From 44d920f6673301feb8b329391378fb326189f9de Mon Sep 17 00:00:00 2001 From: Jim Downing Date: Mon, 13 Dec 2004 16:59:46 +0000 Subject: [PATCH] Added Lieven Droogmans' patch and fixed regression to dspace.cfg git-svn-id: http://scm.dspace.org/svn/repo/trunk@1075 9c30dcfa-912a-0410-8fc2-9e0234be79fd --- dspace/CHANGES | 14 ++++ dspace/README | 12 ++- dspace/config/dspace.cfg | 19 +++++ dspace/etc/dspace-web.xml | 8 +- dspace/jsp/collection-home.jsp | 10 +-- dspace/jsp/community-home.jsp | 67 ++++++++++++---- dspace/jsp/dspace-admin/wizard-basicinfo.jsp | 2 +- .../jsp/dspace-admin/wizard-default-item.jsp | 2 +- .../jsp/dspace-admin/wizard-permissions.jsp | 2 +- dspace/jsp/dspace-admin/wizard-questions.jsp | 2 +- dspace/jsp/image/remove.gif | Bin 0 -> 1016 bytes dspace/jsp/layout/navbar-admin.jsp | 2 +- .../confirm-delete-collection.jsp | 2 +- .../confirm-delete-community.jsp | 2 +- .../edit-collection.jsp | 11 ++- .../edit-community.jsp | 6 ++ .../app/webui/servlet/HandleServlet.java | 32 +++++--- .../admin/CollectionWizardServlet.java | 2 +- .../servlet/admin/EditCommunitiesServlet.java | 41 ++++++---- .../webui/servlet/admin/GroupEditServlet.java | 10 ++- dspace/src/org/dspace/content/Collection.java | 43 +++++++++-- dspace/src/org/dspace/content/Community.java | 72 +++++++++++++----- dspace/src/org/dspace/content/Item.java | 14 +++- 23 files changed, 291 insertions(+), 84 deletions(-) create mode 100644 dspace/CHANGES create mode 100644 dspace/jsp/image/remove.gif rename dspace/jsp/{dspace-admin => tools}/confirm-delete-collection.jsp (98%) rename dspace/jsp/{dspace-admin => tools}/confirm-delete-community.jsp (98%) rename dspace/jsp/{dspace-admin => tools}/edit-collection.jsp (97%) rename dspace/jsp/{dspace-admin => tools}/edit-community.jsp (97%) diff --git a/dspace/CHANGES b/dspace/CHANGES new file mode 100644 index 0000000000..3b905ddc1e --- /dev/null +++ b/dspace/CHANGES @@ -0,0 +1,14 @@ +1.2.1-beta1 +=========== +(Scott Yeadon) +- Added browse and search thumbnail display (currently configurable on a repository, not collection, basis); ability to turn off thumbnails on display-item page +- Added script to bin directory by Cody Green to assist with migrating items from one DSpace instance to another (removes handle files and updates DC metadata of exported items) + +(Jim Downing) +- Cleaned up several loose resource cleanups to cure resource leakage under heavy loads. + +(Austin Kim) +- Which metadata fields are indexed by lucene is now configurable. + +(Dave Stuve) +- Oracle compatibility added diff --git a/dspace/README b/dspace/README index 4e4b5e6de5..3e8759e6d4 100644 --- a/dspace/README +++ b/dspace/README @@ -1,4 +1,4 @@ -DSpace Version 1.2.1-beta1, 20-September-2004 +DSpace Version 1.2.1-beta2, 12-November-2004 Installation instructions are included in the 'dspace-docs' download, available from: @@ -7,9 +7,13 @@ http://sourceforge.net/projects/dspace/ Documentation may be viewed online at dspace.org, but these pertain to the most recent stable release; the installation instructions for this beta -may be different so you are encouraged to download the dspace-docs -package corresponding to this beta from the above SourceForge page and refer -any problems to the dspace-tech@lists.sourceforge.net mailing list. +may be different so you are encouraged to obtain the docs from cvs, or to +download the latest documentation snapshot from + +http://dspace.sourceforge.net/doc-snapshots/ + +Please refer any further problems