|
|
|
@ -27,7 +27,7 @@ define('DS_COMP_STREAM', 'DS-COMPOSITE-MODEL'); |
|
|
|
|
|
|
|
|
|
|
|
// Permissions |
|
|
|
// Permissions |
|
|
|
define('FEDORA_VIEW_OBJECTS', 'view fedora repository objects'); |
|
|
|
define('FEDORA_VIEW_OBJECTS', 'view fedora repository objects'); |
|
|
|
define('FEDORA_VIEW_DATASTREAMS', 'view fedora repository datastreams'); |
|
|
|
define('FEDORA_MANAGE_DATASTREAMS', 'view fedora repository datastreams'); |
|
|
|
define('FEDORA_METADATA_EDIT', 'edit fedora metadata'); |
|
|
|
define('FEDORA_METADATA_EDIT', 'edit fedora metadata'); |
|
|
|
define('FEDORA_ADD_DS', 'add fedora datastreams'); |
|
|
|
define('FEDORA_ADD_DS', 'add fedora datastreams'); |
|
|
|
define('FEDORA_INGEST', 'ingest fedora objects'); |
|
|
|
define('FEDORA_INGEST', 'ingest fedora objects'); |
|
|
|
@ -90,7 +90,7 @@ function islandora_menu() { |
|
|
|
'page arguments' => array(2), |
|
|
|
'page arguments' => array(2), |
|
|
|
'type' => MENU_NORMAL_ITEM, |
|
|
|
'type' => MENU_NORMAL_ITEM, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_VIEW_OBJECTS), 2), |
|
|
|
'access arguments' => array(FEDORA_VIEW_OBJECTS, 2), |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/view'] = array( |
|
|
|
$items['islandora/object/%islandora_object/view'] = array( |
|
|
|
'title' => 'View', |
|
|
|
'title' => 'View', |
|
|
|
@ -107,8 +107,8 @@ function islandora_menu() { |
|
|
|
'page callback' => 'islandora_edit_object', |
|
|
|
'page callback' => 'islandora_edit_object', |
|
|
|
'page arguments' => array(2), |
|
|
|
'page arguments' => array(2), |
|
|
|
'type' => MENU_LOCAL_TASK, |
|
|
|
'type' => MENU_LOCAL_TASK, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_manage_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_VIEW_OBJECTS, FEDORA_VIEW_DATASTREAMS), 2), |
|
|
|
'access arguments' => array(array(FEDORA_MANAGE_DATASTREAMS, FEDORA_MANAGE_PROPERTIES, FEDORA_ADD_DS), 2), |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams'] = array( |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams'] = array( |
|
|
|
'title' => 'Datastreams', |
|
|
|
'title' => 'Datastreams', |
|
|
|
@ -122,7 +122,7 @@ function islandora_menu() { |
|
|
|
'page arguments' => array('islandora_object_properties_form', 2), |
|
|
|
'page arguments' => array('islandora_object_properties_form', 2), |
|
|
|
'type' => MENU_LOCAL_TASK, |
|
|
|
'type' => MENU_LOCAL_TASK, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_MANAGE_PROPERTIES), 2), |
|
|
|
'access arguments' => array(FEDORA_MANAGE_PROPERTIES, 2), |
|
|
|
'weight' => -5, |
|
|
|
'weight' => -5, |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/delete'] = array( |
|
|
|
$items['islandora/object/%islandora_object/delete'] = array( |
|
|
|
@ -132,7 +132,7 @@ function islandora_menu() { |
|
|
|
'page arguments' => array('islandora_delete_object_form', 2), |
|
|
|
'page arguments' => array('islandora_delete_object_form', 2), |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_PURGE), 2), |
|
|
|
'access arguments' => array(FEDORA_PURGE, 2), |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams/add'] = array( |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams/add'] = array( |
|
|
|
'title' => 'Add a datastream', |
|
|
|
'title' => 'Add a datastream', |
|
|
|
@ -141,7 +141,7 @@ function islandora_menu() { |
|
|
|
'page arguments' => array('islandora_add_datastream_form', 2), |
|
|
|
'page arguments' => array('islandora_add_datastream_form', 2), |
|
|
|
'type' => MENU_LOCAL_ACTION, |
|
|
|
'type' => MENU_LOCAL_ACTION, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_ADD_DS), 2) |
|
|
|
'access arguments' => array(FEDORA_ADD_DS, 2) |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams/add/autocomplete'] = array( |
|
|
|
$items['islandora/object/%islandora_object/manage/datastreams/add/autocomplete'] = array( |
|
|
|
'file' => 'includes/add_datastream.form.inc', |
|
|
|
'file' => 'includes/add_datastream.form.inc', |
