hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-15 05:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

DS-1814: Don't allow submitters to update all of their own items

Browse Source
This commit is contained in:
Pascal-Nicolas Becker
2016-05-20 19:05:10 +02:00
parent 701d4ba6b1
commit c4ee71a800
3 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dspace-api/src/main/java/org/dspace/content/ItemServiceImpl.java
View File

@@ -408,7 +408,7 @@ public class ItemServiceImpl extends DSpaceObjectServiceImpl<Item> implements It
public void update(Context context, Item item) throws SQLException, AuthorizeException { public void update(Context context, Item item) throws SQLException, AuthorizeException {
// Check authorisation // Check authorisation
// only do write authorization if user is not an editor // only do write authorization if user is not an editor
if (!canEdit(context, item) && !canCreateNewVersion(context, item)) if (!canEdit(context, item))
{ {
authorizeService.authorizeAction(context, item, Constants.WRITE); authorizeService.authorizeAction(context, item, Constants.WRITE);
} }

19
dspace-api/src/main/java/org/dspace/versioning/DefaultItemVersionProvider.java
View File

@@ -23,6 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger; import org.apache.log4j.Logger;
import org.dspace.authorize.ResourcePolicy; import org.dspace.authorize.ResourcePolicy;
import org.dspace.versioning.service.VersioningService; import org.dspace.versioning.service.VersioningService;
import org.dspace.workflow.WorkflowItemService;
/** /**
* *
@@ -39,6 +40,8 @@ public class DefaultItemVersionProvider extends AbstractVersionProvider implemen
@Autowired(required = true) @Autowired(required = true)
protected WorkspaceItemService workspaceItemService; protected WorkspaceItemService workspaceItemService;
@Autowired(required = true) @Autowired(required = true)
protected WorkflowItemService workflowItemService;
@Autowired(required = true)
protected VersionHistoryService versionHistoryService; protected VersionHistoryService versionHistoryService;
@Autowired(required = true) @Autowired(required = true)
protected VersioningService versioningService; protected VersioningService versioningService;
@@ -69,10 +72,20 @@ public class DefaultItemVersionProvider extends AbstractVersionProvider implemen
if(versionHistoryService.isLastVersion(c, history, versionToDelete) if(versionHistoryService.isLastVersion(c, history, versionToDelete)
&& versioningService.getVersionsByHistory(c, history).size() > 1) && versioningService.getVersionsByHistory(c, history).size() > 1)
{ {
// reset the previous version to archived // if a new version gets archived, the old one is set to false.
// we need to do the oposite now, if the old version was previously
// unarchived. If the old version is still archived, the new
// version is a WorkspaceItem or WorkflowItem we should skip this,
// as unarchiving of previous versions is done only when a newer
// version gets archived.
Item item = versionHistoryService.getPrevious(c, history, versionToDelete).getItem(); Item item = versionHistoryService.getPrevious(c, history, versionToDelete).getItem();
item.setArchived(true); if (!item.isArchived()
itemService.update(c, item); || workspaceItemService.findByItem(c, versionToDelete.getItem()) != null
|| workflowItemService.findByItem(c, versionToDelete.getItem()) != null)
{
item.setArchived(true);
itemService.update(c, item);
}
} }
// assign tombstone to the Identifier and reset canonical to the previous version only if there is a previous version // assign tombstone to the Identifier and reset canonical to the previous version only if there is a previous version

15
dspace-api/src/main/java/org/dspace/versioning/VersioningServiceImpl.java
View File

@@ -22,6 +22,8 @@ import org.springframework.beans.factory.annotation.Required;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import org.dspace.content.WorkspaceItem;
import org.dspace.content.service.WorkspaceItemService;
/** /**
* *
@@ -39,6 +41,8 @@ public class VersioningServiceImpl implements VersioningService {
protected VersionDAO versionDAO; protected VersionDAO versionDAO;
@Autowired(required = true) @Autowired(required = true)
private ItemService itemService; private ItemService itemService;
@Autowired(required = true)
private WorkspaceItemService workspaceItemService;
private DefaultItemVersionProvider provider; private DefaultItemVersionProvider provider;
@Required @Required
@@ -129,7 +133,16 @@ public class VersioningServiceImpl implements VersioningService {
// Completely delete the item // Completely delete the item
if (item != null) { if (item != null) {
itemService.delete(c, item); // DS-1814 introduce the possibility that submitter can create
// new versions. To avoid authorithation problems we need to
// check whether a corresponding workspaceItem exists.
WorkspaceItem wsi = workspaceItemService.findByItem(c, item);
if (wsi != null)
{
workspaceItemService.deleteAll(c, wsi);
} else {
itemService.delete(c, item);
}
} }
}catch (Exception e) { }catch (Exception e) {
c.abort(); c.abort();