to the dspace-tech@lists.sourceforge.net +mailing list. http://sourceforge.net/mail/?group_id=19984 diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg index 840f564f6d..37bcc8933e 100644 --- a/dspace/config/dspace.cfg +++ b/dspace/config/dspace.cfg @@ -35,6 +35,10 @@ config.template.oaicat.properties = /dspace/config/oaicat.properties ##### Database settings ##### +# Database name ("oracle", or "postgres") +db.name = postgres +#db.name = oracle + # URL for connecting to database db.url = jdbc:postgresql://localhost:5432/dspace @@ -129,6 +133,21 @@ webui.cert.autoregister = true # Should the submit UI block submissions marked as theses? webui.submit.blocktheses = false +# whether to display thumbnails on browse and search results pages (1.2+) +webui.browse.thumbnail.show = false + +# max dimensions of the browse/search thumbs. Must be <= thumbnail.maxwidth +# and thumbnail.maxheight. Only need to be set if required to be smaller than +# dimension of thumbnails generated by mediafilter (1.2+) +#webui.browse.thumbnail.maxheight = 80 +#webui.browse.thumbnail.maxwidth = 80 + +# whether to display the thumb against each bitstream (1.2+) +webui.item.thumbnail.show = true + +# where should clicking on a thumbnail from browse/search take the user +# Only values currently supported are "item" and "bitstream" +#webui.browse.thumbnail.linkbehaviour = item ##### SFX Server ##### diff --git a/dspace/etc/dspace-web.xml b/dspace/etc/dspace-web.xml index aa8d89b68d..6f86d3e98e 100644 --- a/dspace/etc/dspace-web.xml +++ b/dspace/etc/dspace-web.xml @@ -360,7 +360,7 @@ collection-wizard - /dspace-admin/collection-wizard + /tools/collection-wizard @@ -368,11 +368,17 @@ /dspace-admin/dc-registry + + edit-communities + /tools/edit-communities + + edit-communities /dspace-admin/edit-communities + edit-epeople /dspace-admin/edit-epeople diff --git a/dspace/jsp/collection-home.jsp b/dspace/jsp/collection-home.jsp index d82a4540df..4615171b38 100644 --- a/dspace/jsp/collection-home.jsp +++ b/dspace/jsp/collection-home.jsp @@ -215,10 +215,10 @@ -<% if( admin_button ) { %> +<% if( editor_button ) { %> -
+ @@ -228,7 +228,7 @@ <% } %> -<% if( editor_button ) { %> +<% if( admin_button ) { %> @@ -252,11 +252,11 @@ Admin Help... +<% } %> + -<% } %> - <% } %> diff --git a/dspace/jsp/community-home.jsp b/dspace/jsp/community-home.jsp index 3a24fa4050..fc9019d4be 100644 --- a/dspace/jsp/community-home.jsp +++ b/dspace/jsp/community-home.jsp @@ -72,8 +72,12 @@ request.getAttribute("last.submitted.titles"); String[] lastSubmittedURLs = (String[]) request.getAttribute("last.submitted.urls"); - Boolean admin_b = (Boolean)request.getAttribute("admin_button"); - boolean admin_button = (admin_b == null ? false : admin_b.booleanValue()); + Boolean editor_b = (Boolean)request.getAttribute("editor_button"); + boolean editor_button = (editor_b == null ? false : editor_b.booleanValue()); + Boolean add_b = (Boolean)request.getAttribute("add_button"); + boolean add_button = (add_b == null ? false : add_b.booleanValue()); + Boolean remove_b = (Boolean)request.getAttribute("remove_button"); + boolean remove_button = (remove_b == null ? false : remove_b.booleanValue()); // Put the metadata values into guaranteed non-null variables @@ -156,7 +160,7 @@
- + <%= intro %> <% @@ -172,8 +176,25 @@ { %>
  • - - <%= collections[i].getMetadata("name") %> + + + + <% if (remove_button) { %> + + <% } %> + +
    + + <%= collections[i].getMetadata("name") %> + +
    + + + + + +
    +

    <%= collections[i].getMetadata("short_description") %>

    • <% @@ -196,8 +217,24 @@ { %>
  • - - <%= subcommunities[j].getMetadata("name") %> + + + + <% if (remove_button) { %> + + <% } %> + +
    + + <%= subcommunities[j].getMetadata("name") %> + +
    + + + + +
    +

    <%= subcommunities[j].getMetadata("short_description") %>

    • <% @@ -211,7 +248,7 @@

    <%= copyright %>

    - <% if(admin_button) // admin edit button + <% if(editor_button || add_button) // edit button(s) { %> @@ -224,20 +261,24 @@ diff --git a/dspace/jsp/dspace-admin/wizard-basicinfo.jsp b/dspace/jsp/dspace-admin/wizard-basicinfo.jsp index 37417aa14f..1177f636fc 100644 --- a/dspace/jsp/dspace-admin/wizard-basicinfo.jsp +++ b/dspace/jsp/dspace-admin/wizard-basicinfo.jsp @@ -67,7 +67,7 @@
    -
    + <% if(editor_button) { %> +
    -
    - - + <% } %> + <% if(add_button) { %> + + +
    -
    +
    + <% } %>
    -
    + diff --git a/dspace/jsp/dspace-admin/wizard-default-item.jsp b/dspace/jsp/dspace-admin/wizard-default-item.jsp index 7288b449cf..76a60e9915 100644 --- a/dspace/jsp/dspace-admin/wizard-default-item.jsp +++ b/dspace/jsp/dspace-admin/wizard-default-item.jsp @@ -74,7 +74,7 @@

    You can leave as many fields blank as you like.

    - +

    Name:
    diff --git a/dspace/jsp/dspace-admin/wizard-permissions.jsp b/dspace/jsp/dspace-admin/wizard-permissions.jsp index 006ed335a0..f38647a0b5 100644 --- a/dspace/jsp/dspace-admin/wizard-permissions.jsp +++ b/dspace/jsp/dspace-admin/wizard-permissions.jsp @@ -127,7 +127,7 @@ other collections to this collection (subject to authorization from that collect

    You can change this later using the relevant sections of the DSpace admin UI.

    - +
    Dublin Core Field
    diff --git a/dspace/jsp/dspace-admin/wizard-questions.jsp b/dspace/jsp/dspace-admin/wizard-questions.jsp index a7da2a6ad4..ae22bc5a62 100644 --- a/dspace/jsp/dspace-admin/wizard-questions.jsp +++ b/dspace/jsp/dspace-admin/wizard-questions.jsp @@ -58,7 +58,7 @@

    Describe the Collection

    - +

    Please check the boxes next to the statements that apply to the collection. More Help...

    diff --git a/dspace/jsp/image/remove.gif b/dspace/jsp/image/remove.gif new file mode 100644 index 0000000000000000000000000000000000000000..f9533698ade7ba25d1e3b7ccbc2f4eb51b85d513 GIT binary patch literal 1016 zcmZ?wbhEHb6lCCMc)pl{iI+*O<7XKNnG-&);L*jV4r+FIYj z+RN5n-NW9=(b3!4+0os}#?B?c*`meS!^FkS(Z$6FDD38^>Evtc?iS(i=I-s9=;deY z=9A><6YCpf;~5y@@15fpZsQx6lMtB@8y8uY*Ibs@R$9cH7+M=tC+dg|Wk3mXoeyLRN#?qe5@pSyVK^wm=rF5EbN^~RZtPtIOHbMEHJOBcRg zz4ZLr%?nrVoWFPd;`zIG&)O@>y!-h5qo=Q)JpTXq$^VCM z?mT|==-IRXuRmOP`r*;@4{u+7`uO$Ti%*|keEIV4^SA#We*XCN=lZYzH~)Y8|K;zm zpMU=U`ThUj{~!PV0ja4^|Tx6e}!}ErLxs^xMRFC5X!x1iFKOMGn6_YzADcYp;Nvu#g zacL#Tpkb!TQvpGF9*fLdM_wE`AX0M1Collections"); - links.add("/dspace-admin/edit-communities"); + links.add("/tools/edit-communities"); labels.add("E-people"); links.add("/dspace-admin/edit-epeople"); diff --git a/dspace/jsp/dspace-admin/confirm-delete-collection.jsp b/dspace/jsp/tools/confirm-delete-collection.jsp similarity index 98% rename from dspace/jsp/dspace-admin/confirm-delete-collection.jsp rename to dspace/jsp/tools/confirm-delete-collection.jsp index d079154d60..416649babe 100644 --- a/dspace/jsp/dspace-admin/confirm-delete-collection.jsp +++ b/dspace/jsp/tools/confirm-delete-collection.jsp @@ -58,7 +58,7 @@ Community community = (Community) request.getAttribute("community"); %> - +

    Delete Collection: <%= collection.getID() %>

    diff --git a/dspace/jsp/dspace-admin/confirm-delete-community.jsp b/dspace/jsp/tools/confirm-delete-community.jsp similarity index 98% rename from dspace/jsp/dspace-admin/confirm-delete-community.jsp rename to dspace/jsp/tools/confirm-delete-community.jsp index 95d36172eb..b30a8a81ca 100644 --- a/dspace/jsp/dspace-admin/confirm-delete-community.jsp +++ b/dspace/jsp/tools/confirm-delete-community.jsp @@ -56,7 +56,7 @@ Community community = (Community) request.getAttribute("community"); %> - +

    Delete Community: <%= community.getID() %>

    diff --git a/dspace/jsp/dspace-admin/edit-collection.jsp b/dspace/jsp/tools/edit-collection.jsp similarity index 97% rename from dspace/jsp/dspace-admin/edit-collection.jsp rename to dspace/jsp/tools/edit-collection.jsp index ae50630d00..089363b8cb 100644 --- a/dspace/jsp/dspace-admin/edit-collection.jsp +++ b/dspace/jsp/tools/edit-collection.jsp @@ -61,6 +61,8 @@ <% Collection collection = (Collection) request.getAttribute("collection"); Community community = (Community) request.getAttribute("community"); + Boolean admin_b = (Boolean)request.getAttribute("admin_button"); + boolean admin_button = (admin_b == null ? false : admin_b.booleanValue()); String name = ""; String shortDesc = ""; @@ -138,6 +140,7 @@

    Create Collection

    <% } else { %>

    Edit Collection <%= collection.getHandle() %>

    + <% if(admin_button ) { %>
    @@ -152,9 +155,10 @@
    + <% } %> <% } %> - + <%-- =========================================================== Basic metadata @@ -226,6 +230,7 @@ +<% if(admin_button ) { %> <%-- =========================================================== Collection Submitters =========================================================== --%> @@ -274,6 +279,7 @@ <% } %> +<% } %> <%-- =========================================================== Item template =========================================================== --%> @@ -288,6 +294,7 @@ <% } %> +<% if(admin_button ) { %> <%-- =========================================================== Edit collection's policies =========================================================== --%> @@ -297,7 +304,7 @@ - +<% } %>
     

    Submission Workflow

    diff --git a/dspace/jsp/dspace-admin/edit-community.jsp b/dspace/jsp/tools/edit-community.jsp similarity index 97% rename from dspace/jsp/dspace-admin/edit-community.jsp rename to dspace/jsp/tools/edit-community.jsp index 72252f27f3..f9312c1859 100644 --- a/dspace/jsp/dspace-admin/edit-community.jsp +++ b/dspace/jsp/tools/edit-community.jsp @@ -58,6 +58,8 @@ <% Community community = (Community) request.getAttribute("community"); int parentID = UIUtil.getIntParameter(request, "parent_community_id"); + Boolean admin_b = (Boolean)request.getAttribute("admin_button"); + boolean admin_button = (admin_b == null ? false : admin_b.booleanValue()); String name = ""; String shortDesc = ""; @@ -105,6 +107,7 @@ { %>

    Edit Community <%= community.getHandle() %>

    + <% if(admin_button ) { %>
    @@ -118,6 +121,7 @@
    + <% } %> <% } %> @@ -184,6 +188,7 @@ <% } %> + <% if(admin_button ) { %> <%-- =========================================================== Edit community's policies =========================================================== --%> @@ -193,6 +198,7 @@ + <% } %> diff --git a/dspace/src/org/dspace/app/webui/servlet/HandleServlet.java b/dspace/src/org/dspace/app/webui/servlet/HandleServlet.java index e8a2b95bc4..3ada600bb2 100644 --- a/dspace/src/org/dspace/app/webui/servlet/HandleServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/HandleServlet.java @@ -349,11 +349,25 @@ public class HandleServlet extends DSpaceServlet String[] itemLinks = getItemURLs(context, items); - // can they admin this collection? - if(AuthorizeManager.authorizeActionBoolean(context, community, Constants.WRITE)) + // is the user a COMMUNITY_EDITOR? + if(community.canEditBoolean()) { // set a variable to create an edit button - request.setAttribute("admin_button", new Boolean(true)); + request.setAttribute("editor_button", new Boolean(true)); + } + + // can they add to this community? + if(AuthorizeManager.authorizeActionBoolean(context, community, Constants.ADD)) + { + // set a variable to create an edit button + request.setAttribute("add_button", new Boolean(true)); + } + + // can they remove from this community? + if(AuthorizeManager.authorizeActionBoolean(context, community, Constants.REMOVE)) + { + // set a variable to create an edit button + request.setAttribute("remove_button", new Boolean(true)); } // Forward to community home page @@ -438,17 +452,17 @@ public class HandleServlet extends DSpaceServlet { subscribed = Subscribe.isSubscribed(context, e, collection); - // can they admin this collection? - if(AuthorizeManager.authorizeActionBoolean(context, collection, Constants.WRITE)) + // is the user a COLLECTION_EDITOR? + if(collection.canEditBoolean()) { // set a variable to create an edit button - request.setAttribute("admin_button", new Boolean(true)); + request.setAttribute("editor_button", new Boolean(true)); } - - // is the user a COLLECTION_EDITOR? + + // can they admin this collection? if(AuthorizeManager.authorizeActionBoolean(context, collection, Constants.COLLECTION_ADMIN)) { - request.setAttribute("editor_button", new Boolean(true)); + request.setAttribute("admin_button", new Boolean(true)); // give them a button to manage submitter list // what group is the submitter? diff --git a/dspace/src/org/dspace/app/webui/servlet/admin/CollectionWizardServlet.java b/dspace/src/org/dspace/app/webui/servlet/admin/CollectionWizardServlet.java index 0e156ba383..1694ef65d6 100644 --- a/dspace/src/org/dspace/app/webui/servlet/admin/CollectionWizardServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/admin/CollectionWizardServlet.java @@ -641,7 +641,7 @@ public class CollectionWizardServlet extends DSpaceServlet Community[] communities = collection.getCommunities(); request.setAttribute("community", communities[0]); } - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); break; } } diff --git a/dspace/src/org/dspace/app/webui/servlet/admin/EditCommunitiesServlet.java b/dspace/src/org/dspace/app/webui/servlet/admin/EditCommunitiesServlet.java index a57e668c69..4be5ad465e 100644 --- a/dspace/src/org/dspace/app/webui/servlet/admin/EditCommunitiesServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/admin/EditCommunitiesServlet.java @@ -59,12 +59,14 @@ import org.dspace.app.webui.util.FileUploadRequest; import org.dspace.app.webui.util.JSPManager; import org.dspace.app.webui.util.UIUtil; import org.dspace.authorize.AuthorizeException; +import org.dspace.authorize.AuthorizeManager; import org.dspace.content.Bitstream; import org.dspace.content.BitstreamFormat; import org.dspace.content.Collection; import org.dspace.content.Community; import org.dspace.content.FormatIdentifier; import org.dspace.content.Item; +import org.dspace.core.Constants; import org.dspace.core.Context; import org.dspace.core.LogManager; import org.dspace.eperson.Group; @@ -172,41 +174,46 @@ public class EditCommunitiesServlet extends DSpaceServlet showControls(context, request, response); return; } + if(AuthorizeManager.isAdmin(context)) + { + // set a variable to show all buttons + request.setAttribute("admin_button", new Boolean(true)); + } // Now proceed according to "action" parameter switch (action) { case START_EDIT_COMMUNITY: // Display the relevant "edit community" page - JSPManager.showJSP(request, response, "/dspace-admin/edit-community.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-community.jsp"); break; case START_DELETE_COMMUNITY: // Show "confirm delete" page JSPManager.showJSP(request, response, - "/dspace-admin/confirm-delete-community.jsp"); + "/tools/confirm-delete-community.jsp"); break; case START_CREATE_COMMUNITY: // Display edit community page with empty fields + create button - JSPManager.showJSP(request, response, "/dspace-admin/edit-community.