CSPACE-4964: Fixing bug related to slashes in the Permission IDs

diff --git a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
index 182befb2e741bc3dbbfcab41da725c96defe2f47..3d605cde6883f844a1d322bc046406dd4c83d86f 100644 (file)
--- a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
+++ b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
@@ -12,17 +12,17 @@
 
     <documentation>CollectionSpace core default life cycle definition.</documentation>
 
-    <lifecycle name="cs_default" defaultInitial="active">
+    <lifecycle name="cs_default" defaultInitial="project">
       <transitions>
         <transition name="delete" destinationState="deleted">
           <description>Move document to trash (temporary delete)</description>
         </transition>
-        <transition name="undelete" destinationState="active">
+        <transition name="undelete" destinationState="project">
           <description>Recover the document from trash</description>
         </transition>
       </transitions>
       <states>
-        <state name="active" description="Default state" initial="true">
+        <state name="project" description="Default state" initial="true">
           <transitions>
             <transition>delete</transition>
           </transitions>
@@ -40,23 +40,23 @@
   
     <documentation>CollectionSpace "locking" life cycle definition.</documentation>
 
-    <lifecycle name="cs_locking" defaultInitial="active">
+    <lifecycle name="cs_locking" defaultInitial="project">
       <transitions>
         <transition name="lock" destinationState="locked">
           <description>Lock document</description>
         </transition>
-        <transition name="unlock" destinationState="active">
+        <transition name="unlock" destinationState="project">
           <description>Unlock the document</description>
         </transition>
         <transition name="delete" destinationState="deleted">
           <description>Move document to trash (temporary delete)</description>
         </transition>
-        <transition name="undelete" destinationState="active">
+        <transition name="undelete" destinationState="project">
           <description>Recover the document from trash</description>
         </transition>
       </transitions>     
       <states>
-        <state name="active" description="Default state" initial="true">
+        <state name="project" description="Default state" initial="true">
           <transitions>
             <transition>delete</transition>
             <transition>lock</transition>

diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
index 36d8d555c99df65d318939e0cbf5338a9af41dd0..16f3153abac374693f40d1d752945dcb3f125c78 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
@@ -248,9 +248,8 @@ public class AuthorizationCommon {
                String resourceName,\r
                String description,\r
                ActionGroup actionGroup) {\r
-//        String id = UUID.randomUUID().toString(); //FIXME: Could this be something like a refname instead of a UUID?\r
         String id = tenantId\r
-                       + "-" + resourceName\r
+                       + "-" + resourceName.replace('/', '_') // Remove the slashes so the ID can be used in a URI/URL\r
                        + "-" + actionGroup.name;\r
         Permission perm = new Permission();\r
         perm.setCsid(id);\r

diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
index c6a3ef5e7daf63482cc91322b9187e195c84d4d6..2bd6a0d5985443af13680997b4167cf4f77a934e 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
@@ -136,7 +136,7 @@ public class SecurityInterceptor implements PreProcessInterceptor, PostProcessIn
                                // They passed the first round of security checks, so now let's check to see if they're trying
                                // to perform a workflow state change and make sure they are allowed to to this.
                                //
-                               if (uriPath.contains(WorkflowClient.SERVICE_PATH_COMPONENT) == true) {
+                               if (uriPath.contains(WorkflowClient.SERVICE_PATH) == true) {
                                        String workflowSubResName = SecurityUtils.getResourceName(request.getUri());
                                        res = new URIResourceImpl(AuthN.get().getCurrentTenantId(), workflowSubResName, httpMethod);
                                        if (authZ.isAccessAllowed(res) == false) {

diff --git a/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml b/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml
index 19925571f2a7f4e22a8917549f49da835ed73149..57df41cf1915bc6cdcfbccdd2471212a1e5d165c 100644 (file)
--- a/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml
+++ b/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml
@@ -8,7 +8,6 @@
     </parent>
     
     <modelVersion>4.0.0</modelVersion>
-    <groupId>org.collectionspace.services</groupId>
     <artifactId>org.collectionspace.services.dimension.3rdparty.nuxeo</artifactId>
     <name>services.dimension.3rdparty.nuxeo</name>
     <packaging>jar</packaging>