Polishing

TIER · Nov 4, 2022 · c3c73b9 · c3c73b9
1 parent 897f921
commit c3c73b9
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 7 deletions.
diff --git a/...du/internet2/tier/shibboleth/admin/ui/security/permission/IShibUiPermissionEvaluator.java b/...du/internet2/tier/shibboleth/admin/ui/security/permission/IShibUiPermissionEvaluator.java
@@ -3,6 +3,7 @@
 import edu.internet2.tier.shibboleth.admin.ui.domain.Auditable;
 import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException;
 import liquibase.pro.packaged.T;
+import org.apache.commons.lang.NotImplementedException;
 import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;
 
@@ -22,5 +23,7 @@ public interface IShibUiPermissionEvaluator extends PermissionEvaluator {
      */
     Collection getPersistentEntities(Authentication authentication, ShibUiPermissibleType type, PermissionType permissionType) throws ForbiddenException;
 
-    <T extends Auditable> Collection<T> getAuditableEntities(Authentication authentication, Class<T> auditableType, PermissionType permissionType);
+    default <T extends Auditable> Collection<T> getAuditableEntities(Authentication authentication,
+                                                                     Class<T> auditableType,
+                                                                     PermissionType permissionType) throws ForbiddenException {throw new NotImplementedException();}
 }
diff --git a/.../edu/internet2/tier/shibboleth/admin/ui/security/permission/ShibUiPermissionDelegate.java b/.../edu/internet2/tier/shibboleth/admin/ui/security/permission/ShibUiPermissionDelegate.java
@@ -30,7 +30,7 @@ public Collection getPersistentEntities(Authentication authentication, ShibUiPer
         switch (shibUiType) {
         case entityDescriptorProjection:
             switch (permissionType) {
-            case approver:
+            case approve:
                 return getAllEntityDescriptorProjectionsNeedingApprovalBasedOnUserAccess();
             case enable:
                 // This particular list is used for an admin function, so the user must be an ADMIN
@@ -67,7 +67,7 @@ public boolean hasPermission(Authentication authentication, Object targetDomainO
         switch ((PermissionType) permission) {
         case admin: // we don't care about the object - the user is an admin or not
             return userService.currentUserIsAdmin();
-        case approver:
+        case approve:
             if (userService.currentUserIsAdmin()) { return true; }
             return targetDomainObject instanceof IApprovable ? userService.getGroupsCurrentUserCanApprove().contains(((IApprovable)targetDomainObject).getIdOfOwner()) : false;
         case enable:
@@ -84,4 +84,4 @@ public boolean hasPermission(Authentication authentication, Object targetDomainO
     public boolean hasPermission(Authentication authentication, Serializable targetId, String target, Object permission) {
         return false; // Unused and Unimplemented - we don't need for this implementation to lookup objects
     }
-}
+}
diff --git a/...n/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/...n/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
@@ -183,7 +183,7 @@ public EntityDescriptorRepresentation changeApproveStatusOfEntityDescriptor(Stri
         if (ed == null) {
             throw new PersistentEntityNotFound("Entity with resourceid[" + resourceId + "] was not found for approval");
         }
-        if (!shibUiService.hasPermission(userService.getCurrentUserAuthentication(), ed, PermissionType.approver)) {
+        if (!shibUiService.hasPermission(userService.getCurrentUserAuthentication(), ed, PermissionType.approve)) {
             throw new ForbiddenException("You do not have the permissions necessary to approve this entity descriptor.");
         }
         if (status) { // approve
@@ -501,7 +501,7 @@ public List<EntityDescriptorProjection> getAllEntityDescriptorProjectionsBasedOn
      */
     @Override
     public List<EntityDescriptorProjection> getAllEntityDescriptorProjectionsNeedingApprovalBasedOnUserAccess() throws ForbiddenException {
-        return (List<EntityDescriptorProjection>) shibUiService.getPersistentEntities(userService.getCurrentUserAuthentication(), ShibUiPermissibleType.entityDescriptorProjection, PermissionType.approver);
+        return (List<EntityDescriptorProjection>) shibUiService.getPersistentEntities(userService.getCurrentUserAuthentication(), ShibUiPermissibleType.entityDescriptorProjection, PermissionType.approve);
     }
 
     @Override
@@ -691,4 +691,4 @@ private void validateEntityIdAndACSUrls(EntityDescriptorRepresentation edRep) th
             }
         }
     }
-}
+}