NIHVIVO-2279 replace DbAdminEditingPolicy, CuratoryEditingPolicy and EditorEditingPolicy and helper classes with EditRestrictedDataByRoleLevelPolicy and helper classes.
This commit is contained in:
j2blake
parent
60000b1036
commit
6d2d41b269
9 changed files with 0 additions and 847 deletions
|
|
@ -1,45 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletRequest;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
|
|
||||||
|
|
||||||
public class CuratorEditingIdentifierFactory implements IdentifierBundleFactory{
|
|
||||||
|
|
||||||
public IdentifierBundle getIdentifierBundle(ServletRequest request,
|
|
||||||
HttpSession session, ServletContext context) {
|
|
||||||
IdentifierBundle ib = new ArrayIdentifierBundle();
|
|
||||||
ib.add( RoleBasedPolicy.AuthRole.ANYBODY);
|
|
||||||
|
|
||||||
LoginStatusBean loginBean = LoginStatusBean.getBean(session);
|
|
||||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
|
|
||||||
String loginRole = String.valueOf(loginBean.getSecurityLevel());
|
|
||||||
ib.add(new CuratorEditingId(loginRole, loginBean.getUserURI()));
|
|
||||||
ib.add(AuthRole.CURATOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
return ib;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static class CuratorEditingId extends RoleIdentifier {
|
|
||||||
final String role;
|
|
||||||
final String uri;
|
|
||||||
|
|
||||||
public CuratorEditingId( String role, String uri) {
|
|
||||||
this.role = role;
|
|
||||||
this.uri = uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getRole() { return role; }
|
|
||||||
|
|
||||||
public String getUri(){ return uri; }
|
|
||||||
|
|
||||||
public String toString(){ return "CuratorEditingId: " + uri; }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,49 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletRequest;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
|
|
||||||
|
|
||||||
public class DbAdminEditingIdentifierFactory implements IdentifierBundleFactory{
|
|
||||||
|
|
||||||
public IdentifierBundle getIdentifierBundle(ServletRequest request,
|
|
||||||
HttpSession session, ServletContext context) {
|
|
||||||
IdentifierBundle ib = new ArrayIdentifierBundle();
|
|
||||||
ib.add( RoleBasedPolicy.AuthRole.ANYBODY);
|
|
||||||
|
|
||||||
LoginStatusBean loginBean = LoginStatusBean.getBean(session);
|
|
||||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) {
|
|
||||||
String loginRole = String.valueOf(loginBean.getSecurityLevel());
|
|
||||||
ib.add(new DbAdminEditingId(loginRole, loginBean.getUserURI()));
|
|
||||||
ib.add(AuthRole.DBA);
|
|
||||||
}
|
|
||||||
|
|
||||||
return ib;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static class DbAdminEditingId extends RoleIdentifier{
|
|
||||||
final String role;
|
|
||||||
final String uri;
|
|
||||||
|
|
||||||
public DbAdminEditingId( String role, String uri) {
|
|
||||||
this.role = role;
|
|
||||||
this.uri = uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getRole() {
|
|
||||||
return role;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getUri(){ return uri; }
|
|
||||||
|
|
||||||
public String toString(){
|
|
||||||
return "DbAdminEditingId: role of " + getRole();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletRequest;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
|
|
||||||
|
|
||||||
public class EditorEditingIdentifierFactory implements IdentifierBundleFactory{
|
|
||||||
|
|
||||||
public IdentifierBundle getIdentifierBundle(ServletRequest request,
|
|
||||||
HttpSession session, ServletContext context) {
|
|
||||||
IdentifierBundle ib = new ArrayIdentifierBundle();
|
|
||||||
ib.add( RoleBasedPolicy.AuthRole.ANYBODY);
|
|
||||||
|
|
||||||
LoginStatusBean loginBean = LoginStatusBean.getBean(session);
|
|
||||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR)) {
|
|
||||||
String loginRole = String.valueOf(loginBean.getSecurityLevel());
|
|
||||||
ib.add(new EditorEditingId(loginRole, loginBean.getUserURI()));
|
|
||||||
ib.add(AuthRole.EDITOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
return ib;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static class EditorEditingId implements Identifier {
|
|
||||||
final String role;
|
|
||||||
final String uri;
|
|
||||||
|
|
||||||
public EditorEditingId( String role, String uri) {
|
|
||||||
this.role = role;
|
|
||||||
this.uri = uri;
|
|
||||||
}
|
|
||||||
public String getUri(){ return uri; }
|
|
||||||
|
|
||||||
public String getRole() {
|
|
||||||
return role;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String toString(){
|
|
||||||
return "Editor role of " + getRole();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,173 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.CuratorEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.AdminRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.OntoRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractResourceAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.DropResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Policy to use for Vivo Curator-Editing for use at Cornell. All methods in
|
|
||||||
* this class should be thread safe and side effect free.
|
|
||||||
*/
|
|
||||||
public class CuratorEditingPolicy implements PolicyIface {
|
|
||||||
private final ServletContext ctx;
|
|
||||||
|
|
||||||
public CuratorEditingPolicy(ServletContext ctx) {
|
|
||||||
this.ctx = ctx;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Indicates which Authorization to use when the user isn't explicitly
|
|
||||||
* authorized.
|
|
||||||
*/
|
|
||||||
private PolicyDecision defaultDecision(String message) {
|
|
||||||
return new BasicPolicyDecision(Authorization.INCONCLUSIVE, message);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PolicyDecision isAuthorized(IdentifierBundle whomToAuth,
|
|
||||||
RequestedAction whatToAuth) {
|
|
||||||
if (whomToAuth == null) {
|
|
||||||
return defaultDecision("whomToAuth was null");
|
|
||||||
}
|
|
||||||
if (whatToAuth == null) {
|
|
||||||
return defaultDecision("whatToAuth was null");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isCurator(whomToAuth)) {
|
|
||||||
return defaultDecision("IdBundle does not include a Curator identifier");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof OntoRequestedAction) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy doesn't authorize OntoRequestedActions");
|
|
||||||
} else if (whatToAuth instanceof AdminRequestedAction) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy doesn't authorize AdminRequestedActions");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof AddDataPropStmt) {
|
|
||||||
return isAuthorized((AddDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropDataPropStmt) {
|
|
||||||
return isAuthorized((DropDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditDataPropStmt) {
|
|
||||||
return isAuthorized((EditDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddObjectPropStmt) {
|
|
||||||
return isAuthorized((AddObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropObjectPropStmt) {
|
|
||||||
return isAuthorized((DropObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditObjPropStmt) {
|
|
||||||
return isAuthorized((EditObjPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddResource) {
|
|
||||||
return isAuthorized((AddResource) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropResource) {
|
|
||||||
return isAuthorized((DropResource) whatToAuth);
|
|
||||||
} else {
|
|
||||||
return defaultDecision("unrecognized requested action: "
|
|
||||||
+ whatToAuth);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean isCurator(IdentifierBundle whomToAuth) {
|
|
||||||
for (Identifier id : whomToAuth) {
|
|
||||||
if (id instanceof CuratorEditingIdentifierFactory.CuratorEditingId) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyResource(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyResource(
|
|
||||||
uri, RoleLevel.CURATOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyPredicate(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyPredicate(
|
|
||||||
uri, RoleLevel.CURATOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping a DataProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractDataPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.getPredicateUri())) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.getPredicateUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"CuratorEditingPolicy: user may modify '"
|
|
||||||
+ action.getSubjectUri() + "' ==> '"
|
|
||||||
+ action.getPredicateUri() + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping an ObjectProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractObjectPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.uriOfSubject)) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfSubject);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.uriOfPredicate)) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.uriOfPredicate);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyResource(action.uriOfObject)) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfObject);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"CuratorEditingPolicy: user may modify '" + action.uriOfSubject
|
|
||||||
+ "' ==> '" + action.uriOfPredicate + "' ==> '"
|
|
||||||
+ action.uriOfObject + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding or Dropping a Resource.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractResourceAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("CuratorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"CuratorEditingPolicy: may add or remove resource: "
|
|
||||||
+ action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String toString() {
|
|
||||||
return "CuratorEditingPolicy - " + hashCode();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,173 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.DbAdminEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.AdminRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.OntoRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractResourceAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.DropResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Policy to use for Vivo non-privileged but user accouunt-based editing All
|
|
||||||
* methods in this class should be thread safe and side effect free.
|
|
||||||
*/
|
|
||||||
public class DbAdminEditingPolicy implements PolicyIface {
|
|
||||||
private final ServletContext ctx;
|
|
||||||
|
|
||||||
public DbAdminEditingPolicy(ServletContext ctx) {
|
|
||||||
this.ctx = ctx;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Indicates which Authorization to use when the user isn't explicitly
|
|
||||||
* authorized.
|
|
||||||
*/
|
|
||||||
private PolicyDecision defaultDecision(String message) {
|
|
||||||
return new BasicPolicyDecision(Authorization.INCONCLUSIVE, message);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
|
|
||||||
RequestedAction whatToAuth) {
|
|
||||||
if (whoToAuth == null) {
|
|
||||||
return defaultDecision("whomToAuth was null");
|
|
||||||
}
|
|
||||||
if (whatToAuth == null) {
|
|
||||||
return defaultDecision("whatToAuth was null");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isDba(whoToAuth)) {
|
|
||||||
return defaultDecision("IdBundle does not include a DbAdmin identifier");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof OntoRequestedAction) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy doesn't authorize OntoRequestedActions");
|
|
||||||
} else if (whatToAuth instanceof AdminRequestedAction) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy doesn't authorize AdminRequestedActions");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof AddDataPropStmt) {
|
|
||||||
return isAuthorized((AddDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropDataPropStmt) {
|
|
||||||
return isAuthorized((DropDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditDataPropStmt) {
|
|
||||||
return isAuthorized((EditDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddObjectPropStmt) {
|
|
||||||
return isAuthorized((AddObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropObjectPropStmt) {
|
|
||||||
return isAuthorized((DropObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditObjPropStmt) {
|
|
||||||
return isAuthorized((EditObjPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddResource) {
|
|
||||||
return isAuthorized((AddResource) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropResource) {
|
|
||||||
return isAuthorized((DropResource) whatToAuth);
|
|
||||||
} else {
|
|
||||||
return defaultDecision("unrecognized requested action: "
|
|
||||||
+ whatToAuth);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean isDba(IdentifierBundle whomToAuth) {
|
|
||||||
for (Identifier id : whomToAuth) {
|
|
||||||
if (id instanceof DbAdminEditingIdentifierFactory.DbAdminEditingId) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyResource(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyResource(
|
|
||||||
uri, RoleLevel.DB_ADMIN);
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyPredicate(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyPredicate(
|
|
||||||
uri, RoleLevel.DB_ADMIN);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping a DataProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractDataPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.getPredicateUri())) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.getPredicateUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"DbAdminEditingPolicy: user may modify '"
|
|
||||||
+ action.getSubjectUri() + "' ==> '"
|
|
||||||
+ action.getPredicateUri() + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping an ObjectProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractObjectPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.uriOfSubject)) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfSubject);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.uriOfPredicate)) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.uriOfPredicate);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyResource(action.uriOfObject)) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfObject);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"DbAdminEditingPolicy: user may modify '" + action.uriOfSubject
|
|
||||||
+ "' ==> '" + action.uriOfPredicate + "' ==> '"
|
|
||||||
+ action.uriOfObject + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding or Dropping a Resource.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractResourceAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("DbAdminEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"DbAdminEditingPolicy: may add or remove resource: "
|
|
||||||
+ action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String toString() {
|
|
||||||
return "DbAdminEditingPolicy - " + hashCode();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,173 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.EditorEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.AdminRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.OntoRequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AbstractResourceAction;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.DropResource;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Policy to use for Vivo non-privileged but user accouunt-based editing All
|
|
||||||
* methods in this class should be thread safe and side effect free.
|
|
||||||
*/
|
|
||||||
public class EditorEditingPolicy implements PolicyIface {
|
|
||||||
|
|
||||||
private final ServletContext ctx;
|
|
||||||
|
|
||||||
public EditorEditingPolicy(ServletContext ctx) {
|
|
||||||
this.ctx = ctx;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Indicates which Authorization to use when the user isn't explicitly
|
|
||||||
* authorized.
