hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-14 21:43:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

DS-1814: Don't allow submitters to update all of their own items

Browse Source
This commit is contained in:
Pascal-Nicolas Becker
2016-05-20 19:05:10 +02:00
parent 701d4ba6b1
commit c4ee71a800
3 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dspace-api/src/main/java/org/dspace/content/ItemServiceImpl.java
View File

@@ -408,7 +408,7 @@ public class ItemServiceImpl extends DSpaceObjectServiceImpl<Item> implements It
public void update(Context context, Item item) throws SQLException, AuthorizeException {
// Check authorisation
// only do write authorization if user is not an editor
if (!canEdit(context, item) && !canCreateNewVersion(context, item))
if (!canEdit(context, item))
{
authorizeService.authorizeAction(context, item, Constants.WRITE);
}

15
dspace-api/src/main/java/org/dspace/versioning/DefaultItemVersionProvider.java
View File

@@ -23,6 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import org.dspace.authorize.ResourcePolicy;
import org.dspace.versioning.service.VersioningService;
import org.dspace.workflow.WorkflowItemService;
/**
*
@@ -39,6 +40,8 @@ public class DefaultItemVersionProvider extends AbstractVersionProvider implemen
@Autowired(required = true)
protected WorkspaceItemService workspaceItemService;
@Autowired(required = true)
protected WorkflowItemService workflowItemService;
@Autowired(required = true)
protected VersionHistoryService versionHistoryService;
@Autowired(required = true)
protected VersioningService versioningService;
@@ -69,11 +72,21 @@ public class DefaultItemVersionProvider extends AbstractVersionProvider implemen
if(versionHistoryService.isLastVersion(c, history, versionToDelete)
&& versioningService.getVersionsByHistory(c, history).size() > 1)
{
// reset the previous version to archived
// if a new version gets archived, the old one is set to false.
// we need to do the oposite now, if the old version was previously
// unarchived. If the old version is still archived, the new
// version is a WorkspaceItem or WorkflowItem we should skip this,
// as unarchiving of previous versions is done only when a newer
// version gets archived.
Item item = versionHistoryService.getPrevious(c, history, versionToDelete).getItem();
if (!item.isArchived()
|| workspaceItemService.findByItem(c, versionToDelete.getItem()) != null
|| workflowItemService.findByItem(c, versionToDelete.getItem()) != null)
{
item.setArchived(true);
itemService.update(c, item);
}
}
// assign tombstone to the Identifier and reset canonical to the previous version only if there is a previous version
Item itemToDelete=versionToDelete.getItem();

13
dspace-api/src/main/java/org/dspace/versioning/VersioningServiceImpl.java
View File

@@ -22,6 +22,8 @@ import org.springframework.beans.factory.annotation.Required;
import java.sql.SQLException;
import java.util.Date;
import java.util.List;
import org.dspace.content.WorkspaceItem;
import org.dspace.content.service.WorkspaceItemService;
/**
*
@@ -39,6 +41,8 @@ public class VersioningServiceImpl implements VersioningService {
protected VersionDAO versionDAO;
@Autowired(required = true)
private ItemService itemService;
@Autowired(required = true)
private WorkspaceItemService workspaceItemService;
private DefaultItemVersionProvider provider;
@Required
@@ -129,8 +133,17 @@ public class VersioningServiceImpl implements VersioningService {
// Completely delete the item
if (item != null) {
// DS-1814 introduce the possibility that submitter can create
// new versions. To avoid authorithation problems we need to
// check whether a corresponding workspaceItem exists.
WorkspaceItem wsi = workspaceItemService.findByItem(c, item);
if (wsi != null)
{
workspaceItemService.deleteAll(c, wsi);
} else {
itemService.delete(c, item);
}
}
}catch (Exception e) {
c.abort();
throw new RuntimeException(e.getMessage(), e);