Merge branch 'master' into rest-demo

.lgtm.yml

@@ -0,0 +1,9 @@
+# LGTM Settings (https://lgtm.com/)
+# For reference, see https://lgtm.com/help/lgtm/lgtm.yml-configuration-file
+# or template at https://lgtm.com/static/downloads/lgtm.template.yml
+
+extraction:
+  java:
+    index:
+      # Specify the Java version required to build the project
+      java_version: 11

dspace-api/src/main/java/org/dspace/app/util/AuthorizeUtil.java

@@ -9,7 +9,10 @@
 
 import java.sql.SQLException;
 import java.util.List;
+import javax.servlet.http.HttpServletRequest;
 
+import org.apache.logging.log4j.Logger;
+import org.dspace.authenticate.factory.AuthenticateServiceFactory;
 import org.dspace.authorize.AuthorizeConfiguration;
 import org.dspace.authorize.AuthorizeException;
 import org.dspace.authorize.ResourcePolicy;
@@ -26,9 +29,12 @@
 import org.dspace.content.service.ItemService;
 import org.dspace.core.Constants;
 import org.dspace.core.Context;
+import org.dspace.eperson.EPerson;
 import org.dspace.eperson.Group;
 import org.dspace.eperson.factory.EPersonServiceFactory;
 import org.dspace.eperson.service.GroupService;
+import org.dspace.services.factory.DSpaceServicesFactory;
+import org.dspace.utils.DSpace;
 import org.dspace.xmlworkflow.factory.XmlWorkflowServiceFactory;
 import org.dspace.xmlworkflow.storedcomponents.CollectionRole;
 import org.dspace.xmlworkflow.storedcomponents.service.CollectionRoleService;
@@ -41,6 +47,7 @@
  */
 public class AuthorizeUtil {
 
+    private static final Logger log = org.apache.logging.log4j.LogManager.getLogger(AuthorizeUtil.class);
     /**
      * Default constructor
      */
@@ -605,9 +612,53 @@ public static void authorizeManageGroup(Context context, Group group) throws SQL
         throw new AuthorizeException("not authorized to manage this group");
     }
 
+    /**
+     * This method will return a boolean indicating whether the current user is allowed to register a new
+     * account or not
+     * @param context   The relevant DSpace context
+     * @param request   The current request
+     * @return          A boolean indicating whether the current user can register a new account or not
+     * @throws SQLException If something goes wrong
+     */
+    public static boolean authorizeNewAccountRegistration(Context context, HttpServletRequest request)
+        throws SQLException {
+        if (DSpaceServicesFactory.getInstance().getConfigurationService()
+                                 .getBooleanProperty("user.registration", true)) {
+            // This allowSetPassword is currently the only mthod that would return true only when it's
+            // actually expected to be returning true.
+            // For example the LDAP canSelfRegister will return true due to auto-register, while that
+            // does not imply a new user can register explicitly
+            return AuthenticateServiceFactory.getInstance().getAuthenticationService()
+                                             .allowSetPassword(context, request, null);
+        }
+        return false;
+    }
+
+    /**
+     * This method will return a boolean indicating whether it's allowed to update the password for the EPerson
+     * with the given email and canLogin property
+     * @param context   The relevant DSpace context
+     * @param email     The email to be checked
+     * @return          A boolean indicating if the password can be updated or not
+     */
+    public static boolean authorizeUpdatePassword(Context context, String email) {
+        try {
+            EPerson eperson = EPersonServiceFactory.getInstance().getEPersonService().findByEmail(context, email);
+            if (eperson != null && eperson.canLogIn()) {
+                HttpServletRequest request = new DSpace().getRequestService().getCurrentRequest()
+                                                         .getHttpServletRequest();
+                return AuthenticateServiceFactory.getInstance().getAuthenticationService()
+                                                 .allowSetPassword(context, request, null);
+            }
+        } catch (SQLException e) {
+            log.error("Something went wrong trying to retrieve EPerson for email: " + email, e);
+        }
+        return false;
+    }
+
     /**
      * This method checks if the community Admin can manage accounts
-     * 
+     *
      * @return true if is able
      */
     public static boolean canCommunityAdminManageAccounts() {
@@ -625,7 +676,7 @@ public static boolean canCommunityAdminManageAccounts() {
 
     /**
      * This method checks if the Collection Admin can manage accounts
-     * 
+     *
      * @return true if is able
      */
     public static boolean canCollectionAdminManageAccounts() {

dspace-api/src/main/java/org/dspace/app/util/DCInputSet.java

@@ -10,6 +10,7 @@
 import java.util.List;
 import java.util.Map;
 
+import org.dspace.core.Utils;
 /**
  * Class representing all DC inputs required for a submission, organized into pages
  *
@@ -107,9 +108,21 @@ public boolean isFieldPresent(String fieldName) {
         for (int i = 0; i < inputs.length; i++) {
             for (int j = 0; j < inputs[i].length; j++) {
                 DCInput field = inputs[i][j];
-                String fullName = field.getFieldName();
-                if (fullName.equals(fieldName)) {
-                    return true;
+                // If this is a "qualdrop_value" field, then the full field name is the field + dropdown qualifier
+                if (field.getInputType().equals("qualdrop_value")) {
+                    List<String> pairs = field.getPairs();
+                    for (int k = 0; k < pairs.size(); k += 2) {
+                        String qualifier = pairs.get(k + 1);
+                        String fullName = Utils.standardize(field.getSchema(), field.getElement(), qualifier, ".");
+                        if (fullName.equals(fieldName)) {
+                            return true;
+                        }
+                    }
+                } else {
+                    String fullName = field.getFieldName();
+                    if (fullName.equals(fieldName)) {
+                        return true;
+                    }
                 }
             }
         }

dspace-api/src/main/java/org/dspace/app/util/IndexVersion.java

@@ -250,12 +250,8 @@ public static int compareSoftwareVersions(String firstVersion, String secondVers
         } else if (firstMinor > secondMinor) {
             // If we get here, major versions must be EQUAL. Now, time to check our minor versions
             return GREATER_THAN;
-        } else if (firstMinor < secondMinor) {
-            return LESS_THAN;
         } else {
-            // This is an impossible scenario.
-            // This 'else' should never be triggered since we've checked for equality above already
-            return EQUAL;
+            return LESS_THAN;
         }
     }
 

dspace-api/src/main/java/org/dspace/eperson/AccountServiceImpl.java

@@ -12,6 +12,7 @@
 import java.util.Locale;
 import javax.mail.MessagingException;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.Logger;
 import org.dspace.authorize.AuthorizeException;
 import org.dspace.core.ConfigurationManager;
@@ -22,6 +23,7 @@
 import org.dspace.eperson.service.AccountService;
 import org.dspace.eperson.service.EPersonService;
 import org.dspace.eperson.service.RegistrationDataService;
+import org.dspace.services.ConfigurationService;
 import org.springframework.beans.factory.annotation.Autowired;
 
 /**
@@ -47,6 +49,8 @@ public class AccountServiceImpl implements AccountService {
     protected EPersonService ePersonService;
     @Autowired(required = true)
     protected RegistrationDataService registrationDataService;
+    @Autowired
+    private ConfigurationService configurationService;
 
     protected AccountServiceImpl() {
 
@@ -67,6 +71,9 @@ protected AccountServiceImpl() {
     public void sendRegistrationInfo(Context context, String email)
         throws SQLException, IOException, MessagingException,
         AuthorizeException {
+        if (!configurationService.getBooleanProperty("user.registration", true)) {
+            throw new IllegalStateException("The user.registration parameter was set to false");
+        }
         sendInfo(context, email, true, true);
     }
 
@@ -155,6 +162,14 @@ public void deleteToken(Context context, String token)
         registrationDataService.deleteByToken(context, token);
     }
 
+    @Override
+    public boolean verifyPasswordStructure(String password) {
+        if (StringUtils.length(password) < 6) {
+            return false;
+        }
+        return true;
+    }
+
     /**
      * THIS IS AN INTERNAL METHOD. THE SEND PARAMETER ALLOWS IT TO BE USED FOR
      * TESTING PURPOSES.
@@ -233,8 +248,8 @@ protected void sendEmail(Context context, String email, boolean isRegister, Regi
         //  Note change from "key=" to "token="
         String specialLink = new StringBuffer().append(base).append(
             base.endsWith("/") ? "" : "/").append(
-            isRegister ? "register" : "forgot").append("?")
-                                               .append("token=").append(rd.getToken())
+            isRegister ? "register" : "forgot").append("/")
+                                               .append(rd.getToken())
                                                .toString();
         Locale locale = context.getCurrentLocale();
         Email bean = Email.getEmail(I18nUtil.getEmailFilename(locale, isRegister ? "register"

