litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Classgroup cache clearing prohibited unless authorized. NIHVIVO-2942

Browse source
This commit is contained in:
briancaruso 2011-07-15 20:57:15 +00:00
parent d7d64e9862
commit 902d15287d
3 changed files with 33 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/UseRestrictedPagesByRoleLevelPolicy.java
View file

@ -10,6 +10,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.admin.RebuildVClassGroupCache;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.AccessSpecialDataModels;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.EditIndividuals;
@ -110,7 +111,9 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
} else if (whatToAuth instanceof EditOwnAccount) {
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
} else if (whatToAuth instanceof RebuildVClassGroupCache) {
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
} else if (whatToAuth instanceof RefreshVisualizationCacheAction) {
result = isAuthorized(whatToAuth, RoleLevel.DB_ADMIN, userRole);
} else {

10
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/admin/RebuildVClassGroupCache.java Normal file
View file

@ -0,0 +1,10 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.admin;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.AdminRequestedAction;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
public class RebuildVClassGroupCache extends RequestedAction implements
AdminRequestedAction {
}

21
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/BrowseController.java
View file

@ -10,6 +10,9 @@ import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.admin.RebuildVClassGroupCache;
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
@ -29,6 +32,16 @@ public class BrowseController extends FreemarkerHttpServlet {
return "Index of Contents";
}
@Override
protected Actions requiredActions(VitroRequest vreq) {
if ( vreq.getParameter("clearcache") != null )
return new Actions(new RebuildVClassGroupCache() );
else
return Actions.AUTHORIZED;
}
@Override
protected ResponseValues processRequest(VitroRequest vreq) {
@ -55,8 +68,12 @@ public class BrowseController extends FreemarkerHttpServlet {
templateName = Template.TITLED_MESSAGE.toString();
}
if ( vreq.getParameter("clearcache") != null ) //mainly for debugging
clearGroupCache();
if ( vreq.getParameter("clearcache") != null ) {
//mainly for debugging
if( PolicyHelper.isAuthorizedForActions(vreq, new RebuildVClassGroupCache()) ){
clearGroupCache();
}
}
return new TemplateResponseValues(templateName, body);
}