litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-2931 create a policy that prevents the user from editing or dropping the Home menu page.

Browse source
This commit is contained in:
j2blake 2011-07-15 17:39:03 +00:00
parent 10b1d1e57d
commit 7590dccf88
3 changed files with 75 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
webapp/config/web.xml
View file

@ -155,6 +155,10 @@
<listener-class> edu.cornell.mannlib.vitro.webapp.auth.policy.RootUserPolicy$Setup</listener-class>
</listener>
<listener>
<listener-class> edu.cornell.mannlib.vivo.auth.policy.RestrictHomeMenuItemEditingPolicy$Setup</listener-class>
</listener>
<!-- The Solr index uses a "public" filter, so the PropertyRestrictionPolicyHelper must already be set up. -->
<listener>
<listener-class>

69
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/RestrictHomeMenuItemEditingPolicy.java Normal file
View file

@ -0,0 +1,69 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.policy;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropStmt;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary;
/**
* Don't allow user to edit or drop the HomeMenuItem statement.
*/
public class RestrictHomeMenuItemEditingPolicy implements PolicyIface {
@Override
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
RequestedAction whatToAuth) {
if (whatToAuth instanceof EditObjPropStmt) {
return isAuthorized((EditObjPropStmt) whatToAuth);
} else if (whatToAuth instanceof DropObjectPropStmt) {
return isAuthorized((DropObjectPropStmt) whatToAuth);
} else {
return notHandled();
}
}
private PolicyDecision isAuthorized(AbstractObjectPropertyAction whatToAuth) {
if (whatToAuth.getUriOfPredicate()
.equals(DisplayVocabulary.HAS_ELEMENT)
&& whatToAuth.getUriOfObject().equals(
DisplayVocabulary.HOME_MENU_ITEM)) {
return notAuthorized();
} else {
return notHandled();
}
}
private BasicPolicyDecision notHandled() {
return new BasicPolicyDecision(Authorization.INCONCLUSIVE,
"Doesn't handle this type of request");
}
private BasicPolicyDecision notAuthorized() {
return new BasicPolicyDecision(Authorization.UNAUTHORIZED,
"Can't edit home menu item.");
}
public static class Setup implements ServletContextListener {
@Override
public void contextInitialized(ServletContextEvent sce) {
ServletPolicyList.addPolicyAtFront(sce.getServletContext(),
new RestrictHomeMenuItemEditingPolicy());
}
@Override
public void contextDestroyed(ServletContextEvent ctx) {
// Nothing to do here.
}
}
}

2
webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
View file

@ -123,6 +123,8 @@ public class DisplayVocabulary {
public static final String INTERNAL_CLASS_TEMPLATE = "menupage--individualsforclasses.ftl";
/* URIs for some individuals in the dispaly ontology */
public static final String HOME_MENU_ITEM = DISPLAY_NS + "HomeMenuItem";
//public static final Individual EVENTS = m_model.createIndividual( NS + "Events", PAGE );