diff --git a/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java b/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java index 472e98999..93c1497d4 100644 --- a/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java +++ b/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java @@ -2,34 +2,32 @@ package edu.cornell.mannlib.vedit.controller; -import java.io.IOException; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.Map; -import java.util.Random; - -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import com.hp.hpl.jena.ontology.OntModel; - -import edu.cornell.mannlib.vedit.beans.EditProcessObject; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import java.io.IOException; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.Map; +import java.util.Random; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import com.hp.hpl.jena.ontology.OntModel; + +import edu.cornell.mannlib.vedit.beans.EditProcessObject; import edu.cornell.mannlib.vedit.beans.LoginStatusBean; -import edu.cornell.mannlib.vedit.util.FormUtils; -import edu.cornell.mannlib.vitro.webapp.beans.Portal; -import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; -import edu.cornell.mannlib.vitro.webapp.controller.Controllers; -import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; +import edu.cornell.mannlib.vedit.util.FormUtils; +import edu.cornell.mannlib.vitro.webapp.beans.Portal; +import edu.cornell.mannlib.vitro.webapp.controller.Controllers; +import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; public class BaseEditController extends VitroHttpServlet { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/CuratorEditingIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/CuratorEditingIdentifierFactory.java index 7e886373c..649099ac2 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/CuratorEditingIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/CuratorEditingIdentifierFactory.java @@ -6,7 +6,7 @@ import javax.servlet.ServletContext; import javax.servlet.ServletRequest; import javax.servlet.http.HttpSession; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; @@ -17,15 +17,12 @@ public class CuratorEditingIdentifierFactory implements IdentifierBundleFactory{ IdentifierBundle ib = new ArrayIdentifierBundle(); ib.add( RoleBasedPolicy.AuthRole.ANYBODY); - if( session != null ){ - LoginFormBean f = (LoginFormBean) session.getAttribute( "loginHandler" ); - try{ - if( f != null && Integer.parseInt( f.getLoginRole() ) >= LoginFormBean.CURATOR){ - ib.add(new CuratorEditingId(f.getLoginRole(),f.getUserURI())); - ib.add(AuthRole.CURATOR); - } - }catch(NumberFormatException th){} - } + LoginStatusBean loginBean = LoginStatusBean.getBean(session); + if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) { + String loginRole = String.valueOf(loginBean.getSecurityLevel()); + ib.add(new CuratorEditingId(loginRole, loginBean.getUserURI())); + ib.add(AuthRole.CURATOR); + } return ib; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/DbAdminEditingIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/DbAdminEditingIdentifierFactory.java index e8e60193b..5fa04ee4e 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/DbAdminEditingIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/DbAdminEditingIdentifierFactory.java @@ -6,7 +6,7 @@ import javax.servlet.ServletContext; import javax.servlet.ServletRequest; import javax.servlet.http.HttpSession; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; @@ -17,15 +17,12 @@ public class DbAdminEditingIdentifierFactory implements IdentifierBundleFactory{ IdentifierBundle ib = new ArrayIdentifierBundle(); ib.add( RoleBasedPolicy.AuthRole.ANYBODY); - if( session != null ){ - LoginFormBean f = (LoginFormBean) session.getAttribute( "loginHandler" ); - try{ - if( f != null && Integer.parseInt( f.getLoginRole() ) >= LoginFormBean.DBA){ - ib.add(new DbAdminEditingId(f.getLoginRole(),f.getUserURI())); - ib.add(AuthRole.DBA); - } - }catch(NumberFormatException th){} - } + LoginStatusBean loginBean = LoginStatusBean.getBean(session); + if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) { + String loginRole = String.valueOf(loginBean.getSecurityLevel()); + ib.add(new DbAdminEditingId(loginRole, loginBean.getUserURI())); + ib.add(AuthRole.DBA); + } return