Fixed role checks

This commit is contained in:
Luca Frosini 2022-03-31 13:05:33 +02:00
parent f41f43fff3
commit 2bef5f60ec
2 changed files with 9 additions and 8 deletions

View File

@ -390,7 +390,7 @@ public class CKANPackage extends CKAN implements Moderated {
public String deleteAll(boolean purge){
MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters();
if(queryParameters.containsKey(GCatConstants.OWN_ONLY_QUERY_PARAMETER)) {
if(ckanUser.getRole() != Role.ADMIN) {
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal()) {
queryParameters.remove(GCatConstants.OWN_ONLY_QUERY_PARAMETER);
queryParameters.add(GCatConstants.OWN_ONLY_QUERY_PARAMETER, Boolean.TRUE.toString());
}
@ -951,7 +951,7 @@ public class CKANPackage extends CKAN implements Moderated {
checkModerationDelete();
if(ckanUser.getRole()!=Role.ADMIN && !isItemCreator()) {
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to purge an item");
}
@ -1057,6 +1057,7 @@ public class CKANPackage extends CKAN implements Moderated {
switch (ckanUser.getRole()) {
case ADMIN:
case MANAGER:
break;
case EDITOR:
@ -1095,7 +1096,7 @@ public class CKANPackage extends CKAN implements Moderated {
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
}else{
if(ckanUser.getRole()==Role.ADMIN) {
if(ckanUser.getRole().ordinal()>=Role.ADMIN.ordinal()) {
parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));
}
}
@ -1115,7 +1116,7 @@ public class CKANPackage extends CKAN implements Moderated {
return;
}
if(ckanUser.getRole() == Role.ADMIN || ckanUser.isCatalogueModerator()) {
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal() || ckanUser.isCatalogueModerator()) {
// Catalogue-Admin and Catalogue-Moderator are entitled to read items with any statues
return;
}
@ -1132,10 +1133,10 @@ public class CKANPackage extends CKAN implements Moderated {
switch (cmItemStatus) {
case APPROVED:
if(ckanUser.getRole() != Role.ADMIN && !isItemCreator()) {
if(ckanUser.getRole().ordinal() < Role.ADMIN.ordinal() && !isItemCreator()) {
throw new ForbiddenException("Only " + Role.ADMIN.getPortalRole() + "s and item creator are entitled to update an " + cmItemStatus.getValue() + " item");
}
if(ckanUser.getRole() == Role.ADMIN) {
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
setToApproved(jsonNode);
setToPending = false;
}
@ -1177,7 +1178,7 @@ public class CKANPackage extends CKAN implements Moderated {
if(isModerationEnabled()) {
readItem();
if(ckanUser.getRole() == Role.ADMIN) {
if(ckanUser.getRole().ordinal() >= Role.ADMIN.ordinal()) {
// Ad Admin can delete any item independently from the status
return;
}

View File

@ -125,7 +125,7 @@ public class CKANPackageTrash {
stringBuffer.append("=");
stringBuffer.append(getQuotedString(PACKAGE_STATE_VALUE));
if(ownOnly || ckanUser.getRole()!=Role.ADMIN) {
if(ownOnly || ckanUser.getRole().ordinal()<Role.ADMIN.ordinal()) {
// add only own items
stringBuffer.append(" AND ");
stringBuffer.append(CKANPackage.AUTHOR_EMAIL_KEY);