NIHVIVO-2492 Modify FreemarkerHttpServlet and subclasses to be Actions-based. Remove explicit static reliance on the annotation.
This commit is contained in:
j2blake
parent
447e9ac7ee
commit
a10909b11b
13 changed files with 251 additions and 179 deletions
|
|
@ -39,8 +39,17 @@ public class PolicyHelper {
|
|||
private static final Log log = LogFactory.getLog(PolicyHelper.class);
|
||||
|
||||
/**
|
||||
* Are the actions that this servlet requires authorized for the current
|
||||
* user by the current policies?
|
||||
* Are these actions authorized for the current user by the current
|
||||
* policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
RequestedAction... actions) {
|
||||
return isAuthorizedForActions(req, new Actions(actions));
|
||||
}
|
||||
|
||||
/**
|
||||
* Are these actions authorized for the current user by the current
|
||||
* policies?
|
||||
*/
|
||||
public static boolean isAuthorizedForActions(HttpServletRequest req,
|
||||
Actions actions) {
|
||||
|
|
|
|||
|
|
@ -30,8 +30,12 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAct
|
|||
public class Actions {
|
||||
private static final Log log = LogFactory.getLog(Actions.class);
|
||||
|
||||
public static final Actions EMPTY = new Actions();
|
||||
public static final Actions UNAUTHORIZED = new Actions(
|
||||
new UnauthorizedAction());
|
||||
|
||||
public static Actions notNull(Actions actions) {
|
||||
return (actions == null) ? new Actions() : actions;
|
||||
return (actions == null) ? EMPTY : actions;
|
||||
}
|
||||
|
||||
private final List<Set<RequestedAction>> clauseList;
|
||||
|
|
@ -76,7 +80,11 @@ public class Actions {
|
|||
|
||||
/** No clauses means everything is authorized */
|
||||
public boolean isAuthorized(PolicyIface policy, IdentifierBundle ids) {
|
||||
return clauseList.isEmpty() || isAuthorizedForClauseList(policy, ids);
|
||||
if (clauseList.isEmpty()) {
|
||||
log.debug("Empty Actions is authorized");
|
||||
return true;
|
||||
}
|
||||
return isAuthorizedForClauseList(policy, ids);
|
||||
}
|
||||
|
||||
/** Any entire clause is good enough. */
|
||||
|
|
@ -111,4 +119,12 @@ public class Actions {
|
|||
return (decision != null)
|
||||
&& (decision.getAuthorized() == Authorization.AUTHORIZED);
|
||||
}
|
||||
|
||||
/**
|
||||
* Nobody knows about this action class, so only the root user should be
|
||||
* authorized for it.
|
||||
*/
|
||||
private static class UnauthorizedAction extends RequestedAction {
|
||||
// no members
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseTabEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Tab;
|
||||
|
|
@ -21,13 +21,17 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.TabDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseTabEditorPages.class)
|
||||
public class AllTabsForPortalListingController extends BaseEditController {
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new UseTabEditorPages());
|
||||
|
||||
private static final int NUM_COLS = 11;
|
||||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, REQUIRED_ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
VitroRequest vrequest = new VitroRequest(request);
|
||||
Portal portal = vrequest.getPortal();
|
||||
|
||||
|
|
|
|||
|
|
@ -10,18 +10,22 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UsePortalEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PortalDao;
|
||||
|
||||
@RequiresAuthorizationFor(UsePortalEditorPages.class)
|
||||
public class PortalsListingController extends BaseEditController {
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new UsePortalEditorPages());
|
||||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, REQUIRED_ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
VitroRequest vrequest = new VitroRequest(request);
|
||||
Portal portal = vrequest.getPortal();
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseEditUserAccountsPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.User;
|
||||
|
|
@ -21,8 +21,8 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
|||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
|
||||
|
||||
@RequiresAuthorizationFor(UseEditUserAccountsPages.class)
|
||||
public class UsersListingController extends BaseEditController {
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new UseEditUserAccountsPages());
|
||||
|
||||
private String[] roleNameStr = new String[51];
|
||||
|
||||
|
|
@ -35,6 +35,10 @@ public class UsersListingController extends BaseEditController {
|
|||
|
||||
@Override
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, REQUIRED_ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
VitroRequest vrequest = new VitroRequest(request);
|
||||
Portal portal = vrequest.getPortal();
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ import org.apache.commons.lang.StringUtils;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
|
|
@ -73,6 +74,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doGet( HttpServletRequest request, HttpServletResponse response )
|
||||
throws IOException, ServletException {
|
||||
|
||||
|
|
@ -84,7 +86,15 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
Configuration config = getConfig(vreq);
|
||||
vreq.setAttribute("freemarkerConfig", config);
|
||||
|
||||
ResponseValues responseValues = processRequest(vreq);
|
||||
ResponseValues responseValues;
|
||||
|
||||
// This method does a redirect if the required authorizations are not met, so just return.
|
||||
if (!isAuthorizedToDisplayPage(request, response, requiredActions(vreq))) {
|
||||
return;
|
||||
} else {
|
||||
responseValues = processRequest(vreq);
|
||||
}
|
||||
|
||||
doResponse(vreq, response, responseValues);
|
||||
|
||||
} catch (TemplateProcessingException e) {
|
||||
|
|
@ -94,6 +104,7 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
doGet(request, response);
|
||||
|
|
@ -105,6 +116,21 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
|
|||
return loader.getConfig(vreq);
|
||||
}
|
||||
|
||||
/**
|
||||
* By default, a page requires authorization for no actions.
|
||||
* Subclasses that require authorization to process their page will override
|
||||
* to return the actions that require authorization.
|
||||
* In some cases, the choice of actions will depend on the contents of the request.
|
||||
*
|
||||
* NB This method can't be static, because then the superclass method gets called rather than
|
||||
* the subclass method. For the same reason, it can't refer to a static or instance field
|
||||
* REQUIRED_ACTIONS which is overridden in the subclass.
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return Actions.EMPTY;
|
||||
}
|
||||
|
||||
// Subclasses will override
|
||||
protected ResponseValues processRequest(VitroRequest vreq) {
|
||||
return null;
|
||||
|
|
|
|||
|
|
@ -16,8 +16,7 @@ import org.apache.commons.fileupload.FileItem;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
|
||||
|
|
@ -25,11 +24,9 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.DropObject
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ExceptionResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ForwardResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.RedirectResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
|
|
@ -42,7 +39,6 @@ import edu.cornell.mannlib.vitro.webapp.filestorage.uploadrequest.FileUploadServ
|
|||
/**
|
||||
* Handle adding, replacing or deleting the main image on an Individual.
|
||||
*/
|
||||
@RequiresAuthorizationFor(/* restricted page, but checking is done internally. */)
|
||||
public class ImageUploadController extends FreemarkerHttpServlet {
|
||||
private static final long serialVersionUID = 1L;
|
||||
private static final Log log = LogFactory
|
||||
|
|
@ -130,6 +126,34 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* The required action depends on what we are trying to do.
|
||||
*/
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
try {
|
||||
String action = vreq.getParameter(PARAMETER_ACTION);
|
||||
Individual entity = validateEntityUri(vreq);
|
||||
String imageUri = entity.getMainImageUri();
|
||||
|
||||
RequestedAction ra;
|
||||
if (ACTION_DELETE.equals(action) || ACTION_DELETE_EDIT.equals(action)) {
|
||||
ra = new DropObjectPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
} else if (imageUri != null) {
|
||||
ra = new EditObjPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
} else {
|
||||
ra = new AddDataPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE,
|
||||
RequestActionConstants.SOME_LITERAL, null, null);
|
||||
}
|
||||
return new Actions(ra);
|
||||
} catch (UserMistakeException e) {
|
||||
return Actions.UNAUTHORIZED;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* Parse the multi-part request, process the request, and produce the
|
||||
|
|
@ -161,13 +185,7 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
dumpRequestDetails(vreq);
|
||||
}
|
||||
|
||||
// If they aren't authorized to do this, send them to login.
|
||||
if (!checkAuthorized(vreq)) {
|
||||
return new RedirectResponseValues(Controllers.LOGIN);
|
||||
}
|
||||
|
||||
return buildTheResponse(vreq);
|
||||
|
||||
} catch (Exception e) {
|
||||
// log.error("Could not produce response page", e);
|
||||
return new ExceptionResponseValues(e);
|
||||
|
|
@ -593,39 +611,8 @@ public class ImageUploadController extends FreemarkerHttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If they are logged in as an Editor or better, they can do whatever they
|
||||
* want.
|
||||
*
|
||||
* Otherwise, they will need to be self-editing, and will need to have
|
||||
* authorization for this specific operation they are requesting.
|
||||
*/
|
||||
private boolean checkAuthorized(VitroRequest vreq)
|
||||
throws UserMistakeException {
|
||||
String action = vreq.getParameter(PARAMETER_ACTION);
|
||||
Individual entity = validateEntityUri(vreq);
|
||||
String imageUri = entity.getMainImageUri();
|
||||
|
||||
// What are we trying to do? Check if authorized.
|
||||
RequestedAction ra;
|
||||
if (ACTION_DELETE.equals(action) || ACTION_DELETE_EDIT.equals(action)) {
|
||||
ra = new DropObjectPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
} else if (imageUri != null) {
|
||||
ra = new EditObjPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE, imageUri);
|
||||
} else {
|
||||
ra = new AddDataPropStmt(entity.getURI(),
|
||||
VitroVocabulary.IND_MAIN_IMAGE,
|
||||
RequestActionConstants.SOME_LITERAL, null, null);
|
||||
}
|
||||
|
||||
return PolicyHelper.isAuthorizedForAction(vreq, ra);
|
||||
}
|
||||
|
||||
private String getDefaultNamespace() {
|
||||
return ConfigurationProperties.getBean(getServletContext())
|
||||
.getProperty("Vitro.defaultNamespace");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,13 +5,12 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMenuEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
|
||||
|
||||
@RequiresAuthorizationFor(UseMenuEditorPages.class)
|
||||
public class MenuN3EditController extends FreemarkerHttpServlet {
|
||||
|
||||
protected final static String N3MENU_FORM = "menuN3Edit.ftl";
|
||||
|
|
@ -20,6 +19,13 @@ public class MenuN3EditController extends FreemarkerHttpServlet {
|
|||
|
||||
protected final static String N3_PARAM = "navigationN3";
|
||||
|
||||
public final static Actions REQUIRED_ACTIONS = new Actions(new UseMenuEditorPages());
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected ResponseValues processRequest(VitroRequest vreq) {
|
||||
String n3 = vreq.getParameter(N3_PARAM);
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeRevisionInfo;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.RevisionInfoBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
|
@ -15,11 +15,17 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
|
|||
/**
|
||||
* Display the detailed revision information.
|
||||
*/
|
||||
@RequiresAuthorizationFor(SeeRevisionInfo.class)
|
||||
public class RevisionInfoController extends FreemarkerHttpServlet {
|
||||
private static final long serialVersionUID = 1L;
|
||||
private static final String TEMPLATE_DEFAULT = "revisionInfo.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new SeeRevisionInfo());
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected ResponseValues processRequest(VitroRequest vreq) {
|
||||
Map<String, Object> body = new HashMap<String, Object>();
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseAdvancedDataToolsPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseIndividualEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseOntologyEditorPages;
|
||||
|
|
@ -32,13 +32,19 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.pellet.PelletListener;
|
||||
|
||||
@RequiresAuthorizationFor(UseSiteAdminPage.class)
|
||||
public class SiteAdminController extends FreemarkerHttpServlet {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
private static final Log log = LogFactory.getLog(SiteAdminController.class);
|
||||
private static final String TEMPLATE_DEFAULT = "siteAdmin-main.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new UseSiteAdminPage());
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return REQUIRED_ACTIONS;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getTitle(String siteName, VitroRequest vreq) {
|
||||
return siteName + " Site Administration";
|
||||
|
|
@ -114,25 +120,25 @@ public class SiteAdminController extends FreemarkerHttpServlet {
|
|||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
Map<String, String> urls = new HashMap<String, String>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForServlet(vreq, AllTabsForPortalListingController.class)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, AllTabsForPortalListingController.REQUIRED_ACTIONS)) {
|
||||
urls.put("tabs", urlBuilder.getPortalUrl("/listTabs"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForServlet(vreq, UsersListingController.class)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, UsersListingController.REQUIRED_ACTIONS)) {
|
||||
urls.put("users", urlBuilder.getPortalUrl("/listUsers"));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForServlet(vreq, PortalsListingController.class)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, PortalsListingController.REQUIRED_ACTIONS)) {
|
||||
if ((!vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal())) {
|
||||
urls.put("portals", urlBuilder.getPortalUrl("/listPortals"));
|
||||
}
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForAction(vreq, UseSiteInfoEditingPage.class)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, new UseSiteInfoEditingPage())) {
|
||||
urls.put("siteInfo", urlBuilder.getPortalUrl("/editForm", new ParamMap("controller", "Portal", "id", String.valueOf(urlBuilder.getPortalId()))));
|
||||
}
|
||||
|
||||
if (PolicyHelper.isAuthorizedForServlet(vreq, MenuN3EditController.class)) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, MenuN3EditController.REQUIRED_ACTIONS)) {
|
||||
urls.put("menuN3Editor", urlBuilder.getPortalUrl("/menuN3Editor"));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import java.util.Map;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper.RequiresAuthorizationFor;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousAdminPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
|
||||
|
|
@ -29,11 +29,15 @@ import edu.cornell.mannlib.vitro.webapp.search.indexing.IndexBuilder;
|
|||
*
|
||||
* @author bdc34
|
||||
*/
|
||||
@RequiresAuthorizationFor(UseMiscellaneousAdminPages.class)
|
||||
public class IndexController extends FreemarkerHttpServlet {
|
||||
|
||||
private static final Log log = LogFactory.getLog(IndexController.class);
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
return new Actions(new UseMiscellaneousAdminPages());
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getTitle(String siteName, VitroRequest vreq) {
|
||||
return "Full Search Index Rebuild";
|
||||
|
|
|
|||
|
|
@ -47,11 +47,11 @@ public class User extends BaseTemplateModel {
|
|||
}
|
||||
|
||||
public boolean getHasSiteAdminAccess() {
|
||||
return PolicyHelper.isAuthorizedForServlet(vreq, SiteAdminController.class);
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, SiteAdminController.REQUIRED_ACTIONS);
|
||||
}
|
||||
|
||||
public boolean getHasRevisionInfoAccess() {
|
||||
return PolicyHelper.isAuthorizedForServlet(vreq, RevisionInfoController.class);
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, RevisionInfoController.REQUIRED_ACTIONS);
|
||||
}
|
||||
|
||||
public boolean getShowFlag1SearchField() {
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ public class PolicyHelperTest extends AbstractTestClass {
|
|||
public void authorizedForActionsNull() {
|
||||
createPolicy();
|
||||
assertEquals("null actions", true,
|
||||
PolicyHelper.isAuthorizedForActions(req, null));
|
||||
PolicyHelper.isAuthorizedForActions(req, (Actions) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -117,103 +117,103 @@ public class PolicyHelperTest extends AbstractTestClass {
|
|||
// ----------------------------------------------------------------------
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void noAnnotation() {
|
||||
createPolicy();
|
||||
assertExpectedAuthorization("no actions required",
|
||||
NoAnnotationServlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void noRequirements() {
|
||||
createPolicy();
|
||||
assertExpectedAuthorization("no actions required",
|
||||
NoRequirementsServlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneRequirementFail() {
|
||||
createPolicy();
|
||||
assertExpectedAuthorization("requires Action1", Action1Servlet.class,
|
||||
false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneRequirementSucceed() {
|
||||
createPolicy(new Action1());
|
||||
assertExpectedAuthorization("requires Action1", Action1Servlet.class,
|
||||
true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void twoRequirementsFailOne() {
|
||||
createPolicy(new Action1());
|
||||
assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
Action1AndAction2Servlet.class, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void twoRequirementsFailTwo() {
|
||||
createPolicy(new Action2());
|
||||
assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
Action1AndAction2Servlet.class, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void twoRequirementsSucceed() {
|
||||
createPolicy(new Action2(), new Action1());
|
||||
assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
Action1AndAction2Servlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoFail() {
|
||||
createPolicy();
|
||||
assertExpectedAuthorization("requires Action 1 or 2",
|
||||
Action1OrAction2Servlet.class, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoSucceedOne() {
|
||||
createPolicy(new Action1());
|
||||
assertExpectedAuthorization("requires Action 1 or 2",
|
||||
Action1OrAction2Servlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoSucceedTwo() {
|
||||
createPolicy(new Action2());
|
||||
assertExpectedAuthorization("requires Action 1 or 2",
|
||||
Action1OrAction2Servlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoOrThreeFail() {
|
||||
createPolicy();
|
||||
assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
Action1OrAction2OrAction3Servlet.class, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoOrThreeSucceedOne() {
|
||||
createPolicy(new Action1());
|
||||
assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
Action1OrAction2OrAction3Servlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoOrThreeSucceedTwo() {
|
||||
createPolicy(new Action2());
|
||||
assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
Action1OrAction2OrAction3Servlet.class, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oneOrTwoOrThreeSucceedThree() {
|
||||
createPolicy(new Action3());
|
||||
assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
Action1OrAction2OrAction3Servlet.class, true);
|
||||
}
|
||||
// @Test
|
||||
// public void noAnnotation() {
|
||||
// createPolicy();
|
||||
// assertExpectedAuthorization("no actions required",
|
||||
// NoAnnotationServlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void noRequirements() {
|
||||
// createPolicy();
|
||||
// assertExpectedAuthorization("no actions required",
|
||||
// NoRequirementsServlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneRequirementFail() {
|
||||
// createPolicy();
|
||||
// assertExpectedAuthorization("requires Action1", Action1Servlet.class,
|
||||
// false);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneRequirementSucceed() {
|
||||
// createPolicy(new Action1());
|
||||
// assertExpectedAuthorization("requires Action1", Action1Servlet.class,
|
||||
// true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void twoRequirementsFailOne() {
|
||||
// createPolicy(new Action1());
|
||||
// assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
// Action1AndAction2Servlet.class, false);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void twoRequirementsFailTwo() {
|
||||
// createPolicy(new Action2());
|
||||
// assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
// Action1AndAction2Servlet.class, false);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void twoRequirementsSucceed() {
|
||||
// createPolicy(new Action2(), new Action1());
|
||||
// assertExpectedAuthorization("requires Actions 1 and 2",
|
||||
// Action1AndAction2Servlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoFail() {
|
||||
// createPolicy();
|
||||
// assertExpectedAuthorization("requires Action 1 or 2",
|
||||
// Action1OrAction2Servlet.class, false);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoSucceedOne() {
|
||||
// createPolicy(new Action1());
|
||||
// assertExpectedAuthorization("requires Action 1 or 2",
|
||||
// Action1OrAction2Servlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoSucceedTwo() {
|
||||
// createPolicy(new Action2());
|
||||
// assertExpectedAuthorization("requires Action 1 or 2",
|
||||
// Action1OrAction2Servlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoOrThreeFail() {
|
||||
// createPolicy();
|
||||
// assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
// Action1OrAction2OrAction3Servlet.class, false);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoOrThreeSucceedOne() {
|
||||
// createPolicy(new Action1());
|
||||
// assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
// Action1OrAction2OrAction3Servlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoOrThreeSucceedTwo() {
|
||||
// createPolicy(new Action2());
|
||||
// assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
// Action1OrAction2OrAction3Servlet.class, true);
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void oneOrTwoOrThreeSucceedThree() {
|
||||
// createPolicy(new Action3());
|
||||
// assertExpectedAuthorization("requires Action 1 or 2 or 3",
|
||||
// Action1OrAction2OrAction3Servlet.class, true);
|
||||
// }
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Helper methods
|
||||
|
|
@ -223,11 +223,11 @@ public class PolicyHelperTest extends AbstractTestClass {
|
|||
ServletPolicyList.addPolicy(ctx, new MySimplePolicy(authorizedActions));
|
||||
}
|
||||
|
||||
private void assertExpectedAuthorization(String label,
|
||||
Class<? extends VitroHttpServlet> servletClass, boolean expected) {
|
||||
boolean actual = PolicyHelper.isAuthorizedForServlet(req, servletClass);
|
||||
assertEquals(label, expected, actual);
|
||||
}
|
||||
// private void assertExpectedAuthorization(String label,
|
||||
// Class<? extends VitroHttpServlet> servletClass, boolean expected) {
|
||||
// boolean actual = PolicyHelper.isAuthorizedForServlet(req, servletClass);
|
||||
// assertEquals(label, expected, actual);
|
||||
// }
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Helper Classes
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue