git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2010 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 /*
  25  * To change this template, choose Tools | Templates
  26  * and open the template in the editor.
  27  */
  28 package org.collectionspace.services.security.client.test;
  29
  30 import java.util.ArrayList;
  31 import java.util.Collection;
  32 import java.util.Date;
  33 import java.util.Hashtable;
  34 import java.util.List;
  35
  36 import javax.ws.rs.core.MediaType;
  37 import javax.ws.rs.core.Response;
  38
  39 import org.collectionspace.services.account.AccountsCommon;
  40 import org.collectionspace.services.authorization.AccountRole;
  41 import org.collectionspace.services.authorization.AccountValue;
  42 import org.collectionspace.services.authorization.perms.ActionType;
  43 import org.collectionspace.services.authorization.perms.EffectType;
  44 import org.collectionspace.services.authorization.perms.Permission;
  45 import org.collectionspace.services.authorization.perms.PermissionAction;
  46 import org.collectionspace.services.authorization.PermissionRole;
  47 import org.collectionspace.services.authorization.PermissionValue;
  48 import org.collectionspace.services.authorization.Role;
  49 import org.collectionspace.services.authorization.RoleValue;
  50 import org.collectionspace.services.client.AccountClient;
  51 import org.collectionspace.services.client.AccountFactory;
  52 import org.collectionspace.services.client.AccountRoleClient;
  53 import org.collectionspace.services.client.AccountRoleFactory;
  54 import org.collectionspace.services.client.CollectionSpaceClient;
  55 import org.collectionspace.services.client.DimensionClient;
  56 import org.collectionspace.services.client.DimensionFactory;
  57 import org.collectionspace.services.client.IntakeClient;
  58 import org.collectionspace.services.client.PayloadOutputPart;
  59 import org.collectionspace.services.client.PermissionClient;
  60 import org.collectionspace.services.client.PermissionFactory;
  61 import org.collectionspace.services.client.PermissionRoleClient;
  62 import org.collectionspace.services.client.PermissionRoleFactory;
  63 import org.collectionspace.services.client.PoxPayloadIn;
  64 import org.collectionspace.services.client.PoxPayloadOut;
  65 import org.collectionspace.services.client.RoleClient;
  66 import org.collectionspace.services.client.RoleFactory;
  67 import org.collectionspace.services.client.test.BaseServiceTest;
  68 import org.collectionspace.services.dimension.DimensionsCommon;
  69 import org.collectionspace.services.intake.IntakesCommon;
  70 import org.collectionspace.services.jaxb.AbstractCommonList;
  71 import org.testng.Assert;
  72 import org.testng.annotations.Test;
  73 import org.testng.annotations.AfterClass;
  74 import org.testng.annotations.BeforeClass;
  75 import org.slf4j.Logger;
  76 import org.slf4j.LoggerFactory;
  77
  78 /**
  79  * AuthorizationServiceTest, carries out tests against a
  80  * deployed and running Permission, Role, AccountRole, PermissionRole and
  81  * CollectionObject Services.
  82  *
  83  * Pre-requisite : authorization-mgt/client tests seed some permissions used
  84  * by this test
  85  *
  86  * $LastChangedRevision: 917 $
  87  * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $
  88  */
  89 public class AuthorizationServiceTest extends BaseServiceTest<AbstractCommonList> {
  90
  91     private final String CLASS_NAME = AuthorizationServiceTest.class.getName();
  92     private final Logger logger = LoggerFactory.getLogger(CLASS_NAME);
  93     // Instance variables specific to this test.
