Changed RodaConstants so that actions use v2 roles (#3243)

keeps · Jul 5, 2024 · f6e4064 · f6e4064
1 parent 75b9c0a
commit f6e4064
Show file tree

Hide file tree

Showing 7 changed files with 176 additions and 257 deletions.
diff --git a/roda-common/roda-common-data/src/main/java/org/roda/core/data/common/RodaConstants.java b/roda-common/roda-common-data/src/main/java/org/roda/core/data/common/RodaConstants.java
diff --git a/roda-core/roda-core-tests/src/main/java/org/roda/core/plugins/UserPermissionsPluginTest.java b/roda-core/roda-core-tests/src/main/java/org/roda/core/plugins/UserPermissionsPluginTest.java
@@ -126,7 +126,7 @@ public void testIfEventsAreIndexedAfterIngest() throws IOException, RODAExceptio
       Facets.NONE, user, false, Collections.emptyList());
     Assert.assertFalse(aipsOnIndex.getResults().isEmpty(), "No AIP is indexed");
 
-    IndexedAIP aip = aipsOnIndex.getResults().get(0);
+    IndexedAIP aip = aipsOnIndex.getResults().getFirst();
     Filter eventFilter = new Filter();
     eventFilter.add(new SimpleFilterParameter(RodaConstants.PRESERVATION_EVENT_AIP_ID, aip.getId()));
     IndexResult<IndexedPreservationEvent> eventsOnIndex = index.find(IndexedPreservationEvent.class, eventFilter,

diff --git a/roda-core/roda-core/src/main/resources/config/roda-permissions.properties b/roda-core/roda-core/src/main/resources/config/roda-permissions.properties
@@ -15,9 +15,11 @@
 #################################################################################
 
 # AIP permissions
-core.permissions.org.roda.wui.api.v2.controller.AIPController.createAIP = CREATE
+core.permissions.org.roda.wui.api.v2.controller.AIPController.createAIPBelow = CREATE
+core.permissions.org.roda.wui.api.v2.controller.AIPController.createAIPTop = CREATE
 core.permissions.org.roda.wui.api.v2.controller.AIPController.moveAIPInHierarchy = UPDATE
 core.permissions.org.roda.wui.api.v2.controller.AIPController.changeAIPType = UPDATE
+core.permissions.org.roda.wui.api.v2.controller.AIPController.updatePermissions = UPDATE
 core.permissions.org.roda.wui.api.v2.controller.AIPController.appraisal = UPDATE
 core.permissions.org.roda.wui.api.v2.controller.AIPController.downloadAIP = READ
 core.permissions.org.roda.wui.api.v2.controller.AIPController.retrieveAIPSupportedMetadata = READ

diff --git a/roda-core/roda-core/src/main/resources/config/roda-roles.properties b/roda-core/roda-core/src/main/resources/config/roda-roles.properties
diff --git a/roda-ui/roda-wui/src/main/java/org/roda/wui/api/v2/controller/AIPController.java b/roda-ui/roda-wui/src/main/java/org/roda/wui/api/v2/controller/AIPController.java
@@ -848,66 +848,81 @@ public SupportedMetadataValue retrieveRepresentationSupportedMetadata(String aip
 
   @Override
   public AIP createAIP(String parentId, String type) {
+    if (parentId == null) {
+      return createAIPTop(type);
+    } else {
+      return createAIPBelow(parentId, type);
+    }
+  }
+
+  public AIP createAIPTop(String type) {
 
     final ControllerAssistant controllerAssistant = new ControllerAssistant() {};
     RequestContext requestContext = RequestUtils.parseHTTPRequest(request);
     LogEntryState state = LogEntryState.SUCCESS;
 
-    if (parentId == null) {
-      try {
-        controllerAssistant.checkRoles(requestContext.getUser());
-        Permissions permissions = new Permissions();
-
-        // delegate
-        return aipService.createAIP(requestContext.getUser(), null, type, permissions);
-      } catch (AlreadyExistsException | NotFoundException | RequestNotValidException | GenericException e) {
-        state = LogEntryState.FAILURE;
-        throw new RESTException(e);
-      } catch (AuthorizationDeniedException e) {
-        state = LogEntryState.UNAUTHORIZED;
-        throw new RESTException(e);
-      } finally {
-        // register action
-        controllerAssistant.registerAction(requestContext, state, RodaConstants.CONTROLLER_TYPE_PARAM, type);
-      }
-    } else {
-      try {
-        Permissions permissions = new Permissions();
+    try {
+      controllerAssistant.checkRoles(requestContext.getUser());
+      Permissions permissions = new Permissions();
 
