diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthorizationHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthorizationHelper.java new file mode 100644 index 000000000..f06d8311f --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/AuthorizationHelper.java @@ -0,0 +1,96 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ServletIdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList; +import edu.cornell.mannlib.vitro.webapp.auth.policy.RequestPolicyList; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditObjPropStmt; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import edu.cornell.mannlib.vitro.webapp.beans.Individual; +import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; +import edu.cornell.mannlib.vitro.webapp.controller.freemarker.ImageUploadController; +import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; +import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep; + +public class AuthorizationHelper { + + private static final Log log = LogFactory.getLog(AuthorizationHelper.class); + + private VitroRequest vreq; + + public AuthorizationHelper(VitroRequest vreq) { + this.vreq = vreq; + } + + public boolean isAuthorizedForRequestedAction(RequestedAction action) { + PolicyIface policy = getPolicies(); + PolicyDecision dec = policy.isAuthorized(getIdentifiers(), action); + if (dec != null && dec.getAuthorized() == Authorization.AUTHORIZED) { + log.debug("Authorized because self-editing."); + return true; + } else { + log.debug("Not Authorized even though self-editing: " + + ((dec == null) ? "null" : dec.getMessage() + ", " + + dec.getDebuggingInfo())); + return false; + } + } + + /** + * Get the policy from the request, or from the servlet context. + */ + private PolicyIface getPolicies() { + ServletContext servletContext = vreq.getSession().getServletContext(); + + PolicyIface policy = RequestPolicyList.getPolicies(vreq); + if (isEmptyPolicy(policy)) { + policy = ServletPolicyList.getPolicies(servletContext); + if (isEmptyPolicy(policy)) { + log.error("No policy found in request at " + + RequestPolicyList.POLICY_LIST); + policy = new PolicyList(); + } + } + + return policy; + } + + /** + * Is there actually a policy here? + */ + private boolean isEmptyPolicy(PolicyIface policy) { + return policy == null + || (policy instanceof PolicyList && ((PolicyList) policy) + .size() == 0); + } + + private IdentifierBundle getIdentifiers() { + HttpSession session = vreq.getSession(); + ServletContext context = session.getServletContext(); + IdentifierBundle ids = ServletIdentifierBundleFactory + .getIdBundleForRequest(vreq, session, context); + if (ids == null) { + return new ArrayIdentifierBundle(); + } else { + return ids; + } + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/BrowseController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/BrowseController.java index 03440a905..128445282 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/BrowseController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/BrowseController.java @@ -83,6 +83,7 @@ public class BrowseController extends FreemarkerHttpServlet { Map body = new HashMap(); String message = null; + String templateName = TEMPLATE_DEFAULT; if( vreq.getParameter("clearcache") != null ) //mainly for debugging clearGroupCache(); @@ -94,22 +95,20 @@ public class BrowseController extends FreemarkerHttpServlet { if (groups == null || groups.isEmpty()) { message = "There are not yet any items in the system."; } - else { - // FreeMarker will wrap vcgroups in a SimpleSequence. So do we want to create the SimpleSequence directly? - // But, makes code less portable to another system. - // SimpleSequence vcgroups = new SimpleSequence(groups.size()); + else { List vcgroups = new ArrayList(groups.size()); - for (VClassGroup g: groups) { - vcgroups.add(new VClassGroupTemplateModel(g)); + for (VClassGroup group : groups) { + vcgroups.add(new VClassGroupTemplateModel(group)); } body.put("classGroups", vcgroups); } if (message != null) { body.put("message", message); + templateName = Template.TITLED_MESSAGE.toString(); } - return new TemplateResponseValues(TEMPLATE_DEFAULT, body); + return new TemplateResponseValues(templateName, body); } public void destroy(){ diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java index 2d98dbae9..0f4efd510 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java @@ -58,8 +58,9 @@ public class FreemarkerHttpServlet extends VitroHttpServlet { protected enum Template { STANDARD_ERROR("error-standard.ftl"), ERROR_MESSAGE("error-message.ftl"), - TITLED_ERROR_MESSAGE("error-titledMessage.ftl"), + TITLED_ERROR_MESSAGE("error-titled.ftl"), MESSAGE("message.ftl"), + TITLED_MESSAGE("message-titled.ftl"), PAGE_DEFAULT("page.ftl"); private final String filename; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java index 4040f5485..f00d66ebc 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java @@ -2,10 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker; -import java.io.IOException; import java.util.Arrays; import java.util.Enumeration; -import java.util.HashMap; import java.util.Map; import java.util.Map.Entry; @@ -14,7 +12,6 @@ import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.UnavailableException; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.fileupload.FileItem; @@ -23,6 +20,7 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.LoginFormBean; import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties; +import edu.cornell.mannlib.vitro.webapp.auth.AuthorizationHelper; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ServletIdentifierBundleFactory; @@ -40,10 +38,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAct import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.controller.Controllers; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; -import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet; -import edu.cornell.mannlib.vitro.webapp.controller.freemarker.ImageUploadHelper; -import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder; -import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet.ResponseValues; import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; import edu.cornell.mannlib.vitro.webapp.filestorage.backend.FileStorage; import edu.cornell.mannlib.vitro.webapp.filestorage.backend.FileStorageSetup; @@ -51,7 +45,6 @@ import edu.cornell.mannlib.vitro.webapp.filestorage.model.FileInfo; import edu.cornell.mannlib.vitro.webapp.filestorage.model.ImageInfo; import edu.cornell.mannlib.vitro.webapp.filestorage.uploadrequest.FileUploadServletRequest; import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep; -import freemarker.template.Configuration; /** * Handle adding, replacing or deleting the main image on an Individual. @@ -636,62 +629,9 @@ public class ImageUploadController extends FreemarkerHttpServlet { VitroVocabulary.IND_MAIN_IMAGE, RequestActionConstants.SOME_LITERAL, null, null); } - return checkAuthorizedForRequestedAction(vreq, ra); - } - - private boolean checkAuthorizedForRequestedAction(VitroRequest vreq, - RequestedAction action) { - PolicyIface policy = getPolicies(vreq); - PolicyDecision dec = policy.isAuthorized(getIdentifiers(vreq), action); - if (dec != null && dec.getAuthorized() == Authorization.AUTHORIZED) { - log.debug("Authorized because self-editing."); - return true; - } else { - log.debug("Not Authorized even though self-editing: " - + ((dec == null) ? "null" : dec.getMessage() + ", " - + dec.getDebuggingInfo())); - return false; - } - } - - /** - * Get the policy from the request, or from the servlet context. - */ - private PolicyIface getPolicies(VitroRequest vreq) { - ServletContext servletContext = vreq.getSession().getServletContext(); - - PolicyIface policy = RequestPolicyList.getPolicies(vreq); - if (isEmptyPolicy(policy)) { - policy = ServletPolicyList.getPolicies(servletContext); - if (isEmptyPolicy(policy)) { - log.error("No policy found in request at " - + RequestPolicyList.POLICY_LIST); - policy = new PolicyList(); - } - } - - return policy; - } - - /** - * Is there actually a policy here? - */ - private boolean isEmptyPolicy(PolicyIface policy) { - return policy == null - || (policy instanceof PolicyList && ((PolicyList) policy) - .size() == 0); - } - - private IdentifierBundle getIdentifiers(VitroRequest vreq) { - HttpSession session = vreq.getSession(); - ServletContext context = session.getServletContext(); - IdentifierBundle ids = ServletIdentifierBundleFactory - .getIdBundleForRequest(vreq, session, context); - if (ids == null) { - return new ArrayIdentifierBundle(); - } else { - return ids; - } + + AuthorizationHelper helper = new AuthorizationHelper(vreq); + return helper.isAuthorizedForRequestedAction(ra); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/VClassTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/VClassTemplateModel.java index 45ba71689..2c0edb396 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/VClassTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/VClassTemplateModel.java @@ -11,7 +11,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.Route; public class VClassTemplateModel extends BaseTemplateModel { - private static final Log log = LogFactory.getLog(VClassTemplateModel.class.getName()); + private static final Log log = LogFactory.getLog(VClassTemplateModel.class); private static final String PATH = Route.INDIVIDUAL_LIST.path(); private VClass vclass; diff --git a/webapp/web/templates/freemarker/body/classGroups.ftl b/webapp/web/templates/freemarker/body/classGroups.ftl index fc4b6c2aa..41a6dacb6 100644 --- a/webapp/web/templates/freemarker/body/classGroups.ftl +++ b/webapp/web/templates/freemarker/body/classGroups.ftl @@ -2,18 +2,13 @@ <#-- List class groups, and classes within each group. --> -<#if message??> -

${message}

-<#else> -
- <#list classGroups as classGroup> -

${classGroup.publicName}

-
    - <#list classGroup.classes as class> -
  • ${class.name} (${class.individualCount})
    • - - -
- -
- \ No newline at end of file +
+ <#list classGroups as classGroup> +

${classGroup.publicName}

+
    + <#list classGroup.classes as class> +
  • ${class.name} (${class.individualCount})
    • + +
+ +
diff --git a/webapp/web/templates/freemarker/body/message/message-titled.ftl b/webapp/web/templates/freemarker/body/message/message-titled.ftl new file mode 100644 index 000000000..3e250249f --- /dev/null +++ b/webapp/web/templates/freemarker/body/message/message-titled.ftl @@ -0,0 +1,7 @@ +<#-- $This file is distributed under the terms of the license in /doc/license.txt$ --> + +<#-- Standard template to display a message with a title generated from any controller. Keeps this out of individual templates. --> + +

${title}

+ +<#include "message.ftl"> \ No newline at end of file diff --git a/webapp/web/templates/freemarker/body/message.ftl b/webapp/web/templates/freemarker/body/message/message.ftl similarity index 100% rename from webapp/web/templates/freemarker/body/message.ftl rename to webapp/web/templates/freemarker/body/message/message.ftl