diff --git a/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java b/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java index 93a27e0e97..1fe5a33a33 100644 --- a/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java +++ b/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java @@ -28,6 +28,7 @@ import edu.cornell.mannlib.vedit.util.FormUtils; import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType; import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation; +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSets; import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController; import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; @@ -226,36 +227,37 @@ public String getDefaultLandingPage(HttpServletRequest request) { } protected static void addAccessAttributes(HttpServletRequest req, String entityURI, AccessObjectType aot) { - // Add the permissionsEntityURI (if we are creating a new property, this will be empty) - req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI); - String[] namedKeys = new String[0]; - // Get the available permission sets - List permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory()); - List roles = new ArrayList<>(); - - for (PermissionSet permissionSet : permissionSets) { - roles.add(new RoleInfo(permissionSet)); - } - List accessOperations = AccessOperation.getOperations(aot); - // Operation, list of roles> - Map> operationsToRoles = new LinkedHashMap<>(); - for (AccessOperation operation : accessOperations) { - List roleInfos = new LinkedList<>(); - String operationName = StringUtils.capitalize(operation.toString().toLowerCase()); - operationsToRoles.put(operationName, roleInfos); - for (RoleInfo role : roles) { - RoleInfo roleCopy = role.clone(); - roleInfos.add(roleCopy); - if (isPublicForbiddenOperation(operation)) { - if (roleCopy.isPublic) { - roleCopy.setEnabled(false); - roleCopy.setGranted(false); + try (UserOnThread uot = new UserOnThread(req)) { + // Add the permissionsEntityURI (if we are creating a new property, this will be empty) + req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI); + String[] namedKeys = new String[0]; + // Get the available permission sets + List permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory()); + List roles = new ArrayList<>(); + for (PermissionSet permissionSet : permissionSets) { + roles.add(new RoleInfo(permissionSet)); + } + List accessOperations = AccessOperation.getOperations(aot); + // Operation, list of roles> + Map> operationsToRoles = new LinkedHashMap<>(); + for (AccessOperation operation : accessOperations) { + List roleInfos = new LinkedList<>(); + String operationName = StringUtils.capitalize(operation.toString().toLowerCase()); + operationsToRoles.put(operationName, roleInfos); + for (RoleInfo role : roles) { + RoleInfo roleCopy = role.clone(); + roleInfos.add(roleCopy); + if (isPublicForbiddenOperation(operation)) { + if (roleCopy.isPublic) { + roleCopy.setEnabled(false); + roleCopy.setGranted(false); + } } } + getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos); } - getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos); + req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles); } - req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles); } private static void getRolePolicyInformation(String entityURI, AccessObjectType aot, String[] namedKeys, diff --git a/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java b/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java index db98ba2a97..8bb8d5bda6 100644 --- a/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java +++ b/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java @@ -36,6 +36,7 @@ import edu.cornell.mannlib.vedit.validator.Validator; import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType; import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation; +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController; import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess; @@ -132,11 +133,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) { } String action = getAction(request); - - boolean status = performEdit(epo, newObj, action); - if (status == FAILURE) { - retry(request, response, epo); - return; + try( UserOnThread uot = new UserOnThread(request)) { + boolean status = performEdit(epo, newObj, action); + if (status == FAILURE) { + retry(request, response, epo); + return; + } } // If contains restrictions @@ -214,7 +216,9 @@ private void updateUriSuppressions(HttpServletRequest request) { if (aot == null) { return; } - updateUriSuppressions(request, aot, entityUri); + try (UserOnThread uot = new UserOnThread(request)) { + updateUriSuppressions(request, aot, entityUri); + } } private void updatePermissions(HttpServletRequest request) { @@ -231,10 +235,12 @@ private void updatePermissions(HttpServletRequest request) { if (aot == null) { return; } - updateEntityPermissions(request, entityUri, aot); - updateTypeSuppressions(request, aot, entityUri); - updateNotRelatedTypeSuppressions(request, aot, entityUri); - updateNotRelatedPropertySuppressions(request, aot, entityUri); + try (UserOnThread uot = new UserOnThread(request)) { + updateEntityPermissions(request, entityUri, aot); + updateTypeSuppressions(request, aot, entityUri); + updateNotRelatedTypeSuppressions(request, aot, entityUri); + updateNotRelatedPropertySuppressions(request, aot, entityUri); + } } private void updateEntityPermissions(HttpServletRequest request, String entityUri, AccessObjectType aot) { diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ManageProxiesController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ManageProxiesController.java index 01f74d62c3..c0381280bf 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ManageProxiesController.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ManageProxiesController.java @@ -6,7 +6,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; - +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest; import edu.cornell.mannlib.vitro.webapp.controller.AbstractPageHandler.Message; @@ -69,7 +69,9 @@ private ResponseValues handleEditRequest(VitroRequest vreq) { ManageProxiesEditPage page = new ManageProxiesEditPage(vreq); if (page.isValid()) { - page.applyEdits(); + try (UserOnThread uot = new UserOnThread(vreq)) { + page.applyEdits(); + } Message.setMessage(vreq, new SuccessMessage()); } else { Message.setMessage(vreq, new FailureMessage()); diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/api/SparqlUpdateApiController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/api/SparqlUpdateApiController.java index 234071a3f8..0e9b8e2576 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/api/SparqlUpdateApiController.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/api/SparqlUpdateApiController.java @@ -33,6 +33,7 @@ import org.apache.jena.sparql.modify.UsingList; import edu.cornell.mannlib.vitro.webapp.application.ApplicationUtils; +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -129,7 +130,7 @@ private void executeUpdate(HttpServletRequest req, UpdateRequest parsed) { SearchIndexer indexer = ApplicationUtils.instance().getSearchIndexer(); Dataset ds = new RDFServiceDataset(vreq.getUnfilteredRDFService()); GraphStore graphStore = GraphStoreFactory.create(ds); - try { + try (UserOnThread uot = new UserOnThread(req)) { if(indexer != null) { indexer.pause(); } diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/datatools/dumprestore/DumpRestoreController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/datatools/dumprestore/DumpRestoreController.java index 0f5e427854..6cb4ed01dd 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/datatools/dumprestore/DumpRestoreController.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/datatools/dumprestore/DumpRestoreController.java @@ -12,7 +12,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.StringUtils; - +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest; @@ -88,7 +88,7 @@ public void doPost(HttpServletRequest req, HttpServletResponse resp) resp.sendError(HttpServletResponse.SC_FORBIDDEN); } - try { + try (UserOnThread uot = new UserOnThread(req)) { if (ACTION_RESTORE.equals(req.getPathInfo())) { long tripleCount = new RestoreModelsAction(req, resp) .restoreModels(); diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/MenuManagementEdit.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/MenuManagementEdit.java index f187c3fc1c..11f5fcf99e 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/MenuManagementEdit.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/MenuManagementEdit.java @@ -24,7 +24,7 @@ import org.apache.jena.rdf.model.Resource; import org.apache.jena.rdf.model.ResourceFactory; import org.apache.jena.shared.Lock; - +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.dao.DisplayVocabulary; @@ -51,15 +51,15 @@ protected void doPost(HttpServletRequest rawRequest, HttpServletResponse resp) String command = getCommand(vreq); if(command != null) { - processCommand(command, vreq, resp); + try( UserOnThread uot = new UserOnThread(vreq)) { + processCommand(command, vreq, resp); + } } else { log.error("Command is null"); } //Need to redirect correctly if(!isReorder(command)){ resp.sendRedirect(rawRequest.getContextPath() + REDIRECT_URL); - } else { - } } diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadController.java index 1b84f9d0b5..83f584fce6 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadController.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/jena/RDFUploadController.java @@ -34,6 +34,7 @@ import org.apache.jena.shared.Lock; import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; @@ -434,7 +435,7 @@ private void readIntoModel(InputStream in, String language, ChangeSet cs = makeChangeSet(rdfService); cs.addAddition(in, RDFServiceUtils.getSerializationFormatFromJenaString( language), modelName, userId); - try { + try (UserOnThread uot = new UserOnThread(userId)) { rdfService.changeSetUpdate(cs); } catch (RDFServiceException e) { throw new RuntimeException(e); @@ -446,7 +447,7 @@ private void removeFromModel(InputStream in, String language, ChangeSet cs = makeChangeSet(rdfService); cs.addRemoval(in, RDFServiceUtils.getSerializationFormatFromJenaString( language), modelName, userId); - try { + try (UserOnThread uot = new UserOnThread(userId)) { rdfService.changeSetUpdate(cs); } catch (RDFServiceException e) { throw new RuntimeException(e); diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dwr/PropertyDWR.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dwr/PropertyDWR.java index f92ba09c4b..1ed9283144 100755 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dwr/PropertyDWR.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dwr/PropertyDWR.java @@ -11,7 +11,7 @@ import org.apache.commons.logging.LogFactory; import org.directwebremoting.WebContext; import org.directwebremoting.WebContextFactory; - +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; @@ -86,14 +86,19 @@ public int insertProp( PropertyInstance prop) { WebContext ctx = WebContextFactory.get(); HttpServletRequest req = ctx.getHttpServletRequest(); VitroRequest vreq = new VitroRequest(req); - return vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().insertProp(prop); + try( UserOnThread uot = new UserOnThread(vreq)) { + return vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().insertProp(prop); + } } public int deleteProp(String subjectUri, String predicateUri, String objectUri){ WebContext ctx = WebContextFactory.get(); HttpServletRequest req = ctx.getHttpServletRequest(); VitroRequest vreq = new VitroRequest(req); - vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().deleteObjectPropertyStatement(subjectUri, predicateUri, objectUri); + try( UserOnThread uot = new UserOnThread(vreq)) { + vreq.getUnfilteredWebappDaoFactory().getPropertyInstanceDao().deleteObjectPropertyStatement(subjectUri, + predicateUri, objectUri); + } return 0; } diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/edit/n3editing/VTwo/ProcessRdfForm.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/edit/n3editing/VTwo/ProcessRdfForm.java index 2f49529598..b615fd76b8 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/edit/n3editing/VTwo/ProcessRdfForm.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/edit/n3editing/VTwo/ProcessRdfForm.java @@ -26,7 +26,7 @@ import org.apache.jena.rdf.model.ResourceFactory; import org.apache.jena.rdf.model.Statement; import org.apache.jena.vocabulary.RDF; - +import edu.cornell.mannlib.vitro.webapp.auth.checks.UserOnThread; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.dao.InsertException; import edu.cornell.mannlib.vitro.webapp.dao.jena.DependentResourceDeleteJena; @@ -303,7 +303,7 @@ public static void applyChangesToWriteModel(AdditionsAndRetractions changes, cs.addRemoval(retractionsInputStream, RDFServiceUtils.getSerializationFormatFromJenaString("N3"), graphUri, editorUri); - try { + try (UserOnThread uot = new UserOnThread(editorUri)) { rdfService.changeSetUpdate(cs); } catch (RDFServiceException e) { log.error(e, e); diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/ChangeSet.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/ChangeSet.java index 0012bc67d6..06d2fd85fc 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/ChangeSet.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/ChangeSet.java @@ -46,7 +46,6 @@ public interface ChangeSet { * @param serializationFormat - format of the serialized RDF model * @param graphURI - URI of the graph to which the RDF model should be added */ - @Deprecated public void addAddition(InputStream model, RDFService.ModelSerializationFormat serializationFormat, String graphURI); @@ -58,7 +57,6 @@ public void addAddition(InputStream model, * @param serializationFormat - format of the serialized RDF model * @param graphURI - URI of the graph from which the RDF model should be removed */ - @Deprecated public void addRemoval(InputStream model, RDFService.ModelSerializationFormat serializationFormat, String graphURI); diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/impl/jena/model/RDFServiceModel.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/impl/jena/model/RDFServiceModel.java index 9bbc71453c..a822f7b86e 100644 --- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/impl/jena/model/RDFServiceModel.java +++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/rdfservice/impl/jena/model/RDFServiceModel.java @@ -3,7 +3,6 @@ package edu.cornell.mannlib.vitro.webapp.rdfservice.impl.jena.model; import java.io.ByteArrayInputStream; -import java.util.Iterator; import org.apache.commons.io.IOUtils; import org.apache.commons.logging.Log;