gCubeSystem
/
gcat
15
0
Fork 0
Code Issues Pull Requests Releases 13 Wiki Activity

Fixed role checks

This commit is contained in:
Luca Frosini 2022-03-31 13:05:33 +02:00
parent f41f43fff3
commit 2bef5f60ec
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/org/gcube/gcat/persistence/ckan/CKANPackage.java
View File

@ -390,7 +390,7 @@ public class CKANPackage extends CKAN implements Moderated {
public String deleteAll(boolean purge){ public String deleteAll(boolean purge){
MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters(); MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters();
if(queryParameters.containsKey(GCatConstants.OWN_ONLY_QUERY_PARAMETER)) { if(queryParameters.containsKey(GCatConstants.OWN_ONLY_QUERY_PARAMETER)) {
if(ckanUser.getRole() != Role.ADMIN) { if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal()) {
queryParameters.remove(GCatConstants.OWN_ONLY_QUERY_PARAMETER); queryParameters.remove(GCatConstants.OWN_ONLY_QUERY_PARAMETER);
queryParameters.add(GCatConstants.OWN_ONLY_QUERY_PARAMETER, Boolean.TRUE.toString()); queryParameters.add(GCatConstants.OWN_ONLY_QUERY_PARAMETER, Boolean.TRUE.toString());
} }
@ -951,7 +951,7 @@ public class CKANPackage extends CKAN implements Moderated {
checkModerationDelete(); checkModerationDelete();
if(ckanUser.getRole()!=Role.ADMIN && !isItemCreator()) { if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to purge an item"); throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to purge an item");
} }
@ -1057,6 +1057,7 @@ public class CKANPackage extends CKAN implements Moderated {
switch (ckanUser.getRole()) { switch (ckanUser.getRole()) {
case ADMIN: case ADMIN:
case MANAGER:
break; break;
case EDITOR: case EDITOR:
@ -1095,7 +1096,7 @@ public class CKANPackage extends CKAN implements Moderated {
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true)); parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
}else{ }else{
if(ckanUser.getRole()==Role.ADMIN) { if(ckanUser.getRole().ordinal()>=Role.ADMIN.ordinal()) {
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true)); parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
} }
} }
@ -1115,7 +1116,7 @@ public class CKANPackage extends CKAN implements Moderated {
return; return;
} }
if(ckanUser.getRole() == Role.ADMIN || ckanUser.isCatalogueModerator()) { if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal() || ckanUser.isCatalogueModerator()) {
// Catalogue-Admin and Catalogue-Moderator are entitled to read items with any statues // Catalogue-Admin and Catalogue-Moderator are entitled to read items with any statues
return; return;
} }
@ -1132,10 +1133,10 @@ public class CKANPackage extends CKAN implements Moderated {
switch (cmItemStatus) { switch (cmItemStatus) {
case APPROVED: case APPROVED:
if(ckanUser.getRole() != Role.ADMIN && !isItemCreator()) { if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to update an " + cmItemStatus.getValue() + " item"); throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to update an " + cmItemStatus.getValue() + " item");
} }
if(ckanUser.getRole() == Role.ADMIN) { if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
setToApproved(jsonNode); setToApproved(jsonNode);
setToPending = false; setToPending = false;
} }
@ -1177,7 +1178,7 @@ public class CKANPackage extends CKAN implements Moderated {
if(isModerationEnabled()) { if(isModerationEnabled()) {
readItem(); readItem();
if(ckanUser.getRole() == Role.ADMIN) { if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
// Ad Admin can delete any item independently from the status // Ad Admin can delete any item independently from the status
return; return;
} }

2
src/main/java/org/gcube/gcat/persistence/ckan/CKANPackageTrash.java
View File

@ -125,7 +125,7 @@ public class CKANPackageTrash {
stringBuffer.append("="); stringBuffer.append("=");
stringBuffer.append(getQuotedString(PACKAGE_STATE_VALUE)); stringBuffer.append(getQuotedString(PACKAGE_STATE_VALUE));
if(ownOnly || ckanUser.getRole()!=Role.ADMIN) { if(ownOnly || ckanUser.getRole().ordinal()<Role.ADMIN.ordinal()) {
// add only own items // add only own items
stringBuffer.append(" AND "); stringBuffer.append(" AND ");
stringBuffer.append(CKANPackage.AUTHOR_EMAIL_KEY); stringBuffer.append(CKANPackage.AUTHOR_EMAIL_KEY);