From affb6b3df9a83e87e459819c999afc532def820d Mon Sep 17 00:00:00 2001 From: Michael Bar-Sinai Date: Thu, 4 Aug 2016 11:03:10 -0400 Subject: [PATCH] (Part of #1380) IP groups are now honored by the dataset page --- scripts/issues/1380/keys.txt | 2 +- .../edu/harvard/iq/dataverse/DatasetPage.java | 32 ++----------------- .../iq/dataverse/PermissionsWrapper.java | 20 ++++++------ 3 files changed, 15 insertions(+), 39 deletions(-) diff --git a/scripts/issues/1380/keys.txt b/scripts/issues/1380/keys.txt index 9989bd2ea9c..9dc47d356c1 100644 --- a/scripts/issues/1380/keys.txt +++ b/scripts/issues/1380/keys.txt @@ -1,3 +1,3 @@ -Keys for Pete and Uma. Produced by running setup-all.sh from the /scripts/api folder. +Keys for P e t e and U m a. Produced by running setup-all.sh from the /scripts/api folder. Pete:757a6493-456a-4bf0-943e-9b559d551a3f Uma:8797f19b-b8aa-4f96-a789-1b99506f2eab diff --git a/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java b/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java index 91aeac64e14..fb0ca6f47ca 100644 --- a/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java +++ b/src/main/java/edu/harvard/iq/dataverse/DatasetPage.java @@ -80,7 +80,6 @@ import javax.faces.event.AjaxBehaviorEvent; -import javax.faces.context.ExternalContext; import org.apache.commons.lang.StringEscapeUtils; import org.primefaces.component.tabview.TabView; @@ -555,7 +554,7 @@ public boolean isThumbnailAvailable(FileMetadata fileMetadata) { // Another convenience method - to cache Update Permission on the dataset: public boolean canUpdateDataset() { - return permissionsWrapper.canUpdateDataset(this.session.getUser(), this.dataset); + return permissionsWrapper.canUpdateDataset(dvRequestService.getDataverseRequest(), this.dataset); } public boolean canPublishDataverse() { @@ -576,13 +575,9 @@ public boolean canPublishDataverse() { //} public boolean canViewUnpublishedDataset() { - return permissionsWrapper.canViewUnpublishedDataset(this.session.getUser(), this.dataset); - //return doesSessionUserHaveDataSetPermission(Permission.ViewUnpublishedDataset); + return permissionsWrapper.canViewUnpublishedDataset( dvRequestService.getDataverseRequest(), dataset); } - private Boolean sessionUserAuthenticated = null; - - /* * 4.2.1 optimization. * HOWEVER, this doesn't appear to be saving us anything! @@ -590,28 +585,7 @@ public boolean canViewUnpublishedDataset() { * every time; it doesn't do any new db lookups. */ public boolean isSessionUserAuthenticated() { - logger.fine("entering isSessionUserAuthenticated;"); - if (sessionUserAuthenticated != null) { - logger.fine("using cached isSessionUserAuthenticated;"); - - return sessionUserAuthenticated; - } - - if (session == null) { - return false; - } - - if (session.getUser() == null) { - return false; - } - - if (session.getUser().isAuthenticated()) { - sessionUserAuthenticated = true; - return true; - } - - sessionUserAuthenticated = false; - return false; + return session.getUser().isAuthenticated(); } /** diff --git a/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java b/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java index 9a60f71d0df..d740cb91f93 100644 --- a/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java +++ b/src/main/java/edu/harvard/iq/dataverse/PermissionsWrapper.java @@ -8,6 +8,7 @@ import edu.harvard.iq.dataverse.authorization.Permission; import edu.harvard.iq.dataverse.authorization.users.User; import edu.harvard.iq.dataverse.engine.command.Command; +import edu.harvard.iq.dataverse.engine.command.DataverseRequest; import edu.harvard.iq.dataverse.engine.command.impl.*; import java.util.HashMap; import java.util.Map; @@ -42,7 +43,9 @@ public class PermissionsWrapper implements java.io.Serializable { /** * Check if the current Dataset can Issue Commands * - * @param commandName + * @param dvo Target dataverse object. + * @param command The command to execute + * @return {@code true} if the user can issue the command on the object. */ public boolean canIssueCommand(DvObject dvo, Class command) { if ((dvo==null) || (dvo.getId()==null)){ @@ -131,12 +134,12 @@ public boolean canManageDatasetPermissions(User u, Dataset ds) { return permissionService.userOn(u, ds).has(Permission.ManageDatasetPermissions); } - public boolean canViewUnpublishedDataset(User user, Dataset dataset) { - return doesSessionUserHaveDataSetPermission(user, dataset, Permission.ViewUnpublishedDataset); + public boolean canViewUnpublishedDataset(DataverseRequest dr, Dataset dataset) { + return doesSessionUserHaveDataSetPermission(dr, dataset, Permission.ViewUnpublishedDataset); } - public boolean canUpdateDataset(User user, Dataset dataset) { - return doesSessionUserHaveDataSetPermission(user, dataset, Permission.EditDataset); + public boolean canUpdateDataset(DataverseRequest dr, Dataset dataset) { + return doesSessionUserHaveDataSetPermission(dr, dataset, Permission.EditDataset); } @@ -147,12 +150,12 @@ public boolean canUpdateDataset(User user, Dataset dataset) { * * Check Dataset related permissions * - * @param user + * @param req * @param dataset * @param permissionToCheck * @return */ - public boolean doesSessionUserHaveDataSetPermission(User user, Dataset dataset, Permission permissionToCheck){ + public boolean doesSessionUserHaveDataSetPermission(DataverseRequest req, Dataset dataset, Permission permissionToCheck){ if (permissionToCheck == null){ return false; } @@ -167,8 +170,7 @@ public boolean doesSessionUserHaveDataSetPermission(User user, Dataset dataset, } // Check the permission - // - boolean hasPermission = this.permissionService.userOn(user, dataset).has(permissionToCheck); + boolean hasPermission = this.permissionService.requestOn(req, dataset).has(permissionToCheck); // Save the permission this.datasetPermissionMap.put(permName, hasPermission);