From: Richard Millet Date: Thu, 12 Apr 2012 20:02:54 +0000 (-0700) Subject: CSPACE-4964: Fixing bug related to slashes in the Permission IDs X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=39caafccf25ad63f4cab3ca57a460dd1efc988eb;p=tmp%2Fjakarta-migration.git CSPACE-4964: Fixing bug related to slashes in the Permission IDs --- diff --git a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml index 182befb2e..3d605cde6 100644 --- a/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml +++ b/3rdparty/nuxeo/nuxeo-platform-collectionspace/src/main/resources/OSGI-INF/default-life-cycle-contrib.xml @@ -12,17 +12,17 @@ CollectionSpace core default life cycle definition. - + Move document to trash (temporary delete) - + Recover the document from trash - + delete @@ -40,23 +40,23 @@ CollectionSpace "locking" life cycle definition. - + Lock document - + Unlock the document Move document to trash (temporary delete) - + Recover the document from trash - + delete lock diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java index 36d8d555c..16f3153ab 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java +++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java @@ -248,9 +248,8 @@ public class AuthorizationCommon { String resourceName, String description, ActionGroup actionGroup) { -// String id = UUID.randomUUID().toString(); //FIXME: Could this be something like a refname instead of a UUID? String id = tenantId - + "-" + resourceName + + "-" + resourceName.replace('/', '_') // Remove the slashes so the ID can be used in a URI/URL + "-" + actionGroup.name; Permission perm = new Permission(); perm.setCsid(id); diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java index c6a3ef5e7..2bd6a0d59 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java +++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java @@ -136,7 +136,7 @@ public class SecurityInterceptor implements PreProcessInterceptor, PostProcessIn // They passed the first round of security checks, so now let's check to see if they're trying // to perform a workflow state change and make sure they are allowed to to this. // - if (uriPath.contains(WorkflowClient.SERVICE_PATH_COMPONENT) == true) { + if (uriPath.contains(WorkflowClient.SERVICE_PATH) == true) { String workflowSubResName = SecurityUtils.getResourceName(request.getUri()); res = new URIResourceImpl(AuthN.get().getCurrentTenantId(), workflowSubResName, httpMethod); if (authZ.isAccessAllowed(res) == false) { diff --git a/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml b/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml index 19925571f..57df41cf1 100644 --- a/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml +++ b/services/dimension/3rdparty/nuxeo-platform-cs-dimension/pom.xml @@ -8,7 +8,6 @@ 4.0.0 - org.collectionspace.services org.collectionspace.services.dimension.3rdparty.nuxeo services.dimension.3rdparty.nuxeo jar