NIHVIVO-3523 Convert all simple SELF_EDITOR-or-above requested actions to SimplePermissions.
This commit is contained in:
j2blake
parent
b36659d9f4
commit
8ba596bfae
27 changed files with 91 additions and 148 deletions
|
|
@ -30,12 +30,18 @@ public class SimplePermission implements Permission {
|
|||
"AccessSpecialDataModels");
|
||||
public static final SimplePermission DO_BACK_END_EDITING = new SimplePermission(
|
||||
"DoBackEndEditing");
|
||||
public static final SimplePermission DO_FRONT_END_EDITING = new SimplePermission(
|
||||
"DoFrontEndEditing");
|
||||
public static final SimplePermission EDIT_ONTOLOGY = new SimplePermission(
|
||||
"EditOntology");
|
||||
public static final SimplePermission EDIT_OWN_ACCOUNT = new SimplePermission(
|
||||
"EditOwnAccount");
|
||||
public static final SimplePermission EDIT_SITE_INFORMATION = new SimplePermission(
|
||||
"EditSiteInformation");
|
||||
public static final SimplePermission MANAGE_MENUS = new SimplePermission(
|
||||
"ManageMenus");
|
||||
public static final SimplePermission MANAGE_OWN_PROXIES = new SimplePermission(
|
||||
"ManageOwnProxies");
|
||||
public static final SimplePermission MANAGE_PORTALS = new SimplePermission(
|
||||
"ManagePortals");
|
||||
public static final SimplePermission MANAGE_PROXIES = new SimplePermission(
|
||||
|
|
@ -46,6 +52,8 @@ public class SimplePermission implements Permission {
|
|||
"ManageTabs");
|
||||
public static final SimplePermission MANAGE_USER_ACCOUNTS = new SimplePermission(
|
||||
"ManageUserAccounts");
|
||||
public static final SimplePermission QUERY_USER_ACCOUNTS_MODEL = new SimplePermission(
|
||||
"QueryUserAccountsModel");
|
||||
public static final SimplePermission REBUILD_VCLASS_GROUP_CACHE = new SimplePermission(
|
||||
"RebuildVClassGroupCache");
|
||||
public static final SimplePermission REFRESH_VISUALIZATION_CACHE = new SimplePermission(
|
||||
|
|
@ -62,12 +70,16 @@ public class SimplePermission implements Permission {
|
|||
"SeeVerbosePropertyInformation");
|
||||
public static final SimplePermission USE_ADVANCED_DATA_TOOLS_PAGES = new SimplePermission(
|
||||
"UseAdvancedDataToolsPages");
|
||||
public static final SimplePermission USE_BASIC_AJAX_CONTROLLERS = new SimplePermission(
|
||||
"UseBasicAjaxControllers");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_ADMIN_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousAdminPages");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_CURATOR_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousCuratorPages");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_EDITOR_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousEditorPages");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousPages");
|
||||
|
||||
public static List<SimplePermission> getAllInstances() {
|
||||
return new ArrayList<SimplePermission>(allInstances.values());
|
||||
|
|
|
|||
|
|
@ -12,12 +12,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryFullModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryUserAccountsModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoFrontEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.EditOwnAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageOwnProxies;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
|
||||
/**
|
||||
|
|
@ -41,25 +35,7 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
|
|||
RoleLevel userRole = HasRoleLevel.getUsersRoleLevel(whoToAuth);
|
||||
|
||||
PolicyDecision result;
|
||||
if (whatToAuth instanceof UseBasicAjaxControllers) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof UseMiscellaneousPages) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof EditOwnAccount) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof ManageOwnProxies) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof QueryUserAccountsModel) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof DoFrontEndEditing) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof QueryFullModel) {
|
||||
if (whatToAuth instanceof QueryFullModel) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.PUBLIC, userRole);
|
||||
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -1,10 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to query the User Accounts model? */
|
||||
public class QueryUserAccountsModel extends RequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to use font-end editing pages (n3 editing) ? */
|
||||
public class DoFrontEndEditing extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to edit his own account (name, email, etc)? */
|
||||
public class EditOwnAccount extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to manage the proxy editors for his own profile? */
|
||||
public class ManageOwnProxies extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to use the basic Ajax controllers? */
|
||||
public class UseBasicAjaxControllers extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/**
|
||||
* Should we allow the user to use the odd-lots pages that were designed for
|
||||
* anyone who is logged in?