|
|
|
@ -149,7 +149,7 @@ function islandora_menu() { |
|
|
|
'page arguments' => array(2), |
|
|
|
'page arguments' => array(2), |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access callback' => 'islandora_object_access_callback', |
|
|
|
'access arguments' => array(array(FEDORA_ADD_DS), 2) |
|
|
|
'access arguments' => array(FEDORA_ADD_DS, 2) |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/datastream/%islandora_datastream'] = array( |
|
|
|
$items['islandora/object/%islandora_object/datastream/%islandora_datastream'] = array( |
|
|
|
'title' => 'View datastream', |
|
|
|
'title' => 'View datastream', |
|
|
|
@ -158,7 +158,7 @@ function islandora_menu() { |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'file' => 'includes/datastream.inc', |
|
|
|
'file' => 'includes/datastream.inc', |
|
|
|
'access callback' => 'islandora_object_datastream_access_callback', |
|
|
|
'access callback' => 'islandora_object_datastream_access_callback', |
|
|
|
'access arguments' => array(FEDORA_VIEW_DATASTREAMS, 2, 4), |
|
|
|
'access arguments' => array(FEDORA_VIEW_OBJECTS, 2, 4), |
|
|
|
'load arguments' => array(2), |
|
|
|
'load arguments' => array(2), |
|
|
|
); |
|
|
|
); |
|
|
|
// This menu item uses token authentication in islandora_tokened_object. |
|
|
|
// This menu item uses token authentication in islandora_tokened_object. |
|
|
|
@ -174,7 +174,7 @@ function islandora_menu() { |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'type' => MENU_CALLBACK, |
|
|
|
'file' => 'includes/datastream.inc', |
|
|
|
'file' => 'includes/datastream.inc', |
|
|
|
'access callback' => 'islandora_object_datastream_access_callback', |
|
|
|
'access callback' => 'islandora_object_datastream_access_callback', |
|
|
|
'access arguments' => array(FEDORA_VIEW_DATASTREAMS, 2, 4), |
|
|
|
'access arguments' => array(FEDORA_VIEW_OBJECTS, 2, 4), |
|
|
|
'load arguments' => array(2), |
|
|
|
'load arguments' => array(2), |
|
|
|
); |
|
|
|
); |
|
|
|
$items['islandora/object/%islandora_object/datastream/%islandora_datastream/edit'] = array( |
|
|
|
$items['islandora/object/%islandora_object/datastream/%islandora_datastream/edit'] = array( |
|
|
|
@ -252,9 +252,9 @@ function islandora_permission() { |
|
|
|
'title' => t('View repository objects'), |
|
|
|
'title' => t('View repository objects'), |
|
|
|
'description' => t('View objects in the repository. Note: Fedora XACML security policies may override this permission.') |
|
|
|
'description' => t('View objects in the repository. Note: Fedora XACML security policies may override this permission.') |
|
|
|
), |
|
|
|
), |
|
|
|
FEDORA_VIEW_DATASTREAMS => array( |
|
|
|
FEDORA_MANAGE_DATASTREAMS => array( |
|
|
|
'title' => t('View repository object datastreams'), |
|
|
|
'title' => t('Manage repository object datastreams'), |
|
|
|
'description' => t('View datastreams of objects in the repository. Note: Fedora XACML security policies may override this permission.') |
|
|
|
'description' => t('Manage datastreams of objects in the repository. Note: Fedora XACML security policies may override this permission.') |
|
|
|
), |
|
|
|
), |
|
|
|
FEDORA_ADD_DS => array( |
|
|
|
FEDORA_ADD_DS => array( |
|
|
|
'title' => t('Add datastreams to repository objects'), |
|
|
|
'title' => t('Add datastreams to repository objects'), |
|
|
|
@ -302,8 +302,8 @@ function islandora_forms($form_id) { |
|
|
|
* @see islandora_object_load() To find potential solutions to enable |
|
|
|
* @see islandora_object_load() To find potential solutions to enable |
|
|
|
* page not found errors. |
|
|
|
* page not found errors. |
|
|
|
* |
|
|
|
* |
|
|
|
* @param string $perms |
|
|
|
* @param string $perm |
|
|
|
* Array of user permission to test for. |
|
|
|
* User permission to test for. |
|
|
|
* @param FedoraObject $object |
|
|
|
* @param FedoraObject $object |
|
|
|
* The object to test, if NULL given the object doesn't exist or is |
|
|
|
* The object to test, if NULL given the object doesn't exist or is |
|
|
|
* inaccessible. |
|
|
|
* inaccessible. |
|
|
|
@ -311,7 +311,7 @@ function islandora_forms($form_id) { |
|
|
|
* @return boolean |
|
|
|
* @return boolean |
|
|
|
* TRUE if the user is allowed to access this object, FALSE otherwise. |
|
|
|
* TRUE if the user is allowed to access this object, FALSE otherwise. |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
function islandora_object_access_callback($perms, $object = NULL) { |
|
|
|
function islandora_object_access_callback($perm, $object = NULL) { |
|
|
|
module_load_include('inc', 'islandora', 'includes/utilities'); |
|
|
|
module_load_include('inc', 'islandora', 'includes/utilities'); |
|
|
|
|
|
|
|
|
|
|
|
if (!$object && !islandora_describe_repository()) { |
|
|
|
if (!$object && !islandora_describe_repository()) { |
|
|
|
@ -319,14 +319,7 @@ function islandora_object_access_callback($perms, $object = NULL) { |
|
|
|
return FALSE; |
|
|
|
return FALSE; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Check to see if user has one of any of the allowable permissions |
|
|
|
return user_access($perm) && is_object($object) && islandora_namespace_accessible($object->id); |
|
|
|
$has_access = FALSE; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for ($i = 0; $i < count($perms) && !$has_access; $i++) { |
|
|
|
|
|
|
|
$has_access = $has_access || user_access($perms[$i]); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return $has_access && is_object($object) && islandora_namespace_accessible($object->id); |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
/** |
|
|
|
@ -356,6 +349,41 @@ function islandora_object_datastream_access_callback($perm, $object = NULL, $dat |
|
|
|
return user_access($perm) && is_object($object) && islandora_namespace_accessible($object->id) && is_object($datastream); |
|
|
|
return user_access($perm) && is_object($object) && islandora_namespace_accessible($object->id) && is_object($datastream); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|
|
|
* Checks whether the user can access the given object's manage tab |
|
|
|
|
|
|
|
* with the given array of permissions. |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* Checks for object existance, accessiblitly, namespace permissions, |
|
|
|
|
|
|
|
* and user permissions |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* @see islandora_object_load() To find potential solutions to enable |
|
|
|
|
|
|
|
* page not found errors. |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* @param array $perms |
|
|
|
|
|
|
|
* Array of user permission to test for. |
|
|
|
|
|
|
|
* @param FedoraObject $object |
|
|
|
|
|
|
|
* The object to test, if NULL given the object doesn't exist or is |
|
|
|
|
|
|
|
* inaccessible. |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* @return boolean |
|
|
|
|
|
|
|
* TRUE if the user is allowed to access this object, FALSE otherwise. |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
function islandora_object_manage_access_callback($perms, $object = NULL) { |
|
|
|
|
|
|
|
module_load_include('inc', 'islandora', 'includes/utilities'); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!$object && !islandora_describe_repository()) { |
|
|
|
|
|
|
|
islandora_display_repository_inaccessible_message(); |
|
|
|
|
|
|
|
return FALSE; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$has_access = FALSE; |
|
|
|
|
|
|
|
for ($i = 0; $i < count($perms) && !$has_access; $i++) { |
|
|
|
|
|
|
|
$has_access = $has_access || user_access($perms[$i]); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return $has_access && is_object($object) && islandora_namespace_accessible($object->id); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
/** |
|
|
|
* Renders the given objects manage page. |
|
|
|
* Renders the given objects manage page. |
|
|
|
* |
|
|
|
* |
|
|
|
|
Daniel Lamb
12 years ago