Changing PageController to use permissions on pages. VIVO-63 Adding Permissions to display model.

2013-08-21 16:03:53 -04:00 · 2013-08-21 16:03:53 -04:00 · e6c2596a35
commit e6c2596a35
parent b425682a92
7 changed files with 415 additions and 147 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java
@ -3,7 +3,7 @@
 package edu.cornell.mannlib.vitro.webapp.controller.freemarker;


-import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@ -19,6 +19,8 @@ import org.apache.commons.logging.LogFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleRequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequiresActions;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
@ -51,27 +53,16 @@ public class PageController extends FreemarkerHttpServlet{
    @Override
    protected Actions requiredActions(VitroRequest vreq) {
        try {
-            Actions actAcc = null;
-            List<DataGetter> dgList = 
-                DataGetterUtils.getDataGettersForPage(vreq, vreq.getDisplayModel(), getPageUri(vreq));
-            for( DataGetter dg : dgList){
-                if( dg instanceof RequiresActions ){
-                    RequiresActions ra = (RequiresActions) dg;
-                    Actions acts = ra.requiredActions(vreq);                        
-                    if( acts != null ){
-                        if( actAcc != null ){
-                            actAcc.and( acts );
-                        }else{
-                            actAcc = acts;
-                        }
-                    }
-                }
-            }
-            
-            if( actAcc == null )
+            Actions pageActs = getActionsForPage( vreq );
+            Actions dgActs = getActionsForDataGetters( vreq );
+
+            if( pageActs == null && dgActs == null){
                return Actions.AUTHORIZED;
-            else
-                return actAcc;
+            }else if( pageActs == null && dgActs != null ){
+                return dgActs;
+            }else{
+                return pageActs;
+            }                
            
        } catch (Exception e) {
            // TODO Auto-generated catch block
@ -79,6 +70,54 @@ public class PageController extends FreemarkerHttpServlet{
            return Actions.UNAUTHORIZED;
        }                
    }
+
+    /**
+     * Get all the required actions directly required for the page.
+     */
+    private Actions getActionsForPage( VitroRequest vreq ) throws Exception{
+        List<String> simplePremUris = vreq.getWebappDaoFactory().getPageDao()
+            .getRequiredActions( getPageUri(vreq) );
+        
+        List<RequestedAction> actions = new ArrayList<RequestedAction>();
+        
+        for( String uri : simplePremUris ){
+            actions.add( new SimpleRequestedAction(uri) );
+        }
+        
+        return new Actions( actions );
+    }
+    /**
+     * Get Actions object for the data getters for the page.
+     */
+    private Actions getActionsForDataGetters(VitroRequest vreq ){
+        try {
+            Actions dgActs = null;
+
+            List<DataGetter> dgList = 
+                DataGetterUtils.getDataGettersForPage(
+                    vreq, vreq.getDisplayModel(), getPageUri(vreq));
+
+            for( DataGetter dg : dgList){
+                if( dg instanceof RequiresActions ){
+                    RequiresActions ra = (RequiresActions) dg;
+                    Actions acts = ra.requiredActions(vreq);                        
+                    if( acts != null ){
+                        if( dgActs != null ){
+                            dgActs.and( acts );
+                        }else{
+                            dgActs = acts;
+                        }
+                    }
+                }
+            }
+            
+            return dgActs;
+        } catch (Exception e) {
+            // TODO Auto-generated catch block
+            log.debug(e);
+            return Actions.UNAUTHORIZED;
+        }
+    }
    
    @Override
    protected ResponseValues processRequest(VitroRequest vreq) throws Exception {
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
@ -48,6 +48,7 @@ public class DisplayVocabulary {
    public static final String ITEM_TO_PAGE = NS + "toPage";
    public static final String HAS_ELEMENT = NS + "hasElement";
    public static final String USES_DATAGETTER_CLASS = NS + "usesDataGetterClass";
+    public static final String REQUIRED_ACTIONS = NS + "requiredAction";

    /**Data Getter object properties **/
    public static final String HAS_DATA_GETTER = NS + "hasDataGetter";
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/PageDao.java
@ -29,4 +29,10 @@ public interface PageDao {
    
    List<String> getDataGetterClass(String pageUri);

+    /**
+     * Gets the required actions directly associated with a page.
+     * Does not get required actions for any data getters that are
+     * related to the page.
+     */
+    List<String> getRequiredActions(String pageUri);
 }
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/dao/jena/PageDaoJena.java
@ -6,6 +6,7 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Iterator;
+import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;

@ -77,7 +78,14 @@ public class PageDaoJena extends JenaBaseDao implements PageDao {
        "    ?pageUri display:hasDataGetter ?dg .\n"+    
        " 	 ?dg rdf:type ?dataGetterType . \n" +
        "} \n" ;
-    
+
+    //Get the required actions directly associated with a page
+    static final protected String requiredActionsQuery =
+        prefixes + "\n" +
+        "SELECT ?requiredAction WHERE{\n" +
+        "    ?pageUri <" + DisplayVocabulary.REQUIRED_ACTIONS + ">  ?requiredAction .\n"+
+        "}";
+
    //Get data getter URIs
    static final protected String dataGetterURIsQueryString = 
        prefixes + "\n" +
@ -519,10 +527,54 @@ public class PageDaoJena extends JenaBaseDao implements PageDao {
         return dataGetterClasses;
    }

-   
+
+    /** 
+     * Gets the requiredActions directly associated with page.
+     */
+    public List<String> getRequiredActions(String pageUri){
+        QuerySolutionMap initialBindings = new QuerySolutionMap();
+        initialBindings.add("pageUri", ResourceFactory.createResource(pageUri));
+        List<String> actions = new ArrayList<String>();
+        
+        Model dModel = getOntModelSelector().getDisplayModel();
+        try{
+            QueryExecution qe = 
+                QueryExecutionFactory.create( requiredActionsQuery, dModel, initialBindings);
+            actions = executeQueryToList( qe );
+            qe.close();
+        }finally{
+            dModel.enterCriticalSection(false);
+        }
+        return actions;            
+    }
    
    /* *************************** Utility methods ********************************* */
-    
+
+    /**
+     * Assumes single bound variable in solution.
+     */
+    protected List<String> executeQueryToList(QueryExecution qex){
+        List<String> rv = new LinkedList<String>();
+        ResultSet results = qex.execSelect();
+        while (results.hasNext()) {
+            rv.add(querySolutionToString( results.nextSolution() ));
+        }
+        return rv;
+    }
+
+    /**
+     * Assumes single bound variable in solution.
+     */
+    protected String querySolutionToString( QuerySolution soln ){
+        Iterator<String> varNames = soln.varNames();
+        if(varNames.hasNext()){
+            String name = varNames.next();
+            return nodeToString( soln.get(name) );
+        }else{
+            return "";
+        }
+    }
+                                                  
    /**
     * Converts a sparql query that returns a multiple rows to a list of maps.
     * The maps will have column names as keys to the values.
@ -548,7 +600,9 @@ public class PageDaoJena extends JenaBaseDao implements PageDao {
        }
        return map;
    }
-    
+
+
+
    static protected Object nodeToObject( RDFNode node ){
        if( node == null ){
            return "";
@ -582,11 +636,6 @@ public class PageDaoJena extends JenaBaseDao implements PageDao {
            return "";
        }
    }
-    protected Map<String,Object> resultsToMap(){
-        return null;
-    }
-
-
    

 }