-        IndexedAIP parentSDO = indexService.retrieve(requestContext, IndexedAIP.class, parentId,
-          RodaConstants.AIP_PERMISSIONS_FIELDS_TO_RETURN);
-        controllerAssistant.checkObjectPermissions(requestContext.getUser(), parentSDO);
+      // delegate
+      return aipService.createAIP(requestContext.getUser(), null, type, permissions);
+    } catch (AlreadyExistsException | NotFoundException | RequestNotValidException | GenericException e) {
+      state = LogEntryState.FAILURE;
+      throw new RESTException(e);
+    } catch (AuthorizationDeniedException e) {
+      state = LogEntryState.UNAUTHORIZED;
+      throw new RESTException(e);
+    } finally {
+      // register action
+      controllerAssistant.registerAction(requestContext, state, RodaConstants.CONTROLLER_TYPE_PARAM, type);
+    }
 
-        // check state
-        controllerAssistant.checkAIPstate(parentSDO);
+  }
 
-        // check if AIP is in a disposal confirmation
-        controllerAssistant.checkIfAIPInConfirmation(parentSDO);
+  public AIP createAIPBelow(String parentId, String type) {
 
-        Permissions parentPermissions = parentSDO.getPermissions();
+    final ControllerAssistant controllerAssistant = new ControllerAssistant() {};
+    RequestContext requestContext = RequestUtils.parseHTTPRequest(request);
+    LogEntryState state = LogEntryState.SUCCESS;
 
-        for (String name : parentPermissions.getUsernames()) {
-          permissions.setUserPermissions(name, parentPermissions.getUserPermissions(name));
-        }
+    try {
+      Permissions permissions = new Permissions();
 
-        for (String name : parentPermissions.getGroupnames()) {
-          permissions.setGroupPermissions(name, parentPermissions.getGroupPermissions(name));
-        }
+      IndexedAIP parentSDO = indexService.retrieve(requestContext, IndexedAIP.class, parentId,
+        RodaConstants.AIP_PERMISSIONS_FIELDS_TO_RETURN);
+      controllerAssistant.checkObjectPermissions(requestContext.getUser(), parentSDO);
 
-        // delegate
-        return aipService.createAIP(requestContext.getUser(), parentId, type, permissions);
-      } catch (AlreadyExistsException | GenericException | NotFoundException | RequestNotValidException e) {
-        state = LogEntryState.FAILURE;
-        throw new RESTException(e);
-      } catch (AuthorizationDeniedException e) {
-        state = LogEntryState.UNAUTHORIZED;
-        throw new RESTException(e);
-      } finally {
-        // register action
-        controllerAssistant.registerAction(requestContext, state, RodaConstants.CONTROLLER_PARENT_ID_PARAM, parentId,
-          RodaConstants.CONTROLLER_TYPE_PARAM, type);
+      // check state
+      controllerAssistant.checkAIPstate(parentSDO);
+
+      // check if AIP is in a disposal confirmation
+      controllerAssistant.checkIfAIPInConfirmation(parentSDO);
+
+      Permissions parentPermissions = parentSDO.getPermissions();
+
+      for (String name : parentPermissions.getUsernames()) {
+        permissions.setUserPermissions(name, parentPermissions.getUserPermissions(name));
       }
+
+      for (String name : parentPermissions.getGroupnames()) {
+        permissions.setGroupPermissions(name, parentPermissions.getGroupPermissions(name));
+      }
+
+      // delegate
+      return aipService.createAIP(requestContext.getUser(), parentId, type, permissions);
+    } catch (AlreadyExistsException | GenericException | NotFoundException | RequestNotValidException e) {
+      state = LogEntryState.FAILURE;
+      throw new RESTException(e);
+    } catch (AuthorizationDeniedException e) {
+      state = LogEntryState.UNAUTHORIZED;
+      throw new RESTException(e);
+    } finally {
+      // register action
+      controllerAssistant.registerAction(requestContext, state, RodaConstants.CONTROLLER_PARENT_ID_PARAM, parentId,
+        RodaConstants.CONTROLLER_TYPE_PARAM, type);
     }
+
   }
 
   @Override

diff --git a/roda-ui/roda-wui/src/main/java/org/roda/wui/client/browse/BrowseAIP.java b/roda-ui/roda-wui/src/main/java/org/roda/wui/client/browse/BrowseAIP.java
@@ -605,7 +605,7 @@ public void onResponseReceived(Request request, Response response) {
             b.append(SafeHtmlUtils.fromSafeConstant("<div class='descriptiveMetadataLinks'>"));
 
