import javax.ws.rs.core.Response;
-
+//import org.collectionspace.services.authorization.AccountRolesList;
import org.collectionspace.services.authorization.AccountRole;
import org.jboss.resteasy.client.ProxyFactory;
import org.jboss.resteasy.plugins.providers.RegisterBuiltin;
return accountRoleProxy.read(csid, arcsid);
}
+ /**
+ * Read.
+ *
+ * @param csid the csid
+ * @param arcsid the arcsid
+ * @return the client response
+ */
+ public ClientResponse<AccountRole> read(String csid) {
+ return accountRoleProxy.read(csid);
+ }
+
/**
* @param csid
* @param accRole relationships to create
public ClientResponse<Response> delete(String csid, AccountRole accRole) {
return accountRoleProxy.delete(csid, "delete", accRole);
}
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.client.AbstractServiceClientImpl#delete(java.lang.String)
+ */
+ public ClientResponse<Response> delete(String csid) {
+ return accountRoleProxy.delete(csid);
+ }
}
import java.util.Collection;
import org.collectionspace.services.authorization.AccountRole;
import org.collectionspace.services.authorization.AccountValue;
+import org.collectionspace.services.authorization.SubjectType;
import org.collectionspace.services.authorization.RoleValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
AccountRole accRole = new AccountRole();
//service consume is not required to provide subject as it is determined
//from URI used
-// accRole.setSubject(SubjectType.ROLE);
+ accRole.setSubject(SubjectType.ROLE);
if (usePermId) {
ArrayList<AccountValue> pvs = new ArrayList<AccountValue>();
pvs.add(pv);
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
+import javax.ws.rs.DELETE;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
-
+//import org.collectionspace.services.authorization.AccountRolesList;
import org.collectionspace.services.authorization.AccountRole;
import org.jboss.resteasy.client.ClientResponse;
@Path("/{csid}/accountroles")
ClientResponse<Response> create(@PathParam("csid") String csid, AccountRole accRole);
+ //(R)ead
+ @GET
+ @Path("/{csid}/accountroles")
+ ClientResponse<AccountRole> read(@PathParam("csid") String csid);
+
//(R)ead
@GET
@Path("/{csid}/accountroles/{arcsid}")
ClientResponse<Response> delete(@PathParam("csid") String csid,
@QueryParam("_method") String method,
AccountRole accRole);
+
+ //(D)elete
+ @DELETE
+ @Path("/{csid}/accountroles")
+ ClientResponse<Response> delete(@PathParam("csid") String csid);
}
import java.util.List;
import javax.ws.rs.core.Response;
+//import org.collectionspace.services.authorization.AccountRolesList;
import org.collectionspace.services.account.AccountsCommon;
import org.collectionspace.services.authorization.AccountRole;
import org.collectionspace.services.authorization.AccountValue;
// Submit the request to the service and store the response.
AccountRoleClient client = new AccountRoleClient();
ClientResponse<AccountRole> res = client.read(
- accValues.get("acc-role-user1").getAccountId(), "123");
+ accValues.get("acc-role-user1").getAccountId());
int statusCode = res.getStatus();
try {
// Check the status code of the response: does it match
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
- AccountRole output = (AccountRole) res.getEntity();
+ AccountRole output = res.getEntity();
Assert.assertNotNull(output);
} finally {
res.releaseConnection();
// Submit the request to the service and store the response.
AccountRoleClient client = new AccountRoleClient();
- ClientResponse<AccountRole> res = client.read(this.NON_EXISTENT_ID, "123");
+ ClientResponse<AccountRole> res = client.read(this.NON_EXISTENT_ID);
int statusCode = res.getStatus();
try {
// Check the status code of the response: does it match
// Submit the request to the service and store the response.
AccountRoleClient client = new AccountRoleClient();
ClientResponse<AccountRole> res = client.read(
- accValues.get("acc-role-user2").getAccountId(), "123");
+ accValues.get("acc-role-user2").getAccountId());
int statusCode = res.getStatus();
try {
// Check the status code of the response: does it match
Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, Response.Status.OK.getStatusCode());
- AccountRole output = (AccountRole) res.getEntity();
+ AccountRole output = res.getEntity();
String sOutput = objectAsXmlString(output, AccountRole.class);
if(logger.isDebugEnabled()) {
// Perform setup.
setupDelete();
-
- // Submit the request to the service and store the response.
+
+ //
+ // Lookup a know account, and delete all of its role relationships
+ //
AccountRoleClient client = new AccountRoleClient();
- AccountValue av = accValues.get("acc-role-user1");
- AccountRole accRole = createAccountRoleInstance(av,
- roleValues.values(), true, true);
+ ClientResponse<AccountRole> readResponse = client.read(
+ accValues.get("acc-role-user1").getAccountId());
+ AccountRole toDelete = null;
+ try {
+ toDelete = readResponse.getEntity();
+ } finally {
+ readResponse.releaseConnection();
+ }
+
ClientResponse<Response> res = client.delete(
- accValues.get("acc-role-user1").getAccountId(), accRole);
- int statusCode = res.getStatus();
+ toDelete.getAccounts().get(0).getAccountId(), toDelete);
try {
- // Check the status code of the response: does it match
- // the expected response(s)?
- if (logger.isDebugEnabled()) {
- logger.debug(testName + ": status = " + statusCode);
- }
+ int statusCode = res.getStatus();
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
+ } finally {
+ res.releaseConnection();
+ }
+
+ //
+ // recreate 'acc-role-user1' account and roles
+ //
+ create(testName);
+ setupDelete();
+
+ //
+ // Lookup a know account, and delete all of its role relationships
+ //
+ readResponse = client.read(
+ accValues.get("acc-role-user1").getAccountId());
+ toDelete = null;
+ try {
+ toDelete = readResponse.getEntity();
+ } finally {
+ readResponse.releaseConnection();
+ }
+
+ res = client.delete(toDelete.getAccounts().get(0).getAccountId());
+ try {
+ int statusCode = res.getStatus();
Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
} finally {
res.releaseConnection();
}
+
}
// Failure outcomes
create table accounts_tenants (HJID bigint not null auto_increment, tenant_id varchar(128) not null, TENANTS_ACCOUNTSCOMMON_CSID varchar(128), primary key (HJID));
create table tenants (id varchar(128) not null, created_at datetime not null, name varchar(255) not null, updated_at datetime, primary key (id));
alter table accounts_tenants add index FKFDA649B05A9CEEB5 (TENANTS_ACCOUNTSCOMMON_CSID), add constraint FKFDA649B05A9CEEB5 foreign key (TENANTS_ACCOUNTSCOMMON_CSID) references accounts_common (csid);
-
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
+import org.collectionspace.services.authorization.AccountRoleRel;
+//import org.collectionspace.services.authorization.AccountRolesList;
import org.collectionspace.services.account.storage.AccountStorageClient;
import org.collectionspace.services.authorization.AccountRole;
import org.collectionspace.services.authorization.SubjectType;
import org.collectionspace.services.common.security.UnauthorizedException;
import org.collectionspace.services.common.storage.StorageClient;
import org.jboss.resteasy.util.HttpResponseCodes;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@GET
@Path("{csid}/accountroles/{accrolecsid}")
- public AccountRole getAccountRole(
+ public AccountRoleRel getAccountRole(
@PathParam("csid") String accCsid,
@PathParam("accrolecsid") String accrolecsid) {
if (logger.isDebugEnabled()) {
"text/plain").build();
throw new WebApplicationException(response);
}
+ AccountRoleRel result = null;
+ try {
+ AccountRoleSubResource subResource =
+ new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
+ //get relationships for an account
+ result = subResource.getAccountRoleRel(accCsid, SubjectType.ROLE, accrolecsid);
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getAccountRole", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "account csid=" + accrolecsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getAccountRole", e);
+ }
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.GET_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ if (result == null) {
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "account csid=" + accCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ return result;
+ }
+
+ @GET
+ @Path("{csid}/accountroles")
+ public AccountRole getAccountRole(
+ @PathParam("csid") String accCsid) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getAccountRole with accCsid=" + accCsid);
+ }
+ if (accCsid == null || "".equals(accCsid)) {
+ logger.error("getAccountRole: missing accCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.GET_FAILED + "accountroles account "
+ + ServiceMessages.MISSING_INVALID_CSID + accCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
AccountRole result = null;
try {
AccountRoleSubResource subResource =
logger.debug("getAccountRole", dnfe);
}
Response response = Response.status(Response.Status.NOT_FOUND).entity(
- ServiceMessages.GET_FAILED + "account csid=" + accrolecsid).type(
+ ServiceMessages.GET_FAILED + "account csid=" + accCsid).type(
"text/plain").build();
throw new WebApplicationException(response);
} catch (Exception e) {
return result;
}
- public Response deleteAccountRole(
- @PathParam("csid") String accCsid,
- AccountRole input) {
+ /**
+ * Delete account role.
+ *
+ * @param accCsid the acc csid
+ * @param input the input
+ * @return the response
+ */
+ public Response deleteAccountRole(String accCsid, AccountRole input) {
if (logger.isDebugEnabled()) {
logger.debug("deleteAccountRole with accCsid=" + accCsid);
}
ServiceMessages.DELETE_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
throw new WebApplicationException(response);
}
-
}
+
+ @DELETE
+ @Path("{csid}/accountroles")
+ public Response deleteAccountRole(
+ @PathParam("csid") String accCsid) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("deleteAccountRole: All roles related to account with accCsid=" + accCsid);
+ }
+ if (accCsid == null || "".equals(accCsid)) {
+ logger.error("deleteAccountRole: missing accCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.DELETE_FAILED + "accountroles account "
+ + ServiceMessages.MISSING_INVALID_CSID + accCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ try {
+ AccountRoleSubResource subResource =
+ new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
+ //delete all relationships for an account
+ subResource.deleteAccountRole(accCsid, SubjectType.ROLE);
+ return Response.status(HttpResponseCodes.SC_OK).build();
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("caught exception in deleteAccountRole", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.DELETE_FAILED + "account csid=" + accCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.DELETE_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ }
+
}
*/
package org.collectionspace.services.account;
+import java.util.List;
+
+import org.collectionspace.services.account.storage.AccountRoleDocumentHandler;
+//import org.collectionspace.services.authorization.AccountRolesList;
+//import org.collectionspace.services.authorization.AccountRolesList.AccountRoleListItem;
import org.collectionspace.services.authorization.AccountRole;
+import org.collectionspace.services.authorization.AccountValue;
import org.collectionspace.services.authorization.AccountRoleRel;
import org.collectionspace.services.authorization.SubjectType;
import org.collectionspace.services.common.document.DocumentHandler;
import org.collectionspace.services.common.storage.StorageClient;
import org.collectionspace.services.common.storage.jpa.JpaRelationshipStorageClient;
+import org.collectionspace.services.common.storage.jpa.JpaStorageUtils;
import org.collectionspace.services.common.context.ServiceContextProperties;
import org.slf4j.Logger;
* @author
*/
public class AccountRoleSubResource
- extends AbstractCollectionSpaceResourceImpl<AccountRole, AccountRole> {
+// extends AbstractCollectionSpaceResourceImpl<AccountRole, AccountRolesList> {
+ extends AbstractCollectionSpaceResourceImpl<AccountRole, AccountRole> {
final public static String ACCOUNT_ACCOUNTROLE_SERVICE = "accounts/accountroles";
final public static String ROLE_ACCOUNTROLE_SERVICE = "roles/accountroles";
*/
@Override
public ServiceContextFactory<AccountRole, AccountRole> getServiceContextFactory() {
+// public ServiceContextFactory<AccountRole, AccountRolesList> getServiceContextFactory() {
return RemoteServiceContextFactory.get();
}
ServiceContext<AccountRole, AccountRole> ctx = createServiceContext(input, subject);
DocumentHandler handler = createDocumentHandler(ctx);
- return getStorageClient(ctx).create(ctx, handler);
+
+ String bogusCsid = getStorageClient(ctx).create(ctx, handler);
+
+ return bogusCsid;
}
/**
return result;
}
+ /**
+ * Gets the account role.
+ *
+ * @param csid the csid
+ * @param subject the subject
+ * @param accountRoleCsid the account role csid
+ * @return the account role
+ * @throws Exception the exception
+ */
+ public AccountRoleRel getAccountRoleRel(String csid,
+ SubjectType subject,
+ String accountRoleCsid) throws Exception {
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("getAccountRole with csid=" + csid);
+ }
+// AccountRolesList result = new AccountRolesList();
+ ServiceContext<AccountRole, AccountRole> ctx = createServiceContext((AccountRole) null, subject);
+ AccountRoleDocumentHandler handler = (AccountRoleDocumentHandler)createDocumentHandler(ctx);
+ handler.setAccountRoleCsid(accountRoleCsid);
+ //getStorageClient(ctx).get(ctx, csid, handler);
+ AccountRoleRel accountRoleRel = (AccountRoleRel)JpaStorageUtils.getEntity(new Long(accountRoleCsid).longValue(), AccountRoleRel.class);
+// List<AccountRoleListItem> accountRoleList = result.getAccountRoleListItems();
+// AccountRoleListItem listItem = new AccountRoleListItem();
+// // fill the item
+// listItem.setCsid(accountRoleRel.getHjid().toString());
+// listItem.setRoleId(accountRoleRel.getRoleId());
+// listItem.setRoleName(accountRoleRel.getRoleName());
+ // add item to result list
+// result = (AccountRolesList) ctx.getOutput();
+
+ return accountRoleRel;
+ }
+
+ /**
+ * X_delete account role.
+ *
+ * @param csid the csid
+ * @param subject the subject
+ * @throws Exception the exception
+ */
+ public void x_deleteAccountRole(String csid,
+ SubjectType subject) throws Exception {
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("deleteAccountRole with csid=" + csid);
+ }
+ AccountRole toDelete = getAccountRole(csid, subject);
+ deleteAccountRole(csid, subject, toDelete);
+ }
+
/**
* deleteAccountRole deletes all account-role relationships using given
* csid of object (account/role) and subject (role/account)
import java.util.ArrayList;
import java.util.List;
+//import org.collectionspace.services.authorization.AccountRolesList;
+//import org.collectionspace.services.authorization.AccountRolesList.AccountRoleListItem;
+
+import org.collectionspace.services.common.authorization_mgt.AuthorizationRoleRel;
import org.collectionspace.services.authorization.AccountRole;
import org.collectionspace.services.authorization.AccountRoleRel;
import org.collectionspace.services.authorization.AccountValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+// TODO: Auto-generated Javadoc
/**
- * Document handler for AccountRole association
- * @author
+ * Document handler for AccountRole association.
+ *
+ * @author
*/
public class AccountRoleDocumentHandler
- extends JpaDocumentHandler<AccountRole,
PermissionsRolesList, List<AccountRoleRel>, List<AccountRoleRel>> {
+ extends JpaDocumentHandler<AccountRole,
AccountRole, List<AccountRoleRel>, List<AccountRoleRel>> {
+ /** The logger. */
private final Logger logger = LoggerFactory.getLogger(AccountRoleDocumentHandler.class);
+
+ /** The account role. */
private AccountRole accountRole;
- private PermissionsRolesList accountRolesList;
-
+// private AccountRolesList accountRolesList;
+ /** The account role csid. */
+ private String accountRoleCsid = null;
+
+ /**
+ * Gets the account role csid.
+ *
+ * @return the account role csid
+ */
+ public String getAccountRoleCsid() {
+ return this.accountRoleCsid;
+ }
+
+ /**
+ * Sets the account role csid.
+ *
+ * @param theAccountRoleCsid the new account role csid
+ */
+ public void setAccountRoleCsid(String theAccountRoleCsid) {
+ this.accountRoleCsid = theAccountRoleCsid;
+ }
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleCreate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleCreate(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
fillCommonPart(getCommonPart(), wrapDoc);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleUpdate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleUpdate(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeUpdate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void completeUpdate(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGet(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleGet(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
+ AccountRole output = extractCommonPart(wrapDoc);
setCommonPart(extractCommonPart(wrapDoc));
- getServiceContext().setOutput(accountRole);
+// AccountRole accountRoleList = extractCommonPartList(wrapDoc);
+ getServiceContext().setOutput(output);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGetAll(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleGetAll(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleDelete(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleDelete(DocumentWrapper<List<AccountRoleRel>> wrapDoc) throws Exception {
- fillCommonPart(getCommonPart(), wrapDoc);
+ fillCommonPart(getCommonPart(), wrapDoc, true);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPartList(org.collectionspace.services.common.document.DocumentWrapper)
+ */
+ @Override
+ public AccountRole extractCommonPartList(
+ DocumentWrapper<List<AccountRoleRel>> wrapDoc)
+ throws Exception {
+
+ throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler");
+
+// AccountRolesList result = new AccountRolesList();
+// List<AccountRoleRel> arrl = wrapDoc.getWrappedObject();
+// AccountRole ar = new AccountRole();
+// SubjectType subject = getSubject(getServiceContext());
+// if (arrl.size() == 0) {
+// return result;
+// }
+//
+//// result.setSubject(subject);
+// AccountRoleRel ar0 = arrl.get(0);
+// AccountValue av = buildAccountValue(ar0);
+//// result.setAccount(av);
+//
+// List<AccountRoleListItem> accountRoleListItems = result.getAccountRoleListItems();
+// if (accountRoleListItems == null) {
+// accountRoleListItems = new ArrayList<AccountRoleListItem>();
+// }
+// for (AccountRoleRel e : arrl) {
+// AccountRoleListItem accountRoleListItem = new AccountRoleListItem();
+// // fill the item
+// accountRoleListItem.setRoleName(e.getRoleName());
+// accountRoleListItem.setRoleId(e.getRoleId());
+// accountRoleListItem.setCsid(e.getHjid().toString());
+// // add item to result list
+// accountRoleListItems.add(accountRoleListItem);
+// }
+//
+// //
+// // Old Sanjay code
+// //
+//
+// ar0 = arrl.get(0);
+// if (SubjectType.ROLE.equals(subject)) {
+//
+// List<AccountValue> avs = new ArrayList<AccountValue>();
+// ar.setAccounts(avs);
+// av = buildAccountValue(ar0);
+// avs.add(av);
+//
+// //add roles
+// List<RoleValue> rvs = new ArrayList<RoleValue>();
+// ar.setRoles(rvs);
+// for (AccountRoleRel arr : arrl) {
+// RoleValue rv = buildRoleValue(arr);
+// rvs.add(rv);
+// }
+// } else if (SubjectType.ACCOUNT.equals(subject)) {
+//
+// List<RoleValue> rvs = new ArrayList<RoleValue>();
+// ar.setRoles(rvs);
+// RoleValue rv = buildRoleValue(ar0);
+// rvs.add(rv);
+//
+// //add accounts
+// List<AccountValue> avs = new ArrayList<AccountValue>();
+// ar.setAccounts(avs);
+// for (AccountRoleRel arr : arrl) {
+// av = buildAccountValue(arr);
+// avs.add(av);
+// }
+// }
+// return result;
+ }
+
+ public void fillCommonPart(AccountRole ar,
+ DocumentWrapper<List<AccountRoleRel>> wrapDoc,
+ boolean handleDelete)
+ throws Exception {
+ List<AccountRoleRel> arrl = wrapDoc.getWrappedObject();
+ SubjectType subject = ar.getSubject();
+ if (subject == null) {
+ //it is not required to give subject as URI determines the subject
+ subject = getSubject(getServiceContext());
+ } else {
+ //subject mismatch should have been checked during validation
+ }
+ if (subject.equals(SubjectType.ROLE)) {
+ //FIXME: potential index out of bounds exception...negative test needed
+ AccountValue av = ar.getAccounts().get(0);
+
+ for (RoleValue rv : ar.getRoles()) {
+ AccountRoleRel arr = buildAccountRoleRel(av, rv, handleDelete);
+ arrl.add(arr);
+ }
+ } else if (SubjectType.ACCOUNT.equals(subject)) {
+ //FIXME: potential index out of bounds exception...negative test needed
+ RoleValue rv = ar.getRoles().get(0);
+ for (AccountValue av : ar.getAccounts()) {
+ AccountRoleRel arr = buildAccountRoleRel(av, rv, handleDelete);
+ arrl.add(arr);
+ }
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#fillCommonPart(java.lang.Object, org.collectionspace.services.common.document.DocumentWrapper)
+ */
+ @Override
+ public void fillCommonPart(AccountRole ar,
+ DocumentWrapper<List<AccountRoleRel>> wrapDoc)
+ throws Exception {
+ fillCommonPart(ar, wrapDoc, false);
+ }
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPart(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public AccountRole extractCommonPart(
DocumentWrapper<List<AccountRoleRel>> wrapDoc)
List<RoleValue> rvs = new ArrayList<RoleValue>();
ar.setRoles(rvs);
for (AccountRoleRel arr : arrl) {
- RoleValue rv = buildRoleValue(arr);
+ RoleValue rv = AuthorizationRoleRel.buildRoleValue(arr);
rvs.add(rv);
}
} else if (SubjectType.ACCOUNT.equals(subject)) {
List<RoleValue> rvs = new ArrayList<RoleValue>();
ar.setRoles(rvs);
- RoleValue rv = buildRoleValue(ar0);
+ RoleValue rv = AuthorizationRoleRel.buildRoleValue(ar0);
rvs.add(rv);
//add accounts
return ar;
}
- @Override
- public void fillCommonPart(AccountRole ar, DocumentWrapper<List<AccountRoleRel>> wrapDoc)
- throws Exception {
- List<AccountRoleRel> arrl = wrapDoc.getWrappedObject();
- SubjectType subject = ar.getSubject();
- if (subject == null) {
- //it is not required to give subject as URI determines the subject
- subject = getSubject(getServiceContext());
- } else {
- //subject mismatch should have been checked during validation
- }
- if (subject.equals(SubjectType.ROLE)) {
- //FIXME: potential index out of bounds exception...negative test needed
- AccountValue av = ar.getAccounts().get(0);
-
- for (RoleValue rv : ar.getRoles()) {
- AccountRoleRel arr = buildAccountRoleRel(av, rv);
- arrl.add(arr);
- }
- } else if (SubjectType.ACCOUNT.equals(subject)) {
- //FIXME: potential index out of bounds exception...negative test needed
- RoleValue rv = ar.getRoles().get(0);
- for (AccountValue av : ar.getAccounts()) {
- AccountRoleRel arr = buildAccountRoleRel(av, rv);
- arrl.add(arr);
- }
- }
- }
-
- @Override
- public PermissionsRolesList extractCommonPartList(
- DocumentWrapper<List<AccountRoleRel>> wrapDoc)
- throws Exception {
-
- throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler");
- }
-
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPart()
+ */
@Override
public AccountRole getCommonPart() {
return accountRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPart(java.lang.Object)
+ */
@Override
public void setCommonPart(AccountRole accountRole) {
this.accountRole = accountRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPartList()
+ */
@Override
- public PermissionsRolesList getCommonPartList() {
- return accountRolesList;
+ public AccountRole getCommonPartList() {
+ return accountRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPartList(java.lang.Object)
+ */
@Override
- public void setCommonPartList(PermissionsRolesList accountRolesList) {
- this.accountRolesList = accountRolesList;
+ public void setCommonPartList(AccountRole theAccountRole) {
+// this.accountRolesList = accountRolesList;
+ this.accountRole = theAccountRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getQProperty(java.lang.String)
+ */
@Override
public String getQProperty(
String prop) {
return null;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#createDocumentFilter()
+ */
@Override
public DocumentFilter createDocumentFilter() {
return new DocumentFilter(this.getServiceContext());
}
+ /**
+ * Builds the account value.
