Package org.dspace.authorize
Class AuthorizeServiceImpl
java.lang.Object
org.dspace.authorize.AuthorizeServiceImpl
- All Implemented Interfaces:
AuthorizeService
AuthorizeManager handles all authorization checks for DSpace. For better
security, DSpace assumes that you do not have the right to do something
unless that permission is spelled out somewhere. That "somewhere" is the
ResourcePolicy table. The AuthorizeManager is given a user, an object, and an
action, and it then does a lookup in the ResourcePolicy table to see if there
are any policies giving the user permission to do that action.
ResourcePolicies now apply to single objects (such as submit (ADD) permission to a collection.)
Note: If an eperson is a member of the administrator group (id 1), then they are automatically given permission for all requests another special group is group 0, which is anonymous - all EPeople are members of group 0.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected BitstreamServiceprotected GroupServiceprotected ResourcePolicyServiceprotected ContentServiceFactoryprotected WorkflowItemServiceprotected WorkspaceItemService -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddPolicies(Context c, List<ResourcePolicy> policies, DSpaceObject dest) Copies policies from a list of resource policies to a given DSpaceObjectvoidaddPolicy(Context c, DSpaceObject o, int actionID, EPerson e) Add a policy for an individual epersonvoidaddPolicy(Context context, DSpaceObject o, int actionID, EPerson e, String type) Add a policy for an individual epersonvoidaddPolicy(Context c, DSpaceObject o, int actionID, Group g) Add a policy for a groupvoidaddPolicy(Context c, DSpaceObject o, int actionID, Group g, String type) Add a policy for a groupprotected booleanauthorize(Context c, DSpaceObject o, int action, EPerson e, boolean useInheritance) Check to see if the given user can perform the given action on the given object.voidauthorizeAction(Context c, DSpaceObject o, int action) Checks that the context's current user can perform the given action on the given object.voidauthorizeAction(Context c, DSpaceObject o, int action, boolean useInheritance) Checks that the context's current user can perform the given action on the given object.voidauthorizeAction(Context c, EPerson e, DSpaceObject o, int action, boolean useInheritance) Checks that the specified eperson can perform the given action on the given object.booleanauthorizeActionBoolean(Context c, DSpaceObject o, int a) same authorize, returns boolean for those who don't want to deal with catching exceptions.booleanauthorizeActionBoolean(Context c, DSpaceObject o, int a, boolean useInheritance) same authorize, returns boolean for those who don't want to deal with catching exceptions.booleanauthorizeActionBoolean(Context c, EPerson e, DSpaceObject o, int a, boolean useInheritance) same authorize with a specific eperson (not the current user), returns boolean for those who don't want to deal with catching exceptions.voidauthorizeAnyOf(Context c, DSpaceObject o, int[] actions) Utility method, checks that the current user of the given context can perform all of the specified actions on the given object.longcountAdminAuthorizedCollection(Context context, String query) Finds the amount of collections for which the logged in user has ADMIN rights.longcountAdminAuthorizedCommunity(Context context, String query) Finds the amount of communities for which the logged in user has ADMIN rights.createOrModifyPolicy(ResourcePolicy policy, Context context, String name, Group group, EPerson ePerson, LocalDate embargoDate, int action, String reason, DSpaceObject dso) createResourcePolicy(Context context, DSpaceObject dso, Group group, EPerson eperson, int type, String rpType) createResourcePolicy(Context context, DSpaceObject dso, Group group, EPerson eperson, int type, String rpType, String rpName, String rpDescription, LocalDate startDate, LocalDate endDate) findAdminAuthorizedCollection(Context context, String query, int offset, int limit) Finds collections for which the logged in user has ADMIN rights.findAdminAuthorizedCommunity(Context context, String query, int offset, int limit) Finds communities for which the logged in user has ADMIN rights.findByTypeGroupAction(Context c, DSpaceObject dso, Group group, int action) findPoliciesByDSOAndType(Context c, DSpaceObject o, String type) Return a List of the policies for an objectgetAuthorizedGroups(Context c, DSpaceObject o, int actionID) Returns all groups authorized to perform an action on an object.getPolicies(Context c, DSpaceObject o) Return a List of the policies for an objectgetPoliciesActionFilter(Context c, DSpaceObject o, int actionID) Return a list of policies for an object that match the actiongetPoliciesActionFilterExceptRpType(Context c, DSpaceObject o, int actionID, String rpType) Return a list of policies for an object that match the action except the record labeled with the rpTypegetPoliciesForGroup(Context c, Group g) Return a List of the policies for a groupvoidinheritPolicies(Context c, DSpaceObject src, DSpaceObject dest) Add policies to an object to match those from a previous objectbooleanisAccountManager(Context context) Returns true if the current user can manage accounts.booleanCheck to see if the current user is a System Admin.booleanisAdmin(Context c, DSpaceObject o) Check to see if the current user is an Administrator of a given object within DSpace.booleanCheck to see if a specific user is system admin.booleanisAdmin(Context c, EPerson e, DSpaceObject o) Check to see if a specific user is an Administrator of a given object within DSpace.booleanbooleanisAnIdenticalPolicyAlreadyInPlace(Context c, DSpaceObject dso, Group group, int action, int policyID) Is a policy with the specified parameters already in place?protected booleanisAnyItemInstalled(Context ctx, List<Bundle> bundles) booleanisCollectionAdmin(Context context) Checks that the context's current user is a collection admin in the site by querying the solr database.booleanisComColAdmin(Context context) Checks that the context's current user is a community or collection admin in the site.booleanisCommunityAdmin(Context context) Checks that the context's current user is a community admin in the site by querying the solr database.booleanisItemAdmin(Context context) Checks that the context's current user is an item admin in the site by querying the solr database.voidRemoves all policies from an eperson that belong to an EPerson.voidremoves ALL policies for an object.voidremoveAllPoliciesByDSOAndType(Context c, DSpaceObject o, String type) removes policiesvoidremoves ALL policies for an object that are not of the input type.voidremoveEPersonPolicies(Context c, DSpaceObject o, EPerson e) Removes all policies from an eperson for a particular object that belong to an EPerson.voidremoveGroupPolicies(Context c, DSpaceObject o, Group g) Removes all policies from a group for a particular object that belong to a Group.voidremoveGroupPolicies(Context c, Group group) Removes all policies relating to a particular group.voidremovePoliciesActionFilter(Context context, DSpaceObject dso, int actionID) Remove all policies from an object that match a given action.voidreplaceAllPolicies(Context context, DSpaceObject source, DSpaceObject dest) Replace all the policies in the target object with exactly the same policies that exist in the source objectvoidswitchPoliciesAction(Context context, DSpaceObject dso, int fromAction, int toAction) Change all the policies related to the action (fromPolicy) of the specified object to the new action (toPolicy)
-
Field Details
-
bitstreamService
-
serviceFactory
-
groupService
-
resourcePolicyService
-
workspaceItemService
-
workflowItemService
-
-
Constructor Details
-
AuthorizeServiceImpl
protected AuthorizeServiceImpl()
-
-
Method Details
-
authorizeAnyOf
public void authorizeAnyOf(Context c, DSpaceObject o, int[] actions) throws AuthorizeException, SQLException Description copied from interface:AuthorizeServiceUtility method, checks that the current user of the given context can perform all of the specified actions on the given object. AnAuthorizeExceptionif all the authorizations fail.- Specified by:
authorizeAnyOfin interfaceAuthorizeService- Parameters:
c- context with the current usero- DSpace object user is attempting to perform action onactions- array of action IDs fromorg.dspace.core.Constants- Throws:
AuthorizeException- if any one of the specified actions cannot be performed by the current user on the given object.SQLException- An exception that provides information on a database access error or other errors.
-
authorizeAction
public void authorizeAction(Context c, DSpaceObject o, int action) throws AuthorizeException, SQLException Description copied from interface:AuthorizeServiceChecks that the context's current user can perform the given action on the given object. Throws an exception if the user is not authorized, otherwise the method call does nothing.- Specified by:
authorizeActionin interfaceAuthorizeService- Parameters:
c- contexto- a DSpaceObjectaction- action to perform fromorg.dspace.core.Constants- Throws:
AuthorizeException- Exception indicating the current user of the context does not have permission to perform a particular action.SQLException- An exception that provides information on a database access error or other errors.
-
authorizeAction
public void authorizeAction(Context c, DSpaceObject o, int action, boolean useInheritance) throws AuthorizeException, SQLException Description copied from interface:AuthorizeServiceChecks that the context's current user can perform the given action on the given object. Throws an exception if the user is not authorized, otherwise the method call does nothing.- Specified by:
authorizeActionin interfaceAuthorizeService- Parameters:
c- contexto- a DSpaceObjectaction- action to perform fromorg.dspace.core.ConstantsuseInheritance- flag to say if ADMIN action on the current object or parent object can be used- Throws:
AuthorizeException- Exception indicating the current user of the context does not have permission to perform a particular action.SQLException- An exception that provides information on a database access error or other errors.
-
authorizeAction
public void authorizeAction(Context c, EPerson e, DSpaceObject o, int action, boolean useInheritance) throws AuthorizeException, SQLException Description copied from interface:AuthorizeServiceChecks that the specified eperson can perform the given action on the given object. Throws an exception if the user is not authorized, otherwise the method call does nothing.- Specified by:
authorizeActionin interfaceAuthorizeService- Parameters:
c- contexte- the eperson to use for the authorization checko- a DSpaceObjectaction- action to perform fromorg.dspace.core.ConstantsuseInheritance- flag to say if ADMIN action on the current object or parent object can be used- Throws:
AuthorizeException- Exception indicating the current user of the context does not have permission to perform a particular action.SQLException- An exception that provides information on a database access error or other errors.
-
authorizeActionBoolean
Description copied from interface:AuthorizeServicesame authorize, returns boolean for those who don't want to deal with catching exceptions.- Specified by:
authorizeActionBooleanin interfaceAuthorizeService- Parameters:
c- DSpace context, containing current usero- DSpaceObjecta- action being attempted, fromorg.dspace.core.Constants- Returns:
trueif the current user in the context is authorized to perform the given action on the given object- Throws:
SQLException- An exception that provides information on a database access error or other errors.
-
authorizeActionBoolean
public boolean authorizeActionBoolean(Context c, DSpaceObject o, int a, boolean useInheritance) throws SQLException Description copied from interface:AuthorizeServicesame authorize, returns boolean for those who don't want to deal with catching exceptions.- Specified by:
authorizeActionBooleanin interfaceAuthorizeService- Parameters:
c- DSpace context, containing current usero- DSpaceObjecta- action being attempted, fromorg.dspace.core.ConstantsuseInheritance- flag to say if ADMIN action on the current object or parent object can be used- Returns:
trueif the current user in the context is authorized to perform the given action on the given object- Throws:
SQLException- An exception that provides information on a database access error or other errors.
-
authorizeActionBoolean
public boolean authorizeActionBoolean(Context c, EPerson e, DSpaceObject o, int a, boolean useInheritance) throws SQLException Description copied from interface:AuthorizeServicesame authorize with a specific eperson (not the current user), returns boolean for those who don't want to deal with catching exceptions.- Specified by:
authorizeActionBooleanin interfaceAuthorizeService- Parameters:
c- DSpace contexte- EPerson to use in the checko- DSpaceObjecta- action being attempted, fromorg.dspace.core.ConstantsuseInheritance- flag to say if ADMIN action on the current object or parent object can be used- Returns:
trueif the requested user is authorized to perform the given action on the given object- Throws:
SQLException- An exception that provides information on a database access error or other errors.
-
authorize
protected boolean authorize(Context c, DSpaceObject o, int action, EPerson e, boolean useInheritance) throws SQLException Check to see if the given user can perform the given action on the given object. Always returns true if the ignore authorization flat is set in the current context.- Parameters:
c- current context. User is irrelevant; "ignore authorization" flag is relevanto- object action is being attempted onaction- ID of action being attempted, fromorg.dspace.core.Constantse- user attempting actionuseInheritance- flag to say if ADMIN action on the current object or parent object can be used- Returns:
trueif user is authorized to perform the given action,falseotherwise- Throws:
SQLException- if database error
-
isAnyItemInstalled
- Throws:
SQLException
-
isAdmin
Description copied from interface:AuthorizeServiceCheck to see if the current user is an Administrator of a given object within DSpace. Always returntrueif the user is a System Admin- Specified by:
isAdminin interfaceAuthorizeService- Parameters:
c- current contexto- current DSpace Object, ifnullthe call will be equivalent to a call to theisAdmin(Context c)method- Returns:
trueif user has administrative privileges on the given DSpace object- Throws:
SQLException- An exception that provides information on a database access error or other errors.
