diff --git a/webapp/config/web.xml b/webapp/config/web.xml
index ef04d81c1..7f9ae5be7 100644
--- a/webapp/config/web.xml
+++ b/webapp/config/web.xml
@@ -132,6 +132,10 @@
-->
+
+ edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSetsLoader
+
+
edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper$Setup
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionSetsLoader.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionSetsLoader.java
new file mode 100644
index 000000000..501215d99
--- /dev/null
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PermissionSetsLoader.java
@@ -0,0 +1,97 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.permissions;
+
+import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import com.hp.hpl.jena.ontology.OntModel;
+import com.hp.hpl.jena.rdf.model.Property;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.shared.Lock;
+
+import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
+import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
+import edu.cornell.mannlib.vitro.webapp.dao.jena.ModelContext;
+import edu.cornell.mannlib.vitro.webapp.servlet.setup.AbortStartup;
+
+/**
+ * Load the initial configuration of PermissionSets and Permissions.
+ *
+ * The UserAccounts model must be created before this runs.
+ *
+ * For now, we just use the four hard-coded "roles".
+ */
+public class PermissionSetsLoader implements ServletContextListener {
+ private static final Log log = LogFactory
+ .getLog(PermissionSetsLoader.class);
+
+ @Override
+ public void contextInitialized(ServletContextEvent sce) {
+ ServletContext ctx = sce.getServletContext();
+
+ if (AbortStartup.isStartupAborted(ctx)) {
+ return;
+ }
+
+ try {
+ String ns = ConfigurationProperties.getBean(ctx).getProperty(
+ "Vitro.defaultNamespace");
+
+ OntModel model = ModelContext.getBaseOntModelSelector(ctx)
+ .getUserAccountsModel();
+
+ ModelWrapper wrapper = new ModelWrapper(model, ns);
+ wrapper.createPermissionSet("1", "Self Editor");
+ wrapper.createPermissionSet("2", "Editor");
+ wrapper.createPermissionSet("3", "Curator");
+ wrapper.createPermissionSet("4", "Site Admin");
+ } catch (Exception e) {
+ log.error("could not run PermissionSetsLoader" + e);
+ AbortStartup.abortStartup(ctx);
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ public void contextDestroyed(ServletContextEvent sce) {
+ // Nothing to tear down.
+ }
+
+ private static class ModelWrapper {
+ private final OntModel model;
+ private final String defaultNamespace;
+
+ private final Property typeProperty;
+ private final Property labelProperty;
+ private final Resource permissionSet;
+
+ public ModelWrapper(OntModel model, String defaultNamespace) {
+ this.model = model;
+ this.defaultNamespace = defaultNamespace;
+
+ typeProperty = model.createProperty(VitroVocabulary.RDF_TYPE);
+ labelProperty = model.createProperty(VitroVocabulary.LABEL);
+ permissionSet = model.createResource(VitroVocabulary.PERMISSIONSET);
+ }
+
+ public void createPermissionSet(String uriSuffix, String label) {
+ String uri = defaultNamespace + "permissionSet-" + uriSuffix;
+
+ model.enterCriticalSection(Lock.WRITE);
+ try {
+ Resource r = model.createResource(uri);
+ model.add(r, typeProperty, permissionSet);
+ model.add(r, labelProperty, label);
+ log.debug("Created permission set: '" + uri + "', '" + label
+ + "'");
+ } finally {
+ model.leaveCriticalSection();
+ }
+ }
+ }
+}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/UserAccountsDao.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/UserAccountsDao.java
index d0baff184..ab4ab022e 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/UserAccountsDao.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/UserAccountsDao.java
@@ -75,7 +75,7 @@ public interface UserAccountsDao {
PermissionSet getPermissionSetByUri(String uri);
/**
- * Get all of the PermissionSets in the model.
+ * Get all of the PermissionSets in the model, sorted by URI.
*
* @return a collection which might be empty, but is never null.
*/
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java
index 512c80b81..06f677691 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/UserAccountsDaoJena.java
@@ -4,6 +4,8 @@ package edu.cornell.mannlib.vitro.webapp.dao.jena;
import java.util.ArrayList;
import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
import java.util.List;
import java.util.Random;
@@ -79,10 +81,11 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
}
String userUri = null;
-
+
getOntModel().enterCriticalSection(Lock.READ);
try {
- StmtIterator stmts = getOntModel().listStatements(null, USERACCOUNT_EMAIL_ADDRESS,
+ StmtIterator stmts = getOntModel().listStatements(null,
+ USERACCOUNT_EMAIL_ADDRESS,
getOntModel().createLiteral(emailAddress));
if (stmts.hasNext()) {
userUri = stmts.next().getSubject().getURI();
@@ -90,7 +93,7 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
} finally {
getOntModel().leaveCriticalSection();
}
-
+
return getUserAccountByUri(userUri);
}
@@ -263,6 +266,8 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
getOntModel().leaveCriticalSection();
}
+ Collections.sort(list, new PermissionSetsByUri());
+
return list;
}
@@ -286,4 +291,11 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
+ errMsg);
}
+ private static class PermissionSetsByUri implements
+ Comparator {
+ @Override
+ public int compare(PermissionSet ps1, PermissionSet ps2) {
+ return ps1.getUri().compareTo(ps2.getUri());
+ }
+ }
}