Package org.dspace.app.util

Class AuthorizeUtil

  • public class AuthorizeUtil
extends Object
    This class is an addition to the AuthorizeManager that perform authorization check on not CRUD (ADD, WRITE, etc.) actions.
    Author:
    bollini

    • Method Detail

      • authorizeManageBitstreamPolicy

        public static void authorizeManageBitstreamPolicy​(Context context,
                                                  Bitstream bitstream)
                                           throws AuthorizeException,
                                                  SQLException
        Is allowed manage (create, remove, edit) bitstream's policies in the current context?
        Parameters:
        context - the DSpace Context Object
        bitstream - the bitstream that the policy refer to
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the bitstream's policies
        SQLException - if database error if a db error occur

      • authorizeManageBundlePolicy

        public static void authorizeManageBundlePolicy​(Context context,
                                               Bundle bundle)
                                        throws AuthorizeException,
                                               SQLException
        Is allowed manage (create, remove, edit) bundle's policies in the current context?
        Parameters:
        context - the DSpace Context Object
        bundle - the bundle that the policy refer to
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the bundle's policies
        SQLException - if database error if a db error occur

      • authorizeManageItemPolicy

        public static void authorizeManageItemPolicy​(Context context,
                                             Item item)
                                      throws AuthorizeException,
                                             SQLException
        Is allowed manage (create, remove, edit) item's policies in the current context?
        Parameters:
        context - the DSpace Context Object
        item - the item that the policy refer to
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the item's policies
        SQLException - if database error if a db error occur

      • authorizeManageCollectionPolicy

        public static void authorizeManageCollectionPolicy​(Context context,
                                                   Collection collection)
                                            throws AuthorizeException,
                                                   SQLException
        Is allowed manage (create, remove, edit) collection's policies in the current context?
        Parameters:
        context - the DSpace Context Object
        collection - the collection that the policy refer to
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the collection's policies
        SQLException - if database error if a db error occur

      • authorizeManageCommunityPolicy

        public static void authorizeManageCommunityPolicy​(Context context,
                                                  Community community)
                                           throws AuthorizeException,
                                                  SQLException
        Is allowed manage (create, remove, edit) community's policies in the current context?
        Parameters:
        context - the DSpace Context Object
        community - the community that the policy refer to
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the community's policies
        SQLException - if database error if a db error occur

      • requireAdminRole

        public static void requireAdminRole​(Context context)
                             throws AuthorizeException,
                                    SQLException
        Throw an AuthorizeException if the current user is not a System Admin
        Parameters:
        context - the DSpace Context Object
        Throws:
        AuthorizeException - if authorization error if the current user is not a System Admin
        SQLException - if database error if a db error occur

      • authorizeManageCCLicense

        public static void authorizeManageCCLicense​(Context context,
                                            Item item)
                                     throws AuthorizeException,
                                            SQLException
        Is the current user allowed to manage (add, remove, replace) the item's CC License
        Parameters:
        context - the DSpace Context Object
        item - the item that the CC License refer to
        Throws:
        AuthorizeException - if authorization error if the current user is not allowed to manage the item's CC License
        SQLException - if database error if a db error occur

      • authorizeManageTemplateItem

        public static void authorizeManageTemplateItem​(Context context,
                                               Collection collection)
                                        throws AuthorizeException,
                                               SQLException
        Is the current user allowed to manage (create, remove, edit) the collection's template item?
        Parameters:
        context - the DSpace Context Object
        collection - the collection
        Throws:
        AuthorizeException - if authorization error if the current user is not allowed to manage the collection's template item
        SQLException - if database error if a db error occur

      • authorizeManageSubmittersGroup

        public static void authorizeManageSubmittersGroup​(Context context,
                                                  Collection collection)
                                           throws AuthorizeException,
                                                  SQLException
        Can the current user manage (create, remove, edit) the submitters group of the collection?
        Parameters:
        context - the DSpace Context Object
        collection - the collection
        Throws:
        AuthorizeException - if authorization error if the current user is not allowed to manage the collection's submitters group
        SQLException - if database error if a db error occur

      • authorizeManageWorkflowsGroup

        public static void authorizeManageWorkflowsGroup​(Context context,
                                                 Collection collection)
                                          throws AuthorizeException,
                                                 SQLException
        Can the current user manage (create, remove, edit) the workflow groups of the collection?
        Parameters:
        context - the DSpace Context Object
        collection - the collection
        Throws:
        AuthorizeException - if authorization error if the current user is not allowed to manage the collection's workflow groups
        SQLException - if database error if a db error occur

      • authorizeManagePolicy

        public static void authorizeManagePolicy​(Context c,
                                         ResourcePolicy rp)
                                  throws SQLException,
                                         AuthorizeException
        Can the current user remove or edit the supplied policy?
        Parameters:
        c - the DSpace Context Object
        rp - a resource policy
        Throws:
        AuthorizeException - if authorization error if the current context (current user) is not allowed to remove/edit the policy
        SQLException - if database error if a db error occur

      • authorizeWithdrawItem

        public static void authorizeWithdrawItem​(Context context,
                                         Item item)
                                  throws SQLException,
                                         AuthorizeException
        Can the current user withdraw the item?
        Parameters:
        context - the DSpace Context Object
        item - the item
        Throws:
        SQLException - if database error if a db error occur
        AuthorizeException - if authorization error if the current user is not allowed to perform the item withdraw

      • authorizeReinstateItem

        public static void authorizeReinstateItem​(Context context,
                                          Item item)
                                   throws SQLException,
                                          AuthorizeException
        Can the current user reinstate the item?
        Parameters:
        context - the DSpace Context Object
        item - the item
        Throws:
        SQLException - if database error if a db error occur
        AuthorizeException - if authorization error if the current user is not allowed to perform the item reinstatement

      • authorizeManageDefaultReadGroup

        public static void authorizeManageDefaultReadGroup​(Context context,
                                                   Collection collection)
                                            throws AuthorizeException,
                                                   SQLException
        This method will check whether the current user is authorized to manage the default read group
        Parameters:
        context - The relevant DSpace context
        collection - The collection for which this will be checked
        Throws:
        AuthorizeException - If something goes wrong
        SQLException - If something goes wrong

      • authorizeManageGroup

        public static void authorizeManageGroup​(Context context,
                                        Group group)
                                 throws SQLException,
                                        AuthorizeException
        This method checks whether the current user has sufficient rights to modify the group. Depending on the kind of group and due to delegated administration, separate checks need to be done to verify whether the user is allowed to modify the group.
        Parameters:
        context - the context of which the user will be checked
        group - the group to be checked
        Throws:
        SQLException
        AuthorizeException

      • authorizeNewAccountRegistration

        public static boolean authorizeNewAccountRegistration​(Context context,
                                                      javax.servlet.http.HttpServletRequest request)
                                               throws SQLException
        This method will return a boolean indicating whether the current user is allowed to register a new account or not
        Parameters:
        context - The relevant DSpace context
        request - The current request
        Returns:
        A boolean indicating whether the current user can register a new account or not
        Throws:
        SQLException - If something goes wrong

      • authorizeUpdatePassword

        public static boolean authorizeUpdatePassword​(Context context,
                                              String email)
        This method will return a boolean indicating whether it's allowed to update the password for the EPerson with the given email and canLogin property
        Parameters:
        context - The relevant DSpace context
        email - The email to be checked
        Returns:
        A boolean indicating if the password can be updated or not

      • canCommunityAdminManageAccounts

        public static boolean canCommunityAdminManageAccounts()
        This method checks if the community Admin can manage accounts
        Returns:
        true if is able

      • canCollectionAdminManageAccounts

        public static boolean canCollectionAdminManageAccounts()
        This method checks if the Collection Admin can manage accounts
        Returns:
        true if is able