DRYD-186: Added support for PUT requests on Roles that contain associated permissions...

diff --git a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security.xml b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security.xml
index 5946eca88a0d24460ee3c4129d5888c2a06386f8..8c9316c25853a999f65db80031f1c0ca8d73c1ba 100644 (file)
--- a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security.xml
+++ b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security.xml
@@ -77,6 +77,12 @@
             <uri>/cspace-services/authorization/roles</uri>
             <filename>security/3-role-test-cm.xml</filename>
         </test>
+        <test ID="updateRoleTestCM">
+            <method>PUT</method>
+            <uri>/cspace-services/authorization/roles</uri>
+            <filename>security/3a-update-role-test-cm.xml</filename>
+            <fromTestID>roleTestCM</fromTestID>
+        </test>
         <test ID="roleIntern">
             <method>POST</method>
             <uri>/cspace-services/authorization/roles</uri>

diff --git a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/3a-update-role-test-cm.xml b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/3a-update-role-test-cm.xml
new file mode 100644 (file)
index 0000000..2178ce6
--- /dev/null
+++ b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/3a-update-role-test-cm.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<ns2:role xmlns:ns2="http://collectionspace.org/services/authorization">
+    <roleName>ROLE_TEST_CM</roleName>
+    <description>role for ROLE_TEST_CM</description>
+    <permission>
+        <permissionId>1-vocabularies-RL</permissionId>
+        <resourceName>vocabularies</resourceName>
+        <actionGroup>RL</actionGroup>
+    </permission>
+    <permission>
+        <permissionId>1-groups-RL</permissionId>
+        <resourceName>groups</resourceName>
+        <actionGroup>RL</actionGroup>
+    </permission>
+</ns2:role>

diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java
index 7694e7b7a77837cbb4af01ed88e14cfab0a47bd7..7ab0946db6ef41b15775a5c72679fbaecc5b4907 100644 (file)
--- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java
+++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java
@@ -44,7 +44,11 @@ public class RoleClient extends AbstractServiceClientImpl<RolesList, Role, Role,
        public static final String SERVICE_PATH = "/" + SERVICE_PATH_COMPONENT;
        public static final String SERVICE_PATH_PROXY = SERVICE_PATH + "/";     
        public final static String IMMUTABLE = "immutable";
-       private final static String BACKEND_ROLE_PREFIX = "ROLE_";
+       public final static String INCLUDE_PERMS_QP = "includePerms";
+       
+       //
+       // Used to qualify backend role name
+       private final static String BACKEND_ROLE_PREFIX = "ROLE_";      
 
     public RoleClient() throws Exception {
                super();

diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java
index d07d6c2ec3b429f766afe8b0fb1d5fb185ea3bc5..cf9283c38f674c9ae8a3c469fe73301a3594ab79 100644 (file)
--- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java
+++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java
@@ -93,8 +93,8 @@ public class RoleResource extends SecurityResourceBase {
 
     @GET
     @Path("{csid}")
-    public Role getRole(@PathParam("csid") String csid) {
-        return (Role)get(csid, Role.class);
+    public Role getRole(@PathParam("csid") String csid, @Context UriInfo ui) {
+        return (Role)get(ui, csid, Role.class);
     }
     
     /*

diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java
index 13637c6520479bfc52b9b749596fbee224bf5a7e..1661b78ff982e544ab7aae258c88a5b719059770 100644 (file)
--- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java
+++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java
@@ -38,7 +38,7 @@ import org.collectionspace.services.authorization.SubjectType;
 import org.collectionspace.services.client.PermissionRoleFactory;
 import org.collectionspace.services.client.RoleClient;
 import org.collectionspace.services.client.RoleFactory;
-
+import org.collectionspace.services.common.api.Tools;
 import org.collectionspace.services.common.document.BadRequestException;
 import org.collectionspace.services.common.document.DocumentFilter;
 import org.collectionspace.services.common.document.DocumentWrapper;
@@ -99,16 +99,40 @@ public class RoleDocumentHandler
     }
 
     @Override
-    public void handleUpdate(DocumentWrapper<Role> wrapDoc) throws Exception {
-        Role roleFound = wrapDoc.getWrappedObject();
-        Role roleReceived = getCommonPart();
-        // If marked as metadata immutable, do not do update
-        if(!RoleClient.IMMUTABLE.equals(roleFound.getMetadataProtection())) {
-               roleReceived.setRoleName(RoleClient.getBackendRoleName(roleReceived.getRoleName(),
-                               roleFound.getTenantId()));
-               merge(roleReceived, roleFound);
-        }
-    }
+       public void handleUpdate(DocumentWrapper<Role> wrapDoc) throws Exception {
+               Role roleFound = wrapDoc.getWrappedObject();
+               Role roleReceived = getCommonPart();
+               // If marked as metadata immutable, do not do update
+               if (!RoleClient.IMMUTABLE.equals(roleFound.getMetadataProtection())) {
+                       roleReceived
+                                       .setRoleName(RoleClient.getBackendRoleName(roleReceived.getRoleName(), roleFound.getTenantId()));
+                       merge(roleReceived, roleFound);
+               }
+               //
+               // Update perms is supplied.
+               //
+               List<PermissionValue> permValueList = roleReceived.getPermission();
+               if (permValueList != null) {
+            PermissionRoleSubResource subResource =
+                    new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
+            //
+            // First, delete the existing permroles
+            //
+            subResource.deletePermissionRole(roleFound.getCsid(), SubjectType.PERMISSION);
+            //
+            // Next, create the new permroles
+            //
+               RoleValue roleValue = RoleFactory.createRoleValueInstance(roleFound);
+               PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(SubjectType.PERMISSION, roleValue,
+                               permValueList, true, true);            
+            subResource.createPermissionRole(permRole, SubjectType.PERMISSION);
+            //
+            // Finally, set the updated perm list in the result
+            //
+            PermissionRole newPermRole = subResource.getPermissionRole(roleFound.getCsid(), SubjectType.PERMISSION);
+            roleFound.setPermission(newPermRole.getPermission());
+               }
+       }
 
     /**
      * Merge fields manually from 'from' to the 'to' role
@@ -169,7 +193,18 @@ public class RoleDocumentHandler
     public Role extractCommonPart(
             DocumentWrapper<Role> wrapDoc)
             throws Exception {
-        return wrapDoc.getWrappedObject();
+        Role role = wrapDoc.getWrappedObject();
+        
+        String includePermsQueryParamValue = (String) getServiceContext().getQueryParams().getFirst(RoleClient.INCLUDE_PERMS_QP);
+        boolean includePerms = Tools.isTrue(includePermsQueryParamValue);
+        if (includePerms) {
+               PermissionRoleSubResource permRoleResource =
+                       new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
+               PermissionRole permRole = permRoleResource.getPermissionRole(role.getCsid(), SubjectType.PERMISSION);
+               role.setPermission(permRole.getPermission());
+        }
+    
+        return role;
     }
 
     @Override
@@ -232,7 +267,7 @@ public class RoleDocumentHandler
      */
     private void sanitize(Role role) {
         if (!SecurityUtils.isCSpaceAdmin()) {
-            role.setTenantId(null); // REM - See no reason for hiding the tenant ID?
+            // role.setTenantId(null); // REM - There's no reason for hiding the tenant ID is there?
         }
     }