Merge branch 'main' into fix-tooltip

.github/PULL_REQUEST_TEMPLATE.md

@@ -25,11 +25,39 @@ A description of what steps someone could take to:
 Any additional information that you think would be helpful when reviewing this PR.
 
 Example:
-* Does this change require documentation to be updated? 
-* Does this change add any new dependencies? 
-* Does this change require any other modifications to be made to the repository? 
+* Does this change require documentation to be updated?
+* Does this change add any new dependencies?
+* Does this change require any other modifications to be made to the repository?
 * Could this change impact execution of existing code?
-* Large pull requests should be avoided. If this PR is large (more than 1,000 lines of codes), please provide short explanation why your contribution can't be decoupled in smaller PRs. 
+* Large pull requests should be avoided. If this PR is large (more than 1,000 lines of codes), please provide short explanation why your contribution can't be decoupled in smaller PRs.
 
 # Interested parties
 Tag (@ mention) interested parties or, if unsure, @VIVO-project/vivo-committers
+
+# Reviewers' expertise
+**Please add any new expertise in the list which might be needed for reviewing your PR or remove any of the listed if it is not needed.**
+
+Candidates for reviewing this PR should have some of the following expertises:
+1. Java
+1. HTML, CSS, JavaScript
+1. FreeMarker
+1. SPARQL
+1. Ontologies
+1. Docker
+1. Natural language knowledge
+    1. English
+    2. German
+    3. Spanish
+    4. French
+    5. Portuguese
+    6. Russian
+    7. Serbian
+
+# Reviewers' report template
+**Please update the following template which should be used by reviewers.**
+## General comment
+A reviewer should provide here comments and suggestions for requested changes if any.
+## Testing
+A reviewer should briefly describe here how it was tested
+## Code reviewing
+A reviewer should briefly describe here which part was code reviewed

.gitignore

@@ -19,8 +19,6 @@ utilities/sdb_to_tdb/.work
 **/overlays
 *~
 
-**/.DS_Store
-
 # Eclipse artifacts
 **/.settings
 **/.classpath

api/pom.xml

@@ -7,13 +7,13 @@
 
     <groupId>org.vivoweb</groupId>
     <artifactId>vitro-api</artifactId>
-    <version>1.14.1-SNAPSHOT</version>
+    <version>1.15.1-SNAPSHOT</version>
     <packaging>jar</packaging>
 
     <parent>
         <groupId>org.vivoweb</groupId>
         <artifactId>vitro-project</artifactId>
-        <version>1.14.1-SNAPSHOT</version>
+        <version>1.15.1-SNAPSHOT</version>
         <relativePath>..</relativePath>
     </parent>
 
@@ -65,6 +65,21 @@
             <artifactId>argon2-jvm</artifactId>
             <version>2.11</version>
         </dependency>
+        <dependency>
+            <groupId>net.logicsquad</groupId>
+            <artifactId>nanocaptcha</artifactId>
+            <version>1.5</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.7.36</version>
+        </dependency>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <version>32.0.0-jre</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>fluent-hc</artifactId>
@@ -73,7 +88,7 @@
         <dependency>
             <groupId>org.vivoweb</groupId>
             <artifactId>vitro-dependencies</artifactId>
-            <version>1.14.1-SNAPSHOT</version>
+            <version>1.15.1-SNAPSHOT</version>
             <type>pom</type>
         </dependency>
         <dependency>

api/src/main/java/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java

@@ -2,7 +2,6 @@
 
 package edu.cornell.mannlib.vedit.beans;
 
-import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
@@ -100,9 +99,7 @@ public static UserAccount getCurrentUser(HttpSession session) {
 		if (!getBean(session).isLoggedIn()) {
 			return null;
 		}
-
-		ServletContext ctx = session.getServletContext();
-		WebappDaoFactory wadf = ModelAccess.on(ctx).getWebappDaoFactory();
+		WebappDaoFactory wadf = ModelAccess.getInstance().getWebappDaoFactory();
 		UserAccountsDao userAccountsDao = wadf.getUserAccountsDao();
 		if (userAccountsDao == null) {
 			log.error("No UserAccountsDao");

api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java

@@ -2,6 +2,9 @@
 
 package edu.cornell.mannlib.vedit.controller;
 
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.NOT_RELATED;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_TYPE;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_URI;
 import static edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess.ReasoningOption.ASSERTIONS_ONLY;
 
 import java.text.Collator;
@@ -12,13 +15,11 @@
 import java.util.Comparator;
 import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.LinkedHashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Random;
-import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -27,6 +28,7 @@
 import edu.cornell.mannlib.vedit.util.FormUtils;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSets;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
 import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
@@ -40,7 +42,18 @@
 
 public class BaseEditController extends VitroHttpServlet {
 
+    private static final String OPERATIONS_TO_ROLES = "operationsToRoles";
+
+    public static final String URI_SUPPRESSIONS = "uriSuppressions";
+
+    public static final String TYPE_SUPPRESSIONS = "typeSuppressions";
+
+    public static final String TYPE_SUPPRESSIONS_NOT_RELATED = "typeSuppressionsNotRelated";
+
+    public static final String PROPERTY_SUPPRESSIONS_NOT_RELATED = "propertySuppressionsNotRelated";
+
     public static final String ENTITY_URI_ATTRIBUTE_NAME = "_permissionsEntityURI";
+
     public static final String ENTITY_TYPE_ATTRIBUTE_NAME = "_permissionsEntityType";
 
     public static final boolean FORCE_NEW = true; // when you know you're starting a new edit process
@@ -215,15 +228,13 @@ public String getDefaultLandingPage(HttpServletRequest request) {
     protected static void addAccessAttributes(HttpServletRequest req, String entityURI, AccessObjectType aot) {
         // Add the permissionsEntityURI (if we are creating a new property, this will be empty)
         req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
-
+        String[] namedKeys = new String[0];
         // Get the available permission sets
         List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
         List<RoleInfo> roles = new ArrayList<>();
-        List<String> roleUris = new ArrayList<>();
 
         for (PermissionSet permissionSet : permissionSets) {
             roles.add(new RoleInfo(permissionSet));
-            roleUris.add(permissionSet.getUri());
         }
         List<AccessOperation> accessOperations = AccessOperation.getOperations(aot);
         // Operation, list of roles>
@@ -242,16 +253,110 @@ protected static void addAccessAttributes(HttpServletRequest req, String entityU
                     }
                 }
             }
-            if (!StringUtils.isEmpty(entityURI)) {
-                for (RoleInfo roleInfo : roleInfos) {
-                    if (roleInfo.isEnabled()) {
-                        roleInfo.setGranted(
-                                EntityPolicyController.isGranted(entityURI, aot, operation, roleInfo.getUri()));
-                    }
+            getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        }
+        req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles);
+    }
+
+    private static void getRolePolicyInformation(String entityURI, AccessObjectType aot, String[] namedKeys,
+            AccessOperation operation, List<RoleInfo> roleInfos) {
+        if (!StringUtils.isEmpty(entityURI)) {
+            for (RoleInfo roleInfo : roleInfos) {
+                if (roleInfo.isEnabled()) {
+                    roleInfo.setGranted(
+                            EntityPolicyController.isGranted(entityURI, aot, operation, roleInfo.getUri(), namedKeys));
                 }
             }
         }
-        req.setAttribute("operationsToRoles", operationsToRoles);
+    }
+
+    protected static void addUriSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        // Get the available permission sets
+        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
+        List<RoleInfo> roles = new ArrayList<>();
+
+        for (PermissionSet permissionSet : permissionSets) {
+            roles.add(new RoleInfo(permissionSet));
+        }
+        Map<String, List<RoleInfo>> uriSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        uriSuppressionsToRoles.put(operationName, roleInfos);
+        for (RoleInfo role : roles) {
+            RoleInfo roleCopy = role.clone();
+            roleInfos.add(roleCopy);
+        }
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(URI_SUPPRESSIONS, uriSuppressionsToRoles);
+        req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
+    }
+
+    protected static void addTypeSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        // Get the available permission sets
+        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
+        List<RoleInfo> roles = new ArrayList<>();
+
+        for (PermissionSet permissionSet : permissionSets) {
+            roles.add(new RoleInfo(permissionSet));
+        }
+        Map<String, List<RoleInfo>> typeSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        typeSuppressionsToRoles.put(operationName, roleInfos);
+        for (RoleInfo role : roles) {
+            RoleInfo roleCopy = role.clone();
+            roleInfos.add(roleCopy);
+        }
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(TYPE_SUPPRESSIONS, typeSuppressionsToRoles);
+    }
+
+    protected static void addNotRelatedTypeSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+
+        RoleInfo role = getSelfEditorRole(req);
+        Map<String, List<RoleInfo>> typeSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        typeSuppressionsToRoles.put(operationName, roleInfos);
+        roleInfos.add(role);
+
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(TYPE_SUPPRESSIONS_NOT_RELATED, typeSuppressionsToRoles);
+    }
+
+    protected static RoleInfo getSelfEditorRole(HttpServletRequest req) {
+        PermissionSet permissionSet = ModelAccess.on(req).getWebappDaoFactory().getUserAccountsDao()
+                .getPermissionSetByUri(PermissionSets.URI_SELF_EDITOR);
+        RoleInfo role = new RoleInfo(permissionSet);
+        return role;
+    }
+
+    protected static void addNotRelatedPropertySuppressions(HttpServletRequest req, String entityURI,
+            AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+
+        RoleInfo role = getSelfEditorRole(req);
+        Map<String, List<RoleInfo>> propertySuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        propertySuppressionsToRoles.put(operationName, roleInfos);
+        roleInfos.add(role);
+
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(PROPERTY_SUPPRESSIONS_NOT_RELATED, propertySuppressionsToRoles);
     }
 
     static boolean isPublicForbiddenOperation(AccessOperation operation) {