Fixed role checks
This commit is contained in:
parent
f41f43fff3
commit
2bef5f60ec
|
@ -390,7 +390,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
public String deleteAll(boolean purge){
|
||||
MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters();
|
||||
if(queryParameters.containsKey(GCatConstants.OWN_ONLY_QUERY_PARAMETER)) {
|
||||
if(ckanUser.getRole() != Role.ADMIN) {
|
||||
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal()) {
|
||||
queryParameters.remove(GCatConstants.OWN_ONLY_QUERY_PARAMETER);
|
||||
queryParameters.add(GCatConstants.OWN_ONLY_QUERY_PARAMETER, Boolean.TRUE.toString());
|
||||
}
|
||||
|
@ -951,7 +951,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
|
||||
checkModerationDelete();
|
||||
|
||||
if(ckanUser.getRole()!=Role.ADMIN && !isItemCreator()) {
|
||||
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
|
||||
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to purge an item");
|
||||
}
|
||||
|
||||
|
@ -1057,6 +1057,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
|
||||
switch (ckanUser.getRole()) {
|
||||
case ADMIN:
|
||||
case MANAGER:
|
||||
break;
|
||||
|
||||
case EDITOR:
|
||||
|
@ -1095,7 +1096,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
|
||||
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
|
||||
}else{
|
||||
if(ckanUser.getRole()==Role.ADMIN) {
|
||||
if(ckanUser.getRole().ordinal()>=Role.ADMIN.ordinal()) {
|
||||
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
|
||||
}
|
||||
}
|
||||
|
@ -1115,7 +1116,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
return;
|
||||
}
|
||||
|
||||
if(ckanUser.getRole() == Role.ADMIN || ckanUser.isCatalogueModerator()) {
|
||||
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal() || ckanUser.isCatalogueModerator()) {
|
||||
// Catalogue-Admin and Catalogue-Moderator are entitled to read items with any statues
|
||||
return;
|
||||
}
|
||||
|
@ -1132,10 +1133,10 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
|
||||
switch (cmItemStatus) {
|
||||
case APPROVED:
|
||||
if(ckanUser.getRole() != Role.ADMIN && !isItemCreator()) {
|
||||
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
|
||||
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to update an " + cmItemStatus.getValue() + " item");
|
||||
}
|
||||
if(ckanUser.getRole() == Role.ADMIN) {
|
||||
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
|
||||
setToApproved(jsonNode);
|
||||
setToPending = false;
|
||||
}
|
||||
|
@ -1177,7 +1178,7 @@ public class CKANPackage extends CKAN implements Moderated {
|
|||
if(isModerationEnabled()) {
|
||||
readItem();
|
||||
|
||||
if(ckanUser.getRole() == Role.ADMIN) {
|
||||
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
|
||||
// Ad Admin can delete any item independently from the status
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -125,7 +125,7 @@ public class CKANPackageTrash {
|
|||
stringBuffer.append("=");
|
||||
stringBuffer.append(getQuotedString(PACKAGE_STATE_VALUE));
|
||||
|
||||
if(ownOnly || ckanUser.getRole()!=Role.ADMIN) {
|
||||
if(ownOnly || ckanUser.getRole().ordinal()<Role.ADMIN.ordinal()) {
|
||||
// add only own items
|
||||
stringBuffer.append(" AND ");
|
||||
stringBuffer.append(CKANPackage.AUTHOR_EMAIL_KEY);
|
||||
|
|
Loading…
Reference in New Issue