Commit 8bcc5872 authored by Matija Obreza's avatar Matija Obreza

Admin tools: Fix ACL for repository folders, files, galleries, subsets, datasets

parent 70854840
......@@ -21,11 +21,8 @@ import org.genesys.blocks.util.ClassAclOid;
import org.genesys.blocks.util.CurrentApplicationContext;
import org.genesys.catalog.model.Partner;
import org.genesys.catalog.persistence.PartnerRepository;
import org.genesys.catalog.persistence.dataset.DatasetRepository;
import org.genesys2.server.component.security.AsAdminInvoker;
import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.SubsetRepository;
import org.genesys2.server.persistence.kpi.ExecutionRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
......@@ -58,29 +55,13 @@ public class ApplicationUpgrades implements InitializingBean {
*/
@Override
public void afterPropertiesSet() throws Exception {
kpiEnsureACL();
aclEnsureClassOIDs();
aclMakePartnersPublic();
aclMakeDraftsPrivate();
}
@Autowired
private ExecutionRepository kpiExecutionRepository;
@Autowired
private CustomAclService aclService;
protected void kpiEnsureACL() throws Exception {
asAdminInvoker.invoke(() -> {
LOG.warn("Adding ACL support to KPI Execution");
kpiExecutionRepository.findAll().forEach(execution -> {
LOG.warn("Making KPI Execution {} ACL-ready", execution.getName());
aclService.createOrUpdatePermissions(execution);
});
return true;
});
}
private void aclEnsureClassOIDs() throws Exception {
asAdminInvoker.invoke(() -> {
LOG.warn("Making some Entities publicly readable by default");
......@@ -95,7 +76,6 @@ public class ApplicationUpgrades implements InitializingBean {
});
}
@Autowired
private PartnerRepository partnerRepository;
......@@ -110,29 +90,4 @@ public class ApplicationUpgrades implements InitializingBean {
return true;
});
}
@Autowired
private DatasetRepository datasetRepository;
@Autowired
private SubsetRepository subsetRepository;
private void aclMakeDraftsPrivate() throws Exception {
asAdminInvoker.invoke(() -> {
LOG.warn("Making non-published Datasets and Subsets private, and published publicly readable");
datasetRepository.findAll().forEach(dataset -> {
LOG.warn("Setting ACL for Dataset {}", dataset.getTitle());
aclService.makePubliclyReadable(dataset, dataset.isPublished());
});
subsetRepository.findAll().forEach(subset -> {
LOG.warn("Setting ACL for Subset {}", subset.getTitle());
aclService.makePubliclyReadable(subset, subset.isPublished());
});
LOG.warn("Datasets and Subsets are protected.");
return true;
});
}
}
......@@ -53,6 +53,8 @@ import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.AccessionRepository;
import org.genesys2.server.persistence.FaoInstituteRepository;
import org.genesys2.server.persistence.PDCIRepository;
import org.genesys2.server.persistence.SubsetRepository;
import org.genesys2.server.persistence.kpi.ExecutionRepository;
import org.genesys2.server.service.ContentService;
import org.genesys2.server.service.CountryNamesUpdater;
import org.genesys2.server.service.CropService;
......@@ -546,4 +548,48 @@ public class AdminController {
return "redirect:/admin/";
}
@Autowired
private SubsetRepository subsetRepository;
@PostMapping(value = "/acl", params = { "subsets" })
@Transactional
public String aclFixSubsetAcl() throws Exception {
LOG.warn("Adding ACL for Subsets");
subsetRepository.findAll().forEach(subset -> {
LOG.warn("Setting ACL for Subset {}", subset.getTitle());
aclService.makePubliclyReadable(subset, subset.isPublished());
});
return "redirect:/admin/";
}
@PostMapping(value = "/acl", params = { "datasets" })
@Transactional
public String aclFixDatasetAcl() throws Exception {
LOG.warn("Adding ACL for Datasets");
datasetRepository.findAll().forEach(dataset -> {
LOG.warn("Setting ACL for Dataset {}", dataset.getTitle());
aclService.makePubliclyReadable(dataset, dataset.isPublished());
});
return "redirect:/admin/";
}
@Autowired
private ExecutionRepository kpiExecutionRepository;
@PostMapping(value = "/acl", params = { "kpi" })
@Transactional
public String aclFixKPIAcl() throws Exception {
LOG.warn("Adding ACL support to KPI Execution");
kpiExecutionRepository.findAll().forEach(execution -> {
LOG.warn("Making KPI Execution {} ACL-ready", execution.getName());
aclService.createOrUpdatePermissions(execution);
});
return "redirect:/admin/";
}
}
......@@ -192,6 +192,10 @@
<form method="post" action="<c:url value="/admin/acl" />">
<button type="submit" class="btn btn-default" class="btn btn-default" name="institutes" value="fix">Fix FaoInstitutes ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="repository" value="Fix">Repository ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="kpi" value="Fix">KPI Execution ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="datasets" value="Fix">Datasets ACL</button>
<button type="submit" class="btn btn-default" class="btn btn-default" name="subsets" value="Fix">Subsets ACL</button>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment