hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-13 21:13:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor AuthorizeUtil to NOT cache services (in static final variables). This allows authorization to be more easily mocked/overridden in tests.

Browse Source
This commit is contained in:
Tim Donohue
2020-01-23 15:40:31 -06:00
parent 50be2508ab
commit 40f053751b
1 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
dspace-api/src/main/java/org/dspace/app/util/AuthorizeUtil.java
View File

@@ -34,12 +34,6 @@ import org.dspace.core.Context;
*/ */
public class AuthorizeUtil { public class AuthorizeUtil {
private static final AuthorizeService authorizeService =
AuthorizeServiceFactory.getInstance().getAuthorizeService();
private static final ItemService itemService = ContentServiceFactory.getInstance().getItemService();
private static final CollectionService collectionService =
ContentServiceFactory.getInstance().getCollectionService();
/** /**
* Default constructor * Default constructor
*/ */
@@ -95,8 +89,9 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageItemPolicy(Context context, Item item) public static void authorizeManageItemPolicy(Context context, Item item)
throws AuthorizeException, SQLException { throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canItemAdminManagePolicies()) { if (AuthorizeConfiguration.canItemAdminManagePolicies()) {
authorizeService.authorizeAction(context, item, Constants.ADMIN); AuthorizeServiceFactory.getInstance().getAuthorizeService().authorizeAction(context, item, Constants.ADMIN);
} else if (AuthorizeConfiguration.canCollectionAdminManageItemPolicies()) { } else if (AuthorizeConfiguration.canCollectionAdminManageItemPolicies()) {
authorizeService.authorizeAction(context, item authorizeService.authorizeAction(context, item
.getOwningCollection(), Constants.ADMIN); .getOwningCollection(), Constants.ADMIN);
@@ -124,6 +119,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageCollectionPolicy(Context context, public static void authorizeManageCollectionPolicy(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCollectionAdminManagePolicies()) { if (AuthorizeConfiguration.canCollectionAdminManagePolicies()) {
authorizeService.authorizeAction(context, collection, authorizeService.authorizeAction(context, collection,
Constants.ADMIN); Constants.ADMIN);
@@ -151,6 +147,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageCommunityPolicy(Context context, public static void authorizeManageCommunityPolicy(Context context,
Community community) throws AuthorizeException, SQLException { Community community) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCommunityAdminManagePolicies()) { if (AuthorizeConfiguration.canCommunityAdminManagePolicies()) {
authorizeService.authorizeAction(context, community, authorizeService.authorizeAction(context, community,
Constants.ADMIN); Constants.ADMIN);
@@ -171,6 +168,7 @@ public class AuthorizeUtil {
*/ */
public static void requireAdminRole(Context context) public static void requireAdminRole(Context context)
throws AuthorizeException, SQLException { throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (!authorizeService.isAdmin(context)) { if (!authorizeService.isAdmin(context)) {
throw new AuthorizeException( throw new AuthorizeException(
"Only system admin are allowed to perform this action"); "Only system admin are allowed to perform this action");
@@ -191,6 +189,8 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageCCLicense(Context context, Item item) public static void authorizeManageCCLicense(Context context, Item item)
throws AuthorizeException, SQLException { throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
ItemService itemService = ContentServiceFactory.getInstance().getItemService();
try { try {
authorizeService.authorizeAction(context, item, Constants.ADD); authorizeService.authorizeAction(context, item, Constants.ADD);
authorizeService.authorizeAction(context, item, Constants.REMOVE); authorizeService.authorizeAction(context, item, Constants.REMOVE);
@@ -224,6 +224,8 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageTemplateItem(Context context, public static void authorizeManageTemplateItem(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
CollectionService collectionService = ContentServiceFactory.getInstance().getCollectionService();
boolean isAuthorized = collectionService.canEditBoolean(context, collection, false); boolean isAuthorized = collectionService.canEditBoolean(context, collection, false);
