Commit 8bcc5872 authored by Matija Obreza's avatar Matija Obreza

Admin tools: Fix ACL for repository folders, files, galleries, subsets, datasets

parent 70854840
...@@ -21,11 +21,8 @@ import org.genesys.blocks.util.ClassAclOid; ...@@ -21,11 +21,8 @@ import org.genesys.blocks.util.ClassAclOid;
import org.genesys.blocks.util.CurrentApplicationContext; import org.genesys.blocks.util.CurrentApplicationContext;
import org.genesys.catalog.model.Partner; import org.genesys.catalog.model.Partner;
import org.genesys.catalog.persistence.PartnerRepository; import org.genesys.catalog.persistence.PartnerRepository;
import org.genesys.catalog.persistence.dataset.DatasetRepository;
import org.genesys2.server.component.security.AsAdminInvoker; import org.genesys2.server.component.security.AsAdminInvoker;
import org.genesys2.server.model.impl.FaoInstitute; import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.SubsetRepository;
import org.genesys2.server.persistence.kpi.ExecutionRepository;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
...@@ -58,28 +55,12 @@ public class ApplicationUpgrades implements InitializingBean { ...@@ -58,28 +55,12 @@ public class ApplicationUpgrades implements InitializingBean {
*/ */
@Override @Override
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
kpiEnsureACL();
aclEnsureClassOIDs(); aclEnsureClassOIDs();
aclMakePartnersPublic(); aclMakePartnersPublic();
aclMakeDraftsPrivate();
} }
@Autowired
private ExecutionRepository kpiExecutionRepository;
@Autowired @Autowired
private CustomAclService aclService; private CustomAclService aclService;
protected void kpiEnsureACL() throws Exception {
asAdminInvoker.invoke(() -> {
LOG.warn("Adding ACL support to KPI Execution");
kpiExecutionRepository.findAll().forEach(execution -> {
LOG.warn("Making KPI Execution {} ACL-ready", execution.getName());
aclService.createOrUpdatePermissions(execution);
});
return true;
});
}
private void aclEnsureClassOIDs() throws Exception { private void aclEnsureClassOIDs() throws Exception {
asAdminInvoker.invoke(() -> { asAdminInvoker.invoke(() -> {
...@@ -95,7 +76,6 @@ public class ApplicationUpgrades implements InitializingBean { ...@@ -95,7 +76,6 @@ public class ApplicationUpgrades implements InitializingBean {
}); });
} }
@Autowired @Autowired
private PartnerRepository partnerRepository; private PartnerRepository partnerRepository;
...@@ -110,29 +90,4 @@ public class ApplicationUpgrades implements InitializingBean { ...@@ -110,29 +90,4 @@ public class ApplicationUpgrades implements InitializingBean {
return true; return true;
}); });
} }
@Autowired
private DatasetRepository datasetRepository;
@Autowired
private SubsetRepository subsetRepository;
private void aclMakeDraftsPrivate() throws Exception {
asAdminInvoker.invoke(() -> {
LOG.warn("Making non-published Datasets and Subsets private, and published publicly readable");
datasetRepository.findAll().forEach(dataset -> {
LOG.warn("Setting ACL for Dataset {}", dataset.getTitle());
aclService.makePubliclyReadable(dataset, dataset.isPublished());
});
subsetRepository.findAll().forEach(subset -> {
LOG.warn("Setting ACL for Subset {}", subset.getTitle());
aclService.makePubliclyReadable(subset, subset.isPublished());
});
LOG.warn("Datasets and Subsets are protected.");
return true;
});
}
} }
...@@ -53,6 +53,8 @@ import org.genesys2.server.model.impl.FaoInstitute; ...@@ -53,6 +53,8 @@ import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.AccessionRepository; import org.genesys2.server.persistence.AccessionRepository;
import org.genesys2.server.persistence.FaoInstituteRepository; import org.genesys2.server.persistence.FaoInstituteRepository;
import org.genesys2.server.persistence.PDCIRepository; import org.genesys2.server.persistence.PDCIRepository;
import org.genesys2.server.persistence.SubsetRepository;
import org.genesys2.server.persistence.kpi.ExecutionRepository;
import org.genesys2.server.service.ContentService; import org.genesys2.server.service.ContentService;
import org.genesys2.server.service.CountryNamesUpdater; import org.genesys2.server.service.CountryNamesUpdater;
import org.genesys2.server.service.CropService; import org.genesys2.server.service.CropService;
...@@ -545,5 +547,49 @@ public class AdminController { ...@@ -545,5 +547,49 @@ public class AdminController {
return "redirect:/admin/"; return "redirect:/admin/";
} }
@Autowired
private SubsetRepository subsetRepository;
@PostMapping(value = "/acl", params = { "subsets" })
@Transactional
public String aclFixSubsetAcl() throws Exception {
LOG.warn("Adding ACL for Subsets");
subsetRepository.findAll().forEach(subset -> {
LOG.warn("Setting ACL for Subset {}", subset.getTitle());
aclService.makePubliclyReadable(subset, subset.isPublished());
});
return "redirect:/admin/";
}
@PostMapping(value = "/acl", params = { "datasets" })
@Transactional
public String aclFixDatasetAcl() throws Exception {
LOG.warn("Adding ACL for Datasets");
datasetRepository.findAll().forEach(dataset -> {
LOG.warn("Setting ACL for Dataset {}", dataset.getTitle());
aclService.makePubliclyReadable(dataset, dataset.isPublished());
});
return "redirect:/admin/";
}
@Autowired
private ExecutionRepository kpiExecutionRepository;
@PostMapping(value = "/acl", params = { "kpi" })
@Transactional
public String aclFixKPIAcl() throws Exception {
LOG.warn("Adding ACL support to KPI Execution");
kpiExecutionRepository.findAll().forEach(execution -> {
LOG.warn("Making KPI Execution {} ACL-ready", execution.getName());
aclService.createOrUpdatePermissions(execution);
});
return "redirect:/admin/";
}
} }
...@@ -192,6 +192,10 @@ ...@@ -192,6 +192,10 @@
<form method="post" action="<c:url value="/admin/acl" />"> <form method="post" action="<c:url value="/admin/acl" />">
<button type="submit" class="btn btn-default" class="btn btn-default" name="institutes" value="fix">Fix FaoInstitutes ACL</button> <button type="submit" class="btn btn-default" class="btn btn-default" name="institutes" value="fix">Fix FaoInstitutes ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="repository" value="Fix">Repository ACL</button> <button type="submit" class="btn btn-default" class="btn btn-default" name="repository" value="Fix">Repository ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="kpi" value="Fix">KPI Execution ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="datasets" value="Fix">Datasets ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="subsets" value="Fix">Subsets ACL</button>
<!-- CSRF protection --> <!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" /> <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form> </form>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment