mirror of
https://github.com/DSpace/DSpace.git
synced 2025-10-07 01:54:22 +00:00
created:
class:
- resourcePolicyRestPermissionEvaluatorPlugin
method:
- boolean hasDSpasePermission(Authentication authentication, Serializable targetId, String targetType, DSpaceRestPermission permission)
- boolean isMyResoursePolicy(Context context, EPerson eperson, Integer id) - this one checks if the resourcePolicy, that I'm searching, is of the authenticated person
- ResourcePolicy findOneById (DAO)
This commit is contained in:
Mykhaylo Boychuk
@@ -26,6 +26,7 @@ import org.dspace.core.Constants;
|
|||||||
import org.dspace.core.Context;
|
import org.dspace.core.Context;
|
||||||
import org.dspace.eperson.EPerson;
|
import org.dspace.eperson.EPerson;
|
||||||
import org.dspace.eperson.Group;
|
import org.dspace.eperson.Group;
|
||||||
|
import org.dspace.eperson.service.GroupService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -47,6 +48,9 @@ public class ResourcePolicyServiceImpl implements ResourcePolicyService {
|
|||||||
@Autowired(required = true)
|
@Autowired(required = true)
|
||||||
protected ResourcePolicyDAO resourcePolicyDAO;
|
protected ResourcePolicyDAO resourcePolicyDAO;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private GroupService groupService;
|
||||||
|
|
||||||
protected ResourcePolicyServiceImpl() {
|
protected ResourcePolicyServiceImpl() {
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -379,4 +383,19 @@ public class ResourcePolicyServiceImpl implements ResourcePolicyService {
|
|||||||
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException {
|
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException {
|
||||||
return resourcePolicyDAO.searchCountByGroupAndResourceUuid(context, group, resourceUuid);
|
return resourcePolicyDAO.searchCountByGroupAndResourceUuid(context, group, resourceUuid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean isMyResourcePolicy(Context context, EPerson eperson, Integer id) throws SQLException {
|
||||||
|
boolean isMy = false;
|
||||||
|
|
||||||
|
ResourcePolicy resourcePolicy = resourcePolicyDAO.findOneById(context, id);
|
||||||
|
Group group = resourcePolicy.getGroup();
|
||||||
|
|
||||||
|
if (resourcePolicy.getEPerson() != null && resourcePolicy.getEPerson().getID() == eperson.getID()) {
|
||||||
|
isMy = true;
|
||||||
|
} else if (group != null && groupService.isMember(context, eperson, group)) {
|
||||||
|
isMy = true;
|
||||||
|
}
|
||||||
|
return isMy;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -109,4 +109,7 @@ public interface ResourcePolicyDAO extends GenericDAO<ResourcePolicy> {
|
|||||||
|
|
||||||
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException;
|
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException;
|
||||||
|
|
||||||
|
public ResourcePolicy findOneById(Context context, Integer id) throws SQLException;
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -345,4 +345,14 @@ public class ResourcePolicyDAOImpl extends AbstractHibernateDAO<ResourcePolicy>
|
|||||||
query.setParameter("groupUuid", group.getID());
|
query.setParameter("groupUuid", group.getID());
|
||||||
return count(query);
|
return count(query);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ResourcePolicy findOneById(Context context, Integer id) throws SQLException {
|
||||||
|
CriteriaBuilder criteriaBuilder = getCriteriaBuilder(context);
|
||||||
|
CriteriaQuery criteriaQuery = getCriteriaQuery(criteriaBuilder, ResourcePolicy.class);
|
||||||
|
Root<ResourcePolicy> resourcePolicyRoot = criteriaQuery.from(ResourcePolicy.class);
|
||||||
|
criteriaQuery.select(resourcePolicyRoot);
|
||||||
|
criteriaQuery.where(criteriaBuilder.equal(resourcePolicyRoot.get(ResourcePolicy_.id), id));
|
||||||
|
return singleResult(context, criteriaQuery);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -123,4 +123,6 @@ public interface ResourcePolicyService extends DSpaceCRUDService<ResourcePolicy>
|
|||||||
|
|
||||||
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException;
|
public int searchCountByGroupAndResourceUuid(Context context, Group group, UUID resourceUuid) throws SQLException;
|
||||||
|
|
||||||
|
public boolean isMyResourcePolicy(Context context, EPerson eperson, Integer id) throws SQLException;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -51,8 +51,9 @@ public class ResourcePolicyRestRepository extends DSpaceRestRepository<ResourceP
|
|||||||
@Autowired
|
@Autowired
|
||||||
private GroupService groupService;
|
private GroupService groupService;
|
||||||
|
|
||||||
@PreAuthorize("hasAuthority('AUTHENTICATED')")
|
|
||||||
@Override
|
@Override
|
||||||
|
@PreAuthorize("hasPermission(#id, 'resourcepolicy', 'READ')")
|
||||||
public ResourcePolicyRest findOne(Context context, Integer id) {
|
public ResourcePolicyRest findOne(Context context, Integer id) {
|
||||||
ResourcePolicy source = null;
|
ResourcePolicy source = null;
|
||||||
try {
|
try {
|
||||||
|
|||||||
@@ -0,0 +1,76 @@
|
|||||||
|
package org.dspace.app.rest.security;
|
||||||
|
|
||||||
|
import java.io.Serializable;
|
||||||
|
import java.sql.SQLException;
|
||||||
|
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
import org.dspace.app.rest.model.ResourcePolicyRest;
|
||||||
|
import org.dspace.app.rest.utils.ContextUtil;
|
||||||
|
import org.dspace.authorize.service.AuthorizeService;
|
||||||
|
import org.dspace.authorize.service.ResourcePolicyService;
|
||||||
|
import org.dspace.core.Context;
|
||||||
|
import org.dspace.eperson.EPerson;
|
||||||
|
import org.dspace.eperson.service.EPersonService;
|
||||||
|
import org.dspace.services.RequestService;
|
||||||
|
import org.dspace.services.model.Request;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
|
||||||
|
@Component
|
||||||
|
public class ResourcePolicyRestPermissionEvaluatorPlugin extends RestObjectPermissionEvaluatorPlugin {
|
||||||
|
|
||||||
|
private static final Logger log = LoggerFactory.getLogger(ResourcePolicyRestPermissionEvaluatorPlugin.class);
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
AuthorizeService authorizeService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private RequestService requestService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private EPersonService ePersonService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private ResourcePolicyService resourcePolicyService;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean hasDSpacePermission(Authentication authentication, Serializable targetId, String targetType,
|
||||||
|
DSpaceRestPermission permission) {
|
||||||
|
|
||||||
|
DSpaceRestPermission restPermission = DSpaceRestPermission.convert(permission);
|
||||||
|
|
||||||
|
if (!DSpaceRestPermission.READ.equals(restPermission)
|
||||||
|
&& !DSpaceRestPermission.WRITE.equals(restPermission)
|
||||||
|
&& !DSpaceRestPermission.DELETE.equals(restPermission)
|
||||||
|
|| !StringUtils.equalsIgnoreCase(targetType, ResourcePolicyRest.NAME)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
Request request = requestService.getCurrentRequest();
|
||||||
|
Context context = ContextUtil.obtainContext(request.getServletRequest());
|
||||||
|
EPerson ePerson = null;
|
||||||
|
|
||||||
|
try {
|
||||||
|
ePerson = ePersonService.findByEmail(context, (String) authentication.getPrincipal());
|
||||||
|
Integer dsoId = Integer.parseInt(targetId.toString());
|
||||||
|
|
||||||
|
// anonymous user
|
||||||
|
if (ePerson == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (resourcePolicyService.isMyResourcePolicy(context, ePerson, dsoId)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} catch (SQLException e) {
|
||||||
|
log.error(e.getMessage(), e);
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user