Changeset 33733
- Timestamp:
- 2019-12-02T13:43:01+13:00 (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/action/DepositorAction.java
r33731 r33733 30 30 import org.w3c.dom.Element; 31 31 import org.w3c.dom.Node; 32 import org.w3c.dom.NodeList; 32 33 33 34 import com.google.gson.Gson; … … 79 80 80 81 if (collection !=null && !collection.equals("")) { 81 if (!userHasCollectionEditPermission s(collection, uc)) {82 if (!userHasCollectionEditPermission(collection, uc)) { 82 83 // we need to reset back to empty subaction here 83 84 request.setAttribute("subaction", ""); 84 logger.error("found collection "+collection+", need to check user groups");85 85 GSXML.addError(response, "You are not in the right group to access this collection. Please log in as a different user."); 86 return responseMessage;86 return responseMessage; 87 87 88 88 } … … 399 399 response.appendChild(depositorPage); 400 400 401 Element collList = getCollectionsInSite (doc);401 Element collList = getCollectionsInSiteForUser(uc); 402 402 depositorPage.appendChild(doc.importNode(collList, true)); 403 403 } … … 406 406 } 407 407 408 public Element getCollectionsInSite(Document doc) 409 { 410 Element message = doc.createElement(GSXML.MESSAGE_ELEM); 411 Element request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_DESCRIBE, "", new UserContext()); 412 message.appendChild(request); 413 Element responseMessage = (Element) this.mr.process(message); 414 415 Element response = (Element) GSXML.getChildByTagName(responseMessage, GSXML.RESPONSE_ELEM); 416 Element collectionList = (Element) GSXML.getChildByTagName(response, GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 417 418 return collectionList; 408 409 public Element getCollectionsInSiteForUser(UserContext uc) 410 { 411 Document doc = XMLConverter.newDOM(); 412 Element message = doc.createElement(GSXML.MESSAGE_ELEM); 413 Element request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_DESCRIBE, "", new UserContext()); 414 message.appendChild(request); 415 Element responseMessage = (Element) this.mr.process(message); 416 417 Element response = (Element) GSXML.getChildByTagName(responseMessage, GSXML.RESPONSE_ELEM); 418 Element collectionList = (Element) GSXML.getChildByTagName(response, GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 419 420 Element validCollectionList = doc.createElement(GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER); 421 422 NodeList collections = GSXML.getChildrenByTagName(collectionList, GSXML.COLLECTION_ELEM); 423 for (int i = 0; i < collections.getLength(); i++) { 424 String coll_name = ((Element)collections.item(i)).getAttribute(GSXML.NAME_ATT); 425 if (userHasCollectionEditPermission(coll_name, uc)) { 426 // only add to the new list if the user has edit permission 427 validCollectionList.appendChild(doc.importNode(collections.item(i), true)); 428 429 } 419 430 } 431 432 return validCollectionList; 433 } 420 434 421 435 // collection must be non-null and non-empty 422 protected boolean userHasCollectionEditPermission s(String collection, UserContext user_context) {436 protected boolean userHasCollectionEditPermission(String collection, UserContext user_context) { 423 437 424 438 for (String group : user_context.getGroups()) {
Note:
See TracChangeset
for help on using the changeset viewer.