Changeset 33733

Show
Ignore:
Timestamp:
02.12.2019 13:43:01 (5 days ago)
Author:
kjdon
Message:

on the first page of depositor, only show the list of collections the logged in user has edit access for.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/src/java/org/greenstone/gsdl3/action/DepositorAction.java

    r33731 r33733  
    3030import org.w3c.dom.Element; 
    3131import org.w3c.dom.Node; 
     32import org.w3c.dom.NodeList; 
    3233 
    3334import com.google.gson.Gson; 
     
    7980 
    8081        if (collection !=null && !collection.equals("")) { 
    81           if (!userHasCollectionEditPermissions(collection, uc)) { 
     82          if (!userHasCollectionEditPermission(collection, uc)) { 
    8283            // we need to reset back to empty subaction here             
    8384            request.setAttribute("subaction", ""); 
    84             logger.error("found collection "+collection+", need to check user groups"); 
    8585            GSXML.addError(response, "You are not in the right group to access this collection. Please log in as a different user."); 
    86           return responseMessage; 
     86            return responseMessage; 
    8787           
    8888          } 
     
    399399            response.appendChild(depositorPage); 
    400400 
    401             Element collList = getCollectionsInSite(doc); 
     401            Element collList = getCollectionsInSiteForUser(uc); 
    402402            depositorPage.appendChild(doc.importNode(collList, true)); 
    403403        } 
     
    406406    } 
    407407 
    408     public Element getCollectionsInSite(Document doc)  
    409     { 
    410         Element message = doc.createElement(GSXML.MESSAGE_ELEM); 
    411         Element request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_DESCRIBE, "", new UserContext()); 
    412         message.appendChild(request); 
    413         Element responseMessage = (Element) this.mr.process(message); 
    414  
    415         Element response = (Element) GSXML.getChildByTagName(responseMessage, GSXML.RESPONSE_ELEM); 
    416         Element collectionList = (Element) GSXML.getChildByTagName(response, GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 
    417  
    418         return collectionList; 
     408     
     409    public Element getCollectionsInSiteForUser(UserContext uc)  
     410    { 
     411    Document doc = XMLConverter.newDOM(); 
     412    Element message = doc.createElement(GSXML.MESSAGE_ELEM); 
     413    Element request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_DESCRIBE, "", new UserContext()); 
     414    message.appendChild(request); 
     415    Element responseMessage = (Element) this.mr.process(message); 
     416     
     417    Element response = (Element) GSXML.getChildByTagName(responseMessage, GSXML.RESPONSE_ELEM); 
     418    Element collectionList = (Element) GSXML.getChildByTagName(response, GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 
     419     
     420    Element validCollectionList = doc.createElement(GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 
     421 
     422    NodeList collections = GSXML.getChildrenByTagName(collectionList, GSXML.COLLECTION_ELEM); 
     423    for (int i = 0; i < collections.getLength(); i++) { 
     424        String coll_name = ((Element)collections.item(i)).getAttribute(GSXML.NAME_ATT); 
     425        if (userHasCollectionEditPermission(coll_name, uc)) { 
     426        // only add to the new list if the user has edit permission 
     427        validCollectionList.appendChild(doc.importNode(collections.item(i), true)); 
     428         
     429        } 
    419430    } 
     431     
     432    return validCollectionList; 
     433    } 
    420434 
    421435  // collection must be non-null and non-empty 
    422   protected boolean userHasCollectionEditPermissions(String collection, UserContext user_context) { 
     436  protected boolean userHasCollectionEditPermission(String collection, UserContext user_context) { 
    423437 
    424438    for (String group : user_context.getGroups()) {