-
isAdmin
Description copied from interface:AuthorizeServiceCheck to see if a specific user is an Administrator of a given object within DSpace. Always returntrueif the user is a System Admin- Specified by:
isAdminin interfaceAuthorizeService- Parameters:
c- current contexte- the user to checko- current DSpace Object, ifnullthe call will be equivalent to a call to theisAdmin(Context c)method- Returns:
trueif the user has administrative privileges on the given DSpace object- Throws:
SQLException- if database error
-
isAdmin
Description copied from interface:AuthorizeServiceCheck to see if the current user is a System Admin. Always returntrueif c.ignoreAuthorization is set. If no EPerson is logged in and context.getCurrentUser() returns null, this method returns false as anonymous users can never be administrators.- Specified by:
isAdminin interfaceAuthorizeService- Parameters:
c- current context- Returns:
trueif user is an admin or ignore authorization flag set- Throws:
SQLException- An exception that provides information on a database access error or other errors.
-
isAdmin
Description copied from interface:AuthorizeServiceCheck to see if a specific user is system admin. Always returntrueif c.ignoreAuthorization is set.- Specified by:
isAdminin interfaceAuthorizeService- Parameters:
c- current context- Returns:
trueif user is an admin or ignore authorization flag set- Throws:
SQLException- if database error
-
addPolicy
public void addPolicy(Context c, DSpaceObject o, int actionID, EPerson e) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceAdd a policy for an individual eperson- Specified by:
addPolicyin interfaceAuthorizeService- Parameters:
c- context. Current user irrelevanto- DSpaceObject to add policy toactionID- ID of action fromorg.dspace.core.Constantse- eperson who can perform the action- Throws:
SQLException- if database errorAuthorizeException- if current user in context is not authorized to add policies
-
addPolicy
public void addPolicy(Context context, DSpaceObject o, int actionID, EPerson e, String type) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceAdd a policy for an individual eperson- Specified by:
addPolicyin interfaceAuthorizeService- Parameters:
context- context. Current user irrelevanto- DSpaceObject to add policy toactionID- ID of action fromorg.dspace.core.Constantse- eperson who can perform the actiontype- policy type, default types are declared in the ResourcePolicy class- Throws:
SQLException- if database errorAuthorizeException- if current user in context is not authorized to add policies
-
addPolicy
public void addPolicy(Context c, DSpaceObject o, int actionID, Group g) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceAdd a policy for a group- Specified by:
addPolicyin interfaceAuthorizeService- Parameters:
c- current contexto- object to add policy foractionID- ID of action fromorg.dspace.core.Constantsg- group to add policy for- Throws:
SQLException- if there's a database problemAuthorizeException- if the current user is not authorized to add this policy
-
addPolicy
public void addPolicy(Context c, DSpaceObject o, int actionID, Group g, String type) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceAdd a policy for a group- Specified by:
addPolicyin interfaceAuthorizeService- Parameters:
c- current contexto- object to add policy foractionID- ID of action fromorg.dspace.core.Constantsg- group to add policy fortype- policy type, default types are declared in the ResourcePolicy class- Throws:
SQLException- if there's a database problemAuthorizeException- if the current user is not authorized to add this policy
-
getPolicies
Description copied from interface:AuthorizeServiceReturn a List of the policies for an object- Specified by:
getPoliciesin interfaceAuthorizeService- Parameters:
c- current contexto- object to retrieve policies for- Returns:
- List of
ResourcePolicyobjects - Throws:
SQLException- if database error
-
findPoliciesByDSOAndType
public List<ResourcePolicy> findPoliciesByDSOAndType(Context c, DSpaceObject o, String type) throws SQLException Description copied from interface:AuthorizeServiceReturn a List of the policies for an object- Specified by:
findPoliciesByDSOAndTypein interfaceAuthorizeService- Parameters:
c- current contexto- object to retrieve policies fortype- type- Returns:
- List of
ResourcePolicyobjects - Throws:
SQLException- if database error
-
getPoliciesForGroup
Description copied from interface:AuthorizeServiceReturn a List of the policies for a group- Specified by:
getPoliciesForGroupin interfaceAuthorizeService- Parameters:
c- current contextg- group to retrieve policies for- Returns:
- List of
ResourcePolicyobjects - Throws:
SQLException- if database error
-
getPoliciesActionFilter
public List<ResourcePolicy> getPoliciesActionFilter(Context c, DSpaceObject o, int actionID) throws SQLException Description copied from interface:AuthorizeServiceReturn a list of policies for an object that match the action- Specified by:
getPoliciesActionFilterin interfaceAuthorizeService- Parameters:
c- contexto- DSpaceObject policies relate toactionID- action (defined in class Constants)- Returns:
- list of resource policies
- Throws:
SQLException- if there's a database problem
-
inheritPolicies
public void inheritPolicies(Context c, DSpaceObject src, DSpaceObject dest) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceAdd policies to an object to match those from a previous object- Specified by:
inheritPoliciesin interfaceAuthorizeService- Parameters:
c- contextsrc- source of policiesdest- destination of inherited policies- Throws:
SQLException- if there's a database problemAuthorizeException- if the current user is not authorized to add these policies
-
replaceAllPolicies
public void replaceAllPolicies(Context context, DSpaceObject source, DSpaceObject dest) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceReplace all the policies in the target object with exactly the same policies that exist in the source object- Specified by:
replaceAllPoliciesin interfaceAuthorizeService- Parameters:
context- DSpace Contextsource- source of policiesdest- destination of inherited policies- Throws:
SQLException- if there's a database problemAuthorizeException- if the current user is not authorized to add these policies
-
switchPoliciesAction
public void switchPoliciesAction(Context context, DSpaceObject dso, int fromAction, int toAction) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceChange all the policies related to the action (fromPolicy) of the specified object to the new action (toPolicy)- Specified by:
switchPoliciesActionin interfaceAuthorizeService- Parameters:
context- The relevant DSpace Context.dso- the dspace objectfromAction- the action to changetoAction- the new action to set- Throws:
SQLException- An exception that provides information on a database access error or other errors.AuthorizeException- Exception indicating the current user of the context does not have permission to perform a particular action.
-
addPolicies
public void addPolicies(Context c, List<ResourcePolicy> policies, DSpaceObject dest) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceCopies policies from a list of resource policies to a given DSpaceObject- Specified by:
addPoliciesin interfaceAuthorizeService- Parameters:
c- DSpace contextpolicies- List of ResourcePolicy objectsdest- object to have policies added- Throws:
SQLException- if there's a database problemAuthorizeException- if the current user is not authorized to add these policies
-
removeAllPolicies
Description copied from interface:AuthorizeServiceremoves ALL policies for an object. FIXME doesn't check authorization- Specified by:
removeAllPoliciesin interfaceAuthorizeService- Parameters:
c- DSpace contexto- object to remove policies for- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removeAllPoliciesByDSOAndTypeNotEqualsTo
public void removeAllPoliciesByDSOAndTypeNotEqualsTo(Context c, DSpaceObject o, String type) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceremoves ALL policies for an object that are not of the input type.- Specified by:
removeAllPoliciesByDSOAndTypeNotEqualsToin interfaceAuthorizeService- Parameters:
c- DSpace contexto- object to remove policies fortype- type- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removeAllPoliciesByDSOAndType
public void removeAllPoliciesByDSOAndType(Context c, DSpaceObject o, String type) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceremoves policies- Specified by:
removeAllPoliciesByDSOAndTypein interfaceAuthorizeService- Parameters:
c- DSpace contexto- object to remove policies fortype- policy type- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removePoliciesActionFilter
public void removePoliciesActionFilter(Context context, DSpaceObject dso, int actionID) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceRemove all policies from an object that match a given action. FIXME doesn't check authorization- Specified by:
removePoliciesActionFilterin interfaceAuthorizeService- Parameters:
context- current contextdso- object to remove policies fromactionID- ID of action to match fromConstants, or -1=all- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removeGroupPolicies
Description copied from interface:AuthorizeServiceRemoves all policies relating to a particular group. FIXME doesn't check authorization- Specified by:
removeGroupPoliciesin interfaceAuthorizeService- Parameters:
c- current contextgroup- the group- Throws:
SQLException- if there's a database problem
-
removeGroupPolicies
public void removeGroupPolicies(Context c, DSpaceObject o, Group g) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceRemoves all policies from a group for a particular object that belong to a Group. FIXME doesn't check authorization- Specified by:
removeGroupPoliciesin interfaceAuthorizeService- Parameters:
c- current contexto- the objectg- the group- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removeEPersonPolicies
public void removeEPersonPolicies(Context c, DSpaceObject o, EPerson e) throws SQLException, AuthorizeException Description copied from interface:AuthorizeServiceRemoves all policies from an eperson for a particular object that belong to an EPerson. FIXME doesn't check authorization- Specified by:
removeEPersonPoliciesin interfaceAuthorizeService- Parameters:
c- current contexto- the objecte- the eperson- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
removeAllEPersonPolicies
Description copied from interface:AuthorizeServiceRemoves all policies from an eperson that belong to an EPerson.- Specified by:
removeAllEPersonPoliciesin interfaceAuthorizeService- Parameters:
c- current contexte- the eperson- Throws:
SQLException- if there's a database problemAuthorizeException- if authorization error
-
getAuthorizedGroups
Description copied from interface:AuthorizeServiceReturns all groups authorized to perform an action on an object. Returns empty array if no matches.- Specified by:
getAuthorizedGroupsin interfaceAuthorizeService- Parameters:
c- current contexto- objectactionID- ID of action fromConstants- Returns:
- array of
Groupsthat can perform the specified action on the specified object - Throws:
SQLException- if there's a database problem
-
isAnIdenticalPolicyAlreadyInPlace
public boolean isAnIdenticalPolicyAlreadyInPlace(Context c, DSpaceObject o, ResourcePolicy rp) throws SQLException - Specified by:
isAnIdenticalPolicyAlreadyInPlacein interfaceAuthorizeService- Throws:
SQLException
-
isAnIdenticalPolicyAlreadyInPlace
public boolean isAnIdenticalPolicyAlreadyInPlace(Context c, DSpaceObject dso, Group group, int action, int policyID) throws SQLException Description copied from interface:AuthorizeServiceIs a policy with the specified parameters already in place?- Specified by:
isAnIdenticalPolicyAlreadyInPlacein interfaceAuthorizeService- Parameters:
c- current contextdso- objectgroup- groupaction- ID of action fromConstantspolicyID- ID of an existing policy. If -1 is specified, this parameter will be ignored- Returns:
- true if such a policy exists, false otherwise
- Throws:
SQLException- if there's a database problem
-
findByTypeGroupAction
public ResourcePolicy findByTypeGroupAction(Context c, DSpaceObject dso, Group group, int action) throws SQLException - Specified by:
findByTypeGroupActionin interfaceAuthorizeService- Throws:
SQLException
-
createResourcePolicy
public ResourcePolicy createResourcePolicy(Context context, DSpaceObject dso, Group group, EPerson eperson, int type, String rpType) throws SQLException, AuthorizeException - Specified by:
createResourcePolicyin interfaceAuthorizeService- Throws:
SQLExceptionAuthorizeException
-
createResourcePolicy
public ResourcePolicy createResourcePolicy(Context context, DSpaceObject dso, Group group, EPerson eperson, int type, String rpType, String rpName, String rpDescription, LocalDate startDate, LocalDate endDate) throws SQLException, AuthorizeException - Specified by:
createResourcePolicyin interfaceAuthorizeService- Throws:
SQLExceptionAuthorizeException
-
createOrModifyPolicy
public ResourcePolicy createOrModifyPolicy(ResourcePolicy policy, Context context, String name, Group group, EPerson ePerson, LocalDate embargoDate, int action, String reason, DSpaceObject dso) throws AuthorizeException, SQLException - Specified by:
createOrModifyPolicyin interfaceAuthorizeService- Throws:
AuthorizeExceptionSQLException
-
getPoliciesActionFilterExceptRpType
public List<ResourcePolicy> getPoliciesActionFilterExceptRpType(Context c, DSpaceObject o, int actionID, String rpType) throws SQLException Description copied from interface:AuthorizeServiceReturn a list of policies for an object that match the action except the record labeled with the rpType- Specified by:
getPoliciesActionFilterExceptRpTypein interfaceAuthorizeService- Parameters:
c- contexto- DSpaceObject policies relate toactionID- action (defined in class Constants)rpType- the resource policy type- Returns:
- list of resource policies
- Throws:
SQLException- if there's a database problem
-
isCommunityAdmin
Checks that the context's current user is a community admin in the site by querying the solr database.- Specified by:
isCommunityAdminin interfaceAuthorizeService- Parameters:
context- context with the current user- Returns:
- true if the current user is a community admin in the site false when this is not the case, or an exception occurred
- Throws:
SQLException- passed through.
-
isCollectionAdmin
Checks that the context's current user is a collection admin in the site by querying the solr database.- Specified by:
isCollectionAdminin interfaceAuthorizeService- Parameters:
context- context with the current user- Returns:
- true if the current user is a collection admin in the site false when this is not the case, or an exception occurred
- Throws:
SQLException- passed through.
-
isItemAdmin
Checks that the context's current user is an item admin in the site by querying the solr database.- Specified by:
isItemAdminin interfaceAuthorizeService- Parameters:
context- context with the current user- Returns:
- true if the current user is an item admin in the site false when this is not the case, or an exception occurred
- Throws:
SQLException- passed through.
-
isComColAdmin
Checks that the context's current user is a community or collection admin in the site.- Specified by:
isComColAdminin interfaceAuthorizeService- Parameters:
context- context with the current user- Returns:
- true if the current user is a community or collection admin in the site false when this is not the case, or an exception occurred
- Throws:
SQLException- passed through.
-
findAdminAuthorizedCommunity
public List<Community> findAdminAuthorizedCommunity(Context context, String query, int offset, int limit) throws SearchServiceException, SQLException Finds communities for which the logged in user has ADMIN rights.- Specified by:
findAdminAuthorizedCommunityin interfaceAuthorizeService- Parameters:
context- the context whose user is checked againstquery- the optional extra queryoffset- the offset for paginationlimit- the amount of dso's to return- Returns:
- a list of communities for which the logged in user has ADMIN rights.
- Throws:
SearchServiceExceptionSQLException
-
countAdminAuthorizedCommunity
public long countAdminAuthorizedCommunity(Context context, String query) throws SearchServiceException, SQLException Finds the amount of communities for which the logged in user has ADMIN rights.- Specified by:
countAdminAuthorizedCommunityin interfaceAuthorizeService- Parameters:
context- the context whose user is checked againstquery- the optional extra query- Returns:
- the number of communities for which the logged in user has ADMIN rights.
- Throws:
SearchServiceExceptionSQLException
-
findAdminAuthorizedCollection
public List<Collection> findAdminAuthorizedCollection(Context context, String query, int offset, int limit) throws SearchServiceException, SQLException Finds collections for which the logged in user has ADMIN rights.- Specified by:
findAdminAuthorizedCollectionin interfaceAuthorizeService- Parameters:
context- the context whose user is checked againstquery- the optional extra queryoffset- the offset for paginationlimit- the amount of dso's to return- Returns:
- a list of collections for which the logged in user has ADMIN rights.
- Throws:
SearchServiceExceptionSQLException
-
countAdminAuthorizedCollection
public long countAdminAuthorizedCollection(Context context, String query) throws SearchServiceException, SQLException Finds the amount of collections for which the logged in user has ADMIN rights.- Specified by:
countAdminAuthorizedCollectionin interfaceAuthorizeService- Parameters:
context- the context whose user is checked againstquery- the optional extra query- Returns:
- the number of collections for which the logged in user has ADMIN rights.
- Throws:
SearchServiceExceptionSQLException
-
isAccountManager
Description copied from interface:AuthorizeServiceReturns true if the current user can manage accounts.- Specified by:
isAccountManagerin interfaceAuthorizeService- Parameters:
context- context with the current user- Returns:
- true if the current user can manage accounts
-