diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java index 70ebed8c8..45dc6cf3f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java @@ -3,7 +3,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.freemarker; -import java.lang.reflect.InvocationTargetException; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -19,6 +19,8 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleRequestedAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequiresActions; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues; @@ -51,27 +53,16 @@ public class PageController extends FreemarkerHttpServlet{ @Override protected Actions requiredActions(VitroRequest vreq) { try { - Actions actAcc = null; - List dgList = - DataGetterUtils.getDataGettersForPage(vreq, vreq.getDisplayModel(), getPageUri(vreq)); - for( DataGetter dg : dgList){ - if( dg instanceof RequiresActions ){ - RequiresActions ra = (RequiresActions) dg; - Actions acts = ra.requiredActions(vreq); - if( acts != null ){ - if( actAcc != null ){ - actAcc.and( acts ); - }else{ - actAcc = acts; - } - } - } - } - - if( actAcc == null ) + Actions pageActs = getActionsForPage( vreq ); + Actions dgActs = getActionsForDataGetters( vreq ); + + if( pageActs == null && dgActs == null){ return Actions.AUTHORIZED; - else - return actAcc; + }else if( pageActs == null && dgActs != null ){ + return dgActs; + }else{ + return pageActs; + } } catch (Exception e) { // TODO Auto-generated catch block @@ -79,6 +70,54 @@ public class PageController extends FreemarkerHttpServlet{ return Actions.UNAUTHORIZED; } } + + /** + * Get all the required actions directly required for the page. + */ + private Actions getActionsForPage( VitroRequest vreq ) throws Exception{ + List simplePremUris = vreq.getWebappDaoFactory().getPageDao() + .getRequiredActions( getPageUri(vreq) ); + + List actions = new ArrayList(); + + for( String uri : simplePremUris ){ + actions.add( new SimpleRequestedAction(uri) ); + } + + return new Actions( actions ); + } + /** + * Get Actions object for the data getters for the page. + */ + private Actions getActionsForDataGetters(VitroRequest vreq ){ + try { + Actions dgActs = null; + + List dgList = + DataGetterUtils.getDataGettersForPage( + vreq, vreq.getDisplayModel(), getPageUri(vreq)); + + for( DataGetter dg : dgList){ + if( dg instanceof RequiresActions ){ + RequiresActions ra = (RequiresActions) dg; + Actions acts = ra.requiredActions(vreq); + if( acts != null ){ + if( dgActs != null ){ + dgActs.and( acts ); + }else{ + dgActs = acts; + } + } + } + } + + return dgActs; + } catch (Exception e) { + // TODO Auto-generated catch block + log.debug(e); + return Actions.UNAUTHORIZED; + } + } @Override protected ResponseValues processRequest(VitroRequest vreq) throws Exception { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java index 4a832d784..a3f0fdab3 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java @@ -48,6 +48,7 @@ public class DisplayVocabulary { public static final String ITEM_TO_PAGE = NS + "toPage"; public static final String HAS_ELEMENT = NS + "hasElement"; public static final String USES_DATAGETTER_CLASS = NS + "usesDataGetterClass"; + public static final String REQUIRED_ACTIONS = NS + "requiredAction"; /**Data Getter object properties **/ public static final String HAS_DATA_GETTER = NS + "hasDataGetter"; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java index b08f559d1..3004dddd7 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java @@ -29,4 +29,10 @@ public interface PageDao { List getDataGetterClass(String pageUri); + /** + * Gets the required actions directly associated with a page. + * Does not get required actions for any data getters that are + * related to the page. + */ + List getRequiredActions(String pageUri); } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java index e8ac4392e..e723e0a2b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java @@ -6,6 +6,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; +import java.util.LinkedList; import java.util.List; import java.util.Map; @@ -77,7 +78,14 @@ public class PageDaoJena extends JenaBaseDao implements PageDao { " ?pageUri display:hasDataGetter ?dg .\n"+ " ?dg rdf:type ?dataGetterType . \n" + "} \n" ; - + + //Get the required actions directly associated with a page + static final protected String requiredActionsQuery = + prefixes + "\n" + + "SELECT ?requiredAction WHERE{\n" + + " ?pageUri <" + DisplayVocabulary.REQUIRED_ACTIONS + "> ?requiredAction .\n"+ + "}"; + //Get data getter URIs static final protected String dataGetterURIsQueryString = prefixes + "\n" + @@ -519,10 +527,54 @@ public class PageDaoJena extends JenaBaseDao implements PageDao { return dataGetterClasses; } - + + /** + * Gets the requiredActions directly associated with page. + */ + public List getRequiredActions(String pageUri){ + QuerySolutionMap initialBindings = new QuerySolutionMap(); + initialBindings.add("pageUri", ResourceFactory.createResource(pageUri)); + List actions = new ArrayList(); + + Model dModel = getOntModelSelector().getDisplayModel(); + try{ + QueryExecution qe = + QueryExecutionFactory.create( requiredActionsQuery, dModel, initialBindings); + actions = executeQueryToList( qe ); + qe.close(); + }finally{ + dModel.enterCriticalSection(false); + } + return actions; + } /* *************************** Utility methods ********************************* */ - + + /** + * Assumes single bound variable in solution. + */ + protected List executeQueryToList(QueryExecution qex){ + List rv = new LinkedList(); + ResultSet results = qex.execSelect(); + while (results.hasNext()) { + rv.add(querySolutionToString( results.nextSolution() )); + } + return rv; + } + + /** + * Assumes single bound variable in solution. + */ + protected String querySolutionToString( QuerySolution soln ){ + Iterator varNames = soln.varNames(); + if(varNames.hasNext()){ + String name = varNames.next(); + return nodeToString( soln.get(name) ); + }else{ + return ""; + } + } + /** * Converts a sparql query that returns a multiple rows to a list of maps. * The maps will have column names as keys to the values. @@ -548,7 +600,9 @@ public class PageDaoJena extends JenaBaseDao implements PageDao { } return map; } - + + + static protected Object nodeToObject( RDFNode node ){ if( node == null ){ return ""; @@ -582,11 +636,6 @@ public class PageDaoJena extends JenaBaseDao implements PageDao { return ""; } } - protected Map resultsToMap(){ - return null; - } - - } diff --git a/webapp/web/WEB-INF/ontologies/app/menuload/displayDisplay.n3 b/webapp/web/WEB-INF/ontologies/app/menuload/displayDisplay.n3 index 35f95df09..8b30c3945 100644 --- a/webapp/web/WEB-INF/ontologies/app/menuload/displayDisplay.n3 +++ b/webapp/web/WEB-INF/ontologies/app/menuload/displayDisplay.n3 @@ -14,4 +14,14 @@ rdf:type "true"^^xsd:boolean ; - \ No newline at end of file + +display:requiresAction + a owl:ObjectProperty ; + rdfs:label "Required Action"@en-US ; + rdfs:comment "Indicates that a resource has a required action that may need to be authorized" . + rdfs:range display:RequiredAction . + + "true"^^xsd:boolean ; + + "true"^^xsd:boolean ; + diff --git a/webapp/web/WEB-INF/ontologies/app/menuload/displayTBOX.n3 b/webapp/web/WEB-INF/ontologies/app/menuload/displayTBOX.n3 index 5d3fe4ccb..dd3bf4ea7 100644 --- a/webapp/web/WEB-INF/ontologies/app/menuload/displayTBOX.n3 +++ b/webapp/web/WEB-INF/ontologies/app/menuload/displayTBOX.n3 @@ -4,127 +4,130 @@ @prefix xsd: . @prefix owl: . @prefix rdf: . - +@prefix display: . +@prefix vitro: . #########Classes######### ###Basic -owl:Class - a owl:Class . - -owl:Ontology - a owl:Class . - -owl:AnnotationProperty - a owl:Class . - -owl:DatatypeProperty - a owl:Class . - -owl:ObjectProperty - a owl:Class . +owl:Class a owl:Class . +owl:Ontology a owl:Class . +owl:AnnotationProperty a owl:Class . +owl:DatatypeProperty a owl: +owl:ObjectProperty a owl:Class . ###Display Model - +display:MainMenu a owl:Class ; - - "individual-menu.ftl"^^xsd:string . + vitro:customDisplayViewAnnot "individual-menu.ftl"^^xsd:string . - - a owl:Class . +display:NavigationElement a owl:Class . - - a owl:Class . +display:Page a owl:Class . - - a owl:Class . +display:HomePage a owl:Class . - - a owl:Class . +display:ClassGroupPage a owl:Class . - - a owl:Class . +display:IndividualsForClassesPage a owl:Class . - - a owl:Class . +display:InternalClassesPage a owl:Class . - - a owl:Class . +display:DataGetter a owl:Class . + +display:RequiredAction a owl:Class ; + rdfs:comment "Represents a action that may need authorization to perform.". - a owl:Class . + a owl:Class ; + rdfs:comment "Data getter for running a SPARQL query." -##Adding a data getter type that is Solr Class search, i.e. get individuals for VClass - a owl:Class . + a owl:Class ; + rdfs:comment "A data getter for a Solr Class search, i.e. get individuals for VClass" . + + a owl:Class ; + rdfs:comment "A data getter that runs a SPARQL Update" . + + a owl:Class ; + rdfs:comment "A data getter for a standard Vitro browse page" . + + + a owl:Class ; + rdfs:comment "A data getter for a VClassGroup page". + + + a owl:Class ; + rdfs:comment "A data getter for a Fixed piece of HTML stored in RDF". + + + a owl:Class . + ########Data Properties######### ###Basic rdfs:comment - a owl:DatatypeProperty . - + a owl:DatatypeProperty . rdfs:label - a owl:DatatypeProperty . - - + a owl:DatatypeProperty . owl:versionInfo a owl:DatatypeProperty . -###Vitro model +###Vitro model - +vitro:modTime a owl:DatatypeProperty . - +vitro:displayRank + a owl:DatatypeProperty . +vitro:customDisplayViewAnnot a owl:DatatypeProperty . - - a owl:DatatypeProperty . - -###Display model +###Display model - - a owl:DatatypeProperty . - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty . +display:listViewConfigFile + a owl:DatatypeProperty . - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty ; - +display:title + a owl:DatatypeProperty . + +display:urlMapping + a owl:DatatypeProperty . + +display:requiresBodyTemplate + a owl:DatatypeProperty . + +display:isSelfContainedTemplate + a owl:DatatypeProperty . + +display:menuPosition + a owl:DatatypeProperty ; + vitro:displayLimitAnnot "1"^^xsd:int . - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty . +display:linkText + a owl:DatatypeProperty . - - a owl:DatatypeProperty . - - - a owl:DatatypeProperty. - - - a owl:DatatypeProperty. - - - a owl:DatatypeProperty. - - +display:hasMenuText + a owl:DatatypeProperty . + +display:usesDataGetterClass + a owl:DatatypeProperty . + +display:query + a owl:DatatypeProperty . + +display:saveToVar + a owl:DatatypeProperty. + +display:queryModel + a owl:DatatypeProperty. + +display:htmlValue + a owl:DatatypeProperty. + +display:cannotDeletePage a owl:DatatypeProperty. ######### Object Properties######### @@ -134,12 +137,11 @@ rdfs:range rdfs:domain a owl:ObjectProperty . owl:topObjectProperty - a owl:ObjectProperty . + a owl:ObjectProperty . -##Adding object property defining class for solr data getter - - a owl:ObjectProperty. - +display:hasVClassId + a owl:ObjectProperty ; + rdfs:comment "Object property defining class for solr data getter" . ###Vitro properties without which individual templates throw errors as are required @@ -148,71 +150,73 @@ owl:topObjectProperty rdfs:range ; rdfs:subPropertyOf , owl:topObjectProperty . - +vitro:primaryLink a owl:ObjectProperty ; rdfs:label "Primary Link"@en-US ; - rdfs:range ; - rdfs:subPropertyOf , owl:topObjectProperty ; - + rdfs:range vitro:Link ; + rdfs:subPropertyOf vitro:primaryLink , owl:topObjectProperty ; + vitro:customEntryFormAnnot "defaultLinkForm.jsp"^^xsd:string ; - + vitro:forceStubDeletionAnnot "true"^^xsd:boolean ; - + vitro:offerCreateNewOptionAnnot "true"^^xsd:boolean ; - + vitro:selectFromExistingAnnot "false"^^xsd:boolean ; - + vitro:stubObjectPropertyAnnot "true"^^xsd:boolean . rdf:type a owl:ObjectProperty ; rdfs:label "RDF Type"@en-US ; rdfs:range owl:Class ; - + vitro:customEntryFormAnnot "edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.generators.RdfTypeGenerator"^^xsd:string ; - + vitro:offerCreateNewOptionAnnot "true"^^xsd:boolean ; - + vitro:selectFromExistingAnnot "true"^^xsd:boolean . - +vitro:additionalLink a owl:ObjectProperty ; rdfs:label "Additional Link"@en-US ; - rdfs:range ; - rdfs:subPropertyOf , owl:topObjectProperty ; - + rdfs:range vitro:Link ; + rdfs:subPropertyOf vitro:additionalLink , owl:topObjectProperty ; + vitro:customEntryFormAnnot "defaultLinkForm.jsp"^^xsd:string ; - + vitro:forceStubDeletionAnnot "true"^^xsd:boolean ; - + vitro:offerCreateNewOptionAnnot "true"^^xsd:boolean ; - + vitro:selectFromExistingAnnot "false"^^xsd:boolean ; - + vitro:stubObjectPropertyAnnot "true"^^xsd:boolean . ###Display model -###Adding menu management customform annotation - +display:hasElement a owl:ObjectProperty . - +display:excludeClass a owl:ObjectProperty . - +display:toPage a owl:ObjectProperty . - +display:forClassGroup a owl:ObjectProperty . - +display:hasDataGetter a owl:ObjectProperty . - +display:getIndividualsForClass a owl:ObjectProperty . - +display:restrictResultsByClass a owl:ObjectProperty . + +display:requiresAction + a owl:ObjectProperty . diff --git a/webapp/web/WEB-INF/ontologies/app/permissions.n3 b/webapp/web/WEB-INF/ontologies/app/permissions.n3 new file mode 100644 index 000000000..b11bb9d98 --- /dev/null +++ b/webapp/web/WEB-INF/ontologies/app/permissions.n3 @@ -0,0 +1,159 @@ +# $This file is distributed under the terms of the license in /doc/license.txt$ + +@prefix owl: . +@prefix display: . +@prefix rdf: . +@prefix rdfs: . +@prefix action: . + +# These are the reqired action objects from the SimplePermission.java. + +action:AccessSpecialDataModels + a display:RequiredAction ; + rdfs:label "ACCESS_SPECIAL_DATA_MODELS" . + + +action:DoBackEndEditing + a display:RequiredAction ; + rdfs:label "DO_BACK_END_EDITING" . + + +action:DoFrontEndEditing + a display:RequiredAction ; + rdfs:label "DO_FRONT_END_EDITING" . + + +action:EditOntology + a display:RequiredAction ; + rdfs:label "EDIT_ONTOLOGY" . + + +action:EditOwnAccount + a display:RequiredAction ; + rdfs:label "EDIT_OWN_ACCOUNT" . + + +action:EditSiteInformation + a display:RequiredAction ; + rdfs:label "EDIT_SITE_INFORMATION" . + + +action:LoginDuringMaintenance + a display:RequiredAction ; + rdfs:label "LOGIN_DURING_MAINTENANCE" . + + +action:ManageMenus + a display:RequiredAction ; + rdfs:label "MANAGE_MENUS" . + + +action:ManageOwnProxies + a display:RequiredAction ; + rdfs:label "MANAGE_OWN_PROXIES" . + + +action:ManagePortals + a display:RequiredAction ; + rdfs:label "MANAGE_PORTALS" . + + +action:ManageProxies + a display:RequiredAction ; + rdfs:label "MANAGE_PROXIES" . + + +action:ManageSearchIndex + a display:RequiredAction ; + rdfs:label "MANAGE_SEARCH_INDEX" . + + +action:ManageTabs + a display:RequiredAction ; + rdfs:label "MANAGE_TABS" . + + +action:ManageUserAccounts + a display:RequiredAction ; + rdfs:label "MANAGE_USER_ACCOUNTS" . + + +action:QueryFullModel + a display:RequiredAction ; + rdfs:label "QUERY_FULL_MODEL" . + + +action:QueryUserAccountsModel + a display:RequiredAction ; + rdfs:label "QUERY_USER_ACCOUNTS_MODEL" . + + +action:RebuildVClassGroupCache + a display:RequiredAction ; + rdfs:label "REBUILD_VCLASS_GROUP_CACHE" . + + +action:RefreshVisualizationCache + a display:RequiredAction ; + rdfs:label "REFRESH_VISUALIZATION_CACHE" . + + +action:SeeIndividualEditingPanel + a display:RequiredAction ; + rdfs:label "SEE_INDVIDUAL_EDITING_PANEL" . + + +action:SeeRevisionInfo + a display:RequiredAction ; + rdfs:label "SEE_REVISION_INFO" . + + +action:SeeSiteAdminPage + a display:RequiredAction ; + rdfs:label "SEE_SITE_ADMIN_PAGE" . + + +action:SeeStartupStatus + a display:RequiredAction ; + rdfs:label "SEE_STARTUP_STATUS" . + + +action:SeeVerbosePropertyInformation + a display:RequiredAction ; + rdfs:label "SEE_VERBOSE_PROPERTY_INFORMATION" . + + +action:UseAdvancedDataToolsPages + a display:RequiredAction ; + rdfs:label "USE_ADVANCED_DATA_TOOLS_PAGES" . + + +action:UseSparqlQueryPage + a display:RequiredAction ; + rdfs:label "USE_SPARQL_QUERY_PAGE" . + + +action:UseBasicAjaxControllers + a display:RequiredAction ; + rdfs:label "USE_BASIC_AJAX_CONTROLLERS" . + + +action:UseMiscellaneousAdminPages + a display:RequiredAction ; + rdfs:label "USE_MISCELLANEOUS_ADMIN_PAGES" . + + +action:UseMiscellaneousCuratorPages + a display:RequiredAction ; + rdfs:label "USE_MISCELLANEOUS_CURATOR_PAGES" . + + +action:UseMiscellaneousEditorPages + a display:RequiredAction ; + rdfs:label "USE_MISCELLANEOUS_EDITOR_PAGES" . + + +action:UseMiscellaneousPages + a display:RequiredAction ; + rdfs:label "USE_MISCELLANEOUS_PAGES" . +