// check whether any bundle belongs to any item that passed submission
// and workflow process
protected boolean isAnyItemInstalled(Context ctx, List<Bundle> bundles) throws SQLException {
for (Bundle bundle : bundles) {
for (Item item : bundle.getItems()) {
if (workspaceItemService.findByItem(ctx, item) == null
&& workflowItemService.findByItem(ctx, item) == null) {
return true;
}
}
}
return false;
}
/**
* Return the InProgressSubmission, either workspaceItem or workflowItem, depending on the id
* provided. If the id begins with an S then it is a considered a workspaceItem. If the id begins
* with a W then it is considered a workflowItem.
*
* @param context
* @param inProgressSubmissionID
* @return The InprogressSubmission or null if non found
*/
public static InProgressSubmission findSubmission(Context context, String inProgressSubmissionID)
throws SQLException, AuthorizeException, IOException {
char type = inProgressSubmissionID.charAt(0);
int id = Integer.valueOf(inProgressSubmissionID.substring(1));
if (type == 'S') {
return workspaceItemService.find(context, id);
} else if (type == 'W' || type == 'X') {
return workflowService.find(context, id);
}
return null;
}
/**
* Check to see if the given user can perform the given action on the given object. Always returns
* true if the ignore authorization flat is set in the current context.
*
* @param c current context. User is irrelevant; "ignore authorization" flag is relevant
* @param o object action is being attempted on
* @param action ID of action being attempted, from <code>org.dspace.core.Constants</code>
* @param e user attempting action
* @param useInheritance flag to say if ADMIN action on the current object or parent object can be
* used
* @return <code>true</code> if user is authorized to perform the given action, <code>false</code>
* otherwise
* @throws SQLException if database error
*/
protected boolean authorize(
Context c, DSpaceObject o, int action, EPerson e, boolean useInheritance)
throws SQLException {
// return FALSE if there is no DSpaceObject
if (o == null) {
return false;
}
// is authorization disabled for this context?
if (c.ignoreAuthorization()) {
return true;
}
// is eperson set? if not, userToCheck = null (anonymous)
EPerson userToCheck = null;
if (e != null) {
userToCheck = e;
// perform isAdmin check to see
// if user is an Admin on this object
DSpaceObject adminObject =
useInheritance
? serviceFactory.getDSpaceObjectService(o).getAdminObject(c, o, action)
: null;
if (isAdmin(c, adminObject)) {
return true;
}
}
// In case the dso is an bundle or bitstream we must ignore custom
// policies if it does not belong to at least one installed item (see
// DS-2614).
// In case the dso is an item and a corresponding workspace or workflow
// item exist, we have to ignore custom policies (see DS-2614).
boolean ignoreCustomPolicies = false;
if (o instanceof Bitstream) {
Bitstream b = (Bitstream) o;
// Ensure that this is not a collection or community logo
DSpaceObject parent = bitstreamService.getParentObject(c, b);
if (!(parent instanceof Collection) && !(parent instanceof Community)) {
ignoreCustomPolicies = !isAnyItemInstalled(c, b.getBundles());
}
}
if (o instanceof Bundle) {
ignoreCustomPolicies = !isAnyItemInstalled(c, Arrays.asList(((Bundle) o)));
}
if (o instanceof Item) {
if (workspaceItemService.findByItem(c, (Item) o) != null
|| workflowItemService.findByItem(c, (Item) o) != null) {
ignoreCustomPolicies = true;
}
}
for (ResourcePolicy rp : getPoliciesActionFilter(c, o, action)) {
if (ignoreCustomPolicies && ResourcePolicy.TYPE_CUSTOM.equals(rp.getRpType())) {
continue;
}
// check policies for date validity
if (resourcePolicyService.isDateValid(rp)) {
if (rp.getEPerson() != null && rp.getEPerson().equals(userToCheck)) {
return true; // match
}
if ((rp.getGroup() != null) && (groupService.isMember(c, rp.getGroup()))) {
// group was set, and eperson is a member
// of that group
return true;
}
}
}
// default authorization is denial
return false;
}
