From 97a878d3c9ab5737fc685665f7b6440d7ad09307 Mon Sep 17 00:00:00 2001 From: j2blake Date: Sun, 8 Jan 2012 23:06:17 +0000 Subject: [PATCH] NIHVIVO-3523 Clean up HasRoleLevel identifier - no longer used. --- .../auth/identifier/common/HasRoleLevel.java | 52 ------------------- .../factory/HasRoleLevelFactory.java | 29 ----------- .../policy/setup/CommonPolicyFamilySetup.java | 2 - .../authenticate/LoginRedirector.java | 44 +++++++--------- .../n3editing/processEdit/EditN3Utils.java | 2 - .../controller/edit/AuthenticateTest.java | 22 ++++++-- 6 files changed, 36 insertions(+), 115 deletions(-) delete mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasRoleLevel.java delete mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasRoleLevel.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasRoleLevel.java deleted file mode 100644 index 535ef5815..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasRoleLevel.java +++ /dev/null @@ -1,52 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.identifier.common; - -import java.util.Collection; -import java.util.HashSet; -import java.util.Set; - -import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; - -/** - * The current user has this RoleLevel. - */ -public class HasRoleLevel extends AbstractCommonIdentifier implements Identifier { - public static Collection getIdentifiers(IdentifierBundle ids) { - return getIdentifiersForClass(ids, HasRoleLevel.class); - } - - public static Collection getRoleLevelUris(IdentifierBundle ids) { - Set set = new HashSet(); - for (HasRoleLevel id : getIdentifiers(ids)) { - set.add(id.getRoleLevel().getURI()); - } - return set; - } - - public static RoleLevel getUsersRoleLevel(IdentifierBundle whoToAuth) { - Collection roleIds = getIdentifiers(whoToAuth); - if (roleIds.isEmpty()) { - return RoleLevel.PUBLIC; - } else { - return roleIds.iterator().next().getRoleLevel(); - } - } - - private final RoleLevel roleLevel; - - public HasRoleLevel(RoleLevel roleLevel) { - this.roleLevel = roleLevel; - } - - public RoleLevel getRoleLevel() { - return roleLevel; - } - - @Override - public String toString() { - return "HasRoleLevel[" + roleLevel + "]"; - } -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java deleted file mode 100644 index bf118184d..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java +++ /dev/null @@ -1,29 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; - -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; - -import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel; -import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; - -/** - * Create an identifier that shows the role level of the current user, or - * PUBLIC if the user is not logged in. - */ -public class HasRoleLevelFactory extends BaseIdentifierBundleFactory { - - public HasRoleLevelFactory(ServletContext ctx) { - super(ctx); - } - - @Override - public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { - RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req); - return new ArrayIdentifierBundle(new HasRoleLevel(roleLevel)); - } - -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java index a3df32f5e..b3e2d1d9f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java @@ -11,7 +11,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProfileOrIsBlacklistedFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProxyEditingRightsFactory; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsRootUserFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsUserFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataToSelfPolicy; @@ -38,7 +37,6 @@ public class CommonPolicyFamilySetup implements ServletContextListener { factory(ctx, new IsUserFactory(ctx)); factory(ctx, new IsRootUserFactory(ctx)); - factory(ctx, new HasRoleLevelFactory(ctx)); factory(ctx, new HasProfileOrIsBlacklistedFactory(ctx)); factory(ctx, new HasPermissionFactory(ctx)); factory(ctx, new HasProxyEditingRightsFactory(ctx)); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java index db523865e..92c8cda72 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java @@ -16,11 +16,8 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.LoginStatusBean; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser; -import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; +import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; import edu.cornell.mannlib.vitro.webapp.controller.Controllers; @@ -71,20 +68,22 @@ public class LoginRedirector { if (isSelfEditorWithIndividual()) { log.debug("Going to Individual home page."); return getAssociatedIndividualHomePage(); - } else if (isMerelySelfEditor()) { + } + + if (!canSeeSiteAdminPage()) { log.debug("User not recognized. Going to application home."); return getApplicationHomePageUrl(); + } + + if (isLoginPage(afterLoginPage)) { + log.debug("Coming from /login. Going to site admin page."); + return getSiteAdminPageUrl(); + } else if (null != afterLoginPage) { + log.debug("Returning to requested page: " + afterLoginPage); + return afterLoginPage; } else { - if (isLoginPage(afterLoginPage)) { - log.debug("Coming from /login. Going to site admin page."); - return getSiteAdminPageUrl(); - } else if (null != afterLoginPage) { - log.debug("Returning to requested page: " + afterLoginPage); - return afterLoginPage; - } else { - log.debug("Don't know what to do. Go home."); - return getApplicationHomePageUrl(); - } + log.debug("Don't know what to do. Go home."); + return getApplicationHomePageUrl(); } } @@ -113,7 +112,7 @@ public class LoginRedirector { } public String assembleWelcomeMessage() { - if (isMerelySelfEditor() && !isSelfEditorWithIndividual()) { + if (!canSeeSiteAdminPage() && !isSelfEditorWithIndividual()) { // A special message for unrecognized self-editors: return "You have logged in, " + "but the system contains no profile for you."; @@ -147,14 +146,9 @@ public class LoginRedirector { } } - private boolean isMerelySelfEditor() { - IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(request); - if (IsRootUser.isRootUser(ids)) { - return false; - } - - RoleLevel role = HasRoleLevel.getUsersRoleLevel(ids); - return role == RoleLevel.PUBLIC || role == RoleLevel.SELF; + private boolean canSeeSiteAdminPage() { + return PolicyHelper.isAuthorizedForActions(request, + SimplePermission.SEE_SITE_ADMIN_PAGE.ACTIONS); } private boolean isLoginPage(String page) { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/processEdit/EditN3Utils.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/processEdit/EditN3Utils.java index e8a8256b4..2f1b1bb62 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/processEdit/EditN3Utils.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/processEdit/EditN3Utils.java @@ -12,7 +12,6 @@ import org.apache.xerces.util.XMLChar; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers; import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel; import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser; public class EditN3Utils { @@ -23,7 +22,6 @@ public class EditN3Utils { List uris = new ArrayList(); uris.addAll(IsUser.getUserUris(ids)); uris.addAll(HasProfile.getProfileUris(ids)); - uris.addAll(HasRoleLevel.getRoleLevelUris(ids)); uris.add("Unknown N3 Editor"); return uris.get(0); } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java index d62993f30..0389b65ee 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java @@ -36,9 +36,13 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; import edu.cornell.mannlib.vitro.testing.AbstractTestClass; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory; import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; +import edu.cornell.mannlib.vitro.webapp.auth.policy.PermissionsPolicy; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList; +import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator; @@ -125,7 +129,13 @@ public class AuthenticateTest extends AbstractTestClass { authenticator.setAssociatedUri(OLD_SELF.username, "old_self_associated_uri"); + PermissionSet adminPermissionSet = new PermissionSet(); + adminPermissionSet.setUri(URI_DBA); + adminPermissionSet.setPermissionUris(Collections + .singleton(SimplePermission.SEE_SITE_ADMIN_PAGE.getUri())); + userAccountsDao = new UserAccountsDaoStub(); + userAccountsDao.addPermissionSet(adminPermissionSet); userAccountsDao.addUser(createUserFromUserInfo(NEW_DBA)); userAccountsDao.addUser(createUserFromUserInfo(OLD_DBA)); userAccountsDao.addUser(createUserFromUserInfo(OLD_SELF)); @@ -140,6 +150,11 @@ public class AuthenticateTest extends AbstractTestClass { servletContext = new ServletContextStub(); servletContext.setAttribute("webappDaoFactory", webappDaoFactory); + setLoggerLevel(ServletPolicyList.class, Level.WARN); + ServletPolicyList.addPolicy(servletContext, new PermissionsPolicy()); + PermissionRegistry.createRegistry(servletContext, + Collections.singleton(SimplePermission.SEE_SITE_ADMIN_PAGE)); + servletConfig = new ServletConfigStub(); servletConfig.setServletContext(servletContext); @@ -153,9 +168,6 @@ public class AuthenticateTest extends AbstractTestClass { response = new HttpServletResponseStub(); - PermissionRegistry.createRegistry(servletContext, - Collections. emptySet()); - auth = new Authenticate(); auth.init(servletConfig); @@ -163,7 +175,7 @@ public class AuthenticateTest extends AbstractTestClass { new ConfigurationPropertiesStub().setBean(servletContext); ActiveIdentifierBundleFactories.addFactory(servletContext, - new HasRoleLevelFactory(servletContext)); + new HasPermissionFactory(servletContext)); } private UserAccount createUserFromUserInfo(UserInfo userInfo) {