VIVO-274 move permission_config.n3 to rdf/auth/everytime
Get rid of the PermissionSetsLoader, keep the smoke tests.
This commit is contained in:
j2blake
parent
dcda958d8d
commit
d69bb824ac
10 changed files with 163 additions and 372 deletions
|
|
@ -1,152 +0,0 @@
|
|||
# $This file is distributed under the terms of the license in /doc/license.txt$
|
||||
|
||||
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
|
||||
@prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> .
|
||||
@prefix simplePermission: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission#> .
|
||||
@prefix displayByRole: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.DisplayByRolePermission#> .
|
||||
@prefix editByRole: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.EditByRolePermission#> .
|
||||
|
||||
auth:ADMIN
|
||||
a auth:PermissionSet ;
|
||||
rdfs:label "Site Admin" ;
|
||||
|
||||
# ADMIN-only permissions
|
||||
auth:hasPermission simplePermission:AccessSpecialDataModels ;
|
||||
auth:hasPermission simplePermission:LoginDuringMaintenance ;
|
||||
auth:hasPermission simplePermission:ManageMenus ;
|
||||
auth:hasPermission simplePermission:ManageProxies ;
|
||||
auth:hasPermission simplePermission:ManageSearchIndex ;
|
||||
auth:hasPermission simplePermission:ManageUserAccounts ;
|
||||
auth:hasPermission simplePermission:RebuildVClassGroupCache ;
|
||||
auth:hasPermission simplePermission:RefreshVisualizationCache ;
|
||||
auth:hasPermission simplePermission:SeeStartupStatus ;
|
||||
auth:hasPermission simplePermission:UseAdvancedDataToolsPages ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousAdminPages ;
|
||||
auth:hasPermission simplePermission:UseSparqlQueryPage ;
|
||||
|
||||
# permissions for CURATOR and above.
|
||||
auth:hasPermission simplePermission:EditOntology ;
|
||||
auth:hasPermission simplePermission:EditSiteInformation ;
|
||||
auth:hasPermission simplePermission:ManagePortals ;
|
||||
auth:hasPermission simplePermission:ManageTabs ;
|
||||
auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
|
||||
# permissions for ANY user, even if they are not logged in.
|
||||
auth:hasPermission simplePermission:QueryFullModel ;
|
||||
|
||||
# role-based permissions for ADMIN
|
||||
auth:hasPermission displayByRole:Admin ;
|
||||
auth:hasPermission editByRole:Admin ;
|
||||
.
|
||||
|
||||
auth:CURATOR
|
||||
a auth:PermissionSet ;
|
||||
rdfs:label "Curator" ;
|
||||
|
||||
# permissions for CURATOR and above.
|
||||
auth:hasPermission simplePermission:EditOntology ;
|
||||
auth:hasPermission simplePermission:EditSiteInformation ;
|
||||
auth:hasPermission simplePermission:ManagePortals ;
|
||||
auth:hasPermission simplePermission:ManageTabs ;
|
||||
auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
|
||||
# permissions for ANY user, even if they are not logged in.
|
||||
auth:hasPermission simplePermission:QueryFullModel ;
|
||||
|
||||
# role-based permissions for CURATOR
|
||||
auth:hasPermission displayByRole:Curator ;
|
||||
auth:hasPermission editByRole:Curator ;
|
||||
.
|
||||
|
||||
auth:EDITOR
|
||||
a auth:PermissionSet ;
|
||||
rdfs:label "Editor" ;
|
||||
|
||||
# permissions for EDITOR and above.
|
||||
auth:hasPermission simplePermission:DoBackEndEditing ;
|
||||
auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
|
||||
auth:hasPermission simplePermission:SeeRevisionInfo ;
|
||||
auth:hasPermission simplePermission:SeeSiteAdminPage ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
|
||||
# permissions for ANY user, even if they are not logged in.
|
||||
auth:hasPermission simplePermission:QueryFullModel ;
|
||||
|
||||
# role-based permissions for EDITOR
|
||||
auth:hasPermission displayByRole:Editor ;
|
||||
auth:hasPermission editByRole:Editor ;
|
||||
.
|
||||
|
||||
auth:SELF_EDITOR
|
||||
a auth:PermissionSet ;
|
||||
a auth:PermissionSetForNewUsers ;
|
||||
rdfs:label "Self Editor" ;
|
||||
|
||||
# permissions for ANY logged-in user.
|
||||
auth:hasPermission simplePermission:DoFrontEndEditing ;
|
||||
auth:hasPermission simplePermission:EditOwnAccount ;
|
||||
auth:hasPermission simplePermission:ManageOwnProxies ;
|
||||
auth:hasPermission simplePermission:QueryUserAccountsModel ;
|
||||
auth:hasPermission simplePermission:UseBasicAjaxControllers ;
|
||||
auth:hasPermission simplePermission:UseMiscellaneousPages ;
|
||||
|
||||
# permissions for ANY user, even if they are not logged in.
|
||||
auth:hasPermission simplePermission:QueryFullModel ;
|
||||
|
||||
# role-based permissions for SELF_EDITOR
|
||||
# For role-based display and editing, SelfEditor is like Public.
|
||||
# SelfEditor uses its special permissions to edit/display its own values.
|
||||
auth:hasPermission displayByRole:Public ;
|
||||
.
|
||||
|
||||
auth:PUBLIC
|
||||
a auth:PermissionSet ;
|
||||
a auth:PermissionSetForPublic ;
|
||||
rdfs:label "Public" ;
|
||||
|
||||
# permissions for ANY user, even if they are not logged in.
|
||||
auth:hasPermission simplePermission:QueryFullModel ;
|
||||
|
||||
# role-based permissions for PUBLIC
|
||||
auth:hasPermission displayByRole:Public ;
|
||||
.
|
||||
|
|
@ -43,7 +43,7 @@ edu.cornell.mannlib.vitro.webapp.servlet.setup.ThemeInfoSetup
|
|||
|
||||
edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry$Setup
|
||||
|
||||
edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSetsLoader
|
||||
edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSetsSmokeTest
|
||||
|
||||
edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper$Setup
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue