From 7aa3b4f4699d3020357b05cc9aca7583ec1e732c Mon Sep 17 00:00:00 2001 From: j2blake Date: Sun, 1 Apr 2012 15:46:43 +0000 Subject: [PATCH] NIHVIVO-3404 Require that the statement-based RequestedActions include a reference to an OntModel. So the paradigm changes from "may I do this with this statement?" to "may I do this with this statement and this model?" --- .../webapp/auth/policy/PolicyHelper.java | 45 +++++------ .../AbstractDataPropertyStatementAction.java | 14 ++-- ...AbstractObjectPropertyStatementAction.java | 8 +- .../AbstractPropertyStatementAction.java | 10 +++ .../propstmt/AddDataPropertyStatement.java | 11 ++- .../propstmt/AddObjectPropertyStatement.java | 13 ++-- .../propstmt/DropDataPropertyStatement.java | 12 ++- .../propstmt/DropObjectPropertyStatement.java | 17 ++-- .../propstmt/EditDataPropertyStatement.java | 12 ++- .../propstmt/EditObjectPropertyStatement.java | 16 ++-- .../controller/admin/ShowAuthController.java | 3 +- .../freemarker/ImageUploadController.java | 14 ++-- .../BaseIndividualTemplateModel.java | 6 +- .../DataPropertyStatementTemplateModel.java | 4 +- .../individual/DataPropertyTemplateModel.java | 3 +- .../NameStatementTemplateModel.java | 2 +- .../ObjectPropertyStatementTemplateModel.java | 5 +- .../ObjectPropertyTemplateModel.java | 4 +- .../policy/PolicyHelper_StatementsTest.java | 36 +++++---- .../auth/policy/SelfEditingPolicyTest.java | 78 ++++++++++--------- .../auth/policy/SelfEditingPolicy_2_Test.java | 22 ++++-- 21 files changed, 204 insertions(+), 131 deletions(-) diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java index f9ffbf5aa..5e418ce3a 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java @@ -23,6 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPro import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement; +import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; /** * A collection of static methods to help determine whether requested actions @@ -63,15 +64,15 @@ public class PolicyHelper { * Do the current policies authorize the current user to add all of the * statements in this model? */ - public static boolean isAuthorizedToAdd(HttpServletRequest req, Model model) { - if ((req == null) || (model == null)) { + public static boolean isAuthorizedToAdd(VitroRequest vreq, Model model) { + if ((vreq == null) || (model == null)) { return false; } StmtIterator stmts = model.listStatements(); try { while (stmts.hasNext()) { - if (!isAuthorizedToAdd(req, stmts.next())) { + if (!isAuthorizedToAdd(vreq, stmts.next())) { return false; } } @@ -86,9 +87,8 @@ public class PolicyHelper { * * The statement is expected to be fully-populated, with no null fields. */ - public static boolean isAuthorizedToAdd(HttpServletRequest req, - Statement stmt) { - if ((req == null) || (stmt == null)) { + public static boolean isAuthorizedToAdd(VitroRequest vreq, Statement stmt) { + if ((vreq == null) || (stmt == null)) { return false; } @@ -101,28 +101,29 @@ public class PolicyHelper { RequestedAction action; if (objectNode.isResource()) { - action = new AddObjectPropertyStatement(subject.getURI(), - predicate.getURI(), objectNode.asResource().getURI()); + action = new AddObjectPropertyStatement(vreq.getJenaOntModel(), + subject.getURI(), predicate.getURI(), objectNode + .asResource().getURI()); } else { - action = new AddDataPropertyStatement(subject.getURI(), - predicate.getURI()); + action = new AddDataPropertyStatement(vreq.getJenaOntModel(), + subject.getURI(), predicate.getURI()); } - return isAuthorizedForActions(req, action); + return isAuthorizedForActions(vreq, action); } /** * Do the current policies authorize the current user to drop all of the * statements in this model? */ - public static boolean isAuthorizedToDrop(HttpServletRequest req, Model model) { - if ((req == null) || (model == null)) { + public static boolean isAuthorizedToDrop(VitroRequest vreq, Model model) { + if ((vreq == null) || (model == null)) { return false; } StmtIterator stmts = model.listStatements(); try { while (stmts.hasNext()) { - if (!isAuthorizedToDrop(req, stmts.next())) { + if (!isAuthorizedToDrop(vreq, stmts.next())) { return false; } } @@ -138,9 +139,8 @@ public class PolicyHelper { * * The statement is expected to be fully-populated, with no null fields. */ - public static boolean isAuthorizedToDrop(HttpServletRequest req, - Statement stmt) { - if ((req == null) || (stmt == null)) { + public static boolean isAuthorizedToDrop(VitroRequest vreq, Statement stmt) { + if ((vreq == null) || (stmt == null)) { return false; } @@ -153,13 +153,14 @@ public class PolicyHelper { RequestedAction action; if (objectNode.isResource()) { - action = new DropObjectPropertyStatement(subject.getURI(), - predicate.getURI(), objectNode.asResource().getURI()); + action = new DropObjectPropertyStatement(vreq.getJenaOntModel(), + subject.getURI(), predicate.getURI(), objectNode + .asResource().getURI()); } else { - action = new DropDataPropertyStatement(subject.getURI(), - predicate.getURI()); + action = new DropDataPropertyStatement(vreq.getJenaOntModel(), + subject.getURI(), predicate.getURI()); } - return isAuthorizedForActions(req, action); + return isAuthorizedForActions(vreq, action); } /** diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java index f61d3dd3e..74a94678c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractDataPropertyStatementAction.java @@ -2,7 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; /** @@ -10,17 +11,20 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; * data property statements from a model. */ public abstract class AbstractDataPropertyStatementAction extends - RequestedAction { + AbstractPropertyStatementAction { private final String subjectUri; private final String predicateUri; - public AbstractDataPropertyStatementAction(String subjectUri, - String predicateUri) { + public AbstractDataPropertyStatementAction(OntModel ontModel, + String subjectUri, String predicateUri) { + super(ontModel); this.subjectUri = subjectUri; this.predicateUri = predicateUri; } - public AbstractDataPropertyStatementAction(DataPropertyStatement dps) { + public AbstractDataPropertyStatementAction(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel); this.subjectUri = (dps.getIndividual() == null) ? dps .getIndividualURI() : dps.getIndividual().getURI(); this.predicateUri = dps.getDatapropURI(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java index 53ba6d5d4..53d0c9b6d 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractObjectPropertyStatementAction.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; /** @@ -14,14 +16,16 @@ public abstract class AbstractObjectPropertyStatementAction extends private final String predicateUri; private final String objectUri; - public AbstractObjectPropertyStatementAction(String subjectUri, + public AbstractObjectPropertyStatementAction(OntModel ontModel, String subjectUri, String predicateUri, String objectUri) { + super(ontModel); this.subjectUri = subjectUri; this.predicateUri = predicateUri; this.objectUri = objectUri; } - public AbstractObjectPropertyStatementAction(ObjectPropertyStatement ops) { + public AbstractObjectPropertyStatementAction(OntModel ontModel, ObjectPropertyStatement ops) { + super(ontModel); this.subjectUri = (ops.getSubject() == null) ? ops.getSubjectURI() : ops.getSubject().getURI(); this.predicateUri = (ops.getProperty() == null) ? ops.getPropertyURI() diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java index c0c64589b..1824f51dc 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AbstractPropertyStatementAction.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; /** @@ -9,5 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAct * statements from a model. */ public abstract class AbstractPropertyStatementAction extends RequestedAction { + private final OntModel ontModel; + public AbstractPropertyStatementAction(OntModel ontModel) { + this.ontModel = ontModel; + } + + public OntModel getOntModel() { + return ontModel; + } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java index 0bf2d9721..5f550d058 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddDataPropertyStatement.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; /** @@ -10,12 +12,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; public class AddDataPropertyStatement extends AbstractDataPropertyStatementAction { - public AddDataPropertyStatement(String subjectUri, String predicateUri) { - super(subjectUri, predicateUri); + public AddDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); } - public AddDataPropertyStatement(DataPropertyStatement dps) { - super(dps); + public AddDataPropertyStatement(OntModel ontModel, DataPropertyStatement dps) { + super(ontModel, dps); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java index f73059ab6..423893328 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/AddObjectPropertyStatement.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; /** @@ -9,12 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; */ public class AddObjectPropertyStatement extends AbstractObjectPropertyStatementAction { - public AddObjectPropertyStatement(String uriOfSub, String uriOfPred, - String uriOfObj) { - super(uriOfSub, uriOfPred, uriOfObj); + public AddObjectPropertyStatement(OntModel ontModel, String uriOfSub, + String uriOfPred, String uriOfObj) { + super(ontModel, uriOfSub, uriOfPred, uriOfObj); } - public AddObjectPropertyStatement(ObjectPropertyStatement ops) { - super(ops); + public AddObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java index 1d9d3c925..07138aa8f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropDataPropertyStatement.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; /** @@ -11,11 +13,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; public class DropDataPropertyStatement extends AbstractDataPropertyStatementAction { - public DropDataPropertyStatement(String subjectUri, String predicateUri) { - super(subjectUri, predicateUri); + public DropDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); } - public DropDataPropertyStatement(DataPropertyStatement dps) { - super(dps); + public DropDataPropertyStatement(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel, dps); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java index 6f4c33b07..c994a39e8 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/DropObjectPropertyStatement.java @@ -2,18 +2,23 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; /** * Should we allow the user to delete this ObjectPropertyStatement from this * model? */ -public class DropObjectPropertyStatement extends AbstractObjectPropertyStatementAction { - public DropObjectPropertyStatement(String sub, String pred, String obj) { - super(sub, pred, obj); +public class DropObjectPropertyStatement extends + AbstractObjectPropertyStatementAction { + public DropObjectPropertyStatement(OntModel ontModel, String sub, + String pred, String obj) { + super(ontModel, sub, pred, obj); } - - public DropObjectPropertyStatement(ObjectPropertyStatement ops) { - super(ops); + + public DropObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java index e10479c54..5ef3b918f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditDataPropertyStatement.java @@ -2,6 +2,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; /** @@ -9,11 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; */ public class EditDataPropertyStatement extends AbstractDataPropertyStatementAction { - public EditDataPropertyStatement(String subjectUri, String predicateUri) { - super(subjectUri, predicateUri); + public EditDataPropertyStatement(OntModel ontModel, String subjectUri, + String predicateUri) { + super(ontModel, subjectUri, predicateUri); } - public EditDataPropertyStatement(DataPropertyStatement dps) { - super(dps); + public EditDataPropertyStatement(OntModel ontModel, + DataPropertyStatement dps) { + super(ontModel, dps); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java index 359365ac4..732c3fa31 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/propstmt/EditObjectPropertyStatement.java @@ -2,18 +2,22 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt; +import com.hp.hpl.jena.ontology.OntModel; + import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; /** * Should we allow the user to edit this ObjectPropertyStatement in this model? */ -public class EditObjectPropertyStatement extends AbstractObjectPropertyStatementAction { - public EditObjectPropertyStatement(String subjectUri, String keywordPredUri, - String objectUri) { - super(subjectUri, keywordPredUri, objectUri); +public class EditObjectPropertyStatement extends + AbstractObjectPropertyStatementAction { + public EditObjectPropertyStatement(OntModel ontModel, String subjectUri, + String keywordPredUri, String objectUri) { + super(ontModel, subjectUri, keywordPredUri, objectUri); } - public EditObjectPropertyStatement(ObjectPropertyStatement ops) { - super(ops); + public EditObjectPropertyStatement(OntModel ontModel, + ObjectPropertyStatement ops) { + super(ontModel, ops); } } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java index d1df3e552..d91301a43 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java @@ -89,7 +89,8 @@ public class ShowAuthController extends FreemarkerHttpServlet { * this individual? */ private boolean mayEditIndividual(VitroRequest vreq, String individualUri) { - RequestedAction action = new EditObjectPropertyStatement(individualUri, + RequestedAction action = new EditObjectPropertyStatement( + vreq.getJenaOntModel(), individualUri, RequestActionConstants.SOME_URI, RequestActionConstants.SOME_URI); return PolicyHelper.isAuthorizedForActions(vreq, action); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java index 9a9b7a7c6..842a6201d 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/ImageUploadController.java @@ -138,14 +138,16 @@ public class ImageUploadController extends FreemarkerHttpServlet { RequestedAction ra; if (ACTION_DELETE.equals(action) || ACTION_DELETE_EDIT.equals(action)) { - ra = new DropObjectPropertyStatement(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, imageUri); + ra = new DropObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, + imageUri); } else if (imageUri != null) { - ra = new EditObjectPropertyStatement(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, imageUri); + ra = new EditObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, + imageUri); } else { - ra = new AddObjectPropertyStatement(entity.getURI(), - VitroVocabulary.IND_MAIN_IMAGE, + ra = new AddObjectPropertyStatement(vreq.getJenaOntModel(), + entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE, RequestActionConstants.SOME_URI); } return new Actions(ra); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java index 0fe1b1f23..0c4b09e72 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/BaseIndividualTemplateModel.java @@ -112,9 +112,11 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel { * an object property to the Individual being shown. */ public boolean isEditable() { - AddDataPropertyStatement adps = new AddDataPropertyStatement(individual.getURI(), + AddDataPropertyStatement adps = new AddDataPropertyStatement( + vreq.getJenaOntModel(), individual.getURI(), RequestActionConstants.SOME_URI); - AddObjectPropertyStatement aops = new AddObjectPropertyStatement(individual.getURI(), + AddObjectPropertyStatement aops = new AddObjectPropertyStatement( + vreq.getJenaOntModel(), individual.getURI(), RequestActionConstants.SOME_URI, RequestActionConstants.SOME_URI); return PolicyHelper.isAuthorizedForActions(vreq, new Actions(adps).or(aops)); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java index 1d2e9a68b..f9fa1bf1a 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyStatementTemplateModel.java @@ -41,7 +41,7 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat private String makeDeleteUrl() { // Determine whether the statement can be deleted DataPropertyStatement dps = makeStatement(); - RequestedAction action = new DropDataPropertyStatement(dps); + RequestedAction action = new DropDataPropertyStatement(vreq.getJenaOntModel(), dps); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return ""; } @@ -66,7 +66,7 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat // Determine whether the statement can be edited DataPropertyStatement dps = makeStatement(); - RequestedAction action = new EditDataPropertyStatement(dps); + RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return ""; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java index da5e5b609..2452851ff 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/DataPropertyTemplateModel.java @@ -76,7 +76,8 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel { } // Determine whether a new statement can be added - RequestedAction action = new AddDataPropertyStatement(subjectUri, propertyUri); + RequestedAction action = new AddDataPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java index 89ecfd31e..982a4561c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java @@ -62,7 +62,7 @@ public class NameStatementTemplateModel extends PropertyStatementTemplateModel { private String makeEditUrl(Literal literal) { // Determine whether the statement can be edited DataPropertyStatement dps = makeStatement(literal); - RequestedAction action = new EditDataPropertyStatement(dps); + RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return ""; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java index dad8da209..28ff330c3 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyStatementTemplateModel.java @@ -55,7 +55,8 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl } // Determine whether the statement can be deleted - RequestedAction action = new DropObjectPropertyStatement(subjectUri, propertyUri, objectUri); + RequestedAction action = new DropObjectPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri, objectUri); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return ""; } @@ -96,7 +97,7 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl } // Determine whether the statement can be edited - RequestedAction action = new EditObjectPropertyStatement(ops); + RequestedAction action = new EditObjectPropertyStatement(vreq.getJenaOntModel(), ops); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return ""; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java index c71bc7732..ec0acabf3 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/ObjectPropertyTemplateModel.java @@ -108,7 +108,9 @@ public abstract class ObjectPropertyTemplateModel extends PropertyTemplateModel } // Determine whether a new statement can be added - RequestedAction action = new AddObjectPropertyStatement(subjectUri, propertyUri, RequestActionConstants.SOME_URI); + RequestedAction action = new AddObjectPropertyStatement( + vreq.getJenaOntModel(), subjectUri, propertyUri, + RequestActionConstants.SOME_URI); if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) { return; } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java index e7498e424..515637446 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_StatementsTest.java @@ -12,6 +12,7 @@ import stubs.javax.servlet.ServletContextStub; import stubs.javax.servlet.http.HttpServletRequestStub; import stubs.javax.servlet.http.HttpSessionStub; +import com.hp.hpl.jena.ontology.OntModelSpec; import com.hp.hpl.jena.rdf.model.Model; import com.hp.hpl.jena.rdf.model.ModelFactory; import com.hp.hpl.jena.rdf.model.Property; @@ -26,6 +27,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction; +import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; /** * Test the function of PolicyHelper in authorizing statements and models. @@ -38,7 +40,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { private ServletContextStub ctx; private HttpSessionStub session; - private HttpServletRequestStub req; + private VitroRequest vreq; @Before public void setup() { @@ -47,8 +49,10 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { session = new HttpSessionStub(); session.setServletContext(ctx); - req = new HttpServletRequestStub(); + HttpServletRequestStub req = new HttpServletRequestStub(); req.setSession(session); + vreq = new VitroRequest(req); + vreq.setJenaOntModel(ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM)); setLoggerLevel(ServletPolicyList.class, Level.WARN); ServletPolicyList.addPolicy(ctx, new MySimplePolicy()); @@ -61,7 +65,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { @Test public void addNullStatement() { assertEquals("null statement", false, - PolicyHelper.isAuthorizedToAdd(req, (Statement) null)); + PolicyHelper.isAuthorizedToAdd(vreq, (Statement) null)); } @Test @@ -77,7 +81,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("authorized", true, - PolicyHelper.isAuthorizedToAdd(req, stmt)); + PolicyHelper.isAuthorizedToAdd(vreq, stmt)); } @Test @@ -85,13 +89,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI); assertEquals("not authorized", false, - PolicyHelper.isAuthorizedToAdd(req, stmt)); + PolicyHelper.isAuthorizedToAdd(vreq, stmt)); } @Test public void dropNullStatement() { assertEquals("null statement", false, - PolicyHelper.isAuthorizedToDrop(req, (Statement) null)); + PolicyHelper.isAuthorizedToDrop(vreq, (Statement) null)); } @Test @@ -107,7 +111,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI); assertEquals("authorized", true, - PolicyHelper.isAuthorizedToDrop(req, stmt)); + PolicyHelper.isAuthorizedToDrop(vreq, stmt)); } @Test @@ -115,7 +119,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { Statement stmt = dataStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI); assertEquals("not authorized", false, - PolicyHelper.isAuthorizedToDrop(req, stmt)); + PolicyHelper.isAuthorizedToDrop(vreq, stmt)); } // ---------------------------------------------------------------------- @@ -125,7 +129,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { @Test public void addNullModel() { assertEquals("null statement", false, - PolicyHelper.isAuthorizedToAdd(req, (Model) null)); + PolicyHelper.isAuthorizedToAdd(vreq, (Model) null)); } @Test @@ -137,7 +141,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { @Test public void addEmptyModel() { assertEquals("empty model", true, - PolicyHelper.isAuthorizedToAdd(req, model())); + PolicyHelper.isAuthorizedToAdd(vreq, model())); } @Test @@ -147,7 +151,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI)); assertEquals("authorized model", true, - PolicyHelper.isAuthorizedToAdd(req, model)); + PolicyHelper.isAuthorizedToAdd(vreq, model)); } @Test @@ -157,13 +161,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { objectStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI, APPROVED_OBJECT_URI)); assertEquals("unauthorized model", false, - PolicyHelper.isAuthorizedToAdd(req, model)); + PolicyHelper.isAuthorizedToAdd(vreq, model)); } @Test public void dropNullModel() { assertEquals("null statement", false, - PolicyHelper.isAuthorizedToDrop(req, (Model) null)); + PolicyHelper.isAuthorizedToDrop(vreq, (Model) null)); } @Test @@ -175,7 +179,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { @Test public void dropEmptyModel() { assertEquals("empty model", true, - PolicyHelper.isAuthorizedToDrop(req, model())); + PolicyHelper.isAuthorizedToDrop(vreq, model())); } @Test @@ -185,7 +189,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI)); assertEquals("authorized model", true, - PolicyHelper.isAuthorizedToDrop(req, model)); + PolicyHelper.isAuthorizedToDrop(vreq, model)); } @Test @@ -195,7 +199,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass { objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI, APPROVED_OBJECT_URI)); assertEquals("unauthorized model", false, - PolicyHelper.isAuthorizedToDrop(req, model)); + PolicyHelper.isAuthorizedToDrop(vreq, model)); } // ---------------------------------------------------------------------- diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java index 7ce14b845..08da1960d 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java @@ -13,6 +13,11 @@ import org.junit.Test; import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub; import stubs.javax.servlet.ServletContextStub; + +import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; +import com.hp.hpl.jena.rdf.model.ModelFactory; + import edu.cornell.mannlib.vitro.testing.AbstractTestClass; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; @@ -58,6 +63,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { private SelfEditingPolicy policy; private IdentifierBundle ids; private RequestedAction whatToAuth; + private OntModel ontModel; @Before public void setUp() throws Exception { @@ -73,6 +79,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass { ind.setURI(SELFEDITOR_URI); ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI)); + + ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM); } @Test @@ -86,72 +94,72 @@ public class SelfEditingPolicyTest extends AbstractTestClass { "http://mannlib.cornell.edu/bad#prp0020" }); PropertyRestrictionPolicyHelper.setBean(ctx, prph); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, "http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, "http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); // now with dataprop statements - whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp234"); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, "http://mannlib.cornell.edu/bad#prp999"); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @Test public void testVisitIdentifierBundleAddObjectPropStmt() { - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -169,24 +177,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass { // @Test public void testVisitIdentifierBundleDropObjectPropStmt() { - whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -210,39 +218,39 @@ public class SelfEditingPolicyTest extends AbstractTestClass { // @Test public void