if (!isAuthorized if (!isAuthorized
@@ -258,6 +260,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageSubmittersGroup(Context context, public static void authorizeManageSubmittersGroup(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCollectionAdminManageSubmitters()) { if (AuthorizeConfiguration.canCollectionAdminManageSubmitters()) {
authorizeService.authorizeAction(context, collection, authorizeService.authorizeAction(context, collection,
Constants.ADMIN); Constants.ADMIN);
@@ -285,6 +288,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageWorkflowsGroup(Context context, public static void authorizeManageWorkflowsGroup(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCollectionAdminManageWorkflows()) { if (AuthorizeConfiguration.canCollectionAdminManageWorkflows()) {
authorizeService.authorizeAction(context, collection, authorizeService.authorizeAction(context, collection,
Constants.ADMIN); Constants.ADMIN);
@@ -313,6 +317,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageAdminGroup(Context context, public static void authorizeManageAdminGroup(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCollectionAdminManageAdminGroup()) { if (AuthorizeConfiguration.canCollectionAdminManageAdminGroup()) {
authorizeService.authorizeAction(context, collection, authorizeService.authorizeAction(context, collection,
Constants.ADMIN); Constants.ADMIN);
@@ -341,6 +346,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeRemoveAdminGroup(Context context, public static void authorizeRemoveAdminGroup(Context context,
Collection collection) throws AuthorizeException, SQLException { Collection collection) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
List<Community> parentCommunities = collection.getCommunities(); List<Community> parentCommunities = collection.getCommunities();
if (AuthorizeConfiguration if (AuthorizeConfiguration
.canCommunityAdminManageCollectionAdminGroup() .canCommunityAdminManageCollectionAdminGroup()
@@ -368,6 +374,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeManageAdminGroup(Context context, public static void authorizeManageAdminGroup(Context context,
Community community) throws AuthorizeException, SQLException { Community community) throws AuthorizeException, SQLException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCommunityAdminManageAdminGroup()) { if (AuthorizeConfiguration.canCommunityAdminManageAdminGroup()) {
authorizeService.authorizeAction(context, community, authorizeService.authorizeAction(context, community,
Constants.ADMIN); Constants.ADMIN);
@@ -392,6 +399,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeRemoveAdminGroup(Context context, public static void authorizeRemoveAdminGroup(Context context,
Community community) throws SQLException, AuthorizeException { Community community) throws SQLException, AuthorizeException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
List<Community> parentCommunities = community.getParentCommunities(); List<Community> parentCommunities = community.getParentCommunities();
Community parentCommunity = null; Community parentCommunity = null;
if (0 < parentCommunities.size()) { if (0 < parentCommunities.size()) {
@@ -458,6 +466,7 @@ public class AuthorizeUtil {
public static void authorizeWithdrawItem(Context context, Item item) public static void authorizeWithdrawItem(Context context, Item item)
throws SQLException, AuthorizeException { throws SQLException, AuthorizeException {
boolean authorized = false; boolean authorized = false;
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
if (AuthorizeConfiguration.canCollectionAdminPerformItemWithdrawn()) { if (AuthorizeConfiguration.canCollectionAdminPerformItemWithdrawn()) {
authorized = authorizeService.authorizeActionBoolean(context, item authorized = authorizeService.authorizeActionBoolean(context, item
.getOwningCollection(), Constants.ADMIN); .getOwningCollection(), Constants.ADMIN);
@@ -492,6 +501,7 @@ public class AuthorizeUtil {
*/ */
public static void authorizeReinstateItem(Context context, Item item) public static void authorizeReinstateItem(Context context, Item item)
throws SQLException, AuthorizeException { throws SQLException, AuthorizeException {
AuthorizeService authorizeService = AuthorizeServiceFactory.getInstance().getAuthorizeService();
List<Collection> colls = item.getCollections(); List<Collection> colls = item.getCollections();
for (Collection coll : colls) { for (Collection coll : colls) {