             if (bundle.isHasHistory() && PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_RETRIEVE_DESCRIPTIVE_METADATA_VERSIONS_BUNDLE)) {
+              RodaConstants.PERMISSION_METHOD_RETRIEVE_AIP_DESCRIPTIVE_METADATA_VERSIONS)) {
               // History link
               String historyLink = HistoryUtils.createHistoryHashLink(DescriptiveMetadataHistory.RESOLVER, aipId,
                 escapedDescId);
@@ -618,7 +618,7 @@ public void onResponseReceived(Request request, Response response) {
             if (!AIPState.DESTROYED.equals(aip.getState()) && !aip.isOnHold()
               && aip.getDisposalConfirmationId() == null) {
               if (PermissionClientUtils.hasPermissions(aip.getPermissions(),
-                RodaConstants.PERMISSION_METHOD_UPDATE_DESCRIPTIVE_METADATA_FILE)) {
+                RodaConstants.PERMISSION_METHOD_UPDATE_AIP_DESCRIPTIVE_METADATA_FILE)) {
                 String editLink = HistoryUtils.createHistoryHashLink(EditDescriptiveMetadata.RESOLVER, aipId,
                   escapedDescId);
                 String editLinkHtml = "<a href='" + editLink
@@ -658,7 +658,7 @@ public void onResponseReceived(Request request, Response response) {
             b.append(SafeHtmlUtils.fromSafeConstant("<div class='descriptiveMetadataLinks'>"));
 
             if (bundle.isHasHistory() && PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_RETRIEVE_DESCRIPTIVE_METADATA_VERSIONS_BUNDLE)) {
+              RodaConstants.PERMISSION_METHOD_RETRIEVE_AIP_DESCRIPTIVE_METADATA_VERSIONS)) {
               // History link
               String historyLink = HistoryUtils.createHistoryHashLink(DescriptiveMetadataHistory.RESOLVER, aipId,
                 escapedDescId);
@@ -669,7 +669,7 @@ public void onResponseReceived(Request request, Response response) {
 
             // Edit link
             if (PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_UPDATE_DESCRIPTIVE_METADATA_FILE)) {
+              RodaConstants.PERMISSION_METHOD_UPDATE_AIP_DESCRIPTIVE_METADATA_FILE)) {
               String editLink = HistoryUtils.createHistoryHashLink(EditDescriptiveMetadata.RESOLVER, aipId,
                 escapedDescId);
               String editLinkHtml = "<a href='" + editLink + "' class='toolbarLink'><i class='fa fa-edit'></i></a>";

diff --git a/roda-ui/roda-wui/src/main/java/org/roda/wui/client/browse/BrowseRepresentation.java b/roda-ui/roda-wui/src/main/java/org/roda/wui/client/browse/BrowseRepresentation.java
@@ -520,7 +520,7 @@ public void onResponseReceived(Request request, Response response) {
             b.append(SafeHtmlUtils.fromSafeConstant("<div class='descriptiveMetadataLinks'>"));
 
             if (bundle.isHasHistory() && PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_RETRIEVE_DESCRIPTIVE_METADATA_VERSIONS_BUNDLE)) {
+              RodaConstants.PERMISSION_METHOD_RETRIEVE_REPRESENTATION_DESCRIPTIVE_METADATA_VERSIONS)) {
               // History link
               String historyLink = HistoryUtils.createHistoryHashLink(DescriptiveMetadataHistory.RESOLVER, aipId, repId,
                 descId);
@@ -530,7 +530,7 @@ public void onResponseReceived(Request request, Response response) {
             }
             // Edit link
             if (PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_UPDATE_DESCRIPTIVE_METADATA_FILE)) {
+              RodaConstants.PERMISSION_METHOD_UPDATE_REPRESENTATION_DESCRIPTIVE_METADATA_FILE)) {
               String editLink = HistoryUtils.createHistoryHashLink(EditDescriptiveMetadata.RESOLVER, aipId, repId,
                 descId);
               String editLinkHtml = "<a href='" + editLink
@@ -572,7 +572,7 @@ public void onResponseReceived(Request request, Response response) {
             b.append(SafeHtmlUtils.fromSafeConstant("<div class='descriptiveMetadataLinks'>"));
 
             if (bundle.isHasHistory() && PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_RETRIEVE_DESCRIPTIVE_METADATA_VERSIONS_BUNDLE)) {
+              RodaConstants.PERMISSION_METHOD_RETRIEVE_REPRESENTATION_DESCRIPTIVE_METADATA_VERSIONS)) {
               // History link
               String historyLink = HistoryUtils.createHistoryHashLink(DescriptiveMetadataHistory.RESOLVER, aipId, repId,
                 descId);
@@ -583,7 +583,7 @@ public void onResponseReceived(Request request, Response response) {
 
             // Edit link
             if (PermissionClientUtils.hasPermissions(aip.getPermissions(),
-              RodaConstants.PERMISSION_METHOD_UPDATE_DESCRIPTIVE_METADATA_FILE)) {
+              RodaConstants.PERMISSION_METHOD_UPDATE_REPRESENTATION_DESCRIPTIVE_METADATA_FILE)) {
               String editLink = HistoryUtils.createHistoryHashLink(EditDescriptiveMetadata.RESOLVER, aipId, repId,
                 descId);
               String editLinkHtml = "<a href='" + editLink + "' class='toolbarLink'><i class='fa fa-edit'></i></a>";