dspace-api/src/main/java/org/dspace/eperson/service/AccountService.java

@@ -46,4 +46,11 @@ public String getEmail(Context context, String token)
 
     public void deleteToken(Context context, String token)
         throws SQLException;
+
+    /**
+     * This method verifies that a certain String adheres to the password rules for DSpace
+     * @param password  The String to be checked
+     * @return          A boolean indicating whether or not the given String adheres to the password rules
+     */
+    public boolean verifyPasswordStructure(String password);
 }

dspace-api/src/main/java/org/dspace/license/CCLicense.java

@@ -8,24 +8,26 @@
 package org.dspace.license;
 
 
+import java.util.List;
+
 /**
  * @author wbossons
  */
 public class CCLicense {
 
     private String licenseName;
     private String licenseId;
-    private int order = 0;
+    private List<CCLicenseField> ccLicenseFieldList;
 
     public CCLicense() {
         super();
     }
 
-    public CCLicense(String licenseId, String licenseName, int order) {
+    public CCLicense(String licenseId, String licenseName, List<CCLicenseField> ccLicenseFieldList) {
         super();
         this.licenseId = licenseId;
         this.licenseName = licenseName;
-        this.order = order;
+        this.ccLicenseFieldList = ccLicenseFieldList;
     }
 
     public String getLicenseName() {
@@ -44,13 +46,19 @@ public void setLicenseId(String licenseId) {
         this.licenseId = licenseId;
     }
 
-    public int getOrder() {
-        return this.order;
+    /**
+     * Gets the list of CC License Fields
+     * @return the list of CC License Fields
+     */
+    public List<CCLicenseField> getCcLicenseFieldList() {
+        return ccLicenseFieldList;
     }
 
-    public void setOrder(int order) {
-        this.order = order;
+    /**
+     * Sets the list of CC License Fields
+     * @param ccLicenseFieldList
+     */
+    public void setCcLicenseFieldList(final List<CCLicenseField> ccLicenseFieldList) {
+        this.ccLicenseFieldList = ccLicenseFieldList;
     }
-
-
 }

dspace-api/src/main/java/org/dspace/license/CCLicenseConnectorService.java

@@ -0,0 +1,60 @@
+/**
+ * The contents of this file are subject to the license and copyright
+ * detailed in the LICENSE and NOTICE files at the root of the source
+ * tree and available online at
+ *
+ * http://www.dspace.org/license/
+ */
+package org.dspace.license;
+
+import java.io.IOException;
+import java.util.Map;
+
+import org.jdom.Document;
+
+/**
+ * Service interface class for the Creative commons license connector service.
+ * The implementation of this class is responsible for all the calls to the CC license API and parsing the response
+ * The service is autowired by spring
+ */
+public interface CCLicenseConnectorService {
+
+    /**
+     * Retrieves the CC Licenses for the provided language from the CC License API
+     *
+     * @param language - the language to retrieve the licenses for
+     * @return a map of licenses with the id and the license for the provided language
+     */
+    public Map<String, CCLicense> retrieveLicenses(String language);
+
+    /**
+     * Retrieve the CC License URI based on the provided license id, language and answers to the field questions from
+     * the CC License API
+     *
+     * @param licenseId - the ID of the license
+     * @param language  - the language for which to retrieve the full answerMap
+     * @param answerMap - the answers to the different field questions
+     * @return the CC License URI
+     */
+    public String retrieveRightsByQuestion(String licenseId,
+                                           String language,
+                                           Map<String, String> answerMap);
+
+    /**
+     * Retrieve the license RDF document based on the license URI
+     *
+     * @param licenseURI    - The license URI for which to retrieve the license RDF document
+     * @return the license RDF document
+     * @throws IOException
+     */
+    public Document retrieveLicenseRDFDoc(String licenseURI) throws IOException;
+
+    /**
+     * Retrieve the license Name from the license document
+     *
+     * @param doc   - The license document from which to retrieve the license name
+     * @return the license name
+     */
+    public String retrieveLicenseName(final Document doc);
+
+}