git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2010 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 /*
  25  * To change this template, choose Tools | Templates
  26  * and open the template in the editor.
  27  */
  28 package org.collectionspace.services.security.client.test;
  29
  30 import java.util.ArrayList;
  31 import java.util.Collection;
  32 import java.util.Date;
  33 import java.util.Hashtable;
  34 import java.util.List;
  35
  36 import javax.ws.rs.core.MediaType;
  37 import javax.ws.rs.core.Response;
  38 import org.jboss.resteasy.client.ClientResponse;
  39
  40 import org.collectionspace.services.account.AccountsCommon;
  41 import org.collectionspace.services.authorization.AccountRole;
  42 import org.collectionspace.services.authorization.AccountValue;
  43 import org.collectionspace.services.authorization.perms.ActionType;
  44 import org.collectionspace.services.authorization.perms.EffectType;
  45 import org.collectionspace.services.authorization.perms.Permission;
  46 import org.collectionspace.services.authorization.perms.PermissionAction;
  47 import org.collectionspace.services.authorization.PermissionRole;
  48 import org.collectionspace.services.authorization.PermissionValue;
  49 import org.collectionspace.services.authorization.Role;
  50 import org.collectionspace.services.authorization.RoleValue;
  51 import org.collectionspace.services.client.AccountClient;
  52 import org.collectionspace.services.client.AccountFactory;
  53 import org.collectionspace.services.client.AccountRoleClient;
  54 import org.collectionspace.services.client.AccountRoleFactory;
  55 import org.collectionspace.services.client.CollectionSpaceClient;
  56 import org.collectionspace.services.client.DimensionClient;
  57 import org.collectionspace.services.client.DimensionFactory;
  58 import org.collectionspace.services.client.IntakeClient;
  59 import org.collectionspace.services.client.PayloadOutputPart;
  60 import org.collectionspace.services.client.PermissionClient;
  61 import org.collectionspace.services.client.PermissionFactory;
  62 import org.collectionspace.services.client.PermissionRoleClient;
  63 import org.collectionspace.services.client.PermissionRoleFactory;
  64 import org.collectionspace.services.client.PoxPayloadIn;
  65 import org.collectionspace.services.client.PoxPayloadOut;
  66 import org.collectionspace.services.client.RoleClient;
  67 import org.collectionspace.services.client.RoleFactory;
  68 import org.collectionspace.services.client.test.BaseServiceTest;
  69 import org.collectionspace.services.dimension.DimensionsCommon;
  70 import org.collectionspace.services.intake.IntakesCommon;
  71 import org.collectionspace.services.jaxb.AbstractCommonList;
  72
  73 import org.testng.Assert;
  74 import org.testng.annotations.Test;
  75 import org.testng.annotations.AfterClass;
  76 import org.testng.annotations.BeforeClass;
  77
  78 import org.slf4j.Logger;
  79 import org.slf4j.LoggerFactory;
  80
  81 /**
  82  * AuthorizationServiceTest, carries out tests against a
  83  * deployed and running Permission, Role, AccountRole, PermissionRole and
  84  * CollectionObject Services.
  85  *
  86  * Pre-requisite : authorization-mgt/client tests seed some permissions used
  87  * by this test
  88  *
  89  * $LastChangedRevision: 917 $
  90  * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $
  91  */
  92 public class AuthorizationServiceTest extends BaseServiceTest<AbstractCommonList> {
  93
  94     private final String CLASS_NAME = AuthorizationServiceTest.class.getName();
  95     private final Logger logger = LoggerFactory.getLogger(CLASS_NAME);
  96     // Instance variables specific to this test.
  97     private Hashtable<String, AccountValue> accValues = new Hashtable<String, AccountValue>();
  98     //key for permValues is id as there could be several perms for the same resource
  99     private Hashtable<String, PermissionValue> permValues = new Hashtable<String, PermissionValue>();
 100     //key for roleValues is roleName
 101     private Hashtable<String, RoleValue> roleValues = new Hashtable<String, RoleValue>();
 102     private String bigbirdPermId;
 103     private String elmoPermId;
 104     private final static String TEST_SERVICE_NAME = "dimensions";
 105     private boolean accountRolesFlipped = false;
 106     /*
 107      * This method is called only by the parent class, AbstractServiceTestImpl
 108      */
 109
 110     @Override
 111         protected String getServiceName() {
 112         // no need to return anything but null since no auth resources are
 113         // accessed
 114         throw new UnsupportedOperationException();
 115         }
 116
 117     @Override
 118     protected String getServicePathComponent() {
 119         // no need to return anything but null since no auth resources are
 120         // accessed
 121         throw new UnsupportedOperationException();
 122     }
 123
 124     @BeforeClass(alwaysRun = true)
 125     public void seedData() {
 126         seedPermissions();
 127         seedRoles();
 128         seedAccounts();
 129         seedAccountRoles();
 130         seedPermissionRoles();
 131     }
 132
 133     private void seedPermissions() {
 134         String res = TEST_SERVICE_NAME;
 135
 136         PermissionAction pac = new PermissionAction();
 137         pac.setName(ActionType.CREATE);
 138         PermissionAction par = new PermissionAction();
 139         par.setName(ActionType.READ);
 140         PermissionAction pau = new PermissionAction();
 141         pau.setName(ActionType.UPDATE);
 142
 143
 144         //bigbird can create, read and update but not delete
 145         List<PermissionAction> bbactions = new ArrayList<PermissionAction>();
 146         bbactions.add(pac);
 147         bbactions.add(par);
 148         bbactions.add(pau);
 149         bigbirdPermId = createPermission(res, bbactions, EffectType.PERMIT);
 150         PermissionValue bbpv = new PermissionValue();
 151         bbpv.setResourceName(res);
 152         bbpv.setPermissionId(bigbirdPermId);
 153         permValues.put(bbpv.getPermissionId(), bbpv);
 154
 155         //elmo can only read
 156         List<PermissionAction> eactions = new ArrayList<PermissionAction>();
 157         eactions.add(par);
 158         elmoPermId = createPermission(res, eactions, EffectType.PERMIT);
 159         PermissionValue epv = new PermissionValue();
 160         epv.setResourceName(res);
 161         epv.setPermissionId(elmoPermId);
 162         permValues.put(epv.getPermissionId(), epv);
 163     }
 164
 165     private void seedRoles() {
 166         String rn1 = "ROLE_TEST_CM";
 167         String r1RoleId = createRole(rn1);
 168         RoleValue rv1 = new RoleValue();
 169         rv1.setRoleId(r1RoleId);
 170         rv1.setRoleName(rn1);
 171         roleValues.put(rv1.getRoleName(), rv1);
 172
 173         String rn2 = "ROLE_TEST_INTERN";
 174         String r2RoleId = createRole(rn2);
 175         RoleValue rv2 = new RoleValue();
 176         rv2.setRoleId(r2RoleId);
 177         rv2.setRoleName(rn2);
 178         roleValues.put(rv2.getRoleName(), rv2);
 179     }
 180
 181     private void seedAccounts() {
 182         String userId1 = "bigbird2010";
 183         String accId1 = createAccount(userId1, "bigbird@cspace.org");
 184         AccountValue av1 = new AccountValue();
 185         av1.setScreenName(userId1);
 186         av1.setUserId(userId1);
 187         av1.setAccountId(accId1);
 188         accValues.put(av1.getUserId(), av1);
 189
 190         String userId2 = "elmo2010";
 191         String accId2 = createAccount(userId2, "elmo@cspace.org");
 192         AccountValue av2 = new AccountValue();
 193         av2.setScreenName(userId2);
 194         av2.setUserId(userId2);
 195         av2.setAccountId(accId2);
 196         accValues.put(av2.getUserId(), av2);
 197
 198         String userId3 = "lockedOut";
 199         String accId3 = createAccount(userId3, "lockedOut@cspace.org");
 200         AccountValue av3 = new AccountValue();
 201         av3.setScreenName(userId3);
 202         av3.setUserId(userId3);
 203         av3.setAccountId(accId3);
 204         accValues.put(av3.getUserId(), av3);
 205     }
 206
 207     private void seedAccountRoles() {
 208
 209         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 210         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 211         createAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
 212
 213         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 214         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 215         createAccountRole(accValues.get("elmo2010"), elmoRoleValues);
 216     }
 217
 218     private void seedPermissionRoles() {
 219
 220         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 221         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 222         createPermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
 223
 224         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 225         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 226         createPermissionRole(permValues.get(elmoPermId), elmoRoleValues);
 227
 228     }
 229
 230
 231     /* (non-Javadoc)
 232      * @see org.collectionspace.services.client.test.BaseServiceTest#getClientInstance()
 233      */
 234     @Override
 235     protected CollectionSpaceClient getClientInstance() {
 236         // This method is meaningless to this test.
 237         return null;
 238     }
 239
 240     // ---------------------------------------------------------------
 241     // CRUD tests : CREATE tests
 242     // ---------------------------------------------------------------
 243     // Success outcomes
 244
 245     @Test(dataProvider = "testName")
 246     public void create(String testName) throws Exception {
 247         int statusCode;
 248         setupCreate();
 249
 250         // Submit the request to the service and store the response.
 251         DimensionClient client = new DimensionClient();
 252         //bigbird allowed to create
 253         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 254         String identifier = createIdentifier();
 255         DimensionsCommon dimension = new DimensionsCommon();
 256         dimension.setDimension("dimensionType");
 257         dimension.setMeasurementUnit("measurementUnit-" + identifier);
 258         dimension.setValueDate(new Date().toString());
 259         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
 260                 dimension);
 261         Response res = client.create(multipart);
 262         try {
 263                 statusCode = res.getStatus();
 264                 if (logger.isDebugEnabled()) {
 265                     logger.debug(testName + ": status = " + statusCode);
 266                 }
 267                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 268                         invalidStatusCodeMessage(testRequestType, statusCode));
 269                 Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
 270                 knownResourceId = extractId(res);
 271                 if (logger.isDebugEnabled()) {
 272                     logger.debug(testName + ": knownResourceId=" + knownResourceId);
 273                 }
 274         } finally {
 275                 res.close();
 276         }
 277
 278         // Now verify that elmo cannot create
 279         client = new DimensionClient();
 280         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 281         res = client.create(multipart);
 282         try {
 283                 statusCode = res.getStatus();
 284                 if (logger.isDebugEnabled()) {
 285                     logger.debug(testName + " (verify not allowed): status = " + statusCode);
 286                 }
 287                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 288                         invalidStatusCodeMessage(testRequestType, statusCode));
 289                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 290         } finally {
 291                 res.close();
 292         }
 293
 294         //Finally, verify that elmo has no access to Intakes
 295         // Submit the request to the service and store the response.
 296         IntakeClient iclient = new IntakeClient();
 297         iclient.setAuth(true, "elmo2010", true, "elmo2010", true);
 298         multipart = createIntakeInstance(
 299                 "entryNumber-" + identifier,
 300                 "entryDate-" + identifier,
 301                 "depositor-" + identifier);
 302         res = iclient.create(multipart);
 303         try {
 304                 if (logger.isDebugEnabled()) {
 305                     logger.debug(testName + " (verify create intake not allowed): status = " + statusCode);
 306                 }
 307                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 308                         invalidStatusCodeMessage(testRequestType, statusCode));
 309                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 310         } finally {
 311                 res.close();
 312         }
 313     }
 314
 315     /**
 316      * Creates the intake instance.
 317      *
 318      * @param entryNumber the entry number
 319      * @param entryDate the entry date
 320      * @param depositor the depositor
 321      * @return the multipart output
 322      */
 323     private PoxPayloadOut createIntakeInstance(String entryNumber,
 324                 String entryDate,
 325                 String depositor) {
 326         IntakesCommon intake = new IntakesCommon();
 327         intake.setEntryNumber(entryNumber);
 328         intake.setEntryDate(entryDate);
 329         intake.setDepositor(depositor);
 330
 331         PoxPayloadOut multipart = new PoxPayloadOut(IntakeClient.SERVICE_PAYLOAD_NAME);
 332         PayloadOutputPart commonPart = multipart.addPart(intake, MediaType.APPLICATION_XML_TYPE);
 333         commonPart.setLabel(new IntakeClient().getCommonPartName());
 334
 335         if(logger.isDebugEnabled()){
 336             logger.debug("to be created, intake common");
 337             logger.debug(objectAsXmlString(intake, IntakesCommon.class));
 338         }
 339
 340         return multipart;
 341     }
 342
 343     @Test(dataProvider = "testName",
 344             dependsOnMethods = {"delete"})
 345     public void verifyCreateWithFlippedRoles(String testName) throws Exception {
 346         int statusCode;
 347         setupCreate();
 348
 349         // Submit the request to the service and store the response.
 350         DimensionClient client = new DimensionClient();
 351         flipInitialAccountRoles();
 352
 353         // Now verify that elmo can create
 354         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 355         client = new DimensionClient();
 356
 357         String identifier = createIdentifier();
 358         DimensionsCommon dimension = new DimensionsCommon();
 359         dimension.setDimension("dimensionType");
 360         dimension.setMeasurementUnit("measurementUnit-" + identifier);
 361         dimension.setValueDate(new Date().toString());
 362         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
 363                 dimension);
 364         Response res = client.create(multipart);
 365         try {
 366                 statusCode = res.getStatus();
 367
 368                 if (logger.isDebugEnabled()) {
 369                     logger.debug(testName + ": status = " + statusCode);
 370                 }
 371                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 372                         invalidStatusCodeMessage(testRequestType, statusCode));
 373                 Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
 374                 knownResourceId = extractId(res);
 375                 if (logger.isDebugEnabled()) {
 376                     logger.debug(testName + ": knownResourceId=" + knownResourceId);
 377                 }
 378         } finally {
 379                 res.close();
 380         }
 381
 382         //bigbird no longer allowed to create
 383         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 384         res = client.create(multipart);
 385         try {
 386                 statusCode = res.getStatus();
 387                 if (logger.isDebugEnabled()) {
 388                     logger.debug(testName + " (verify not allowed): status = " + statusCode);
 389                 }
 390                 Assert.assertTrue(testRequestType.isValidStatusCode(statusCode),
 391                         invalidStatusCodeMessage(testRequestType, statusCode));
 392                 Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
 393         } finally {
 394                 res.close();
 395         }
 396
 397         restoreInitialAccountRoles();
 398     }
 399
 400     // ---------------------------------------------------------------
 401     // CRUD tests : READ tests
 402     // ---------------------------------------------------------------
 403     // Success outcomes
 404     @Test(dataProvider = "testName",
 405                 dependsOnMethods = {"create"})
 406     public void read(String testName) throws Exception {
 407         // Perform setup.
 408         setupRead();
 409
 410         // Submit the request to the service and store the response.
 411         DimensionClient client = new DimensionClient();
 412         //elmo allowed to read
 413         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 414         ClientResponse<String> res = client.read(knownResourceId);
 415         try {
 416                 assertStatusCode(res, testName);
 417                 PoxPayloadIn input = new PoxPayloadIn(res.getEntity());
 418                 DimensionsCommon dimension = (DimensionsCommon) extractPart(input,
 419                         client.getCommonPartName(), DimensionsCommon.class);
 420                 Assert.assertNotNull(dimension);
 421         } finally {
 422                 if (res != null) {
 423                 res.releaseConnection();
 424             }
 425         }
 426     }
 427
 428     @Test(dataProvider = "testName",
 429             dependsOnMethods = {"read"})
 430     public void readLockedOut(String testName) throws Exception {
 431         // Perform setup.
 432         setupForbidden();
 433
 434         // Submit the request to the service and store the response.
 435         DimensionClient client = new DimensionClient();
 436         //lockedOut allowed to read
 437         client.setAuth(true, "lockedOut", true, "lockedOut", true);
 438         ClientResponse<String> res = client.read(knownResourceId);
 439         try {
 440                 assertStatusCode(res, testName);
 441         } finally {
 442                 if (res != null) {
 443                 res.releaseConnection();
 444             }
 445         }
 446     }
 447
 448     @Test(dataProvider = "testName",
 449                 dependsOnMethods = {"read"})
 450     public void updateNotAllowed(String testName) throws Exception {
 451         setupForbidden();
 452
 453         // Create a new client and change its AuthN credentials
 454         DimensionClient client = new DimensionClient();
 455         //elmo not allowed to update
 456         client.setAuth(true, "elmo2010", true, "elmo2010", true);
 457         //
 458         // Create a new dimension object
 459         //
 460         DimensionsCommon dimension = new DimensionsCommon();
 461         dimension.setDimension("dimensionType");
 462         // Update the content of this resource.
 463         dimension.setMeasurementUnit("updated-" + dimension.getMeasurementUnit());
 464         dimension.setValueDate("updated-" + dimension.getValueDate());
 465         //
 466         // Create and submit the request to the service and store the response.
 467         //
 468         PoxPayloadOut output = new PoxPayloadOut(DimensionClient.SERVICE_PAYLOAD_NAME);
 469         PayloadOutputPart commonPart = output.addPart(client.getCommonPartName(), dimension);
 470         ClientResponse<String> res = client.update(knownResourceId, output);
 471         try {
 472                 assertStatusCode(res, testName);
 473         } finally {
 474                 if (res != null) {
 475                 res.releaseConnection();
 476             }
 477         }
 478         //
 479         // Create another new client with new credentials
 480         //
 481         client = new DimensionClient();
 482         //lockedOut not allowed to update
 483         client.setAuth(true, "lockedOut", true, "lockedOut", true);
 484         //
 485         // Try the update again.
 486         //
 487         res = client.update(knownResourceId, output);
 488         try {
 489                 assertStatusCode(res, testName);
 490         } finally {
 491                 if (res != null) {
 492                 res.releaseConnection();
 493             }
 494         }
 495
 496     }
 497
 498     // ---------------------------------------------------------------
 499     // CRUD tests : DELETE tests
 500     // ---------------------------------------------------------------
 501     // Success outcomes
 502     @Test(dataProvider = "testName",
 503                 dependsOnMethods = {"updateNotAllowed"})
 504     public void deleteNotAllowed(String testName) throws Exception {
 505         // Perform setup.
 506         setupForbidden();
 507         //
 508         // Create a new client and change the AuthN credentials
 509         //
 510         DimensionClient client = new DimensionClient();
 511         //bigbird can not delete
 512         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
 513         //
 514         // Try to make a DELETE request
 515         //
 516         ClientResponse<Response> res = client.delete(knownResourceId);
 517         try {
 518                 assertStatusCode(res, testName);
 519         } finally {
 520                 if (res != null) {
 521                 res.releaseConnection();
 522             }
 523         }
 524     }
 525
 526     @Test(dataProvider = "testName",
 527         dependsOnMethods = {"deleteNotAllowed"})
 528     public void delete(String testName) throws Exception {
 529         // Perform setup.
 530         setupDelete();
 531
 532         // Submit the request to the service and store the response.
 533         DimensionClient client = new DimensionClient();
 534
 535         ClientResponse<Response> res = client.delete(knownResourceId);
 536         try {
 537                 assertStatusCode(res, testName);
 538         } finally {
 539                 if (res != null) {
 540                 res.releaseConnection();
 541             }
 542         }
 543     }
 544
 545     // ---------------------------------------------------------------
 546     // Utility methods used by tests above
 547     // ---------------------------------------------------------------
 548     @AfterClass(alwaysRun = true)
 549     public void cleanUp() {
 550         setupDelete();
 551         String noTest = System.getProperty("noTestCleanup");
 552         if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) {
 553             if (logger.isDebugEnabled()) {
 554                 logger.debug("Skipping Cleanup phase ...");
 555             }
 556             return;
 557         }
 558         if (logger.isDebugEnabled()) {
 559             logger.debug("Cleaning up temporary resources created for testing ...");
 560         }
 561
 562         deletePermissionRoles();
 563         deleteAccountRoles();
 564         //FIXME delete on permission deletes all associations with roles
 565         //this would delete association with ROLE_ADMINISTRATOR too
 566         //deletePermissions();
 567         deleteRoles();
 568         deleteAccounts();
 569     }
 570
 571     private void deletePermissionRoles() {
 572         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 573         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 574         deletePermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
 575
 576         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 577         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 578         deletePermissionRole(permValues.get(elmoPermId), elmoRoleValues);
 579     }
 580
 581     private void deleteAccountRoles() {
 582         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
 583         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 584
 585         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
 586         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 587         if(!accountRolesFlipped) {
 588                 deleteAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
 589                 deleteAccountRole(accValues.get("elmo2010"), elmoRoleValues);
 590         } else {
 591                 deleteAccountRole(accValues.get("bigbird2010"), elmoRoleValues);
 592                 deleteAccountRole(accValues.get("elmo2010"),bigbirdRoleValues );
 593         }
 594     }
 595
 596     private void flipInitialAccountRoles() {
 597         if(!accountRolesFlipped) {
 598                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
 599                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
 600                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 601                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 602
 603                 deleteAccountRole(accValues.get("bigbird2010"), cmRoleValues);
 604                 deleteAccountRole(accValues.get("elmo2010"), internRoleValues);
 605
 606                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
 607                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
 608
 609                 accountRolesFlipped = true;
 610         }
 611     }
 612
 613     private void restoreInitialAccountRoles() {
 614         if(accountRolesFlipped) {
 615                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
 616                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
 617                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
 618                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
 619
 620                 deleteAccountRole(accValues.get("bigbird2010"), internRoleValues);
 621                 deleteAccountRole(accValues.get("elmo2010"), cmRoleValues);
 622
 623                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
 624                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
 625                 accountRolesFlipped = false;
 626         }
 627     }
 628
 629     private void deletePermissions() {
 630         //delete entities
 631         for (PermissionValue pv : permValues.values()) {
 632             deletePermission(pv.getPermissionId());
 633         }
 634     }
 635
 636     private void deleteRoles() {
 637         for (RoleValue rv : roleValues.values()) {
 638             deleteRole(rv.getRoleId());
 639         }
 640     }
 641
 642     private void deleteAccounts() {
 643
 644         for (AccountValue av1 : accValues.values()) {
 645             deleteAccount(av1.getAccountId());
 646         }
 647     }
 648
 649     private String createPermission(String resName, EffectType effect) {
 650         List<PermissionAction> actions = PermissionFactory.createDefaultActions();
 651         return createPermission(resName, actions, effect);
 652     }
 653
 654     private String createPermission(String resName,
 655             List<PermissionAction> actions, EffectType effect) {
 656         String result = null;
 657
 658         setupCreate();
 659         PermissionClient permClient = new PermissionClient();
 660         Permission permission = PermissionFactory.createPermissionInstance(resName,
 661                 "default permissions for " + resName, actions, effect, true, true, true);
 662         ClientResponse<Response> res = permClient.create(permission);
 663         try {
 664                 assertStatusCode(res, "CreatePermission");
 665                 result = extractId(res);
 666         } finally {
 667                 if (res != null) {
 668                 res.releaseConnection();
 669             }
 670         }
 671
 672         return result;
 673     }
 674
 675     private void deletePermission(String permId) {
 676         setupDelete();
 677         PermissionClient permClient = new PermissionClient();
 678         ClientResponse<Response> res = permClient.delete(permId);
 679         try {
 680                 assertStatusCode(res, "DeletePermission");
 681         } finally {
 682                 if (res != null) {
 683                 res.releaseConnection();
 684             }
 685         }
 686     }
 687
 688     private String createRole(String roleName) {
 689         String result = null;
 690
 691         setupCreate();
 692         RoleClient roleClient = new RoleClient();
 693         Role role = RoleFactory.createRoleInstance(roleName,
 694                         roleName, //the display name
 695                 "role for " + roleName, true);
 696         ClientResponse<Response> res = roleClient.create(role);
 697         try {
 698                 assertStatusCode(res, "CreateRole");
 699                 result = extractId(res);
 700         } finally {
 701                 if (res != null) {
 702                 res.releaseConnection();
 703             }
 704         }
 705
 706         return result;
 707     }
 708
 709     private void deleteRole(String roleId) {
 710         setupDelete();
 711         RoleClient roleClient = new RoleClient();
 712         ClientResponse<Response> res = roleClient.delete(roleId);
 713         try {
 714                 assertStatusCode(res, "DeleteRole");
 715         } finally {
 716                 if (res != null) {
 717                 res.releaseConnection();
 718             }
 719         }
 720     }
 721
 722     private String createAccount(String userName, String email) {
 723         String result = null;
 724
 725         setupCreate();
 726         AccountClient accountClient = new AccountClient();
 727         AccountsCommon account = AccountFactory.createAccountInstance(
 728                 userName, userName, userName, email, accountClient.getTenantId(),
 729                 true, false, true, true);
 730         ClientResponse<Response> res = accountClient.create(account);
 731         try {
 732                 assertStatusCode(res, "CreateAccount");
 733                 result = extractId(res);
 734         } finally {
 735                 if (res != null) {
 736                 res.releaseConnection();
 737             }
 738         }
 739
 740         return result;
 741     }
 742
 743     private void deleteAccount(String accId) {
 744         setupDelete();
 745         AccountClient accClient = new AccountClient();
 746         ClientResponse<Response> res = accClient.delete(accId);
 747         try {
 748                 assertStatusCode(res, "DeleteAccount");
 749         } finally {
 750                 if (res != null) {
 751                 res.releaseConnection();
 752             }
 753         }
 754     }
 755
 756     private String createAccountRole(AccountValue av,
 757             Collection<RoleValue> rvs) {
 758         String result = null;
 759
 760         setupCreate();
 761         // Submit the request to the service and store the response.
 762         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
 763                 av, rvs, true, true);
 764         AccountRoleClient client = new AccountRoleClient();
 765         ClientResponse<Response> res = client.create(av.getAccountId(), accRole);
 766         try {
 767                 assertStatusCode(res, "CreateAccountRole");
 768                 result = extractId(res);
 769         } finally {
 770                 if (res != null) {
 771                 res.releaseConnection();
 772             }
 773         }
 774
 775         return result;
 776     }
 777
 778     private void deleteAccountRole(AccountValue av,
 779             Collection<RoleValue> rvs) {
 780         // Perform setup.
 781         setupDelete();
 782
 783         // Submit the request to the service and store the response.
 784         AccountRoleClient client = new AccountRoleClient();
 785         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
 786                 av, rvs, true, true);
 787         ClientResponse<Response> res = client.delete(av.getAccountId());
 788         try {
 789                 assertStatusCode(res, "DeleteAccountRole");
 790         } finally {
 791                 if (res != null) {
 792                 res.releaseConnection();
 793             }
 794         }
 795     }
 796
 797     private String createPermissionRole(PermissionValue pv, Collection<RoleValue> rvs) {
 798         String result = null;
 799
 800         setupCreate();
 801         List<RoleValue> rvls = new ArrayList<RoleValue>();
 802         rvls.addAll(rvs);
 803         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
 804                 pv, rvls, true, true);
 805         PermissionRoleClient client = new PermissionRoleClient();
 806         ClientResponse<Response> res = client.create(pv.getPermissionId(), permRole);
 807         try {
 808                 assertStatusCode(res, "CreatePermissionRole");
 809                 result = extractId(res);
 810         } finally {
 811                 if (res != null) {
 812                 res.releaseConnection();
 813             }
 814         }
 815
 816         return result;
 817     }
 818
 819     private void deletePermissionRole(PermissionValue pv,
 820             Collection<RoleValue> rvs) {
 821         List<RoleValue> rvls = new ArrayList<RoleValue>();
 822         rvls.addAll(rvs);
 823
 824         // Perform setup.
 825         setupDelete();
 826
 827         // Submit the request to the service and store the response.
 828         PermissionRoleClient client = new PermissionRoleClient();
 829         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
 830                 pv, rvls, true, true);
 831         ClientResponse<Response> res = client.delete(pv.getPermissionId());
 832         try {
 833                 assertStatusCode(res, "DeletePermissionRole");
 834         } finally {
 835                 if (res != null) {
 836                 res.releaseConnection();
 837             }
 838         }
 839     }
 840
 841         @Override
 842         protected Class<AbstractCommonList> getCommonListType() {
 843                 throw new UnsupportedOperationException();
 844         }
 845 }