(Part of #1380) IP groups are now honored by the dataset page

IQSS · Aug 4, 2016 · affb6b3 · affb6b3
1 parent 2ee3fad
commit affb6b3
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 39 deletions.
diff --git a/scripts/issues/1380/keys.txt b/scripts/issues/1380/keys.txt
@@ -1,3 +1,3 @@
-Keys for Pete and Uma. Produced by running setup-all.sh from the /scripts/api folder.
+Keys for P e t e and U m a. Produced by running setup-all.sh from the /scripts/api folder.
 Pete:757a6493-456a-4bf0-943e-9b559d551a3f
 Uma:8797f19b-b8aa-4f96-a789-1b99506f2eab
diff --git a/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java b/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java
@@ -80,7 +80,6 @@
 
 import javax.faces.event.AjaxBehaviorEvent;
 
-import javax.faces.context.ExternalContext;
 import org.apache.commons.lang.StringEscapeUtils;
 
 import org.primefaces.component.tabview.TabView;
@@ -555,7 +554,7 @@ public boolean isThumbnailAvailable(FileMetadata fileMetadata) {
 
     // Another convenience method - to cache Update Permission on the dataset: 
     public boolean canUpdateDataset() {
-        return permissionsWrapper.canUpdateDataset(this.session.getUser(), this.dataset);
+        return permissionsWrapper.canUpdateDataset(dvRequestService.getDataverseRequest(), this.dataset);
     }
 
     public boolean canPublishDataverse() {
@@ -576,42 +575,17 @@ public boolean canPublishDataverse() {
     //}
 
     public boolean canViewUnpublishedDataset() {
-        return permissionsWrapper.canViewUnpublishedDataset(this.session.getUser(), this.dataset);
-        //return doesSessionUserHaveDataSetPermission(Permission.ViewUnpublishedDataset);
+        return permissionsWrapper.canViewUnpublishedDataset( dvRequestService.getDataverseRequest(), dataset);
     }
 
-    private Boolean sessionUserAuthenticated = null;
-
-
     /* 
      * 4.2.1 optimization. 
      * HOWEVER, this doesn't appear to be saving us anything! 
      * i.e., it's just as cheap to use session.getUser().isAuthenticated() 
      * every time; it doesn't do any new db lookups. 
     */
     public boolean isSessionUserAuthenticated() {
-        logger.fine("entering isSessionUserAuthenticated;");
-        if (sessionUserAuthenticated != null) {
-            logger.fine("using cached isSessionUserAuthenticated;");
-
-            return sessionUserAuthenticated;
-        }
-
-        if (session == null) {
-            return false;
-        }
-
-        if (session.getUser() == null) {
-            return false;
-        }
-
-        if (session.getUser().isAuthenticated()) {
-            sessionUserAuthenticated = true; 
-            return true;
-        }
-
-        sessionUserAuthenticated = false;
-        return false;
+        return session.getUser().isAuthenticated();
     }
 
     /**

diff --git a/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java b/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java
@@ -8,6 +8,7 @@
 import edu.harvard.iq.dataverse.authorization.Permission;
 import edu.harvard.iq.dataverse.authorization.users.User;
 import edu.harvard.iq.dataverse.engine.command.Command;
+import edu.harvard.iq.dataverse.engine.command.DataverseRequest;
 import edu.harvard.iq.dataverse.engine.command.impl.*;
 import java.util.HashMap;
 import java.util.Map;
@@ -42,7 +43,9 @@ public class PermissionsWrapper implements java.io.Serializable {
     /**
      * Check if the current Dataset can Issue Commands
      *
-     * @param commandName
+     * @param dvo Target dataverse object.
+     * @param command The command to execute
+     * @return {@code true} if the user can issue the command on the object.
      */
     public boolean canIssueCommand(DvObject dvo, Class<? extends Command> command) {
         if ((dvo==null) || (dvo.getId()==null)){
@@ -131,12 +134,12 @@ public boolean canManageDatasetPermissions(User u, Dataset ds) {
         return permissionService.userOn(u, ds).has(Permission.ManageDatasetPermissions);
     }
 
-    public boolean canViewUnpublishedDataset(User user, Dataset dataset) {
-        return doesSessionUserHaveDataSetPermission(user, dataset, Permission.ViewUnpublishedDataset);
+    public boolean canViewUnpublishedDataset(DataverseRequest dr, Dataset dataset) {
+        return doesSessionUserHaveDataSetPermission(dr, dataset, Permission.ViewUnpublishedDataset);
     }
 
-    public boolean canUpdateDataset(User user, Dataset dataset) {
-        return doesSessionUserHaveDataSetPermission(user, dataset, Permission.EditDataset);
+    public boolean canUpdateDataset(DataverseRequest dr, Dataset dataset) {
+        return doesSessionUserHaveDataSetPermission(dr, dataset, Permission.EditDataset);
     }
 
 
@@ -147,12 +150,12 @@ public boolean canUpdateDataset(User user, Dataset dataset) {
      * 
      * Check Dataset related permissions
      * 
-     * @param user
+     * @param req
      * @param dataset
      * @param permissionToCheck
      * @return 
      */
-    public boolean doesSessionUserHaveDataSetPermission(User user, Dataset dataset, Permission permissionToCheck){
+    public boolean doesSessionUserHaveDataSetPermission(DataverseRequest req, Dataset dataset, Permission permissionToCheck){
         if (permissionToCheck == null){
             return false;
         }
@@ -167,8 +170,7 @@ public boolean doesSessionUserHaveDataSetPermission(User user, Dataset dataset,
         }
 
         // Check the permission
-        //
-        boolean hasPermission = this.permissionService.userOn(user, dataset).has(permissionToCheck);
+        boolean hasPermission = this.permissionService.requestOn(req, dataset).has(permissionToCheck);
 
         // Save the permission
         this.datasetPermissionMap.put(permName, hasPermission);