/**
* Change default privileges from the anonymous group to a new group that will be created and
* appropriate privileges assigned. The id of this new group will be returned.
*
* @param context The current DSpace context.
* @param collectionID The collection id.
* @return The group ID of the new group.
*/
public static int createCollectionDefaultReadGroup(Context context, int collectionID)
throws SQLException, AuthorizeException, UIException {
int roleID = getCollectionDefaultRead(context, collectionID);
if (roleID != 0) {
throw new UIException(
"Unable to create a new default read group because either the group already exists or multiple groups are assigned the default privileges.");
}
Collection collection = Collection.find(context, collectionID);
Group role = Group.create(context);
role.setName("COLLECTION_" + collection.getID() + "_DEFAULT_READ");
// Remove existing privileges from the anonymous group.
AuthorizeManager.removePoliciesActionFilter(context, collection, Constants.DEFAULT_ITEM_READ);
AuthorizeManager.removePoliciesActionFilter(
context, collection, Constants.DEFAULT_BITSTREAM_READ);
// Grant our new role the default privileges.
AuthorizeManager.addPolicy(context, collection, Constants.DEFAULT_ITEM_READ, role);
AuthorizeManager.addPolicy(context, collection, Constants.DEFAULT_BITSTREAM_READ, role);
// Commit the changes
role.update();
context.commit();
return role.getID();
}
private static Group getXMLWorkflowRole(
Context context, int collectionID, String roleName, Collection collection, Group roleGroup)
throws IOException, WorkflowConfigurationException, SQLException, AuthorizeException {
Role role = WorkflowUtils.getCollectionAndRepositoryRoles(collection).get(roleName);
if (role.getScope() == Role.Scope.COLLECTION || role.getScope() == Role.Scope.REPOSITORY) {
roleGroup = WorkflowUtils.getRoleGroup(context, collectionID, role);
if (roleGroup == null) {
AuthorizeManager.authorizeAction(context, collection, Constants.WRITE);
roleGroup = Group.create(context);
if (role.getScope() == Role.Scope.COLLECTION) {
roleGroup.setName("COLLECTION_" + collection.getID() + "_WORKFLOW_ROLE_" + roleName);
} else {
roleGroup.setName(role.getName());
}
roleGroup.update();
AuthorizeManager.addPolicy(context, collection, Constants.ADD, roleGroup);
if (role.getScope() == Role.Scope.COLLECTION) {
WorkflowUtils.createCollectionWorkflowRole(context, collectionID, roleName, roleGroup);
}
}
}
return roleGroup;
}
@Override
public Group createAdministrators(Context context, Community community)
throws SQLException, AuthorizeException {
// Check authorisation - Must be an Admin to create more Admins
AuthorizeUtil.authorizeManageAdminGroup(context, community);
Group admins = community.getAdministrators();
if (admins == null) {
// turn off authorization so that Community Admins can create Sub-Community Admins
context.turnOffAuthorisationSystem();
admins = groupService.create(context);
context.restoreAuthSystemState();
admins.setName(context, "COMMUNITY_" + community.getID() + "_ADMIN");
groupService.update(context, admins);
}
authorizeService.addPolicy(context, community, Constants.ADMIN, admins);
// register this as the admin group
community.setAdmins(admins);
return admins;
}
@RequestMapping(method = RequestMethod.POST)
protected String processPost(
@RequestAttribute Context context,
ModelMap model,
HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException, SQLException, AuthorizeException {
Group group = null;
group = checkGroup(context, request);
if (group != null) {
// is this user authorized to edit this group?
AuthorizeManager.authorizeAction(context, group, Constants.ADD);
boolean submit_edit = (request.getParameter("submit_edit") != null);
boolean submit_group_update = (request.getParameter("submit_group_update") != null);
boolean submit_group_delete = (request.getParameter("submit_group_delete") != null);
boolean submit_confirm_delete = (request.getParameter("submit_confirm_delete") != null);
boolean submit_cancel_delete = (request.getParameter("submit_cancel_delete") != null);
// just chosen a group to edit - get group and pass it to
// group-edit.jsp
if (submit_edit && !submit_group_update && !submit_group_delete) {
model.addAttribute("group", group);
model.addAttribute("members", group.getMembers());
model.addAttribute("membergroups", group.getMemberGroups());
String utilsGrpName = Utils.addEntities(group.getName());
model.addAttribute("utilsGrpName", utilsGrpName);
return "pages/admin/group-edit";
} // update the members of the group
else if (submit_group_update) {
// first off, did we change the group name?
