Merge branch 'maint-rel-1.6' into develop
This commit is contained in:
j2blake
commit
912c9e964a
1 changed files with 48 additions and 15 deletions
|
|
@ -12,7 +12,9 @@ import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayDataProperty;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayDataPropertyStatement;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayDataPropertyStatement;
|
||||||
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayObjectProperty;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayObjectPropertyStatement;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.display.DisplayObjectPropertyStatement;
|
||||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||||
|
|
@ -44,16 +46,11 @@ public class PropertyGroupTemplateModel extends BaseTemplateModel {
|
||||||
|
|
||||||
List<Property> propertyList = group.getPropertyList();
|
List<Property> propertyList = group.getPropertyList();
|
||||||
properties = new ArrayList<PropertyTemplateModel>(propertyList.size());
|
properties = new ArrayList<PropertyTemplateModel>(propertyList.size());
|
||||||
|
|
||||||
for (Property p : propertyList) {
|
for (Property p : propertyList) {
|
||||||
if (p instanceof ObjectProperty) {
|
if (p instanceof ObjectProperty) {
|
||||||
ObjectProperty op = (ObjectProperty) p;
|
ObjectProperty op = (ObjectProperty) p;
|
||||||
ObjectPropertyStatement ops = new ObjectPropertyStatementImpl(subject.getURI(), op.getURI(), SOME_URI);
|
if (!allowedToDisplay(vreq, op, subject)) {
|
||||||
RequestedAction dops = new DisplayObjectPropertyStatement(ops);
|
|
||||||
/*
|
|
||||||
* We can't test the ObjectProperty itself for authorization;
|
|
||||||
* the self-editor policies need to know who the subject is.
|
|
||||||
*/
|
|
||||||
if (!PolicyHelper.isAuthorizedForActions(vreq, dops)) {
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
ObjectPropertyTemplateModel tm = ObjectPropertyTemplateModel.getObjectPropertyTemplateModel(
|
ObjectPropertyTemplateModel tm = ObjectPropertyTemplateModel.getObjectPropertyTemplateModel(
|
||||||
|
|
@ -64,13 +61,7 @@ public class PropertyGroupTemplateModel extends BaseTemplateModel {
|
||||||
|
|
||||||
} else if (p instanceof DataProperty){
|
} else if (p instanceof DataProperty){
|
||||||
DataProperty dp = (DataProperty) p;
|
DataProperty dp = (DataProperty) p;
|
||||||
DataPropertyStatementImpl dps = new DataPropertyStatementImpl(subject.getURI(), dp.getURI(), SOME_LITERAL);
|
if (!allowedToDisplay(vreq, dp, subject)) {
|
||||||
RequestedAction dops = new DisplayDataPropertyStatement(dps);
|
|
||||||
/*
|
|
||||||
* We can't test the DataProperty itself for authorization; the
|
|
||||||
* self-editor policies need to know who the subject is.
|
|
||||||
*/
|
|
||||||
if (!PolicyHelper.isAuthorizedForActions(vreq, dops)) {
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
properties.add(new DataPropertyTemplateModel(dp, subject, vreq, editing, populatedDataPropertyList));
|
properties.add(new DataPropertyTemplateModel(dp, subject, vreq, editing, populatedDataPropertyList));
|
||||||
|
|
@ -80,6 +71,48 @@ public class PropertyGroupTemplateModel extends BaseTemplateModel {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* See if the property is permitted in its own right. If not, the property
|
||||||
|
* statement might still be permitted to a self-editor.
|
||||||
|
*/
|
||||||
|
private boolean allowedToDisplay(VitroRequest vreq, ObjectProperty op,
|
||||||
|
Individual subject) {
|
||||||
|
RequestedAction dop = new DisplayObjectProperty(op);
|
||||||
|
if (PolicyHelper.isAuthorizedForActions(vreq, dop)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
ObjectPropertyStatement ops = new ObjectPropertyStatementImpl(
|
||||||
|
subject.getURI(), op.getURI(), SOME_URI);
|
||||||
|
RequestedAction dops = new DisplayObjectPropertyStatement(ops);
|
||||||
|
if (PolicyHelper.isAuthorizedForActions(vreq, dops)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* See if the property is permitted in its own right. If not, the property
|
||||||
|
* statement might still be permitted to a self-editor.
|
||||||
|
*/
|
||||||
|
private boolean allowedToDisplay(VitroRequest vreq, DataProperty dp,
|
||||||
|
Individual subject) {
|
||||||
|
RequestedAction dop = new DisplayDataProperty(dp);
|
||||||
|
if (PolicyHelper.isAuthorizedForActions(vreq, dop)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
DataPropertyStatementImpl dps = new DataPropertyStatementImpl(
|
||||||
|
subject.getURI(), dp.getURI(), SOME_LITERAL);
|
||||||
|
RequestedAction dops = new DisplayDataPropertyStatement(dps);
|
||||||
|
if (PolicyHelper.isAuthorizedForActions(vreq, dops)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
protected boolean isEmpty() {
|
protected boolean isEmpty() {
|
||||||
return properties.isEmpty();
|
return properties.isEmpty();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue