]> git.aero2k.de Git - tmp/jakarta-migration.git/commitdiff
projects / tmp / jakarta-migration.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7f02543)
CSPACE-4964: Fixing bugs related to authority item workflow related permissions.
authorRichard Millet <remillet@berkeley.edu>
Fri, 13 Apr 2012 02:42:57 +0000 (19:42 -0700)
committerRichard Millet <remillet@berkeley.edu>
Fri, 13 Apr 2012 02:42:57 +0000 (19:42 -0700)
14 files changed:
3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml patch | blob | history
services/authority/service/src/main/java/org/collectionspace/services/common/vocabulary/AuthorityResource.java patch | blob | history
services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java patch | blob | history
services/client/src/main/java/org/collectionspace/services/client/AuthorityClient.java patch | blob | history
services/client/src/main/java/org/collectionspace/services/client/AuthorityClientImpl.java patch | blob | history
services/client/src/main/java/org/collectionspace/services/client/AuthorityProxy.java patch | blob | history
services/client/src/main/java/org/collectionspace/services/client/test/AbstractServiceTestImpl.java patch | blob | history
services/client/src/main/java/org/collectionspace/services/client/workflow/WorkflowClient.java patch | blob | history
services/common/src/main/cspace/config/services/tenants/tenant-bindings-proto.xml patch | blob | history
services/common/src/main/java/org/collectionspace/services/common/AbstractMultiPartCollectionSpaceResourceImpl.java patch | blob | history
services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java patch | blob | history
services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java patch | blob | history
services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java patch | blob | history
services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java patch | blob | history

diff --git a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
index 3d605cde6883f844a1d322bc046406dd4c83d86f..038f3a7fd74a28d86f5e0f7ce651d26912b504d8 100644 (file)
--- a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
+++ b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml
@@ -45,9 +45,6 @@
         <transition name="lock" destinationState="locked">
           <description>Lock document</description>
         </transition>
-        <transition name="unlock" destinationState="project">
-          <description>Unlock the document</description>
-        </transition>
         <transition name="delete" destinationState="deleted">
           <description>Move document to trash (temporary delete)</description>
         </transition>
@@ -63,9 +60,7 @@
           </transitions>
         </state>
         <state name="locked" description="Locked state">
-          <transitions>
-            <transition>unlock</transition>
-          </transitions>
+               <!-- No transitions allowed from locked state. -->
         </state>
         <state name="deleted" description="Document is deleted">
           <transitions>
diff --git a/services/authority/service/src/main/java/org/collectionspace/services/common/vocabulary/AuthorityResource.java b/services/authority/service/src/main/java/org/collectionspace/services/common/vocabulary/AuthorityResource.java
index 8e1c5d5a417498e1b4d8689a5f9d9d7ce13be72a..bf47c2dae4fd1ea035cd591d4471210e92484a0e 100644 (file)
--- a/services/authority/service/src/main/java/org/collectionspace/services/common/vocabulary/AuthorityResource.java
+++ b/services/authority/service/src/main/java/org/collectionspace/services/common/vocabulary/AuthorityResource.java
@@ -56,12 +56,14 @@ import org.collectionspace.services.common.vocabulary.nuxeo.AuthorityItemDocumen
 import org.collectionspace.services.common.workflow.service.nuxeo.WorkflowDocumentModelHandler;
 import org.collectionspace.services.config.ClientType;
 import org.collectionspace.services.jaxb.AbstractCommonList;
+import org.collectionspace.services.lifecycle.TransitionDef;
 import org.collectionspace.services.nuxeo.client.java.DocumentModelHandler;
 import org.collectionspace.services.nuxeo.client.java.RemoteDocumentModelHandlerImpl;
 import org.collectionspace.services.nuxeo.client.java.RepositoryJavaClientImpl;
 import org.collectionspace.services.relation.RelationResource;
 import org.collectionspace.services.relation.RelationsCommonList;
 import org.collectionspace.services.relation.RelationshipType;
+import org.collectionspace.services.workflow.WorkflowCommon;
 import org.jboss.resteasy.util.HttpResponseCodes;
 import org.nuxeo.ecm.core.api.DocumentModel;
 import org.nuxeo.ecm.core.api.repository.RepositoryInstance;
@@ -550,18 +552,22 @@ public abstract class AuthorityResource<AuthCommon, AuthItemHandler>
     }
 
     @PUT
-    @Path("{csid}/items/{itemcsid}" + WorkflowClient.SERVICE_PATH)
-    public byte[] updateWorkflow(
+    @Path("{csid}/items/{itemcsid}" + WorkflowClient.SERVICE_PATH + "/{transition}")
+    public byte[] updateItemWorkflowWithTransition(
             @PathParam("csid") String csid,
             @PathParam("itemcsid") String itemcsid,
-            String xmlPayload) {
+            @PathParam("transition") String transition) {
         PoxPayloadOut result = null;
         try {
+               PoxPayloadIn input = new PoxPayloadIn(WorkflowClient.SERVICE_PAYLOAD_NAME, new WorkflowCommon(), 
+                               WorkflowClient.SERVICE_COMMONPART_NAME);
+
             ServiceContext<PoxPayloadIn, PoxPayloadOut> parentCtx = createServiceContext(getItemServiceName());
             String parentWorkspaceName = parentCtx.getRepositoryWorkspaceName();
 
-            PoxPayloadIn workflowUpdate = new PoxPayloadIn(xmlPayload);
-            MultipartServiceContext ctx = (MultipartServiceContext) createServiceContext(WorkflowClient.SERVICE_NAME, workflowUpdate);
+            TransitionDef transitionDef = getTransitionDef(parentCtx, transition);
+            MultipartServiceContext ctx = (MultipartServiceContext) createServiceContext(WorkflowClient.SERVICE_NAME, input);
+            ctx.setProperty(WorkflowClient.TRANSITION_ID, transitionDef);
             WorkflowDocumentModelHandler handler = createWorkflowDocumentHandler(ctx);
             ctx.setRespositoryWorkspaceName(parentWorkspaceName); //find the document in the parent's workspace
             getRepositoryClient(ctx).update(ctx, itemcsid, handler);
diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
index 11b044f82023c1141bc04bc7a43cd6e9a0525b5e..3b254001e4bc87f66b13330d3728709392e990f7 100644 (file)
--- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
+++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
@@ -146,7 +146,7 @@ public class PermissionServiceTest extends AbstractServiceTestImpl<PermissionsLi
         try {
                assertStatusCode(res, testName);
                PermissionsList list = res.getEntity(PermissionsList.class);
-               int EXPECTED_ITEMS = 4; //seeded permissions
+               int EXPECTED_ITEMS = 4 + 6; //4 seeded base resource permissions and 6 workflow permissions
                int actual = list.getPermission().size();
                if (logger.isDebugEnabled()) {
                    logger.debug(testName + ": received = " + actual
diff --git a/services/client/src/main/java/org/collectionspace/services/client/AuthorityClient.java b/services/client/src/main/java/org/collectionspace/services/client/AuthorityClient.java
index f81c583fb0d9de7e898a777ce7724ed19c5e486d..1dea28bba309d1c49dbfce8664e2720d46f5e431 100644 (file)
--- a/services/client/src/main/java/org/collectionspace/services/client/AuthorityClient.java
+++ b/services/client/src/main/java/org/collectionspace/services/client/AuthorityClient.java
@@ -147,5 +147,5 @@ public interface AuthorityClient<AUTHORITY_ITEM_TYPE, P extends AuthorityProxy>
     \r
     public ClientResponse<String> readItemWorkflow(String vcsid, String csid);\r
     \r
-    public ClientResponse<String> updateItemWorkflow(String vcsid, String csid, PoxPayloadOut workflowPayload);\r
+    public ClientResponse<String> updateItemWorkflowWithTransition(String vcsid, String csid, String workflowTransition);\r
 }\r
diff --git a/services/client/src/main/java/org/collectionspace/services/client/AuthorityClientImpl.java b/services/client/src/main/java/org/collectionspace/services/client/AuthorityClientImpl.java
index fbdda135d002daa574918d6840ef116d3feb01c6..a79d448448f57694a5a74be4c763633f116fe222 100644 (file)
--- a/services/client/src/main/java/org/collectionspace/services/client/AuthorityClientImpl.java
+++ b/services/client/src/main/java/org/collectionspace/services/client/AuthorityClientImpl.java
@@ -198,8 +198,8 @@ public abstract class AuthorityClientImpl<AUTHORITY_ITEM_TYPE, P extends Authori
     }\r
     \r
        @Override\r
-    public ClientResponse<String> updateItemWorkflow(String vcsid, String csid, PoxPayloadOut xmlPayload) {\r
-       return getProxy().updateItemWorkflow(vcsid, csid, xmlPayload.getBytes());\r
+    public ClientResponse<String> updateItemWorkflowWithTransition(String vcsid, String csid, String workflowTransition) {\r
+       return getProxy().updateItemWorkflowWithTransition(vcsid, csid, workflowTransition);\r
     }\r
        \r
 }\r
diff --git a/services/client/src/main/java/org/collectionspace/services/client/AuthorityProxy.java b/services/client/src/main/java/org/collectionspace/services/client/AuthorityProxy.java
index 178f1409c121610f2e46ee1b65c7f311674d8fe7..d10344f4e101de15163d95a84e3343a606779ade 100644 (file)
--- a/services/client/src/main/java/org/collectionspace/services/client/AuthorityProxy.java
+++ b/services/client/src/main/java/org/collectionspace/services/client/AuthorityProxy.java
@@ -148,9 +148,10 @@ public interface AuthorityProxy extends CollectionSpaceCommonListPoxProxy {
             \r
     //(U)pdate Item workflow\r
     @PUT\r
-    @Path("/{vcsid}/items/{csid}" + WorkflowClient.SERVICE_PATH)\r
-    ClientResponse<String> updateItemWorkflow(@PathParam("vcsid") String vcsid,\r
+    @Path("/{vcsid}/items/{csid}" + WorkflowClient.SERVICE_PATH + "/{transition}")\r
+    ClientResponse<String> updateItemWorkflowWithTransition(\r
+               @PathParam("vcsid") String vcsid,\r
                @PathParam("csid") String csid,\r
-               byte[] xmlPayload);\r
+               @PathParam("transition") String transition);\r
     \r
 }\r
diff --git a/services/client/src/main/java/org/collectionspace/services/client/test/AbstractServiceTestImpl.java b/services/client/src/main/java/org/collectionspace/services/client/test/AbstractServiceTestImpl.java
index 510ad38f2c7478d5366d866a33f87262a40c6220..7e3c1fb5961865e9f62fe560da6359adfd1d7bb0 100644 (file)
--- a/services/client/src/main/java/org/collectionspace/services/client/test/AbstractServiceTestImpl.java
+++ b/services/client/src/main/java/org/collectionspace/services/client/test/AbstractServiceTestImpl.java
@@ -1041,7 +1041,7 @@ public abstract class AbstractServiceTestImpl<CLT, CPT, REQUEST_TYPE, RESPONSE_T
 
                 this.setupUpdate();
 
-                this.updateItemLifeCycleState(testName, parentCsid, csid, WorkflowClient.WORKFLOWSTATE_DELETED);
+                this.updateItemLifeCycleState(testName, parentCsid, csid, WorkflowClient.WORKFLOWTRANSITION_DELETE, WorkflowClient.WORKFLOWSTATE_DELETED);
                 //
                 // Read the list of existing non-deleted records
                 //
@@ -1065,7 +1065,7 @@ public abstract class AbstractServiceTestImpl<CLT, CPT, REQUEST_TYPE, RESPONSE_T
         }
     }
 
-    protected void updateItemLifeCycleState(String testName, String parentCsid, String itemCsid, String lifeCycleState) throws Exception {
+    protected void updateItemLifeCycleState(String testName, String parentCsid, String itemCsid, String workflowTransition, String lifeCycleState) throws Exception {
         //
         // Read the existing object
         //
@@ -1093,7 +1093,7 @@ public abstract class AbstractServiceTestImpl<CLT, CPT, REQUEST_TYPE, RESPONSE_T
         //
         // Perform the state change update
         //
-        res = client.updateItemWorkflow(parentCsid, itemCsid, output);
+        res = client.updateItemWorkflowWithTransition(parentCsid, itemCsid, workflowTransition);
         WorkflowCommon updatedWorkflowCommons = null;
         try {
                assertStatusCode(res, testName);
diff --git a/services/client/src/main/java/org/collectionspace/services/client/workflow/WorkflowClient.java b/services/client/src/main/java/org/collectionspace/services/client/workflow/WorkflowClient.java
index c3ea8854ebc5fb1eb11328174813b771a2d41dd8..31ee013a9647420ed95909ff81894981bf119f7f 100644 (file)
--- a/services/client/src/main/java/org/collectionspace/services/client/workflow/WorkflowClient.java
+++ b/services/client/src/main/java/org/collectionspace/services/client/workflow/WorkflowClient.java
@@ -51,6 +51,7 @@ public class WorkflowClient extends AbstractCommonListPoxServiceClientImpl<Workf
        // DocumentHandler passed properties
        //
        public static final String TRANSITION_ID = "transition_id";
+       public static final String TRANSITION_PARAM_JAXRS = "transition";
        //
        // Service Query Params
        //
diff --git a/services/common/src/main/cspace/config/services/tenants/tenant-bindings-proto.xml b/services/common/src/main/cspace/config/services/tenants/tenant-bindings-proto.xml
index 82464e5b0ea0883b9b91a286a64878178412f06b..f85f4e17e1c4e5bb78106b69c5537769db81e2e6 100644 (file)
--- a/services/common/src/main/cspace/config/services/tenants/tenant-bindings-proto.xml
+++ b/services/common/src/main/cspace/config/services/tenants/tenant-bindings-proto.xml
@@ -76,7 +76,6 @@
 
     <!-- begin collectionobject service meta-data -->
     <tenant:serviceBindings id="CollectionObjects" name="CollectionObjects" type="object" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/collectionobjects/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -628,7 +627,6 @@
     <!-- begin blob service meta-data -->
                <!-- This should likely be type="object" -->
     <tenant:serviceBindings id="Blobs" name="Blobs" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/blobs/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.blob.nuxeo.BlobDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -690,7 +688,6 @@
     
     <!-- begin intake service meta-data -->
     <tenant:serviceBindings id="Intakes" name="Intakes" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/intakes/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -834,7 +831,6 @@
         
     <!-- begin loanin service meta-data -->
     <tenant:serviceBindings id="Loansin" name="Loansin" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/loansin/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -990,7 +986,6 @@
     
     <!-- begin loanout service meta-data -->
     <tenant:serviceBindings id="Loansout" name="Loansout" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/loansout/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -1078,7 +1073,6 @@
     
     <!-- begin objectexit service meta-data -->
     <tenant:serviceBindings id="ObjectExit" name="ObjectExit" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/objectexit/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.objectexit.nuxeo.ObjectExitDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -1151,7 +1145,6 @@
     
     <!-- begin batch service meta-data -->
     <tenant:serviceBindings id="Batch" name="Batch" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/batch/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.batch.nuxeo.BatchDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -1188,7 +1181,6 @@
     
     <!-- begin group service meta-data -->
     <tenant:serviceBindings id="Groups" name="Groups" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/groups/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.group.nuxeo.GroupDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -1250,7 +1242,6 @@
     
     <!-- begin imports service meta-data -->
     <tenant:serviceBindings id="Imports" name="Imports" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/imports/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.imports.nuxeo.ImportsDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -1294,7 +1285,6 @@
     <!-- begin media service meta-data -->
                <!-- This should likely be type="object" -->
      <tenant:serviceBindings id="Media" name="Media" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/media/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.media.nuxeo.MediaDocumentModelHandler</service:documentHandler>
       <service:DocHandlerParams xmlns:service="http://collectionspace.org/services/config/service">
@@ -1411,7 +1401,6 @@
         
     <!-- begin movement service meta-data -->
     <tenant:serviceBindings id="Movements" name="Movements" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/movements/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -1547,7 +1536,6 @@
         
     <!-- begin report service meta-data -->
     <tenant:serviceBindings id="Reports" name="Reports" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/reports/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -1597,8 +1585,6 @@
     
     <!-- begin vocabulary service meta-data -->
     <tenant:serviceBindings id="Vocabularies" name="Vocabularies" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/vocabularies/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/vocabularies/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.vocabulary.nuxeo.VocabularyDocumentModelHandler</service:documentHandler>
@@ -1663,7 +1649,6 @@
             Repository workspace so we have to configure that.
         -->
     <tenant:serviceBindings id="Vocabularyitems" name="Vocabularyitems" type="authority" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/vocabularyitems/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
       <!--
                         <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -1726,8 +1711,6 @@
     
     <!-- begin orgauthority service meta-data -->
     <tenant:serviceBindings id="Orgauthorities" name="Orgauthorities" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/orgauthorities/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/orgauthorities/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -1895,8 +1878,6 @@
         
     <!-- begin personauthority service meta-data -->
     <tenant:serviceBindings id="Personauthorities" name="Personauthorities" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/personauthorities/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/personauthorities/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2090,8 +2071,6 @@
         
     <!-- begin locationauthority service meta-data -->
     <tenant:serviceBindings id="Locationauthorities" name="Locationauthorities" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/locationauthorities/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/locationauthorities/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2233,8 +2212,6 @@
     <!-- end location service meta-data -->
         <!-- begin placeauthority service meta-data -->
         <tenant:serviceBindings id="Placeauthorities" name="Placeauthorities" version="0.1">
-            <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/placeauthorities/*/workflow/</service:uriPath>
-            <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/placeauthorities/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths using which this service could be accessed -->
             <!-- 
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2413,8 +2390,6 @@
         <!-- end place service meta-data -->
     <!-- begin taxonomyauthority service meta-data -->
     <tenant:serviceBindings id="Taxonomyauthority" name="Taxonomyauthority" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/taxonomyauthority/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/taxonomyauthority/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2578,8 +2553,6 @@
     
     <!-- begin conceptauthority service meta-data -->
     <tenant:serviceBindings id="Conceptauthorities" name="Conceptauthorities" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/conceptauthorities/*/workflow/</service:uriPath>
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/conceptauthorities/*/items/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2722,7 +2695,6 @@
 
     <!-- begin acquisition service meta-data -->
     <tenant:serviceBindings id="Acquisitions" name="Acquisitions" type="procedure" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/acquisitions/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
             <!--
             <service:uriPath xmlns:service='http://collectionspace.org/services/config/service'>
@@ -2837,7 +2809,6 @@
     
     <!-- begin relation service meta-data -->
     <tenant:serviceBindings id="Relations" name="Relations" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/relations/*/workflow/</service:uriPath>
             <!-- other URI paths through which this service could be accessed -->
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.relation.nuxeo.RelationDocumentModelHandler</service:documentHandler>
@@ -2986,7 +2957,7 @@
     <!-- begin dimension service meta-data -->
     <tenant:serviceBindings id="Dimensions" name="Dimensions" type="utility" version="0.1">
             <!-- other URI paths through which this service could be accessed -->
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/dimensions/*/workflow/</service:uriPath>
+      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/dimensions/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.dimension.nuxeo.DimensionDocumentModelHandler</service:documentHandler>
       <service:object xmlns:service="http://collectionspace.org/services/config/service" name="Dimension" version="0.1">
@@ -3090,7 +3061,6 @@
     
     <!-- begin note service meta-data -->
     <tenant:serviceBindings id="Notes" name="Notes" type="utility" version="0.1">
-      <service:uriPath xmlns:service="http://collectionspace.org/services/config/service">/notes/*/workflow/</service:uriPath>
       <service:repositoryDomain xmlns:service="http://collectionspace.org/services/config/service">default-domain</service:repositoryDomain>
       <service:documentHandler xmlns:service="http://collectionspace.org/services/config/service">org.collectionspace.services.note.nuxeo.NoteDocumentModelHandler</service:documentHandler>
       <service:object xmlns:service="http://collectionspace.org/services/config/service" name="CSNote" version="0.1">
diff --git a/services/common/src/main/java/org/collectionspace/services/common/AbstractMultiPartCollectionSpaceResourceImpl.java b/services/common/src/main/java/org/collectionspace/services/common/AbstractMultiPartCollectionSpaceResourceImpl.java
index 9728a8dc2fdff2cb0da1f3c6daae6ee4ff336fd0..217cf60e8bfa715f7e6e7148f9fafcebdd62b66c 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/AbstractMultiPartCollectionSpaceResourceImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/AbstractMultiPartCollectionSpaceResourceImpl.java
@@ -193,7 +193,7 @@ public abstract class AbstractMultiPartCollectionSpaceResourceImpl extends Abstr
         return result.getBytes();\r
     }\r
     \r
-    private TransitionDef getTransitionDef(ServiceContext<PoxPayloadIn, PoxPayloadOut> ctx, String transition) {\r
+    protected TransitionDef getTransitionDef(ServiceContext<PoxPayloadIn, PoxPayloadOut> ctx, String transition) {\r
        TransitionDef result = null;\r
        \r
        try {\r
diff --git a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
index 0c98156eeb68a3a973cfdd2131797960de4d3cba..4fc06ff326e0181baec2d1d19af5eb6ec5132bd9 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
@@ -164,7 +164,7 @@ public class ServiceMain {
         // Create all the default user accounts and permissions\r
         //\r
         try {\r
-               AuthorizationCommon.createDefaultPermissions(tenantBindingConfigReader);                \r
+               AuthorizationCommon.createDefaultWorkflowPermissions(tenantBindingConfigReader);                \r
                AuthorizationCommon.createDefaultAccounts(tenantBindingConfigReader);     \r
         } catch(Throwable e) {         \r
                logger.error("Default accounts and permissions setup failed with exception(s): " + e.getLocalizedMessage(), e);\r
diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
index 16f3153abac374693f40d1d752945dcb3f125c78..90d4543e39983f7cc849277bfd56202f33e10763 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java
@@ -798,7 +798,7 @@ public class AuthorizationCommon {
                return result;\r
        }\r
        \r
-    public static void createDefaultPermissions(TenantBindingConfigReaderImpl tenantBindingConfigReader) throws Exception //FIXME: REM - 4/11/2012 - Rename to createWorkflowPermissions\r
+    public static void createDefaultWorkflowPermissions(TenantBindingConfigReaderImpl tenantBindingConfigReader) throws Exception //FIXME: REM - 4/11/2012 - Rename to createWorkflowPermissions\r
     {\r
        AuthZ.get().login(); //login to Spring Security manager\r
        \r
@@ -820,17 +820,6 @@ public class AuthorizationCommon {
                                if (prop == null ? true : Boolean.parseBoolean(prop)) {\r
                                                try {\r
                                                em.getTransaction().begin();\r
-                                               //\r
-                                               // For the default admin role, create the base workflow (aka, "/workflow" permissions for the service.\r
-                                               Permission baseAdminPerm = createWorkflowPermission(tenantBinding, serviceBinding, null, ACTIONGROUP_CRUDL);\r
-                                               persist(em, baseAdminPerm, adminRole, true);\r
-                                               //\r
-                                               // For the default read-only role, create the base workflow (aka, "/workflow" permissions for the service.\r
-                                               Permission baseReadonlyPerm = createWorkflowPermission(tenantBinding, serviceBinding, null, ACTIONGROUP_RL);\r
-                                               persist(em, baseReadonlyPerm, readonlyRole, true);                                      \r
-                                               //\r
-                                               // Next, create a permission for each workflow transition supported by the service's document type.\r
-                                               //\r
                                                TransitionDefList transitionDefList = getTransitionDefList(tenantBinding, serviceBinding);\r
                                                for (TransitionDef transitionDef : transitionDefList.getTransitionDef()) {\r
                                                        //\r
diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
index 2bd6a0d5985443af13680997b4167cf4f77a934e..6cc1155053df2aa6eaf41438318d867d7f0ee44b 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
@@ -137,8 +137,8 @@ public class SecurityInterceptor implements PreProcessInterceptor, PostProcessIn
                                // to perform a workflow state change and make sure they are allowed to to this.
                                //
                                if (uriPath.contains(WorkflowClient.SERVICE_PATH) == true) {
-                                       String workflowSubResName = SecurityUtils.getResourceName(request.getUri());
-                                       res = new URIResourceImpl(AuthN.get().getCurrentTenantId(), workflowSubResName, httpMethod);
+                                       String workflowProxyResource = SecurityUtils.getWorkflowResourceName(request);
+                                       res = new URIResourceImpl(AuthN.get().getCurrentTenantId(), workflowProxyResource, httpMethod);
                                        if (authZ.isAccessAllowed(res) == false) {
                                                logger.error("Access to " + resName + ":" + res.getId() + " is NOT allowed to "
                                                                + " user=" + AuthN.get().getUserId());
diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
index 9d0df0934d176dbb9c946aeeeb9dfb89e4b454f5..796b1dbcec294a40328e8169f4d95a7a6e803989 100644 (file)
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
@@ -32,6 +32,7 @@ import java.util.StringTokenizer;
 import org.collectionspace.services.authorization.AuthZ;
 import org.collectionspace.services.authorization.CSpaceResource;
 import org.collectionspace.services.authorization.URIResourceImpl;
+import org.collectionspace.services.client.workflow.WorkflowClient;
 import org.collectionspace.services.config.service.ServiceBindingType;
 
 import javax.ws.rs.core.MultivaluedMap;
@@ -42,6 +43,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import org.jboss.crypto.digest.DigestCallback;
+import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.security.Base64Encoder;
 import org.jboss.security.Base64Utils;
 
@@ -98,6 +100,25 @@ public class SecurityUtils {
         }
     }
 
+    public static String getWorkflowResourceName(HttpRequest request) {
+       String result = null;
+                       
+       UriInfo uriInfo = request.getUri();
+       String workflowSubResName = SecurityUtils.getResourceName(uriInfo);
+       String resEntity = SecurityUtils.getResourceEntity(workflowSubResName);
+       
+               MultivaluedMap<String, String> pathParams = uriInfo.getPathParameters();
+               String workflowTransition = pathParams.getFirst(WorkflowClient.TRANSITION_PARAM_JAXRS);
+               if (workflowTransition != null) {
+               result = resEntity + "/*/" + WorkflowClient.SERVICE_NAME + "/" + workflowTransition;
+               } else {
+                       // e.g., intakes/workflow or intakes/*/workflow
+                       result = resEntity;
+               }
+       
+       return result;
+    }
+    
        /**
         * Gets the resource name.
         *