// check whether any bundle belongs to any item that passed submission // and workflow process protected boolean isAnyItemInstalled(Context ctx, List<Bundle> bundles) throws SQLException { for (Bundle bundle : bundles) { for (Item item : bundle.getItems()) { if (workspaceItemService.findByItem(ctx, item) == null && workflowItemService.findByItem(ctx, item) == null) { return true; } } } return false; }
/** * Return the InProgressSubmission, either workspaceItem or workflowItem, depending on the id * provided. If the id begins with an S then it is a considered a workspaceItem. If the id begins * with a W then it is considered a workflowItem. * * @param context * @param inProgressSubmissionID * @return The InprogressSubmission or null if non found */ public static InProgressSubmission findSubmission(Context context, String inProgressSubmissionID) throws SQLException, AuthorizeException, IOException { char type = inProgressSubmissionID.charAt(0); int id = Integer.valueOf(inProgressSubmissionID.substring(1)); if (type == 'S') { return workspaceItemService.find(context, id); } else if (type == 'W' || type == 'X') { return workflowService.find(context, id); } return null; }
/** * Check to see if the given user can perform the given action on the given object. Always returns * true if the ignore authorization flat is set in the current context. * * @param c current context. User is irrelevant; "ignore authorization" flag is relevant * @param o object action is being attempted on * @param action ID of action being attempted, from <code>org.dspace.core.Constants</code> * @param e user attempting action * @param useInheritance flag to say if ADMIN action on the current object or parent object can be * used * @return <code>true</code> if user is authorized to perform the given action, <code>false</code> * otherwise * @throws SQLException if database error */ protected boolean authorize( Context c, DSpaceObject o, int action, EPerson e, boolean useInheritance) throws SQLException { // return FALSE if there is no DSpaceObject if (o == null) { return false; } // is authorization disabled for this context? if (c.ignoreAuthorization()) { return true; } // is eperson set? if not, userToCheck = null (anonymous) EPerson userToCheck = null; if (e != null) { userToCheck = e; // perform isAdmin check to see // if user is an Admin on this object DSpaceObject adminObject = useInheritance ? serviceFactory.getDSpaceObjectService(o).getAdminObject(c, o, action) : null; if (isAdmin(c, adminObject)) { return true; } } // In case the dso is an bundle or bitstream we must ignore custom // policies if it does not belong to at least one installed item (see // DS-2614). // In case the dso is an item and a corresponding workspace or workflow // item exist, we have to ignore custom policies (see DS-2614). boolean ignoreCustomPolicies = false; if (o instanceof Bitstream) { Bitstream b = (Bitstream) o; // Ensure that this is not a collection or community logo DSpaceObject parent = bitstreamService.getParentObject(c, b); if (!(parent instanceof Collection) && !(parent instanceof Community)) { ignoreCustomPolicies = !isAnyItemInstalled(c, b.getBundles()); } } if (o instanceof Bundle) { ignoreCustomPolicies = !isAnyItemInstalled(c, Arrays.asList(((Bundle) o))); } if (o instanceof Item) { if (workspaceItemService.findByItem(c, (Item) o) != null || workflowItemService.findByItem(c, (Item) o) != null) { ignoreCustomPolicies = true; } } for (ResourcePolicy rp : getPoliciesActionFilter(c, o, action)) { if (ignoreCustomPolicies && ResourcePolicy.TYPE_CUSTOM.equals(rp.getRpType())) { continue; } // check policies for date validity if (resourcePolicyService.isDateValid(rp)) { if (rp.getEPerson() != null && rp.getEPerson().equals(userToCheck)) { return true; // match } if ((rp.getGroup() != null) && (groupService.isMember(c, rp.getGroup()))) { // group was set, and eperson is a member // of that group return true; } } } // default authorization is denial return false; }