Fix authentication problem in SwordV2 implementation (DS-3310).

2025-10-16 06:23:10 +00:00 · 2018-01-04 10:59:35 +01:00
parent 258b4f00e9
commit bda2f8709c
2 changed files with 69 additions and 51 deletions
--- a/dspace-api/src/main/java/org/dspace/content/Item.java
+++ b/dspace-api/src/main/java/org/dspace/content/Item.java
@@ -271,6 +271,31 @@ public class Item extends DSpaceObject implements DSpaceObjectLegacySupport
        return bundles;
    }

+    /**
+     * Get the bundles matching a bundle name (name corresponds roughly to type)
+     *
+     * @param name
+     *            name of bundle (ORIGINAL/TEXT/THUMBNAIL)
+     *
+     * @return the bundles in an unordered array
+     */
+    public List<Bundle> getBundles(String name)
+    {
+        List<Bundle> matchingBundles = new ArrayList<Bundle>();
+
+        // now only keep bundles with matching names
+        List<Bundle> bunds = getBundles();
+        for (Bundle bundle : bunds)
+        {
+            if (name.equals(bundle.getName()))
+            {
+                matchingBundles.add(bundle);
+            }
+        }
+
+        return matchingBundles;
+    }
+
    /**
     * Add a bundle to the item, should not be made public since we don't want to skip business logic
     * @param bundle the bundle to be added
--- a/dspace-swordv2/src/main/java/org/dspace/sword2/SwordAuthenticator.java
+++ b/dspace-swordv2/src/main/java/org/dspace/sword2/SwordAuthenticator.java
@@ -765,7 +765,7 @@ public class SwordAuthenticator
                }

                // get the "ORIGINAL" bundle(s)
-                List<Bundle> bundles = item.getBundles();
+                List<Bundle> bundles = item.getBundles(Constants.CONTENT_BUNDLE_NAME);

                // look up the READ policy on the community.  This will include determining if the user is an administrator
                // so we do not need to check that separately
@@ -785,9 +785,6 @@ public class SwordAuthenticator
                    else
                    {
                        for (Bundle bundle : bundles)
-                        {
-                            if (Constants.CONTENT_BUNDLE_NAME
-                                    .equals(bundle.getName()))
                        {
                            add = authorizeService.authorizeActionBoolean(
                                    swordContext.getAuthenticatorContext(),
@@ -798,7 +795,6 @@ public class SwordAuthenticator
                            }
                        }
                    }
-                    }

                    authAllowed = write && add;
                }
@@ -966,7 +962,7 @@ public class SwordAuthenticator
                    .authorizeActionBoolean(allowContext, item,
                            Constants.WRITE);

-            List<Bundle> bundles = item.getBundles();
+            List<Bundle> bundles = item.getBundles(Constants.CONTENT_BUNDLE_NAME);
            boolean add = false;
            if (bundles.isEmpty())
            {
@@ -977,8 +973,6 @@ public class SwordAuthenticator
            else
            {
                for (Bundle bundle : bundles)
-                {
-                    if (Constants.CONTENT_BUNDLE_NAME.equals(bundle.getName()))
                {
                    add = authorizeService
                            .authorizeActionBoolean(allowContext, bundle,
@@ -989,7 +983,6 @@ public class SwordAuthenticator
                    }
                }
            }
-            }

            boolean allowed = write && add;
            return allowed;