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-community.jsp"); break; case START_EDIT_COLLECTION: // Display the relevant "edit collection" page - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); break; case START_DELETE_COLLECTION: // Show "confirm delete" page JSPManager.showJSP(request, response, - "/dspace-admin/confirm-delete-collection.jsp"); + "/tools/confirm-delete-collection.jsp"); break; case START_CREATE_COLLECTION: // Forward to collection creation wizard response.sendRedirect(response.encodeRedirectURL( - request.getContextPath() + "/dspace-admin/collection-wizard?community_id=" + + request.getContextPath() + "/tools/collection-wizard?community_id=" + community.getID())); break; @@ -335,7 +342,7 @@ public class EditCommunitiesServlet extends DSpaceServlet } else { - community = Community.create(context); + community = Community.create(null, context); } // Set attribute request.setAttribute("community", community); @@ -388,7 +395,7 @@ public class EditCommunitiesServlet extends DSpaceServlet community.update(); // Show edit page again - attributes set in doDSPost() - JSPManager.showJSP(request, response, "/dspace-admin/edit-community.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-community.jsp"); } else if(button.equals("submit_authorization_edit")) { @@ -491,7 +498,7 @@ public class EditCommunitiesServlet extends DSpaceServlet collection.setLogo(null); // Show edit page again - attributes set in doDSPost() - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); } else if(button.startsWith("submit_wf_create_")) { @@ -575,7 +582,7 @@ public class EditCommunitiesServlet extends DSpaceServlet g.delete(); // Show edit page again - attributes set in doDSPost() - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); } else if(button.equals("submit_create_template")) { @@ -584,7 +591,9 @@ public class EditCommunitiesServlet extends DSpaceServlet // Forward to edit page for new template item Item i = collection.getTemplateItem(); + i.setOwningCollection(collection); // have to update to avoid ref. integrity error + i.update(); collection.update(); context.complete(); response.sendRedirect(response.encodeRedirectURL( @@ -605,7 +614,7 @@ public class EditCommunitiesServlet extends DSpaceServlet collection.removeTemplateItem(); // Show edit page again - attributes set in doDSPost() - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); } else { @@ -675,7 +684,13 @@ public class EditCommunitiesServlet extends DSpaceServlet // Identify the format BitstreamFormat bf = FormatIdentifier.guessFormat(context, logoBS); logoBS.setFormat(bf); + AuthorizeManager.addPolicy(context, logoBS, Constants.WRITE, context.getCurrentUser()); logoBS.update(); + if(AuthorizeManager.isAdmin(context)) + { + // set a variable to show all buttons + request.setAttribute("admin_button", new Boolean(true)); + } if (collection == null) @@ -684,7 +699,7 @@ public class EditCommunitiesServlet extends DSpaceServlet // Show community edit page request.setAttribute("community", community); - JSPManager.showJSP(request, response, "/dspace-admin/edit-community.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-community.jsp"); } else { @@ -693,7 +708,7 @@ public class EditCommunitiesServlet extends DSpaceServlet request.setAttribute("collection", collection); request.setAttribute("community", community); - JSPManager.showJSP(request, response, "/dspace-admin/edit-collection.jsp"); + JSPManager.showJSP(request, response, "/tools/edit-collection.jsp"); } // Remove temp file diff --git a/dspace/src/org/dspace/app/webui/servlet/admin/GroupEditServlet.java b/dspace/src/org/dspace/app/webui/servlet/admin/GroupEditServlet.java index b0a65b64fb..3aa3ec0027 100644 --- a/dspace/src/org/dspace/app/webui/servlet/admin/GroupEditServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/admin/GroupEditServlet.java @@ -95,10 +95,12 @@ public class GroupEditServlet extends DSpaceServlet // is this user authorized to edit this group? AuthorizeManager.authorizeAction(c, group, Constants.ADD); - String button = UIUtil.getSubmitButton(request, "submit"); + boolean submit_edit = (request.getParameter("submit_edit") != null); + boolean submit_group_update = (request.getParameter("submit_group_update") != null); + boolean submit_group_delete = (request.getParameter("submit_group_delete") != null); // just chosen a group to edit - get group and pass it to group-edit.jsp - if( button.equals("submit_edit") ) + if( submit_edit && !submit_group_update && !submit_group_delete ) { request.setAttribute("group", group); request.setAttribute("members", group.getMembers()); @@ -106,7 +108,7 @@ public class GroupEditServlet extends DSpaceServlet JSPManager.showJSP(request, response, "/tools/group-edit.jsp" ); } // update