NIHVIVO-2492 Restrict pages by UseMenuEditorPages requested action.
This commit is contained in:
j2blake
parent
b3b40d780d
commit
8986e0ccda
4 changed files with 25 additions and 9 deletions
|
|
@ -14,6 +14,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseEditUserAccountsPages;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseEditUserAccountsPages;
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMenuEditorPages;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UsePortalEditorPages;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UsePortalEditorPages;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseTabEditorPages;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseTabEditorPages;
|
||||||
|
|
@ -44,6 +45,8 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
|
||||||
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
||||||
} else if (whatToAuth instanceof UseEditUserAccountsPages) {
|
} else if (whatToAuth instanceof UseEditUserAccountsPages) {
|
||||||
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
||||||
|
} else if (whatToAuth instanceof UseMenuEditorPages) {
|
||||||
|
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
|
||||||
} else if (whatToAuth instanceof UseOntologyEditorPages) {
|
} else if (whatToAuth instanceof UseOntologyEditorPages) {
|
||||||
result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole);
|
result = isAuthorized(whatToAuth, RoleLevel.CURATOR, userRole);
|
||||||
} else if (whatToAuth instanceof UsePortalEditorPages) {
|
} else if (whatToAuth instanceof UsePortalEditorPages) {
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,11 @@
|
||||||
|
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||||
|
|
||||||
|
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||||
|
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||||
|
|
||||||
|
/** Should we allow the user to use the pages for editing menus? */
|
||||||
|
public class UseMenuEditorPages extends RequestedAction implements
|
||||||
|
UsePagesRequestedAction {
|
||||||
|
// no fields
|
||||||
|
}
|
||||||
|
|
@ -5,10 +5,13 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMenuEditorPages;
|
||||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||||
|
|
||||||
|
@RequiresAuthorizationFor(UseMenuEditorPages.class)
|
||||||
public class MenuN3EditController extends FreemarkerHttpServlet {
|
public class MenuN3EditController extends FreemarkerHttpServlet {
|
||||||
|
|
||||||
protected final static String N3MENU_FORM = "menuN3Edit.ftl";
|
protected final static String N3MENU_FORM = "menuN3Edit.ftl";
|
||||||
|
|
|
||||||
|
|
@ -68,13 +68,12 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
||||||
|
|
||||||
body.put("dataInput", getDataInputData(vreq));
|
body.put("dataInput", getDataInputData(vreq));
|
||||||
|
|
||||||
|
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
|
||||||
|
|
||||||
// rjy7 There is a risk that the login levels required to show the links will get out
|
// rjy7 There is a risk that the login levels required to show the links will get out
|
||||||
// of step with the levels required by the pages themselves. We should implement a
|
// of step with the levels required by the pages themselves. We should implement a
|
||||||
// mechanism similar to what's used on the front end to display links to Site Admin
|
// mechanism similar to what's used on the front end to display links to Site Admin
|
||||||
// and Revision Info iff the user has access to those pages.
|
// and Revision Info iff the user has access to those pages.
|
||||||
if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
|
|
||||||
body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
|
|
||||||
}
|
|
||||||
if (PolicyHelper.isAuthorizedForAction(vreq, UseOntologyEditorPages.class)) {
|
if (PolicyHelper.isAuthorizedForAction(vreq, UseOntologyEditorPages.class)) {
|
||||||
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
|
body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
|
||||||
}
|
}
|
||||||
|
|
@ -137,17 +136,17 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
||||||
urls.put("users", urlBuilder.getPortalUrl("/listUsers"));
|
urls.put("users", urlBuilder.getPortalUrl("/listUsers"));
|
||||||
}
|
}
|
||||||
|
|
||||||
boolean multiplePortals = !vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal();
|
if (PolicyHelper.isAuthorizedForServlet(vreq, PortalsListingController.class)) {
|
||||||
boolean mayEditPortals = PolicyHelper.isAuthorizedForServlet(vreq, PortalsListingController.class);
|
if ((!vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal())) {
|
||||||
if (multiplePortals && mayEditPortals) {
|
urls.put("portals", urlBuilder.getPortalUrl("/listPortals"));
|
||||||
urls.put("portals", urlBuilder.getPortalUrl("/listPortals"));
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (PolicyHelper.isAuthorizedForAction(vreq, UseSiteInfoEditingPage.class)) {
|
if (PolicyHelper.isAuthorizedForAction(vreq, UseSiteInfoEditingPage.class)) {
|
||||||
urls.put("siteInfo", urlBuilder.getPortalUrl("/editForm", new ParamMap("controller", "Portal", "id", String.valueOf(urlBuilder.getPortalId()))));
|
urls.put("siteInfo", urlBuilder.getPortalUrl("/editForm", new ParamMap("controller", "Portal", "id", String.valueOf(urlBuilder.getPortalId()))));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) {
|
if (PolicyHelper.isAuthorizedForServlet(vreq, MenuN3EditController.class)) {
|
||||||
urls.put("menuN3Editor", urlBuilder.getPortalUrl("/menuN3Editor"));
|
urls.put("menuN3Editor", urlBuilder.getPortalUrl("/menuN3Editor"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue