[DS-261] Community Admin JSPUI: porting of the DS-228 patch

git-svn-id: http://scm.dspace.org/svn/repo/dspace/trunk@4196 9c30dcfa-912a-0410-8fc2-9e0234be79fd

dspace-api/src/main/java/org/dspace/content/Community.java

@@ -939,9 +939,7 @@ public class Community extends DSpaceObject
                 //he started the removal process and he will end it too.
                 //also add right to remove from the collection to remove it's
                 // items.
-                AuthorizeManager.addPolicy(ourContext, c, Constants.DELETE,
+                AuthorizeManager.addPolicy(ourContext, c, Constants.ADMIN,
-                        ourContext.getCurrentUser());
-                AuthorizeManager.addPolicy(ourContext, c, Constants.REMOVE,
                         ourContext.getCurrentUser());
 
                 // Orphan; delete it

dspace-api/src/main/java/org/dspace/content/Item.java

@@ -2125,6 +2125,14 @@ public class Item extends DSpaceObject
      */
     public void move (Collection from, Collection to) throws SQLException, AuthorizeException, IOException 
     {
+        // Check authorisation on the item before that the move occur
+        // otherwise we will need edit permission on the "target collection" to archive our goal   
+        // only do write authorization if user is not an editor
+        if (!canEdit())
+        {
+            AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE);
+        }
+        
         // Move the Item from one Collection to the other
         to.addItem(this);
         from.removeItem(this);
@@ -2133,7 +2141,9 @@ public class Item extends DSpaceObject
         if (isOwningCollection(from))
     	{
     		setOwningCollection(to);
+    		ourContext.turnOffAuthorisationSystem();
     		update();
+    		ourContext.restoreAuthSystemState();
     	}
         else
         {

dspace-api/src/main/resources/Messages.properties

@@ -433,6 +433,7 @@ jsp.dspace-admin.wizard-permissions.text5                       = Who is respons
 jsp.dspace-admin.wizard-permissions.text6                       = Who are the collection administrators for this collection?  They will be able to decide who can submit items to the collection, withdraw items, edit item metadata (after submission), and add (map) existing items from other collections to this collection (subject to authorization from that collection).
 jsp.dspace-admin.wizard-permissions.title                       = Collection Authorization
 jsp.dspace-admin.wizard-questions.check1                        = New items should be publicly readable
+jsp.dspace-admin.wizard-questions.check1-disabled				= Only System Admin can change this
 jsp.dspace-admin.wizard-questions.check2                        = Some users will be able to submit to this collection
 jsp.dspace-admin.wizard-questions.check3                        = The submission workflow will include an <em>accept/reject</em> step
 jsp.dspace-admin.wizard-questions.check4                        = The submission workflow will include an <em>accept/reject/edit metadata</em> step
@@ -1086,6 +1087,7 @@ jsp.tools.edit-community.form.label4                            = Copyright text
 jsp.tools.edit-community.form.label5                            = Side bar text (HTML):
 jsp.tools.edit-community.form.label6                            = Logo:
 jsp.tools.edit-community.form.label7                            = Community's Authorizations:
+jsp.tools.edit-community.form.label8							= Community Administrators:
 jsp.tools.edit-community.heading1                               = Create Community
 jsp.tools.edit-community.heading2                               = Edit Community {0}
 jsp.tools.edit-community.title                                  = Edit Community

dspace-jspui/dspace-jspui-api/src/main/java/org/dspace/app/webui/servlet/admin/CollectionWizardServlet.java

@@ -174,10 +174,15 @@ public class CollectionWizardServlet extends DSpaceServlet
             // Create the collection
             Collection newCollection = c.createCollection();
             request.setAttribute("collection", newCollection);
+            if (AuthorizeManager.isAdmin(context,c))
+            {
+                // set a variable to show all locale admin buttons
+                request.setAttribute("admin_button", new Boolean(true));
+            }
             if (AuthorizeManager.isAdmin(context))
             {
                 // set a variable to show all buttons
-                request.setAttribute("admin_button", new Boolean(true));
+                request.setAttribute("sysadmin_button", new Boolean(true));
             }
             JSPManager.showJSP(request, response,
                     "/dspace-admin/wizard-questions.jsp");
@@ -253,8 +258,9 @@ public class CollectionWizardServlet extends DSpaceServlet
         Group anonymousGroup = Group.find(context, 0);
 
         // "Public read" checkbox. Only need to do anything
-        // if it's not checked.
+        // if it's not checked (only system admin can uncheck this!).
-        if (!UIUtil.getBoolParameter(request, "public_read"))
+        if (!UIUtil.getBoolParameter(request, "public_read")
+                && AuthorizeManager.isAdmin(context))
         {
             // Remove anonymous default policies for new items
             AuthorizeManager.removePoliciesActionFilter(context, collection,
@@ -515,6 +521,8 @@ public class CollectionWizardServlet extends DSpaceServlet
             // Identify the format
             BitstreamFormat bf = FormatIdentifier.guessFormat(context, logoBS);
             logoBS.setFormat(bf);
+            AuthorizeManager.addPolicy(context, logoBS, Constants.WRITE, context
+                    .getCurrentUser());
             logoBS.update();
 
             // Remove temp file
@@ -710,7 +718,7 @@ public class CollectionWizardServlet extends DSpaceServlet
                 Community[] communities = collection.getCommunities();
                 request.setAttribute("community", communities[0]);
 
-                if (AuthorizeManager.isAdmin(context))
+                if (AuthorizeManager.isAdmin(context, collection))
                 {
                     // set a variable to show all buttons
                     request.setAttribute("admin_button", new Boolean(true));

dspace-jspui/dspace-jspui-api/src/main/java/org/dspace/app/webui/servlet/admin/EditCommunitiesServlet.java

@@ -61,6 +61,7 @@ import org.dspace.content.Bitstream;
 import org.dspace.content.BitstreamFormat;
 import org.dspace.content.Collection;
 import org.dspace.content.Community;
+import org.dspace.content.DSpaceObject;
 import org.dspace.content.FormatIdentifier;
 import org.dspace.content.Item;
 import org.dspace.core.Constants;
@@ -168,7 +169,9 @@ public class EditCommunitiesServlet extends DSpaceServlet
             return;
         }
 
-        if (AuthorizeManager.isAdmin(context))
+        if ((collection != null && AuthorizeManager.isAdmin(context, collection))
+                || (collection == null && community != null && AuthorizeManager.isAdmin(context, community))
+                || (collection == null && parentCommunity != null && AuthorizeManager.isAdmin(context, parentCommunity))) 
         {
             // set a variable to show all buttons
             request.setAttribute("admin_button", new Boolean(true));
@@ -309,8 +312,15 @@ public class EditCommunitiesServlet extends DSpaceServlet
         // community home page, enhanced with admin controls. If no community,
         // or no parent community, just fall back to the community-list page
         Community community = (Community) request.getAttribute("community");
-
+        Collection collection = (Collection) request.getAttribute("collection");
-        if (community != null)
+        
+        if (collection != null)
+        {
+            response.sendRedirect(response.encodeRedirectURL(request
+                    .getContextPath()
+                    + "/handle/" + collection.getHandle()));
+        }
+        else if (community != null)
         {
             response.sendRedirect(response.encodeRedirectURL(request
                     .getContextPath()
@@ -440,6 +450,25 @@ public class EditCommunitiesServlet extends DSpaceServlet
                     + "/dspace-admin/authorize?community_id="
                     + community.getID() + "&submit_community_select=1"));
         }
+        else if (button.equals("submit_admins_create"))
+        {
+            // Create new group
+            Group newGroup = community.createAdministrators();
+            community.update();
+
+            // Forward to group edit page
+            response.sendRedirect(response.encodeRedirectURL(request
+                    .getContextPath()
+                    + "/tools/group-edit?group_id=" + newGroup.getID()));
+        }
+        else if (button.equals("submit_admins_edit"))
+        {
+            // Edit 'community administrators' group
+            Group g = community.getAdministrators();
+            response.sendRedirect(response.encodeRedirectURL(request
+                    .getContextPath()
+                    + "/tools/group-edit?group_id=" + g.getID()));
+        }
         else
         {
             // Button at bottom clicked - show main control page
@@ -561,7 +590,8 @@ public class EditCommunitiesServlet extends DSpaceServlet
         {
             // Create new group
             Group newGroup = collection.createAdministrators();
-
+            collection.update();
+            
             // Forward to group edit page
             response.sendRedirect(response.encodeRedirectURL(request
                     .getContextPath()
@@ -582,7 +612,8 @@ public class EditCommunitiesServlet extends DSpaceServlet
         {
             // Create new group
             Group newGroup = collection.createSubmitters();
-
+            collection.update();
+            
             // Forward to group edit page
             response.sendRedirect(response.encodeRedirectURL(request
                     .getContextPath()
@@ -754,19 +785,16 @@ public class EditCommunitiesServlet extends DSpaceServlet
                 .getCurrentUser());
         logoBS.update();
 
-        if (AuthorizeManager.isAdmin(context))
+        String jsp;
-        {
+        DSpaceObject dso;
-            // set a variable to show all buttons
-            request.setAttribute("admin_button", new Boolean(true));
-        }
-
         if (collection == null)
         {
             community.update();
 
             // Show community edit page
             request.setAttribute("community", community);
-            JSPManager.showJSP(request, response, "/tools/edit-community.jsp");
+            dso = community;
+            jsp = "/tools/edit-community.jsp";
         }
         else
         {
@@ -775,8 +803,17 @@ public class EditCommunitiesServlet extends DSpaceServlet
             // Show collection edit page
             request.setAttribute("collection", collection);
             request.setAttribute("community", community);
-            JSPManager.showJSP(request, response, "/tools/edit-collection.jsp");
+            dso = collection;
+            jsp = "/tools/edit-collection.jsp";
         }
+        
+        if (AuthorizeManager.isAdmin(context, dso))
+        {
+            // set a variable to show all buttons
+            request.setAttribute("admin_button", new Boolean(true));
+        }
+        
+        JSPManager.showJSP(request, response, jsp);
 
         // Remove temp file
         temp.delete();

dspace-jspui/dspace-jspui-api/src/main/java/org/dspace/app/webui/servlet/admin/EditItemServlet.java

@@ -45,6 +45,7 @@ import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.sql.SQLException;
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashMap;
@@ -275,12 +276,36 @@ public class EditItemServlet extends DSpaceServlet
             break;
 
         case START_MOVE_ITEM:
-        	if (AuthorizeManager.isAdmin(context))
+        	if (AuthorizeManager.isAdmin(context,item))
         	{
 	        	// Display move collection page with fields of collections and communities
-	        	Collection[] notLinkedCollections = item.getCollectionsNotLinked();
+	        	Collection[] allNotLinkedCollections = item.getCollectionsNotLinked();
-	        	Collection[] linkedCollections = item.getCollections();
+	        	Collection[] allLinkedCollections = item.getCollections();
-	            	
+	            
+	        	// get only the collection where the current user has the right permission
+	        	List<Collection> authNotLinkedCollections = new ArrayList<Collection>();
+	        	for (Collection c : allNotLinkedCollections)
+	        	{
+	        	    if (AuthorizeManager.authorizeActionBoolean(context, c, Constants.ADD))
+	        	    {
+	        	        authNotLinkedCollections.add(c);
+	        	    }
+	        	}
+
+                List<Collection> authLinkedCollections = new ArrayList<Collection>();
+                for (Collection c : allLinkedCollections)
+                {
+                    if (AuthorizeManager.authorizeActionBoolean(context, c, Constants.REMOVE))
+                    {
+                        authLinkedCollections.add(c);
+                    }
+                }
+	        	
+                Collection[] notLinkedCollections = new Collection[authNotLinkedCollections.size()];
+                notLinkedCollections = authNotLinkedCollections.toArray(notLinkedCollections);
+                Collection[] linkedCollections = new Collection[authLinkedCollections.size()];
+                linkedCollections = authLinkedCollections.toArray(linkedCollections);
+                
 	        	request.setAttribute("linkedCollections", linkedCollections);
 	        	request.setAttribute("notLinkedCollections", notLinkedCollections);
 	            	            
@@ -293,7 +318,7 @@ public class EditItemServlet extends DSpaceServlet
         	break;
             	        
         case CONFIRM_MOVE_ITEM:
-        	if (AuthorizeManager.isAdmin(context))
+        	if (AuthorizeManager.isAdmin(context,item))
         	{
 	        	Collection fromCollection = Collection.find(context, UIUtil.getIntParameter(request, "collection_from_id"));
 	        	Collection toCollection = Collection.find(context, UIUtil.getIntParameter(request, "collection_to_id"));
@@ -401,6 +426,7 @@ public class EditItemServlet extends DSpaceServlet
             }
         }
 
+        request.setAttribute("admin_button", AuthorizeManager.authorizeActionBoolean(context, item, Constants.ADMIN));
         request.setAttribute("item", item);
         request.setAttribute("handle", handle);
         request.setAttribute("collections", collections);

dspace-jspui/dspace-jspui-webapp/src/main/webapp/dspace-admin/wizard-questions.jsp

@@ -59,7 +59,9 @@
 
 <%  Collection collection = (Collection) request.getAttribute("collection"); %>
 
-<%  Boolean admin_b = (Boolean)request.getAttribute("admin_button");
+<%  Boolean sysadmin_b = (Boolean)request.getAttribute("sysadmin_button");
+	boolean sysadmin_button = (sysadmin_b == null ? false : sysadmin_b.booleanValue());
+	Boolean admin_b = (Boolean)request.getAttribute("admin_button");
     boolean admin_button = (admin_b == null ? false : admin_b.booleanValue()); %>
     
 <dspace:layout locbar="off"
@@ -80,14 +82,19 @@
                         <table border="0">
                             <tr>
                                 <td valign="top">
-                                <% if(!admin_button ) { %> <input type="hidden" name="public_read" value="true"/>
+                                <% if(!sysadmin_button ) { %> <input type="hidden" name="public_read" value="true"/>
                                 <input type="checkbox" name="public_read" value="true" disabled="disabled" checked="checked"/>
                                 <% } else { %>
                                 <input type="checkbox" name="public_read" value="true" checked="checked"/>
                                 <% } %>
                                 </td>
                                 <%-- <td class="submitFormLabel" nowrap>New items should be publicly readable</td> --%>
-                                <td class="submitFormLabel" nowrap="nowrap"><fmt:message key="jsp.dspace-admin.wizard-questions.check1"/></td>
+                                <td class="submitFormLabel" nowrap="nowrap">
+                                	<fmt:message key="jsp.dspace-admin.wizard-questions.check1"/>
+									<% if(!sysadmin_button ) { %> 
+										<fmt:message key="jsp.dspace-admin.wizard-questions.check1-disabled"/>
+									<% } %>
+								</td>
                             </tr>
                         </table>
                     </td>

dspace-jspui/dspace-jspui-webapp/src/main/webapp/tools/edit-collection.jsp

@@ -67,6 +67,10 @@
     Boolean admin_b = (Boolean)request.getAttribute("admin_button");
     boolean admin_button = (admin_b == null ? false : admin_b.booleanValue());
     
+    // Is the logged in user a sys admin
+    Boolean admin = (Boolean)request.getAttribute("is.admin");
+    boolean isAdmin = (admin == null ? false : admin.booleanValue());
+    
     String name = "";
     String shortDesc = "";
     String intro = "";
@@ -298,7 +302,7 @@
 <%  } %>                    
                 </td>
             </tr>   
-<% if(admin_button ) { %>
+<% if(isAdmin) { %>
 <%-- ===========================================================
      Edit collection's policies
      =========================================================== --%>

dspace-jspui/dspace-jspui-webapp/src/main/webapp/tools/edit-community.jsp

@@ -53,6 +53,7 @@
 <%@ page import="org.dspace.app.webui.servlet.admin.EditCommunitiesServlet" %>
 <%@ page import="org.dspace.content.Bitstream" %>
 <%@ page import="org.dspace.content.Community" %>
+<%@ page import="org.dspace.eperson.Group" %>
 <%@ page import="org.dspace.app.webui.util.UIUtil" %>
 <%@ page import="org.dspace.core.Utils" %>
 
@@ -64,12 +65,16 @@
     int parentID = UIUtil.getIntParameter(request, "parent_community_id");
     Boolean admin_b = (Boolean)request.getAttribute("admin_button");
     boolean admin_button = (admin_b == null ? false : admin_b.booleanValue());
+    // Is the logged in user a sys admin
+    Boolean admin = (Boolean)request.getAttribute("is.admin");
+    boolean isAdmin = (admin == null ? false : admin.booleanValue());
     
     String name = "";
     String shortDesc = "";
     String intro = "";
     String copy = "";
     String side = "";
+    Group admins = null;
 
     Bitstream logo = null;
     
@@ -81,6 +86,7 @@
         copy = community.getMetadata("copyright_text");
         side = community.getMetadata("side_bar_text");
         logo = community.getLogo();
+        admins = community.getAdministrators();
     }
 %>
 
@@ -189,6 +195,26 @@
                 </td>
             </tr>
     <% if(admin_button ) { %>
+ <%-- ===========================================================
+     Community Administrators
+     =========================================================== --%>
+            <tr>
+                <td class="submitFormLabel"><fmt:message key="jsp.tools.edit-community.form.label8"/></td>
+                <td>
+			<%  if (admins == null) {%>
+                    <input type="submit" name="submit_admins_create" value="<fmt:message key="jsp.tools.edit-community.form.button.create"/>" />
+			<%  } else { %>
+                    <input type="submit" name="submit_admins_edit" value="<fmt:message key="jsp.tools.edit-community.form.button.edit"/>" />
+			<%  } %>                    
+                </td>
+            </tr>   
+    
+	<% }
+    	
+    if (isAdmin) { 
+    
+    %>
+
 <%-- ===========================================================
      Edit community's policies
      =========================================================== --%>

dspace-jspui/dspace-jspui-webapp/src/main/webapp/tools/edit-item-form.jsp

@@ -90,6 +90,10 @@
     // Is the logged in user an admin
     Boolean admin = (Boolean)request.getAttribute("is.admin");
     boolean isAdmin = (admin == null ? false : admin.booleanValue());
+    
+    // Is the logged in user an admin of the item
+    Boolean itemAdmin = (Boolean)request.getAttribute("admin_button");
+    boolean isItemAdmin = (itemAdmin == null ? false : itemAdmin.booleanValue());
 %>
 
 
@@ -151,7 +155,7 @@
 						<input type="submit" name="submit" value="<fmt:message key="jsp.tools.edit-item-form.delete-w-confirm.button"/>"/>
                     </form>
 <%
-  if (isAdmin)
+  if (isItemAdmin)
   {
 %>                     <form method="post" action="<%= request.getContextPath() %>/tools/edit-item">
                         <input type="hidden" name="item_id" value="<%= item.getID() %>" />
@@ -195,6 +199,10 @@
 <%  } %>
                 </td>
             </tr>
+<%
+  if (isAdmin)
+  {
+%>    
 <%-- ===========================================================
      Edit item's policies
      =========================================================== --%>
@@ -210,13 +218,14 @@
                     </form>
                 </td>
             </tr>
-
+<%
+  }
+%>
         </table>
     </center>
 
 <%
 
-
     if (item.isWithdrawn())
     {
 %>

dspace/CHANGES

@@ -52,7 +52,8 @@
  - [DS-199] SWORD module doesn't accept X-No-Op header (dry run)
  - [DS-223] Submission process show previous button in JSPUI also if the step is the first "visible" step
  - [DS-227] Values with double apos doesn't work in dropdown and list input type
- - [DS-259] Community/collection admin should not to be able to delete their admin group 
+ - [DS-259] Community/collection admin should not to be able to delete their admin group
+ - [DS-261] Community Admin JSPUI: porting of the DS-228 patch
 
 (Tim Donohue)
  - [DS-218] Cannot add/remove email subscriptions from Profile page in XMLUI