diff --git a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java index df7fa3a08..3ee18bba5 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java +++ b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java @@ -73,6 +73,7 @@ public final class Permission { public static String DepositDmp = "DepositDmp"; public static String DeleteDmp = "DeleteDmp"; public static String CloneDmp = "CloneDmp"; + public static String ExportDmp = "ExportDmp"; public static String CreateNewVersionDmp = "CreateNewVersionDmp"; public static String FinalizeDmp = "FinalizeDmp"; public static String UndoFinalizeDmp = "UndoFinalizeDmp"; diff --git a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/deposit/DepositConfigurationCensor.java b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/deposit/DepositConfigurationCensor.java index 0e91aebcd..b72366252 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/deposit/DepositConfigurationCensor.java +++ b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/deposit/DepositConfigurationCensor.java @@ -36,7 +36,7 @@ public class DepositConfigurationCensor extends BaseCensor { if (fields == null || fields.isEmpty()) return; - this.authService.authorizeForce(Permission.BrowseDeposit); + this.authService.authorizeForce(Permission.BrowseDeposit, Permission.DeferredAffiliation); } diff --git a/dmp-backend/core/src/main/java/eu/eudat/service/deposit/DepositServiceImpl.java b/dmp-backend/core/src/main/java/eu/eudat/service/deposit/DepositServiceImpl.java index 440bf3e81..14a8ac5cb 100644 --- a/dmp-backend/core/src/main/java/eu/eudat/service/deposit/DepositServiceImpl.java +++ b/dmp-backend/core/src/main/java/eu/eudat/service/deposit/DepositServiceImpl.java @@ -114,7 +114,7 @@ public class DepositServiceImpl implements DepositService { @Override public List getAvailableConfigurations(FieldSet fieldSet) { - this.authorizationService.authorizeForce(Permission.BrowseDeposit); + this.authorizationService.authorizeForce(Permission.BrowseDeposit, Permission.DeferredAffiliation); List configurations = new ArrayList<>(); @@ -201,7 +201,7 @@ public class DepositServiceImpl implements DepositService { @Override public String getLogo(String repositoryId) { - this.authorizationService.authorizeForce(Permission.BrowseDeposit); + this.authorizationService.authorizeForce(Permission.BrowseDeposit, Permission.DeferredAffiliation); DepositClient depositClient = getDepositClient(repositoryId); if (depositClient == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{repositoryId, DepositClient.class.getSimpleName()}, LocaleContextHolder.getLocale())); @@ -210,7 +210,7 @@ public class DepositServiceImpl implements DepositService { @Override public String authenticate(DepositAuthenticateRequest model) { - this.authorizationService.authorizeForce(Permission.BrowseDeposit); + this.authorizationService.authorizeForce(Permission.BrowseDeposit, Permission.DeferredAffiliation); DepositClient depositClient = getDepositClient(model.getRepositoryId()); if (depositClient == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getRepositoryId(), DepositClient.class.getSimpleName()}, LocaleContextHolder.getLocale())); diff --git a/dmp-backend/web/src/main/resources/config/permissions.yml b/dmp-backend/web/src/main/resources/config/permissions.yml index 87e3c576e..b8b9d5f90 100644 --- a/dmp-backend/web/src/main/resources/config/permissions.yml +++ b/dmp-backend/web/src/main/resources/config/permissions.yml @@ -402,6 +402,16 @@ permissions: clients: [ ] allowAnonymous: false allowAuthenticated: false + ExportDmp: + roles: + - Admin + dmp: + roles: + - Owner + claims: [ ] + clients: [ ] + allowAnonymous: false + allowAuthenticated: false CreateNewVersionDmp: roles: - Admin