String newName = request.getParameter("group_name");
if (!newName.equals(group.getName())) {
group.setName(newName);
group.update();
}
int[] eperson_ids = Util.getIntParameters(request, "eperson_id");
int[] group_ids = Util.getIntParameters(request, "group_ids");
// now get members, and add new ones and remove missing ones
EPerson[] members = group.getMembers();
Group[] membergroups = group.getMemberGroups();
if (eperson_ids != null) {
// some epeople were listed, now make group's epeople match
// given epeople
Set memberSet = new HashSet();
Set epersonIDSet = new HashSet();
// add all members to a set
for (int x = 0; x < members.length; x++) {
Integer epersonID = Integer.valueOf(members[x].getID());
memberSet.add(epersonID);
}
// now all eperson_ids are put in a set
for (int x = 0; x < eperson_ids.length; x++) {
epersonIDSet.add(Integer.valueOf(eperson_ids[x]));
}
// process eperson_ids, adding those to group not already
// members
Iterator i = epersonIDSet.iterator();
while (i.hasNext()) {
Integer currentID = (Integer) i.next();
if (!memberSet.contains(currentID)) {
group.addMember(EPerson.find(context, currentID.intValue()));
}
}
// process members, removing any that aren't in eperson_ids
for (int x = 0; x < members.length; x++) {
EPerson e = members[x];
if (!epersonIDSet.contains(Integer.valueOf(e.getID()))) {
group.removeMember(e);
}
}
} else {
// no members found (ids == null), remove them all!
for (int y = 0; y < members.length; y++) {
group.removeMember(members[y]);
}
}
if (group_ids != null) {
// some groups were listed, now make group's member groups
// match given group IDs
Set memberSet = new HashSet();
Set groupIDSet = new HashSet();
// add all members to a set
for (int x = 0; x < membergroups.length; x++) {
Integer myID = Integer.valueOf(membergroups[x].getID());
memberSet.add(myID);
}
// now all eperson_ids are put in a set
for (int x = 0; x < group_ids.length; x++) {
groupIDSet.add(Integer.valueOf(group_ids[x]));
}
// process group_ids, adding those to group not already
// members
Iterator i = groupIDSet.iterator();
while (i.hasNext()) {
Integer currentID = (Integer) i.next();
if (!memberSet.contains(currentID)) {
group.addMember(Group.find(context, currentID.intValue()));
}
}
// process members, removing any that aren't in eperson_ids
for (int x = 0; x < membergroups.length; x++) {
Group g = membergroups[x];
if (!groupIDSet.contains(Integer.valueOf(g.getID()))) {
group.removeMember(g);
}
}
} else {
// no members found (ids == null), remove them all!
for (int y = 0; y < membergroups.length; y++) {
group.removeMember(membergroups[y]);
}
}
group.update();
model.addAttribute("group", group);
model.addAttribute("members", group.getMembers());
model.addAttribute("membergroups", group.getMemberGroups());
String utilsGrpName = Utils.addEntities(group.getName());
model.addAttribute("utilsGrpName", utilsGrpName);
context.commit();
return "pages/admin/group-edit";
} else if (submit_group_delete) {
// direct to a confirmation step
model.addAttribute("group", group);
return "pages/admin/group-confirm-delete";
} else if (submit_confirm_delete) {
// phony authorize, only admins can do this
AuthorizeManager.authorizeAction(context, group, Constants.WRITE);
// delete group, return to group-list.jsp
group.delete();
return showMainPage(context, model, request, response);
} else if (submit_cancel_delete) {
// show group list
return showMainPage(context, model, request, response);
} else {
// unknown action, show edit page
model.addAttribute("group", group);
model.addAttribute("members", group.getMembers());
model.addAttribute("membergroups", group.getMemberGroups());
String utilsGrpName = Utils.addEntities(group.getName());
model.addAttribute("utilsGrpName", utilsGrpName);
return "pages/admin/group-edit";
}
} else {
// want to add a group - create a blank one, and pass to
// group_edit.jsp
String button = UIUtil.getSubmitButton(request, "submit");
if (button.equals("submit_add")) {
group = Group.create(context);
group.setName("new group" + group.getID());
group.update();
model.addAttribute("group", group);
model.addAttribute("members", group.getMembers());
model.addAttribute("membergroups", group.getMemberGroups());
String utilsGrpName = Utils.addEntities(group.getName());
model.addAttribute("utilsGrpName", utilsGrpName);
context.commit();
return "pages/admin/group-edit";
} else {
// show the main page (select groups)
return showMainPage(context, model, request, response);
}
} // end
} // end processGet
