From 2bef5f60eca531b48a7959540e82863d6c9b3c5a Mon Sep 17 00:00:00 2001 From: Luca Frosini Date: Thu, 31 Mar 2022 13:05:33 +0200 Subject: [PATCH] Fixed role checks --- .../gcube/gcat/persistence/ckan/CKANPackage.java | 15 ++++++++------- .../gcat/persistence/ckan/CKANPackageTrash.java | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java b/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java index 6c40132..0822748 100644 --- a/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java +++ b/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java @@ -390,7 +390,7 @@ public class CKANPackage extends CKAN implements Moderated { public String deleteAll(boolean purge){ MultivaluedMap queryParameters = uriInfo.getQueryParameters(); if(queryParameters.containsKey(GCatConstants.OWN_ONLY_QUERY_PARAMETER)) { - if(ckanUser.getRole() != Role.ADMIN) { + if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal()) { queryParameters.remove(GCatConstants.OWN_ONLY_QUERY_PARAMETER); queryParameters.add(GCatConstants.OWN_ONLY_QUERY_PARAMETER, Boolean.TRUE.toString()); } @@ -951,7 +951,7 @@ public class CKANPackage extends CKAN implements Moderated { checkModerationDelete(); - if(ckanUser.getRole()!=Role.ADMIN && !isItemCreator()) { + if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) { throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to purge an item"); } @@ -1057,6 +1057,7 @@ public class CKANPackage extends CKAN implements Moderated { switch (ckanUser.getRole()) { case ADMIN: + case MANAGER: break; case EDITOR: @@ -1095,7 +1096,7 @@ public class CKANPackage extends CKAN implements Moderated { parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true)); }else{ - if(ckanUser.getRole()==Role.ADMIN) { + if(ckanUser.getRole().ordinal()>=Role.ADMIN.ordinal()) { parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true)); } } @@ -1115,7 +1116,7 @@ public class CKANPackage extends CKAN implements Moderated { return; } - if(ckanUser.getRole() == Role.ADMIN || ckanUser.isCatalogueModerator()) { + if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal() || ckanUser.isCatalogueModerator()) { // Catalogue-Admin and Catalogue-Moderator are entitled to read items with any statues return; } @@ -1132,10 +1133,10 @@ public class CKANPackage extends CKAN implements Moderated { switch (cmItemStatus) { case APPROVED: - if(ckanUser.getRole() != Role.ADMIN && !isItemCreator()) { + if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) { throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to update an " + cmItemStatus.getValue() + " item"); } - if(ckanUser.getRole() == Role.ADMIN) { + if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) { setToApproved(jsonNode); setToPending = false; } @@ -1177,7 +1178,7 @@ public class CKANPackage extends CKAN implements Moderated { if(isModerationEnabled()) { readItem(); - if(ckanUser.getRole() == Role.ADMIN) { + if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) { // Ad Admin can delete any item independently from the status return; } diff --git a/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackageTrash.java b/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackageTrash.java index dc94364..42c017a 100644 --- a/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackageTrash.java +++ b/src/main/java/org/gcube/gcat/persistence/ckan/CKANPackageTrash.java @@ -125,7 +125,7 @@ public class CKANPackageTrash { stringBuffer.append("="); stringBuffer.append(getQuotedString(PACKAGE_STATE_VALUE)); - if(ownOnly || ckanUser.getRole()!=Role.ADMIN) { + if(ownOnly || ckanUser.getRole().ordinal()