From 218f60594b812d343f199d8c93e1b9fda659ab0b Mon Sep 17 00:00:00 2001 From: "Gantner, Florian Klaus" Date: Thu, 2 May 2024 14:46:53 +0200 Subject: [PATCH] consider security level in browse index plugins --- ...lrServiceMetadataBrowseIndexingPlugin.java | 12 ++ .../org/dspace/discovery/DiscoveryIT.java | 113 ++++++++++++++++++ 2 files changed, 125 insertions(+) diff --git a/dspace-api/src/main/java/org/dspace/discovery/SolrServiceMetadataBrowseIndexingPlugin.java b/dspace-api/src/main/java/org/dspace/discovery/SolrServiceMetadataBrowseIndexingPlugin.java index 7be7ecff450..68fbcfc285b 100644 --- a/dspace-api/src/main/java/org/dspace/discovery/SolrServiceMetadataBrowseIndexingPlugin.java +++ b/dspace-api/src/main/java/org/dspace/discovery/SolrServiceMetadataBrowseIndexingPlugin.java @@ -125,8 +125,20 @@ public void additionalIndex(Context context, IndexableObject indexableObject, So Boolean.FALSE), true); + // the maximum security level (if not null) which ist still indexed + Integer maxsecuritylevel = DSpaceServicesFactory + .getInstance() + .getConfigurationService() + .getIntProperty("discovery.index.securitylevel.maxlevel", 0); + + for (int x = 0; x < values.size(); x++) { MetadataValue val = values.get(x); + + if (val.getSecurityLevel() != null && val.getSecurityLevel() > maxsecuritylevel) { + continue; + } + boolean hasChoiceAuthority = choiceAuthorityService .isChoicesConfigured(metadataAuthorityService .makeFieldKey(val.getSchema(), val.getElement(), val.getQualifier()) diff --git a/dspace-api/src/test/java/org/dspace/discovery/DiscoveryIT.java b/dspace-api/src/test/java/org/dspace/discovery/DiscoveryIT.java index ba2c4768094..9b309ac736c 100644 --- a/dspace-api/src/test/java/org/dspace/discovery/DiscoveryIT.java +++ b/dspace-api/src/test/java/org/dspace/discovery/DiscoveryIT.java @@ -8,6 +8,10 @@ package org.dspace.discovery; import static org.dspace.discovery.SolrServiceWorkspaceWorkflowRestrictionPlugin.DISCOVER_WORKSPACE_CONFIGURATION_NAME; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.hasItem; +import static org.hamcrest.Matchers.not; +import static org.hamcrest.Matchers.startsWith; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; @@ -21,6 +25,10 @@ import java.util.stream.Collectors; import javax.servlet.http.HttpServletRequest; +import org.apache.solr.client.solrj.SolrQuery; +import org.apache.solr.client.solrj.SolrServerException; +import org.apache.solr.client.solrj.response.QueryResponse; +import org.apache.solr.common.SolrDocument; import org.dspace.AbstractIntegrationTestWithDatabase; import org.dspace.app.launcher.ScriptLauncher; import org.dspace.app.scripts.handler.impl.TestDSpaceRunnableHandler; @@ -99,6 +107,9 @@ public class DiscoveryIT extends AbstractIntegrationTestWithDatabase { MetadataAuthorityService metadataAuthorityService = ContentAuthorityServiceFactory.getInstance() .getMetadataAuthorityService(); + SolrSearchCore solrSearchCore = DSpaceServicesFactory.getInstance().getServiceManager() + .getServicesByType(SolrSearchCore.class).get(0); + @Override @Before public void setUp() throws Exception { @@ -799,6 +810,108 @@ public void searchWithDefaultSortServiceTest() throws SearchServiceException { } } + /** + * Test designed to check if metadatavalues with securitylevel are indexed. + * @throws SearchServiceException + */ + @Test + public void searchWithMaxSecurityLevelSetTest() throws SearchServiceException { + + configurationService.setProperty("discovery.index.securitylevel.maxlevel", 0); + DiscoveryConfiguration defaultConf = SearchUtils.getDiscoveryConfiguration(context, "default", null); + + // Populate the testing objects: create items in eperson's workspace and perform search in it + int numberItems = 10; + context.turnOffAuthorisationSystem(); + EPerson submitter = null; + try { + submitter = EPersonBuilder.createEPerson(context).withEmail("submitter@example.org") + .withNameInMetadata("Peter", "Funny").build(); + } catch (SQLException e) { + throw new RuntimeException(e); + } + context.setCurrentUser(submitter); + Community community = CommunityBuilder.createCommunity(context).build(); + Collection collection = CollectionBuilder.createCollection(context, community).build(); + for (int i = 0; i < numberItems; i++) { + ItemBuilder.createItem(context, collection) + .withTitle("item " + i) + .withSecuredMetadata("dc", "description", "abstract", "secured" + i + ".", 1) + .withSecuredMetadata("dc", "description", "abstract", "secured" + i + ".", 2) + .withSecuredMetadata("dc", "description", "abstract", "nonsecured" + i + ".", 0) + .build(); + } + context.restoreAuthSystemState(); + + // Build query with default parameters (except for workspaceConf) + QueryResponse result = null; + try { + result = solrSearchCore.getSolr().query(new SolrQuery(String.format( + "search.resourcetype:\"Item\""))); + } catch (SolrServerException e) { + throw new RuntimeException(e); + } catch (IOException e) { + throw new RuntimeException(e); + } + assertEquals(result.getResults().size(), numberItems); + for (SolrDocument doc : result.getResults()) { + assertThat(doc.getFieldNames(), hasItem("dc.description.abstract")); + assertThat(doc.getFieldValues("dc.description.abstract"), not(hasItem(startsWith("secured")))); + assertThat(doc.getFieldValues("dc.description.abstract"), hasItem(startsWith("nonsecured"))); + } + } + + /** + * Test designed to check if metadatavalues with securitylevel greater than 0 are indexed. + * @throws SearchServiceException + */ + @Test + public void searchWithMaxSecurityLevelGreater1SetTest() throws SearchServiceException { + + configurationService.setProperty("discovery.index.securitylevel.maxlevel", 1); + DiscoveryConfiguration defaultConf = SearchUtils.getDiscoveryConfiguration(context, "default", null); + + // Populate the testing objects: create items in eperson's workspace and perform search in it + int numberItems = 10; + context.turnOffAuthorisationSystem(); + EPerson submitter = null; + try { + submitter = EPersonBuilder.createEPerson(context).withEmail("submitter@example.org") + .withNameInMetadata("Peter", "Funny").build(); + } catch (SQLException e) { + throw new RuntimeException(e); + } + context.setCurrentUser(submitter); + Community community = CommunityBuilder.createCommunity(context).build(); + Collection collection = CollectionBuilder.createCollection(context, community).build(); + for (int i = 0; i < numberItems; i++) { + ItemBuilder.createItem(context, collection) + .withTitle("item " + i) + .withSecuredMetadata("dc", "description", "abstract", "nonsecured" + i + ".", 1) + .withSecuredMetadata("dc", "description", "abstract", "secured" + i + ".", 2) + .withSecuredMetadata("dc", "description", "abstract", "nonsecured" + i + ".", 0) + .build(); + } + context.restoreAuthSystemState(); + + // Build query with default parameters (except for workspaceConf) + QueryResponse result = null; + try { + result = solrSearchCore.getSolr().query(new SolrQuery(String.format( + "search.resourcetype:\"Item\""))); + } catch (SolrServerException e) { + throw new RuntimeException(e); + } catch (IOException e) { + throw new RuntimeException(e); + } + assertEquals(result.getResults().size(), numberItems); + for (SolrDocument doc : result.getResults()) { + assertThat(doc.getFieldNames(), hasItem("dc.description.abstract")); + assertThat(doc.getFieldValues("dc.description.abstract"), not(hasItem(startsWith("secured")))); + assertThat(doc.getFieldValues("dc.description.abstract"), hasItem(startsWith("nonsecured"))); + } + } + private void assertSearchQuery(String resourceType, int size) throws SearchServiceException { assertSearchQuery(resourceType, size, size, 0, -1); }