ib; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/EditorEditingIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/EditorEditingIdentifierFactory.java index 878af8aac..1efc305b6 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/EditorEditingIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/EditorEditingIdentifierFactory.java @@ -6,7 +6,7 @@ import javax.servlet.ServletContext; import javax.servlet.ServletRequest; import javax.servlet.http.HttpSession; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; @@ -16,15 +16,14 @@ public class EditorEditingIdentifierFactory implements IdentifierBundleFactory{ HttpSession session, ServletContext context) { IdentifierBundle ib = new ArrayIdentifierBundle(); ib.add( RoleBasedPolicy.AuthRole.ANYBODY); - if( session != null ){ - LoginFormBean f = (LoginFormBean) session.getAttribute( "loginHandler" ); - try{ - if( f != null && Integer.parseInt( f.getLoginRole() ) >= LoginFormBean.EDITOR){ - ib.add(new EditorEditingId(f.getLoginRole(), f.getUserURI())); - ib.add(AuthRole.EDITOR); - } - }catch(NumberFormatException th){ } - } + + LoginStatusBean loginBean = LoginStatusBean.getBean(session); + if (loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR)) { + String loginRole = String.valueOf(loginBean.getSecurityLevel()); + ib.add(new EditorEditingId(loginRole, loginBean.getUserURI())); + ib.add(AuthRole.EDITOR); + } + return ib; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/UserToIndIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/UserToIndIdentifierFactory.java index d0d38ed7b..680a20b1c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/UserToIndIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/UserToIndIdentifierFactory.java @@ -10,7 +10,7 @@ import javax.servlet.ServletContext; import javax.servlet.ServletRequest; import javax.servlet.http.HttpSession; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; @@ -26,43 +26,42 @@ public class UserToIndIdentifierFactory implements IdentifierBundleFactory { public IdentifierBundle getIdentifierBundle( ServletRequest request, HttpSession session, - ServletContext context) { - if( session != null ){ - // is the request logged in as a User? - LoginFormBean loginBean = (LoginFormBean) session.getAttribute("loginHandler"); - if( loginBean != null && "authenticated".equals(loginBean.getLoginStatus() )){ - String userURI = loginBean.getUserURI(); + ServletContext context) { + // is the request logged in as a User? + LoginStatusBean loginBean = LoginStatusBean.getBean(session); + if (loginBean.isLoggedIn()) { + String userURI = loginBean.getUserURI(); - WebappDaoFactory wdf = (WebappDaoFactory)context.getAttribute("webappDaoFactory"); - - // get Individuals that the User mayEditAs - List mayEditAsUris = - wdf.getUserDao().getIndividualsUserMayEditAs(userURI); + WebappDaoFactory wdf = (WebappDaoFactory)context.getAttribute("webappDaoFactory"); + + // get Individuals that the User mayEditAs + List mayEditAsUris = + wdf.getUserDao().getIndividualsUserMayEditAs(userURI); - // make self editing Identifiers for those Individuals - IdentifierBundle idb = new ArrayIdentifierBundle(); - idb.add( new UserIdentifier(userURI,mayEditAsUris) ); - - //Also make a self-editing identifier. - //There is not need for SelfEditingIdentifierFactory because SelfEditing - //identifiers are created here. - for( String personUri : mayEditAsUris){ - if( personUri != null ){ - Individual person = wdf.getIndividualDao().getIndividualByURI(personUri); - if( person != null ){ - idb.add( new SelfEditingIdentifierFactory.SelfEditing(person,null) ); - } + // make self editing Identifiers for those Individuals + IdentifierBundle idb = new ArrayIdentifierBundle(); + idb.add( new UserIdentifier(userURI,mayEditAsUris) ); + + //Also make a self-editing identifier. + //There is not need for SelfEditingIdentifierFactory because SelfEditing + //identifiers are created here. + for( String personUri : mayEditAsUris){ + if( personUri != null ){ + Individual person = wdf.getIndividualDao().getIndividualByURI(personUri); + if( person != null ){ + idb.add( new SelfEditingIdentifierFactory.SelfEditing(person,null) ); } } - return idb; } + return idb; } + return null; } public static List getIndividualsForUser(IdentifierBundle ids) { if( ids == null ) - return Collections.EMPTY_LIST; + return Collections.emptyList(); //find the user id List uris = new ArrayList();