  94     private Hashtable<String, AccountValue> accValues = new Hashtable<String, AccountValue>();
  95     //key for permValues is id as there could be several perms for the same resource
  96     private Hashtable<String, PermissionValue> permValues = new Hashtable<String, PermissionValue>();
  97     //key for roleValues is roleName
  98     private Hashtable<String, RoleValue> roleValues = new Hashtable<String, RoleValue>();
  99     private String bigbirdPermId;
 100     private String elmoPermId;
 101     private final static String TEST_SERVICE_NAME = "dimensions";
 102     private boolean accountRolesFlipped = false;
 103     /*
 104      * This method is called only by the parent class, AbstractServiceTestImpl
 105      */
 106
 107     @Override
 108         protected String getServiceName() {
 109         // no need to return anything but null since no auth resources are
 110         // accessed
 111         throw new UnsupportedOperationException();
 112         }
 113
 114     @Override
 115     protected String getServicePathComponent() {
 116         // no need to return anything but null since no auth resources are
 117         // accessed
 118         throw new UnsupportedOperationException();
 119     }
 120
 121     @BeforeClass(alwaysRun = true)
 122     public void seedData() {
 123         seedPermissions();
 124         seedRoles();
 125         seedAccounts();
 126         seedAccountRoles();
 127         seedPermissionRoles();
 128     }
 129
 130     private void seedPermissions() {
 131         String res = TEST_SERVICE_NAME;
 132
 133         PermissionAction pac = new PermissionAction();
 134         pac.setName(ActionType.CREATE);
 135         PermissionAction par = new PermissionAction();
 136         par.setName(ActionType.READ);
 137         PermissionAction pau = new PermissionAction();
 138         pau.setName(ActionType.UPDATE);
 139
 140
 141         //bigbird can create, read and update but not delete
 142         List<PermissionAction> bbactions = new ArrayList<PermissionAction>();
 143         bbactions.add(pac);
 144         bbactions.add(par);
 145         bbactions.add(pau);
 146         bigbirdPermId = createPermission(res, bbactions, EffectType.PERMIT);
 147         PermissionValue bbpv = new PermissionValue();
 148         bbpv.setResourceName(res);
 149         bbpv.setPermissionId(bigbirdPermId);
 150         permValues.put(bbpv.getPermissionId(), bbpv);
 151
 152         //elmo can only read
 153         List<PermissionAction> eactions = new ArrayList<PermissionAction>();
 154         eactions.add(par);
 155         elmoPermId = createPermission(res, eactions, EffectType.PERMIT);
 156         PermissionValue epv = new PermissionValue();
 157         epv.setResourceName(res);
 158         epv.setPermissionId(elmoPermId);
 159         permValues.put(epv.getPermissionId(), epv);
 160     }
 161
 162     private void seedRoles() {
 163         String rn1 = "ROLE_TEST_CM";
 164         String r1RoleId = createRole(rn1);
 165         RoleValue rv1 = new RoleValue();
 166         rv1.setRoleId(r1RoleId);
 167         rv1.setRoleName(rn1);
 168         roleValues.put(rv1.getRoleName(), rv1);
 169
 170         String rn2 = "ROLE_TEST_INTERN";
 171         String r2RoleId = createRole(rn2);
 172         RoleValue rv2 = new RoleValue();
 173         rv2.setRoleId(r2RoleId);
 174         rv2.setRoleName(rn2);
 175         roleValues.put(rv2.getRoleName(), rv2);
 176     }
 177
 178     private void seedAccounts() {
 179         String userId1 = "bigbird2010";
 180         String accId1 = createAccount(userId1, "bigbird@cspace.org");
 181         AccountValue av1 = new AccountValue();
 182         av1.setScreenName(userId1);
 183         av1.setUserId(userId1);
 184         av1.setAccountId(accId1);
 185         accValues.put(av1.getUserId(), av1);
 186
 187         String userId2 = "elmo2010";
 188         String accId2 = createAccount(userId2, "elmo@cspace.org");
 189         AccountValue av2 = new AccountValue();
 190         av2.setScreenName(userId2);
 191         av2.setUserId(userId2);
 192         av2.setAccountId(accId2);
 193         accValues.put(av2.getUserId(), av2);
 194
 195         String userId3 = "lockedOut";
 196         String accId3 = createAccount(userId3, "lockedOut@cspace.org");
 197         AccountValue av3 = new AccountValue();
 198         av3.setScreenName(userId3);
 199         av3.setUserId(userId3);
 200         av3.setAccountId(accId3);
 201         accValues.put(av3.getUserId(), av3);
 202     }
 203
 204     private void seedAccountRoles() {
 205
 206         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 207         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 208         createAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
 209
 210         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 211         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 212         createAccountRole(accValues.get("elmo2010"), elmoRoleValues);
 213     }
 214
 215     private void seedPermissionRoles() {
 216
 217         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 218         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 219         createPermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
 220
 221         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 222         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 223         createPermissionRole(permValues.get(elmoPermId), elmoRoleValues);
 224
 225     }
 226
 227
 228     /* (non-Javadoc)
 229      * @see org.collectionspace.services.client.test.BaseServiceTest#getClientInstance()
 230      */
 231     @Override
 232     protected CollectionSpaceClient getClientInstance() {
 233         // This method is meaningless to this test.
 234         return null;
 235     }
 236
 237         @Override
 238         protected CollectionSpaceClient getClientInstance(String clientPropertiesFilename) {
 239                 // TODO Auto-generated method stub
 240                 return null;
 241         }
 242
 243     // ---------------------------------------------------------------
 244     // CRUD tests : CREATE tests
 245     // ---------------------------------------------------------------
 246     // Success outcomes
 247
 248     @Test(dataProvider = "testName")
 249     public void create(String testName) throws Exception {
 250         int statusCode;
 251         setupCreate();
 252
 253         // Submit the request to the service and store the response.
 254         DimensionClient client = new DimensionClient();
 255         //bigbird allowed to create
 256         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 257         String identifier = createIdentifier();
 258         DimensionsCommon dimension = new DimensionsCommon();
 259         dimension.setDimension("dimensionType");
 260         dimension.setMeasurementUnit("measurementUnit-" + identifier);
 261         dimension.setValueDate(new Date().toString());
 262         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
 263                 dimension);
 264         Response res = client.create(multipart);
 265         try {
 266                 statusCode = res.getStatus();
 267                 if (logger.isDebugEnabled()) {
 268                     logger.debug(testName + ": status = " + statusCode);
 269                 }
 270                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 271                         invalidStatusCodeMessage(testRequestType, statusCode));
 272                 Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
 273                 knownResourceId = extractId(res);
 274                 if (logger.isDebugEnabled()) {
 275                     logger.debug(testName + ": knownResourceId=" + knownResourceId);
 276                 }
 277         } finally {
 278                 res.close();
 279         }
 280
 281         // Now verify that elmo cannot create
 282         client = new DimensionClient();
 283         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 284         res = client.create(multipart);
 285         try {
 286                 statusCode = res.getStatus();
 287                 if (logger.isDebugEnabled()) {
 288                     logger.debug(testName + " (verify not allowed): status = " + statusCode);
 289                 }
 290                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 291                         invalidStatusCodeMessage(testRequestType, statusCode));
 292                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 293         } finally {
 294                 res.close();
 295         }
 296
 297         //Finally, verify that elmo has no access to Intakes
 298         // Submit the request to the service and store the response.
 299         IntakeClient iclient = new IntakeClient();
 300         iclient.setAuth(true, "elmo2010", true, "elmo2010", true);
 301         multipart = createIntakeInstance(
 302                 "entryNumber-" + identifier,
 303                 "entryDate-" + identifier,
 304                 "depositor-" + identifier);
 305         res = iclient.create(multipart);
 306         try {
 307                 if (logger.isDebugEnabled()) {
 308                     logger.debug(testName + " (verify create intake not allowed): status = " + statusCode);
 309                 }
 310                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 311                         invalidStatusCodeMessage(testRequestType, statusCode));
 312                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 313         } finally {
 314                 res.close();
 315         }
 316     }
 317
 318     /**
 319      * Creates the intake instance.
 320      *
 321      * @param entryNumber the entry number
 322      * @param entryDate the entry date
 323      * @param depositor the depositor
 324      * @return the multipart output
 325      */
 326     private PoxPayloadOut createIntakeInstance(String entryNumber,
 327                 String entryDate,
 328                 String depositor) {
 329         IntakesCommon intake = new IntakesCommon();
 330         intake.setEntryNumber(entryNumber);
 331         intake.setEntryDate(entryDate);
 332         intake.setDepositor(depositor);
 333
 334         PoxPayloadOut multipart = new PoxPayloadOut(IntakeClient.SERVICE_PAYLOAD_NAME);
 335         PayloadOutputPart commonPart = multipart.addPart(intake, MediaType.APPLICATION_XML_TYPE);
 336         commonPart.setLabel(new IntakeClient().getCommonPartName());
 337
 338         if(logger.isDebugEnabled()){
 339             logger.debug("to be created, intake common");
 340             logger.debug(objectAsXmlString(intake, IntakesCommon.class));
 341         }
 342
 343         return multipart;
 344     }
 345
 346     @Test(dataProvider = "testName",
 347             dependsOnMethods = {"delete"})
 348     public void verifyCreateWithFlippedRoles(String testName) throws Exception {
 349         int statusCode;
 350         setupCreate();
 351
 352         // Submit the request to the service and store the response.
 353         DimensionClient client = new DimensionClient();
 354         flipInitialAccountRoles();
 355
 356         // Now verify that elmo can create
 357         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 358         client = new DimensionClient();
 359
 360         String identifier = createIdentifier();
 361         DimensionsCommon dimension = new DimensionsCommon();
 362         dimension.setDimension("dimensionType");
 363         dimension.setMeasurementUnit("measurementUnit-" + identifier);
 364         dimension.setValueDate(new Date().toString());
 365         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
 366                 dimension);
 367         Response res = client.create(multipart);
 368         try {
 369                 statusCode = res.getStatus();
 370
 371                 if (logger.isDebugEnabled()) {
 372                     logger.debug(testName + ": status = " + statusCode);
 373                 }
 374                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 375                         invalidStatusCodeMessage(testRequestType, statusCode));
 376                 Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
 377                 knownResourceId = extractId(res);
 378                 if (logger.isDebugEnabled()) {
 379                     logger.debug(testName + ": knownResourceId=" + knownResourceId);
 380                 }
 381         } finally {
 382                 res.close();
 383         }
 384
 385         //bigbird no longer allowed to create
 386         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 387         res = client.create(multipart);
 388         try {
 389                 statusCode = res.getStatus();
 390                 if (logger.isDebugEnabled()) {
 391                     logger.debug(testName + " (verify not allowed): status = " + statusCode);
 392                 }
 393                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 394                         invalidStatusCodeMessage(testRequestType, statusCode));
 395                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 396         } finally {
 397                 res.close();
 398         }
 399
 400         restoreInitialAccountRoles();
 401     }
 402
 403     // ---------------------------------------------------------------
 404     // CRUD tests : READ tests
 405     // ---------------------------------------------------------------
 406     // Success outcomes
 407     @Test(dataProvider = "testName",
 408                 dependsOnMethods = {"create"})
 409     public void read(String testName) throws Exception {
 410         // Perform setup.
 411         setupRead();
 412
 413         // Submit the request to the service and store the response.
 414         DimensionClient client = new DimensionClient();
 415         //elmo allowed to read
 416         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 417         Response res = client.read(knownResourceId);
 418         try {
 419                 assertStatusCode(res, testName);
 420                 PoxPayloadIn input = new PoxPayloadIn(res.readEntity(String.class));
 421                 DimensionsCommon dimension = (DimensionsCommon) extractPart(input,
 422                         client.getCommonPartName(), DimensionsCommon.class);
 423                 Assert.assertNotNull(dimension);
 424         } finally {
 425                 if (res != null) {
 426                 res.close();
 427             }
 428         }
 429     }
 430
 431     @Test(dataProvider = "testName",
 432             dependsOnMethods = {"read"})
 433     public void readLockedOut(String testName) throws Exception {
 434         // Perform setup.
 435         setupForbidden();
 436
 437         // Submit the request to the service and store the response.
 438         DimensionClient client = new DimensionClient();
 439         //lockedOut allowed to read
 440         client.setAuth(true, "lockedOut", true, "lockedOut", true);
 441         Response res = client.read(knownResourceId);
 442         try {
 443                 assertStatusCode(res, testName);
 444         } finally {
 445                 if (res != null) {
 446                 res.close();
 447             }
 448         }
 449     }
 450
 451     @Test(dataProvider = "testName",
 452                 dependsOnMethods = {"read"})
 453     public void updateNotAllowed(String testName) throws Exception {
 454         setupForbidden();
 455
 456         // Create a new client and change its AuthN credentials
 457         DimensionClient client = new DimensionClient();
 458         //elmo not allowed to update
 459         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 460         //
 461         // Create a new dimension object
 462         //
 463         DimensionsCommon dimension = new DimensionsCommon();
 464         dimension.setDimension("dimensionType");
 465         // Update the content of this resource.
 466         dimension.setMeasurementUnit("updated-" + dimension.getMeasurementUnit());
 467         dimension.setValueDate("updated-" + dimension.getValueDate());
 468         //
 469         // Create and submit the request to the service and store the response.
 470         //
 471         PoxPayloadOut output = new PoxPayloadOut(DimensionClient.SERVICE_PAYLOAD_NAME);
 472         PayloadOutputPart commonPart = output.addPart(client.getCommonPartName(), dimension);
 473         Response res = client.update(knownResourceId, output);
 474         try {
 475                 assertStatusCode(res, testName);
 476         } finally {
 477                 if (res != null) {
 478                 res.close();
 479             }
 480         }
 481         //
 482         // Create another new client with new credentials
 483         //
 484         client = new DimensionClient();
 485         //lockedOut not allowed to update
 486         client.setAuth(true, "lockedOut", true, "lockedOut", true);
 487         //
 488         // Try the update again.
 489         //
 490         res = client.update(knownResourceId, output);
 491         try {
 492                 assertStatusCode(res, testName);
 493         } finally {
 494                 if (res != null) {
 495                 res.close();
 496             }
 497         }
 498
 499     }
 500
 501     // ---------------------------------------------------------------
 502     // CRUD tests : DELETE tests
 503     // ---------------------------------------------------------------
 504     // Success outcomes
 505     @Test(dataProvider = "testName",
 506                 dependsOnMethods = {"updateNotAllowed"})
 507     public void deleteNotAllowed(String testName) throws Exception {
 508         // Perform setup.
 509         setupForbidden();
 510         //
 511         // Create a new client and change the AuthN credentials
 512         //
 513         DimensionClient client = new DimensionClient();
 514         //bigbird can not delete
 515         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 516         //
 517         // Try to make a DELETE request
 518         //
 519         Response res = client.delete(knownResourceId);
 520         try {
 521                 assertStatusCode(res, testName);
 522         } finally {
 523                 if (res != null) {
 524                 res.close();
 525             }
 526         }
 527     }
 528
 529     @Test(dataProvider = "testName",
 530         dependsOnMethods = {"deleteNotAllowed"})
 531     public void delete(String testName) throws Exception {
 532         // Perform setup.
 533         setupDelete();
 534
 535         // Submit the request to the service and store the response.
 536         DimensionClient client = new DimensionClient();
 537
 538         Response res = client.delete(knownResourceId);
 539         try {
 540                 assertStatusCode(res, testName);
 541         } finally {
 542                 if (res != null) {
 543                 res.close();
 544             }
 545         }
 546     }
 547
 548     // ---------------------------------------------------------------
 549     // Utility methods used by tests above
 550     // ---------------------------------------------------------------
 551     @AfterClass(alwaysRun = true)
 552     public void cleanUp() {
 553         setupDelete();
 554         String noTest = System.getProperty("noTestCleanup");
 555         if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) {
 556             if (logger.isDebugEnabled()) {
 557                 logger.debug("Skipping Cleanup phase ...");
 558             }
 559             return;
 560         }
 561         if (logger.isDebugEnabled()) {
 562             logger.debug("Cleaning up temporary resources created for testing ...");
 563         }
 564
 565         deletePermissionRoles();
 566         deleteAccountRoles();
 567         //FIXME delete on permission deletes all associations with roles
 568         //this would delete association with ROLE_ADMINISTRATOR too
 569         //deletePermissions();
 570         deleteRoles();
 571         deleteAccounts();
 572     }
 573
 574     private void deletePermissionRoles() {
 575         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 576         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 577         deletePermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
 578
 579         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 580         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 581         deletePermissionRole(permValues.get(elmoPermId), elmoRoleValues);
 582     }
 583
 584     private void deleteAccountRoles() {
 585         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 586         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 587
 588         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 589         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 590         if(!accountRolesFlipped) {
 591                 deleteAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
 592                 deleteAccountRole(accValues.get("elmo2010"), elmoRoleValues);
 593         } else {
 594                 deleteAccountRole(accValues.get("bigbird2010"), elmoRoleValues);
 595                 deleteAccountRole(accValues.get("elmo2010"),bigbirdRoleValues );
 596         }
 597     }
 598
 599     private void flipInitialAccountRoles() {
 600         if(!accountRolesFlipped) {
 601                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
 602                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
 603                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 604                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 605
 606                 deleteAccountRole(accValues.get("bigbird2010"), cmRoleValues);
 607                 deleteAccountRole(accValues.get("elmo2010"), internRoleValues);
 608
 609                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
 610                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
 611
 612                 accountRolesFlipped = true;
 613         }
 614     }
 615
 616     private void restoreInitialAccountRoles() {
 617         if(accountRolesFlipped) {
 618                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
 619                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
 620                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 621                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 622
 623                 deleteAccountRole(accValues.get("bigbird2010"), internRoleValues);
 624                 deleteAccountRole(accValues.get("elmo2010"), cmRoleValues);
 625
 626                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
 627                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
 628                 accountRolesFlipped = false;
 629         }
 630     }
 631
 632     private void deletePermissions() {
 633         //delete entities
 634         for (PermissionValue pv : permValues.values()) {
 635             deletePermission(pv.getPermissionId());
 636         }
 637     }
 638
 639     private void deleteRoles() {
 640         for (RoleValue rv : roleValues.values()) {
 641             deleteRole(rv.getRoleId());
 642         }
 643     }
 644
 645     private void deleteAccounts() {
 646
 647         for (AccountValue av1 : accValues.values()) {
 648             deleteAccount(av1.getAccountId());
 649         }
 650     }
 651
 652     private String createPermission(String resName, EffectType effect) {
 653         List<PermissionAction> actions = PermissionFactory.createDefaultActions();
 654         return createPermission(resName, actions, effect);
 655     }
 656
 657     private String createPermission(String resName,
 658             List<PermissionAction> actions, EffectType effect) {
 659         String result = null;
 660
 661         setupCreate();
 662         PermissionClient permClient = new PermissionClient();
 663         Permission permission = PermissionFactory.createPermissionInstance(resName,
 664                 "default permissions for " + resName, actions, effect, true, true, true);
 665         Response res = permClient.create(permission);
 666         try {
 667                 assertStatusCode(res, "CreatePermission");
 668                 result = extractId(res);
 669         } finally {
 670                 if (res != null) {
 671                 res.close();
 672             }
 673         }
 674
 675         return result;
 676     }
 677
 678     private void deletePermission(String permId) {
 679         setupDelete();
 680         PermissionClient permClient = new PermissionClient();
 681         Response res = permClient.delete(permId);
 682         try {
 683                 assertStatusCode(res, "DeletePermission");
 684         } finally {
 685                 if (res != null) {
 686                 res.close();
 687             }
 688         }
 689     }
 690
 691     private String createRole(String roleName) {
 692         String result = null;
 693
 694         setupCreate();
 695         RoleClient roleClient = new RoleClient();
 696         Role role = RoleFactory.createRoleInstance(roleName,
 697                         roleName, //the display name
 698                 "role for " + roleName, true);
 699         Response res = roleClient.create(role);
 700         try {
 701                 assertStatusCode(res, "CreateRole");
 702                 result = extractId(res);
 703         } finally {
 704                 if (res != null) {
 705                 res.close();
 706             }
 707         }
 708
 709         return result;
 710     }
 711
 712     private void deleteRole(String roleId) {
 713         setupDelete();
 714         RoleClient roleClient = new RoleClient();
 715         Response res = roleClient.delete(roleId);
 716         try {
 717                 assertStatusCode(res, "DeleteRole");
 718         } finally {
 719                 if (res != null) {
 720                 res.close();
 721             }
 722         }
 723     }
 724
 725     private String createAccount(String userName, String email) {
 726         String result = null;
 727
 728         setupCreate();
 729         AccountClient accountClient = new AccountClient();
 730         AccountsCommon account = AccountFactory.createAccountInstance(
 731                 userName, userName, userName, email, accountClient.getTenantId(),
 732                 true, false, true, true);
 733         Response res = accountClient.create(account);
 734         try {
 735                 assertStatusCode(res, "CreateAccount");
 736                 result = extractId(res);
 737         } finally {
 738                 if (res != null) {
 739                 res.close();
 740             }
 741         }
 742
 743         return result;
 744     }
 745
 746     private void deleteAccount(String accId) {
 747         setupDelete();
 748         AccountClient accClient = new AccountClient();
 749         Response res = accClient.delete(accId);
 750         try {
 751                 assertStatusCode(res, "DeleteAccount");
 752         } finally {
 753                 if (res != null) {
 754                 res.close();
 755             }
 756         }
 757     }
 758
 759     private String createAccountRole(AccountValue av,
 760             Collection<RoleValue> rvs) {
 761         String result = null;
 762
 763         setupCreate();
 764         // Submit the request to the service and store the response.
 765         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
 766                 av, rvs, true, true);
 767         AccountRoleClient client = new AccountRoleClient();
 768         Response res = client.create(av.getAccountId(), accRole);
 769         try {
 770                 assertStatusCode(res, "CreateAccountRole");
 771                 result = extractId(res);
 772         } finally {
 773                 if (res != null) {
 774                 res.close();
 775             }
 776         }
 777
 778         return result;
 779     }
 780
 781     private void deleteAccountRole(AccountValue av,
 782             Collection<RoleValue> rvs) {
 783         // Perform setup.
 784         setupDelete();
 785
 786         // Submit the request to the service and store the response.
 787         AccountRoleClient client = new AccountRoleClient();
 788         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
 789                 av, rvs, true, true);
 790         Response res = client.delete(av.getAccountId());
 791         try {
 792                 assertStatusCode(res, "DeleteAccountRole");
 793         } finally {
 794                 if (res != null) {
 795                 res.close();
 796             }
 797         }
 798     }
 799
 800     private String createPermissionRole(PermissionValue pv, Collection<RoleValue> rvs) {
 801         String result = null;
 802
 803         setupCreate();
 804         List<RoleValue> rvls = new ArrayList<RoleValue>();
 805         rvls.addAll(rvs);
 806         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
 807                 pv, rvls, true, true);
 808         PermissionRoleClient client = new PermissionRoleClient();
 809         Response res = client.create(pv.getPermissionId(), permRole);
 810         try {
 811                 assertStatusCode(res, "CreatePermissionRole");
 812                 result = extractId(res);
 813         } finally {
 814                 if (res != null) {
 815                 res.close();
 816             }
 817         }
 818
 819         return result;
 820     }
 821
 822     private void deletePermissionRole(PermissionValue pv,
 823             Collection<RoleValue> rvs) {
 824         List<RoleValue> rvls = new ArrayList<RoleValue>();
 825         rvls.addAll(rvs);
 826
 827         // Perform setup.
 828         setupDelete();
 829
 830         // Submit the request to the service and store the response.
 831         PermissionRoleClient client = new PermissionRoleClient();
 832         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
 833                 pv, rvls, true, true);
 834         Response res = client.delete(pv.getPermissionId());
 835         try {
 836                 assertStatusCode(res, "DeletePermissionRole");
 837         } finally {
 838                 if (res != null) {
 839                 res.close();
 840             }
 841         }
 842     }
 843
 844         @Override
 845         protected Class<AbstractCommonList> getCommonListType() {
 846                 throw new UnsupportedOperationException();
 847         }
 848 }