testVisitIdentifierBundleEditDataPropStmt() { - whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI,SAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI,SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, UNSAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditDataPropertyStatement(UNSAFE_RESOURCE, SAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, UNSAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @Test public void testVisitIdentifierBundleEditObjPropStmt() { - whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt - whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); - whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -254,7 +262,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { @Test public void twoSEIsFindObjectPropertySubject() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI, + whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @@ -262,7 +270,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { @Test public void twoSEIsFindObjectPropertyObject() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @@ -270,7 +278,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { @Test public void twoSEIsDontFindInObjectProperty() { setUpTwoSEIs(); - whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE, + whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } @@ -279,7 +287,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { public void twoSEIsFindDataPropertySubject() { setUpTwoSEIs(); - whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, SAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE); assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); } @@ -287,7 +295,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass { public void twoSEIsDontFindInDataProperty() { setUpTwoSEIs(); - whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE); + whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE); assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java index 1d4b61f1c..0db89065f 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicy_2_Test.java @@ -15,6 +15,7 @@ import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestricti import stubs.javax.servlet.ServletContextStub; import com.hp.hpl.jena.ontology.OntModel; +import com.hp.hpl.jena.ontology.OntModelSpec; import com.hp.hpl.jena.rdf.model.ModelFactory; import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler; @@ -29,8 +30,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; -import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl; import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; @@ -69,6 +68,14 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { /** A bundle that contains a SelfEditing individual. */ IdentifierBundle ids; + /** + * An empty model that acts as a placeholder in the requested actions. The + * SelfEditingPolicy does not base its decisions on the contents of the + * model. + */ + private OntModel ontModel; + + @Before public void setUp() throws Exception { InputStream is = getClass().getResourceAsStream( @@ -78,6 +85,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { // suppress the warning messages from loading the model. setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF); + // TODO This doesn't appear to be used for anything. Can it go away, along with the data file? OntModel model = ModelFactory.createOntologyModel(); model.read(is, ""); Assert.assertNotNull(model); @@ -96,6 +104,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI)); + ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM); + // setLoggerLevel(SelfEditingPolicySetupTest.class, Level.DEBUG); } @@ -113,7 +123,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { @Test public void nullIdentifierBundle() { AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement( - SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); + ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); PolicyDecision dec = policy.isAuthorized(null, whatToAuth); Assert.assertNotNull(dec); Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); @@ -267,7 +277,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { private void assertAddObjectPropStmt(String uriOfSub, String uriOfPred, String uriOfObj, Authorization expectedAuthorization) { AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement( - uriOfSub, uriOfPred, uriOfObj); + ontModel, uriOfSub, uriOfPred, uriOfObj); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec); @@ -281,7 +291,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { private void assertEditObjPropStmt(String uriOfSub, String uriOfPred, String uriOfObj, Authorization expectedAuthorization) { EditObjectPropertyStatement whatToAuth = new EditObjectPropertyStatement( - uriOfSub, uriOfPred, uriOfObj); + ontModel, uriOfSub, uriOfPred, uriOfObj); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec); @@ -295,7 +305,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass { private void assertEditDataPropStmt(String individualURI, String datapropURI, String data, Authorization expectedAuthorization) { EditDataPropertyStatement whatToAuth = new EditDataPropertyStatement( - individualURI, datapropURI); + ontModel, individualURI, datapropURI); PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); log.debug(dec); Assert.assertNotNull(dec);