|
||||
*/
|
||||
public class UseMiscellaneousPages extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -12,7 +12,6 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageOwnProxies;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
|
||||
|
|
@ -27,7 +26,8 @@ public class ManageProxiesAjaxController extends VitroAjaxController {
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new ManageOwnProxies()).or(SimplePermission.MANAGE_PROXIES.ACTION);
|
||||
return SimplePermission.MANAGE_OWN_PROXIES.ACTIONS
|
||||
.or(SimplePermission.MANAGE_PROXIES.ACTION);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageOwnProxies;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
|
@ -201,8 +201,8 @@ public class UserAccountsMyAccountPage extends UserAccountsPage {
|
|||
}
|
||||
|
||||
boolean isProxyPanelAuthorized() {
|
||||
return PolicyHelper
|
||||
.isAuthorizedForActions(vreq, new ManageOwnProxies())
|
||||
return PolicyHelper.isAuthorizedForActions(vreq,
|
||||
SimplePermission.MANAGE_OWN_PROXIES.ACTIONS)
|
||||
&& (getProfilePage(userAccount) != null);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,8 +7,8 @@ import static edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSour
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.EditOwnAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -37,7 +37,7 @@ public class UserAccountsUserController extends FreemarkerHttpServlet {
|
|||
String action = vreq.getPathInfo();
|
||||
|
||||
if (ACTION_MY_ACCOUNT.equals(action)) {
|
||||
return new Actions(new EditOwnAccount());
|
||||
return SimplePermission.EDIT_OWN_ACCOUNT.ACTIONS;
|
||||
} else {
|
||||
return Actions.AUTHORIZED;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,9 +26,9 @@ import com.hp.hpl.jena.query.ResultSetFormatter;
|
|||
import com.hp.hpl.jena.query.Syntax;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryFullModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryUserAccountsModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.OntModelSelector;
|
||||
|
||||
|
|
@ -53,7 +53,7 @@ public class SparqlQueryAjaxController extends VitroAjaxController {
|
|||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
String modelParam = getModelParam(vreq);
|
||||
if (OPTION_MODEL_USER_ACCOUNTS.equals(modelParam)) {
|
||||
return new Actions(new QueryUserAccountsModel());
|
||||
return SimplePermission.QUERY_USER_ACCOUNTS_MODEL.ACTIONS;
|
||||
} else {
|
||||
return new Actions(new QueryFullModel());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ import org.apache.commons.lang.StringUtils;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
|
|
@ -24,7 +24,7 @@ public class PrimitiveDelete extends VitroAjaxController {
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new UseBasicAjaxControllers());
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -9,9 +9,7 @@ import java.util.HashSet;
|
|||
import java.util.Set;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.httpclient.HttpStatus;
|
||||
import org.apache.commons.logging.Log;
|
||||
|
|
@ -21,9 +19,8 @@ import com.hp.hpl.jena.ontology.OntModel;
|
|||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
import com.hp.hpl.jena.shared.Lock;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.DependentResourceDeleteJena;
|
||||
|
|
@ -38,7 +35,7 @@ public class PrimitiveRdfEdit extends VitroAjaxController {
|
|||
//Using the same setsup as primitive delete
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new UseBasicAjaxControllers());
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -10,20 +10,18 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import com.hp.hpl.jena.datatypes.TypeMapper;
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.rdf.model.Literal;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Resource;
|
||||
import com.hp.hpl.jena.rdf.model.ResourceFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
import com.hp.hpl.jena.rdf.model.RDFNode;
|
||||
import com.hp.hpl.jena.rdf.model.Literal;
|
||||
import com.hp.hpl.jena.rdf.model.Resource;
|
||||
import com.hp.hpl.jena.rdf.model.ResourceFactory;
|
||||
import com.hp.hpl.jena.shared.Lock;
|
||||
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DataPropertyStatementDao;
|
||||
|
|
@ -48,7 +46,7 @@ public class ReorderController extends VitroAjaxController {
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new UseBasicAjaxControllers());
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ import org.apache.commons.logging.LogFactory;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.EditOwnAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
|
||||
|
|
@ -363,7 +362,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
urls.put("currentPage", getCurrentPageUrl(vreq));
|
||||
urls.put("referringPage", getReferringPageUrl(vreq));
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, new EditOwnAccount())) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, SimplePermission.EDIT_OWN_ACCOUNT.ACTIONS)) {
|
||||
urls.put("myAccount", UrlBuilder.getUrl("/accounts/myAccount"));
|
||||
} else {
|
||||
urls.remove("myAccount"); // clear value from a previous request
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ import javax.servlet.http.HttpSession;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoFrontEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Property;
|
||||
|
|
@ -23,7 +23,6 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServ
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.DirectRedirectResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.RedirectResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
|
|
@ -33,8 +32,6 @@ import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.EditConfigurationVTw
|
|||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.EditSubmissionUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.VTwo.MultiValueEditSubmission;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.generators.EditConfigurationGenerator;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.URLEncoder;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.beanswrappers.ReadOnlyBeansWrapper;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.edit.EditConfigurationTemplateModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.web.templatemodels.edit.MultiValueEditSubmissionTemplateModel;
|
||||
/**
|
||||
|
|
@ -59,7 +56,7 @@ public class EditRequestDispatchController extends FreemarkerHttpServlet {
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new DoFrontEndEditing());
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ import javax.servlet.http.HttpSession;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoFrontEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
|
||||
|
|
@ -31,7 +31,7 @@ public class PostEditCleanupController extends FreemarkerHttpServlet{
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new DoFrontEndEditing());
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -18,8 +18,8 @@ import com.hp.hpl.jena.rdf.model.Model;
|
|||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
import com.hp.hpl.jena.rdf.model.ResourceFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoFrontEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -52,7 +52,7 @@ public class ProcessRdfFormController extends FreemarkerHttpServlet{
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new DoFrontEndEditing());
|
||||
return SimplePermission.DO_FRONT_END_EDITING.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -24,8 +24,8 @@ import org.apache.solr.common.SolrDocumentList;
|
|||
import org.json.JSONArray;
|
||||
import org.json.JSONObject;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.ajax.VitroAjaxController;
|
||||
import edu.cornell.mannlib.vitro.webapp.search.VitroSearchTermNames;
|
||||
|
|
@ -55,7 +55,7 @@ public class AutocompleteController extends VitroAjaxController {
|
|||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new UseBasicAjaxControllers());
|
||||
return SimplePermission.USE_BASIC_AJAX_CONTROLLERS.ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -14,8 +14,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -46,7 +45,8 @@ public class GetAllClasses extends BaseEditController {
|
|||
*/
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,8 +23,7 @@ import com.hp.hpl.jena.vocabulary.RDFS;
|
|||
import com.hp.hpl.jena.vocabulary.XSD;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -58,7 +57,8 @@ public class GetAllPrefix extends BaseEditController {
|
|||
*/
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,8 +21,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance;
|
||||
|
|
@ -45,7 +44,8 @@ public class GetClazzAllProperties extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,8 +15,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DataPropertyDao;
|
||||
|
|
@ -34,7 +33,8 @@ public class GetClazzDataProperties extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,8 +20,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -41,7 +40,8 @@ public class GetClazzObjectProperties extends BaseEditController {
|
|||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -14,8 +14,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
|
|
@ -50,7 +49,8 @@ public class GetObjectClasses extends BaseEditController {
|
|||
*/
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new UseMiscellaneousPages()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.USE_MISCELLANEOUS_PAGES.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,6 +34,14 @@ auth:ADMIN
|
|||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
.
|
||||
|
||||
auth:CURATOR
|
||||
|
|
@ -54,6 +62,14 @@ auth:CURATOR
|
|||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
.
|
||||
|
||||
auth:EDITOR
|
||||
|
|
@ -66,10 +82,26 @@ auth:EDITOR
|
|||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
.
|
||||
|
||||
auth:SELF_EDITOR
|
||||
a auth:PermissionSet ;
|
||||
a auth:DefaultPermissionSetForNewUsers ;
|
||||
rdfs:label "Self Editor" ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
.
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue