<groupId>org.slf4j</groupId>\r
<artifactId>slf4j-log4j12</artifactId>\r
</dependency>\r
- <dependency>\r
- <groupId>org.collectionspace.services</groupId>\r
- <artifactId>org.collectionspace.services.authentication.service</artifactId>\r
- <version>${project.version}</version>\r
- <scope>provided</scope>\r
- </dependency>\r
<dependency>\r
<groupId>org.collectionspace.services</groupId>\r
<artifactId>org.collectionspace.services.authorization.service</artifactId>\r
<version>${project.version}</version>\r
<scope>provided</scope>\r
</dependency>\r
- <dependency>\r
- <groupId>org.collectionspace.services</groupId>\r
- <artifactId>org.collectionspace.services.client</artifactId>\r
- <version>${project.version}</version>\r
- </dependency>\r
-\r
- <!-- Needed if/when client test framework files are moved into -->\r
- <!-- /services/client/src/test from /services/client/src/main -->\r
-\r
- <!-- <dependency>\r
- <groupId>org.collectionspace.services</groupId>\r
- <artifactId>org.collectionspace.services.client</artifactId>\r
- <version>${project.version}</version>\r
- <scope>test</scope>\r
- <type>test-jar</type>\r
- </dependency> -->\r
<dependency>\r
<groupId>org.testng</groupId>\r
<artifactId>testng</artifactId>\r
<version>5.6</version>\r
</dependency>\r
- <dependency>\r
- <groupId>org.jboss.resteasy</groupId>\r
- <artifactId>resteasy-jaxrs</artifactId>\r
- <exclusions>\r
- <exclusion>\r
- <groupId>tjws</groupId>\r
- <artifactId>webserver</artifactId>\r
- </exclusion>\r
- </exclusions>\r
- </dependency>\r
- <dependency>\r
- <groupId>org.jboss.resteasy</groupId>\r
- <artifactId>resteasy-jaxb-provider</artifactId>\r
- </dependency>\r
- <dependency>\r
- <groupId>org.jboss.resteasy</groupId>\r
- <artifactId>resteasy-multipart-provider</artifactId>\r
- </dependency>\r
- <dependency>\r
- <groupId>commons-httpclient</groupId>\r
- <artifactId>commons-httpclient</artifactId>\r
- <version>3.1</version>\r
- </dependency>\r
+\r
\r
<dependency>\r
<groupId>org.springframework.security</groupId>\r
<artifactId>maven-surefire-plugin</artifactId>\r
<configuration>\r
<systemProperties>\r
- <property>\r
- <name>maven.basedir</name>\r
- <value>${basedir}</value>\r
- </property>\r
<property>\r
<name>log4j.configuration</name>\r
<value>file:${project.build.directory}/test-classes/log4j.properties</value>\r
</property>\r
+ <property>\r
+ <name>importdir</name>\r
+ <value>${basedir}/src/main/resources/import-data/</value>\r
+ </property>\r
+ <property>\r
+ <name>exportdir</name>\r
+ <value>${basedir}/src/main/resources/import-data/</value>\r
+ </property>\r
+ <property>\r
+ <name>tenantbindings</name>\r
+ <value>${basedir}/../../common/src/main/config/services/tenant-bindings.xml</value>\r
+ </property>\r
<property>\r
<name>spring-beans-config</name>\r
<value>applicationContext-authorization-test.xml</value>\r
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>1</permissionId>
+ <permissionId>d517250a-91a8-4b19-b1a4-75ad56d3012a</permissionId>
+ <resourceName>collectionobjects</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>eb155cad-cfac-4bcd-bdb3-34c8406bb6c7</permissionId>
+ <resourceName>intakes</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>04383c28-f9d0-4628-bd8d-90c07963630d</permissionId>
+ <resourceName>loansin</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>1280b13b-0e02-4c11-955d-5151ac15cb16</permissionId>
+ <resourceName>loansout</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>86ed3672-c338-4537-893d-69bbef22ea7e</permissionId>
+ <resourceName>movements</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>293a5a00-e2ca-49f9-9f52-6cefbceae1a7</permissionId>
+ <resourceName>vocabularies</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>1c1152e4-2e7b-4744-bf86-8c47f62f6b2a</permissionId>
+ <resourceName>vocabularyitems</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>29e217f7-d1a0-463b-9f3e-1804be23f127</permissionId>
+ <resourceName>orgauthorities</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>34197256-031f-4218-bb8d-c02a9d202986</permissionId>
+ <resourceName>organizations</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>d327da0e-da21-4716-a01c-47ad828ec2b4</permissionId>
+ <resourceName>personauthorities</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>d2746267-4ade-4e12-8dc4-11ee151c7f2e</permissionId>
+ <resourceName>persons</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>5dcbce71-bc19-4da0-8072-d994c8854007</permissionId>
+ <resourceName>acquisitions</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>a2cd134f-c418-4c9c-8a85-bb530a97cea8</permissionId>
+ <resourceName>relations</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>bfd8768d-64bc-47b7-9193-edfb5fc17884</permissionId>
<resourceName>accounts</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>2</permissionId>
+ <permissionId>eb77d422-5019-470f-9670-b62bcd8eb9be</permissionId>
<resourceName>dimensions</resourceName>
</permission>
<role>
<roleName>ROLE_ADMINISTRATOR</roleName>
</role>
</permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>c66becf5-0670-4e6f-83be-283ca28b9220</permissionId>
+ <resourceName>contacts</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>9ce72e7a-dded-4b92-b0c1-3333e117a152</permissionId>
+ <resourceName>authorization/roles</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>407df950-207a-4490-a122-61ab43984956</permissionId>
+ <resourceName>authorization/permissions</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>5e16a57f-8c6d-4c93-b167-85c2c7881f02</permissionId>
+ <resourceName>authorization/permroles</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
+ <permissionRole>
+ <subject>ROLE</subject>
+ <permission>
+ <permissionId>d1a3663a-645b-4ac4-86b8-c6ecd05e1e12</permissionId>
+ <resourceName>accounts/accountroles</resourceName>
+ </permission>
+ <role>
+ <roleId>1</roleId>
+ <roleName>ROLE_ADMINISTRATOR</roleName>
+ </role>
+ </permissionRole>
</ns2:permissions_roles_list>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:permissions_list xmlns:ns2="http://collectionspace.org/services/authorization">
- <permission csid="1">
+ <permission csid="d517250a-91a8-4b19-b1a4-75ad56d3012a">
+ <resourceName>collectionobjects</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="eb155cad-cfac-4bcd-bdb3-34c8406bb6c7">
+ <resourceName>intakes</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="04383c28-f9d0-4628-bd8d-90c07963630d">
+ <resourceName>loansin</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="1280b13b-0e02-4c11-955d-5151ac15cb16">
+ <resourceName>loansout</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="86ed3672-c338-4537-893d-69bbef22ea7e">
+ <resourceName>movements</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="293a5a00-e2ca-49f9-9f52-6cefbceae1a7">
+ <resourceName>vocabularies</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="1c1152e4-2e7b-4744-bf86-8c47f62f6b2a">
+ <resourceName>vocabularyitems</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="29e217f7-d1a0-463b-9f3e-1804be23f127">
+ <resourceName>orgauthorities</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="34197256-031f-4218-bb8d-c02a9d202986">
+ <resourceName>organizations</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="d327da0e-da21-4716-a01c-47ad828ec2b4">
+ <resourceName>personauthorities</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="d2746267-4ade-4e12-8dc4-11ee151c7f2e">
+ <resourceName>persons</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="5dcbce71-bc19-4da0-8072-d994c8854007">
+ <resourceName>acquisitions</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="a2cd134f-c418-4c9c-8a85-bb530a97cea8">
+ <resourceName>relations</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="bfd8768d-64bc-47b7-9193-edfb5fc17884">
<resourceName>accounts</resourceName>
<action>
<name>CREATE</name>
<action>
<name>DELETE</name>
</action>
+ <action>
+ <name>SEARCH</name>
+ </action>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="2">
+ <permission csid="eb77d422-5019-470f-9670-b62bcd8eb9be">
<resourceName>dimensions</resourceName>
<action>
<name>CREATE</name>
<action>
<name>DELETE</name>
</action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="c66becf5-0670-4e6f-83be-283ca28b9220">
+ <resourceName>contacts</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="9ce72e7a-dded-4b92-b0c1-3333e117a152">
+ <resourceName>authorization/roles</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="407df950-207a-4490-a122-61ab43984956">
+ <resourceName>authorization/permissions</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="5e16a57f-8c6d-4c93-b167-85c2c7881f02">
+ <resourceName>authorization/permroles</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
+ <effect>PERMIT</effect>
+ <tenant_id>1</tenant_id>
+ </permission>
+ <permission csid="d1a3663a-645b-4ac4-86b8-c6ecd05e1e12">
+ <resourceName>accounts/accountroles</resourceName>
+ <action>
+ <name>CREATE</name>
+ </action>
+ <action>
+ <name>READ</name>
+ </action>
+ <action>
+ <name>UPDATE</name>
+ </action>
+ <action>
+ <name>DELETE</name>
+ </action>
+ <action>
+ <name>SEARCH</name>
+ </action>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
*/
package org.collectionspace.services.authorization.generator;
+import java.io.File;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.ArrayList;
+import java.util.Hashtable;
import java.util.List;
+import java.util.UUID;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
import org.collectionspace.services.authorization.ActionType;
import org.collectionspace.services.authorization.Permission;
import org.collectionspace.services.authorization.EffectType;
import org.collectionspace.services.authorization.PermissionsRolesList;
import org.collectionspace.services.authorization.RoleValue;
import org.collectionspace.services.authorization.SubjectType;
+import org.collectionspace.services.common.config.TenantBindingConfigReaderImpl;
+import org.collectionspace.services.common.service.ServiceBindingType;
+import org.collectionspace.services.common.tenant.TenantBindingType;
/**
*
public class AuthorizationGen {
final Logger logger = LoggerFactory.getLogger(AuthorizationGen.class);
- private PermissionsList pcList = new PermissionsList();
- PermissionsRolesList psrsl = new PermissionsRolesList();
+ private List<Permission> permList = new ArrayList<Permission>();
+ private List<PermissionRole> permRoleList = new ArrayList<PermissionRole>();
+ private Hashtable<String, TenantBindingType> tenantBindings =
+ new Hashtable<String, TenantBindingType>();
+
+ public void initialize(String tenantBindingFile) throws Exception {
+ TenantBindingConfigReaderImpl tenantBindingConfigReader =
+ new TenantBindingConfigReaderImpl(null);
+ tenantBindingConfigReader.read(tenantBindingFile);
+ tenantBindings = tenantBindingConfigReader.getTenantBindings();
+ }
- public PermissionsList genPermissions() {
- ArrayList<Permission> apcList = new ArrayList<Permission>();
- pcList.setPermissions(apcList);
+ public void createDefaultServicePermissions() {
+ for (String tenantId : tenantBindings.keySet()) {
+ List<Permission> perms = createDefaultServicePermissions(tenantId);
+ permList.addAll(perms);
+ }
+ }
- Permission accPerm = buildCommonPermission("1", "1", "accounts");
- apcList.add(accPerm);
- Permission dimPerm = buildCommonPermission("1", "2", "dimensions");
- apcList.add(dimPerm);
- return pcList;
+ public List<Permission> createDefaultServicePermissions(String tenantId) {
+ ArrayList<Permission> apcList = new ArrayList<Permission>();
+ TenantBindingType tbinding = tenantBindings.get(tenantId);
+ for (ServiceBindingType sbinding : tbinding.getServiceBindings()) {
+ Permission accPerm = buildCommonPermission(tbinding.getId(),
+ sbinding.getName());
+ apcList.add(accPerm);
+ }
+ return apcList;
}
-
- private Permission buildCommonPermission(String tenantId, String permId, String resourceName) {
- //String id = UUID.randomUUID().toString();
+ private Permission buildCommonPermission(String tenantId, String resourceName) {
+ String id = UUID.randomUUID().toString();
Permission perm = new Permission();
- perm.setCsid(permId);
- perm.setResourceName(resourceName);
+ perm.setCsid(id);
+ perm.setResourceName(resourceName.toLowerCase());
perm.setEffect(EffectType.PERMIT);
perm.setTenantId(tenantId);
ArrayList<PermissionAction> pas = new ArrayList<PermissionAction>();
PermissionAction pa3 = new PermissionAction();
pa3.setName(ActionType.DELETE);
pas.add(pa3);
+ PermissionAction pa4 = new PermissionAction();
+ pa4.setName(ActionType.SEARCH);
+ pas.add(pa4);
return perm;
}
- public PermissionsRolesList genPermissionsRoles(PermissionsList pcList) {
- ArrayList<PermissionRole> prl = new ArrayList<PermissionRole>();
- prl.add(buildCommonPermissionRoles("1", "1", "accounts"));
- prl.add(buildCommonPermissionRoles("1", "2", "dimensions"));
- psrsl.setPermissionRoles(prl);
- return psrsl;
+ public List<Permission> getDefaultServicePermissions() {
+ return permList;
+ }
+
+ public void createDefaultPermissionsRoles(String roleName) {
+ for (Permission p : permList) {
+ PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
+ p.getResourceName(), roleName);
+ permRoleList.add(permRole);
+ }
+ }
+
+ public List<PermissionRole> createPermissionsRoles(List<Permission> perms, String roleName) {
+ List<PermissionRole> permRoles = new ArrayList<PermissionRole>();
+ for (Permission p : perms) {
+ PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
+ p.getResourceName(), roleName);
+ permRoles.add(permRole);
+ }
+ return permRoles;
}
- private PermissionRole buildCommonPermissionRoles(String tenantId, String permissionId,
- String resName) {
+ private PermissionRole buildCommonPermissionRoles(String tenantId, String permId,
+ String resName, String roleName) {
PermissionRole pr = new PermissionRole();
pr.setSubject(SubjectType.ROLE);
List<PermissionValue> permValues = new ArrayList<PermissionValue>();
pr.setPermissions(permValues);
PermissionValue permValue = new PermissionValue();
- permValue.setPermissionId(permissionId);
- permValue.setResourceName(resName);
+ permValue.setPermissionId(permId);
+ permValue.setResourceName(resName.toLowerCase());
permValues.add(permValue);
List<RoleValue> roleValues = new ArrayList<RoleValue>();
RoleValue radmin = new RoleValue();
- radmin.setRoleName("ROLE_ADMINISTRATOR");
+ radmin.setRoleName(roleName.toUpperCase());
radmin.setRoleId(tenantId);
roleValues.add(radmin);
pr.setRoles(roleValues);
return pr;
+ }
+
+ public List<PermissionRole> getDefaultServicePermissionRoles() {
+ return permRoleList;
+ }
+
+ public void exportPermissions(String fileName) {
+ PermissionsList pcList = new PermissionsList();
+ pcList.setPermissions(permList);
+ toFile(pcList, PermissionsList.class,
+ fileName);
+ logger.info("exported permissions to " + fileName);
+ }
+
+ public void exportPermissionRoles(String fileName) {
+ PermissionsRolesList psrsl = new PermissionsRolesList();
+ psrsl.setPermissionRoles(permRoleList);
+ toFile(psrsl, PermissionsRolesList.class,
+ fileName);
+ logger.info("exported permissions-roles to " + fileName);
+ }
+ private void toFile(Object o, Class jaxbClass, String fileName) {
+ File f = new File(fileName);
+ try {
+ JAXBContext jc = JAXBContext.newInstance(jaxbClass);
+ Marshaller m = jc.createMarshaller();
+ m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
+ Boolean.TRUE);
+ m.marshal(o, f);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
}
}
*/
public abstract class AbstractAuthorizationTestImpl {
- static protected final String MAVEN_BASEDIR_PROPERTY = "maven.basedir";
final Logger logger = LoggerFactory.getLogger(AbstractAuthorizationTestImpl.class);
private org.springframework.jdbc.datasource.DataSourceTransactionManager txManager;
- final static String importDataDir = "src/main/resources/import-data/";
- static String baseDir;
-
- static {
- baseDir = System.getProperty(AbstractAuthorizationTestImpl.MAVEN_BASEDIR_PROPERTY);
- if (baseDir == null || baseDir.isEmpty()) {
- baseDir = System.getProperty("user.dir");
- }
- baseDir = baseDir + System.getProperty("file.separator");
- }
/**
* Returns the name of the currently running test.
txManager.commit(status);
}
- static void toFile(Object o, Class jaxbClass, String fileName) {
- File f = new File(fileName);
- try {
- JAXBContext jc = JAXBContext.newInstance(jaxbClass);
- Marshaller m = jc.createMarshaller();
- m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
- Boolean.TRUE);
- m.marshal(o, f);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
static Object fromFile(Class jaxbClass, String fileName) throws Exception {
InputStream is = new FileInputStream(fileName);
}
- public void writePermissions(PermissionsList pcList, String fileName) {
- AbstractAuthorizationTestImpl.toFile(pcList, PermissionsList.class,
- AbstractAuthorizationTestImpl.importDataDir + fileName);
- logger.info("generated permissions to "
- + AbstractAuthorizationTestImpl.importDataDir + fileName);
- }
-
-
- public void writePermissionRoles(PermissionsRolesList psrsl, String fileName) {
- AbstractAuthorizationTestImpl.toFile(psrsl, PermissionsRolesList.class,
- AbstractAuthorizationTestImpl.importDataDir + fileName);
- logger.info("generated permissions-roles to "
- + AbstractAuthorizationTestImpl.importDataDir + fileName);
- }
-
@Test(dataProvider = "testName", dataProviderClass = AbstractAuthorizationTestImpl.class)
public void test(String testName) {
if (logger.isDebugEnabled()) {
//import java.util.ArrayList;
//import java.util.List;
+import java.io.File;
import org.collectionspace.services.authorization.generator.AuthorizationGen;
-import org.collectionspace.services.authorization.importer.AbstractAuthorizationTestImpl;
import java.util.ArrayList;
import java.util.List;
import org.collectionspace.services.authorization.ActionType;
TransactionStatus status = beginTransaction("seedData");
try {
AuthorizationGen authzGen = new AuthorizationGen();
- PermissionsList pl = authzGen.genPermissions();
- writePermissions(pl, PERMISSION_FILE);
- PermissionsRolesList prl = authzGen.genPermissionsRoles(pl);
- writePermissionRoles(prl, PERMISSION_ROLE_FILE);
+ String tenantBindingFile = getTenantBindingFile();
+ authzGen.initialize(tenantBindingFile);
+ authzGen.createDefaultServicePermissions();
+ authzGen.createDefaultPermissionsRoles("ROLE_ADMINISTRATOR");
+ String exportDir = getExportDir();
+ authzGen.exportPermissions(exportDir + PERMISSION_FILE);
+ authzGen.exportPermissionRoles(exportDir + PERMISSION_ROLE_FILE);
seedRoles();
seedPermissions();
} catch (Exception ex) {
}
public void seedPermissions() throws Exception {
+ String importDir = getImportDir();
PermissionsList pcList =
- (PermissionsList) fromFile(PermissionsList.class, baseDir
- + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_FILE);
+ (PermissionsList) fromFile(PermissionsList.class,
+ importDir + PERMISSION_FILE);
logger.info("read permissions from "
- + baseDir + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_FILE);
+ + importDir + PERMISSION_FILE);
PermissionsRolesList pcrList =
- (PermissionsRolesList) fromFile(PermissionsRolesList.class, baseDir
- + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_ROLE_FILE);
+ (PermissionsRolesList) fromFile(PermissionsRolesList.class,
+ importDir + PERMISSION_ROLE_FILE);
logger.info("read permissions-roles from "
- + baseDir + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_ROLE_FILE);
+ + importDir + PERMISSION_ROLE_FILE);
AuthZ authZ = AuthZ.get();
for (Permission p : pcList.getPermissions()) {
if (logger.isDebugEnabled()) {
}
throw new IllegalArgumentException("action = " + action.toString());
}
+
+ private String getTenantBindingFile() {
+ String tenantBindingFile = System.getProperty("tenantbindings");
+ if (tenantBindingFile == null || tenantBindingFile.isEmpty()) {
+ throw new IllegalStateException("tenantbindings are required."
+ + " System property tenantbindings is missing or empty");
+ }
+ return tenantBindingFile;
+ }
+
+ private String getImportDir() {
+ String importDir = System.getProperty("importdir");
+ if (importDir == null || importDir.isEmpty()) {
+ throw new IllegalStateException("importdir required."
+ + " System property importdir is missing or empty");
+ }
+ return importDir + File.separator;
+ }
+
+ private String getExportDir() {
+ String exportDir = System.getProperty("exportdir");
+ if (exportDir == null || exportDir.isEmpty()) {
+ throw new IllegalStateException("exportdir required."
+ + " System property exportdir is missing or empty");
+ }
+ return exportDir + File.separator;
+ }
}
abstract public void read() throws Exception;
@Override
- abstract public T getConfiguration();
+ abstract public void read(String configFile) throws Exception;
+ @Override
+ abstract public T getConfiguration();
/**
* parse parses given configuration file from the disk based on given class
JAXBContext jc = JAXBContext.newInstance(clazz);
Unmarshaller um = jc.createUnmarshaller();
Object readObject = um.unmarshal(configFile);
- if(logger.isDebugEnabled()){
+ if (logger.isDebugEnabled()) {
logger.debug("read() read file " + configFile.getAbsolutePath());
}
return readObject;
}
protected String getAbsoluteFileName(String configFileName) {
- return serverRootDir +
- File.separator + CSPACE_DIR_NAME +
- File.separator + CONFIG_DIR_NAME +
- File.separator + configFileName;
+ return serverRootDir
+ + File.separator + CSPACE_DIR_NAME
+ + File.separator + CONFIG_DIR_NAME
+ + File.separator + configFileName;
}
protected String getServerRootDir() {
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
package org.collectionspace.services.common.config;
import java.io.File;
public String getFileName();
/**
- * read parse and read the configruation file.
+ * read parse and read the default configruation file from default location
* @throws Exception
*/
public void read() throws Exception;
+ /**
+ * read parse and read the given configruation file.
+ * @param configFile fully qualified file name
+ * @throws Exception
+ */
+ public void read(String configFile) throws Exception;
+
/**
* getConfig get configuration binding
* @return
@Override
public void read() throws Exception {
String configFileName = getAbsoluteFileName(CONFIG_FILE_NAME);
+ read(configFileName);
+ }
+
+ @Override
+ public void read(String configFileName) throws Exception {
+ if (logger.isDebugEnabled()) {
+ logger.debug("read() config file=" + configFileName);
+ }
File configFile = new File(configFileName);
- if(!configFile.exists()){
+ if (!configFile.exists()) {
String msg = "Could not find configuration file " + configFileName;
logger.error(msg);
throw new RuntimeException(msg);
}
serviceConfig = (ServiceConfig) parse(configFile, ServiceConfig.class);
clientType = serviceConfig.getRepositoryClient().getClientType();
- if(clientType == null){
+ if (clientType == null) {
String msg = "Missing <client-type> in <repository-client>";
logger.error(msg);
throw new IllegalArgumentException(msg);
}
clientClassName = serviceConfig.getRepositoryClient().getClientClass();
- if(clientClassName == null){
+ if (clientClassName == null) {
String msg = "Missing <client-class> in <repository-client>";
logger.error(msg);
throw new IllegalArgumentException(msg);
}
- if(logger.isDebugEnabled()){
+ if (logger.isDebugEnabled()) {
logger.debug("using client=" + clientType.toString() + " class=" + clientClassName);
}
}
final private static String CONFIG_FILE_NAME = "tenant-bindings.xml";
final Logger logger = LoggerFactory.getLogger(TenantBindingConfigReaderImpl.class);
private TenantBindingConfig tenantBindingConfig;
- //tenant name, tenant binding
+ //tenant id, tenant binding
private Hashtable<String, TenantBindingType> tenantBindings =
new Hashtable<String, TenantBindingType>();
//tenant-qualified servicename, service binding
@Override
public void read() throws Exception {
String configFileName = getAbsoluteFileName(CONFIG_FILE_NAME);
+ read(configFileName);
+ }
+
+ @Override
+ public void read(String configFileName) throws Exception {
+ if (logger.isDebugEnabled()) {
+ logger.debug("read() config file=" + configFileName);
+ }
File configFile = new File(configFileName);
if (!configFile.exists()) {
String msg = "Could not find configuration file " + configFileName;
public Hashtable<String, TenantBindingType> getTenantBindings() {
return tenantBindings;
}
-
+
/**
* getTenantBinding gets tenant binding for given tenant
* @param tenantId
return list;
}
-
/**
* @param tenantId
* @param serviceName
projects / tmp / jakarta-migration.git / commitdiff