NIHVIVO-3523 Clean up HasRoleLevel identifier - no longer used.

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasRoleLevel.java

@@ -1,52 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.identifier.common;
-
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
-
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
-
-/**
- * The current user has this RoleLevel.
- */
-public class HasRoleLevel extends AbstractCommonIdentifier implements Identifier {
-	public static Collection<HasRoleLevel> getIdentifiers(IdentifierBundle ids) {
-		return getIdentifiersForClass(ids, HasRoleLevel.class);
-	}
-
-	public static Collection<String> getRoleLevelUris(IdentifierBundle ids) {
-		Set<String> set = new HashSet<String>();
-		for (HasRoleLevel id : getIdentifiers(ids)) {
-			set.add(id.getRoleLevel().getURI());
-		}
-		return set;
-	}
-	
-	public static RoleLevel getUsersRoleLevel(IdentifierBundle whoToAuth) {
-		Collection<HasRoleLevel> roleIds = getIdentifiers(whoToAuth);
-		if (roleIds.isEmpty()) {
-			return RoleLevel.PUBLIC;
-		} else {
-			return roleIds.iterator().next().getRoleLevel();
-		}
-	}
-
-	private final RoleLevel roleLevel;
-
-	public HasRoleLevel(RoleLevel roleLevel) {
-		this.roleLevel = roleLevel;
-	}
-
-	public RoleLevel getRoleLevel() {
-		return roleLevel;
-	}
-
-	@Override
-	public String toString() {
-		return "HasRoleLevel[" + roleLevel + "]";
-	}
-}

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java

@@ -1,29 +0,0 @@
-/* $This file is distributed under the terms of the license in /doc/license.txt$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
-
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpServletRequest;
-
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
-import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
-
-/**
- * Create an identifier that shows the role level of the current user, or
- * PUBLIC if the user is not logged in.
- */
-public class HasRoleLevelFactory extends BaseIdentifierBundleFactory {
-
-	public HasRoleLevelFactory(ServletContext ctx) {
-		super(ctx);
-	}
-
-	@Override
-	public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
-		RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req);
-		return new ArrayIdentifierBundle(new HasRoleLevel(roleLevel));
-	}
-
-}

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java

@@ -11,7 +11,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProfileOrIsBlacklistedFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProxyEditingRightsFactory;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsRootUserFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsUserFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataToSelfPolicy;
@@ -38,7 +37,6 @@ public class CommonPolicyFamilySetup implements ServletContextListener {
 
 			factory(ctx, new IsUserFactory(ctx));
 			factory(ctx, new IsRootUserFactory(ctx));
-			factory(ctx, new HasRoleLevelFactory(ctx));
 			factory(ctx, new HasProfileOrIsBlacklistedFactory(ctx));
 			factory(ctx, new HasPermissionFactory(ctx));
 			factory(ctx, new HasProxyEditingRightsFactory(ctx));

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java

@@ -16,11 +16,8 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
-import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
+import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
@@ -71,20 +68,22 @@ public class LoginRedirector {
 		if (isSelfEditorWithIndividual()) {
 			log.debug("Going to Individual home page.");
 			return getAssociatedIndividualHomePage();
-		} else if (isMerelySelfEditor()) {
+		}
+
+		if (!canSeeSiteAdminPage()) {
 			log.debug("User not recognized. Going to application home.");
 			return getApplicationHomePageUrl();
+		}
+
+		if (isLoginPage(afterLoginPage)) {
+			log.debug("Coming from /login. Going to site admin page.");
+			return getSiteAdminPageUrl();
+		} else if (null != afterLoginPage) {
+			log.debug("Returning to requested page: " + afterLoginPage);
+			return afterLoginPage;
 		} else {
-			if (isLoginPage(afterLoginPage)) {
-				log.debug("Coming from /login. Going to site admin page.");
-				return getSiteAdminPageUrl();
-			} else if (null != afterLoginPage) {
-				log.debug("Returning to requested page: " + afterLoginPage);
-				return afterLoginPage;
-			} else {
-				log.debug("Don't know what to do. Go home.");
-				return getApplicationHomePageUrl();
-			}
+			log.debug("Don't know what to do. Go home.");
+			return getApplicationHomePageUrl();
 		}
 	}
 
@@ -113,7 +112,7 @@ public class LoginRedirector {
 	}
 
 	public String assembleWelcomeMessage() {
-		if (isMerelySelfEditor() && !isSelfEditorWithIndividual()) {
+		if (!canSeeSiteAdminPage() && !isSelfEditorWithIndividual()) {
 			// A special message for unrecognized self-editors:
 			return "You have logged in, "
 					+ "but the system contains no profile for you.";
@@ -147,14 +146,9 @@ public class LoginRedirector {
 		}
 	}
 
-	private boolean isMerelySelfEditor() {
-		IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(request);
-		if (IsRootUser.isRootUser(ids)) {
-			return false;
-		}
-		
-		RoleLevel role = HasRoleLevel.getUsersRoleLevel(ids);
-		return role == RoleLevel.PUBLIC || role == RoleLevel.SELF;
+	private boolean canSeeSiteAdminPage() {
+		return PolicyHelper.isAuthorizedForActions(request,
+				SimplePermission.SEE_SITE_ADMIN_PAGE.ACTIONS);
 	}
 
 	private boolean isLoginPage(String page) {

webapp/src/edu/cornell/mannlib/vitro/webapp/edit/n3editing/processEdit/EditN3Utils.java

@@ -12,7 +12,6 @@ import org.apache.xerces.util.XMLChar;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser;
 
 public class EditN3Utils {
@@ -23,7 +22,6 @@ public class EditN3Utils {
         List<String> uris = new ArrayList<String>();
         uris.addAll(IsUser.getUserUris(ids));
         uris.addAll(HasProfile.getProfileUris(ids));
-        uris.addAll(HasRoleLevel.getRoleLevelUris(ids));
         uris.add("Unknown N3 Editor");
         return uris.get(0);
     }   

webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java

@@ -36,9 +36,13 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
-import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
+import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PermissionsPolicy;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
+import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
 import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
 import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
@@ -125,7 +129,13 @@ public class AuthenticateTest extends AbstractTestClass {
 		authenticator.setAssociatedUri(OLD_SELF.username,
 				"old_self_associated_uri");
 
+		PermissionSet adminPermissionSet = new PermissionSet();
+		adminPermissionSet.setUri(URI_DBA);
+		adminPermissionSet.setPermissionUris(Collections
+				.singleton(SimplePermission.SEE_SITE_ADMIN_PAGE.getUri()));
+
 		userAccountsDao = new UserAccountsDaoStub();
+		userAccountsDao.addPermissionSet(adminPermissionSet);
 		userAccountsDao.addUser(createUserFromUserInfo(NEW_DBA));
 		userAccountsDao.addUser(createUserFromUserInfo(OLD_DBA));
 		userAccountsDao.addUser(createUserFromUserInfo(OLD_SELF));
@@ -140,6 +150,11 @@ public class AuthenticateTest extends AbstractTestClass {
 		servletContext = new ServletContextStub();
 		servletContext.setAttribute("webappDaoFactory", webappDaoFactory);
 
+		setLoggerLevel(ServletPolicyList.class, Level.WARN);
+		ServletPolicyList.addPolicy(servletContext, new PermissionsPolicy());
+		PermissionRegistry.createRegistry(servletContext,
+				Collections.singleton(SimplePermission.SEE_SITE_ADMIN_PAGE));
+		
 		servletConfig = new ServletConfigStub();
 		servletConfig.setServletContext(servletContext);
 
@@ -153,9 +168,6 @@ public class AuthenticateTest extends AbstractTestClass {
 
 		response = new HttpServletResponseStub();
 
-		PermissionRegistry.createRegistry(servletContext,
-				Collections.<Permission> emptySet());
-
 		auth = new Authenticate();
 		auth.init(servletConfig);
 
@@ -163,7 +175,7 @@ public class AuthenticateTest extends AbstractTestClass {
 		new ConfigurationPropertiesStub().setBean(servletContext);
 
 		ActiveIdentifierBundleFactories.addFactory(servletContext,
-				new HasRoleLevelFactory(servletContext));
+				new HasPermissionFactory(servletContext));
 	}
 
 	private UserAccount createUserFromUserInfo(UserInfo userInfo) {