Esempio n. 1
0
  @Override
  public void addPolicies(Context c, List<ResourcePolicy> policies, DSpaceObject dest)
      throws SQLException, AuthorizeException {
    // now add them to the destination object
    List<ResourcePolicy> newPolicies = new LinkedList<>();

    for (ResourcePolicy srp : policies) {
      ResourcePolicy rp = resourcePolicyService.create(c);

      // copy over values
      rp.setdSpaceObject(dest);
      rp.setAction(srp.getAction());
      rp.setEPerson(srp.getEPerson());
      rp.setGroup(srp.getGroup());
      rp.setStartDate(srp.getStartDate());
      rp.setEndDate(srp.getEndDate());
      rp.setRpName(srp.getRpName());
      rp.setRpDescription(srp.getRpDescription());
      rp.setRpType(srp.getRpType());

      // and add policy to list of new policies
      newPolicies.add(rp);
    }

    resourcePolicyService.update(c, newPolicies);
  }
Esempio n. 2
0
  /**
   * Generate Policies policies READ for the date in input adding reason. New policies are assigned
   * automatically at the groups that have right on the collection. E.g., if the anonymous can
   * access the collection policies are assigned to anonymous.
   *
   * @param context The relevant DSpace Context.
   * @param embargoDate embargo end date
   * @param reason embargo reason
   * @param dso DSpace object
   * @param owningCollection collection to get group policies from
   * @throws SQLException if database error
   * @throws AuthorizeException if authorization error
   */
  @Override
  public void generateAutomaticPolicies(
      Context context,
      Date embargoDate,
      String reason,
      DSpaceObject dso,
      Collection owningCollection)
      throws SQLException, AuthorizeException {

    if (embargoDate != null || (embargoDate == null && dso instanceof Bitstream)) {

      List<Group> authorizedGroups =
          getAuthorizedGroups(context, owningCollection, Constants.DEFAULT_ITEM_READ);

      removeAllPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);

      // look for anonymous
      boolean isAnonymousInPlace = false;
      for (Group g : authorizedGroups) {
        if (StringUtils.equals(g.getName(), Group.ANONYMOUS)) {
          isAnonymousInPlace = true;
        }
      }
      if (!isAnonymousInPlace) {
        // add policies for all the groups
        for (Group g : authorizedGroups) {
          ResourcePolicy rp =
              createOrModifyPolicy(
                  null, context, null, g, null, embargoDate, Constants.READ, reason, dso);
          if (rp != null) resourcePolicyService.update(context, rp);
        }

      } else {
        // add policy just for anonymous
        ResourcePolicy rp =
            createOrModifyPolicy(
                null,
                context,
                null,
                groupService.findByName(context, Group.ANONYMOUS),
                null,
                embargoDate,
                Constants.READ,
                reason,
                dso);
        if (rp != null) resourcePolicyService.update(context, rp);
      }
    }
  }
Esempio n. 3
0
 @Override
 public void switchPoliciesAction(Context context, DSpaceObject dso, int fromAction, int toAction)
     throws SQLException, AuthorizeException {
   List<ResourcePolicy> rps = getPoliciesActionFilter(context, dso, fromAction);
   for (ResourcePolicy rp : rps) {
     rp.setAction(toAction);
   }
   resourcePolicyService.update(context, rps);
 }
Esempio n. 4
0
  @Override
  public ResourcePolicy createResourcePolicy(
      Context context, DSpaceObject dso, Group group, EPerson eperson, int type, String rpType)
      throws SQLException, AuthorizeException {
    if (group == null && eperson == null) {
      throw new IllegalArgumentException(
          "We need at least an eperson or a group in order to create a resource policy.");
    }

    ResourcePolicy myPolicy = resourcePolicyService.create(context);
    myPolicy.setdSpaceObject(dso);
    myPolicy.setAction(type);
    myPolicy.setGroup(group);
    myPolicy.setEPerson(eperson);
    myPolicy.setRpType(rpType);
    resourcePolicyService.update(context, myPolicy);

    return myPolicy;
  }
Esempio n. 5
0
  @Override
  public ResourcePolicy findByTypeIdGroupAction(
      Context c, DSpaceObject dso, Group group, int action, int policyID) throws SQLException {
    List<ResourcePolicy> policies = resourcePolicyService.find(c, dso, group, action, policyID);

    if (CollectionUtils.isNotEmpty(policies)) {
      return policies.iterator().next();
    } else {
      return null;
    }
  }
Esempio n. 6
0
  public boolean isCollectionAdmin(Context c) throws SQLException {
    EPerson e = c.getCurrentUser();

    if (e != null) {
      List<ResourcePolicy> policies =
          resourcePolicyService.find(
              c, e, groupService.allMemberGroups(c, e), Constants.ADMIN, Constants.COLLECTION);

      if (CollectionUtils.isNotEmpty(policies)) {
        return true;
      }
    }

    return false;
  }
Esempio n. 7
0
  public void addListPolicies(List parent, DSpaceObject dso, Collection owningCollection)
      throws WingException, SQLException {
    if (!isAdvancedFormEnabled) {
      return;
    }
    parent.addLabel(T_head_policies_table);

    java.util.List<ResourcePolicy> resourcePolicies =
        authorizeService.findPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);
    if (resourcePolicies.isEmpty()) {
      parent.addItem(T_no_policies);
      return;
    }

    for (ResourcePolicy rp : resourcePolicies) {
      int id = rp.getID();

      String name = "";
      if (rp.getRpName() != null) name = rp.getRpName();

      String action = resourcePolicyService.getActionText(rp);

      // if it is the default policy for the Submitter don't show it.
      if (dso instanceof org.dspace.content.Item) {
        org.dspace.content.Item item = (org.dspace.content.Item) dso;
        if (rp.getEPerson() != null) {
          if (item.getSubmitter().equals(rp.getEPerson())) continue;
        }
      }

      String group = "";
      if (rp.getGroup() != null) group = rp.getGroup().getName();

      // start
      String startDate = "";
      if (rp.getStartDate() != null) {
        startDate = DateFormatUtils.format(rp.getStartDate(), "yyyy-MM-dd");
      }

      // endDate
      String endDate = "";
      if (rp.getEndDate() != null) {
        endDate = DateFormatUtils.format(rp.getEndDate(), "yyyy-MM-dd");
      }

      parent.addItem(T_policy.parameterize(name, action, group, startDate, endDate));
    }
  }
Esempio n. 8
0
  @Override
  public boolean isAdmin(Context c, DSpaceObject o) throws SQLException {

    // return true if user is an Administrator
    if (isAdmin(c)) {
      return true;
    }

    if (o == null) {
      return false;
    }

    //
    // First, check all Resource Policies directly on this object
    //
    List<ResourcePolicy> policies = getPoliciesActionFilter(c, o, Constants.ADMIN);

    for (ResourcePolicy rp : policies) {
      // check policies for date validity
      if (resourcePolicyService.isDateValid(rp)) {
        if (rp.getEPerson() != null && rp.getEPerson().equals(c.getCurrentUser())) {
          return true; // match
        }

        if ((rp.getGroup() != null) && (groupService.isMember(c, rp.getGroup()))) {
          // group was set, and eperson is a member
          // of that group
          return true;
        }
      }
    }

    // If user doesn't have specific Admin permissions on this object,
    // check the *parent* objects of this object.  This allows Admin
    // permissions to be inherited automatically (e.g. Admin on Community
    // is also an Admin of all Collections/Items in that Community)
    DSpaceObject parent = serviceFactory.getDSpaceObjectService(o).getParentObject(c, o);
    if (parent != null) {
      return isAdmin(c, parent);
    }

    return false;
  }
Esempio n. 9
0
  public void addTablePolicies(Division parent, DSpaceObject dso, Collection owningCollection)
      throws WingException, SQLException {
    if (!isAdvancedFormEnabled) {
      return;
    }
    Division div = parent.addDivision("access-existing-policies");
    div.setHead(T_head_policies_table);
    div.addPara(T_policies_help.parameterize(owningCollection));

    java.util.List<ResourcePolicy> resourcePolicies =
        authorizeService.findPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);

    if (resourcePolicies.isEmpty()) {
      div.addPara(T_no_policies);
      return;
    }

    int cols = resourcePolicies.size();
    if (cols == 0) cols = 1;
    Table policies = div.addTable("policies", 6, cols);
    Row header = policies.addRow(Row.ROLE_HEADER);

    header.addCellContent(T_column0); // name
    header.addCellContent(T_column1); // action
    header.addCellContent(T_column2); // group
    header.addCellContent(T_column3); // start_date
    header.addCellContent(T_column4); // end_date

    for (ResourcePolicy rp : resourcePolicies) {
      int id = rp.getID();

      String name = "";
      if (rp.getRpName() != null) name = rp.getRpName();

      String action = resourcePolicyService.getActionText(rp);

      // if it is the default policy for the Submitter don't show it.
      if (dso instanceof org.dspace.content.Item) {
        org.dspace.content.Item item = (org.dspace.content.Item) dso;
        if (rp.getEPerson() != null) {
          if (item.getSubmitter().equals(rp.getEPerson())) continue;
        }
      }

      String group = "";
      if (rp.getGroup() != null) group = rp.getGroup().getName();

      Row row = policies.addRow();

      row.addCellContent(name);
      row.addCellContent(action);
      row.addCellContent(group);

      // start
      String startDate = "";
      if (rp.getStartDate() != null) {
        startDate = DateFormatUtils.format(rp.getStartDate(), "yyyy-MM-dd");
      }
      row.addCellContent(startDate);

      // endDate
      String endDate = "";
      if (rp.getEndDate() != null) {
        endDate = DateFormatUtils.format(rp.getEndDate(), "yyyy-MM-dd");
      }
      row.addCellContent(endDate);

      Button edit = row.addCell().addButton("submit_edit_edit_policies_" + id);
      edit.setValue(T_table_submit_edit);

      Button delete = row.addCell().addButton("submit_delete_edit_policies_" + id);
      delete.setValue(T_table_submit_delete);
    }
  }
Esempio n. 10
0
  /**
   * Check to see if the given user can perform the given action on the given object. Always returns
   * true if the ignore authorization flat is set in the current context.
   *
   * @param c current context. User is irrelevant; "ignore authorization" flag is relevant
   * @param o object action is being attempted on
   * @param action ID of action being attempted, from <code>org.dspace.core.Constants</code>
   * @param e user attempting action
   * @param useInheritance flag to say if ADMIN action on the current object or parent object can be
   *     used
   * @return <code>true</code> if user is authorized to perform the given action, <code>false</code>
   *     otherwise
   * @throws SQLException if database error
   */
  protected boolean authorize(
      Context c, DSpaceObject o, int action, EPerson e, boolean useInheritance)
      throws SQLException {
    // return FALSE if there is no DSpaceObject
    if (o == null) {
      return false;
    }

    // is authorization disabled for this context?
    if (c.ignoreAuthorization()) {
      return true;
    }

    // is eperson set? if not, userToCheck = null (anonymous)
    EPerson userToCheck = null;
    if (e != null) {
      userToCheck = e;

      // perform isAdmin check to see
      // if user is an Admin on this object
      DSpaceObject adminObject =
          useInheritance
              ? serviceFactory.getDSpaceObjectService(o).getAdminObject(c, o, action)
              : null;

      if (isAdmin(c, adminObject)) {
        return true;
      }
    }

    // In case the dso is an bundle or bitstream we must ignore custom
    // policies if it does not belong to at least one installed item (see
    // DS-2614).
    // In case the dso is an item and a corresponding workspace or workflow
    // item exist, we have to ignore custom policies (see DS-2614).
    boolean ignoreCustomPolicies = false;
    if (o instanceof Bitstream) {
      Bitstream b = (Bitstream) o;

      // Ensure that this is not a collection or community logo
      DSpaceObject parent = bitstreamService.getParentObject(c, b);
      if (!(parent instanceof Collection) && !(parent instanceof Community)) {
        ignoreCustomPolicies = !isAnyItemInstalled(c, b.getBundles());
      }
    }
    if (o instanceof Bundle) {
      ignoreCustomPolicies = !isAnyItemInstalled(c, Arrays.asList(((Bundle) o)));
    }
    if (o instanceof Item) {
      if (workspaceItemService.findByItem(c, (Item) o) != null
          || workflowItemService.findByItem(c, (Item) o) != null) {
        ignoreCustomPolicies = true;
      }
    }

    for (ResourcePolicy rp : getPoliciesActionFilter(c, o, action)) {

      if (ignoreCustomPolicies && ResourcePolicy.TYPE_CUSTOM.equals(rp.getRpType())) {
        continue;
      }

      // check policies for date validity
      if (resourcePolicyService.isDateValid(rp)) {
        if (rp.getEPerson() != null && rp.getEPerson().equals(userToCheck)) {
          return true; // match
        }

        if ((rp.getGroup() != null) && (groupService.isMember(c, rp.getGroup()))) {
          // group was set, and eperson is a member
          // of that group
          return true;
        }
      }
    }

    // default authorization is denial
    return false;
  }
Esempio n. 11
0
 @Override
 public void removeEPersonPolicies(Context c, DSpaceObject o, EPerson e)
     throws SQLException, AuthorizeException {
   resourcePolicyService.removeDsoEPersonPolicies(c, o, e);
 }
Esempio n. 12
0
 @Override
 public void removeGroupPolicies(Context c, DSpaceObject o, Group g)
     throws SQLException, AuthorizeException {
   resourcePolicyService.removeDsoGroupPolicies(c, o, g);
 }
Esempio n. 13
0
 @Override
 public void removeGroupPolicies(Context c, Group group) throws SQLException {
   resourcePolicyService.removeGroupPolicies(c, group);
 }
Esempio n. 14
0
 @Override
 public void removePoliciesActionFilter(Context context, DSpaceObject dso, int actionID)
     throws SQLException, AuthorizeException {
   resourcePolicyService.removePolicies(context, dso, actionID);
 }
Esempio n. 15
0
 @Override
 public void removeAllPoliciesByDSOAndType(Context c, DSpaceObject o, String type)
     throws SQLException, AuthorizeException {
   resourcePolicyService.removePolicies(c, o, type);
 }
Esempio n. 16
0
 @Override
 public void removeAllPolicies(Context c, DSpaceObject o) throws SQLException, AuthorizeException {
   resourcePolicyService.removeAllPolicies(c, o);
 }
Esempio n. 17
0
 @Override
 public List<ResourcePolicy> getPoliciesActionFilter(Context c, DSpaceObject o, int actionID)
     throws SQLException {
   return resourcePolicyService.find(c, o, actionID);
 }
Esempio n. 18
0
 @Override
 public List<ResourcePolicy> getPoliciesForGroup(Context c, Group g) throws SQLException {
   return resourcePolicyService.find(c, g);
 }
Esempio n. 19
0
 @Override
 public List<ResourcePolicy> findPoliciesByDSOAndType(Context c, DSpaceObject o, String type)
     throws SQLException {
   return resourcePolicyService.find(c, o, type);
 }
Esempio n. 20
0
 @Override
 public List<ResourcePolicy> getPolicies(Context c, DSpaceObject o) throws SQLException {
   return resourcePolicyService.find(c, o);
 }