|
|
||||||
*/
|
|
||||||
private PolicyDecision defaultDecision(String message) {
|
|
||||||
return new BasicPolicyDecision(Authorization.INCONCLUSIVE, message);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PolicyDecision isAuthorized(IdentifierBundle whomToAuth,
|
|
||||||
RequestedAction whatToAuth) {
|
|
||||||
if (whomToAuth == null) {
|
|
||||||
return defaultDecision("whomToAuth was null");
|
|
||||||
}
|
|
||||||
if (whatToAuth == null) {
|
|
||||||
return defaultDecision("whatToAuth was null");
|
|
||||||
}
|
|
||||||
if (!isEditor(whomToAuth)) {
|
|
||||||
return defaultDecision("IdBundle does not include an Editor identifier");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof OntoRequestedAction) {
|
|
||||||
return defaultDecision("EditorEditingPolicy doesn't authorize OntoRequestedActions");
|
|
||||||
} else if (whatToAuth instanceof AdminRequestedAction) {
|
|
||||||
return defaultDecision("EditorEditingPolicy doesn't authorize AdminRequestedActions");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (whatToAuth instanceof AddDataPropStmt) {
|
|
||||||
return isAuthorized((AddDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropDataPropStmt) {
|
|
||||||
return isAuthorized((DropDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditDataPropStmt) {
|
|
||||||
return isAuthorized((EditDataPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddObjectPropStmt) {
|
|
||||||
return isAuthorized((AddObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropObjectPropStmt) {
|
|
||||||
return isAuthorized((DropObjectPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof EditObjPropStmt) {
|
|
||||||
return isAuthorized((EditObjPropStmt) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof AddResource) {
|
|
||||||
return isAuthorized((AddResource) whatToAuth);
|
|
||||||
} else if (whatToAuth instanceof DropResource) {
|
|
||||||
return isAuthorized((DropResource) whatToAuth);
|
|
||||||
} else {
|
|
||||||
return defaultDecision("unrecognized requested action: "
|
|
||||||
+ whatToAuth);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean isEditor(IdentifierBundle whomToAuth) {
|
|
||||||
for (Identifier id : whomToAuth) {
|
|
||||||
if (id instanceof EditorEditingIdentifierFactory.EditorEditingId) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyResource(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyResource(
|
|
||||||
uri, RoleLevel.EDITOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean canModifyPredicate(String uri) {
|
|
||||||
return PropertyRestrictionPolicyHelper.getBean(ctx).canModifyPredicate(
|
|
||||||
uri, RoleLevel.EDITOR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping a DataProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractDataPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.getPredicateUri())) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.getPredicateUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"EditorEditingPolicy: user may modify '"
|
|
||||||
+ action.getSubjectUri() + "' ==> '"
|
|
||||||
+ action.getPredicateUri() + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding, Editing or Dropping an ObjectProperty.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractObjectPropertyAction action) {
|
|
||||||
if (!canModifyResource(action.uriOfSubject)) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfSubject);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyPredicate(action.uriOfPredicate)) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin predicates; "
|
|
||||||
+ "may not modify " + action.uriOfPredicate);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!canModifyResource(action.uriOfObject)) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.uriOfObject);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"EditorEditingPolicy: user may modify '" + action.uriOfSubject
|
|
||||||
+ "' ==> '" + action.uriOfPredicate + "' ==> '"
|
|
||||||
+ action.uriOfObject + "'");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check authorization for Adding or Dropping a Resource.
|
|
||||||
*/
|
|
||||||
private PolicyDecision isAuthorized(AbstractResourceAction action) {
|
|
||||||
if (!canModifyResource(action.getSubjectUri())) {
|
|
||||||
return defaultDecision("EditorEditingPolicy does not grant access to admin resources; "
|
|
||||||
+ "may not modify " + action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
return new BasicPolicyDecision(Authorization.AUTHORIZED,
|
|
||||||
"EditorEditingPolicy: may add or remove resource: "
|
|
||||||
+ action.getSubjectUri());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String toString() {
|
|
||||||
return "EditorEditingPolicy - " + hashCode();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,62 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy.setup;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletContextEvent;
|
|
||||||
import javax.servlet.ServletContextListener;
|
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
|
||||||
import org.apache.commons.logging.LogFactory;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.CuratorEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.CuratorEditingPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.servlet.setup.AbortStartup;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sets up RoleBasedPolicy and IdentifierBundleFactory. This will cause the
|
|
||||||
* vitro native login to add Identifiers that can be used by the Auth system and
|
|
||||||
* the in-line editing.
|
|
||||||
*
|
|
||||||
* To use this add it as a listener to the web.xml.
|
|
||||||
*
|
|
||||||
* See RoleBasedPolicy.java
|
|
||||||
*/
|
|
||||||
public class CuratorEditingPolicySetup implements ServletContextListener {
|
|
||||||
private static final Log log = LogFactory
|
|
||||||
.getLog(CuratorEditingPolicySetup.class.getName());
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextInitialized(ServletContextEvent sce) {
|
|
||||||
ServletContext ctx = sce.getServletContext();
|
|
||||||
|
|
||||||
if (AbortStartup.isStartupAborted(ctx)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
log.debug("Setting up CuratorEditingPolicy");
|
|
||||||
|
|
||||||
// need to make a policy and add it to the ServletContext
|
|
||||||
CuratorEditingPolicy cep = new CuratorEditingPolicy(ctx);
|
|
||||||
ServletPolicyList.addPolicy(ctx, cep);
|
|
||||||
|
|
||||||
// need to put an IdentifierFactory for CuratorEditingIds into the
|
|
||||||
// ServletContext
|
|
||||||
ActiveIdentifierBundleFactories.addFactory(sce,
|
|
||||||
new CuratorEditingIdentifierFactory());
|
|
||||||
|
|
||||||
log.debug("Finished setting up CuratorEditingPolicy: " + cep);
|
|
||||||
} catch (Exception e) {
|
|
||||||
log.error("could not run CuratorEditingPolicySetup: " + e);
|
|
||||||
AbortStartup.abortStartup(ctx);
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextDestroyed(ServletContextEvent sce) { /* nothing */
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,62 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy.setup;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletContextEvent;
|
|
||||||
import javax.servlet.ServletContextListener;
|
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
|
||||||
import org.apache.commons.logging.LogFactory;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.DbAdminEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.DbAdminEditingPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.servlet.setup.AbortStartup;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sets up RoleBasedPolicy and IdentifierBundleFactory. This will cause the
|
|
||||||
* vitro native login to add Identifiers that can be used by the Auth system and
|
|
||||||
* the in-line editing.
|
|
||||||
*
|
|
||||||
* To use this add it as a listener to the web.xml.
|
|
||||||
*
|
|
||||||
* See RoleBasedPolicy.java
|
|
||||||
*/
|
|
||||||
public class DbAdminEditingPolicySetup implements ServletContextListener {
|
|
||||||
private static final Log log = LogFactory
|
|
||||||
.getLog(DbAdminEditingPolicySetup.class.getName());
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextInitialized(ServletContextEvent sce) {
|
|
||||||
ServletContext ctx = sce.getServletContext();
|
|
||||||
|
|
||||||
if (AbortStartup.isStartupAborted(ctx)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
log.debug("Setting up DbAdminEditingPolicy");
|
|
||||||
|
|
||||||
// need to make a policy and add it to the ServletContext
|
|
||||||
DbAdminEditingPolicy dep = new DbAdminEditingPolicy(ctx);
|
|
||||||
ServletPolicyList.addPolicy(ctx, dep);
|
|
||||||
|
|
||||||
// need to put an IdentifierFactory for DbAdminEditingIds into the
|
|
||||||
// ServletContext
|
|
||||||
ActiveIdentifierBundleFactories.addFactory(sce,
|
|
||||||
new DbAdminEditingIdentifierFactory());
|
|
||||||
|
|
||||||
log.debug("Finished setting up DbAdminEditingPolicy: " + dep);
|
|
||||||
} catch (Exception e) {
|
|
||||||
log.error("could not run DbAdminEditingPolicySetup: " + e);
|
|
||||||
AbortStartup.abortStartup(ctx);
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextDestroyed(ServletContextEvent sce) { /* nothing */
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,62 +0,0 @@
|
||||||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
|
||||||
|
|
||||||
package edu.cornell.mannlib.vitro.webapp.auth.policy.setup;
|
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
|
||||||
import javax.servlet.ServletContextEvent;
|
|
||||||
import javax.servlet.ServletContextListener;
|
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
|
||||||
import org.apache.commons.logging.LogFactory;
|
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.EditorEditingIdentifierFactory;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.EditorEditingPolicy;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.servlet.setup.AbortStartup;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sets up RoleBasedPolicy and IdentifierBundleFactory. This will cause the
|
|
||||||
* vitro native login to add Identifiers that can be used by the Auth system and
|
|
||||||
* the in-line editing.
|
|
||||||
*
|
|
||||||
* To use this add it as a listener to the web.xml.
|
|
||||||
*
|
|
||||||
* See RoleBasedPolicy.java
|
|
||||||
*/
|
|
||||||
public class EditorEditingPolicySetup implements ServletContextListener {
|
|
||||||
private static final Log log = LogFactory
|
|
||||||
.getLog(EditorEditingPolicySetup.class.getName());
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextInitialized(ServletContextEvent sce) {
|
|
||||||
ServletContext ctx = sce.getServletContext();
|
|
||||||
|
|
||||||
if (AbortStartup.isStartupAborted(ctx)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
log.debug("Setting up EditorEditingPolicy");
|
|
||||||
|
|
||||||
// need to make a policy and add it to the ServletContext
|
|
||||||
EditorEditingPolicy cep = new EditorEditingPolicy(ctx);
|
|
||||||
ServletPolicyList.addPolicy(ctx, cep);
|
|
||||||
|
|
||||||
// need to put an IdentifierFactory for EditorEditingIds into the
|
|
||||||
// ServletContext
|
|
||||||
ActiveIdentifierBundleFactories.addFactory(sce,
|
|
||||||
new EditorEditingIdentifierFactory());
|
|
||||||
|
|
||||||
log.debug("Finished setting up EditorEditingPolicy: " + cep);
|
|
||||||
} catch (Exception e) {
|
|
||||||
log.error("could not run EditorEditingPolicySetup: " + e);
|
|
||||||
AbortStartup.abortStartup(ctx);
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void contextDestroyed(ServletContextEvent sce) { /* nothing */
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue