Revision 57178b7f
Added by Andreas Kohlbecker over 6 years ago
cdmlib-model/src/main/java/eu/etaxonomy/cdm/model/common/Group.java | ||
---|---|---|
50 | 50 |
private static final Logger logger = Logger.getLogger(Group.class); |
51 | 51 |
|
52 | 52 |
public final static UUID GROUP_EDITOR_UUID = UUID.fromString("22e5e8af-b99c-4884-a92f-71978efd3770"); |
53 |
public final static UUID GROUP_EDITOR_EXTENDED_CREATE_UUID = UUID.fromString("89a7f47f-6f2b-45ac-88d4-a99a4cf29f07"); |
|
53 | 54 |
public final static UUID GROUP_PROJECT_MANAGER_UUID = UUID.fromString("645191ae-32a4-4d4e-9b86-c90e0d41944a"); |
54 | 55 |
public final static UUID GROUP_PUBLISHER_UUID = UUID.fromString("c1f20ad8-1782-40a7-b06b-ce4773acb5ea"); |
55 | 56 |
public final static UUID GROUP_ADMIN_UUID = UUID.fromString("1739df71-bf73-4dc6-8320-aaaf72cb555f"); |
56 | 57 |
|
58 |
public final static String GROUP_EDITOR_NAME = "Editor"; |
|
59 |
/** |
|
60 |
* This group will in future replace the group Editor, see issue #7150 |
|
61 |
*/ |
|
62 |
public final static String GROUP_EDITOR_EXTENDED_CREATE_NAME = "EditorExtendedCreate"; |
|
63 |
public final static String GROUP_PROJECT_MANAGER_NAME = "ProjectManager"; |
|
64 |
public final static String GROUP_ADMIN_NAME = "Admin"; |
|
65 |
|
|
66 |
|
|
57 | 67 |
//*********************** FACTORY *********************/ |
58 | 68 |
|
59 | 69 |
public static Group NewInstance(){ |
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/permission/voter/CollectionVoter.java | ||
---|---|---|
1 |
package eu.etaxonomy.cdm.persistence.hibernate.permission.voter; |
|
2 |
|
|
3 |
import eu.etaxonomy.cdm.model.common.CdmBase; |
|
4 |
import eu.etaxonomy.cdm.model.occurrence.Collection; |
|
5 |
|
|
6 |
public class CollectionVoter extends CdmPermissionVoter { |
|
7 |
|
|
8 |
@Override |
|
9 |
public Class<? extends CdmBase> getResponsibilityClass() { |
|
10 |
return Collection.class; |
|
11 |
} |
|
12 |
|
|
13 |
/* (non-Javadoc) |
|
14 |
* @see eu.etaxonomy.cdm.persistence.hibernate.permission.voter.CdmPermissionVoter#isOrpahn(eu.etaxonomy.cdm.model.common.CdmBase) |
|
15 |
*/ |
|
16 |
@Override |
|
17 |
public boolean isOrpahn(CdmBase object) { |
|
18 |
return false; |
|
19 |
} |
|
20 |
|
|
21 |
} |
cdmlib-persistence/src/main/resources/eu/etaxonomy/cdm/security_base.xml | ||
---|---|---|
45 | 45 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.DescriptionElementVoter" /> |
46 | 46 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.TaxonNameVoter" /> |
47 | 47 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.ReferenceVoter" /> |
48 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.CollectionVoter" /> |
|
48 | 49 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.TeamOrPersonBaseVoter" /> |
49 | 50 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.RegistrationVoter" /> |
50 | 51 |
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.SpecimenOrObservationBaseVoter" /> |
cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/application/FirstDataInserter.java | ||
---|---|---|
18 | 18 |
import org.apache.log4j.Logger; |
19 | 19 |
import org.springframework.beans.factory.annotation.Autowired; |
20 | 20 |
import org.springframework.context.event.ContextRefreshedEvent; |
21 |
import org.springframework.context.event.ContextStartedEvent; |
|
22 | 21 |
import org.springframework.security.authentication.AuthenticationProvider; |
23 | 22 |
import org.springframework.security.core.GrantedAuthority; |
24 | 23 |
import org.springframework.transaction.PlatformTransactionManager; |
... | ... | |
89 | 88 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
90 | 89 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ_UPDATE_DELETE).toString(), |
91 | 90 |
new CdmAuthority(CdmPermissionClass.SPECIMENOROBSERVATIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
91 |
new CdmAuthority(CdmPermissionClass.COLLECTION, CREATE_READ_UPDATE_DELETE).toString(), |
|
92 |
}; |
|
93 |
|
|
94 |
/** |
|
95 |
* This group will in future replace the group Editor, see issue #7150 |
|
96 |
*/ |
|
97 |
public static final String[] EDITOR_GROUP_EXTENDED_CREATE_GROUP_AUTHORITIES = new String[]{ |
|
98 |
new CdmAuthority(CdmPermissionClass.REFERENCE, CREATE_READ).toString(), |
|
99 |
new CdmAuthority(CdmPermissionClass.TAXONNAME, CREATE_READ).toString(), |
|
100 |
new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, CREATE_READ).toString(), |
|
101 |
new CdmAuthority(CdmPermissionClass.TAXONBASE, CREATE_READ).toString(), |
|
102 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONBASE, CREATE_READ).toString(), |
|
103 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ).toString(), |
|
104 |
new CdmAuthority(CdmPermissionClass.SPECIMENOROBSERVATIONBASE, CREATE_READ).toString(), |
|
105 |
new CdmAuthority(CdmPermissionClass.COLLECTION, CREATE_READ).toString(), |
|
92 | 106 |
}; |
93 | 107 |
|
94 | 108 |
public static final String[] PROJECT_MANAGER_GROUP_AUTHORITIES = new String[]{ |
... | ... | |
205 | 219 |
private void checkDefaultGroups(){ |
206 | 220 |
|
207 | 221 |
progressMonitor.subTask("Checking default groups"); |
208 |
checkGroup(Group.GROUP_EDITOR_UUID, "Editor", EDITOR_GROUP_AUTHORITIES); |
|
209 |
checkGroup(Group.GROUP_PROJECT_MANAGER_UUID, "ProjectManager", PROJECT_MANAGER_GROUP_AUTHORITIES); |
|
210 |
checkGroup(Group.GROUP_ADMIN_UUID, "Admin", ADMIN_GROUP_AUTHORITIES); |
|
222 |
checkGroup(Group.GROUP_EDITOR_UUID, Group.GROUP_EDITOR_NAME, EDITOR_GROUP_AUTHORITIES); |
|
223 |
checkGroup(Group.GROUP_EDITOR_EXTENDED_CREATE_UUID, Group.GROUP_EDITOR_EXTENDED_CREATE_NAME, EDITOR_GROUP_EXTENDED_CREATE_GROUP_AUTHORITIES); |
|
224 |
checkGroup(Group.GROUP_PROJECT_MANAGER_UUID, Group.GROUP_PROJECT_MANAGER_NAME, PROJECT_MANAGER_GROUP_AUTHORITIES); |
|
225 |
checkGroup(Group.GROUP_ADMIN_UUID, Group.GROUP_ADMIN_NAME, ADMIN_GROUP_AUTHORITIES); |
|
211 | 226 |
progressMonitor.worked(1); |
212 | 227 |
} |
213 | 228 |
|
... | ... | |
223 | 238 |
group.setUuid(groupUuid); |
224 | 239 |
logger.info("New Group '" + groupName + "' created"); |
225 | 240 |
} |
226 |
group.setName(groupName); // force name |
|
241 |
group.setName(groupName); // force default name
|
|
227 | 242 |
|
228 | 243 |
Set<GrantedAuthority> grantedAuthorities = group.getGrantedAuthorities(); |
229 | 244 |
|
Also available in: Unified diff
ref #7150 implementing CollectionVoter and adding new default PermissionGroup 'EditorExtendedCreate'