hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 10:04:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

added authorization check for license bitstream in OAI import

Browse Source
This commit is contained in:
nwoodward
2023-09-18 16:19:52 -05:00
parent 1d4c441cea
commit 4917badceb
1 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
dspace-oai/src/main/java/org/dspace/xoai/util/ItemUtils.java
View File

@@ -21,6 +21,8 @@ import org.apache.logging.log4j.Logger;
import org.dspace.app.util.factory.UtilServiceFactory; import org.dspace.app.util.factory.UtilServiceFactory;
import org.dspace.app.util.service.MetadataExposureService; import org.dspace.app.util.service.MetadataExposureService;
import org.dspace.authorize.AuthorizeException; import org.dspace.authorize.AuthorizeException;
import org.dspace.authorize.factory.AuthorizeServiceFactory;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.content.Bitstream; import org.dspace.content.Bitstream;
import org.dspace.content.Bundle; import org.dspace.content.Bundle;
import org.dspace.content.Item; import org.dspace.content.Item;
@@ -59,6 +61,10 @@ public class ItemUtils {
private static final ConfigurationService configurationService private static final ConfigurationService configurationService
= DSpaceServicesFactory.getInstance().getConfigurationService(); = DSpaceServicesFactory.getInstance().getConfigurationService();
private static final AuthorizeService authorizeService
= AuthorizeServiceFactory.getInstance().getAuthorizeService();
/** /**
* Default constructor * Default constructor
*/ */
@@ -163,13 +169,17 @@ public class ItemUtils {
List<Bitstream> licBits = licBundle.getBitstreams(); List<Bitstream> licBits = licBundle.getBitstreams();
if (!licBits.isEmpty()) { if (!licBits.isEmpty()) {
Bitstream licBit = licBits.get(0); Bitstream licBit = licBits.get(0);
InputStream in; if (authorizeService.authorizeActionBoolean(context, licBit, Constants.READ)) {
InputStream in;
in = bitstreamService.retrieve(context, licBit);
ByteArrayOutputStream out = new ByteArrayOutputStream();
Utils.bufferedCopy(in, out);
license.getField().add(createValue("bin", Base64Utils.encode(out.toString())));
in = bitstreamService.retrieve(context, licBit);
ByteArrayOutputStream out = new ByteArrayOutputStream();
Utils.bufferedCopy(in, out);
license.getField().add(createValue("bin", Base64Utils.encode(out.toString())));
} else {
log.info("Missing READ rights for license bitstream. Did not include license bitstream for item: "
+ item.getID() + ".");
}
} }
} }
return license; return license;