NIHVIVO-3523 Add the concept of a PermissionSetForPublic (and rename PermissionSetForNewUsers)
This commit is contained in:
j2blake
parent
779c48c683
commit
e5894ee80a
8 changed files with 52 additions and 26 deletions
|
|
@ -287,7 +287,7 @@ public class PermissionSetsLoader implements ServletContextListener {
|
||||||
checkForPermissionSetsWithoutLabels();
|
checkForPermissionSetsWithoutLabels();
|
||||||
checkForReferencesToNonexistentPermissionSets();
|
checkForReferencesToNonexistentPermissionSets();
|
||||||
checkForReferencesToNonexistentPermissions();
|
checkForReferencesToNonexistentPermissions();
|
||||||
warnIfNoDefaultPermissionSetsForNewUsers();
|
warnIfNoPermissionSetsForNewUsers();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkForPermissionSetsWithoutLabels() {
|
private void checkForPermissionSetsWithoutLabels() {
|
||||||
|
|
@ -327,14 +327,14 @@ public class PermissionSetsLoader implements ServletContextListener {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void warnIfNoDefaultPermissionSetsForNewUsers() {
|
private void warnIfNoPermissionSetsForNewUsers() {
|
||||||
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
|
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
|
||||||
if (ps.isDefaultForNewUsers()) {
|
if (ps.isForNewUsers()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ss.warning(listener, "No PermissionSet has been declared to be a "
|
ss.warning(listener, "No PermissionSet has been declared to be a "
|
||||||
+ "Default PermissionSet for new users.");
|
+ "PermissionSet for new users.");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,8 @@ public class PermissionSet {
|
||||||
/** This may be empty, but it should never be null. */
|
/** This may be empty, but it should never be null. */
|
||||||
private String label = "";
|
private String label = "";
|
||||||
|
|
||||||
private boolean defaultForNewUsers;
|
private boolean forNewUsers;
|
||||||
|
private boolean forPublic;
|
||||||
|
|
||||||
/** This may be empty, but it should never be null. */
|
/** This may be empty, but it should never be null. */
|
||||||
private Set<String> permissionUris = Collections.emptySet();
|
private Set<String> permissionUris = Collections.emptySet();
|
||||||
|
|
@ -39,13 +40,22 @@ public class PermissionSet {
|
||||||
this.label = (label == null) ? "" : label;
|
this.label = (label == null) ? "" : label;
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isDefaultForNewUsers() {
|
public boolean isForNewUsers() {
|
||||||
return defaultForNewUsers;
|
return forNewUsers;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setDefaultForNewUsers(Boolean defaultForNewUsers) {
|
public void setForNewUsers(Boolean forNewUsers) {
|
||||||
this.defaultForNewUsers = (defaultForNewUsers == null) ? false
|
this.forNewUsers = (forNewUsers == null) ? false
|
||||||
: defaultForNewUsers.booleanValue();
|
: forNewUsers.booleanValue();
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isForPublic() {
|
||||||
|
return forPublic;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setForPublic(Boolean forPublic) {
|
||||||
|
this.forPublic = (forPublic == null) ? false
|
||||||
|
: forPublic.booleanValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
public Set<String> getPermissionUris() {
|
public Set<String> getPermissionUris() {
|
||||||
|
|
|
||||||
|
|
@ -169,7 +169,8 @@ public class VitroVocabulary {
|
||||||
|
|
||||||
public static final String PERMISSIONSET = VITRO_AUTH + "PermissionSet";
|
public static final String PERMISSIONSET = VITRO_AUTH + "PermissionSet";
|
||||||
public static final String PERMISSIONSET_HAS_PERMISSION = VITRO_AUTH + "hasPermission";
|
public static final String PERMISSIONSET_HAS_PERMISSION = VITRO_AUTH + "hasPermission";
|
||||||
public static final String DEFAULT_PERMISSION_SET_FOR_NEW_USERS = VITRO_AUTH + "DefaultPermissionSetForNewUsers";
|
public static final String PERMISSION_SET_FOR_NEW_USERS = VITRO_AUTH + "PermissionSetForNewUsers";
|
||||||
|
public static final String PERMISSION_SET_FOR_PUBLIC = VITRO_AUTH + "PermissionSetForPublic";
|
||||||
|
|
||||||
public static final String PERMISSION = VITRO_AUTH + "Permission";
|
public static final String PERMISSION = VITRO_AUTH + "Permission";
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -142,7 +142,8 @@ public class JenaBaseDaoCon {
|
||||||
protected ObjectProperty USERACCOUNT_PROXY_EDITOR_FOR = _constModel.createObjectProperty(VitroVocabulary.USERACCOUNT_PROXY_EDITOR_FOR);
|
protected ObjectProperty USERACCOUNT_PROXY_EDITOR_FOR = _constModel.createObjectProperty(VitroVocabulary.USERACCOUNT_PROXY_EDITOR_FOR);
|
||||||
|
|
||||||
protected OntClass PERMISSIONSET = _constModel.createClass(VitroVocabulary.PERMISSIONSET);
|
protected OntClass PERMISSIONSET = _constModel.createClass(VitroVocabulary.PERMISSIONSET);
|
||||||
protected OntClass DEFAULT_PERMISSION_SET_FOR_NEW_USERS = _constModel.createClass(VitroVocabulary.DEFAULT_PERMISSION_SET_FOR_NEW_USERS);
|
protected OntClass PERMISSION_SET_FOR_NEW_USERS = _constModel.createClass(VitroVocabulary.PERMISSION_SET_FOR_NEW_USERS);
|
||||||
|
protected OntClass PERMISSION_SET_FOR_PUBLIC = _constModel.createClass(VitroVocabulary.PERMISSION_SET_FOR_PUBLIC);
|
||||||
protected ObjectProperty PERMISSIONSET_HAS_PERMISSION = _constModel.createObjectProperty(VitroVocabulary.PERMISSIONSET_HAS_PERMISSION);
|
protected ObjectProperty PERMISSIONSET_HAS_PERMISSION = _constModel.createObjectProperty(VitroVocabulary.PERMISSIONSET_HAS_PERMISSION);
|
||||||
|
|
||||||
protected OntClass PERMISSION = _constModel.createClass(VitroVocabulary.PERMISSION);
|
protected OntClass PERMISSION = _constModel.createClass(VitroVocabulary.PERMISSION);
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,6 @@ import java.util.Random;
|
||||||
import com.hp.hpl.jena.ontology.OntClass;
|
import com.hp.hpl.jena.ontology.OntClass;
|
||||||
import com.hp.hpl.jena.ontology.OntModel;
|
import com.hp.hpl.jena.ontology.OntModel;
|
||||||
import com.hp.hpl.jena.ontology.OntResource;
|
import com.hp.hpl.jena.ontology.OntResource;
|
||||||
import com.hp.hpl.jena.rdf.model.Literal;
|
|
||||||
import com.hp.hpl.jena.rdf.model.Property;
|
import com.hp.hpl.jena.rdf.model.Property;
|
||||||
import com.hp.hpl.jena.rdf.model.Resource;
|
import com.hp.hpl.jena.rdf.model.Resource;
|
||||||
import com.hp.hpl.jena.rdf.model.Statement;
|
import com.hp.hpl.jena.rdf.model.Statement;
|
||||||
|
|
@ -410,8 +409,8 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
|
||||||
PermissionSet ps = new PermissionSet();
|
PermissionSet ps = new PermissionSet();
|
||||||
ps.setUri(uri);
|
ps.setUri(uri);
|
||||||
ps.setLabel(getPropertyStringValue(r, RDFS.label));
|
ps.setLabel(getPropertyStringValue(r, RDFS.label));
|
||||||
ps.setDefaultForNewUsers(isResourceOfType(r,
|
ps.setForNewUsers(isResourceOfType(r, PERMISSION_SET_FOR_NEW_USERS));
|
||||||
DEFAULT_PERMISSION_SET_FOR_NEW_USERS));
|
ps.setForPublic(isResourceOfType(r, PERMISSION_SET_FOR_PUBLIC));
|
||||||
ps.setPermissionUris(getPropertyResourceURIValues(r,
|
ps.setPermissionUris(getPropertyResourceURIValues(r,
|
||||||
PERMISSIONSET_HAS_PERMISSION));
|
PERMISSIONSET_HAS_PERMISSION));
|
||||||
return ps;
|
return ps;
|
||||||
|
|
@ -436,8 +435,10 @@ public class UserAccountsDaoJena extends JenaBaseDao implements UserAccountsDao
|
||||||
PermissionSet ps = new PermissionSet();
|
PermissionSet ps = new PermissionSet();
|
||||||
ps.setUri(r.getURI());
|
ps.setUri(r.getURI());
|
||||||
ps.setLabel(getPropertyStringValue(r, RDFS.label));
|
ps.setLabel(getPropertyStringValue(r, RDFS.label));
|
||||||
ps.setDefaultForNewUsers(isResourceOfType(r,
|
ps.setForNewUsers(isResourceOfType(r,
|
||||||
DEFAULT_PERMISSION_SET_FOR_NEW_USERS));
|
PERMISSION_SET_FOR_NEW_USERS));
|
||||||
|
ps.setForPublic(isResourceOfType(r,
|
||||||
|
PERMISSION_SET_FOR_PUBLIC));
|
||||||
ps.setPermissionUris(getPropertyResourceURIValues(r,
|
ps.setPermissionUris(getPropertyResourceURIValues(r,
|
||||||
PERMISSIONSET_HAS_PERMISSION));
|
PERMISSIONSET_HAS_PERMISSION));
|
||||||
list.add(ps);
|
list.add(ps);
|
||||||
|
|
|
||||||
|
|
@ -358,9 +358,15 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass {
|
||||||
PermissionSet ps2 = new PermissionSet();
|
PermissionSet ps2 = new PermissionSet();
|
||||||
ps2.setUri(URI_ROLE2);
|
ps2.setUri(URI_ROLE2);
|
||||||
ps2.setLabel("Role 2");
|
ps2.setLabel("Role 2");
|
||||||
ps2.setDefaultForNewUsers(true);
|
ps2.setForNewUsers(true);
|
||||||
expected.add(ps2);
|
expected.add(ps2);
|
||||||
|
|
||||||
|
PermissionSet ps3 = new PermissionSet();
|
||||||
|
ps3.setUri(URI_ROLE3);
|
||||||
|
ps3.setLabel("Role 3");
|
||||||
|
ps3.setForPublic(true);
|
||||||
|
expected.add(ps3);
|
||||||
|
|
||||||
assertCorrectPermissionSets(expected, dao.getAllPermissionSets());
|
assertCorrectPermissionSets(expected, dao.getAllPermissionSets());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -467,7 +473,8 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass {
|
||||||
map.put("uri", ps.getUri());
|
map.put("uri", ps.getUri());
|
||||||
map.put("label", ps.getLabel());
|
map.put("label", ps.getLabel());
|
||||||
map.put("permissions", ps.getPermissionUris());
|
map.put("permissions", ps.getPermissionUris());
|
||||||
map.put("defaultForNewUsers", ps.isDefaultForNewUsers());
|
map.put("forNewUsers", ps.isForNewUsers());
|
||||||
|
map.put("forPublic", ps.isForPublic());
|
||||||
return map;
|
return map;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -31,10 +31,16 @@ mydomain:role1
|
||||||
|
|
||||||
mydomain:role2
|
mydomain:role2
|
||||||
a auth:PermissionSet ;
|
a auth:PermissionSet ;
|
||||||
a auth:DefaultPermissionSetForNewUsers ;
|
a auth:PermissionSetForNewUsers ;
|
||||||
rdfs:label "Role 2" ;
|
rdfs:label "Role 2" ;
|
||||||
.
|
.
|
||||||
|
|
||||||
|
mydomain:role3
|
||||||
|
a auth:PermissionSet ;
|
||||||
|
a auth:PermissionSetForPublic ;
|
||||||
|
rdfs:label "Role 3" ;
|
||||||
|
.
|
||||||
|
|
||||||
mydomain:permissionA
|
mydomain:permissionA
|
||||||
a auth:Permission ;
|
a auth:Permission ;
|
||||||
rdfs:label "Permission A" ;
|
rdfs:label "Permission A" ;
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
package stubs.edu.cornell.mannlib.vitro.webapp.dao;
|
package stubs.edu.cornell.mannlib.vitro.webapp.dao;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
@ -43,6 +44,11 @@ public class UserAccountsDaoStub implements UserAccountsDao {
|
||||||
return userAccountsByUri.get(uri);
|
return userAccountsByUri.get(uri);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Collection<PermissionSet> getAllPermissionSets() {
|
||||||
|
return new ArrayList<PermissionSet>(permissionSetsByUri.values());
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public PermissionSet getPermissionSetByUri(String uri) {
|
public PermissionSet getPermissionSetByUri(String uri) {
|
||||||
return permissionSetsByUri.get(uri);
|
return permissionSetsByUri.get(uri);
|
||||||
|
|
@ -76,12 +82,6 @@ public class UserAccountsDaoStub implements UserAccountsDao {
|
||||||
"UserAccountsDaoStub.deleteUserAccount() not implemented.");
|
"UserAccountsDaoStub.deleteUserAccount() not implemented.");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Collection<PermissionSet> getAllPermissionSets() {
|
|
||||||
throw new RuntimeException(
|
|
||||||
"UserAccountsDaoStub.getAllPermissionSets() not implemented.");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserAccount getUserAccountByExternalAuthId(String externalAuthId) {
|
public UserAccount getUserAccountByExternalAuthId(String externalAuthId) {
|
||||||
throw new RuntimeException(
|
throw new RuntimeException(
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue