From 068949ebc52a8c99d639c1f24db4131e21764bc9 Mon Sep 17 00:00:00 2001
From: Daniil Palagin <daniilpalaginjob@gmail.com>
Date: Tue, 3 Sep 2024 19:36:08 +0200
Subject: [PATCH] [kbss-cvut/record-manager-ui#202] Implement roles

---
 .../study/security/SecurityConstants.java     | 15 +++++-
 .../cvut/kbss/study/security/model/Role.java  | 13 ++++-
 src/main/resources/model.ttl                  | 51 +++++++++++++++++++
 3 files changed, 77 insertions(+), 2 deletions(-)

diff --git a/src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java b/src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java
index a60c8ba3..7c1456dc 100644
--- a/src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java
+++ b/src/main/java/cz/cvut/kbss/study/security/SecurityConstants.java
@@ -28,6 +28,19 @@ private SecurityConstants() {
     public static final int SESSION_TIMEOUT = 12 * 60 * 60;
 
     public static final String ROLE_USER = "ROLE_USER";
-
     public static final String ROLE_ADMIN = "ROLE_ADMIN";
+
+    public static final String ROLE_COMPLETE_RECORDS = "rm_complete_records";
+    public static final String ROLE_DELETE_ALL_RECORDS = "rm_delete_all_records";
+    public static final String ROLE_DELETE_ORGANIZATION_RECORDS = "rm_delete_organization_records";
+    public static final String ROLE_EDIT_ALL_RECORDS = "rm_edit_all_records";
+    public static final String ROLE_EDIT_ORGANIZATION_RECORDS = "rm_edit_organization_records";
+    public static final String ROLE_EDIT_USERS = "rm_edit_users";
+    public static final String ROLE_IMPORT_CODELISTS = "rm_import_codelists";
+    public static final String ROLE_PUBLISH_RECORDS = "rm_publish_records";
+    public static final String ROLE_REJECT_RECORDS = "rm_reject_records";
+    public static final String ROLE_VIEW_ALL_RECORDS = "rm_view_all_records";
+    public static final String ROLE_VIEW_ORGANIZATION_RECORDS = "rm_view_organization_records";
+
+
 }
diff --git a/src/main/java/cz/cvut/kbss/study/security/model/Role.java b/src/main/java/cz/cvut/kbss/study/security/model/Role.java
index 4b794953..36c4b970 100644
--- a/src/main/java/cz/cvut/kbss/study/security/model/Role.java
+++ b/src/main/java/cz/cvut/kbss/study/security/model/Role.java
@@ -8,7 +8,18 @@
 
 public enum Role {
     USER(SecurityConstants.ROLE_USER, Vocabulary.s_c_doctor),
-    ADMIN(SecurityConstants.ROLE_ADMIN, Vocabulary.s_c_administrator);
+    ADMIN(SecurityConstants.ROLE_ADMIN, Vocabulary.s_c_administrator),
+    COMPLETE_RECORDS(SecurityConstants.ROLE_COMPLETE_RECORDS, Vocabulary.s_c_complete_records),
+    DELETE_ALL_RECORDS(SecurityConstants.ROLE_DELETE_ALL_RECORDS, Vocabulary.s_c_delete_all_records),
+    DELETE_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_DELETE_ORGANIZATION_RECORDS, Vocabulary.s_c_delete_organization_records),
+    EDIT_ALL_RECORDS(SecurityConstants.ROLE_EDIT_ALL_RECORDS, Vocabulary.s_c_edit_all_records),
+    EDIT_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_EDIT_ORGANIZATION_RECORDS, Vocabulary.s_c_edit_organization_records),
+    EDIT_USERS(SecurityConstants.ROLE_EDIT_USERS, Vocabulary.s_c_edit_users),
+    IMPORT_CODELISTS(SecurityConstants.ROLE_IMPORT_CODELISTS, Vocabulary.s_c_import_codelists),
+    PUBLISH_RECORDS(SecurityConstants.ROLE_PUBLISH_RECORDS, Vocabulary.s_c_publish_records),
+    REJECT_RECORDS(SecurityConstants.ROLE_REJECT_RECORDS, Vocabulary.s_c_reject_records),
+    VIEW_ALL_RECORDS(SecurityConstants.ROLE_VIEW_ALL_RECORDS, Vocabulary.s_c_view_all_records),
+    VIEW_ORGANIZATIONS_RECORDS(SecurityConstants.ROLE_VIEW_ORGANIZATION_RECORDS, Vocabulary.s_c_view_organization_records);
 
     private final String name;
     private final String type;
diff --git a/src/main/resources/model.ttl b/src/main/resources/model.ttl
index 863b9d68..87a04aaa 100644
--- a/src/main/resources/model.ttl
+++ b/src/main/resources/model.ttl
@@ -200,3 +200,54 @@ rm:rejected-record-phase rdf:type owl:Class ;
         rdfs:label "rejected record phase"@en .
 
 ###  Generated by the OWL API (version 4.2.8.20170104-2310) https://github.com/owlcs/owlapi
+
+#################################################################
+#    New Roles
+#################################################################
+
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/complete-records
+rm:complete-records rdf:type owl:Class ;
+    rdfs:label "Complete Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/delete-all-records
+rm:delete-all-records rdf:type owl:Class ;
+    rdfs:label "Delete All Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/edit-all-records
+rm:edit-all-records rdf:type owl:Class ;
+    rdfs:label "Edit All Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/view-all-records
+rm:view-all-records rdf:type owl:Class ;
+    rdfs:label "View All Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/delete-organization-records
+rm:delete-organization-records rdf:type owl:Class ;
+    rdfs:label "Delete Organization Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/edit-organization-records
+rm:edit-organization-records rdf:type owl:Class ;
+    rdfs:label "Edit Organization Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/view-organization-records
+rm:view-organization-records rdf:type owl:Class ;
+    rdfs:label "View Organization Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/edit-users
+rm:edit-users rdf:type owl:Class ;
+    rdfs:label "Edit Users"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/import-codelists
+rm:import-codelists rdf:type owl:Class ;
+    rdfs:label "Import Codelists"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/publish-records
+rm:publish-records rdf:type owl:Class ;
+    rdfs:label "Publish Records"@en .
+
+###  http://onto.fel.cvut.cz/ontologies/record-manager/reject-records
+rm:reject-records rdf:type owl:Class ;
+    rdfs:label "Reject Records"@en .
+
+