📄 authorizemanager.java
字号:
} /////////////////////////////////////////////// // policy manipulation methods /////////////////////////////////////////////// /** * Add a policy for an individual eperson * * @param c * context. Current user irrelevant * @param o * DSpaceObject to add policy to * @param actionID * ID of action from <code>org.dspace.core.Constants</code> * @param e * eperson who can perform the action * * @throws AuthorizeException * if current user in context is not authorized to add policies */ public static void addPolicy(Context c, DSpaceObject o, int actionID, EPerson e) throws SQLException, AuthorizeException { ResourcePolicy rp = ResourcePolicy.create(c); rp.setResource(o); rp.setAction(actionID); rp.setEPerson(e); rp.update(); } /** * Add a policy for a group * * @param c * current context * @param o * object to add policy for * @param actionID * ID of action from <code>org.dspace.core.Constants</code> * @param g * group to add policy for * @throws SQLException * if there's a database problem * @throws AuthorizeException * if the current user is not authorized to add this policy */ public static void addPolicy(Context c, DSpaceObject o, int actionID, Group g) throws SQLException, AuthorizeException { ResourcePolicy rp = ResourcePolicy.create(c); rp.setResource(o); rp.setAction(actionID); rp.setGroup(g); rp.update(); } /** * Return a List of the policies for an object * * @param c current context * @param o object to retrieve policies for * * @return List of <code>ResourcePolicy</code> objects */ public static List getPolicies(Context c, DSpaceObject o) throws SQLException { TableRowIterator tri = DatabaseManager.query(c, "resourcepolicy", "SELECT * FROM resourcepolicy WHERE " + "resource_type_id=" + o.getType() + " AND " + "resource_id=" + o.getID()); List policies = new ArrayList(); while (tri.hasNext()) { TableRow row = tri.next(); // first check the cache (FIXME: is this right?) ResourcePolicy cachepolicy = (ResourcePolicy) c.fromCache( ResourcePolicy.class, row.getIntColumn("policy_id")); if (cachepolicy != null) { policies.add(cachepolicy); } else { policies.add(new ResourcePolicy(c, row)); } } return policies; } /** * Return a list of policies for an object that match the action * * @param c * context * @param o * DSpaceObject policies relate to * @param actionID * action (defined in class Constants) * @throws SQLException * if there's a database problem */ public static List getPoliciesActionFilter(Context c, DSpaceObject o, int actionID) throws SQLException { TableRowIterator tri = DatabaseManager.query(c, "resourcepolicy", "SELECT * FROM resourcepolicy WHERE " + "resource_type_id=" + o.getType() + " AND " + "resource_id=" + o.getID() + " AND " + "action_id=" + actionID); List policies = new ArrayList(); while (tri.hasNext()) { TableRow row = tri.next(); // first check the cache (FIXME: is this right?) ResourcePolicy cachepolicy = (ResourcePolicy) c.fromCache( ResourcePolicy.class, row.getIntColumn("policy_id")); if (cachepolicy != null) { policies.add(cachepolicy); } else { policies.add(new ResourcePolicy(c, row)); } } return policies; } /** * Add policies to an object to match those from a previous object * * @param c context * @param src * source of policies * @param dest * destination of inherited policies * @throws SQLException * if there's a database problem * @throws AuthorizeException * if the current user is not authorized to add these policies */ public static void inheritPolicies(Context c, DSpaceObject src, DSpaceObject dest) throws SQLException, AuthorizeException { // find all policies for the source object List policies = getPolicies(c, src); addPolicies(c, policies, dest); } /** * Copies policies from a list of resource policies to a given DSpaceObject * * @param c * DSpace context * @param policies * List of ResourcePolicy objects * @param dest * object to have policies added * @throws SQLException * if there's a database problem * @throws AuthorizeException * if the current user is not authorized to add these policies */ public static void addPolicies(Context c, List policies, DSpaceObject dest) throws SQLException, AuthorizeException { Iterator i = policies.iterator(); // now add them to the destination object while (i.hasNext()) { ResourcePolicy srp = (ResourcePolicy) i.next(); ResourcePolicy drp = ResourcePolicy.create(c); // copy over values drp.setResource(dest); drp.setAction(srp.getAction()); drp.setEPerson(srp.getEPerson()); drp.setGroup(srp.getGroup()); drp.setStartDate(srp.getStartDate()); drp.setEndDate(srp.getEndDate()); // and write out new policy drp.update(); } } /** * removes ALL policies for an object. FIXME doesn't check authorization * * @param c * DSpace context * @param o * object to remove policies for * @throws SQLException * if there's a database problem */ public static void removeAllPolicies(Context c, DSpaceObject o) throws SQLException { // FIXME: authorization check? DatabaseManager.updateQuery(c, "DELETE FROM resourcepolicy WHERE " + "resource_type_id=" + o.getType() + " AND " + "resource_id=" + o.getID()); } /** * Remove all policies from an object that match a given action. FIXME * doesn't check authorization * * @param context * current context * @param dso * object to remove policies from * @param actionID * ID of action to match from * <code>org.dspace.core.Constants</code>, or -1=all * @throws SQLException * if there's a database problem */ public static void removePoliciesActionFilter(Context context, DSpaceObject dso, int actionID) throws SQLException { if (actionID == -1) { // remove all policies from object removeAllPolicies(context, dso); } else { DatabaseManager.updateQuery(context, "DELETE FROM resourcepolicy WHERE " + "resource_type_id=" + dso.getType() + " AND " + "resource_id=" + dso.getID() + " AND " + "action_id=" + actionID); } } /** * Removes all policies relating to a particular group. FIXME doesn't check * authorization * * @param c * current context * @param groupID * ID of the group * @throws SQLException * if there's a database problem */ public static void removeGroupPolicies(Context c, int groupID) throws SQLException { DatabaseManager.updateQuery(c, "DELETE FROM resourcepolicy WHERE " + "epersongroup_id=" + groupID); } /** * Removes all policies from a group for a particular object that belong to * a Group. FIXME doesn't check authorization * * @param c * current context * @param o * the object * @param g * the group * @throws SQLException * if there's a database problem */ public static void removeGroupPolicies(Context c, DSpaceObject o, Group g) throws SQLException { DatabaseManager.updateQuery(c, "DELETE FROM resourcepolicy WHERE " + "resource_type_id=" + o.getType() + " AND " + "resource_id=" + o.getID() + " AND " + "epersongroup_id=" + g.getID()); } /** * Returns all groups authorized to perform an action on an object. Returns * empty array if no matches. * * @param c * current context * @param o * object * @param actionID * ID of action frm <code>org.dspace.core.Constants</code> * @return array of <code>Group</code>s that can perform the specified * action on the specified object * @throws java.sql.SQLException * if there's a database problem */ public static Group[] getAuthorizedGroups(Context c, DSpaceObject o, int actionID) throws java.sql.SQLException { // do query matching groups, actions, and objects TableRowIterator tri = DatabaseManager.query(c, "resourcepolicy", "SELECT * FROM resourcepolicy WHERE " + "resource_type_id=" + o.getType() + " AND " + "resource_id=" + o.getID() + " AND " + "action_id=" + actionID); List groups = new ArrayList(); while (tri.hasNext()) { TableRow row = tri.next(); // first check the cache (FIXME: is this right?) ResourcePolicy cachepolicy = (ResourcePolicy) c.fromCache( ResourcePolicy.class, row.getIntColumn("policy_id")); ResourcePolicy myPolicy = null; if (cachepolicy != null) { myPolicy = cachepolicy; } else { myPolicy = new ResourcePolicy(c, row); } // now do we have a group? Group myGroup = myPolicy.getGroup(); if (myGroup != null) { groups.add(myGroup); } } Group[] groupArray = new Group[groups.size()]; groupArray = (Group[]) groups.toArray(groupArray); return groupArray; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -