From 05ee4b5d106fe084a1fecfa4651fb4135fd53ead Mon Sep 17 00:00:00 2001 From: Santiago Tettamanti Date: Mon, 14 May 2018 14:40:07 -0300 Subject: [PATCH 1/2] Now a workflow item can be deleted by the user who claimed it The item is removed permanently, and before deleting the item DELETE permission is checked --- .../AcceptEditRejectAction.java | 58 ++++++++++++++++++- .../AcceptEditRejectAction.java | 29 +++++++++- .../aspects/XMLWorkflow/i18n/messages.xml | 3 + 3 files changed, 87 insertions(+), 3 deletions(-) diff --git a/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java b/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java index a3102768f1c8..b127ed2aa14a 100644 --- a/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java +++ b/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java @@ -9,13 +9,23 @@ import org.dspace.app.util.Util; import org.dspace.authorize.AuthorizeException; +import org.dspace.authorize.factory.AuthorizeServiceFactory; +import org.dspace.authorize.service.AuthorizeService; import org.dspace.content.DCDate; import org.dspace.content.MetadataSchema; +import org.dspace.content.factory.ContentServiceFactory; +import org.dspace.content.service.ItemService; +import org.dspace.core.Constants; import org.dspace.core.Context; import org.dspace.xmlworkflow.factory.XmlWorkflowServiceFactory; +import org.dspace.xmlworkflow.service.WorkflowRequirementsService; +import org.dspace.xmlworkflow.service.XmlWorkflowService; import org.dspace.xmlworkflow.state.Step; import org.dspace.xmlworkflow.storedcomponents.XmlWorkflowItem; +import org.dspace.xmlworkflow.storedcomponents.service.WorkflowItemRoleService; +import org.dspace.xmlworkflow.storedcomponents.service.XmlWorkflowItemService; import org.dspace.xmlworkflow.state.actions.ActionResult; +import org.dspace.content.Item; import javax.servlet.http.HttpServletRequest; import java.io.IOException; @@ -34,6 +44,7 @@ public class AcceptEditRejectAction extends ProcessingAction { public static final int MAIN_PAGE = 0; public static final int REJECT_PAGE = 1; + public static final int DELETE_PAGE = 2; //TODO: rename to AcceptAndEditMetadataAction @@ -51,13 +62,15 @@ public ActionResult execute(Context c, XmlWorkflowItem wfi, Step step, HttpServl return processMainPage(c, wfi, step, request); case REJECT_PAGE: return processRejectPage(c, wfi, step, request); + case DELETE_PAGE: + return processDeleteItem(c, wfi, step, request); } return new ActionResult(ActionResult.TYPE.TYPE_CANCEL); } - public ActionResult processMainPage(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException { + public ActionResult processMainPage(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException, IOException { if(request.getParameter("submit_approve") != null){ //Delete the tasks addApprovedProvenance(c, wfi); @@ -68,6 +81,10 @@ public ActionResult processMainPage(Context c, XmlWorkflowItem wfi, Step step, H request.setAttribute("page", REJECT_PAGE); // We have pressed reject item, so take the user to a page where he can reject return new ActionResult(ActionResult.TYPE.TYPE_PAGE); + } else if(request.getParameter("submit_delete") != null){ + request.setAttribute("page", DELETE_PAGE); + // We have pressed delete item + return new ActionResult(ActionResult.TYPE.TYPE_PAGE); } else { //We pressed the leave button so return to our submissions page return new ActionResult(ActionResult.TYPE.TYPE_SUBMISSION_PAGE); @@ -110,4 +127,43 @@ private void addApprovedProvenance(Context c, XmlWorkflowItem wfi) throws SQLExc itemService.addMetadata(c, wfi.getItem(), MetadataSchema.DC_SCHEMA, "description", "provenance", "en", provDescription); itemService.update(c, wfi.getItem()); } + + public ActionResult processDeleteItem(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException, IOException { + if(request.getParameter("submit_delete") != null){ + + AuthorizeService authorizeService= AuthorizeServiceFactory.getInstance().getAuthorizeService(); + XmlWorkflowService xmlWorkflowService = XmlWorkflowServiceFactory.getInstance().getXmlWorkflowService(); + WorkflowRequirementsService workflowRequirementsService=XmlWorkflowServiceFactory.getInstance().getWorkflowRequirementsService(); + WorkflowItemRoleService workflowItemRoleService=XmlWorkflowServiceFactory.getInstance().getWorkflowItemRoleService(); + XmlWorkflowItemService xmlWorkflowItemService=XmlWorkflowServiceFactory.getInstance().getXmlWorkflowItemService(); + ItemService itemService= ContentServiceFactory.getInstance().getItemService(); + + Item item =wfi.getItem(); + //Chequeamos permisos + authorizeService.authorizeAction(c, item, Constants.DELETE); + + //Removemos sus referencias de las tablas 'cwf_in_progress_user' y 'cwf_claimtask' + workflowRequirementsService.clearInProgressUsers(c, wfi); + xmlWorkflowService.deleteAllTasks(c,wfi); + // Remove (if any) the workflowItemroles for this item + workflowItemRoleService.deleteForWorkflowItem(c, wfi); + //Removemos el workflowItem + xmlWorkflowItemService.deleteWrapper(c, wfi); + //Apago el sistema de autorizaciones para que se pueda eliminar el item (ademas ya chequeamos permisos antes) + c.turnOffAuthorisationSystem(); + // Remove item + itemService.delete(c,item); + c.restoreAuthSystemState(); + + + c.commit(); + return new ActionResult(ActionResult.TYPE.TYPE_SUBMISSION_PAGE); + } + //Cancel, go back to the main task page + request.setAttribute("page", MAIN_PAGE); + + return new ActionResult(ActionResult.TYPE.TYPE_PAGE); + + } + } diff --git a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java index 855971ec8e78..9cf6f598daca 100644 --- a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java +++ b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java @@ -40,6 +40,9 @@ public class AcceptEditRejectAction extends AbstractXMLUIAction { protected static final Message T_info2= message("xmlui.Submission.workflow.RejectTaskStep.info1"); + protected static final Message T_info3= + message("xmlui.XMLWorkflow.workflow.DeleteItemAction.info3"); + private static final Message T_HEAD = message("xmlui.XMLWorkflow.workflow.EditMetadataAction.head"); @@ -76,7 +79,10 @@ public class AcceptEditRejectAction extends AbstractXMLUIAction { protected static final Message T_cancel_submit = message("xmlui.general.cancel"); - + protected static final Message T_delete_help = + message("xmlui.XMLWorkflow.workflow.EditMetadataAction.delete_help"); + protected static final Message T_delete_submit = + message("xmlui.general.delete");; @Override public void addBody(Body body) throws SAXException, WingException, SQLException, IOException, AuthorizeException { Item item = workflowItem.getItem(); @@ -105,6 +111,9 @@ public void addBody(Body body) throws SAXException, WingException, SQLException, case ReviewAction.REJECT_PAGE: renderRejectPage(div); break; + case org.dspace.xmlworkflow.state.actions.processingaction.AcceptEditRejectAction.DELETE_PAGE: + renderDeletePage(div); + } div.addHidden("submission-continue").setValue(knot.getId()); @@ -124,7 +133,10 @@ private void renderMainPage(Division div) throws WingException { row.addCellContent(T_reject_help); row.addCell().addButton("submit_reject").setValue(T_reject_submit); - + row = table.addRow(); + row.addCellContent(T_delete_help); + row.addCell().addButton("submit_delete").setValue(T_delete_submit); + // Edit metadata row = table.addRow(); row.addCellContent(T_edit_help); @@ -161,4 +173,17 @@ private void renderRejectPage(Division div) throws WingException { actions.addButton("submit_cancel").setValue(T_submit_cancel); } + private void renderDeletePage(Division div) throws WingException { + Division divNotice = div.addDivision("general-message","notice failure"); + divNotice.addPara(T_info3); + + List form = div.addList("delete-workflow",List.TYPE_FORM); + + div.addHidden("page").setValue(org.dspace.xmlworkflow.state.actions.processingaction.AcceptEditRejectAction.DELETE_PAGE); + + org.dspace.app.xmlui.wing.element.Item actions = form.addItem(); + actions.addButton("submit_delete").setValue(T_delete_submit); + actions.addButton("submit_cancel").setValue(T_submit_cancel); + + } } diff --git a/dspace-xmlui/src/main/resources/aspects/XMLWorkflow/i18n/messages.xml b/dspace-xmlui/src/main/resources/aspects/XMLWorkflow/i18n/messages.xml index e151b45bd93c..4a535bc98ca8 100644 --- a/dspace-xmlui/src/main/resources/aspects/XMLWorkflow/i18n/messages.xml +++ b/dspace-xmlui/src/main/resources/aspects/XMLWorkflow/i18n/messages.xml @@ -46,6 +46,7 @@ Approve item Select this option to change the item's metadata. Edit metadata + Delete workflow item Unknown state @@ -102,5 +103,7 @@ Score review Score review Score review + + Are you sure do you want to delete the item? From 54e443515490ac966a58d7ec520837644e5b78b7 Mon Sep 17 00:00:00 2001 From: Santiago Tettamanti Date: Thu, 17 May 2018 13:28:48 -0300 Subject: [PATCH 2/2] Permissions over the delete button are checked before rendering it. Fixed some identations. --- .../AcceptEditRejectAction.java | 62 +++++++++---------- .../AcceptEditRejectAction.java | 21 ++++--- 2 files changed, 44 insertions(+), 39 deletions(-) diff --git a/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java b/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java index b127ed2aa14a..0cbbee3b6019 100644 --- a/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java +++ b/dspace-api/src/main/java/org/dspace/xmlworkflow/state/actions/processingaction/AcceptEditRejectAction.java @@ -70,7 +70,7 @@ public ActionResult execute(Context c, XmlWorkflowItem wfi, Step step, HttpServl return new ActionResult(ActionResult.TYPE.TYPE_CANCEL); } - public ActionResult processMainPage(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException, IOException { + public ActionResult processMainPage(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException { if(request.getParameter("submit_approve") != null){ //Delete the tasks addApprovedProvenance(c, wfi); @@ -130,40 +130,40 @@ private void addApprovedProvenance(Context c, XmlWorkflowItem wfi) throws SQLExc public ActionResult processDeleteItem(Context c, XmlWorkflowItem wfi, Step step, HttpServletRequest request) throws SQLException, AuthorizeException, IOException { if(request.getParameter("submit_delete") != null){ - - AuthorizeService authorizeService= AuthorizeServiceFactory.getInstance().getAuthorizeService(); - XmlWorkflowService xmlWorkflowService = XmlWorkflowServiceFactory.getInstance().getXmlWorkflowService(); - WorkflowRequirementsService workflowRequirementsService=XmlWorkflowServiceFactory.getInstance().getWorkflowRequirementsService(); - WorkflowItemRoleService workflowItemRoleService=XmlWorkflowServiceFactory.getInstance().getWorkflowItemRoleService(); - XmlWorkflowItemService xmlWorkflowItemService=XmlWorkflowServiceFactory.getInstance().getXmlWorkflowItemService(); - ItemService itemService= ContentServiceFactory.getInstance().getItemService(); - - Item item =wfi.getItem(); - //Chequeamos permisos - authorizeService.authorizeAction(c, item, Constants.DELETE); - - //Removemos sus referencias de las tablas 'cwf_in_progress_user' y 'cwf_claimtask' - workflowRequirementsService.clearInProgressUsers(c, wfi); - xmlWorkflowService.deleteAllTasks(c,wfi); - // Remove (if any) the workflowItemroles for this item - workflowItemRoleService.deleteForWorkflowItem(c, wfi); - //Removemos el workflowItem - xmlWorkflowItemService.deleteWrapper(c, wfi); - //Apago el sistema de autorizaciones para que se pueda eliminar el item (ademas ya chequeamos permisos antes) - c.turnOffAuthorisationSystem(); - // Remove item - itemService.delete(c,item); - c.restoreAuthSystemState(); - - - c.commit(); - return new ActionResult(ActionResult.TYPE.TYPE_SUBMISSION_PAGE); + AuthorizeService authorizeService= AuthorizeServiceFactory.getInstance().getAuthorizeService(); + XmlWorkflowService xmlWorkflowService = XmlWorkflowServiceFactory.getInstance().getXmlWorkflowService(); + WorkflowRequirementsService workflowRequirementsService=XmlWorkflowServiceFactory.getInstance().getWorkflowRequirementsService(); + WorkflowItemRoleService workflowItemRoleService=XmlWorkflowServiceFactory.getInstance().getWorkflowItemRoleService(); + XmlWorkflowItemService