whatToAuth instanceof AbstractObjectPropertyStatementAction) { + return isAuthorized((AbstractObjectPropertyStatementAction) whatToAuth); } else { return inconclusive(); } } private PolicyDecision isAuthorized( - AbstractDataPropertyAction whatToAuth) { + AbstractDataPropertyStatementAction whatToAuth) { if ((APPROVED_SUBJECT_URI.equals(whatToAuth.getSubjectUri())) && (APPROVED_PREDICATE_URI.equals(whatToAuth .getPredicateUri()))) { @@ -256,11 +219,11 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { } private PolicyDecision isAuthorized( - AbstractObjectPropertyAction whatToAuth) { - if ((APPROVED_SUBJECT_URI.equals(whatToAuth.uriOfSubject)) - && (APPROVED_PREDICATE_URI - .equals(whatToAuth.uriOfPredicate)) - && (APPROVED_OBJECT_URI.equals(whatToAuth.uriOfObject))) { + AbstractObjectPropertyStatementAction whatToAuth) { + if ((APPROVED_SUBJECT_URI.equals(whatToAuth.getSubjectUri())) + && (APPROVED_PREDICATE_URI.equals(whatToAuth + .getPredicateUri())) + && (APPROVED_OBJECT_URI.equals(whatToAuth.getObjectUri()))) { return authorized(); } else { return inconclusive(); diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java index 61da9cbe0..08da1960d 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java @@ -13,6 +13,11 @@ import org.junit.Test; import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub; import stubs.javax.servlet.ServletContextStub; + +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; +import com.hp.hpl.jena.rdf.model.ModelFactory; + import edu.cornell.mannlib.vitro.testing.AbstractTestClass; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; @@ -31,13 +36,11 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.CreateOwlC import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.DefineDataProperty; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.DefineObjectProperty; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.RemoveOwlClass; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl; import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; @@ -60,6 +63,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { private SelfEditingPolicy policy; private IdentifierBundle ids; private RequestedAction whatToAuth; + private OntModel ontModel; @Before public void setUp() throws Exception { @@ -75,6 +79,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass { ind.setURI(SELFEDITOR_URI); ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI)); + + ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM); } @Test @@ -88,75 +94,73 @@ public class SelfEditingPolicyTest extends AbstractTestClass { "http://mannlib.cornell.edu/bad#prp0020" }); PropertyRestrictionPolicyHelper.setBean(ctx, prph); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, "http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, "http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SELFEDITOR_URI); + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, + UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); // now with dataprop statements - whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, - "http://mannlib.cornell.edu/bad#prp234", "someString", null, - null); + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, + "http://mannlib.cornell.edu/bad#prp234"); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, - "http://mannlib.cornell.edu/bad#prp999", "someString", null, - null); + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, + "http://mannlib.cornell.edu/bad#prp999"); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - "someString", null, null); + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, - "someString", null, null); + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, + UNSAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @Test public void testVisitIdentifierBundleAddObjectPropStmt() { - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SELFEDITOR_URI); + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, + UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - UNSAFE_RESOURCE); + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -173,25 +177,25 @@ public class SelfEditingPolicyTest extends AbstractTestClass { // @Test public void testVisitIdentifierBundleDropObjectPropStmt() { - whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SELFEDITOR_URI); + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, + UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - UNSAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -214,55 +218,40 @@ public class SelfEditingPolicyTest extends AbstractTestClass { // @Test public void testVisitIdentifierBundleEditDataPropStmt() { - - DataPropertyStatement dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(SELFEDITOR_URI); - dps.setDatapropURI(SAFE_PREDICATE); - dps.setData("junk"); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI,SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(SELFEDITOR_URI); - dps.setDatapropURI(UNSAFE_PREDICATE); - dps.setData("junk"); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(UNSAFE_RESOURCE); - dps.setDatapropURI(SAFE_PREDICATE); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, UNSAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(SAFE_RESOURCE); - dps.setDatapropURI(SAFE_PREDICATE); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @Test public void testVisitIdentifierBundleEditObjPropStmt() { - whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SELFEDITOR_URI); + whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, + UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - UNSAFE_RESOURCE); + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -273,24 +262,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass { @Test public void twoSEIsFindObjectPropertySubject() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @Test public void twoSEIsFindObjectPropertyObject() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SELFEDITOR_URI); + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @Test public void twoSEIsDontFindInObjectProperty() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, - SAFE_RESOURCE); + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, + SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -298,11 +287,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { public void twoSEIsFindDataPropertySubject() { setUpTwoSEIs(); - DataPropertyStatement dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(SELFEDITOR_URI); - dps.setDatapropURI(SAFE_PREDICATE); - dps.setData("junk"); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @@ -310,11 +295,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { public void twoSEIsDontFindInDataProperty() { setUpTwoSEIs(); - DataPropertyStatement dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(SAFE_RESOURCE); - dps.setDatapropURI(SAFE_PREDICATE); - dps.setData("junk"); - whatToAuth = new EditDataPropStmt(dps); + whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java index 40d748341..0db89065f 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java @@ -15,6 +15,7 @@ import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestricti import stubs.javax.servlet.ServletContextStub; import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; import com.hp.hpl.jena.rdf.model.ModelFactory; import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler; @@ -26,11 +27,9 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile; import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl; import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; @@ -69,6 +68,14 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { /** A bundle that contains a SelfEditing individual. */ IdentifierBundle ids; + /** + * An empty model that acts as a placeholder in the requested actions. The + * SelfEditingPolicy does not base its decisions on the contents of the + * model. + */ + private OntModel ontModel; + + @Before public void setUp() throws Exception { InputStream is = getClass().getResourceAsStream( @@ -78,6 +85,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { // suppress the warning messages from loading the model. setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF); + // TODO This doesn't appear to be used for anything. Can it go away, along with the data file? OntModel model = ModelFactory.createOntologyModel(); model.read(is, ""); Assert.assertNotNull(model); @@ -96,6 +104,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI)); + ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM); + // setLoggerLevel(SelfEditingPolicySetupTest.class, Level.DEBUG); } @@ -112,8 +122,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { @Test public void nullIdentifierBundle() { - AddObjectPropStmt whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, - SAFE_PREDICATE, SAFE_RESOURCE); + AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement( + ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); PolicyDecision dec = policy.isAuthorized(null, whatToAuth); Assert.assertNotNull(dec); Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); @@ -261,13 +271,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { // ------------------------------------------------------------------------ /** - * Create an {@link AddObjectPropStmt}, test it, and compare to expected - * results. + * Create an {@link AddObjectPropertyStatement}, test it, and compare to + * expected results. */ private void assertAddObjectPropStmt(String uriOfSub, String uriOfPred, String uriOfObj, Authorization expectedAuthorization) { - AddObjectPropStmt whatToAuth = new AddObjectPropStmt(uriOfSub, - uriOfPred, uriOfObj); + AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement( + ontModel, uriOfSub, uriOfPred, uriOfObj); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec); @@ -275,13 +285,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { } /** - * Create an {@link EditObjPropStmt}, test it, and compare to expected - * results. + * Create an {@link EditObjectPropertyStatement}, test it, and compare to + * expected results. */ private void assertEditObjPropStmt(String uriOfSub, String uriOfPred, String uriOfObj, Authorization expectedAuthorization) { - EditObjPropStmt whatToAuth = new EditObjPropStmt(uriOfSub, uriOfPred, - uriOfObj); + EditObjectPropertyStatement whatToAuth = new EditObjectPropertyStatement( + ontModel, uriOfSub, uriOfPred, uriOfObj); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec); @@ -289,17 +299,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { } /** - * Create an {@link EditDataPropStmt}, test it, and compare to expected - * results. + * Create an {@link EditDataPropertyStatement}, test it, and compare to + * expected results. */ private void assertEditDataPropStmt(String individualURI, String datapropURI, String data, Authorization expectedAuthorization) { - DataPropertyStatement dps = new DataPropertyStatementImpl(); - dps.setIndividualURI(individualURI); - dps.setDatapropURI(datapropURI); - dps.setData(data); - - EditDataPropStmt whatToAuth = new EditDataPropStmt(dps); + EditDataPropertyStatement whatToAuth = new EditDataPropertyStatement( + ontModel, individualURI, datapropURI); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec); diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel_PropertyListConfigTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel_PropertyListConfigTest.java index cf405b7b0..9c92eb280 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel_PropertyListConfigTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel_PropertyListConfigTest.java @@ -135,8 +135,6 @@ public class ObjectPropertyTemplateModel_PropertyListConfigTest extends subject = new IndividualImpl(); - BaseTemplateModel.setServletContext(ctx); - Configuration fmConfig = new Configuration(); vreq.setAttribute("freemarkerConfig", fmConfig); tl = new TemplateLoaderStub(); diff --git a/webapp/web/WEB-INF/ontologies/app/ApplicationConfiguration.owl b/webapp/web/WEB-INF/ontologies/app/ApplicationConfiguration.owl new file mode 100644 index 000000000..87ef684d3 --- /dev/null +++ b/webapp/web/WEB-INF/ontologies/app/ApplicationConfiguration.owl @@ -0,0 +1,595 @@ + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + range is intended to be plain literal with language tag. + + + + + + + + + + + + + + + + + + + + + + + + + + + range is intended to be plain literal with language tag. + + + + + + + + + 'text/html' for html content + range is intended to be plain literal with a language tag. + + + + + + + + + + + + + + + + + + range is intended to be plain literal with language tag. + + + + + + + + + range is intended to be plain literal with language tag. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/webapp/web/WEB-INF/resources/permission_config.n3 b/webapp/web/WEB-INF/resources/permission_config.n3 index f9378222e..13bf22021 100644 --- a/webapp/web/WEB-INF/resources/permission_config.n3 +++ b/webapp/web/WEB-INF/resources/permission_config.n3 @@ -137,7 +137,6 @@ auth:SELF_EDITOR # For role-based display and editing, SelfEditor is like Public. # SelfEditor uses its special permissions to edit/display its own values. auth:hasPermission displayByRole:Public ; - auth:hasPermission editByRole:Public ; . auth:PUBLIC @@ -150,7 +149,4 @@ auth:PUBLIC # role-based permissions for PUBLIC auth:hasPermission displayByRole:Public ; - - # why are some properties declared editable by PUBLIC, but we don't want them to be. - # auth:hasPermission editByRole:Public ; . diff --git a/webapp/web/WEB-INF/web.xml b/webapp/web/WEB-INF/web.xml index f74ecde0e..ecc2e49de 100644 --- a/webapp/web/WEB-INF/web.xml +++ b/webapp/web/WEB-INF/web.xml @@ -1137,15 +1137,6 @@ /visualization - - authtest - edu.cornell.mannlib.vitro.webapp.auth.AuthTestController - - - authtest - /authtest - - primitiveRdfEdit edu.cornell.mannlib.vitro.webapp.controller.edit.PrimitiveRdfEdit