diff --git a/pom.xml b/pom.xml
index c8d5e0a..a12b20c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
edu.stanford.protege
webprotege-authorization-service
- 1.0.2
+ 1.0.3-WHO
webprotege-authorization-service
A service that checks users are authorized to execute operations in WebProtége
diff --git a/src/main/java/edu/stanford/protege/webprotege/authorization/AccessManagerImpl.java b/src/main/java/edu/stanford/protege/webprotege/authorization/AccessManagerImpl.java
index 669bb7d..af81925 100644
--- a/src/main/java/edu/stanford/protege/webprotege/authorization/AccessManagerImpl.java
+++ b/src/main/java/edu/stanford/protege/webprotege/authorization/AccessManagerImpl.java
@@ -164,17 +164,17 @@ private Collection getSubjectsWithAccessToResource(Resource resource, O
Query query = query(where(PROJECT_ID).is(projectId));
action.ifPresent(a -> query.addCriteria(where(ACTION_CLOSURE).in(a.toString())));
return mongoTemplate.find(query, RoleAssignment.class)
- .stream()
- .map(ra -> {
- Optional userName = ra.getUserName();
- if (userName.isPresent()) {
- return Subject.forUser(userName.get());
- }
- else {
- return Subject.forAnySignedInUser();
- }
- })
- .collect(toList());
+ .stream()
+ .map(ra -> {
+ Optional userName = ra.getUserName();
+ if (userName.isPresent()) {
+ return Subject.forUser(userName.get());
+ }
+ else {
+ return Subject.forAnySignedInUser();
+ }
+ })
+ .collect(toList());
}
@Override
diff --git a/src/main/java/edu/stanford/protege/webprotege/authorization/BuiltInRole.java b/src/main/java/edu/stanford/protege/webprotege/authorization/BuiltInRole.java
index 56f6576..63cab64 100644
--- a/src/main/java/edu/stanford/protege/webprotege/authorization/BuiltInRole.java
+++ b/src/main/java/edu/stanford/protege/webprotege/authorization/BuiltInRole.java
@@ -86,6 +86,16 @@ public enum BuiltInRole {
DELETE_DATATYPE,
REVERT_CHANGES),
+ REGULAR_PROJECT_EDITOR(OBJECT_COMMENTER,
+ EDIT_ONTOLOGY,
+ EDIT_ONTOLOGY_ANNOTATIONS,
+ CREATE_CLASS,
+ MERGE_ENTITIES,
+ CREATE_PROPERTY,
+ CREATE_INDIVIDUAL,
+ CREATE_DATATYPE,
+ REVERT_CHANGES),
+
LAYOUT_EDITOR(ADD_OR_REMOVE_PERSPECTIVE,
ADD_OR_REMOVE_VIEW),
diff --git a/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java b/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java
index 9df27fb..a749a7e 100644
--- a/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java
+++ b/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java
@@ -46,7 +46,30 @@ public Class getRequestClass() {
@Override
public Mono handleRequest(GetAuthorizedActionsRequest request, ExecutionContext executionContext) {
- if(request.resource().isApplication()) {
+ /*
+ ToDo: Understand why we need this if else here
+ */
+// if(request.resource().isApplication()) {
+// try {
+// List roleIds = tokenValidator.getTokenClaims(executionContext.jwt()).stream()
+// .map(RoleId::new)
+// .toList();
+// Set actions = new HashSet<>(roleOracle.getActionsAssociatedToRoles(roleIds));
+// return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
+// request.subject(),
+// actions));
+//
+// } catch (VerificationException e) {
+// throw new RuntimeException(e);
+// }
+// }else {
+// var actionClosure = accessManager.getActionClosure(request.subject(),
+// request.resource());
+// return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
+// request.subject(),
+// actionClosure));
+// }
+
try {
List roleIds = tokenValidator.getTokenClaims(executionContext.jwt()).stream()
.map(RoleId::new)
@@ -59,12 +82,5 @@ public Mono handleRequest(GetAuthorizedActionsRequ
} catch (VerificationException e) {
throw new RuntimeException(e);
}
- }else {
- var actionClosure = accessManager.getActionClosure(request.subject(),
- request.resource());
- return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
- request.subject(),
- actionClosure));
- }
}
}