- Timestamp:
- 2015-05-12T21:47:35+12:00 (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/GS2Construct.java
r28966 r29869 24 24 import java.io.Serializable; 25 25 import java.util.Collections; 26 import java.util.Iterator; 27 import java.util.Map.Entry; 26 28 import java.util.HashMap; 27 29 import java.util.Map; 30 import java.util.Set; 28 31 29 32 import org.apache.log4j.Logger; … … 63 66 private static final String DELETE_SERVICE = "DeleteCollection"; 64 67 private static final String RELOAD_SERVICE = "ReloadCollection"; 68 private static final String SET_METADATA_SERVICE = "SetMetadata"; 65 69 66 70 // params used … … 120 124 param_list.appendChild(param); 121 125 } 122 else if (service.equals(ACTIVATE_SERVICE) || service.equals(IMPORT_SERVICE) || service.equals(BUILD_SERVICE) || service.equals(RELOAD_SERVICE) || service.equals(DELETE_SERVICE) )126 else if (service.equals(ACTIVATE_SERVICE) || service.equals(IMPORT_SERVICE) || service.equals(BUILD_SERVICE) || service.equals(RELOAD_SERVICE) || service.equals(DELETE_SERVICE) || service.equals(SET_METADATA_SERVICE)) 123 127 { 124 128 … … 140 144 protected Element processNewCollection(Element request) 141 145 { 142 return runCommand(request, GS2PerlConstructor.NEW); 146 if (!userHasCollectionEditPermissions(request)) { 147 Document result_doc = XMLConverter.newDOM(); 148 Element result = GSXML.createBasicResponse(result_doc, "processNewCollection"); 149 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 150 return result; 151 } 152 return runCommand(request, GS2PerlConstructor.NEW); 143 153 } 144 154 … … 146 156 protected Element processAddDocument(Element request) 147 157 { 158 if (!userHasCollectionEditPermissions(request)) { 159 Document result_doc = XMLConverter.newDOM(); 160 Element result = GSXML.createBasicResponse(result_doc, "processAddDocument"); 161 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 162 return result; 163 } 164 148 165 Document result_doc = XMLConverter.newDOM(); 149 166 // decode the file name, add it to the import directory … … 163 180 protected Element processBuildAndActivateCollection(Element request) 164 181 { 165 182 // check permissions 183 if (!userHasCollectionEditPermissions(request)) { 184 Document result_doc = XMLConverter.newDOM(); 185 Element result = GSXML.createBasicResponse(result_doc, "processBuildAndActivateCollection"); 186 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 187 return result; 188 } 189 166 190 waitUntilReady(request); 167 191 Element buildResponse = processBuildCollection(request); … … 197 221 protected Element processImportCollection(Element request) 198 222 { 223 if (!userHasCollectionEditPermissions(request)) { 224 Document result_doc = XMLConverter.newDOM(); 225 Element result = GSXML.createBasicResponse(result_doc, "processImportCollection"); 226 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 227 return result; 228 } 229 199 230 Element param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER); 200 231 HashMap<String, Serializable> params = GSXML.extractParams(param_list, false); … … 260 291 protected Element processBuildCollection(Element request) 261 292 { 293 if (!userHasCollectionEditPermissions(request)) { 294 Document result_doc = XMLConverter.newDOM(); 295 Element result = GSXML.createBasicResponse(result_doc, "processBuildCollection"); 296 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 297 return result; 298 } 299 262 300 return runCommand(request, GS2PerlConstructor.BUILD); 263 301 } 264 302 303 protected Element processSetMetadata(Element request) 304 { 305 if (!userHasCollectionEditPermissions(request)) { 306 Document result_doc = XMLConverter.newDOM(); 307 Element result = GSXML.createBasicResponse(result_doc, "processSetMetadata"); 308 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 309 return result; 310 } 311 312 return runCommand(request, GS2PerlConstructor.SET_METADATA_SERVER); 313 } 314 265 315 protected Element processActivateCollection(Element request) 266 316 { 317 318 if (!userHasCollectionEditPermissions(request)) { 319 Document result_doc = XMLConverter.newDOM(); 320 Element result = GSXML.createBasicResponse(result_doc, "processActivateCollection"); 321 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 322 return result; 323 } 324 267 325 // this activates the collection on disk. but now we need to tell 268 326 // the MR about it. but we have to wait until the process is finished. … … 334 392 protected Element processDeleteCollection(Element request) 335 393 { 394 if (!userHasCollectionEditPermissions(request)) { 395 Document result_doc = XMLConverter.newDOM(); 396 Element result = GSXML.createBasicResponse(result_doc, "processDeleteCollection"); 397 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 398 return result; 399 } 400 336 401 Document result_doc = XMLConverter.newDOM(); 337 402 // the response to send back … … 391 456 protected Element processReloadCollection(Element request) 392 457 { 458 if (!userHasCollectionEditPermissions(request)) { 459 Document result_doc = XMLConverter.newDOM(); 460 Element result = GSXML.createBasicResponse(result_doc, "processReloadCollection"); 461 GSXML.addError(result, "This user does not have the required permissions to perform this action."); 462 return result; 463 } 464 393 465 Document result_doc = XMLConverter.newDOM(); 394 466 // the response to send back … … 539 611 //this.short_service_info.appendChild(e); 540 612 613 e = this.desc_doc.createElement(GSXML.SERVICE_ELEM); 614 e.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS); 615 e.setAttribute(GSXML.NAME_ATT, SET_METADATA_SERVICE); 616 this.short_service_info.appendChild(e); 617 541 618 return true; 542 619 } … … 592 669 } 593 670 594 // do t ehactual command671 // do the actual command 595 672 String coll_name = null; 596 673 if (type == GS2PerlConstructor.NEW) … … 624 701 { 625 702 constructor.setManifestFile(this.site_home + File.separator + "collect" + File.separator + params.get(COL_PARAM) + File.separator + "manifests" + File.separator + "tempManifest.xml"); 703 } 704 else if (type == GS2PerlConstructor.SET_METADATA_SERVER) { 705 StringBuffer querystring = new StringBuffer(); 706 707 // convert params into a single string again? 708 Set<Map.Entry<String, Serializable>> entries = params.entrySet(); 709 Iterator<Map.Entry<String, Serializable>> i = entries.iterator(); 710 while(i.hasNext()) { 711 712 Map.Entry<String, Serializable> entry = i.next(); 713 String paramname = entry.getKey(); 714 paramname = paramname.replace("s1.", ""); // replaces all occurrences 715 if(paramname.equals("collection")) { 716 paramname = "c"; 717 } 718 String paramvalue = (String)entry.getValue(); 719 720 querystring.append(paramname + "=" + paramvalue); 721 if(i.hasNext()) { 722 querystring.append("&"); 723 } 724 } 725 constructor.setQueryString(querystring.toString()); 626 726 } 627 727 … … 805 905 return false; 806 906 } 907 908 909 /** Copy from DebugService.userHasEditPermissions 910 This function checks that the user is logged in and that the user 911 is in the right group to edit the collection */ 912 protected boolean userHasCollectionEditPermissions(Element request) { 913 Element param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER); 914 HashMap<String, Serializable> params = GSXML.extractParams(param_list, false); 915 String collection = (String) params.get(COL_PARAM); // could be null on newcoll operation 916 917 UserContext context = new UserContext(request); 918 if(collection == null) { 919 return !context.getUsername().equals(""); 920 } 921 for (String group : context.getGroups()) { 922 // administrator always has permission 923 if (group.equals("administrator")) { 924 return true; 925 } 926 // all-collections-editor can edit any collection 927 if (!collection.equals("")) { 928 if (group.equals("all-collections-editor")) { 929 return true; 930 } 931 if (group.equals(collection+"-collection-editor")) { 932 return true; 933 } 934 } 935 } 936 // haven't found a group with edit permissions 937 return false; 938 939 } 807 940 }
Note:
See TracChangeset
for help on using the changeset viewer.