Package org.dspace.app.util

Class AuthorizeUtil

java.lang.Object
org.dspace.app.util.AuthorizeUtil
public class AuthorizeUtil extends Object
This class is an addition to the AuthorizeManager that perform authorization check on not CRUD (ADD, WRITE, etc.) actions.
Author:
bollini

  • Method Details

    • authorizeManageBitstreamPolicy

      public static void authorizeManageBitstreamPolicy(Context context, Bitstream bitstream) throws AuthorizeException, SQLException
      Is allowed manage (create, remove, edit) bitstream's policies in the current context?
      Parameters:
      context - the DSpace Context Object
      bitstream - the bitstream that the policy refer to
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the bitstream's policies
      SQLException - if database error if a db error occur

    • authorizeManageBundlePolicy

      public static void authorizeManageBundlePolicy(Context context, Bundle bundle) throws AuthorizeException, SQLException
      Is allowed manage (create, remove, edit) bundle's policies in the current context?
      Parameters:
      context - the DSpace Context Object
      bundle - the bundle that the policy refer to
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the bundle's policies
      SQLException - if database error if a db error occur

    • authorizeManageItemPolicy

      public static void authorizeManageItemPolicy(Context context, Item item) throws AuthorizeException, SQLException
      Is allowed manage (create, remove, edit) item's policies in the current context?
      Parameters:
      context - the DSpace Context Object
      item - the item that the policy refer to
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the item's policies
      SQLException - if database error if a db error occur

    • authorizeManageCollectionPolicy

      public static void authorizeManageCollectionPolicy(Context context, Collection collection) throws AuthorizeException, SQLException
      Is allowed manage (create, remove, edit) collection's policies in the current context?
      Parameters:
      context - the DSpace Context Object
      collection - the collection that the policy refer to
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the collection's policies
      SQLException - if database error if a db error occur

    • authorizeManageCommunityPolicy

      public static void authorizeManageCommunityPolicy(Context context, Community community) throws AuthorizeException, SQLException
      Is allowed manage (create, remove, edit) community's policies in the current context?
      Parameters:
      context - the DSpace Context Object
      community - the community that the policy refer to
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to manage the community's policies
      SQLException - if database error if a db error occur

    • requireAdminRole

      public static void requireAdminRole(Context context) throws AuthorizeException, SQLException
      Throw an AuthorizeException if the current user is not a System Admin
      Parameters:
      context - the DSpace Context Object
      Throws:
      AuthorizeException - if authorization error if the current user is not a System Admin
      SQLException - if database error if a db error occur

    • authorizeManageCCLicense

      public static void authorizeManageCCLicense(Context context, Item item) throws AuthorizeException, SQLException
      Is the current user allowed to manage (add, remove, replace) the item's CC License
      Parameters:
      context - the DSpace Context Object
      item - the item that the CC License refer to
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to manage the item's CC License
      SQLException - if database error if a db error occur

    • authorizeManageTemplateItem

      public static void authorizeManageTemplateItem(Context context, Collection collection) throws AuthorizeException, SQLException
      Is the current user allowed to manage (create, remove, edit) the collection's template item?
      Parameters:
      context - the DSpace Context Object
      collection - the collection
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to manage the collection's template item
      SQLException - if database error if a db error occur

    • authorizeManageSubmittersGroup

      public static void authorizeManageSubmittersGroup(Context context, Collection collection) throws AuthorizeException, SQLException
      Can the current user manage (create, remove, edit) the submitters group of the collection?
      Parameters:
      context - the DSpace Context Object
      collection - the collection
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to manage the collection's submitters group
      SQLException - if database error if a db error occur

    • authorizeManageWorkflowsGroup

      public static void authorizeManageWorkflowsGroup(Context context, Collection collection) throws AuthorizeException, SQLException
      Can the current user manage (create, remove, edit) the workflow groups of the collection?
      Parameters:
      context - the DSpace Context Object
      collection - the collection
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to manage the collection's workflow groups
      SQLException - if database error if a db error occur

    • authorizeManageAdminGroup

      public static void authorizeManageAdminGroup(Context context, Collection collection) throws AuthorizeException, SQLException
      Can the current user create/edit the admins group of the collection? please note that the remove action need a separate check
      Parameters:
      context - the DSpace Context Object
      collection - the collection
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to create/edit the collection's admins group
      SQLException - if database error if a db error occur
      See Also:

    • authorizeRemoveAdminGroup

      public static void authorizeRemoveAdminGroup(Context context, Collection collection) throws AuthorizeException, SQLException
      Can the current user remove the admins group of the collection? please note that the create/edit actions need separate check
      Parameters:
      context - the DSpace Context Object
      collection - the collection
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to remove the collection's admins group
      SQLException - if database error if a db error occur
      See Also:

    • authorizeManageAdminGroup

      public static void authorizeManageAdminGroup(Context context, Community community) throws AuthorizeException, SQLException
      Can the current user create/edit the admins group of the community? please note that the remove action need a separate check
      Parameters:
      context - the DSpace Context Object
      community - the community
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to create/edit the community's admins group
      SQLException - if database error if a db error occur
      See Also:

    • authorizeRemoveAdminGroup

      public static void authorizeRemoveAdminGroup(Context context, Community community) throws SQLException, AuthorizeException
      Can the current user remove the admins group of the community? please note that the create/edit actions need separate check
      Parameters:
      context - the DSpace Context Object
      community - the community
      Throws:
      AuthorizeException - if authorization error if the current user is not allowed to remove the collection's admins group
      SQLException - if database error if a db error occur
      See Also:

    • authorizeManagePolicy

      public static void authorizeManagePolicy(Context c, ResourcePolicy rp) throws SQLException, AuthorizeException
      Can the current user remove or edit the supplied policy?
      Parameters:
      c - the DSpace Context Object
      rp - a resource policy
      Throws:
      AuthorizeException - if authorization error if the current context (current user) is not allowed to remove/edit the policy
      SQLException - if database error if a db error occur

    • authorizeWithdrawItem

      public static void authorizeWithdrawItem(Context context, Item item) throws SQLException, AuthorizeException
      Can the current user withdraw the item?
      Parameters:
      context - the DSpace Context Object
      item - the item
      Throws:
      SQLException - if database error if a db error occur
      AuthorizeException - if authorization error if the current user is not allowed to perform the item withdraw

    • authorizeReinstateItem

      public static void authorizeReinstateItem(Context context, Item item) throws SQLException, AuthorizeException
      Can the current user reinstate the item?
      Parameters:
      context - the DSpace Context Object
      item - the item
      Throws:
      SQLException - if database error if a db error occur
      AuthorizeException - if authorization error if the current user is not allowed to perform the item reinstatement

    • authorizeManageDefaultReadGroup

      public static void authorizeManageDefaultReadGroup(Context context, Collection collection) throws AuthorizeException, SQLException
      This method will check whether the current user is authorized to manage the default read group
      Parameters:
      context - The relevant DSpace context
      collection - The collection for which this will be checked
      Throws:
      AuthorizeException - If something goes wrong
      SQLException - If something goes wrong

    • authorizeManageGroup

      public static void authorizeManageGroup(Context context, Group group) throws SQLException, AuthorizeException
      This method checks whether the current user has sufficient rights to modify the group. Depending on the kind of group and due to delegated administration, separate checks need to be done to verify whether the user is allowed to modify the group.
      Parameters:
      context - the context of which the user will be checked
      group - the group to be checked
      Throws:
      SQLException
      AuthorizeException

    • authorizeNewAccountRegistration

      public static boolean authorizeNewAccountRegistration(Context context, jakarta.servlet.http.HttpServletRequest request) throws SQLException
      This method will return a boolean indicating whether the current user is allowed to register a new account or not
      Parameters:
      context - The relevant DSpace context
      request - The current request
      Returns:
      A boolean indicating whether the current user can register a new account or not
      Throws:
      SQLException - If something goes wrong

    • authorizeForgotPassword

      public static boolean authorizeForgotPassword()
      This method will return a boolean indicating whether the current user is allowed to reset the password or not
      Returns:
      A boolean indicating whether the current user can reset its password or not
      Throws:
      SQLException - If something goes wrong

    • authorizeUpdatePassword

      public static boolean authorizeUpdatePassword(Context context, String email)
      This method will return a boolean indicating whether it's allowed to update the password for the EPerson with the given email and canLogin property
      Parameters:
      context - The relevant DSpace context
      email - The email to be checked
      Returns:
      A boolean indicating if the password can be updated or not

    • authorizePasswordChange

      protected static boolean authorizePasswordChange(Context context, jakarta.servlet.http.HttpServletRequest request) throws SQLException
      Checks if the current configuration has at least one password based authentication method
      Parameters:
      context - Dspace Context
      request - Current Request
      Returns:
      True if the password change is enabled
      Throws:
      SQLException

    • canCommunityAdminManageAccounts

      public static boolean canCommunityAdminManageAccounts()
      This method checks if the community Admin can manage accounts
      Returns:
      true if is able

    • canCollectionAdminManageAccounts

      public static boolean canCollectionAdminManageAccounts()
      This method checks if the Collection Admin can manage accounts
      Returns:
      true if is able