litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

merging trunk changes from r9590:9646 into dev branch

Browse source
This commit is contained in:
brianjlowe 2012-04-11 17:16:36 +00:00
commit 65c0898997
54 changed files with 2184 additions and 1045 deletions
Download patch file Download diff file Expand all files Collapse all files

110
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthTestController.java
View file

@ -1,110 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
/**
* Tests and gives info about the auth sysetm
*
* @author bdc34
*
*/
public class AuthTestController extends VitroHttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res )
throws IOException, ServletException{
super.doGet(req,res);
IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(req);
ServletOutputStream out = res.getOutputStream();
listIdentifiers(out,ids);
checkAuths(out,ids, getServletContext());
}
private void listIdentifiers(ServletOutputStream out, IdentifierBundle ids) throws IOException{
out.println("<h1>Identifiers: </h1>");
out.println("<table>");
for( Object obj: ids){
if( obj == null ){
out.println("<tr>obj was null</tr>");
continue;
}
out.println("<tr>");
out.println("<td>"+obj.getClass().getName() + "</td>");
out.println("<td>"+obj.toString() + "</td>");
out.println("</tr>");
}
out.println("</table>");
}
private void checkAuths(ServletOutputStream out, IdentifierBundle ids, ServletContext servletContext)
throws IOException{
PolicyList policy = ServletPolicyList.getPolicies(servletContext);
out.println("<h1>Authorization tests:</h1>");
if (policy.isEmpty()) {
out.println("No Policy objects found in ServletContext. ");
}
out.println("<table>");
for(RequestedAction action: actions){
out.println("<tr><td>"+action.getClass().getName()+"</td>");
try {
PolicyDecision pd = policy.isAuthorized(ids, action);
if( pd == null)
out.println("<td>ERROR: PolicyDecision was null</td><td/>");
else{
out.println("<td>"+ pd.getAuthorized() +"</td>");
out.println("<td>"+ pd.getMessage() +"</td>");
}
} catch (Exception e) {
out.println("<td> exception: " + e + "</td>");
e.printStackTrace();
}
}
out.println("</table>");
}
private static List<RequestedAction> actions = new ArrayList<RequestedAction>();
static{
actions.add(new AddDataPropStmt("http://some.non.existing.resource", "http://some.non.existing.dataproperty", "bogus value", null, null));
actions.add(new AddObjectPropStmt("http://vivo.library.cornell.edu/abox#entity11821","vitro:headOf","http://vivo.library.cornell.edu/abox#entity1"));
actions.add(new AddObjectPropStmt("http://vivo.library.cornell.edu/abox#entity123","vitro:headOf","http://vivo.library.cornell.edu/abox#entity1"));
// actions.add(new AddResource("http://bogus.REsourceType.uri","http://bogus.uri"));
// actions.add(new DropObjectPropStmt());
// actions.add(new DefineObjectProperty());
// actions.add(new DefineDataProperty());
// actions.add(new RemoveOwlClass());
// actions.add(new CreateOwlClass());
//
// actions.add(new AddNewUser());
// actions.add(new LoadOntology());
// actions.add(new RebuildTextIndex());
// actions.add(new RemoveUser());
// actions.add(new ServerStatus());
// actions.add(new UpdateTextIndex());
// actions.add(new UploadFile("http://uri.of.entity.to.associate/uploaded/file/with","http://uri.of.association.property"));
}
}

22
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/EditByRolePermission.java
View file

@ -9,8 +9,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
/**
@ -55,10 +55,10 @@ public class EditByRolePermission extends Permission {
public boolean isAuthorized(RequestedAction whatToAuth) {
boolean result;
if (whatToAuth instanceof AbstractDataPropertyAction) {
result = isAuthorized((AbstractDataPropertyAction) whatToAuth);
} else if (whatToAuth instanceof AbstractObjectPropertyAction) {
result = isAuthorized((AbstractObjectPropertyAction) whatToAuth);
if (whatToAuth instanceof AbstractDataPropertyStatementAction) {
result = isAuthorized((AbstractDataPropertyStatementAction) whatToAuth);
} else if (whatToAuth instanceof AbstractObjectPropertyStatementAction) {
result = isAuthorized((AbstractObjectPropertyStatementAction) whatToAuth);
} else {
result = false;
}
@ -76,7 +76,7 @@ public class EditByRolePermission extends Permission {
* The user may add, edit, or delete this data property if they are allowed
* to modify its subject and its predicate.
*/
private boolean isAuthorized(AbstractDataPropertyAction action) {
private boolean isAuthorized(AbstractDataPropertyStatementAction action) {
String subjectUri = action.getSubjectUri();
String predicateUri = action.getPredicateUri();
return canModifyResource(subjectUri)
@ -87,10 +87,10 @@ public class EditByRolePermission extends Permission {
* The user may add, edit, or delete this data property if they are allowed
* to modify its subject, its predicate, and its object.
*/
private boolean isAuthorized(AbstractObjectPropertyAction action) {
String subjectUri = action.getUriOfSubject();
String predicateUri = action.getUriOfPredicate();
String objectUri = action.getUriOfObject();
private boolean isAuthorized(AbstractObjectPropertyStatementAction action) {
String subjectUri = action.getSubjectUri();
String predicateUri = action.getPredicateUri();
String objectUri = action.getObjectUri();
return canModifyResource(subjectUri)
&& canModifyPredicate(predicateUri)
&& canModifyResource(objectUri);

14
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionRegistry.java
View file

@ -145,6 +145,11 @@ public class PermissionRegistry {
}
}
/**
* There is no DisplayByRolePermission for self-editors. They get the
* same rights as PUBLIC. Other permissions give them their self-editing
* privileges.
*/
private Collection<Permission> createDisplayByRolePermissions(
ServletContext ctx) {
List<Permission> list = new ArrayList<Permission>();
@ -159,13 +164,20 @@ public class PermissionRegistry {
return list;
}
/**
* There is no EditByRolePermission for PUBLIC or for self-editors. A
* property may be given an edit-level of "PUBLIC", but that may also
* simply be the default assigned to it when editing, and we don't want
* to recognize that.
*
* Other permissions give self-editors their editing privileges.
*/
private Collection<Permission> createEditByRolePermissions(
ServletContext ctx) {
List<Permission> list = new ArrayList<Permission>();
list.add(new EditByRolePermission("Admin", RoleLevel.DB_ADMIN, ctx));
list.add(new EditByRolePermission("Curator", RoleLevel.CURATOR, ctx));
list.add(new EditByRolePermission("Editor", RoleLevel.EDITOR, ctx));
list.add(new EditByRolePermission("Public", RoleLevel.PUBLIC, ctx));
return list;
}

224
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java
View file

@ -7,7 +7,10 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.Model;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import com.hp.hpl.jena.rdf.model.Property;
import com.hp.hpl.jena.rdf.model.RDFNode;
import com.hp.hpl.jena.rdf.model.Resource;
@ -19,10 +22,10 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
/**
* A collection of static methods to help determine whether requested actions
@ -60,35 +63,14 @@ public class PolicyHelper {
}
/**
* Do the current policies authorize the current user to add all of the
* statements in this model?
*/
public static boolean isAuthorizedToAdd(HttpServletRequest req, Model model) {
if ((req == null) || (model == null)) {
return false;
}
StmtIterator stmts = model.listStatements();
try {
while (stmts.hasNext()) {
if (!isAuthorizedToAdd(req, stmts.next())) {
return false;
}
}
return true;
} finally {
stmts.close();
}
}
/**
* Do the current policies authorize the current user to add this statement?
* Do the current policies authorize the current user to add this statement
* to this model?
*
* The statement is expected to be fully-populated, with no null fields.
*/
public static boolean isAuthorizedToAdd(HttpServletRequest req,
Statement stmt) {
if ((req == null) || (stmt == null)) {
Statement stmt, OntModel modelToBeModified) {
if ((req == null) || (stmt == null) || (modelToBeModified == null)) {
return false;
}
@ -101,46 +83,25 @@ public class PolicyHelper {
RequestedAction action;
if (objectNode.isResource()) {
action = new AddObjectPropStmt(subject.getURI(),
predicate.getURI(), objectNode.asResource().getURI());
action = new AddObjectPropertyStatement(modelToBeModified,
subject.getURI(), predicate.getURI(), objectNode
.asResource().getURI());
} else {
action = new AddDataPropStmt(subject.getURI(), predicate.getURI(),
objectNode.asLiteral());
action = new AddDataPropertyStatement(modelToBeModified,
subject.getURI(), predicate.getURI());
}
return isAuthorizedForActions(req, action);
}
/**
* Do the current policies authorize the current user to drop all of the
* statements in this model?
*/
public static boolean isAuthorizedToDrop(HttpServletRequest req, Model model) {
if ((req == null) || (model == null)) {
return false;
}
StmtIterator stmts = model.listStatements();
try {
while (stmts.hasNext()) {
if (!isAuthorizedToDrop(req, stmts.next())) {
return false;
}
}
return true;
} finally {
stmts.close();
}
}
/**
* Do the current policies authorize the current user to drop this
* statement?
* Do the current policies authorize the current user to drop this statement
* from this model?
*
* The statement is expected to be fully-populated, with no null fields.
*/
public static boolean isAuthorizedToDrop(HttpServletRequest req,
Statement stmt) {
if ((req == null) || (stmt == null)) {
Statement stmt, OntModel modelToBeModified) {
if ((req == null) || (stmt == null) || (modelToBeModified == null)) {
return false;
}
@ -153,15 +114,152 @@ public class PolicyHelper {
RequestedAction action;
if (objectNode.isResource()) {
action = new DropObjectPropStmt(subject.getURI(),
predicate.getURI(), objectNode.asResource().getURI());
action = new DropObjectPropertyStatement(modelToBeModified,
subject.getURI(), predicate.getURI(), objectNode
.asResource().getURI());
} else {
action = new DropDataPropStmt(subject.getURI(), predicate.getURI(),
objectNode.asLiteral());
action = new DropDataPropertyStatement(modelToBeModified,
subject.getURI(), predicate.getURI());
}
return isAuthorizedForActions(req, action);
}
/**
* Do the current policies authorize the current user to modify this model
* by adding all of the statments in the additions model and dropping all of
* the statements in the retractions model?
*
* This differs from the other calls to "isAuthorized..." because we always
* expect the answer to be true. If the answer is false, it should be logged
* as an error.
*
* Even if a statement fails the test, continue to test the others, so the
* log will contain a full record of all failures. This is no more expensive
* than if all statements succeeded.
*/
public static boolean isAuthorizedAsExpected(HttpServletRequest req,
Model additions, Model retractions, OntModel modelBeingModified) {
if (req == null) {
log.warn("Can't evaluate authorization if req is null");
return false;
}
if (additions == null) {
log.warn("Can't evaluate authorization if additions model is null");
return false;
}
if (retractions == null) {
log.warn("Can't evaluate authorization if retractions model is null");
return false;
}
if (modelBeingModified == null) {
log.warn("Can't evaluate authorization if model being modified is null");
return false;
}
/*
* The naive way to test the additions is to test each statement against
* the JenaOntModel. However, some of the statements may not be
* authorized unless others are added first. The client code should not
* need to know which sequence will be successful. The client code only
* cares that such a sequence does exist.
*
* There are 3 obvious ways to test this, ranging from the most rigorous
* (and most costly) to the least costly (and least rigorous).
*
* 1. Try all sequences to find one that works. First, try to add each
* statement to the modelBeingModified. If any statement succeeds,
* construct a temporary model that joins that statement to the
* modelBeingModified. Now try the remaining statements against that
* temporary model, adding the statement each time we are successful. If
* we eventually find all of the statements authorized, declare success.
* This is logically rigorous, but could become geometrically expensive
* as statements are repeatedly tried against incremented models. O(n!).
*
* 2. Try each statement on the assumption that all of the others have
* already been added. So for each statement we create a temporary
* modeol that joins the other additions to the JenaOntModel. If all
* statements pass this test, declare success. This is logically flawed
* since it is possible that two statements would circularly authorize
* each other, but that neither statement could be added first. However,
* that seems like a small risk, and the algorithm is considerably less
* expensive. O(n).
*
* 3. Try each statement on the assumption that all of the statements
* (including itself) have already been added. If all statements pass
* this test, declare success. This has the additional minor flaw of
* allowing a statement to authorize its own addition, but this seems
* very unlikely. This is about as expensive as choice 2., but much
* simpler to code.
*
* For now, I am going with choice 3.
*/
boolean result = true;
OntModel modelToTestAgainst = ModelFactory
.createOntologyModel(OntModelSpec.OWL_MEM);
modelToTestAgainst.addSubModel(additions);
modelToTestAgainst.addSubModel(modelBeingModified);
StmtIterator addStmts = additions.listStatements();
try {
while (addStmts.hasNext()) {
Statement stmt = addStmts.next();
if (isAuthorizedToAdd(req, stmt, modelToTestAgainst)) {
if (log.isDebugEnabled()) {
log.debug("Last-chance authorization check: "
+ "authorized to add statement: "
+ formatStatement(stmt));
}
} else {
log.warn("Last-chance authorization check reveals not "
+ "authorized to add statement: "
+ formatStatement(stmt));
result = false;
}
}
} finally {
addStmts.close();
}
/*
* For retractions, there is no such conundrum. Assume that all of the
* additions have been added, and check the authorization of each
* retraction.
*/
StmtIterator dropStmts = retractions.listStatements();
try {
while (dropStmts.hasNext()) {
Statement stmt = dropStmts.next();
if (isAuthorizedToDrop(req, stmt, modelToTestAgainst)) {
if (log.isDebugEnabled()) {
log.debug("Last-chance authorization check: "
+ "authorized to drop statement: "
+ formatStatement(stmt));
}
} else {
log.warn("Last-chance authorization check reveals not "
+ "authorized to drop statement: "
+ formatStatement(stmt));
result = false;
}
}
} finally {
dropStmts.close();
}
return result;
}
private static String formatStatement(Statement stmt) {
if (stmt == null) {
return "null statement";
}
return "<" + stmt.getSubject() + "> <" + stmt.getPredicate() + "> <"
+ stmt.getObject() + ">";
}
/**
* No need to instantiate this helper class - all methods are static.
*/

21
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java
View file

@ -10,9 +10,9 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
/**
@ -23,19 +23,20 @@ public class RestrictHomeMenuItemEditingPolicy implements PolicyIface {
@Override
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
RequestedAction whatToAuth) {
if (whatToAuth instanceof EditObjPropStmt) {
return isAuthorized((EditObjPropStmt) whatToAuth);
} else if (whatToAuth instanceof DropObjectPropStmt) {
return isAuthorized((DropObjectPropStmt) whatToAuth);
if (whatToAuth instanceof EditObjectPropertyStatement) {
return isAuthorized((EditObjectPropertyStatement) whatToAuth);
} else if (whatToAuth instanceof DropObjectPropertyStatement) {
return isAuthorized((DropObjectPropertyStatement) whatToAuth);
} else {
return notHandled();
}
}
private PolicyDecision isAuthorized(AbstractObjectPropertyAction whatToAuth) {
if (whatToAuth.getUriOfPredicate()
private PolicyDecision isAuthorized(
AbstractObjectPropertyStatementAction whatToAuth) {
if (whatToAuth.getPredicateUri()
.equals(DisplayVocabulary.HAS_ELEMENT)
&& whatToAuth.getUriOfObject().equals(
&& whatToAuth.getObjectUri().equals(
DisplayVocabulary.HOME_MENU_ITEM)) {
return notAuthorized();
} else {

22
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy.java
View file

@ -12,8 +12,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasAssociatedIndi
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractResourceAction;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
@ -44,14 +44,14 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements
return inconclusiveDecision("Not self-editing.");
}
if (whatToAuth instanceof AbstractObjectPropertyAction) {
if (whatToAuth instanceof AbstractObjectPropertyStatementAction) {
return isAuthorizedForObjectPropertyAction(userUris,
(AbstractObjectPropertyAction) whatToAuth);
(AbstractObjectPropertyStatementAction) whatToAuth);
}
if (whatToAuth instanceof AbstractDataPropertyAction) {
if (whatToAuth instanceof AbstractDataPropertyStatementAction) {
return isAuthorizedForDataPropertyAction(userUris,
(AbstractDataPropertyAction) whatToAuth);
(AbstractDataPropertyStatementAction) whatToAuth);
}
if (whatToAuth instanceof AbstractResourceAction) {
@ -67,10 +67,10 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements
* about him.
*/
private PolicyDecision isAuthorizedForObjectPropertyAction(
List<String> userUris, AbstractObjectPropertyAction action) {
String subject = action.getUriOfSubject();
String predicate = action.getUriOfPredicate();
String object = action.getUriOfObject();
List<String> userUris, AbstractObjectPropertyStatementAction action) {
String subject = action.getSubjectUri();
String predicate = action.getPredicateUri();
String object = action.getObjectUri();
if (!canModifyResource(subject)) {
return cantModifyResource(subject);
@ -94,7 +94,7 @@ public class SelfEditingPolicy extends BaseSelfEditingPolicy implements
* about him.
*/
private PolicyDecision isAuthorizedForDataPropertyAction(
List<String> userUris, AbstractDataPropertyAction action) {
List<String> userUris, AbstractDataPropertyStatementAction action) {
String subject = action.getSubjectUri();
String predicate = action.getPredicateUri();

3
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/bean/PropertyRestrictionPolicyHelper.java
View file

@ -46,8 +46,7 @@ public class PropertyRestrictionPolicyHelper {
.getLog(PropertyRestrictionPolicyHelper.class);
private static final Collection<String> PROHIBITED_NAMESPACES = Arrays
.asList(new String[] { VitroVocabulary.vitroURI,
VitroVocabulary.OWL, "" });
.asList(new String[] { VitroVocabulary.vitroURI, "" });
private static final Collection<String> PERMITTED_EXCEPTIONS = Arrays
.asList(new String[] {

150
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/AbstractRelationshipPolicy.java
View file

@ -2,30 +2,17 @@
package edu.cornell.mannlib.vitro.webapp.auth.policy.specialrelationships;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.rdf.model.Property;
import com.hp.hpl.jena.rdf.model.RDFNode;
import com.hp.hpl.jena.rdf.model.Resource;
import com.hp.hpl.jena.rdf.model.Selector;
import com.hp.hpl.jena.rdf.model.SimpleSelector;
import com.hp.hpl.jena.rdf.model.StmtIterator;
import com.hp.hpl.jena.shared.Lock;
import edu.cornell.mannlib.vitro.webapp.auth.policy.BasicPolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
/**
* A collection of building-block methods so we can code a policy based on the
@ -37,11 +24,9 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface {
.getLog(AbstractRelationshipPolicy.class);
protected final ServletContext ctx;
protected final OntModel model;
public AbstractRelationshipPolicy(ServletContext ctx, OntModel model) {
public AbstractRelationshipPolicy(ServletContext ctx) {
this.ctx = ctx;
this.model = model;
}
protected boolean canModifyResource(String uri) {
@ -54,133 +39,6 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface {
uri, RoleLevel.SELF);
}
protected boolean isResourceOfType(String resourceUri, String typeUri) {
Selector selector = createSelector(resourceUri,
VitroVocabulary.RDF_TYPE, typeUri);
StmtIterator stmts = null;
model.enterCriticalSection(Lock.READ);
try {
stmts = model.listStatements(selector);
if (stmts.hasNext()) {
log.debug("resource '" + resourceUri + "' is of type '"
+ typeUri + "'");
return true;
} else {
log.debug("resource '" + resourceUri + "' is not of type '"
+ typeUri + "'");
return false;
}
} finally {
if (stmts != null) {
stmts.close();
}
model.leaveCriticalSection();
}
}
protected List<String> getObjectsOfProperty(String resourceUri,
String propertyUri) {
List<String> list = new ArrayList<String>();
Selector selector = createSelector(resourceUri, propertyUri, null);
StmtIterator stmts = null;
model.enterCriticalSection(Lock.READ);
try {
stmts = model.listStatements(selector);
while (stmts.hasNext()) {
list.add(stmts.next().getObject().toString());
}
log.debug("Objects of property '" + propertyUri + "' on resource '"
+ resourceUri + "': " + list);
return list;
} finally {
if (stmts != null) {
stmts.close();
}
model.leaveCriticalSection();
}
}
protected List<String> getObjectsOfLinkedProperty(String resourceUri,
String linkUri, String propertyUri) {
List<String> list = new ArrayList<String>();
Selector selector = createSelector(resourceUri, linkUri, null);
StmtIterator stmts = null;
model.enterCriticalSection(Lock.READ);
try {
stmts = model.listStatements(selector);
while (stmts.hasNext()) {
RDFNode objectNode = stmts.next().getObject();
if (objectNode.isResource()) {
log.debug("found authorship for '" + resourceUri + "': "
+ objectNode);
list.addAll(getUrisOfAuthors(objectNode.asResource(),
propertyUri));
}
}
log.debug("Objects of linked properties '" + linkUri + "' ==> '"
+ propertyUri + "' on '" + resourceUri + "': " + list);
return list;
} finally {
if (stmts != null) {
stmts.close();
}
model.leaveCriticalSection();
}
}
/** Note that we must already be in a critical section! */
private List<String> getUrisOfAuthors(Resource authorship,
String propertyUri) {
List<String> list = new ArrayList<String>();
Selector selector = createSelector(authorship, propertyUri, null);
StmtIterator stmts = null;
try {
stmts = model.listStatements(selector);
while (stmts.hasNext()) {
list.add(stmts.next().getObject().toString());
}
return list;
} finally {
if (stmts != null) {
stmts.close();
}
}
}
protected Selector createSelector(String subjectUri, String predicateUri,
String objectUri) {
Resource subject = (subjectUri == null) ? null : model
.getResource(subjectUri);
return createSelector(subject, predicateUri, objectUri);
}
protected Selector createSelector(Resource subject, String predicateUri,
String objectUri) {
Property predicate = (predicateUri == null) ? null : model
.getProperty(predicateUri);
RDFNode object = (objectUri == null) ? null : model
.getResource(objectUri);
return new SimpleSelector(subject, predicate, object);
}
protected boolean anyUrisInCommon(List<String> userUris,
List<String> editorsOrAuthors) {
for (String userUri : userUris) {
if (editorsOrAuthors.contains(userUri)) {
return true;
}
}
return false;
}
protected PolicyDecision cantModifyResource(String uri) {
return inconclusiveDecision("No access to admin resources; cannot modify "
+ uri);
@ -201,10 +59,4 @@ public abstract class AbstractRelationshipPolicy implements PolicyIface {
.getSimpleName() + ": " + message);
}
/** An AUTHORIZED decision with a message like "PolicyClass: message". */
protected PolicyDecision authorizedDecision(String message) {
return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass()
.getSimpleName() + ": " + message);
}
}

172
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/specialrelationships/RelationshipChecker.java Normal file
View file

@ -0,0 +1,172 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.policy.specialrelationships;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.rdf.model.Property;
import com.hp.hpl.jena.rdf.model.RDFNode;
import com.hp.hpl.jena.rdf.model.Resource;
import com.hp.hpl.jena.rdf.model.Selector;
import com.hp.hpl.jena.rdf.model.SimpleSelector;
import com.hp.hpl.jena.rdf.model.StmtIterator;
import com.hp.hpl.jena.shared.Lock;
import edu.cornell.mannlib.vitro.webapp.auth.policy.BasicPolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
/**
* Look for relationships within an OntModel. Types of resources, links between
* resources, and links between resources via a context node.
*
* Also provides some convenience methods for test lists of URIs and for
* creating PolicyDecisions.
*/
public class RelationshipChecker {
private static final Log log = LogFactory.getLog(RelationshipChecker.class);
private final OntModel ontModel;
public RelationshipChecker(OntModel ontModel) {
this.ontModel = ontModel;
}
/**
* Are there any URIs that appear in both of these lists?
*/
public boolean anyUrisInCommon(List<String> list1, List<String> list2) {
List<String> urisInCommon = new ArrayList<String>(list1);
urisInCommon.retainAll(list2);
return !urisInCommon.isEmpty();
}
/**
* Is this resource a member of this type? That is, is there an statement of
* the form: <resourceUri> rdfs:type <typeUri>
*/
public boolean isResourceOfType(String resourceUri, String typeUri) {
Selector selector = createSelector(resourceUri,
VitroVocabulary.RDF_TYPE, typeUri);
StmtIterator stmts = null;
ontModel.enterCriticalSection(Lock.READ);
try {
stmts = ontModel.listStatements(selector);
if (stmts.hasNext()) {
log.debug("resource '" + resourceUri + "' is of type '"
+ typeUri + "'");
return true;
} else {
log.debug("resource '" + resourceUri + "' is not of type '"
+ typeUri + "'");
return false;
}
} finally {
if (stmts != null) {
stmts.close();
}
ontModel.leaveCriticalSection();
}
}
/**
* Get a list of the object URIs that satisfy this statement:
*
* <resourceUri> <propertyUri> <objectUri>
*
* May return an empty list, but never returns null.
*/
public List<String> getObjectsOfProperty(String resourceUri,
String propertyUri) {
List<String> list = new ArrayList<String>();
Selector selector = createSelector(resourceUri, propertyUri, null);
StmtIterator stmts = null;
ontModel.enterCriticalSection(Lock.READ);
try {
stmts = ontModel.listStatements(selector);
while (stmts.hasNext()) {
list.add(stmts.next().getObject().toString());
}
log.debug("Objects of property '" + propertyUri + "' on resource '"
+ resourceUri + "': " + list);
return list;
} finally {
if (stmts != null) {
stmts.close();
}
ontModel.leaveCriticalSection();
}
}
/**
* Get a list of the object URIs that satisfy these statements:
*
* <resourceUri> <linkUri> <contextNodeUri>
*
* <contextNodeUri> <propertyUri> <objectUri>
*
* May return an empty list, but never returns null.
*/
public List<String> getObjectsOfLinkedProperty(String resourceUri,
String linkUri, String propertyUri) {
List<String> list = new ArrayList<String>();
Selector selector = createSelector(resourceUri, linkUri, null);
StmtIterator stmts = null;
ontModel.enterCriticalSection(Lock.READ);
try {
stmts = ontModel.listStatements(selector);
while (stmts.hasNext()) {
RDFNode contextNode = stmts.next().getObject();
if (contextNode.isResource()) {
log.debug("found context node for '" + resourceUri + "': "
+ contextNode);
list.addAll(getObjectsOfProperty(contextNode.asResource()
.getURI(), propertyUri));
}
}
log.debug("Objects of linked properties '" + linkUri + "' ==> '"
+ propertyUri + "' on '" + resourceUri + "': " + list);
return list;
} finally {
if (stmts != null) {
stmts.close();
}
ontModel.leaveCriticalSection();
}
}
public Selector createSelector(String subjectUri, String predicateUri,
String objectUri) {
Resource subject = (subjectUri == null) ? null : ontModel
.getResource(subjectUri);
return createSelector(subject, predicateUri, objectUri);
}
public Selector createSelector(Resource subject, String predicateUri,
String objectUri) {
Property predicate = (predicateUri == null) ? null : ontModel
.getProperty(predicateUri);
RDFNode object = (objectUri == null) ? null : ontModel
.getResource(objectUri);
return new SimpleSelector(subject, predicate, object);
}
/** An AUTHORIZED decision with a message like "PolicyClass: message". */
protected PolicyDecision authorizedDecision(String message) {
return new BasicPolicyDecision(Authorization.AUTHORIZED, getClass()
.getSimpleName() + ": " + message);
}
}

5
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayDataProperty.java
View file

@ -16,4 +16,9 @@ public class DisplayDataProperty extends RequestedAction {
public DataProperty getDataProperty() {
return dataProperty;
}
@Override
public String toString() {
return "DisplayDataProperty[" + dataProperty + "]";
}
}

5
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/display/DisplayObjectProperty.java
View file

@ -16,4 +16,9 @@ public class DisplayObjectProperty extends RequestedAction {
public ObjectProperty getObjectProperty() {
return objectProperty;
}
@Override
public String toString() {
return "DisplayObjectProperty[" + objectProperty.getLocalName() + "]";
}
}

32
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyAction.java
View file

@ -1,32 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
/**
* A base class for requestion actions that relate to data properties.
*/
public abstract class AbstractDataPropertyAction extends RequestedAction {
private final String subjectUri;
private final String predicateUri;
public AbstractDataPropertyAction(String subjectUri, String predicateUri) {
this.subjectUri = subjectUri;
this.predicateUri = predicateUri;
}
public String getSubjectUri() {
return subjectUri;
}
public String getPredicateUri() {
return predicateUri;
}
@Override
public String toString() {
return getClass().getSimpleName() + ": <" + subjectUri + "> <"
+ predicateUri + ">";
}
}

52
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java Normal file
View file

@ -0,0 +1,52 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
/**
* A base class for requested actions that involve adding, editing, or dropping
* data property statements from a model.
*/
public abstract class AbstractDataPropertyStatementAction extends
AbstractPropertyStatementAction {
private final String subjectUri;
private final String predicateUri;
public AbstractDataPropertyStatementAction(OntModel ontModel,
String subjectUri, String predicateUri) {
super(ontModel);
this.subjectUri = subjectUri;
this.predicateUri = predicateUri;
}
public AbstractDataPropertyStatementAction(OntModel ontModel,
DataPropertyStatement dps) {
super(ontModel);
this.subjectUri = (dps.getIndividual() == null) ? dps
.getIndividualURI() : dps.getIndividual().getURI();
this.predicateUri = dps.getDatapropURI();
}
public String getSubjectUri() {
return subjectUri;
}
@Override
public String getPredicateUri() {
return predicateUri;
}
@Override
public String[] getResourceUris() {
return new String[] {subjectUri};
}
@Override
public String toString() {
return getClass().getSimpleName() + ": <" + subjectUri + "> <"
+ predicateUri + ">";
}
}

40
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyAction.java
View file

@ -1,40 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
/**
* A base class for requested actions that involve manipulating an object
* property.
*/
public abstract class AbstractObjectPropertyAction extends RequestedAction {
public final String uriOfSubject;
public final String uriOfPredicate;
public final String uriOfObject;
public AbstractObjectPropertyAction(String uriOfSubject, String uriOfPredicate,
String uriOfObject) {
this.uriOfSubject = uriOfSubject;
this.uriOfPredicate = uriOfPredicate;
this.uriOfObject = uriOfObject;
}
public String getUriOfSubject() {
return uriOfSubject;
}
public String getUriOfPredicate() {
return uriOfPredicate;
}
public String getUriOfObject() {
return uriOfObject;
}
@Override
public String toString() {
return this.getClass().getSimpleName() + ": <" + uriOfSubject + "> <"
+ uriOfPredicate + "> <" + uriOfObject + ">";
}
}

60
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java Normal file
View file

@ -0,0 +1,60 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
/**
* A base class for requested actions that involve adding, editing, or deleting
* object property statements from a model.
*/
public abstract class AbstractObjectPropertyStatementAction extends
AbstractPropertyStatementAction {
private final String subjectUri;
private final String predicateUri;
private final String objectUri;
public AbstractObjectPropertyStatementAction(OntModel ontModel, String subjectUri,
String predicateUri, String objectUri) {
super(ontModel);
this.subjectUri = subjectUri;
this.predicateUri = predicateUri;
this.objectUri = objectUri;
}
public AbstractObjectPropertyStatementAction(OntModel ontModel, ObjectPropertyStatement ops) {
super(ontModel);
this.subjectUri = (ops.getSubject() == null) ? ops.getSubjectURI()
: ops.getSubject().getURI();
this.predicateUri = (ops.getProperty() == null) ? ops.getPropertyURI()
: ops.getProperty().getURI();
this.objectUri = (ops.getObject() == null) ? ops.getObjectURI() : ops
.getObject().getURI();
}
public String getSubjectUri() {
return subjectUri;
}
public String getObjectUri() {
return objectUri;
}
@Override
public String getPredicateUri() {
return predicateUri;
}
@Override
public String[] getResourceUris() {
return new String[] {subjectUri, objectUri};
}
@Override
public String toString() {
return this.getClass().getSimpleName() + ": <" + subjectUri + "> <"
+ predicateUri + "> <" + objectUri + ">";
}
}

31
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java Normal file
View file

@ -0,0 +1,31 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
/**
* A base class for requested actions that involve adding, editing, or deleting
* statements from a model.
*/
public abstract class AbstractPropertyStatementAction extends RequestedAction {
private final OntModel ontModel;
public AbstractPropertyStatementAction(OntModel ontModel) {
this.ontModel = ontModel;
}
public OntModel getOntModel() {
return ontModel;
}
/**
* Get the URI of the Resources that are involved in this statement. Those
* are the Subject, and the Object if this is an ObjectProperty request.
*/
public abstract String[] getResourceUris();
public abstract String getPredicateUri();
}

38
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropStmt.java
View file

@ -1,38 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.rdf.model.Literal;
/** Should we allow the user to add this DataPropertyStatement? */
public class AddDataPropStmt extends AbstractDataPropertyAction {
protected String data;
protected String dataType;
protected String lang;
public AddDataPropStmt(String subjectUri, String predicateUri, String value, String dataType, String lang) {
super(subjectUri, predicateUri);
this.data= value;
this.dataType = dataType;
this.lang = lang;
}
public AddDataPropStmt(String subjectUri, String predicateUri, Literal literal) {
super(subjectUri, predicateUri);
this.data= literal.getValue().toString();
this.dataType = literal.getDatatypeURI();
this.lang = literal.getLanguage();
}
public String getData() {
return data;
}
public String getDataType() {
return dataType;
}
public String getLang() {
return lang;
}
}

24
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java Normal file
View file

@ -0,0 +1,24 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
/**
* Should we allow the user to add this DataPropertyStatement to this model?
*/
public class AddDataPropertyStatement extends
AbstractDataPropertyStatementAction {
public AddDataPropertyStatement(OntModel ontModel, String subjectUri,
String predicateUri) {
super(ontModel, subjectUri, predicateUri);
}
public AddDataPropertyStatement(OntModel ontModel, DataPropertyStatement dps) {
super(ontModel, dps);
}
}

11
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropStmt.java
View file

@ -1,11 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
/** Should we allow the user to add this ObjectPropertyStatement? */
public class AddObjectPropStmt extends AbstractObjectPropertyAction {
public AddObjectPropStmt(String uriOfSub, String uriOfPred, String uriOfObj) {
super(uriOfSub, uriOfPred, uriOfObj);
}
}

23
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java Normal file
View file

@ -0,0 +1,23 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
/**
* Should we allow the user to add this ObjectPropertyStatement to this model?
*/
public class AddObjectPropertyStatement extends
AbstractObjectPropertyStatementAction {
public AddObjectPropertyStatement(OntModel ontModel, String uriOfSub,
String uriOfPred, String uriOfObj) {
super(ontModel, uriOfSub, uriOfPred, uriOfObj);
}
public AddObjectPropertyStatement(OntModel ontModel,
ObjectPropertyStatement ops) {
super(ontModel, ops);
}
}

41
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropStmt.java
View file

@ -1,41 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.rdf.model.Literal;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
/** Should we allow the user to delete this DataPropertyStatement? */
public class DropDataPropStmt extends AbstractDataPropertyAction {
private final DataPropertyStatement dataPropStmt;
public DropDataPropStmt(DataPropertyStatement dps){
super(dps.getIndividualURI(),dps.getDatapropURI() );
this.dataPropStmt = dps;
}
public DropDataPropStmt(String subjectUri, String predicateUri, String data) {
super(subjectUri, predicateUri);
dataPropStmt = new DataPropertyStatementImpl();
dataPropStmt.setIndividualURI(subjectUri);
dataPropStmt.setDatapropURI(predicateUri);
dataPropStmt.setData(data);
}
public DropDataPropStmt(String subjectUri, String predicateUri, Literal data) {
super(subjectUri, predicateUri);
dataPropStmt = new DataPropertyStatementImpl();
dataPropStmt.setIndividualURI(subjectUri);
dataPropStmt.setDatapropURI(predicateUri);
dataPropStmt.setData(data.getValue().toString());
}
public String data(){ return dataPropStmt.getData(); }
public String lang(){ return dataPropStmt.getLanguage(); }
public String datatype(){return dataPropStmt.getDatatypeURI(); }
// TODO: needs to be fixed to work with lang/datatype literals
}

25
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java Normal file
View file

@ -0,0 +1,25 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
/**
* Should we allow the user to delete this DataPropertyStatement from this
* model?
*/
public class DropDataPropertyStatement extends
AbstractDataPropertyStatementAction {
public DropDataPropertyStatement(OntModel ontModel, String subjectUri,
String predicateUri) {
super(ontModel, subjectUri, predicateUri);
}
public DropDataPropertyStatement(OntModel ontModel,
DataPropertyStatement dps) {
super(ontModel, dps);
}
}

11
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropStmt.java
View file

@ -1,11 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
/** Should we allow the user to delete this ObjectPropertyStatement? */
public class DropObjectPropStmt extends AbstractObjectPropertyAction {
public DropObjectPropStmt(String sub, String pred, String obj) {
super(sub, pred, obj);
}
}

24
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java Normal file
View file

@ -0,0 +1,24 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
/**
* Should we allow the user to delete this ObjectPropertyStatement from this
* model?
*/
public class DropObjectPropertyStatement extends
AbstractObjectPropertyStatementAction {
public DropObjectPropertyStatement(OntModel ontModel, String sub,
String pred, String obj) {
super(ontModel, sub, pred, obj);
}
public DropObjectPropertyStatement(OntModel ontModel,
ObjectPropertyStatement ops) {
super(ontModel, ops);
}
}

21
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropStmt.java
View file

@ -1,21 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
/** Should we allow the user to edit this DataPropertyStatement? */
public class EditDataPropStmt extends AbstractDataPropertyAction {
private final DataPropertyStatement dataPropStmt;
public EditDataPropStmt(DataPropertyStatement dps){
super(dps.getIndividualURI(), dps.getDatapropURI());
this.dataPropStmt = dps;
}
public String data(){ return dataPropStmt.getData(); }
public String lang(){ return dataPropStmt.getLanguage(); }
public String datatype(){return dataPropStmt.getDatatypeURI(); }
}

23
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java Normal file
View file

@ -0,0 +1,23 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
/**
* Should we allow the user to edit this DataPropertyStatement in this model?
*/
public class EditDataPropertyStatement extends
AbstractDataPropertyStatementAction {
public EditDataPropertyStatement(OntModel ontModel, String subjectUri,
String predicateUri) {
super(ontModel, subjectUri, predicateUri);
}
public EditDataPropertyStatement(OntModel ontModel,
DataPropertyStatement dps) {
super(ontModel, dps);
}
}

19
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjPropStmt.java
View file

@ -1,19 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
/** Should we allow the user to edit this ObjectPropertyStatement? */
public class EditObjPropStmt extends AbstractObjectPropertyAction {
public EditObjPropStmt(ObjectPropertyStatement ops) {
super(ops.getSubjectURI(), ops.getPropertyURI(), ops.getObjectURI());
}
public EditObjPropStmt(String subjectUri, String keywordPredUri,
String objectUri) {
super(subjectUri, keywordPredUri, objectUri);
}
}

23
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java Normal file
View file

@ -0,0 +1,23 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
/**
* Should we allow the user to edit this ObjectPropertyStatement in this model?
*/
public class EditObjectPropertyStatement extends
AbstractObjectPropertyStatementAction {
public EditObjectPropertyStatement(OntModel ontModel, String subjectUri,
String keywordPredUri, String objectUri) {
super(ontModel, subjectUri, keywordPredUri, objectUri);
}
public EditObjectPropertyStatement(OntModel ontModel,
ObjectPropertyStatement ops) {
super(ontModel, ops);
}
}

7
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java
View file

@ -21,7 +21,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
@ -58,7 +58,7 @@ public class ShowAuthController extends FreemarkerHttpServlet {
private List<Identifier> getSortedIdentifiers(VitroRequest vreq) {
Map<String, Identifier> idMap = new TreeMap<String, Identifier>();
for (Identifier id: RequestIdentifiers.getIdBundleForRequest(vreq)) {
for (Identifier id : RequestIdentifiers.getIdBundleForRequest(vreq)) {
idMap.put(id.toString(), id);
}
return new ArrayList<Identifier>(idMap.values());
@ -89,7 +89,8 @@ public class ShowAuthController extends FreemarkerHttpServlet {
* this individual?
*/
private boolean mayEditIndividual(VitroRequest vreq, String individualUri) {
RequestedAction action = new EditObjPropStmt(individualUri,
RequestedAction action = new EditObjectPropertyStatement(
vreq.getJenaOntModel(), individualUri,
RequestActionConstants.SOME_URI,
RequestActionConstants.SOME_URI);
return PolicyHelper.isAuthorizedForActions(vreq, action);

2
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java
View file

@ -32,7 +32,7 @@ public class PrimitiveRdfEdit extends VitroAjaxController {
private static final long serialVersionUID = 1L;
//Using the same setsup as primitive delete
//Using the same setup as primitive delete
@Override
protected Actions requiredActions(VitroRequest vreq) {
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;

3
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerSetup.java
View file

@ -9,8 +9,6 @@ import javax.servlet.ServletContextListener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel;
public class FreemarkerSetup implements ServletContextListener {
private static final Log log = LogFactory.getLog(FreemarkerSetup.class);
@ -18,7 +16,6 @@ public class FreemarkerSetup implements ServletContextListener {
@Override
public void contextInitialized(ServletContextEvent event) {
ServletContext sc = event.getServletContext();
BaseTemplateModel.setServletContext(sc);
FreemarkerComponentGenerator.setServletContext(sc);
UrlBuilder.contextPath = sc.getContextPath();

20
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java
View file

@ -19,9 +19,9 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@ -138,14 +138,16 @@ public class ImageUploadController extends FreemarkerHttpServlet {
RequestedAction ra;
if (ACTION_DELETE.equals(action)
|| ACTION_DELETE_EDIT.equals(action)) {
ra = new DropObjectPropStmt(entity.getURI(),
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
ra = new DropObjectPropertyStatement(vreq.getJenaOntModel(),
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
imageUri);
} else if (imageUri != null) {
ra = new EditObjPropStmt(entity.getURI(),
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
ra = new EditObjectPropertyStatement(vreq.getJenaOntModel(),
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
imageUri);
} else {
ra = new AddObjectPropStmt(entity.getURI(),
VitroVocabulary.IND_MAIN_IMAGE,
ra = new AddObjectPropertyStatement(vreq.getJenaOntModel(),
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
RequestActionConstants.SOME_URI);
}
return new Actions(ra);

2
webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/configuration/generators/RDFSLabelGenerator.java
View file

@ -45,7 +45,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
*/
public class RDFSLabelGenerator implements EditConfigurationGenerator {
private Log log = LogFactory.getLog(DefaultObjectPropertyFormGenerator.class);
private Log log = LogFactory.getLog(RDFSLabelGenerator.class);
private String subjectUri = null;
private String predicateUri = null;

2
webapp/src/edu/cornell/mannlib/vitro/webapp/filestorage/serving/FileServingServlet.java
View file

@ -110,7 +110,7 @@ public class FileServingServlet extends VitroHttpServlet {
in = fileStorage.getInputStream(fileInfo.getBytestreamUri(),
actualFilename);
} catch (FileNotFoundException e) {
log.error(e, e);
log.error("Expected file doesn't exist: " + e);
response.sendError(SC_INTERNAL_SERVER_ERROR, e.toString());
return;
}

12
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/BaseTemplateModel.java
View file

@ -4,8 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.web.templatemodels;
import java.util.Map;
import javax.servlet.ServletContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -20,8 +18,6 @@ public abstract class BaseTemplateModel {
private static final String URI_CHARACTERS =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~:/?#[]@!$&%'()*+,;=";
protected static ServletContext servletContext;
// Convenience method so subclasses can call getUrl(path)
protected String getUrl(String path) {
return UrlBuilder.getUrl(path);
@ -73,12 +69,4 @@ public abstract class BaseTemplateModel {
AntiScript.cleanMapValues(map);
}
protected static ServletContext getServletContext() {
return servletContext;
}
public static void setServletContext(ServletContext context) {
servletContext = context;
}
}

2
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/edit/EditConfigurationTemplateModel.java
View file

@ -450,7 +450,7 @@ public class EditConfigurationTemplateModel extends BaseTemplateModel {
predicateUri,
objectKey,
statementDisplay,
false, null, vreq);
null, vreq);
ReadOnlyBeansWrapper wrapper = new ReadOnlyBeansWrapper();
return wrapper.wrap(osm);
}

23
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java
View file

@ -6,6 +6,8 @@ import java.util.Collection;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletContext;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -15,8 +17,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
@ -37,12 +39,14 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
protected final Individual individual;
protected final LoginStatusBean loginStatusBean;
protected final VitroRequest vreq;
private final ServletContext ctx;
private final boolean editing;
protected GroupedPropertyList propertyList;
public BaseIndividualTemplateModel(Individual individual, VitroRequest vreq) {
this.vreq = vreq;
this.ctx = vreq.getSession().getServletContext();
this.individual = individual;
this.loginStatusBean = LoginStatusBean.getBean(vreq);
// Needed for getting portal-sensitive urls. Remove if multi-portal support is removed.
@ -54,7 +58,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
boolean isVClass = individual.isVClass(vClassUri);
// If reasoning is asynchronous (under RDB), this inference may not have been made yet.
// Check the superclasses of the individual's vclass.
SimpleReasoner simpleReasoner = (SimpleReasoner)getServletContext().getAttribute(SimpleReasoner.class.getName());
SimpleReasoner simpleReasoner = (SimpleReasoner) ctx.getAttribute(SimpleReasoner.class.getName());
if (!isVClass && simpleReasoner != null && simpleReasoner.isABoxReasoningAsynchronous()) {
log.debug("Checking superclasses to see if individual is a " + vClassUri + " because reasoning is asynchronous");
List<VClass> directVClasses = individual.getVClasses(true);
@ -108,10 +112,11 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
* an object property to the Individual being shown.
*/
public boolean isEditable() {
AddDataPropStmt adps = new AddDataPropStmt(individual.getURI(),
RequestActionConstants.SOME_URI,
RequestActionConstants.SOME_LITERAL, null, null);
AddObjectPropStmt aops = new AddObjectPropStmt(individual.getURI(),
AddDataPropertyStatement adps = new AddDataPropertyStatement(
vreq.getJenaOntModel(), individual.getURI(),
RequestActionConstants.SOME_URI);
AddObjectPropertyStatement aops = new AddObjectPropertyStatement(
vreq.getJenaOntModel(), individual.getURI(),
RequestActionConstants.SOME_URI,
RequestActionConstants.SOME_URI);
return PolicyHelper.isAuthorizedForActions(vreq, new Actions(adps).or(aops));
@ -127,7 +132,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
* are handled like ordinary ObjectProperty instances.
*/
public NameStatementTemplateModel getNameStatement() {
return new NameStatementTemplateModel(getUri(), vreq, editing);
return new NameStatementTemplateModel(getUri(), vreq);
}
/* These methods simply forward to the methods of the wrapped individual. It would be desirable to
@ -216,7 +221,7 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
public String selfEditingId() {
String id = null;
String idMatchingProperty =
ConfigurationProperties.getBean(getServletContext()).getProperty("selfEditing.idMatchingProperty");
ConfigurationProperties.getBean(ctx).getProperty("selfEditing.idMatchingProperty");
if (! StringUtils.isBlank(idMatchingProperty)) {
WebappDaoFactory wdf = vreq.getUnfilteredWebappDaoFactory();
Collection<DataPropertyStatement> ids =

2
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java
View file

@ -218,7 +218,7 @@ public class CollatedObjectPropertyTemplateModel extends ObjectPropertyTemplateM
}
listForThisSubclass.add(new ObjectPropertyStatementTemplateModel(subjectUri,
propertyUri, objectKey, map, editing, getTemplateName(), vreq));
propertyUri, objectKey, map, getTemplateName(), vreq));
}

104
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java
View file

@ -9,8 +9,8 @@ import com.hp.hpl.jena.rdf.model.Literal;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@ -20,97 +20,61 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.processEdit.RdfLiteralHash;
public class DataPropertyStatementTemplateModel extends PropertyStatementTemplateModel {
private static final Log log = LogFactory.getLog(DataPropertyStatementTemplateModel.class);
private static final String EDIT_PATH = "editRequestDispatch";
protected String value;
private final Literal literalValue;
private final String deleteUrl;
private final String editUrl;
//Extended to include vitro request to check for special parameters
public DataPropertyStatementTemplateModel(String subjectUri, String propertyUri,
Literal literal, boolean editing, VitroRequest vreq) {
Literal literal, VitroRequest vreq) {
super(subjectUri, propertyUri, vreq);
//attempt to strip any odd HTML
this.value = cleanTextForDisplay( literal.getLexicalForm() );
setEditUrls(literal, editing, propertyUri);
}
/*
* This method handles the special case where we are creating a DataPropertyStatementTemplateModel outside the GroupedPropertyList.
* Specifically, it allows rdfs:label to be treated like a data property statement and thus have editing links. It is not possible
* to handle rdfs:label like vitro links and vitroPublic image, because it is not possible to construct a DataProperty from
* rdfs:label.
*/
DataPropertyStatementTemplateModel(String subjectUri, String propertyUri, VitroRequest vreq) {
super(subjectUri, propertyUri, vreq);
}
public void setValue(String value) {
this.value = value;
}
protected void setEditUrls(Literal value, boolean editing, String propertyUri) {
if ( ! editing ) {
return;
}
DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri, propertyUri, value.getLexicalForm());
// Language and datatype are needed to get the correct hash value
dps.setLanguage(value.getLanguage());
dps.setDatatypeURI(value.getDatatypeURI());
String dataPropHash = String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps));
this.literalValue = literal;
// Do delete url first, since used in building edit url
setDeleteUrl(propertyUri, dps, dataPropHash);
setEditUrl(propertyUri, dps, dataPropHash);
}
protected void setDeleteUrl(String propertyUri, DataPropertyStatement dps, String dataPropHash) {
// Hack for rdfs:label - the policy doesn't prevent deletion.
if (propertyUri.equals(VitroVocabulary.LABEL)) {
return;
this.deleteUrl = makeDeleteUrl();
this.editUrl = makeEditUrl();
}
private String makeDeleteUrl() {
// Determine whether the statement can be deleted
RequestedAction action = new DropDataPropStmt(dps);
DataPropertyStatement dps = makeStatement();
RequestedAction action = new DropDataPropertyStatement(vreq.getJenaOntModel(), dps);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
return "";
}
ParamMap params = new ParamMap(
"subjectUri", subjectUri,
"predicateUri", propertyUri,
"datapropKey", dataPropHash,
"datapropKey", makeHash(dps),
"cmd", "delete");
params.putAll(UrlBuilder.getModelParams(vreq));
deleteUrl = UrlBuilder.getUrl(EDIT_PATH, params);
return UrlBuilder.getUrl(EDIT_PATH, params);
}
protected void setEditUrl(String propertyUri, DataPropertyStatement dps, String dataPropHash) {
private String makeEditUrl() {
// vitro:moniker is deprecated. We display existing data values so editors can
// move them to other properties and delete, but don't allow editing.
if ( propertyUri.equals(VitroVocabulary.MONIKER) ) {
return;
return "";
}
// Determine whether the statement can be edited
RequestedAction action = new EditDataPropStmt(dps);
DataPropertyStatement dps = makeStatement();
RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
return "";
}
ParamMap params = new ParamMap(
"subjectUri", subjectUri,
"predicateUri", propertyUri,
"datapropKey", dataPropHash);
"datapropKey", makeHash(dps));
if ( deleteUrl.isEmpty() ) {
params.put("deleteProhibited", "prohibited");
@ -118,14 +82,36 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat
params.putAll(UrlBuilder.getModelParams(vreq));
editUrl = UrlBuilder.getUrl(EDIT_PATH, params);
return UrlBuilder.getUrl(EDIT_PATH, params);
}
private DataPropertyStatement makeStatement() {
DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri, propertyUri, literalValue.getLexicalForm());
// Language and datatype are needed to get the correct hash value
dps.setLanguage(literalValue.getLanguage());
dps.setDatatypeURI(literalValue.getDatatypeURI());
return dps;
}
private String makeHash(DataPropertyStatement dps) {
// Language and datatype are needed to get the correct hash value
return String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps));
}
/* Template properties */
public String getValue() {
return value;
//attempt to strip any odd HTML
return cleanTextForDisplay( literalValue.getLexicalForm() );
}
@Override
public String getDeleteUrl() {
return deleteUrl;
}
@Override
public String getEditUrl() {
return editUrl;
}
}

8
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java
View file

@ -11,9 +11,8 @@ import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.rdf.model.Literal;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.Property;
@ -47,7 +46,7 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel {
DataPropertyStatementDao dpDao = vreq.getWebappDaoFactory().getDataPropertyStatementDao();
List<Literal> values = dpDao.getDataPropertyValuesForIndividualByProperty(subject, dp);
for (Literal value : values) {
statements.add(new DataPropertyStatementTemplateModel(subjectUri, propertyUri, value, editing, vreq));
statements.add(new DataPropertyStatementTemplateModel(subjectUri, propertyUri, value, vreq));
}
} else {
log.debug("Data property " + getUri() + " is unpopulated.");
@ -77,7 +76,8 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel {
}
// Determine whether a new statement can be added
RequestedAction action = new AddDataPropStmt(subjectUri, propertyUri, RequestActionConstants.SOME_LITERAL, null, null);
RequestedAction action = new AddDataPropertyStatement(
vreq.getJenaOntModel(), subjectUri, propertyUri);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
}

94
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/EditLinkSuppressor.java Normal file
View file

@ -0,0 +1,94 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
/**
* Sometimes we don't want to show an Add, Edit, or Delete link for a particular
* property, no matter who the user is.
*
* TODO These are hard-coded while we wait for the Application Ontology to be
* implemented.
*/
public class EditLinkSuppressor {
private static final Log log = LogFactory.getLog(EditLinkSuppressor.class);
private static final String CORE = "http://vivoweb.org/ontology/core#";
private static final String PUB_TO_AUTHORSHIP = core("informationResourceInAuthorship");
private static final String PERSON_TO_AUTHORSHIP = core("authorInAuthorship");
private static final String AUTHORSHIP_TO_PERSON = core("linkedAuthor");
private static final String AUTHORSHIP_TO_PUB = core("linkedInformationResource");
private static final String INDIVIDUAL_TO_WEBPAGE = core("webpage");
private static final String WEBPAGE_TO_INDIVIDUAL = core("webpageOf");
private static final String HAS_RESEARCH_AREA = core("hasResearchArea");
private static final String HAS_SUBJECT_AREA = core("hasSubjectArea");
private static final String RESEARCH_AREA_OF = core("researchAreaOf");
private static final String SUBJECT_AREA_FOR = core("subjectAreaFor");
private static String core(String localName) {
return CORE + localName;
}
private static final List<String> suppressAddLinksForThese = Arrays
.asList(new String[] { AUTHORSHIP_TO_PERSON, AUTHORSHIP_TO_PUB,
WEBPAGE_TO_INDIVIDUAL });
private static final List<String> suppressEditLinksForThese = Arrays
.asList(new String[] { WEBPAGE_TO_INDIVIDUAL });
private static final List<String> suppressDeleteLinksForThese = Arrays
.asList(new String[] { PUB_TO_AUTHORSHIP, PERSON_TO_AUTHORSHIP,
AUTHORSHIP_TO_PERSON, AUTHORSHIP_TO_PUB,
INDIVIDUAL_TO_WEBPAGE, WEBPAGE_TO_INDIVIDUAL,
HAS_RESEARCH_AREA, RESEARCH_AREA_OF, HAS_SUBJECT_AREA,
SUBJECT_AREA_FOR });
// TODO When we remove the hard-coding, vreq will allow us to find the
// application ontology model.
@SuppressWarnings("unused")
private final VitroRequest vreq;
public EditLinkSuppressor(VitroRequest vreq) {
this.vreq = vreq;
}
/**
* Should we suppress the Add link on this property?
*/
public boolean isAddLinkSuppressed(String propertyUri) {
if (propertyUri == null) {
log.error("Suppressing the add link on a null property.");
return true;
}
return suppressAddLinksForThese.contains(propertyUri);
}
/**
* Should we suppress the Edit link on this property?
*/
public boolean isEditLinkSuppressed(String propertyUri) {
if (propertyUri == null) {
log.error("Suppressing the edit link on a null property.");
return true;
}
return suppressEditLinksForThese.contains(propertyUri);
}
/**
* Should we suppress the Delete link on this property?
*/
public boolean isDeleteLinkSuppressed(String propertyUri) {
if (propertyUri == null) {
log.error("Suppressing the delete link on a null property.");
return true;
}
return suppressDeleteLinksForThese.contains(propertyUri);
}
}

93
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java
View file

@ -7,42 +7,105 @@ import org.apache.commons.logging.LogFactory;
import org.openrdf.model.URI;
import org.openrdf.model.impl.URIImpl;
import com.hp.hpl.jena.rdf.model.Literal;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.edit.EditLiteral;
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.processEdit.RdfLiteralHash;
public class NameStatementTemplateModel extends
DataPropertyStatementTemplateModel {
/**
* This allows the template to treat an rdfs:label like a data property statement, and thus
* have an editing link.
*
* This has the same accessor methods as a DataPropertyStatementTemplateModel, but it is never
* part of the GroupedPropertyList, and it never has a deleteUrl.
*/
public class NameStatementTemplateModel extends PropertyStatementTemplateModel {
private static final Log log = LogFactory.getLog(NameStatementTemplateModel.class);
/*
* This method handles the special case where we are creating a DataPropertyStatementTemplateModel outside the GroupedPropertyList.
* Specifically, it allows rdfs:label to be treated like a data property statement and thus have editing links.
*/
NameStatementTemplateModel(String subjectUri, VitroRequest vreq, boolean editing) {
super(subjectUri, VitroVocabulary.LABEL, vreq);
private final String stringValue;
private final String editUrl;
WebappDaoFactory wdf = vreq.getWebappDaoFactory();
NameStatementTemplateModel(String subjectUri, VitroRequest vreq) {
super(subjectUri, VitroVocabulary.LABEL, vreq);
// NIHVIVO-2466 Use the same methods to get the label that are used elsewhere in the
// application, to guarantee consistent results for individuals with multiple labels
// across the application.
WebappDaoFactory wdf = vreq.getWebappDaoFactory();
IndividualDao iDao = wdf.getIndividualDao();
EditLiteral literal = iDao.getLabelEditLiteral(subjectUri);
if (literal != null) {
value = cleanTextForDisplay( literal.getLexicalForm() );
setEditUrls(literal, editing, propertyUri);
} else {
if (literal == null) {
// If the individual has no rdfs:label, use the local name. It will not be editable. (This replicates previous behavior;
// perhaps we would want to allow a label to be added. But such individuals do not usually have their profiles viewed or
// edited directly.)
URI uri = new URIImpl(subjectUri);
value = uri.getLocalName();
this.stringValue = uri.getLocalName();
this.editUrl = "";
} else {
this.stringValue = cleanTextForDisplay( literal.getLexicalForm() );
this.editUrl = makeEditUrl(literal);
}
}
private String makeEditUrl(Literal literal) {
// Determine whether the statement can be edited
DataPropertyStatement dps = makeStatement(literal);
RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return "";
}
ParamMap params = new ParamMap(
"subjectUri", subjectUri,
"predicateUri", propertyUri,
"datapropKey", makeHash(dps),
"deleteProhibited", "prohibited");
params.putAll(UrlBuilder.getModelParams(vreq));
return UrlBuilder.getUrl(EDIT_PATH, params);
}
private DataPropertyStatement makeStatement(Literal literalValue) {
DataPropertyStatement dps = new DataPropertyStatementImpl(subjectUri,
propertyUri, literalValue.getLexicalForm());
// Language and datatype are needed to get the correct hash value
dps.setLanguage(literalValue.getLanguage());
dps.setDatatypeURI(literalValue.getDatatypeURI());
return dps;
}
private String makeHash(DataPropertyStatement dps) {
// Language and datatype are needed to get the correct hash value
return String.valueOf(RdfLiteralHash.makeRdfLiteralHash(dps));
}
/* Template properties */
public String getValue() {
return stringValue;
}
@Override
public String getDeleteUrl() {
return "";
}
@Override
public String getEditUrl() {
return editUrl;
}
}

81
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java
View file

@ -2,6 +2,8 @@
package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
@ -9,8 +11,8 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatementImpl;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@ -19,54 +21,50 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMa
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
public class ObjectPropertyStatementTemplateModel extends PropertyStatementTemplateModel {
private static final Log log = LogFactory.getLog(ObjectPropertyStatementTemplateModel.class);
private static final String EDIT_PATH = "editRequestDispatch";
private final Map<String, String> data;
// Used for editing
private final String objectUri;
private final String templateName;
private final String objectKey;
private final String editUrl;
private final String deleteUrl;
public ObjectPropertyStatementTemplateModel(String subjectUri, String propertyUri, String objectKey,
Map<String, String> data, boolean editing, String templateName, VitroRequest vreq) {
Map<String, String> data, String templateName, VitroRequest vreq) {
super(subjectUri, propertyUri, vreq);
this.data = data;
this.data = Collections.unmodifiableMap(new HashMap<String, String>(data));
this.objectUri = data.get(objectKey);
this.templateName = templateName;
//to keep track of later
this.objectKey = objectKey;
if ( editing ) {
setEditUrls();
}
}
protected void setEditUrls() {
// If we are in edit mode, create the list of editing permissions.
// We do this now rather than in getEditUrl() and getDeleteUrl(), because getEditUrl() also needs to know
// whether a delete is allowed.
ObjectPropertyStatement ops = new ObjectPropertyStatementImpl(subjectUri, propertyUri, objectUri);
// Do delete url first, since used in building edit url
setDeleteUrl();
setEditUrl(ops);
// Do delete url first, since it is used in building edit url
this.deleteUrl = makeDeleteUrl();
this.editUrl = makeEditUrl(ops);
}
protected void setDeleteUrl() {
private String makeDeleteUrl() {
// Is the delete link suppressed for this property?
if (new EditLinkSuppressor(vreq).isDeleteLinkSuppressed(propertyUri)) {
return "";
}
// Determine whether the statement can be deleted
RequestedAction action = new DropObjectPropStmt(subjectUri, propertyUri, objectUri);
RequestedAction action = new DropObjectPropertyStatement(
vreq.getJenaOntModel(), subjectUri, propertyUri, objectUri);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
return "";
}
if (propertyUri.equals(VitroVocabulary.IND_MAIN_IMAGE)) {
deleteUrl = ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "delete");
} else {
return ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "delete");
}
ParamMap params = new ParamMap(
"subjectUri", subjectUri,
"predicateUri", propertyUri,
@ -87,24 +85,27 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl
}
params.put("templateName", templateName);
params.putAll(UrlBuilder.getModelParams(vreq));
deleteUrl = UrlBuilder.getUrl(EDIT_PATH, params);
}
return UrlBuilder.getUrl(EDIT_PATH, params);
}
protected void setEditUrl(ObjectPropertyStatement ops) {
private String makeEditUrl(ObjectPropertyStatement ops) {
// Is the edit link suppressed for this property?
if (new EditLinkSuppressor(vreq).isEditLinkSuppressed(propertyUri)) {
return "";
}
// Determine whether the statement can be edited
RequestedAction action = new EditObjPropStmt(ops);
RequestedAction action = new EditObjectPropertyStatement(vreq.getJenaOntModel(), ops);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
return "";
}
if (propertyUri.equals(VitroVocabulary.IND_MAIN_IMAGE)) {
editUrl = ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "edit");
} else {
return ObjectPropertyTemplateModel.getImageUploadUrl(subjectUri, "edit");
}
ParamMap params = new ParamMap(
"subjectUri", subjectUri,
"predicateUri", propertyUri,
@ -116,10 +117,8 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl
params.putAll(UrlBuilder.getModelParams(vreq));
editUrl = UrlBuilder.getUrl(EDIT_PATH, params);
return UrlBuilder.getUrl(EDIT_PATH, params);
}
}
/* Template methods */
@ -131,4 +130,14 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl
return cleanURIForDisplay(data.get(key));
}
@Override
public String getDeleteUrl() {
return deleteUrl;
}
@Override
public String getEditUrl() {
return editUrl;
}
}

10
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java
View file

@ -17,7 +17,7 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
import edu.cornell.mannlib.vitro.webapp.beans.Property;
@ -102,9 +102,15 @@ public abstract class ObjectPropertyTemplateModel extends PropertyTemplateModel
}
protected void setAddUrl(Property property) {
// Is the add link suppressed for this property?
if (new EditLinkSuppressor(vreq).isAddLinkSuppressed(propertyUri)) {
return;
}
// Determine whether a new statement can be added
RequestedAction action = new AddObjectPropStmt(subjectUri, propertyUri, RequestActionConstants.SOME_URI);
RequestedAction action = new AddObjectPropertyStatement(
vreq.getJenaOntModel(), subjectUri, propertyUri,
RequestActionConstants.SOME_URI);
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
return;
}

26
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyStatementTemplateModel.java
View file

@ -2,46 +2,28 @@
package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel;
public abstract class PropertyStatementTemplateModel extends BaseTemplateModel {
private static final Log log = LogFactory.getLog(PropertyStatementTemplateModel.class);
protected static final String EDIT_PATH = "editRequestDispatch";
protected final VitroRequest vreq;
// Used for editing
protected final String subjectUri;
protected final String propertyUri;
protected String editUrl;
protected String deleteUrl;
PropertyStatementTemplateModel(String subjectUri, String propertyUri, VitroRequest vreq) {
this.vreq = vreq;
this.subjectUri = subjectUri;
this.propertyUri = propertyUri;
editUrl = "";
deleteUrl = "";
}
/* Template properties */
public String getEditUrl() {
return editUrl;
}
public String getDeleteUrl() {
return deleteUrl;
}
public abstract String getEditUrl();
public abstract String getDeleteUrl();
public boolean isEditable() {
return ! editUrl.isEmpty();
return ! getEditUrl().isEmpty();
}
}

2
webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/UncollatedObjectPropertyTemplateModel.java
View file

@ -41,7 +41,7 @@ public class UncollatedObjectPropertyTemplateModel extends ObjectPropertyTemplat
String objectKey = getObjectKey();
for (Map<String, String> map : statementData) {
statements.add(new ObjectPropertyStatementTemplateModel(subjectUri,
propertyUri, objectKey, map, editing, getTemplateName(), vreq));
propertyUri, objectKey, map, getTemplateName(), vreq));
}
postprocessStatementList(statements);

370
webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java Normal file
View file

@ -0,0 +1,370 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.policy;
import static org.junit.Assert.assertEquals;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import org.apache.log4j.Level;
import org.junit.Before;
import org.junit.Test;
import stubs.javax.servlet.ServletContextStub;
import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpSessionStub;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.Model;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import com.hp.hpl.jena.rdf.model.Property;
import com.hp.hpl.jena.rdf.model.Resource;
import com.hp.hpl.jena.rdf.model.Statement;
import com.hp.hpl.jena.rdf.model.StmtIterator;
import com.hp.hpl.jena.util.iterator.NiceIterator;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractPropertyStatementAction;
/**
* Test the function of PolicyHelper in authorizing models of additions and
* retractions.
*
* It is vital that these methods work even if the statements are presented in
* the "wrong" order: one statement being authorized by a statement that appears
* later in the list.
*
* In order to test that, we need to create a Model that will list the
* statements in an order that we can predict, vis. the order in which they were
* added.
*
* To avoid creating a SortedModel that implements dozens of methods, we instead
* create a Proxy class that keeps the statements in order and lists them on
* demand.
*/
public class PolicyHelper_ModelsTest extends AbstractTestClass {
private static final String PRIMARY_RESOURCE_URI = "http://primaryResource";
private static final String OTHER_RESOURCE_URI = "http://otherResource";
private static final String FRIEND_PREDICATE_URI = "http://friend";
private static final String SOME_PREDICATE_URI = "http://something";
private ServletContextStub ctx;
private HttpSessionStub session;
private HttpServletRequestStub req;
private OntModel ontModel = ModelFactory
.createOntologyModel(OntModelSpec.OWL_MEM);
private Model additions;
private Model retractions;
@Before
public void setup() {
ctx = new ServletContextStub();
session = new HttpSessionStub();
session.setServletContext(ctx);
req = new HttpServletRequestStub();
req.setSession(session);
setLoggerLevel(ServletPolicyList.class, Level.WARN);
ServletPolicyList.addPolicy(ctx, new MySimplePolicy());
setLoggerLevel(PolicyHelper.class, Level.DEBUG);
}
// ----------------------------------------------------------------------
// The tests.
// ----------------------------------------------------------------------
@Test
public void rejectNullRequest() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
req = null;
additions = model();
retractions = model();
assertAuthorized("reject null request", false);
}
@Test
public void rejectNullAdditions() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
additions = null;
retractions = model();
assertAuthorized("reject null additions", false);
}
@Test
public void rejectNullRetractions() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
additions = model();
retractions = null;
assertAuthorized("reject null retractions", false);
}
@Test
public void rejectNullOntModel() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
additions = model();
retractions = model();
ontModel = null;
assertAuthorized("reject null OntModel", false);
}
@Test
public void acceptEmptyChanges() {
additions = model();
retractions = model();
assertAuthorized("accept empty changes add", true);
}
@Test
public void acceptSimpleAdd() {
additions = model(dataStatement(PRIMARY_RESOURCE_URI,
SOME_PREDICATE_URI));
retractions = model();
assertAuthorized("accept simple add", true);
}
@Test
public void acceptSimpleDrop() {
additions = model();
retractions = model(dataStatement(PRIMARY_RESOURCE_URI,
SOME_PREDICATE_URI));
assertAuthorized("accept simple add", true);
}
@Test
public void rejectSimpleAdd() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
additions = model(dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI));
retractions = model();
assertAuthorized("reject simple add", false);
}
@Test
public void rejectSimpleDrop() {
setLoggerLevel(PolicyHelper.class, Level.ERROR); // suppress warning
additions = model();
retractions = model(dataStatement(OTHER_RESOURCE_URI,
SOME_PREDICATE_URI));
assertAuthorized("reject simple drop", false);
}
@Test
public void acceptAddBecauseOfExistingStatement() {
ontModel.add(objectStatement(PRIMARY_RESOURCE_URI,
FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI));
additions = model(dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI));
retractions = model();
assertAuthorized("accept add because of existing statement", true);
}
@Test
public void acceptDropBecauseOfExistingStatement() {
ontModel.add(objectStatement(PRIMARY_RESOURCE_URI,
FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI));
additions = model();
retractions = model(dataStatement(OTHER_RESOURCE_URI,
SOME_PREDICATE_URI));
assertAuthorized("accept drop because of existing statement", true);
}
/**
* This test is the whole reason for the funky model that lists statements
* in a known order. We need to know that the DataStatement is authorized
* even though it relies on an ObjectStatement that appears later in the
* list.
*/
@Test
public void acceptAddBecauseOfOtherAdd() {
additions = model(
dataStatement(OTHER_RESOURCE_URI, SOME_PREDICATE_URI),
objectStatement(PRIMARY_RESOURCE_URI, FRIEND_PREDICATE_URI,
OTHER_RESOURCE_URI));
retractions = model();
assertAuthorized("accept add because of other add", true);
}
@Test
public void acceptDropBecauseOfAdd() {
additions = model(objectStatement(PRIMARY_RESOURCE_URI,
FRIEND_PREDICATE_URI, OTHER_RESOURCE_URI));
retractions = model(dataStatement(OTHER_RESOURCE_URI,
SOME_PREDICATE_URI));
assertAuthorized("accept drop because of add", true);
}
// ----------------------------------------------------------------------
// Helper methods
// ----------------------------------------------------------------------
/** Build a data statement. */
private Statement dataStatement(String subjectUri, String predicateUri) {
Model model = ModelFactory.createDefaultModel();
Resource subject = model.createResource(subjectUri);
Property predicate = model.createProperty(predicateUri);
return model.createStatement(subject, predicate, "whoCares?");
}
/** Build an object statement. */
private Statement objectStatement(String subjectUri, String predicateUri,
String objectUri) {
Model model = ModelFactory.createDefaultModel();
Resource subject = model.createResource(subjectUri);
Resource object = model.createResource(objectUri);
Property predicate = model.createProperty(predicateUri);
return model.createStatement(subject, predicate, object);
}
/** Build a model. */
private Model model(Statement... stmts) {
Model innerModel = ModelFactory.createDefaultModel();
Model proxy = (Model) Proxy.newProxyInstance(
OrderedModelInvocationHandler.class.getClassLoader(),
new Class[] { Model.class }, new OrderedModelInvocationHandler(
innerModel));
proxy.add(stmts);
return proxy;
}
/**
* Check whether we are authorized to make the additions and retractions to
* the model.
*/
private void assertAuthorized(String message, boolean expected) {
boolean actual = PolicyHelper.isAuthorizedAsExpected(req, additions,
retractions, ontModel);
assertEquals(message, expected, actual);
}
// ----------------------------------------------------------------------
// Helper classes
// ----------------------------------------------------------------------
/**
* A model Proxy object built around this will list statements in the order
* they were added.
*
* This only works if the statements were added by a call to
* add(Statement[]), and if they are listed by a call to listStatements().
* If the test used other methods to add statements, or if the PolicyHelper
* used a different method to query the model, we would not be assured of
* the order of the statements from the iterator.
*/
public static class OrderedModelInvocationHandler implements
InvocationHandler {
private final Model proxied;
private final List<Statement> stmts = new ArrayList<Statement>();
public OrderedModelInvocationHandler(Model proxied) {
this.proxied = proxied;
}
@Override
public Object invoke(Object proxy, Method method, Object[] args)
throws Throwable {
if (method.getName().equals("add") && (args.length == 1)
&& (args[0] instanceof Statement[])) {
stmts.addAll(Arrays.asList((Statement[]) args[0]));
return method.invoke(proxied, args);
}
if (method.getName().equals("listStatements")
&& ((args == null) || (args.length == 0))) {
return new StatementListIterator(stmts);
}
return method.invoke(proxied, args);
}
}
/**
* A StmtIterator that iterates over a list of statements.
*/
public static class StatementListIterator extends NiceIterator<Statement>
implements StmtIterator {
private final Iterator<Statement> innerIterator;
public StatementListIterator(List<Statement> stmts) {
this.innerIterator = new ArrayList<Statement>(stmts).iterator();
}
@Override
public Statement nextStatement() throws NoSuchElementException {
return next();
}
@Override
public boolean hasNext() {
return innerIterator.hasNext();
}
@Override
public Statement next() {
return innerIterator.next();
}
}
/**
* A Policy that authorizes a statement iff (1) The subject is the primary
* resource, or (2) The subject is related to the primary resource by a
* "friend" property statement.
*/
private class MySimplePolicy implements PolicyIface {
@Override
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
RequestedAction whatToAuth) {
if (!(whatToAuth instanceof AbstractPropertyStatementAction)) {
return inconclusive();
}
AbstractPropertyStatementAction action = (AbstractPropertyStatementAction) whatToAuth;
String subjectUri = action.getResourceUris()[0];
if (PRIMARY_RESOURCE_URI.equals(subjectUri)) {
return authorized();
}
Statement friendStmt = objectStatement(PRIMARY_RESOURCE_URI,
FRIEND_PREDICATE_URI, subjectUri);
if (statementExists(action.getOntModel(), friendStmt)) {
return authorized();
}
return inconclusive();
}
private boolean statementExists(OntModel oModel, Statement stmt) {
StmtIterator stmts = oModel.listStatements(stmt.getSubject(),
stmt.getPredicate(), stmt.getObject());
try {
return stmts.hasNext();
} finally {
stmts.close();
}
}
private PolicyDecision authorized() {
return new BasicPolicyDecision(Authorization.AUTHORIZED, "");
}
private PolicyDecision inconclusive() {
return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "");
}
}
}

203
webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java
View file

@ -12,7 +12,8 @@ import stubs.javax.servlet.ServletContextStub;
import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpSessionStub;
import com.hp.hpl.jena.rdf.model.Model;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import com.hp.hpl.jena.rdf.model.Property;
import com.hp.hpl.jena.rdf.model.Resource;
@ -24,8 +25,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
/**
* Test the function of PolicyHelper in authorizing statements and models.
@ -39,6 +40,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
private ServletContextStub ctx;
private HttpSessionStub session;
private HttpServletRequestStub req;
private OntModel ontModel;
@Before
public void setup() {
@ -50,18 +52,20 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
req = new HttpServletRequestStub();
req.setSession(session);
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
setLoggerLevel(ServletPolicyList.class, Level.WARN);
ServletPolicyList.addPolicy(ctx, new MySimplePolicy());
}
// ----------------------------------------------------------------------
// Statement-level tests.
// The tests.
// ----------------------------------------------------------------------
@Test
public void addNullStatement() {
assertEquals("null statement", false,
PolicyHelper.isAuthorizedToAdd(req, (Statement) null));
PolicyHelper.isAuthorizedToAdd(req, null, ontModel));
}
@Test
@ -69,29 +73,53 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("null request", false,
PolicyHelper.isAuthorizedToAdd(null, stmt));
PolicyHelper.isAuthorizedToAdd(null, stmt, ontModel));
}
@Test
public void addAuthorizedStatement() {
public void addStatementToNullModel() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("authorized", false,
PolicyHelper.isAuthorizedToAdd(req, stmt, null));
}
@Test
public void addAuthorizedDataStatement() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("authorized", true,
PolicyHelper.isAuthorizedToAdd(req, stmt));
PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel));
}
@Test
public void addUnauthorizedStatement() {
public void addAuthorizedObjectStatement() {
Statement stmt = objectStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI);
assertEquals("authorized", true,
PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel));
}
@Test
public void addUnauthorizedDataStatement() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
UNAPPROVED_PREDICATE_URI);
assertEquals("not authorized", false,
PolicyHelper.isAuthorizedToAdd(req, stmt));
PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel));
}
@Test
public void addUnauthorizedObjectStatement() {
Statement stmt = objectStatement(APPROVED_SUBJECT_URI,
UNAPPROVED_PREDICATE_URI, APPROVED_OBJECT_URI);
assertEquals("not authorized", false,
PolicyHelper.isAuthorizedToAdd(req, stmt, ontModel));
}
@Test
public void dropNullStatement() {
assertEquals("null statement", false,
PolicyHelper.isAuthorizedToDrop(req, (Statement) null));
assertEquals("null statement", false, PolicyHelper.isAuthorizedToDrop(
req, (Statement) null, ontModel));
}
@Test
@ -99,103 +127,47 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("null request", false,
PolicyHelper.isAuthorizedToDrop(null, stmt));
PolicyHelper.isAuthorizedToDrop(null, stmt, ontModel));
}
@Test
public void dropAuthorizedStatement() {
public void dropStatementFromNullModel() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("authorized", false,
PolicyHelper.isAuthorizedToDrop(req, stmt, null));
}
@Test
public void dropAuthorizedDataStatement() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI);
assertEquals("authorized", true,
PolicyHelper.isAuthorizedToDrop(req, stmt));
PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel));
}
@Test
public void dropUnauthorizedStatement() {
public void dropAuthorizedObjectStatement() {
Statement stmt = objectStatement(APPROVED_SUBJECT_URI,
APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI);
assertEquals("authorized", true,
PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel));
}
@Test
public void dropUnauthorizedDataStatement() {
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
UNAPPROVED_PREDICATE_URI);
assertEquals("not authorized", false,
PolicyHelper.isAuthorizedToDrop(req, stmt));
}
// ----------------------------------------------------------------------
// Model-level tests
// ----------------------------------------------------------------------
@Test
public void addNullModel() {
assertEquals("null statement", false,
PolicyHelper.isAuthorizedToAdd(req, (Model) null));
PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel));
}
@Test
public void addModelWithNullRequest() {
assertEquals("empty model", false,
PolicyHelper.isAuthorizedToAdd(null, model()));
}
@Test
public void addEmptyModel() {
assertEquals("empty model", true,
PolicyHelper.isAuthorizedToAdd(req, model()));
}
@Test
public void addAuthorizedModel() {
Model model = model(
dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI),
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
APPROVED_OBJECT_URI));
assertEquals("authorized model", true,
PolicyHelper.isAuthorizedToAdd(req, model));
}
@Test
public void addUnauthorizedModel() {
Model model = model(
dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI),
objectStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI,
APPROVED_OBJECT_URI));
assertEquals("unauthorized model", false,
PolicyHelper.isAuthorizedToAdd(req, model));
}
@Test
public void dropNullModel() {
assertEquals("null statement", false,
PolicyHelper.isAuthorizedToDrop(req, (Model) null));
}
@Test
public void dropModelWithNullRequest() {
assertEquals("empty model", false,
PolicyHelper.isAuthorizedToDrop(null, model()));
}
@Test
public void dropEmptyModel() {
assertEquals("empty model", true,
PolicyHelper.isAuthorizedToDrop(req, model()));
}
@Test
public void dropAuthorizedModel() {
Model model = model(
dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI),
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
APPROVED_OBJECT_URI));
assertEquals("authorized model", true,
PolicyHelper.isAuthorizedToDrop(req, model));
}
@Test
public void dropUnauthorizedModel() {
Model model = model(
dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI),
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
APPROVED_OBJECT_URI));
assertEquals("unauthorized model", false,
PolicyHelper.isAuthorizedToDrop(req, model));
public void dropUnauthorizedObjectStatement() {
Statement stmt = objectStatement(APPROVED_SUBJECT_URI,
UNAPPROVED_PREDICATE_URI, APPROVED_OBJECT_URI);
assertEquals("not authorized", false,
PolicyHelper.isAuthorizedToDrop(req, stmt, ontModel));
}
// ----------------------------------------------------------------------
@ -204,27 +176,18 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
/** Build a data statement. */
private Statement dataStatement(String subjectUri, String predicateUri) {
Model model = ModelFactory.createDefaultModel();
Resource subject = model.createResource(subjectUri);
Property predicate = model.createProperty(predicateUri);
return model.createStatement(subject, predicate, "whoCares?");
Resource subject = ontModel.createResource(subjectUri);
Property predicate = ontModel.createProperty(predicateUri);
return ontModel.createStatement(subject, predicate, "whoCares?");
}
/** Build a object statement. */
private Statement objectStatement(String subjectUri, String predicateUri,
String objectUri) {
Model model = ModelFactory.createDefaultModel();
Resource subject = model.createResource(subjectUri);
Resource object = model.createResource(objectUri);
Property predicate = model.createProperty(predicateUri);
return model.createStatement(subject, predicate, object);
}
/** Build a model. */
private Model model(Statement... stmts) {
Model model = ModelFactory.createDefaultModel();
model.add(stmts);
return model;
Resource subject = ontModel.createResource(subjectUri);
Resource object = ontModel.createResource(objectUri);
Property predicate = ontModel.createProperty(predicateUri);
return ontModel.createStatement(subject, predicate, object);
}
// ----------------------------------------------------------------------
@ -235,17 +198,17 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
@Override
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
RequestedAction whatToAuth) {
if (whatToAuth instanceof AbstractDataPropertyAction) {
return isAuthorized((AbstractDataPropertyAction) whatToAuth);
} else if (whatToAuth instanceof AbstractObjectPropertyAction) {
return isAuthorized((AbstractObjectPropertyAction) whatToAuth);
if (whatToAuth instanceof AbstractDataPropertyStatementAction) {
return isAuthorized((AbstractDataPropertyStatementAction) whatToAuth);
} else if (whatToAuth instanceof AbstractObjectPropertyStatementAction) {
return isAuthorized((AbstractObjectPropertyStatementAction) whatToAuth);
} else {
return inconclusive();
}
}
private PolicyDecision isAuthorized(
AbstractDataPropertyAction whatToAuth) {
AbstractDataPropertyStatementAction whatToAuth) {
if ((APPROVED_SUBJECT_URI.equals(whatToAuth.getSubjectUri()))
&& (APPROVED_PREDICATE_URI.equals(whatToAuth
.getPredicateUri()))) {
@ -256,11 +219,11 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
}
private PolicyDecision isAuthorized(
AbstractObjectPropertyAction whatToAuth) {
if ((APPROVED_SUBJECT_URI.equals(whatToAuth.uriOfSubject))
&& (APPROVED_PREDICATE_URI
.equals(whatToAuth.uriOfPredicate))
&& (APPROVED_OBJECT_URI.equals(whatToAuth.uriOfObject))) {
AbstractObjectPropertyStatementAction whatToAuth) {
if ((APPROVED_SUBJECT_URI.equals(whatToAuth.getSubjectUri()))
&& (APPROVED_PREDICATE_URI.equals(whatToAuth
.getPredicateUri()))
&& (APPROVED_OBJECT_URI.equals(whatToAuth.getObjectUri()))) {
return authorized();
} else {
return inconclusive();

165
webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java
View file

@ -13,6 +13,11 @@ import org.junit.Test;
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub;
import stubs.javax.servlet.ServletContextStub;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
@ -31,13 +36,11 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.CreateOwlC
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.DefineDataProperty;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.DefineObjectProperty;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ontology.RemoveOwlClass;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
@ -60,6 +63,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
private SelfEditingPolicy policy;
private IdentifierBundle ids;
private RequestedAction whatToAuth;
private OntModel ontModel;
@Before
public void setUp() throws Exception {
@ -75,6 +79,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
ind.setURI(SELFEDITOR_URI);
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
}
@Test
@ -88,75 +94,73 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
"http://mannlib.cornell.edu/bad#prp0020" });
PropertyRestrictionPolicyHelper.setBean(ctx, prph);
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI,
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE,
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
"http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI,
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE,
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
"http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SELFEDITOR_URI);
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SELFEDITOR_URI);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
UNSAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
// now with dataprop statements
whatToAuth = new AddDataPropStmt(SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp234", "someString", null,
null);
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp234");
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddDataPropStmt(SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp999", "someString", null,
null);
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
"http://mannlib.cornell.edu/bad#prp999");
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
"someString", null, null);
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddDataPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE,
"someString", null, null);
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
UNSAFE_PREDICATE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@Test
public void testVisitIdentifierBundleAddObjectPropStmt() {
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SELFEDITOR_URI);
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SELFEDITOR_URI);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
// this is the case where the editor is not part of the stmt
whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
UNSAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
UNSAFE_RESOURCE);
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, UNSAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@ -173,25 +177,25 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
//
@Test
public void testVisitIdentifierBundleDropObjectPropStmt() {
whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SELFEDITOR_URI);
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SELFEDITOR_URI);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
// this is the case where the editor is not part of the stmt
whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
UNSAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
UNSAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, UNSAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@ -214,55 +218,40 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
//
@Test
public void testVisitIdentifierBundleEditDataPropStmt() {
DataPropertyStatement dps = new DataPropertyStatementImpl();
dps.setIndividualURI(SELFEDITOR_URI);
dps.setDatapropURI(SAFE_PREDICATE);
dps.setData("junk");
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI,SAFE_PREDICATE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
dps = new DataPropertyStatementImpl();
dps.setIndividualURI(SELFEDITOR_URI);
dps.setDatapropURI(UNSAFE_PREDICATE);
dps.setData("junk");
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
dps = new DataPropertyStatementImpl();
dps.setIndividualURI(UNSAFE_RESOURCE);
dps.setDatapropURI(SAFE_PREDICATE);
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, UNSAFE_RESOURCE, SAFE_PREDICATE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
dps = new DataPropertyStatementImpl();
dps.setIndividualURI(SAFE_RESOURCE);
dps.setDatapropURI(SAFE_PREDICATE);
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@Test
public void testVisitIdentifierBundleEditObjPropStmt() {
whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SELFEDITOR_URI);
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SELFEDITOR_URI);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
// this is the case where the editor is not part of the stmt
whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
UNSAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
UNSAFE_RESOURCE);
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, UNSAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@ -273,24 +262,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
@Test
public void twoSEIsFindObjectPropertySubject() {
setUpTwoSEIs();
whatToAuth = new DropObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
}
@Test
public void twoSEIsFindObjectPropertyObject() {
setUpTwoSEIs();
whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SELFEDITOR_URI);
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SELFEDITOR_URI);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
}
@Test
public void twoSEIsDontFindInObjectProperty() {
setUpTwoSEIs();
whatToAuth = new DropObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE,
SAFE_RESOURCE);
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
SAFE_PREDICATE, SAFE_RESOURCE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}
@ -298,11 +287,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
public void twoSEIsFindDataPropertySubject() {
setUpTwoSEIs();
DataPropertyStatement dps = new DataPropertyStatementImpl();
dps.setIndividualURI(SELFEDITOR_URI);
dps.setDatapropURI(SAFE_PREDICATE);
dps.setData("junk");
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE);
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
}
@ -310,11 +295,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
public void twoSEIsDontFindInDataProperty() {
setUpTwoSEIs();
DataPropertyStatement dps = new DataPropertyStatementImpl();
dps.setIndividualURI(SAFE_RESOURCE);
dps.setDatapropURI(SAFE_PREDICATE);
dps.setData("junk");
whatToAuth = new EditDataPropStmt(dps);
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
}

52
webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java
View file

@ -15,6 +15,7 @@ import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestricti
import stubs.javax.servlet.ServletContextStub;
import com.hp.hpl.jena.ontology.OntModel;
import com.hp.hpl.jena.ontology.OntModelSpec;
import com.hp.hpl.jena.rdf.model.ModelFactory;
import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler;
@ -26,11 +27,9 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
@ -69,6 +68,14 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
/** A bundle that contains a SelfEditing individual. */
IdentifierBundle ids;
/**
* An empty model that acts as a placeholder in the requested actions. The
* SelfEditingPolicy does not base its decisions on the contents of the
* model.
*/
private OntModel ontModel;
@Before
public void setUp() throws Exception {
InputStream is = getClass().getResourceAsStream(
@ -78,6 +85,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
// suppress the warning messages from loading the model.
setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF);
// TODO This doesn't appear to be used for anything. Can it go away, along with the data file?
OntModel model = ModelFactory.createOntologyModel();
model.read(is, "");
Assert.assertNotNull(model);
@ -96,6 +104,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
// setLoggerLevel(SelfEditingPolicySetupTest.class, Level.DEBUG);
}
@ -112,8 +122,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
@Test
public void nullIdentifierBundle() {
AddObjectPropStmt whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI,
SAFE_PREDICATE, SAFE_RESOURCE);
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE);
PolicyDecision dec = policy.isAuthorized(null, whatToAuth);
Assert.assertNotNull(dec);
Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
@ -261,13 +271,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
// ------------------------------------------------------------------------
/**
* Create an {@link AddObjectPropStmt}, test it, and compare to expected
* results.
* Create an {@link AddObjectPropertyStatement}, test it, and compare to
* expected results.
*/
private void assertAddObjectPropStmt(String uriOfSub, String uriOfPred,
String uriOfObj, Authorization expectedAuthorization) {
AddObjectPropStmt whatToAuth = new AddObjectPropStmt(uriOfSub,
uriOfPred, uriOfObj);
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
ontModel, uriOfSub, uriOfPred, uriOfObj);
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
log.debug(dec);
Assert.assertNotNull(dec);
@ -275,13 +285,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
}
/**
* Create an {@link EditObjPropStmt}, test it, and compare to expected
* results.
* Create an {@link EditObjectPropertyStatement}, test it, and compare to
* expected results.
*/
private void assertEditObjPropStmt(String uriOfSub, String uriOfPred,
String uriOfObj, Authorization expectedAuthorization) {
EditObjPropStmt whatToAuth = new EditObjPropStmt(uriOfSub, uriOfPred,
uriOfObj);
EditObjectPropertyStatement whatToAuth = new EditObjectPropertyStatement(
ontModel, uriOfSub, uriOfPred, uriOfObj);
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
log.debug(dec);
Assert.assertNotNull(dec);
@ -289,17 +299,13 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
}
/**
* Create an {@link EditDataPropStmt}, test it, and compare to expected
* results.
* Create an {@link EditDataPropertyStatement}, test it, and compare to
* expected results.
*/
private void assertEditDataPropStmt(String individualURI,
String datapropURI, String data, Authorization expectedAuthorization) {
DataPropertyStatement dps = new DataPropertyStatementImpl();
dps.setIndividualURI(individualURI);
dps.setDatapropURI(datapropURI);
dps.setData(data);
EditDataPropStmt whatToAuth = new EditDataPropStmt(dps);
EditDataPropertyStatement whatToAuth = new EditDataPropertyStatement(
ontModel, individualURI, datapropURI);
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
log.debug(dec);
Assert.assertNotNull(dec);

2
webapp/test/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel_PropertyListConfigTest.java
View file

@ -135,8 +135,6 @@ public class ObjectPropertyTemplateModel_PropertyListConfigTest extends
subject = new IndividualImpl();
BaseTemplateModel.setServletContext(ctx);
Configuration fmConfig = new Configuration();
vreq.setAttribute("freemarkerConfig", fmConfig);
tl = new TemplateLoaderStub();

595
webapp/web/WEB-INF/ontologies/app/ApplicationConfiguration.owl Normal file
View file

@ -0,0 +1,595 @@
<?xml version="1.0"?>
<!DOCTYPE rdf:RDF [
<!ENTITY owl "http://www.w3.org/2002/07/owl#" >
<!ENTITY xsd "http://www.w3.org/2001/XMLSchema#" >
<!ENTITY rdfs "http://www.w3.org/2000/01/rdf-schema#" >
<!ENTITY rdf "http://www.w3.org/1999/02/22-rdf-syntax-ns#" >
]>
<rdf:RDF xmlns="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#"
xml:base="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration"
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
xmlns:owl="http://www.w3.org/2002/07/owl#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<owl:Ontology rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration"/>
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Annotation properties
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Datatypes
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Object Properties
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#configContextFor -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#configContextFor">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#dataSelector -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#dataSelector">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlSelectQuery"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#entryForm -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#entryForm">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasConfiguration -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasConfiguration">
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig"/>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasDisplayView -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasDisplayView">
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasDisplayView"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasListView -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasListView">
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ListDisplayView"/>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasDisplayView"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasShortView -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasShortView">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassDisplayConfig"/>
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ShortDisplayView"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#hasDisplayView"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#inheritingConfigContextFor -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#inheritingConfigContextFor">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#configContextFor"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#inheritingQualifiedBy -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#inheritingQualifiedBy">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#qualifiedBy"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#modelConstructor -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#modelConstructor">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlConstructQuery"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#nonInheritingConfigContextFor -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#nonInheritingConfigContextFor">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#configContextFor"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#nonInheritingQualifiedBy -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#nonInheritingQualifiedBy">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
<rdfs:subPropertyOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#qualifiedBy"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#offerEdit -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#offerEdit">
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#qualifiedBy -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#qualifiedBy">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#suppressEditControl -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#suppressEditControl">
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl"/>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#templateFile -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#templateFile">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
<rdfs:range rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#FreemarkerTemplate"/>
</owl:ObjectProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#valuesOfType -->
<owl:ObjectProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#valuesOfType">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyEditConfig"/>
</owl:ObjectProperty>
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Data properties
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#aggregateEdit -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#aggregateEdit">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
<rdfs:range rdf:resource="&xsd;boolean"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#collateBySubclass -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#collateBySubclass">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyDisplayConfig"/>
<rdfs:range rdf:resource="&xsd;boolean"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayLimit -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayLimit">
<rdfs:range rdf:resource="&xsd;nonNegativeInteger"/>
<rdfs:domain>
<owl:Class>
<owl:unionOf rdf:parseType="Collection">
<rdf:Description rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassDisplayConfig"/>
<rdf:Description rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig"/>
</owl:unionOf>
</owl:Class>
</rdfs:domain>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayName -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayName">
<rdfs:comment>range is intended to be plain literal with language tag.</rdfs:comment>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayRank -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#displayRank">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig"/>
<rdfs:range rdf:resource="&xsd;nonNegativeInteger"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#entryLimit -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#entryLimit">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditConfig"/>
<rdfs:range rdf:resource="&xsd;nonNegativeInteger"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#fileName -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#fileName">
<rdfs:comment>range is intended to be plain literal with language tag.</rdfs:comment>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Template"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#mediaType -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#mediaType">
<rdfs:comment>&#39;text/html&#39; for html content</rdfs:comment>
<rdfs:comment>range is intended to be plain literal with a language tag.</rdfs:comment>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DatatypePropertyDisplayConfig"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#offerCreate -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#offerCreate">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyEditConfig"/>
<rdfs:range rdf:resource="&xsd;boolean"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#publicDescription -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#publicDescription">
<rdfs:comment>range is intended to be plain literal with language tag.</rdfs:comment>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#queryString -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#queryString">
<rdfs:comment>range is intended to be plain literal with language tag.</rdfs:comment>
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlQuery"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#selectFromExisting -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#selectFromExisting">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyEditConfig"/>
<rdfs:range rdf:resource="&xsd;boolean"/>
</owl:DatatypeProperty>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#suppressDisplay -->
<owl:DatatypeProperty rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#suppressDisplay">
<rdfs:domain rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig"/>
<rdfs:range rdf:resource="&xsd;boolean"/>
</owl:DatatypeProperty>
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Classes
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#AddControl -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#AddControl">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Application -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Application">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig">
<rdfs:subClassOf rdf:resource="&owl;Thing"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ChangeControl -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ChangeControl">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassDisplayConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassDisplayConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassEditConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ClassEditConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ConfigContext"/>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DatatypePropertyDisplayConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DatatypePropertyDisplayConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DatatypePropertyEditConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DatatypePropertyEditConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DeleteControl -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DeleteControl">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ApplicationConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditControl"/>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#FreemarkerTemplate -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#FreemarkerTemplate">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Template"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ListDisplayView -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ListDisplayView">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyDisplayConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyDisplayConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyEditConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ObjectPropertyEditConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyDisplayConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#PropertyEditConfig">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#EditConfig"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ShortDisplayView -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ShortDisplayView">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#DisplayView"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlConstructQuery -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlConstructQuery">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlQuery"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlQuery -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlQuery"/>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlSelectQuery -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlSelectQuery">
<rdfs:subClassOf rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#SparqlQuery"/>
</owl:Class>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Template -->
<owl:Class rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#Template">
<rdfs:subClassOf rdf:resource="&owl;Thing"/>
</owl:Class>
<!--
///////////////////////////////////////////////////////////////////////////////////////
//
// Individuals
//
///////////////////////////////////////////////////////////////////////////////////////
-->
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#defer -->
<owl:NamedIndividual rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#defer">
<rdf:type rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
</owl:NamedIndividual>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#false -->
<owl:NamedIndividual rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#false">
<rdf:type rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
</owl:NamedIndividual>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ifStatement -->
<owl:NamedIndividual rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#ifStatement">
<rdf:type rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
</owl:NamedIndividual>
<!-- http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#true -->
<owl:NamedIndividual rdf:about="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#true">
<rdf:type rdf:resource="http://http://vitro.mannlib.cornell.edu/ns/vitro/ApplicationConfiguration#OfferEditOption"/>
</owl:NamedIndividual>
</rdf:RDF>
<!-- Generated by the OWL API (version 3.2.3.1824) http://owlapi.sourceforge.net -->

4
webapp/web/WEB-INF/resources/permission_config.n3
View file

@ -137,7 +137,6 @@ auth:SELF_EDITOR
# For role-based display and editing, SelfEditor is like Public.
# SelfEditor uses its special permissions to edit/display its own values.
auth:hasPermission displayByRole:Public ;
auth:hasPermission editByRole:Public ;
.
auth:PUBLIC
@ -150,7 +149,4 @@ auth:PUBLIC
# role-based permissions for PUBLIC
auth:hasPermission displayByRole:Public ;
# why are some properties declared editable by PUBLIC, but we don't want them to be.
# auth:hasPermission editByRole:Public ;
.

9
webapp/web/WEB-INF/web.xml
View file

@ -1137,15 +1137,6 @@
<url-pattern>/visualization</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>authtest</servlet-name>
<servlet-class>edu.cornell.mannlib.vitro.webapp.auth.AuthTestController</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>authtest</servlet-name>
<url-pattern>/authtest</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>primitiveRdfEdit</servlet-name>
<servlet-class>edu.cornell.mannlib.vitro.webapp.controller.edit.PrimitiveRdfEdit</servlet-class>