the members of the group - else if( button.equals("submit_group_update") ) + else if( submit_group_update ) { // first off, did we change the group name? String newName = request.getParameter("group_name"); @@ -179,7 +181,7 @@ public class GroupEditServlet extends DSpaceServlet JSPManager.showJSP(request, response, "/tools/group-edit.jsp" ); c.complete(); } - else if( button.equals( "submit_group_delete" ) ) + else if( submit_group_delete ) { // bogus authorize, only admins can do this AuthorizeManager.authorizeAction(c, group, Constants.WRITE); diff --git a/dspace/src/org/dspace/content/Collection.java b/dspace/src/org/dspace/content/Collection.java index b88aa6c096..4ae2b48030 100644 --- a/dspace/src/org/dspace/content/Collection.java +++ b/dspace/src/org/dspace/content/Collection.java @@ -432,8 +432,12 @@ public class Collection extends DSpaceObject public Bitstream setLogo(InputStream is) throws AuthorizeException, IOException, SQLException { - // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + // Check authorisation + // authorized to remove the logo when DELETE rights + // authorized when canEdit + if (! (is == null && AuthorizeManager.authorizeActionBoolean(ourContext, this, Constants.DELETE)) ) { + canEdit(); + } // First, delete any existing logo if (!collectionRow.isColumnNull("logo_bitstream_id")) @@ -721,7 +725,7 @@ public class Collection extends DSpaceObject throws SQLException, AuthorizeException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + canEdit(); if (template == null) { @@ -750,7 +754,7 @@ public class Collection extends DSpaceObject throws SQLException, AuthorizeException, IOException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + canEdit(); collectionRow.setColumnNull("template_item_id"); DatabaseManager.update(ourContext, collectionRow); @@ -828,6 +832,12 @@ public class Collection extends DSpaceObject if (!tri.hasNext()) { + //make the right to remove the item explicit because the implicit relation + //has been removed. This only has to concern the currentUser because + //he started the removal process and he will end it too. + //also add right to remove from the item to remove it's bundles. + AuthorizeManager.addPolicy(ourContext, item, Constants.DELETE, ourContext.getCurrentUser()); + AuthorizeManager.addPolicy(ourContext, item, Constants.REMOVE, ourContext.getCurrentUser()); // Orphan; delete it item.delete(); } @@ -845,7 +855,7 @@ public class Collection extends DSpaceObject throws SQLException, IOException, AuthorizeException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + canEdit(); HistoryManager.saveHistory(ourContext, this, @@ -862,6 +872,29 @@ public class Collection extends DSpaceObject // reindex this collection (could be smarter, to only do when name changes) DSIndexer.reIndexContent(ourContext, this); } + + public boolean canEditBoolean() throws java.sql.SQLException { + try { + canEdit(); + return true; + } catch (AuthorizeException e) { + return false; + } + } + + public void canEdit() throws AuthorizeException, SQLException { + Community[] parents = getCommunities(); + for (int i = 0; i < parents.length; i++) { + if (AuthorizeManager.authorizeActionBoolean(ourContext, parents[i], Constants.WRITE)) { + return; + } + if (AuthorizeManager.authorizeActionBoolean(ourContext, parents[i], Constants.ADD)) { + return; + } + } + + AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + } /** diff --git a/dspace/src/org/dspace/content/Community.java b/dspace/src/org/dspace/content/Community.java index 67b1644461..c91fc95d85 100644 --- a/dspace/src/org/dspace/content/Community.java +++ b/dspace/src/org/dspace/content/Community.java @@ -177,11 +177,11 @@ public class Community extends DSpaceObject * * @return the newly created community */ - public static Community create(Context context) + public static Community create(Community parent, Context context) throws SQLException, AuthorizeException { - // Only administrators can create communities - if (!AuthorizeManager.isAdmin(context)) + // Only administrators and adders can create communities + if (!(AuthorizeManager.isAdmin(context) || AuthorizeManager.authorizeActionBoolean(context, parent, Constants.ADD)) ) { throw new AuthorizeException( "Only administrators can create communities"); @@ -381,7 +381,11 @@ public class Community extends DSpaceObject throws AuthorizeException, IOException, SQLException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + // authorized to remove the logo when DELETE rights + // authorized when canEdit + if (! (is == null && AuthorizeManager.authorizeActionBoolean(ourContext, this, Constants.DELETE)) ) { + canEdit(); + } // First, delete any existing logo if (logo != null) @@ -424,7 +428,7 @@ public class Community extends DSpaceObject throws SQLException, IOException, AuthorizeException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); + canEdit(); HistoryManager.saveHistory(ourContext, this, @@ -658,7 +662,7 @@ public class Community extends DSpaceObject // Check authorisation AuthorizeManager.authorizeAction(ourContext, this, Constants.ADD); - Community c = create(ourContext); + Community c = create(this, ourContext); addSubcommunity(c); return c; } @@ -725,6 +729,12 @@ public class Community extends DSpaceObject if (!tri.hasNext()) { + //make the right to remove the collection explicit because the implicit relation + //has been removed. This only has to concern the currentUser because + //he started the removal process and he will end it too. + //also add right to remove from the collection to remove it's items. + AuthorizeManager.addPolicy(ourContext, c, Constants.DELETE, ourContext.getCurrentUser()); + AuthorizeManager.addPolicy(ourContext, c, Constants.REMOVE, ourContext.getCurrentUser()); // Orphan; delete it c.delete(); } @@ -757,7 +767,13 @@ public class Community extends DSpaceObject if (!tri.hasNext()) { - // Orphan; delete it + //make the right to remove the sub explicit because the implicit relation + //has been removed. This only has to concern the currentUser because + //he started the removal process and he will end it too. + //also add right to remove from the subcommunity to remove it's children. + AuthorizeManager.addPolicy(ourContext, c, Constants.DELETE, ourContext.getCurrentUser()); + AuthorizeManager.addPolicy(ourContext, c, Constants.REMOVE, ourContext.getCurrentUser()); + // Orphan; delete it c.delete(); } } @@ -771,8 +787,15 @@ public class Community extends DSpaceObject throws SQLException, AuthorizeException, IOException { // Check authorisation - AuthorizeManager.authorizeAction(ourContext, this, Constants.DELETE); - + // FIXME: If this was a subcommunity, it is first removed from it's parent. + // This means the parentCommunity == null + // But since this is also the case for top-level communities, we would + // give everyone rights to remove the top-level communities. + // The same problem occurs in removing the logo + if (! AuthorizeManager.authorizeActionBoolean(ourContext, getParentCommunity(), Constants.REMOVE) ) { + AuthorizeManager.authorizeAction(ourContext, this, Constants.DELETE); + } + // If not a top-level community, have parent remove me; this // will call delete() after removing the linkage Community parent = getParentCommunity(); @@ -858,15 +881,26 @@ public class Community extends DSpaceObject * * @return boolean true = current user can edit community */ - public boolean canEdit() - throws java.sql.SQLException - { - // can this person write to the community? - if( AuthorizeManager.authorizeActionBoolean(ourContext, this, Constants.WRITE) ) - { - return true; - } - - return false; + public boolean canEditBoolean() throws java.sql.SQLException { + try { + canEdit(); + return true; + } catch (AuthorizeException e) { + return false; + } + } + + public void canEdit() throws AuthorizeException, SQLException { + Community[] parents = getAllParents(); + for (int i = 0; i < parents.length; i++) { + if (AuthorizeManager.authorizeActionBoolean(ourContext, parents[i], Constants.WRITE)) { + return; + } + if (AuthorizeManager.authorizeActionBoolean(ourContext, parents[i], Constants.ADD)) { + return; + } + } + + AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); } } diff --git a/dspace/src/org/dspace/content/Item.java b/dspace/src/org/dspace/content/Item.java index d17812546b..bdcfe78e90 100644 --- a/dspace/src/org/dspace/content/Item.java +++ b/dspace/src/org/dspace/content/Item.java @@ -986,6 +986,12 @@ public class Item extends DSpaceObject if (!tri.hasNext()) { + //make the right to remove the bundle explicit because the implicit relation + //has been removed. This only has to concern the currentUser because + //he started the removal process and he will end it too. + //also add right to remove from the bundle to remove it's bitstreams. + AuthorizeManager.addPolicy(ourContext, b, Constants.DELETE, ourContext.getCurrentUser()); + AuthorizeManager.addPolicy(ourContext, b, Constants.REMOVE, ourContext.getCurrentUser()); // The bundle is an orphan, delete it b.delete(); } @@ -1157,7 +1163,7 @@ public class Item extends DSpaceObject // Check authorisation // only do write authorization if user is not an editor - if( !AuthorizeManager.authorizeActionBoolean(ourContext, getOwningCollection(), Constants.COLLECTION_ADMIN) ) + if( !canEdit() ) { AuthorizeManager.authorizeAction(ourContext, this, Constants.WRITE); } @@ -1724,6 +1730,12 @@ public class Item extends DSpaceObject return true; } + // is this person an COLLECTION_EDITOR for the owning collection? + if( getOwningCollection().canEditBoolean()) + { + return true; + } + // is this person an COLLECTION_EDITOR for the owning collection? if( AuthorizeManager.authorizeActionBoolean(ourContext, getOwningCollection(), Constants.COLLECTION_ADMIN))