diff --git a/dspace-server-webapp/src/main/java/org/dspace/app/rest/authorization/impl/ItemCorrectionFeature.java b/dspace-server-webapp/src/main/java/org/dspace/app/rest/authorization/impl/ItemCorrectionFeature.java index 47c7e853e34b..0497973c16e8 100644 --- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/authorization/impl/ItemCorrectionFeature.java +++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/authorization/impl/ItemCorrectionFeature.java @@ -16,6 +16,7 @@ import org.dspace.app.rest.authorization.AuthorizationFeatureDocumentation; import org.dspace.app.rest.model.BaseObjectRest; import org.dspace.app.rest.model.ItemRest; +import org.dspace.app.rest.model.SiteRest; import org.dspace.content.Item; import org.dspace.content.edit.CorrectItemMode; import org.dspace.content.security.service.CrisSecurityService; @@ -60,6 +61,10 @@ public class ItemCorrectionFeature implements AuthorizationFeature { @Override @SuppressWarnings("rawtypes") public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLException { + if (object instanceof SiteRest) { + return configurationService.getBooleanProperty("item-correction.enabled", true); + } + if (!(object instanceof ItemRest)) { return false; } @@ -73,7 +78,7 @@ public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLEx @Override public String[] getSupportedTypes() { - return new String[] { ItemRest.CATEGORY + "." + ItemRest.NAME }; + return new String[] { ItemRest.CATEGORY + "." + ItemRest.NAME, SiteRest.CATEGORY + "." + SiteRest.NAME}; } private boolean isAuthorizedToCorrectItem(Context context, ItemRest itemRest) throws SQLException { diff --git a/dspace-server-webapp/src/test/java/org/dspace/app/rest/authorization/ItemCorrectionFeatureRestIT.java b/dspace-server-webapp/src/test/java/org/dspace/app/rest/authorization/ItemCorrectionFeatureRestIT.java index 8fa8ad4b2b50..fdf8d172b538 100644 --- a/dspace-server-webapp/src/test/java/org/dspace/app/rest/authorization/ItemCorrectionFeatureRestIT.java +++ b/dspace-server-webapp/src/test/java/org/dspace/app/rest/authorization/ItemCorrectionFeatureRestIT.java @@ -15,7 +15,10 @@ import org.dspace.app.rest.authorization.impl.ItemCorrectionFeature; import org.dspace.app.rest.converter.ItemConverter; +import org.dspace.app.rest.converter.SiteConverter; import org.dspace.app.rest.model.ItemRest; +import org.dspace.app.rest.model.SiteRest; +import org.dspace.app.rest.projection.DefaultProjection; import org.dspace.app.rest.projection.Projection; import org.dspace.app.rest.test.AbstractControllerIntegrationTest; import org.dspace.app.rest.utils.Utils; @@ -24,6 +27,8 @@ import org.dspace.builder.ItemBuilder; import org.dspace.content.Collection; import org.dspace.content.Item; +import org.dspace.content.Site; +import org.dspace.content.service.SiteService; import org.dspace.eperson.EPerson; import org.dspace.services.ConfigurationService; import org.junit.Before; @@ -37,6 +42,11 @@ * */ public class ItemCorrectionFeatureRestIT extends AbstractControllerIntegrationTest { + @Autowired + private SiteService siteService; + + @Autowired + private SiteConverter siteConverter; @Autowired private ItemConverter itemConverter; @@ -102,6 +112,27 @@ public void testFeatureWithCorrectionDisabled() throws Exception { } + @Test + public void testFeatureWithCorrectionEnabledAndNoItem() throws Exception { + + configurationService.setProperty("item-correction.permit-all", false); + configurationService.setProperty("item-correction.enabled", true); + + String token = getAuthToken(admin.getEmail(), password); + + Site site = siteService.findSite(context); + SiteRest siteRest = siteConverter.convert(site, DefaultProjection.DEFAULT); + + Authorization expectedAuthorization = new Authorization(admin, canCorrectItem, siteRest); + + getClient(token).perform(get("/api/authz/authorizations/search/object") + .param("eperson", String.valueOf(admin.getID())) + .param("uri", utils.linkToSingleResource(siteRest, "self").getHref()) + .param("feature", ItemCorrectionFeature.NAME)) + .andExpect(status().isOk()) + .andExpect(jsonPath("$._embedded.authorizations", hasItem(matchAuthorization(expectedAuthorization)))); + } + @Test public void testFeatureWithAdmin() throws Exception {