xmlWorkflowItemService=XmlWorkflowServiceFactory.getInstance().getXmlWorkflowItemService(); + ItemService itemService= ContentServiceFactory.getInstance().getItemService(); + + Item item =wfi.getItem(); + //Check for permission + authorizeService.authorizeAction(c, item, Constants.DELETE); + + //Remove references from 'cwf_in_progress_user' and 'cwf_claimtask' tables + workflowRequirementsService.clearInProgressUsers(c, wfi); + xmlWorkflowService.deleteAllTasks(c,wfi); + + //Remove (if any) the workflowItemroles for this item + workflowItemRoleService.deleteForWorkflowItem(c, wfi); + + //Remove the workflowItem + xmlWorkflowItemService.deleteWrapper(c, wfi); + + //Shut down authorization system + c.turnOffAuthorisationSystem(); + //Remove item + itemService.delete(c,item); + c.restoreAuthSystemState(); + + c.commit(); + return new ActionResult(ActionResult.TYPE.TYPE_SUBMISSION_PAGE); } + //Cancel, go back to the main task page request.setAttribute("page", MAIN_PAGE); - return new ActionResult(ActionResult.TYPE.TYPE_PAGE); - } } diff --git a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java index 9cf6f598daca..8bc713b664ff 100644 --- a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java +++ b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/aspect/xmlworkflow/actions/processingaction/AcceptEditRejectAction.java @@ -14,8 +14,11 @@ import org.dspace.app.xmlui.wing.WingException; import org.dspace.app.xmlui.wing.element.*; import org.dspace.authorize.AuthorizeException; +import org.dspace.authorize.factory.AuthorizeServiceFactory; +import org.dspace.authorize.service.AuthorizeService; import org.dspace.content.Collection; import org.dspace.content.Item; +import org.dspace.core.Constants; import org.dspace.xmlworkflow.state.actions.Action; import org.dspace.xmlworkflow.state.actions.processingaction.ReviewAction; import org.xml.sax.SAXException; @@ -119,7 +122,8 @@ public void addBody(Body body) throws SAXException, WingException, SQLException, div.addHidden("submission-continue").setValue(knot.getId()); } - private void renderMainPage(Division div) throws WingException { + private void renderMainPage(Division div) throws WingException, SQLException { + AuthorizeService authorizeService= AuthorizeServiceFactory.getInstance().getAuthorizeService(); Table table = div.addTable("workflow-actions", 1, 1); table.setHead(T_info1); @@ -132,11 +136,13 @@ private void renderMainPage(Division div) throws WingException { row = table.addRow(); row.addCellContent(T_reject_help); row.addCell().addButton("submit_reject").setValue(T_reject_submit); - - row = table.addRow(); - row.addCellContent(T_delete_help); - row.addCell().addButton("submit_delete").setValue(T_delete_submit); + //Delete item + if (authorizeService.authorizeActionBoolean(context, workflowItem.getItem(), Constants.DELETE)) { + row = table.addRow(); + row.addCellContent(T_delete_help); + row.addCell().addButton("submit_delete").setValue(T_delete_submit); + } // Edit metadata row = table.addRow(); row.addCellContent(T_edit_help); @@ -152,7 +158,6 @@ private void renderMainPage(Division div) throws WingException { private void renderRejectPage(Division div) throws WingException { Request request = ObjectModelHelper.getRequest(objectModel); - List form = div.addList("reject-workflow",List.TYPE_FORM); form.addItem(T_info2); @@ -173,17 +178,17 @@ private void renderRejectPage(Division div) throws WingException { actions.addButton("submit_cancel").setValue(T_submit_cancel); } + private void renderDeletePage(Division div) throws WingException { Division divNotice = div.addDivision("general-message","notice failure"); divNotice.addPara(T_info3); - List form = div.addList("delete-workflow",List.TYPE_FORM); + List form = div.addList("delete-workflow",List.TYPE_FORM); div.addHidden("page").setValue(org.dspace.xmlworkflow.state.actions.processingaction.AcceptEditRejectAction.DELETE_PAGE); org.dspace.app.xmlui.wing.element.Item actions = form.addItem(); actions.addButton("submit_delete").setValue(T_delete_submit); actions.addButton("submit_cancel").setValue(T_submit_cancel); - } }