예제 #1
0
 @Override
 public Group getWorkflowRoleGroup(
     Context context, Collection collection, String roleName, Group roleGroup)
     throws SQLException, IOException, WorkflowException, AuthorizeException {
   try {
     Role role = WorkflowUtils.getCollectionAndRepositoryRoles(collection).get(roleName);
     if (role.getScope() == Role.Scope.COLLECTION || role.getScope() == Role.Scope.REPOSITORY) {
       roleGroup = WorkflowUtils.getRoleGroup(context, collection, role);
       if (roleGroup == null) {
         authorizeService.authorizeAction(context, collection, Constants.WRITE);
         roleGroup = groupService.create(context);
         if (role.getScope() == Role.Scope.COLLECTION) {
           groupService.setName(
               roleGroup,
               "COLLECTION_" + collection.getID().toString() + "_WORKFLOW_ROLE_" + roleName);
         } else {
           groupService.setName(roleGroup, role.getName());
         }
         groupService.update(context, roleGroup);
         authorizeService.addPolicy(context, collection, Constants.ADD, roleGroup);
         if (role.getScope() == Role.Scope.COLLECTION) {
           WorkflowUtils.createCollectionWorkflowRole(context, collection, roleName, roleGroup);
         }
       }
     }
     return roleGroup;
   } catch (WorkflowConfigurationException e) {
     throw new WorkflowException(e);
   }
 }
예제 #2
0
 protected void addGroupPolicyToItem(Context context, Item item, int type, Group group)
     throws AuthorizeException, SQLException {
   if (group != null) {
     authorizeService.addPolicy(context, item, type, group);
     List<Bundle> bundles = item.getBundles();
     for (Bundle bundle : bundles) {
       authorizeService.addPolicy(context, bundle, type, group);
       List<Bitstream> bits = bundle.getBitstreams();
       for (Bitstream bit : bits) {
         authorizeService.addPolicy(context, bit, type, group);
       }
     }
   }
 }
예제 #3
0
  @Override
  public void addCollection(Context context, Community community, Collection collection)
      throws SQLException, AuthorizeException {
    // Check authorisation
    authorizeService.authorizeAction(context, community, Constants.ADD);

    log.info(
        LogManager.getHeader(
            context,
            "add_collection",
            "community_id=" + community.getID() + ",collection_id=" + collection.getID()));

    if (!community.getCollections().contains(collection)) {
      community.addCollection(collection);
      collection.addCommunity(community);
    }
    context.addEvent(
        new Event(
            Event.ADD,
            Constants.COMMUNITY,
            community.getID(),
            Constants.COLLECTION,
            collection.getID(),
            community.getHandle(),
            getIdentifiers(context, community)));
  }
예제 #4
0
  @Override
  public WorkspaceItem abort(Context c, XmlWorkflowItem wi, EPerson e)
      throws AuthorizeException, SQLException, IOException {
    if (!authorizeService.isAdmin(c)) {
      throw new AuthorizeException("You must be an admin to abort a workflow");
    }

    c.turnOffAuthorisationSystem();
    // Restore permissions for the submitter
    // convert into personal workspace
    WorkspaceItem wsi = returnToWorkspace(c, wi);

    log.info(
        LogManager.getHeader(
            c,
            "abort_workflow",
            "workflow_item_id="
                + wi.getID()
                + "item_id="
                + wsi.getItem().getID()
                + "collection_id="
                + wi.getCollection().getID()
                + "eperson_id="
                + e.getID()));

