NIHVIVO-3523 Convert all simple EDITOR-or-above requested actions to SimplePermissions.
This commit is contained in:
j2blake
parent
1aac179c87
commit
b36659d9f4
18 changed files with 63 additions and 116 deletions
|
|
@ -28,6 +28,8 @@ public class SimplePermission implements Permission {
|
|||
|
||||
public static final SimplePermission ACCESS_SPECIAL_DATA_MODELS = new SimplePermission(
|
||||
"AccessSpecialDataModels");
|
||||
public static final SimplePermission DO_BACK_END_EDITING = new SimplePermission(
|
||||
"DoBackEndEditing");
|
||||
public static final SimplePermission EDIT_ONTOLOGY = new SimplePermission(
|
||||
"EditOntology");
|
||||
public static final SimplePermission EDIT_SITE_INFORMATION = new SimplePermission(
|
||||
|
|
@ -48,6 +50,12 @@ public class SimplePermission implements Permission {
|
|||
"RebuildVClassGroupCache");
|
||||
public static final SimplePermission REFRESH_VISUALIZATION_CACHE = new SimplePermission(
|
||||
"RefreshVisualizationCache");
|
||||
public static final SimplePermission SEE_INDVIDUAL_EDITING_PANEL = new SimplePermission(
|
||||
"SeeIndividualEditingPanel");
|
||||
public static final SimplePermission SEE_REVISION_INFO = new SimplePermission(
|
||||
"SeeRevisionInfo");
|
||||
public static final SimplePermission SEE_SITE_ADMIN_PAGE = new SimplePermission(
|
||||
"SeeSiteAdminPage");
|
||||
public static final SimplePermission SEE_STARTUP_STATUS = new SimplePermission(
|
||||
"SeeStartupStatus");
|
||||
public static final SimplePermission SEE_VERBOSE_PROPERTY_INFORMATION = new SimplePermission(
|
||||
|
|
@ -58,6 +66,8 @@ public class SimplePermission implements Permission {
|
|||
"UseMiscellaneousAdminPages");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_CURATOR_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousCuratorPages");
|
||||
public static final SimplePermission USE_MISCELLANEOUS_EDITOR_PAGES = new SimplePermission(
|
||||
"UseMiscellaneousEditorPages");
|
||||
|
||||
public static List<SimplePermission> getAllInstances() {
|
||||
return new ArrayList<SimplePermission>(allInstances.values());
|
||||
|
|
|
|||
|
|
@ -13,15 +13,10 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryFullModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.querymodel.QueryUserAccountsModel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoFrontEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.EditOwnAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageOwnProxies;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeIndividualEditingPanel;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeRevisionInfo;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeSiteAdminPage;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseBasicAjaxControllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousEditorPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.UseMiscellaneousPages;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
|
||||
|
|
@ -46,22 +41,7 @@ public class UseRestrictedPagesByRoleLevelPolicy implements PolicyIface {
|
|||
RoleLevel userRole = HasRoleLevel.getUsersRoleLevel(whoToAuth);
|
||||
|
||||
PolicyDecision result;
|
||||
if (whatToAuth instanceof DoBackEndEditing) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.EDITOR, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof SeeSiteAdminPage) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.EDITOR, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof SeeRevisionInfo) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.EDITOR, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof SeeIndividualEditingPanel) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.EDITOR, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof UseMiscellaneousEditorPages) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.EDITOR, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof UseBasicAjaxControllers) {
|
||||
if (whatToAuth instanceof UseBasicAjaxControllers) {
|
||||
result = isAuthorized(whatToAuth, RoleLevel.SELF, userRole);
|
||||
|
||||
} else if (whatToAuth instanceof UseMiscellaneousPages) {
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to use the back-end editing pages (blue screen editing)? */
|
||||
public class DoBackEndEditing extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to see the Editing panel for an individual? */
|
||||
public class SeeIndividualEditingPanel extends RequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/**
|
||||
* Should we allow the user to see the RevisionInfo page?
|
||||
*
|
||||
* Note that this will also control whether they see the revision info in the
|
||||
* footer of all pages.
|
||||
*/
|
||||
public class SeeRevisionInfo extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to use the Site Admin page? */
|
||||
public class SeeSiteAdminPage extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
||||
/** Should we allow the user to use the odd-lots pages that were designed for Editors, Curators or DBAs? */
|
||||
public class UseMiscellaneousEditorPages extends RequestedAction implements
|
||||
UsePagesRequestedAction {
|
||||
// no fields
|
||||
}
|
||||
|
|
@ -18,8 +18,7 @@ import edu.cornell.mannlib.vedit.beans.FormObject;
|
|||
import edu.cornell.mannlib.vedit.beans.Option;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
|
||||
|
|
@ -35,9 +34,10 @@ public class DataPropertyStatementRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(DataPropertyStatementRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
return;
|
||||
}
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
//create an EditProcessObject for this and put it in the session
|
||||
EditProcessObject epo = super.createEpo(request);
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.collections.map.ListOrderedMap;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
|
|
@ -24,15 +23,13 @@ import edu.cornell.mannlib.vedit.beans.FormObject;
|
|||
import edu.cornell.mannlib.vedit.beans.Option;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyInstanceDao;
|
||||
|
|
@ -42,7 +39,8 @@ public class EntityEditController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(EntityEditController.class.getName());
|
||||
|
||||
public void doGet (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,14 +7,12 @@ import java.net.URLEncoder;
|
|||
import java.text.DateFormat;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Calendar;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.TimeZone;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -35,9 +33,8 @@ import edu.cornell.mannlib.vedit.forwarder.PageForwarder;
|
|||
import edu.cornell.mannlib.vedit.forwarder.impl.UrlForwarder;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vedit.validator.impl.RequiredFieldValidator;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
|
|
@ -59,7 +56,8 @@ public class EntityRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(EntityRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,8 +19,7 @@ import edu.cornell.mannlib.vedit.beans.FormObject;
|
|||
import edu.cornell.mannlib.vedit.beans.Option;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
|
|
@ -35,7 +34,8 @@ public class ExternalIdRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(ExternalIdRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -13,8 +13,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.EditProcessObject;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
|
||||
|
|
@ -23,7 +22,8 @@ public class IndividualTypeOperationController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(IndividualTypeOperationController.class.getName());
|
||||
|
||||
public void doGet(HttpServletRequest req, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(req, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(req, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -25,8 +25,7 @@ import edu.cornell.mannlib.vedit.beans.EditProcessObject;
|
|||
import edu.cornell.mannlib.vedit.beans.FormObject;
|
||||
import edu.cornell.mannlib.vedit.beans.Option;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
|
|
@ -41,7 +40,8 @@ public class IndividualTypeRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(IndividualTypeRetryController.class.getName());
|
||||
|
||||
public void doGet (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,8 +23,7 @@ import edu.cornell.mannlib.vedit.beans.FormObject;
|
|||
import edu.cornell.mannlib.vedit.beans.Option;
|
||||
import edu.cornell.mannlib.vedit.controller.BaseEditController;
|
||||
import edu.cornell.mannlib.vedit.util.FormUtils;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance;
|
||||
|
|
@ -42,7 +41,8 @@ public class ObjectPropertyStatementRetryController extends BaseEditController {
|
|||
private static final Log log = LogFactory.getLog(ObjectPropertyStatementRetryController.class.getName());
|
||||
|
||||
public void doPost (HttpServletRequest request, HttpServletResponse response) {
|
||||
if (!isAuthorizedToDisplayPage(request, response, new Actions(new DoBackEndEditing()))) {
|
||||
if (!isAuthorizedToDisplayPage(request, response,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -18,8 +18,6 @@ import edu.cornell.mannlib.vedit.util.FormUtils;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.DoBackEndEditing;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeSiteAdminPage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClassGroup;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.ParamMap;
|
||||
|
|
@ -36,7 +34,7 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
private static final Log log = LogFactory.getLog(BaseSiteAdminController.class);
|
||||
protected static final String TEMPLATE_DEFAULT = "siteAdmin-main.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new SeeSiteAdminPage());
|
||||
public static final Actions REQUIRED_ACTIONS = SimplePermission.SEE_SITE_ADMIN_PAGE.ACTIONS;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
|
|
@ -82,7 +80,8 @@ public class BaseSiteAdminController extends FreemarkerHttpServlet {
|
|||
|
||||
Map<String, Object> map = new HashMap<String, Object>();
|
||||
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq, new DoBackEndEditing())) {
|
||||
if (PolicyHelper.isAuthorizedForActions(vreq,
|
||||
SimplePermission.DO_BACK_END_EDITING.ACTIONS)) {
|
||||
|
||||
map.put("formAction", UrlBuilder.getUrl("/editRequestDispatch"));
|
||||
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeRevisionInfo;
|
||||
import edu.cornell.mannlib.vitro.webapp.config.RevisionInfoBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
|
||||
|
|
@ -19,7 +19,7 @@ public class RevisionInfoController extends FreemarkerHttpServlet {
|
|||
private static final long serialVersionUID = 1L;
|
||||
private static final String TEMPLATE_DEFAULT = "revisionInfo.ftl";
|
||||
|
||||
public static final Actions REQUIRED_ACTIONS = new Actions(new SeeRevisionInfo());
|
||||
public static final Actions REQUIRED_ACTIONS = SimplePermission.SEE_REVISION_INFO.ACTIONS;
|
||||
|
||||
@Override
|
||||
protected Actions requiredActions(VitroRequest vreq) {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.web.templatemodels.individual;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
|
|
@ -12,12 +11,12 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.SeeIndividualEditingPanel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
|
|
@ -127,7 +126,8 @@ public abstract class BaseIndividualTemplateModel extends BaseTemplateModel {
|
|||
}
|
||||
|
||||
public boolean getShowAdminPanel() {
|
||||
return PolicyHelper.isAuthorizedForActions(vreq, new SeeIndividualEditingPanel());
|
||||
return PolicyHelper.isAuthorizedForActions(vreq,
|
||||
SimplePermission.SEE_INDVIDUAL_EDITING_PANEL.ACTIONS);
|
||||
}
|
||||
|
||||
/* rdfs:label needs special treatment, because it is not possible to construct a
|
||||
|
|
|
|||
|
|
@ -27,6 +27,13 @@ auth:ADMIN
|
|||
auth:hasPermission simplePermission:ManageTabs ;
|
||||
auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
.
|
||||
|
||||
auth:CURATOR
|
||||
|
|
@ -40,11 +47,25 @@ auth:CURATOR
|
|||
auth:hasPermission simplePermission:ManageTabs ;
|
||||
auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
.
|
||||
|
||||
auth:EDITOR
|
||||
a auth:PermissionSet ;
|
||||
rdfs:label "Editor" ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
.
|
||||
|
||||
auth:SELF_EDITOR
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue