Skip to content

Commit

Permalink
Merged in task/dspace-cris-2023_02_x/DSC-1661 (pull request DSpace#2236)
Browse files Browse the repository at this point in the history
[DSC-1661] send item-correction.enabled property when checking for canCorrectItem without sending an item

Approved-by: Francesco Molinaro
Approved-by: Vincenzo Mecca
  • Loading branch information
Andrea Barbasso authored and FrancescoMolinaro committed Sep 23, 2024
2 parents 0edc9b5 + fb91d3a commit 6157c42
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.dspace.app.rest.authorization.AuthorizationFeatureDocumentation;
import org.dspace.app.rest.model.BaseObjectRest;
import org.dspace.app.rest.model.ItemRest;
import org.dspace.app.rest.model.SiteRest;
import org.dspace.content.Item;
import org.dspace.content.edit.CorrectItemMode;
import org.dspace.content.security.service.CrisSecurityService;
Expand Down Expand Up @@ -60,6 +61,10 @@ public class ItemCorrectionFeature implements AuthorizationFeature {
@Override
@SuppressWarnings("rawtypes")
public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLException {
if (object instanceof SiteRest) {
return configurationService.getBooleanProperty("item-correction.enabled", true);
}

if (!(object instanceof ItemRest)) {
return false;
}
Expand All @@ -73,7 +78,7 @@ public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLEx

@Override
public String[] getSupportedTypes() {
return new String[] { ItemRest.CATEGORY + "." + ItemRest.NAME };
return new String[] { ItemRest.CATEGORY + "." + ItemRest.NAME, SiteRest.CATEGORY + "." + SiteRest.NAME};
}

private boolean isAuthorizedToCorrectItem(Context context, ItemRest itemRest) throws SQLException {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@

import org.dspace.app.rest.authorization.impl.ItemCorrectionFeature;
import org.dspace.app.rest.converter.ItemConverter;
import org.dspace.app.rest.converter.SiteConverter;
import org.dspace.app.rest.model.ItemRest;
import org.dspace.app.rest.model.SiteRest;
import org.dspace.app.rest.projection.DefaultProjection;
import org.dspace.app.rest.projection.Projection;
import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
import org.dspace.app.rest.utils.Utils;
Expand All @@ -24,6 +27,8 @@
import org.dspace.builder.ItemBuilder;
import org.dspace.content.Collection;
import org.dspace.content.Item;
import org.dspace.content.Site;
import org.dspace.content.service.SiteService;
import org.dspace.eperson.EPerson;
import org.dspace.services.ConfigurationService;
import org.junit.Before;
Expand All @@ -37,6 +42,11 @@
*
*/
public class ItemCorrectionFeatureRestIT extends AbstractControllerIntegrationTest {
@Autowired
private SiteService siteService;

@Autowired
private SiteConverter siteConverter;

@Autowired
private ItemConverter itemConverter;
Expand Down Expand Up @@ -102,6 +112,27 @@ public void testFeatureWithCorrectionDisabled() throws Exception {

}

@Test
public void testFeatureWithCorrectionEnabledAndNoItem() throws Exception {

configurationService.setProperty("item-correction.permit-all", false);
configurationService.setProperty("item-correction.enabled", true);

String token = getAuthToken(admin.getEmail(), password);

Site site = siteService.findSite(context);
SiteRest siteRest = siteConverter.convert(site, DefaultProjection.DEFAULT);

Authorization expectedAuthorization = new Authorization(admin, canCorrectItem, siteRest);

getClient(token).perform(get("/api/authz/authorizations/search/object")
.param("eperson", String.valueOf(admin.getID()))
.param("uri", utils.linkToSingleResource(siteRest, "self").getHref())
.param("feature", ItemCorrectionFeature.NAME))
.andExpect(status().isOk())
.andExpect(jsonPath("$._embedded.authorizations", hasItem(matchAuthorization(expectedAuthorization))));
}

@Test
public void testFeatureWithAdmin() throws Exception {

Expand Down

0 comments on commit 6157c42

Please sign in to comment.