    c.restoreAuthSystemState();
    return wsi;
  }
예제 #5
0
 protected void removeGroupItemPolicies(Context context, Item item, Group e)
     throws SQLException, AuthorizeException {
   if (e != null) {
     // Also remove any lingering authorizations from this user
     authorizeService.removeGroupPolicies(context, item, e);
     // Remove the bundle rights
     List<Bundle> bundles = item.getBundles();
     for (Bundle bundle : bundles) {
       authorizeService.removeGroupPolicies(context, bundle, e);
       List<Bitstream> bitstreams = bundle.getBitstreams();
       for (Bitstream bitstream : bitstreams) {
         authorizeService.removeGroupPolicies(context, bitstream, e);
       }
     }
   }
 }
예제 #6
0
 protected void grantGroupAllItemPolicies(Context context, Item item, Group group)
     throws AuthorizeException, SQLException {
   if (group != null) {
     // A list of policies the user has for this item
     List<Integer> groupHasPolicies = new ArrayList<Integer>();
     List<ResourcePolicy> itempols = authorizeService.getPolicies(context, item);
     for (ResourcePolicy resourcePolicy : itempols) {
       if (group.equals(resourcePolicy.getGroup())) {
         // The user has already got this policy so it it to the list
         groupHasPolicies.add(resourcePolicy.getAction());
       }
     }
     // Make sure we don't add duplicate policies
     if (!groupHasPolicies.contains(Constants.READ))
       addGroupPolicyToItem(context, item, Constants.READ, group);
     if (!groupHasPolicies.contains(Constants.WRITE))
       addGroupPolicyToItem(context, item, Constants.WRITE, group);
     if (!groupHasPolicies.contains(Constants.DELETE))
       addGroupPolicyToItem(context, item, Constants.DELETE, group);
     if (!groupHasPolicies.contains(Constants.ADD))
       addGroupPolicyToItem(context, item, Constants.ADD, group);
     if (!groupHasPolicies.contains(Constants.REMOVE))
       addGroupPolicyToItem(context, item, Constants.REMOVE, group);
   }
 }
예제 #7
0
  @Override
  public void addSubcommunity(Context context, Community parentCommunity, Community childCommunity)
      throws SQLException, AuthorizeException {
    // Check authorisation
    authorizeService.authorizeAction(context, parentCommunity, Constants.ADD);

    log.info(
        LogManager.getHeader(
            context,
            "add_subcommunity",
            "parent_comm_id="
                + parentCommunity.getID()
                + ",child_comm_id="
                + childCommunity.getID()));

    if (!parentCommunity.getSubcommunities().contains(childCommunity)) {
      parentCommunity.addSubCommunity(childCommunity);
      childCommunity.addParentCommunity(parentCommunity);
    }
    context.addEvent(
        new Event(
            Event.ADD,
            Constants.COMMUNITY,
            parentCommunity.getID(),
            Constants.COMMUNITY,
            childCommunity.getID(),
            parentCommunity.getHandle(),
            getIdentifiers(context, parentCommunity)));
  }
예제 #8
0
  @Override
  public void removeCollection(Context context, Community community, Collection collection)
      throws SQLException, AuthorizeException, IOException {
    // Check authorisation
    authorizeService.authorizeAction(context, community, Constants.REMOVE);

    community.removeCollection(collection);
    ArrayList<String> removedIdentifiers = collectionService.getIdentifiers(context, collection);
    String removedHandle = collection.getHandle();
    UUID removedId = collection.getID();

    collection.removeCommunity(community);
    if (CollectionUtils.isEmpty(collection.getCommunities())) {
      collectionService.delete(context, collection);
    }

    log.info(
        LogManager.getHeader(
            context,
            "remove_collection",
            "community_id=" + community.getID() + ",collection_id=" + collection.getID()));

    // Remove any mappings
    context.addEvent(
        new Event(
            Event.REMOVE,
            Constants.COMMUNITY,
            community.getID(),
            Constants.COLLECTION,
            removedId,
            removedHandle,
            removedIdentifiers));
  }
예제 #9
0
  @Override
  public void removeSubcommunity(
      Context context, Community parentCommunity, Community childCommunity)
      throws SQLException, AuthorizeException, IOException {
    // Check authorisation
    authorizeService.authorizeAction(context, parentCommunity, Constants.REMOVE);

    ArrayList<String> removedIdentifiers = getIdentifiers(context, childCommunity);
    String removedHandle = childCommunity.getHandle();
    UUID removedId = childCommunity.getID();

    parentCommunity.removeSubCommunity(childCommunity);
    childCommunity.getParentCommunities().remove(parentCommunity);
    if (CollectionUtils.isEmpty(childCommunity.getParentCommunities())) {
      rawDelete(context, childCommunity);
    }
    log.info(
        LogManager.getHeader(
            context,
            "remove_subcommunity",
            "parent_comm_id="
                + parentCommunity.getID()
                + ",child_comm_id="
                + childCommunity.getID()));

    context.addEvent(
        new Event(
            Event.REMOVE,
            Constants.COMMUNITY,
            parentCommunity.getID(),
            Constants.COMMUNITY,
            removedId,
            removedHandle,
            removedIdentifiers));
  }
  @Override
  public WorkspaceItem abort(Context context, BasicWorkflowItem workflowItem, EPerson e)
      throws SQLException, AuthorizeException, IOException {
    // authorize a DSpaceActions.ABORT
    if (!authorizeService.isAdmin(context)) {
      throw new AuthorizeException("You must be an admin to abort a workflow");
    }

    // stop workflow regardless of its state
    taskListItemService.deleteByWorkflowItem(context, workflowItem);

    log.info(
        LogManager.getHeader(
            context,
            "abort_workflow",
            "workflow_item_id="
                + workflowItem.getID()
                + "item_id="
                + workflowItem.getItem().getID()
                + "collection_id="
                + workflowItem.getCollection().getID()
                + "eperson_id="
                + e.getID()));

    // convert into personal workspace
    return returnToWorkspace(context, workflowItem);
  }
  @Override
  public boolean isHidden(Context context, String schema, String element, String qualifier)
      throws SQLException {
    // the administrator's override
    if (context != null && authorizeService.isAdmin(context)) {
      return false;
    }

    // for schema.element, just check schema->elementSet
    if (!isInitialized()) {
      init();
    }

    if (qualifier == null) {
      Set<String> elts = hiddenElementSets.get(schema);
      return elts == null ? false : elts.contains(element);
    }

    // for schema.element.qualifier, just schema->eltMap->qualSet
    else {
      Map<String, Set<String>> elts = hiddenElementMaps.get(schema);
      if (elts == null) {
        return false;
      }
      Set<String> quals = elts.get(element);
      return quals == null ? false : quals.contains(qualifier);
    }
  }
예제 #12
0
  @Override
  public void delete(Context context, Community community)
      throws SQLException, AuthorizeException, IOException {
    // Check authorisation
    // FIXME: If this was a subcommunity, it is first removed from it's
    // parent.
    // This means the parentCommunity == null
    // But since this is also the case for top-level communities, we would
    // give everyone rights to remove the top-level communities.
    // The same problem occurs in removing the logo
    if (!authorizeService.authorizeActionBoolean(
        context, getParentObject(context, community), Constants.REMOVE)) {
      authorizeService.authorizeAction(context, community, Constants.DELETE);
    }
    ArrayList<String> removedIdentifiers = getIdentifiers(context, community);
    String removedHandle = community.getHandle();
    UUID removedId = community.getID();

    // If not a top-level community, have parent remove me; this
    // will call rawDelete() before removing the linkage
    Community parent = (Community) getParentObject(context, community);

    if (parent != null) {
      // remove the subcommunities first
      Iterator<Community> subcommunities = community.getSubcommunities().iterator();
      while (subcommunities.hasNext()) {
        Community subCommunity = subcommunities.next();
        subcommunities.remove();
        delete(context, subCommunity);
      }
      // now let the parent remove the community
      removeSubcommunity(context, parent, community);

      return;
    }

    rawDelete(context, community);
    context.addEvent(
        new Event(
            Event.REMOVE,
            Constants.SITE,
            siteService.findSite(context).getID(),
            Constants.COMMUNITY,
            removedId,
            removedHandle,
            removedIdentifiers));
  }
예제 #13
0
  @Override
  public void canEdit(Context context, Community community)
      throws AuthorizeException, SQLException {
    List<Community> parents = getAllParents(context, community);

    for (Community parent : parents) {
      if (authorizeService.authorizeActionBoolean(context, parent, Constants.WRITE)) {
        return;
      }

      if (authorizeService.authorizeActionBoolean(context, parent, Constants.ADD)) {
        return;
      }
    }

    authorizeService.authorizeAction(context, community, Constants.WRITE);
  }
예제 #14
0
 protected void removeUserItemPolicies(Context context, Item item, EPerson e)
     throws SQLException, AuthorizeException {
   if (e != null) {
     // Also remove any lingering authorizations from this user
     authorizeService.removeEPersonPolicies(context, item, e);
     // Remove the bundle rights
     List<Bundle> bundles = item.getBundles();
     for (Bundle bundle : bundles) {
       authorizeService.removeEPersonPolicies(context, bundle, e);
       List<Bitstream> bitstreams = bundle.getBitstreams();
       for (Bitstream bitstream : bitstreams) {
         authorizeService.removeEPersonPolicies(context, bitstream, e);
       }
     }
     // Ensure that the submitter always retains his resource policies
     if (e.getID().equals(item.getSubmitter().getID())) {
       grantSubmitterReadPolicies(context, item);
     }
   }
 }
예제 #15
0
  @Override
  public Community createSubcommunity(Context context, Community parentCommunity, String handle)
      throws SQLException, AuthorizeException {
    // Check authorisation
    authorizeService.authorizeAction(context, parentCommunity, Constants.ADD);

    Community c = create(parentCommunity, context, handle);
    addSubcommunity(context, parentCommunity, c);

    return c;
  }
예제 #16
0
  /**
   * Internal method to remove the community and all its children from the database, and perform any
   * pre/post-cleanup
   *
   * @throws SQLException
   * @throws AuthorizeException
   * @throws IOException
   */
  protected void rawDelete(Context context, Community community)
      throws SQLException, AuthorizeException, IOException {
    log.info(
        LogManager.getHeader(context, "delete_community", "community_id=" + community.getID()));

    context.addEvent(
        new Event(
            Event.DELETE,
            Constants.COMMUNITY,
            community.getID(),
            community.getHandle(),
            getIdentifiers(context, community)));

    // Remove collections
    Iterator<Collection> collections = community.getCollections().iterator();

    while (collections.hasNext()) {
      Collection collection = collections.next();
      collections.remove();
      removeCollection(context, community, collection);
    }
    // delete subcommunities
    Iterator<Community> subCommunities = community.getSubcommunities().iterator();

    while (subCommunities.hasNext()) {
      Community subComm = subCommunities.next();
      subCommunities.remove();
      delete(context, subComm);
    }

    // Remove the logo
    setLogo(context, community, null);

    // Remove all authorization policies
    authorizeService.removeAllPolicies(context, community);

    // Remove any Handle
    handleService.unbindHandle(context, community);

    deleteMetadata(context, community);

    Group g = community.getAdministrators();

    // Delete community row
    communityDAO.delete(context, community);

    // Remove administrators group - must happen after deleting community

    if (g != null) {
      groupService.delete(context, g);
    }
  }
예제 #17
0
  @Override
  public Bitstream setLogo(Context context, Community community, InputStream is)
      throws AuthorizeException, IOException, SQLException {
    // Check authorisation
    // authorized to remove the logo when DELETE rights
    // authorized when canEdit
    if (!((is == null)
        && authorizeService.authorizeActionBoolean(context, community, Constants.DELETE))) {
      canEdit(context, community);
    }

    // First, delete any existing logo
    Bitstream oldLogo = community.getLogo();
    if (oldLogo != null) {
      log.info(LogManager.getHeader(context, "remove_logo", "community_id=" + community.getID()));
      community.setLogo(null);
      bitstreamService.delete(context, oldLogo);
    }

    if (is != null) {
      Bitstream newLogo = bitstreamService.create(context, is);
      community.setLogo(newLogo);

      // now create policy for logo bitstream
      // to match our READ policy
      List<ResourcePolicy> policies =
          authorizeService.getPoliciesActionFilter(context, community, Constants.READ);
      authorizeService.addPolicies(context, policies, newLogo);

      log.info(
          LogManager.getHeader(
              context,
              "set_logo",
              "community_id=" + community.getID() + "logo_bitstream_id=" + newLogo.getID()));
    }

    return community.getLogo();
  }
예제 #18
0
  @Override
  public void delete(Context context, MetadataField metadataField)
      throws SQLException, AuthorizeException {
    // Check authorisation: Only admins may create DC types
    if (!authorizeService.isAdmin(context)) {
      throw new AuthorizeException("Only administrators may modify the metadata registry");
    }

    log.info(
        LogManager.getHeader(
            context, "delete_metadata_field", "metadata_field_id=" + metadataField.getFieldID()));

    metadataValueService.deleteByMetadataField(context, metadataField);
    metadataFieldDAO.delete(context, metadataField);
  }
예제 #19
0
  public void addListPolicies(List parent, DSpaceObject dso, Collection owningCollection)
      throws WingException, SQLException {
    if (!isAdvancedFormEnabled) {
      return;
    }
    parent.addLabel(T_head_policies_table);

    java.util.List<ResourcePolicy> resourcePolicies =
        authorizeService.findPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);
    if (resourcePolicies.isEmpty()) {
      parent.addItem(T_no_policies);
      return;
    }

    for (ResourcePolicy rp : resourcePolicies) {
      int id = rp.getID();

      String name = "";
      if (rp.getRpName() != null) name = rp.getRpName();

      String action = resourcePolicyService.getActionText(rp);

      // if it is the default policy for the Submitter don't show it.
      if (dso instanceof org.dspace.content.Item) {
        org.dspace.content.Item item = (org.dspace.content.Item) dso;
        if (rp.getEPerson() != null) {
          if (item.getSubmitter().equals(rp.getEPerson())) continue;
        }
      }

      String group = "";
      if (rp.getGroup() != null) group = rp.getGroup().getName();

      // start
      String startDate = "";
      if (rp.getStartDate() != null) {
        startDate = DateFormatUtils.format(rp.getStartDate(), "yyyy-MM-dd");
      }

      // endDate
      String endDate = "";
      if (rp.getEndDate() != null) {
        endDate = DateFormatUtils.format(rp.getEndDate(), "yyyy-MM-dd");
      }

      parent.addItem(T_policy.parameterize(name, action, group, startDate, endDate));
    }
  }
예제 #20
0
 protected void grantSubmitterReadPolicies(Context context, Item item)
     throws SQLException, AuthorizeException {
   // A list of policies the user has for this item
   List<Integer> userHasPolicies = new ArrayList<Integer>();
   List<ResourcePolicy> itempols = authorizeService.getPolicies(context, item);
   EPerson submitter = item.getSubmitter();
   for (ResourcePolicy resourcePolicy : itempols) {
     if (submitter.equals(resourcePolicy.getEPerson())) {
       // The user has already got this policy so add it to the list
       userHasPolicies.add(resourcePolicy.getAction());
     }
   }
   // Make sure we don't add duplicate policies
   if (!userHasPolicies.contains(Constants.READ))
     addPolicyToItem(context, item, Constants.READ, submitter);
 }
예제 #21
0
  public void addEmbargoDateSimpleForm(DSpaceObject dso, List form, int errorFlag)
      throws SQLException, WingException {

    String date = null;

    if (dso != null) {
      java.util.List<ResourcePolicy> policies =
          authorizeService.findPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);
      if (policies.size() > 0) {
        ResourcePolicy rp = policies.get(0);
        if (rp.getStartDate() != null) {
          date = DateFormatUtils.format(rp.getStartDate(), "yyyy-MM-dd");
        }
        globalReason = rp.getRpDescription();
      }
    }
    //        CheckBox privateCheckbox = form.addItem().addCheckBox("emabrgo_option");
    //        privateCheckbox.setLabel(T_item_embargoed);
    //        if(date!=null){
    //            privateCheckbox.addOption(true, CB_EMBARGOED, "");
    //        }
    //        else{
    //            privateCheckbox.addOption(false, CB_EMBARGOED, "");
    //        }

    // Date
    Text startDate = form.addItem().addText("embargo_until_date");
    startDate.setLabel(T_item_embargoed);
    if (errorFlag == org.dspace.submit.step.AccessStep.STATUS_ERROR_FORMAT_DATE) {
      startDate.addError(T_error_date_format);
    } else if (errorFlag == org.dspace.submit.step.AccessStep.STATUS_ERROR_MISSING_DATE) {
      startDate.addError(T_error_missing_date);
    }

    if (date != null) {
      startDate.setValue(date);
    }
    startDate.setHelp(T_label_date_help);
  }
예제 #22
0
  @Override
  public MetadataField create(
      Context context,
      MetadataSchema metadataSchema,
      String element,
      String qualifier,
      String scopeNote)
      throws AuthorizeException, SQLException, NonUniqueMetadataException {
    // Check authorisation: Only admins may create DC types
    if (!authorizeService.isAdmin(context)) {
      throw new AuthorizeException("Only administrators may modify the metadata registry");
    }

    // Ensure the element and qualifier are unique within a given schema.
    if (hasElement(context, -1, metadataSchema, element, qualifier)) {
      throw new NonUniqueMetadataException(
          "Please make "
              + element
              + "."
              + qualifier
              + " unique within schema #"
              + metadataSchema.getSchemaID());
    }

    // Create a table row and update it with the values
    MetadataField metadataField = new MetadataField();
    metadataField.setElement(element);
    metadataField.setQualifier(qualifier);
    metadataField.setScopeNote(scopeNote);
    metadataField.setMetadataSchema(metadataSchema);
    metadataField = metadataFieldDAO.create(context, metadataField);
    metadataFieldDAO.save(context, metadataField);

    log.info(
        LogManager.getHeader(
            context, "create_metadata_field", "metadata_field_id=" + metadataField.getFieldID()));
    return metadataField;
  }
예제 #23
0
  @Override
  public Group createAdministrators(Context context, Community community)
      throws SQLException, AuthorizeException {
    // Check authorisation - Must be an Admin to create more Admins
    AuthorizeUtil.authorizeManageAdminGroup(context, community);

    Group admins = community.getAdministrators();
    if (admins == null) {
      // turn off authorization so that Community Admins can create Sub-Community Admins
      context.turnOffAuthorisationSystem();
      admins = groupService.create(context);
      context.restoreAuthSystemState();

      admins.setName(context, "COMMUNITY_" + community.getID() + "_ADMIN");
      groupService.update(context, admins);
    }

    authorizeService.addPolicy(context, community, Constants.ADMIN, admins);

    // register this as the admin group
    community.setAdmins(admins);
    return admins;
  }
예제 #24
0
  @Override
  public void update(Context context, MetadataField metadataField)
      throws SQLException, AuthorizeException, NonUniqueMetadataException, IOException {
    // Check authorisation: Only admins may update the metadata registry
    if (!authorizeService.isAdmin(context)) {
      throw new AuthorizeException("Only administrators may modiffy the Dublin Core registry");
    }

    // Ensure the element and qualifier are unique within a given schema.
    if (hasElement(
        context,
        metadataField.getFieldID(),
        metadataField.getMetadataSchema(),
        metadataField.getElement(),
        metadataField.getQualifier())) {
      throw new NonUniqueMetadataException(
          "Please make "
              + metadataField.getMetadataSchema().getName()
              + "."
              + metadataField.getElement()
              + "."
              + metadataField.getQualifier());
    }

    metadataFieldDAO.save(context, metadataField);

    log.info(
        LogManager.getHeader(
            context,
            "update_metadatafieldregistry",
            "metadata_field_id="
                + metadataField.getFieldID()
                + "element="
                + metadataField.getElement()
                + "qualifier="
                + metadataField.getQualifier()));
  }
예제 #25
0
  public void addTablePolicies(Division parent, DSpaceObject dso, Collection owningCollection)
      throws WingException, SQLException {
    if (!isAdvancedFormEnabled) {
      return;
    }
    Division div = parent.addDivision("access-existing-policies");
    div.setHead(T_head_policies_table);
    div.addPara(T_policies_help.parameterize(owningCollection));

    java.util.List<ResourcePolicy> resourcePolicies =
        authorizeService.findPoliciesByDSOAndType(context, dso, ResourcePolicy.TYPE_CUSTOM);

    if (resourcePolicies.isEmpty()) {
      div.addPara(T_no_policies);
      return;
    }

    int cols = resourcePolicies.size();
    if (cols == 0) cols = 1;
    Table policies = div.addTable("policies", 6, cols);
    Row header = policies.addRow(Row.ROLE_HEADER);

    header.addCellContent(T_column0); // name
    header.addCellContent(T_column1); // action
    header.addCellContent(T_column2); // group
    header.addCellContent(T_column3); // start_date
    header.addCellContent(T_column4); // end_date

    for (ResourcePolicy rp : resourcePolicies) {
      int id = rp.getID();

      String name = "";
      if (rp.getRpName() != null) name = rp.getRpName();

      String action = resourcePolicyService.getActionText(rp);

      // if it is the default policy for the Submitter don't show it.
      if (dso instanceof org.dspace.content.Item) {
        org.dspace.content.Item item = (org.dspace.content.Item) dso;
        if (rp.getEPerson() != null) {
          if (item.getSubmitter().equals(rp.getEPerson())) continue;
        }
      }

      String group = "";
      if (rp.getGroup() != null) group = rp.getGroup().getName();

      Row row = policies.addRow();

      row.addCellContent(name);
      row.addCellContent(action);
      row.addCellContent(group);

      // start
      String startDate = "";
      if (rp.getStartDate() != null) {
        startDate = DateFormatUtils.format(rp.getStartDate(), "yyyy-MM-dd");
      }
      row.addCellContent(startDate);

      // endDate
      String endDate = "";
      if (rp.getEndDate() != null) {
        endDate = DateFormatUtils.format(rp.getEndDate(), "yyyy-MM-dd");
      }
      row.addCellContent(endDate);

      Button edit = row.addCell().addButton("submit_edit_edit_policies_" + id);
      edit.setValue(T_table_submit_edit);

      Button delete = row.addCell().addButton("submit_delete_edit_policies_" + id);
      delete.setValue(T_table_submit_delete);
    }
  }
  @Override
  public void addInitialWorkspaceItemPolicies(Context context, WorkspaceItem workspaceItem)
      throws SQLException, AuthorizeException {
    // Now create the policies for the submitter and workflow
    // users to modify item and contents
    // contents = bitstreams, bundles
    // FIXME: icky hardcoded workflow steps
    Collection collection = workspaceItem.getCollection();
    Group step1group = collectionService.getWorkflowGroup(collection, 1);
    Group step2group = collectionService.getWorkflowGroup(collection, 2);
    Group step3group = collectionService.getWorkflowGroup(collection, 3);

    Item item = workspaceItem.getItem();

    if (step1group != null) {
      authorizeService.addPolicy(
          context, item, Constants.READ, step1group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step2group != null) {
      authorizeService.addPolicy(
          context, item, Constants.READ, step2group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step3group != null) {
      authorizeService.addPolicy(
          context, item, Constants.READ, step3group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step1group != null) {
      authorizeService.addPolicy(
          context, item, Constants.WRITE, step1group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step2group != null) {
      authorizeService.addPolicy(
          context, item, Constants.WRITE, step2group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step3group != null) {
      authorizeService.addPolicy(
          context, item, Constants.WRITE, step3group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step1group != null) {
      authorizeService.addPolicy(
          context, item, Constants.ADD, step1group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step2group != null) {
      authorizeService.addPolicy(
          context, item, Constants.ADD, step2group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step3group != null) {
      authorizeService.addPolicy(
          context, item, Constants.ADD, step3group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step1group != null) {
      authorizeService.addPolicy(
          context, item, Constants.REMOVE, step1group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step2group != null) {
      authorizeService.addPolicy(
          context, item, Constants.REMOVE, step2group, ResourcePolicy.TYPE_WORKFLOW);
    }

    if (step3group != null) {
      authorizeService.addPolicy(
          context, item, Constants.REMOVE, step3group, ResourcePolicy.TYPE_WORKFLOW);
    }
  }
예제 #27
0
  @Override
  public Community create(Community parent, Context context, String handle)
      throws SQLException, AuthorizeException {
    if (!(authorizeService.isAdmin(context)
        || (parent != null
            && authorizeService.authorizeActionBoolean(context, parent, Constants.ADD)))) {
      throw new AuthorizeException("Only administrators can create communities");
    }

    Community newCommunity = communityDAO.create(context, new Community());

    try {
      if (handle == null) {
        handleService.createHandle(context, newCommunity);
      } else {
        handleService.createHandle(context, newCommunity, handle);
      }
    } catch (IllegalStateException ie) {
      // If an IllegalStateException is thrown, then an existing object is already using this handle
      throw ie;
    }

    if (parent != null) {
      parent.addSubCommunity(newCommunity);
      newCommunity.addParentCommunity(parent);
    }

    // create the default authorization policy for communities
    // of 'anonymous' READ
    Group anonymousGroup = groupService.findByName(context, Group.ANONYMOUS);

    authorizeService.createResourcePolicy(
        context, newCommunity, anonymousGroup, null, Constants.READ, null);

    communityDAO.save(context, newCommunity);

    context.addEvent(
        new Event(
            Event.CREATE,
            Constants.COMMUNITY,
            newCommunity.getID(),
            newCommunity.getHandle(),
            getIdentifiers(context, newCommunity)));

    // if creating a top-level Community, simulate an ADD event at the Site.
    if (parent == null) {
      context.addEvent(
          new Event(
              Event.ADD,
              Constants.SITE,
              siteService.findSite(context).getID(),
              Constants.COMMUNITY,
              newCommunity.getID(),
              newCommunity.getHandle(),
              getIdentifiers(context, newCommunity)));
    }

    log.info(
        LogManager.getHeader(context, "create_community", "community_id=" + newCommunity.getID())
            + ",handle="
            + newCommunity.getHandle());

    return newCommunity;
  }
예제 #28
0
  public void addBody(Body body) throws SAXException, WingException, SQLException {
    // Get our parameters and state;
    UUID collectionID = UUID.fromString(parameters.getParameter("collectionID", null));
    Collection collection = collectionService.find(context, collectionID);

    List<Item> items = getMappedItems(collection);

    // DIVISION: browse-items
    Division div =
        body.addInteractiveDivision(
            "browse-items",
            contextPath + "/admin/mapper",
            Division.METHOD_GET,
            "primary administrative mapper");
    div.setHead(T_head1);

    if (authorizeService.authorizeActionBoolean(context, collection, Constants.REMOVE)) {
      Para actions = div.addPara();
      actions.addButton("submit_unmap").setValue(T_submit_unmap);
      actions.addButton("submit_return").setValue(T_submit_return);
    } else {
      Para actions = div.addPara();
      Button button = actions.addButton("submit_unmap");
      button.setValue(T_submit_unmap);
      button.setDisabled();
      actions.addButton("submit_return").setValue(T_submit_return);

      div.addPara().addHighlight("fade").addContent(T_no_remove);
    }

    Table table = div.addTable("browse-items-table", 1, 1);

    Row header = table.addRow(Row.ROLE_HEADER);
    header.addCellContent(T_column1);
    header.addCellContent(T_column2);
    header.addCellContent(T_column3);
    header.addCellContent(T_column4);

    for (Item item : items) {
      String itemID = String.valueOf(item.getID());
      Collection owningCollection = item.getOwningCollection();
      String owning = owningCollection.getName();
      String author = "unknown";
      List<MetadataValue> dcAuthors =
          itemService.getMetadata(
              item, MetadataSchema.DC_SCHEMA, "contributor", Item.ANY, Item.ANY);
      if (dcAuthors != null && dcAuthors.size() >= 1) {
        author = dcAuthors.get(0).getValue();
      }

      String title = "untitled";
      List<MetadataValue> dcTitles =
          itemService.getMetadata(item, MetadataSchema.DC_SCHEMA, "title", null, Item.ANY);
      if (dcTitles != null && dcTitles.size() >= 1) {
        title = dcTitles.get(0).getValue();
      }

      String url = contextPath + "/handle/" + item.getHandle();

      Row row = table.addRow();

      CheckBox select = row.addCell().addCheckBox("itemID");
      select.setLabel("Select");
      select.addOption(itemID);

      row.addCellContent(owning);
      row.addCell().addXref(url, author);
      row.addCell().addXref(url, title);
    }

    if (authorizeService.authorizeActionBoolean(context, collection, Constants.REMOVE)) {
      Para actions = div.addPara();
      actions.addButton("submit_unmap").setValue(T_submit_unmap);
      actions.addButton("submit_return").setValue(T_submit_return);
    } else {
      Para actions = div.addPara();
      Button button = actions.addButton("submit_unmap");
      button.setValue(T_submit_unmap);
      button.setDisabled();
      actions.addButton("submit_return").setValue(T_submit_return);

      div.addPara().addHighlight("fade").addContent(T_no_remove);
    }

    div.addHidden("administrative-continue").setValue(knot.getId());
  }