#22002

Committed 01 Apr 2024 07:56PM CUT coverage: 20.716% (+0.5%) from 20.173%

Build # #22002

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #10453 from IQSS/develop

Merge 6.2 into master

Run Details

704 of 2679 new or added lines in 152 files covered. (26.28%)

81 existing lines in 49 files now uncovered.

17160 of 82836 relevant lines covered (20.72%)

0.21 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.0

/src/main/java/edu/harvard/iq/dataverse/engine/command/impl/AssignRoleCommand.java

/*
 *  (C) Michael Bar-Sinai
 */
package edu.harvard.iq.dataverse.engine.command.impl;

import edu.harvard.iq.dataverse.DataFile;
import edu.harvard.iq.dataverse.Dataset;
import edu.harvard.iq.dataverse.Dataverse;
import edu.harvard.iq.dataverse.authorization.DataverseRole;
import edu.harvard.iq.dataverse.DvObject;
import edu.harvard.iq.dataverse.RoleAssignment;
import edu.harvard.iq.dataverse.authorization.Permission;
import edu.harvard.iq.dataverse.authorization.RoleAssignee;
import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;
import edu.harvard.iq.dataverse.authorization.users.PrivateUrlUser;
import edu.harvard.iq.dataverse.engine.command.AbstractCommand;
import edu.harvard.iq.dataverse.engine.command.CommandContext;
import edu.harvard.iq.dataverse.engine.command.DataverseRequest;
import edu.harvard.iq.dataverse.engine.command.exception.CommandException;
import edu.harvard.iq.dataverse.engine.command.exception.IllegalCommandException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * Assign a in a dataverse to a user.
 *
 * @author michael
 */
// no annotations here, since permissions are dynamically decided
public class AssignRoleCommand extends AbstractCommand<RoleAssignment> {

    private final DataverseRole role;
    private final RoleAssignee grantee;
    //Kept for convenience -could get this as the only DVObject AbstractCommand<>.getAffectedDvObjects() instead of having a local defPoint
    private final DvObject defPoint;
    private final String privateUrlToken;
    private boolean anonymizedAccess;

    /**
     * @param anAssignee The user being granted the role
     * @param aRole the role being granted to the user
     * @param assignmentPoint the dataverse on which the role is granted.
     * @param aRequest
     * @param privateUrlToken An optional token used by the Private Url feature.
     */
    public AssignRoleCommand(RoleAssignee anAssignee, DataverseRole aRole, DvObject assignmentPoint, DataverseRequest aRequest, String privateUrlToken) {
        // for data file check permission on owning dataset
        super(aRequest, assignmentPoint);
        role = aRole;
        grantee = anAssignee;
        defPoint = assignmentPoint;
        this.privateUrlToken = privateUrlToken;
        this.anonymizedAccess=false;
    }

    public AssignRoleCommand(PrivateUrlUser privateUrlUser, DataverseRole memberRole, Dataset dataset, DataverseRequest request, String privateUrlToken, boolean anonymizedAccess) {
        this(privateUrlUser, memberRole, dataset, request, privateUrlToken);
        this.anonymizedAccess= anonymizedAccess;
    }

    @Override
    public RoleAssignment execute(CommandContext ctxt) throws CommandException {
        if (grantee instanceof AuthenticatedUser) {
            AuthenticatedUser user = (AuthenticatedUser) grantee;
            if (user.isDeactivated()) {
                throw new IllegalCommandException("User " + user.getUserIdentifier() + " is deactivated and cannot be given a role.", this);
            }
        }
        // TODO make sure the role is defined on the dataverse.
        RoleAssignment roleAssignment = new RoleAssignment(role, grantee, defPoint, privateUrlToken, anonymizedAccess);
        return ctxt.roles().save(roleAssignment);
    }

    @Override
    public Map<String, Set<Permission>> getRequiredPermissions() {
        // for data file check permission on owning dataset
        Set<Permission> requiredPermissions = new HashSet<Permission>();

        if (defPoint instanceof Dataverse) {
            requiredPermissions.add(Permission.ManageDataversePermissions);
        } else if (defPoint instanceof Dataset) {
            requiredPermissions.add(Permission.ManageDatasetPermissions);
        } else {
            requiredPermissions.add(Permission.ManageFilePermissions);
        }

        requiredPermissions.addAll(role.permissions());

        return Collections.singletonMap("", requiredPermissions);
    }

    @Override
    public String describe() {
        return grantee + " has been given " + role + " on " + defPoint.accept(DvObject.NameIdPrinter);
    }

}

1	/*
2	* (C) Michael Bar-Sinai
3	*/
4	package edu.harvard.iq.dataverse.engine.command.impl;
5
6	import edu.harvard.iq.dataverse.DataFile;
7	import edu.harvard.iq.dataverse.Dataset;
8	import edu.harvard.iq.dataverse.Dataverse;
9	import edu.harvard.iq.dataverse.authorization.DataverseRole;
10	import edu.harvard.iq.dataverse.DvObject;
11	import edu.harvard.iq.dataverse.RoleAssignment;
12	import edu.harvard.iq.dataverse.authorization.Permission;
13	import edu.harvard.iq.dataverse.authorization.RoleAssignee;
14	import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;
15	import edu.harvard.iq.dataverse.authorization.users.PrivateUrlUser;
16	import edu.harvard.iq.dataverse.engine.command.AbstractCommand;
17	import edu.harvard.iq.dataverse.engine.command.CommandContext;
18	import edu.harvard.iq.dataverse.engine.command.DataverseRequest;
19	import edu.harvard.iq.dataverse.engine.command.exception.CommandException;
20	import edu.harvard.iq.dataverse.engine.command.exception.IllegalCommandException;
21	import java.util.Collections;
22	import java.util.HashSet;
23	import java.util.Map;
24	import java.util.Set;
25
26	/**
27	* Assign a in a dataverse to a user.
28	*
29	* @author michael
30	*/
31	// no annotations here, since permissions are dynamically decided
32	public class AssignRoleCommand extends AbstractCommand<RoleAssignment> {
33
34	private final DataverseRole role;
35	private final RoleAssignee grantee;
36	//Kept for convenience -could get this as the only DVObject AbstractCommand<>.getAffectedDvObjects() instead of having a local defPoint
37	private final DvObject defPoint;
38	private final String privateUrlToken;
39	private boolean anonymizedAccess;
40
41	/**
42	* @param anAssignee The user being granted the role
43	* @param aRole the role being granted to the user
44	* @param assignmentPoint the dataverse on which the role is granted.
45	* @param aRequest
46	* @param privateUrlToken An optional token used by the Private Url feature.
47	*/
48	public AssignRoleCommand(RoleAssignee anAssignee, DataverseRole aRole, DvObject assignmentPoint, DataverseRequest aRequest, String privateUrlToken) {
49	// for data file check permission on owning dataset
50	super(aRequest, assignmentPoint);	1✔
51	role = aRole;	1✔
52	grantee = anAssignee;	1✔
53	defPoint = assignmentPoint;	1✔
54	this.privateUrlToken = privateUrlToken;	1✔
55	this.anonymizedAccess=false;	1✔
56	}	1✔
57
58	public AssignRoleCommand(PrivateUrlUser privateUrlUser, DataverseRole memberRole, Dataset dataset, DataverseRequest request, String privateUrlToken, boolean anonymizedAccess) {
59	this(privateUrlUser, memberRole, dataset, request, privateUrlToken);	1✔
60	this.anonymizedAccess= anonymizedAccess;	1✔
61	}	1✔
62
63	@Override
64	public RoleAssignment execute(CommandContext ctxt) throws CommandException {
65	if (grantee instanceof AuthenticatedUser) {	1✔
66	AuthenticatedUser user = (AuthenticatedUser) grantee;	×
67	if (user.isDeactivated()) {	×
68	throw new IllegalCommandException("User " + user.getUserIdentifier() + " is deactivated and cannot be given a role.", this);	×
69	}
70	}
71	// TODO make sure the role is defined on the dataverse.
72	RoleAssignment roleAssignment = new RoleAssignment(role, grantee, defPoint, privateUrlToken, anonymizedAccess);	1✔
73	return ctxt.roles().save(roleAssignment);	1✔
74	}
75
76	@Override
77	public Map<String, Set<Permission>> getRequiredPermissions() {
78	// for data file check permission on owning dataset
79	Set<Permission> requiredPermissions = new HashSet<Permission>();	1✔
80
81	if (defPoint instanceof Dataverse) {	1✔
NEW 82	requiredPermissions.add(Permission.ManageDataversePermissions);	×
83	} else if (defPoint instanceof Dataset) {	1✔
84	requiredPermissions.add(Permission.ManageDatasetPermissions);	1✔
85	} else {
NEW 86	requiredPermissions.add(Permission.ManageFilePermissions);	×
87	}
88
89	requiredPermissions.addAll(role.permissions());	1✔
90
91	return Collections.singletonMap("", requiredPermissions);	1✔
92	}
93
94	@Override
95	public String describe() {
96	return grantee + " has been given " + role + " on " + defPoint.accept(DvObject.NameIdPrinter);	×
97	}
98
99	}

IQSS / dataverse / #22002

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous