Changeset 5504
- Timestamp:
- 07/31/14 09:29:31 (10 years ago)
- Location:
- VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/Application.java
r5502 r5504 117 117 } 118 118 119 boolean isAdmin(String user) {119 public boolean isAdmin(String user) { 120 120 return adminUsers.contains(user); 121 121 } -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/BasePage.java
r5475 r5504 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui.pages; 2 2 3 import eu.clarin.cmdi.virtualcollectionregistry.gui.Application; 4 import eu.clarin.cmdi.virtualcollectionregistry.gui.ApplicationSession; 3 5 import java.security.Principal; 4 5 6 import javax.servlet.http.HttpServletRequest; 6 7 7 import org.apache.wicket.RestartResponseException; 8 import org.apache.wicket.WicketRuntimeException; 8 9 import org.apache.wicket.markup.html.WebPage; 9 10 import org.apache.wicket.model.IModel; 10 11 import org.apache.wicket.model.Model; 11 12 import eu.clarin.cmdi.virtualcollectionregistry.gui.ApplicationSession;13 import org.apache.wicket.WicketRuntimeException;14 12 15 13 public class BasePage extends WebPage { … … 82 80 return principal; 83 81 } 84 82 83 protected boolean isUserAdmin() { 84 final String userName = getUser().getName(); 85 return userName != null && ((Application)getApplication()).isAdmin(userName); 86 } 87 85 88 @Override 86 89 public ApplicationSession getSession() { -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/EditVirtualCollectionPage.java
r5417 r5504 39 39 private void checkAccess(final VirtualCollection vc) throws VirtualCollectionRegistryPermissionException { 40 40 // do not allow editing of VC's that are non-private or owned 41 // by someone else! 42 if (vc.getState() != State.PRIVATE 43 || !vc.getOwner().equalsPrincipal(getUser())) { 41 // by someone else! (except for admin) 42 if (!isUserAdmin() && 43 (vc.getState() != State.PRIVATE 44 || !vc.getOwner().equalsPrincipal(getUser()))) { 44 45 logger.warn("User {} attempts to edit virtual collection {} with state {} owned by {}", new Object[]{getUser().getName(), vc.getId(), vc.getState(), vc.getOwner().getName()}); 45 46 throw new UnauthorizedInstantiationException(EditVirtualCollectionPage.class); -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/VirtualCollectionDetailsPage.java
r5499 r5504 360 360 private void checkAccess(final VirtualCollection vc) throws UnauthorizedActionException { 361 361 if (vc.isPrivate() 362 && !isUserAdmin() 362 363 && !getSession().isCurrentUser(vc.getOwner())) { 363 364 // user trying to access other user's collection
Note: See TracChangeset
for help on using the changeset viewer.