NIHVIVO-3404 Require that the statement-based RequestedActions include a reference to an OntModel. So the paradigm changes from "may I do this with this statement?" to "may I do this with this statement and this model?"
This commit is contained in:
j2blake
parent
ed2f3ddc12
commit
7aa3b4f469
21 changed files with 204 additions and 131 deletions
|
|
@ -23,6 +23,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPro
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropDataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
||||
/**
|
||||
* A collection of static methods to help determine whether requested actions
|
||||
|
|
@ -63,15 +64,15 @@ public class PolicyHelper {
|
|||
* Do the current policies authorize the current user to add all of the
|
||||
* statements in this model?
|
||||
*/
|
||||
public static boolean isAuthorizedToAdd(HttpServletRequest req, Model model) {
|
||||
if ((req == null) || (model == null)) {
|
||||
public static boolean isAuthorizedToAdd(VitroRequest vreq, Model model) {
|
||||
if ((vreq == null) || (model == null)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
StmtIterator stmts = model.listStatements();
|
||||
try {
|
||||
while (stmts.hasNext()) {
|
||||
if (!isAuthorizedToAdd(req, stmts.next())) {
|
||||
if (!isAuthorizedToAdd(vreq, stmts.next())) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -86,9 +87,8 @@ public class PolicyHelper {
|
|||
*
|
||||
* The statement is expected to be fully-populated, with no null fields.
|
||||
*/
|
||||
public static boolean isAuthorizedToAdd(HttpServletRequest req,
|
||||
Statement stmt) {
|
||||
if ((req == null) || (stmt == null)) {
|
||||
public static boolean isAuthorizedToAdd(VitroRequest vreq, Statement stmt) {
|
||||
if ((vreq == null) || (stmt == null)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -101,28 +101,29 @@ public class PolicyHelper {
|
|||
|
||||
RequestedAction action;
|
||||
if (objectNode.isResource()) {
|
||||
action = new AddObjectPropertyStatement(subject.getURI(),
|
||||
predicate.getURI(), objectNode.asResource().getURI());
|
||||
action = new AddObjectPropertyStatement(vreq.getJenaOntModel(),
|
||||
subject.getURI(), predicate.getURI(), objectNode
|
||||
.asResource().getURI());
|
||||
} else {
|
||||
action = new AddDataPropertyStatement(subject.getURI(),
|
||||
predicate.getURI());
|
||||
action = new AddDataPropertyStatement(vreq.getJenaOntModel(),
|
||||
subject.getURI(), predicate.getURI());
|
||||
}
|
||||
return isAuthorizedForActions(req, action);
|
||||
return isAuthorizedForActions(vreq, action);
|
||||
}
|
||||
|
||||
/**
|
||||
* Do the current policies authorize the current user to drop all of the
|
||||
* statements in this model?
|
||||
*/
|
||||
public static boolean isAuthorizedToDrop(HttpServletRequest req, Model model) {
|
||||
if ((req == null) || (model == null)) {
|
||||
public static boolean isAuthorizedToDrop(VitroRequest vreq, Model model) {
|
||||
if ((vreq == null) || (model == null)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
StmtIterator stmts = model.listStatements();
|
||||
try {
|
||||
while (stmts.hasNext()) {
|
||||
if (!isAuthorizedToDrop(req, stmts.next())) {
|
||||
if (!isAuthorizedToDrop(vreq, stmts.next())) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -138,9 +139,8 @@ public class PolicyHelper {
|
|||
*
|
||||
* The statement is expected to be fully-populated, with no null fields.
|
||||
*/
|
||||
public static boolean isAuthorizedToDrop(HttpServletRequest req,
|
||||
Statement stmt) {
|
||||
if ((req == null) || (stmt == null)) {
|
||||
public static boolean isAuthorizedToDrop(VitroRequest vreq, Statement stmt) {
|
||||
if ((vreq == null) || (stmt == null)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -153,13 +153,14 @@ public class PolicyHelper {
|
|||
|
||||
RequestedAction action;
|
||||
if (objectNode.isResource()) {
|
||||
action = new DropObjectPropertyStatement(subject.getURI(),
|
||||
predicate.getURI(), objectNode.asResource().getURI());
|
||||
action = new DropObjectPropertyStatement(vreq.getJenaOntModel(),
|
||||
subject.getURI(), predicate.getURI(), objectNode
|
||||
.asResource().getURI());
|
||||
} else {
|
||||
action = new DropDataPropertyStatement(subject.getURI(),
|
||||
predicate.getURI());
|
||||
action = new DropDataPropertyStatement(vreq.getJenaOntModel(),
|
||||
subject.getURI(), predicate.getURI());
|
||||
}
|
||||
return isAuthorizedForActions(req, action);
|
||||
return isAuthorizedForActions(vreq, action);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -10,17 +11,20 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
|||
* data property statements from a model.
|
||||
*/
|
||||
public abstract class AbstractDataPropertyStatementAction extends
|
||||
RequestedAction {
|
||||
AbstractPropertyStatementAction {
|
||||
private final String subjectUri;
|
||||
private final String predicateUri;
|
||||
|
||||
public AbstractDataPropertyStatementAction(String subjectUri,
|
||||
String predicateUri) {
|
||||
public AbstractDataPropertyStatementAction(OntModel ontModel,
|
||||
String subjectUri, String predicateUri) {
|
||||
super(ontModel);
|
||||
this.subjectUri = subjectUri;
|
||||
this.predicateUri = predicateUri;
|
||||
}
|
||||
|
||||
public AbstractDataPropertyStatementAction(DataPropertyStatement dps) {
|
||||
public AbstractDataPropertyStatementAction(OntModel ontModel,
|
||||
DataPropertyStatement dps) {
|
||||
super(ontModel);
|
||||
this.subjectUri = (dps.getIndividual() == null) ? dps
|
||||
.getIndividualURI() : dps.getIndividual().getURI();
|
||||
this.predicateUri = dps.getDatapropURI();
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -14,14 +16,16 @@ public abstract class AbstractObjectPropertyStatementAction extends
|
|||
private final String predicateUri;
|
||||
private final String objectUri;
|
||||
|
||||
public AbstractObjectPropertyStatementAction(String subjectUri,
|
||||
public AbstractObjectPropertyStatementAction(OntModel ontModel, String subjectUri,
|
||||
String predicateUri, String objectUri) {
|
||||
super(ontModel);
|
||||
this.subjectUri = subjectUri;
|
||||
this.predicateUri = predicateUri;
|
||||
this.objectUri = objectUri;
|
||||
}
|
||||
|
||||
public AbstractObjectPropertyStatementAction(ObjectPropertyStatement ops) {
|
||||
public AbstractObjectPropertyStatementAction(OntModel ontModel, ObjectPropertyStatement ops) {
|
||||
super(ontModel);
|
||||
this.subjectUri = (ops.getSubject() == null) ? ops.getSubjectURI()
|
||||
: ops.getSubject().getURI();
|
||||
this.predicateUri = (ops.getProperty() == null) ? ops.getPropertyURI()
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/**
|
||||
|
|
@ -9,5 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAct
|
|||
* statements from a model.
|
||||
*/
|
||||
public abstract class AbstractPropertyStatementAction extends RequestedAction {
|
||||
private final OntModel ontModel;
|
||||
|
||||
public AbstractPropertyStatementAction(OntModel ontModel) {
|
||||
this.ontModel = ontModel;
|
||||
}
|
||||
|
||||
public OntModel getOntModel() {
|
||||
return ontModel;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -10,12 +12,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
|||
public class AddDataPropertyStatement extends
|
||||
AbstractDataPropertyStatementAction {
|
||||
|
||||
public AddDataPropertyStatement(String subjectUri, String predicateUri) {
|
||||
super(subjectUri, predicateUri);
|
||||
public AddDataPropertyStatement(OntModel ontModel, String subjectUri,
|
||||
String predicateUri) {
|
||||
super(ontModel, subjectUri, predicateUri);
|
||||
}
|
||||
|
||||
public AddDataPropertyStatement(DataPropertyStatement dps) {
|
||||
super(dps);
|
||||
public AddDataPropertyStatement(OntModel ontModel, DataPropertyStatement dps) {
|
||||
super(ontModel, dps);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -9,12 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
|||
*/
|
||||
public class AddObjectPropertyStatement extends
|
||||
AbstractObjectPropertyStatementAction {
|
||||
public AddObjectPropertyStatement(String uriOfSub, String uriOfPred,
|
||||
String uriOfObj) {
|
||||
super(uriOfSub, uriOfPred, uriOfObj);
|
||||
public AddObjectPropertyStatement(OntModel ontModel, String uriOfSub,
|
||||
String uriOfPred, String uriOfObj) {
|
||||
super(ontModel, uriOfSub, uriOfPred, uriOfObj);
|
||||
}
|
||||
|
||||
public AddObjectPropertyStatement(ObjectPropertyStatement ops) {
|
||||
super(ops);
|
||||
public AddObjectPropertyStatement(OntModel ontModel,
|
||||
ObjectPropertyStatement ops) {
|
||||
super(ontModel, ops);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -11,11 +13,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
|||
public class DropDataPropertyStatement extends
|
||||
AbstractDataPropertyStatementAction {
|
||||
|
||||
public DropDataPropertyStatement(String subjectUri, String predicateUri) {
|
||||
super(subjectUri, predicateUri);
|
||||
public DropDataPropertyStatement(OntModel ontModel, String subjectUri,
|
||||
String predicateUri) {
|
||||
super(ontModel, subjectUri, predicateUri);
|
||||
}
|
||||
|
||||
public DropDataPropertyStatement(DataPropertyStatement dps) {
|
||||
super(dps);
|
||||
public DropDataPropertyStatement(OntModel ontModel,
|
||||
DataPropertyStatement dps) {
|
||||
super(ontModel, dps);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,18 +2,23 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
|
||||
/**
|
||||
* Should we allow the user to delete this ObjectPropertyStatement from this
|
||||
* model?
|
||||
*/
|
||||
public class DropObjectPropertyStatement extends AbstractObjectPropertyStatementAction {
|
||||
public DropObjectPropertyStatement(String sub, String pred, String obj) {
|
||||
super(sub, pred, obj);
|
||||
public class DropObjectPropertyStatement extends
|
||||
AbstractObjectPropertyStatementAction {
|
||||
public DropObjectPropertyStatement(OntModel ontModel, String sub,
|
||||
String pred, String obj) {
|
||||
super(ontModel, sub, pred, obj);
|
||||
}
|
||||
|
||||
public DropObjectPropertyStatement(ObjectPropertyStatement ops) {
|
||||
super(ops);
|
||||
public DropObjectPropertyStatement(OntModel ontModel,
|
||||
ObjectPropertyStatement ops) {
|
||||
super(ontModel, ops);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
|
||||
/**
|
||||
|
|
@ -9,11 +11,13 @@ import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
|||
*/
|
||||
public class EditDataPropertyStatement extends
|
||||
AbstractDataPropertyStatementAction {
|
||||
public EditDataPropertyStatement(String subjectUri, String predicateUri) {
|
||||
super(subjectUri, predicateUri);
|
||||
public EditDataPropertyStatement(OntModel ontModel, String subjectUri,
|
||||
String predicateUri) {
|
||||
super(ontModel, subjectUri, predicateUri);
|
||||
}
|
||||
|
||||
public EditDataPropertyStatement(DataPropertyStatement dps) {
|
||||
super(dps);
|
||||
public EditDataPropertyStatement(OntModel ontModel,
|
||||
DataPropertyStatement dps) {
|
||||
super(ontModel, dps);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,18 +2,22 @@
|
|||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
|
||||
/**
|
||||
* Should we allow the user to edit this ObjectPropertyStatement in this model?
|
||||
*/
|
||||
public class EditObjectPropertyStatement extends AbstractObjectPropertyStatementAction {
|
||||
public EditObjectPropertyStatement(String subjectUri, String keywordPredUri,
|
||||
String objectUri) {
|
||||
super(subjectUri, keywordPredUri, objectUri);
|
||||
public class EditObjectPropertyStatement extends
|
||||
AbstractObjectPropertyStatementAction {
|
||||
public EditObjectPropertyStatement(OntModel ontModel, String subjectUri,
|
||||
String keywordPredUri, String objectUri) {
|
||||
super(ontModel, subjectUri, keywordPredUri, objectUri);
|
||||
}
|
||||
|
||||
public EditObjectPropertyStatement(ObjectPropertyStatement ops) {
|
||||
super(ops);
|
||||
public EditObjectPropertyStatement(OntModel ontModel,
|
||||
ObjectPropertyStatement ops) {
|
||||
super(ontModel, ops);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -89,7 +89,8 @@ public class ShowAuthController extends FreemarkerHttpServlet {
|
|||
* this individual?
|
||||
*/
|
||||
private boolean mayEditIndividual(VitroRequest vreq, String individualUri) {
|
||||
RequestedAction action = new EditObjectPropertyStatement(individualUri,
|
||||
RequestedAction action = new EditObjectPropertyStatement(
|
||||
vreq.getJenaOntModel(), individualUri,
|
||||
RequestActionConstants.SOME_URI,
|
||||
RequestActionConstants.SOME_URI);
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, action);
|
||||
|
|
|
|||
|
|
@ -138,14 +138,16 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
RequestedAction ra;
|
||||
if (ACTION_DELETE.equals(action)
|
||||
|| ACTION_DELETE_EDIT.equals(action)) {
|
||||
ra = new DropObjectPropertyStatement(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
ra = new DropObjectPropertyStatement(vreq.getJenaOntModel(),
|
||||
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
|
||||
imageUri);
|
||||
} else if (imageUri != null) {
|
||||
ra = new EditObjectPropertyStatement(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
ra = new EditObjectPropertyStatement(vreq.getJenaOntModel(),
|
||||
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
|
||||
imageUri);
|
||||
} else {
|
||||
ra = new AddObjectPropertyStatement(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE,
|
||||
ra = new AddObjectPropertyStatement(vreq.getJenaOntModel(),
|
||||
entity.getURI(), VitroVocabulary.IND_MAIN_IMAGE,
|
||||
RequestActionConstants.SOME_URI);
|
||||
}
|
||||
return new Actions(ra);
|
||||
|
|
|
|||
|
|
@ -112,9 +112,11 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
|
|||
* an object property to the Individual being shown.
|
||||
*/
|
||||
public boolean isEditable() {
|
||||
AddDataPropertyStatement adps = new AddDataPropertyStatement(individual.getURI(),
|
||||
AddDataPropertyStatement adps = new AddDataPropertyStatement(
|
||||
vreq.getJenaOntModel(), individual.getURI(),
|
||||
RequestActionConstants.SOME_URI);
|
||||
AddObjectPropertyStatement aops = new AddObjectPropertyStatement(individual.getURI(),
|
||||
AddObjectPropertyStatement aops = new AddObjectPropertyStatement(
|
||||
vreq.getJenaOntModel(), individual.getURI(),
|
||||
RequestActionConstants.SOME_URI,
|
||||
RequestActionConstants.SOME_URI);
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, new Actions(adps).or(aops));
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat
|
|||
private String makeDeleteUrl() {
|
||||
// Determine whether the statement can be deleted
|
||||
DataPropertyStatement dps = makeStatement();
|
||||
RequestedAction action = new DropDataPropertyStatement(dps);
|
||||
RequestedAction action = new DropDataPropertyStatement(vreq.getJenaOntModel(), dps);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return "";
|
||||
}
|
||||
|
|
@ -66,7 +66,7 @@ public class DataPropertyStatementTemplateModel extends PropertyStatementTemplat
|
|||
|
||||
// Determine whether the statement can be edited
|
||||
DataPropertyStatement dps = makeStatement();
|
||||
RequestedAction action = new EditDataPropertyStatement(dps);
|
||||
RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return "";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -76,7 +76,8 @@ public class DataPropertyTemplateModel extends PropertyTemplateModel {
|
|||
}
|
||||
|
||||
// Determine whether a new statement can be added
|
||||
RequestedAction action = new AddDataPropertyStatement(subjectUri, propertyUri);
|
||||
RequestedAction action = new AddDataPropertyStatement(
|
||||
vreq.getJenaOntModel(), subjectUri, propertyUri);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ public class NameStatementTemplateModel extends PropertyStatementTemplateModel {
|
|||
private String makeEditUrl(Literal literal) {
|
||||
// Determine whether the statement can be edited
|
||||
DataPropertyStatement dps = makeStatement(literal);
|
||||
RequestedAction action = new EditDataPropertyStatement(dps);
|
||||
RequestedAction action = new EditDataPropertyStatement(vreq.getJenaOntModel(), dps);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return "";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,7 +55,8 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl
|
|||
}
|
||||
|
||||
// Determine whether the statement can be deleted
|
||||
RequestedAction action = new DropObjectPropertyStatement(subjectUri, propertyUri, objectUri);
|
||||
RequestedAction action = new DropObjectPropertyStatement(
|
||||
vreq.getJenaOntModel(), subjectUri, propertyUri, objectUri);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return "";
|
||||
}
|
||||
|
|
@ -96,7 +97,7 @@ public class ObjectPropertyStatementTemplateModel extends PropertyStatementTempl
|
|||
}
|
||||
|
||||
// Determine whether the statement can be edited
|
||||
RequestedAction action = new EditObjectPropertyStatement(ops);
|
||||
RequestedAction action = new EditObjectPropertyStatement(vreq.getJenaOntModel(), ops);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return "";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,9 @@ public abstract class ObjectPropertyTemplateModel extends PropertyTemplateModel
|
|||
}
|
||||
|
||||
// Determine whether a new statement can be added
|
||||
RequestedAction action = new AddObjectPropertyStatement(subjectUri, propertyUri, RequestActionConstants.SOME_URI);
|
||||
RequestedAction action = new AddObjectPropertyStatement(
|
||||
vreq.getJenaOntModel(), subjectUri, propertyUri,
|
||||
RequestActionConstants.SOME_URI);
|
||||
if ( ! PolicyHelper.isAuthorizedForActions(vreq, action) ) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ import stubs.javax.servlet.ServletContextStub;
|
|||
import stubs.javax.servlet.http.HttpServletRequestStub;
|
||||
import stubs.javax.servlet.http.HttpSessionStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
|
|
@ -26,6 +27,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
||||
/**
|
||||
* Test the function of PolicyHelper in authorizing statements and models.
|
||||
|
|
@ -38,7 +40,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
|
||||
private ServletContextStub ctx;
|
||||
private HttpSessionStub session;
|
||||
private HttpServletRequestStub req;
|
||||
private VitroRequest vreq;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
|
|
@ -47,8 +49,10 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
session = new HttpSessionStub();
|
||||
session.setServletContext(ctx);
|
||||
|
||||
req = new HttpServletRequestStub();
|
||||
HttpServletRequestStub req = new HttpServletRequestStub();
|
||||
req.setSession(session);
|
||||
vreq = new VitroRequest(req);
|
||||
vreq.setJenaOntModel(ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM));
|
||||
|
||||
setLoggerLevel(ServletPolicyList.class, Level.WARN);
|
||||
ServletPolicyList.addPolicy(ctx, new MySimplePolicy());
|
||||
|
|
@ -61,7 +65,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addNullStatement() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, (Statement) null));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, (Statement) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -77,7 +81,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
APPROVED_PREDICATE_URI);
|
||||
assertEquals("authorized", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, stmt));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -85,13 +89,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
UNAPPROVED_PREDICATE_URI);
|
||||
assertEquals("not authorized", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, stmt));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void dropNullStatement() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, (Statement) null));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, (Statement) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -107,7 +111,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
APPROVED_PREDICATE_URI);
|
||||
assertEquals("authorized", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, stmt));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -115,7 +119,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
UNAPPROVED_PREDICATE_URI);
|
||||
assertEquals("not authorized", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, stmt));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, stmt));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
@ -125,7 +129,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addNullModel() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, (Model) null));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, (Model) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -137,7 +141,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addEmptyModel() {
|
||||
assertEquals("empty model", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model()));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -147,7 +151,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("authorized model", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -157,13 +161,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("unauthorized model", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void dropNullModel() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, (Model) null));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, (Model) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -175,7 +179,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void dropEmptyModel() {
|
||||
assertEquals("empty model", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model()));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -185,7 +189,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("authorized model", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -195,7 +199,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("unauthorized model", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -13,6 +13,11 @@ import org.junit.Test;
|
|||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
|
|
@ -58,6 +63,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
private SelfEditingPolicy policy;
|
||||
private IdentifierBundle ids;
|
||||
private RequestedAction whatToAuth;
|
||||
private OntModel ontModel;
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
|
|
@ -73,6 +79,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
ind.setURI(SELFEDITOR_URI);
|
||||
|
||||
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
|
||||
|
||||
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -86,72 +94,72 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
"http://mannlib.cornell.edu/bad#prp0020" });
|
||||
PropertyRestrictionPolicyHelper.setBean(ctx, prph);
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
"http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
"http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// now with dataprop statements
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp234");
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp999");
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisitIdentifierBundleAddObjectPropStmt() {
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -169,24 +177,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
//
|
||||
@Test
|
||||
public void testVisitIdentifierBundleDropObjectPropStmt() {
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -210,39 +218,39 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
//
|
||||
@Test
|
||||
public void testVisitIdentifierBundleEditDataPropStmt() {
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI,SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI,SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, UNSAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(UNSAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, UNSAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisitIdentifierBundleEditObjPropStmt() {
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -254,7 +262,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsFindObjectPropertySubject() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -262,7 +270,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsFindObjectPropertyObject() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -270,7 +278,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsDontFindInObjectProperty() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -279,7 +287,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
public void twoSEIsFindDataPropertySubject() {
|
||||
setUpTwoSEIs();
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
|
|
@ -287,7 +295,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
public void twoSEIsDontFindInDataProperty() {
|
||||
setUpTwoSEIs();
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestricti
|
|||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler;
|
||||
|
||||
|
|
@ -29,8 +30,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
|
|
@ -69,6 +68,14 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
/** A bundle that contains a SelfEditing individual. */
|
||||
IdentifierBundle ids;
|
||||
|
||||
/**
|
||||
* An empty model that acts as a placeholder in the requested actions. The
|
||||
* SelfEditingPolicy does not base its decisions on the contents of the
|
||||
* model.
|
||||
*/
|
||||
private OntModel ontModel;
|
||||
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
InputStream is = getClass().getResourceAsStream(
|
||||
|
|
@ -78,6 +85,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
// suppress the warning messages from loading the model.
|
||||
setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF);
|
||||
|
||||
// TODO This doesn't appear to be used for anything. Can it go away, along with the data file?
|
||||
OntModel model = ModelFactory.createOntologyModel();
|
||||
model.read(is, "");
|
||||
Assert.assertNotNull(model);
|
||||
|
|
@ -96,6 +104,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
|
||||
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
|
||||
|
||||
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
|
||||
|
||||
// setLoggerLevel(SelfEditingPolicySetupTest.class, Level.DEBUG);
|
||||
}
|
||||
|
||||
|
|
@ -113,7 +123,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
@Test
|
||||
public void nullIdentifierBundle() {
|
||||
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
|
||||
SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
PolicyDecision dec = policy.isAuthorized(null, whatToAuth);
|
||||
Assert.assertNotNull(dec);
|
||||
Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
|
||||
|
|
@ -267,7 +277,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertAddObjectPropStmt(String uriOfSub, String uriOfPred,
|
||||
String uriOfObj, Authorization expectedAuthorization) {
|
||||
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
|
||||
uriOfSub, uriOfPred, uriOfObj);
|
||||
ontModel, uriOfSub, uriOfPred, uriOfObj);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
@ -281,7 +291,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertEditObjPropStmt(String uriOfSub, String uriOfPred,
|
||||
String uriOfObj, Authorization expectedAuthorization) {
|
||||
EditObjectPropertyStatement whatToAuth = new EditObjectPropertyStatement(
|
||||
uriOfSub, uriOfPred, uriOfObj);
|
||||
ontModel, uriOfSub, uriOfPred, uriOfObj);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
@ -295,7 +305,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertEditDataPropStmt(String individualURI,
|
||||
String datapropURI, String data, Authorization expectedAuthorization) {
|
||||
EditDataPropertyStatement whatToAuth = new EditDataPropertyStatement(
|
||||
individualURI, datapropURI);
|
||||
ontModel, individualURI, datapropURI);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue