Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Allow non-admin users to PUT/POST to create resources
  • Loading branch information
acoburn authored and Andrew Woods committed Nov 1, 2015
1 parent fbd4520 commit 26d1fcc
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 2 deletions.
16 changes: 14 additions & 2 deletions src/main/java/org/fcrepo/auth/webac/WebACRolesProvider.java
Expand Up @@ -60,6 +60,7 @@
import org.fcrepo.kernel.api.models.FedoraResource;
import org.fcrepo.kernel.api.models.NonRdfSourceDescription;
import org.fcrepo.kernel.api.services.NodeService;
import org.fcrepo.kernel.api.utils.UncheckedPredicate;
import org.fcrepo.kernel.modeshape.rdf.impl.DefaultIdentifierTranslator;
import org.fcrepo.kernel.modeshape.rdf.impl.PropertiesRdfContext;

Expand Down Expand Up @@ -103,8 +104,19 @@ public void deleteRoles(final Node node) throws RepositoryException {
@Override
public Map<String, List<String>> findRolesForPath(final Path absPath, final Session session)
throws RepositoryException {
LOGGER.debug("findRolesForPath: {}", absPath.toString());
return getAgentRoles(nodeService.find(session, absPath.toString()));
return getAgentRoles(locateResource(absPath, session));
}

private FedoraResource locateResource(final Path path, final Session session) {

final Predicate<Path> exists = UncheckedPredicate.uncheck(x -> session.nodeExists(x.toString()));

if (exists.test(path) || path.isRoot()) {
LOGGER.debug("findRolesForPath: {}", path.getString());
return nodeService.find(session, path.toString());
}
LOGGER.trace("Path: {} does not exist, checking parent", path.getString());
return locateResource(path.getParent(), session);
}

@Override
Expand Down
Expand Up @@ -297,6 +297,40 @@ public void scenario4() throws IOException {
assertEquals(HttpStatus.SC_NO_CONTENT, getStatus(response));
}

logger.debug("Editors can create (PUT) child objects of " + testObj);
final HttpPut requestPut1 = putObjMethod(id + "/child1");
setAuth(requestPut1, "jones");
requestPut1.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_CREATED, getStatus(requestPut1));

final HttpGet requestGet4 = getObjMethod(id + "/child1");
setAuth(requestGet4, "jones");
requestGet4.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_OK, getStatus(requestGet4));

logger.debug("Editors can create (POST) child objects of " + testObj);
final HttpPost requestPost1 = postObjMethod(id);
requestPost1.addHeader("Slug", "child2");
setAuth(requestPost1, "jones");
requestPost1.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_CREATED, getStatus(requestPost1));

final HttpGet requestGet5 = getObjMethod(id + "/child2");
setAuth(requestGet5, "jones");
requestGet5.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_OK, getStatus(requestGet5));

logger.debug("Editors can create nested child objects of " + testObj);
final HttpPut requestPut2 = putObjMethod(id + "/a/b/c/child");
setAuth(requestPut2, "jones");
requestPut2.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_CREATED, getStatus(requestPut2));

final HttpGet requestGet6 = getObjMethod(id + "/a/b/c/child");
setAuth(requestGet6, "jones");
requestGet6.setHeader("some-header", "Editors");
assertEquals(HttpStatus.SC_OK, getStatus(requestGet6));

logger.debug("Smith can't write " + testObj);
final HttpPatch requestPatch3 = patchObjMethod(id);
requestPatch3.setHeader("Content-type", "application/sparql-update");
Expand Down

0 comments on commit 26d1fcc

Please sign in to comment.