hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-16 22:43:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix authentication problem in SwordV2 implementation (DS-3310).

Browse Source
This commit is contained in:
gressho
2018-01-04 10:59:35 +01:00
parent 258b4f00e9
commit bda2f8709c
2 changed files with 69 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
dspace-api/src/main/java/org/dspace/content/Item.java
View File

@@ -271,6 +271,31 @@ public class Item extends DSpaceObject implements DSpaceObjectLegacySupport
return bundles; return bundles;
} }
/**
* Get the bundles matching a bundle name (name corresponds roughly to type)
*
* @param name
* name of bundle (ORIGINAL/TEXT/THUMBNAIL)
*
* @return the bundles in an unordered array
*/
public List<Bundle> getBundles(String name)
{
List<Bundle> matchingBundles = new ArrayList<Bundle>();
// now only keep bundles with matching names
List<Bundle> bunds = getBundles();
for (Bundle bundle : bunds)
{
if (name.equals(bundle.getName()))
{
matchingBundles.add(bundle);
}
}
return matchingBundles;
}
/** /**
* Add a bundle to the item, should not be made public since we don't want to skip business logic * Add a bundle to the item, should not be made public since we don't want to skip business logic
* @param bundle the bundle to be added * @param bundle the bundle to be added

11
dspace-swordv2/src/main/java/org/dspace/sword2/SwordAuthenticator.java
View File

@@ -765,7 +765,7 @@ public class SwordAuthenticator
} }
// get the "ORIGINAL" bundle(s) // get the "ORIGINAL" bundle(s)
List<Bundle> bundles = item.getBundles(); List<Bundle> bundles = item.getBundles(Constants.CONTENT_BUNDLE_NAME);
// look up the READ policy on the community. This will include determining if the user is an administrator // look up the READ policy on the community. This will include determining if the user is an administrator
// so we do not need to check that separately // so we do not need to check that separately
@@ -785,9 +785,6 @@ public class SwordAuthenticator
else else
{ {
for (Bundle bundle : bundles) for (Bundle bundle : bundles)
{
if (Constants.CONTENT_BUNDLE_NAME
.equals(bundle.getName()))
{ {
add = authorizeService.authorizeActionBoolean( add = authorizeService.authorizeActionBoolean(
swordContext.getAuthenticatorContext(), swordContext.getAuthenticatorContext(),
@@ -798,7 +795,6 @@ public class SwordAuthenticator
} }
} }
} }
}
authAllowed = write && add; authAllowed = write && add;
} }
@@ -966,7 +962,7 @@ public class SwordAuthenticator
.authorizeActionBoolean(allowContext, item, .authorizeActionBoolean(allowContext, item,
Constants.WRITE); Constants.WRITE);
List<Bundle> bundles = item.getBundles(); List<Bundle> bundles = item.getBundles(Constants.CONTENT_BUNDLE_NAME);
boolean add = false; boolean add = false;
if (bundles.isEmpty()) if (bundles.isEmpty())
{ {
@@ -977,8 +973,6 @@ public class SwordAuthenticator
else else
{ {
for (Bundle bundle : bundles) for (Bundle bundle : bundles)
{
if (Constants.CONTENT_BUNDLE_NAME.equals(bundle.getName()))
{ {
add = authorizeService add = authorizeService
.authorizeActionBoolean(allowContext, bundle, .authorizeActionBoolean(allowContext, bundle,
@@ -989,7 +983,6 @@ public class SwordAuthenticator
} }
} }
} }
}
boolean allowed = write && add; boolean allowed = write && add;
return allowed; return allowed;