diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java index 5d7db69b5..20c593d89 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java @@ -14,6 +14,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseEditUserAccountsPages; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMenuEditorPages; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UsePortalEditorPages; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseTabEditorPages; @@ -44,6 +45,8 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface { result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole); } else if (whatToAuth instanceof UseEditUserAccountsPages) { result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole); + } else if (whatToAuth instanceof UseMenuEditorPages) { + result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole); } else if (whatToAuth instanceof UseOntologyEditorPages) { result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole); } else if (whatToAuth instanceof UsePortalEditorPages) { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/UseMenuEditorPages.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/UseMenuEditorPages.java new file mode 100644 index 000000000..125288bb4 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/UseMenuEditorPages.java @@ -0,0 +1,11 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages; + +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; + +/** Should we allow the user to use the pages for editing menus? */ +public class UseMenuEditorPages extends RequestedAction implements + UsePagesRequestedAction { + // no fields +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/MenuN3EditController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/MenuN3EditController.java index b415f9dd3..2fab7e401 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/MenuN3EditController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/MenuN3EditController.java @@ -5,10 +5,13 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker; import java.util.HashMap; import java.util.Map; +import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMenuEditorPages; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues; +@RequiresAuthorizationFor(UseMenuEditorPages.class) public class MenuN3EditController extends FreemarkerHttpServlet { protected final static String N3MENU_FORM = "menuN3Edit.ftl"; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java index cc1fa93cf..4205d8759 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java @@ -68,13 +68,12 @@ public class SiteAdminController extends FreemarkerHttpServlet { body.put("dataInput", getDataInputData(vreq)); + body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder)); + // rjy7 There is a risk that the login levels required to show the links will get out // of step with the levels required by the pages themselves. We should implement a // mechanism similar to what's used on the front end to display links to Site Admin // and Revision Info iff the user has access to those pages. - if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) { - body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder)); - } if (PolicyHelper.isAuthorizedForAction(vreq, UseOntologyEditorPages.class)) { body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder)); } @@ -137,17 +136,17 @@ public class SiteAdminController extends FreemarkerHttpServlet { urls.put("users", urlBuilder.getPortalUrl("/listUsers")); } - boolean multiplePortals = !vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal(); - boolean mayEditPortals = PolicyHelper.isAuthorizedForServlet(vreq, PortalsListingController.class); - if (multiplePortals && mayEditPortals) { - urls.put("portals", urlBuilder.getPortalUrl("/listPortals")); - } + if (PolicyHelper.isAuthorizedForServlet(vreq, PortalsListingController.class)) { + if ((!vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal())) { + urls.put("portals", urlBuilder.getPortalUrl("/listPortals")); + } + } if (PolicyHelper.isAuthorizedForAction(vreq, UseSiteInfoEditingPage.class)) { urls.put("siteInfo", urlBuilder.getPortalUrl("/editForm", new ParamMap("controller", "Portal", "id", String.valueOf(urlBuilder.getPortalId())))); } - if (LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) { + if (PolicyHelper.isAuthorizedForServlet(vreq, MenuN3EditController.class)) { urls.put("menuN3Editor", urlBuilder.getPortalUrl("/menuN3Editor")); }