diff --git a/src/main/java/org/gcube/gcat/rest/Item.java b/src/main/java/org/gcube/gcat/rest/Item.java index 465e155..5546edf 100644 --- a/src/main/java/org/gcube/gcat/rest/Item.java +++ b/src/main/java/org/gcube/gcat/rest/Item.java @@ -44,7 +44,9 @@ public class Item extends REST implements org.gcube.gcat.api.interf @GET @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) - @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) + /* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce + * @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) + */ public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit, @QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, @QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) { @@ -79,7 +81,9 @@ public class Item extends REST implements org.gcube.gcat.api.interf @Path("/{" + ITEM_ID_PARAMETER + "}") @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Override - @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) + /* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce + * @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) + */ public String read(@PathParam(ITEM_ID_PARAMETER) String id) { return super.read(id); } @@ -141,6 +145,7 @@ public class Item extends REST implements org.gcube.gcat.api.interf @DELETE @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Override + @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) { deleteAll(purge); return Response.status(Status.ACCEPTED).build(); @@ -149,6 +154,7 @@ public class Item extends REST implements org.gcube.gcat.api.interf @PURGE @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Override + @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) public Response bulkPurge() { return bulkDelete(true); } @@ -157,7 +163,7 @@ public class Item extends REST implements org.gcube.gcat.api.interf @Path("/{" + ITEM_ID_PARAMETER + "}") @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) - @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR }, exception=NotAuthorizedException.class) + @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class) public Response moderate(@PathParam(ITEM_ID_PARAMETER) String id, String json) { setCalledMethod("POST /" + COLLECTION_PARAMETER + "/{" + ID_PARAMETER + "}"); CKANPackage ckanPackage = getInstance();