hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-13 04:53:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix for GHSA-cf2j-vf36-c6w8

Browse Source
This commit is contained in:
Andrea Bollini
2021-10-25 19:01:36 +02:00
parent 0de9680781
commit 277b499a5c
3 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
dspace-api/src/main/java/org/dspace/content/CollectionServiceImpl.java
View File

@@ -920,8 +920,7 @@ public class CollectionServiceImpl extends DSpaceObjectServiceImpl<Collection> i
int defaultRead)
throws SQLException, AuthorizeException {
Group role = groupService.create(context);
groupService.setName(role, "COLLECTION_" + collection.getID().toString() + "_" + typeOfGroupString +
"_DEFAULT_READ");
groupService.setName(role, getDefaultReadGroupName(collection, typeOfGroupString));
// Remove existing privileges from the anonymous group.
authorizeService.removePoliciesActionFilter(context, collection, defaultRead);
@@ -932,6 +931,12 @@ public class CollectionServiceImpl extends DSpaceObjectServiceImpl<Collection> i
return role;
}
@Override
public String getDefaultReadGroupName(Collection collection, String typeOfGroupString) {
return "COLLECTION_" + collection.getID().toString() + "_" + typeOfGroupString +
"_DEFAULT_READ";
}
@Override
public List<Collection> findCollectionsWithSubmit(String q, Context context, Community community,
int offset, int limit) throws SQLException, SearchServiceException {