+ *
+ * @param arr the arr
+ * @return the account value
+ */
private AccountValue buildAccountValue(AccountRoleRel arr) {
AccountValue av = new AccountValue();
av.setAccountId(arr.getAccountId());
return av;
}
- private RoleValue buildRoleValue(AccountRoleRel arr) {
- RoleValue rv = new RoleValue();
- rv.setRoleId(arr.getRoleId());
- rv.setRoleName(arr.getRoleName());
- return rv;
- }
-
- private AccountRoleRel buildAccountRoleRel(AccountValue av, RoleValue rv) {
+ /**
+ * Builds the account role rel.
+ *
+ * @param av the av
+ * @param rv the rv
+ * @return the account role rel
+ */
+ private AccountRoleRel buildAccountRoleRel(AccountValue av, RoleValue rv, boolean handleDelete) {
AccountRoleRel arr = new AccountRoleRel();
arr.setAccountId(av.getAccountId());
arr.setUserId(av.getUserId());
arr.setScreenName(av.getScreenName());
-
arr.setRoleId(rv.getRoleId());
arr.setRoleName(rv.getRoleName());
+
+ String relationshipId = rv.getRoleRelationshipId();
+ if (relationshipId != null && handleDelete == true) {
+ arr.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation
+ }
return arr;
}
+ /**
+ * Gets the subject.
+ *
+ * @param ctx the ctx
+ * @return the subject
+ */
static SubjectType getSubject(ServiceContext ctx) {
Object o = ctx.getProperty(ServiceContextProperties.SUBJECT);
if (o == null) {
return permissionRoleProxy.read(csid, prcsid);
}
+ /**
+ * Read.
+ *
+ * @param csid the csid
+ * @param prcsid relationship does not have an id, junk is fine
+ * @return the client response
+ * @see
+ */
+ public ClientResponse<PermissionRole> read(String csid) {
+ return permissionRoleProxy.read(csid);
+ }
+
/**
* Creates the.
*
public ClientResponse<Response> delete(String csid, PermissionRole permRole) {
return permissionRoleProxy.delete(csid, "delete", permRole);
}
+
+ @Override
+ public ClientResponse<Response> delete(String csid) {
+ return permissionRoleProxy.delete(csid);
+ }
+
}
package org.collectionspace.services.client;
import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
@Path("/{csid}/permroles")
ClientResponse<Response> create(@PathParam("csid") String csid, PermissionRole permRole);
+ //(R)ead
+ @GET
+ @Path("/{csid}/permroles")
+ ClientResponse<PermissionRole> read(@PathParam("csid") String csid);
+
//(R)ead
@GET
@Path("/{csid}/permroles/{prcsid}")
ClientResponse<PermissionRole> read(@PathParam("csid") String csid,
@PathParam("prcsid") String prcsid);
-
+ //(D)elete
@POST
@Path("/{csid}/permroles")
ClientResponse<Response> delete(@PathParam("csid") String csid,
@QueryParam("_method") String method,
PermissionRole permRole);
+
+ //(D)elete
+ @DELETE
+ @Path("/{csid}/permroles")
+ ClientResponse<Response> delete(@PathParam("csid") String csid);
+
}
import org.jboss.resteasy.client.ClientResponse;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
+// TODO: Auto-generated Javadoc
/**
* A RolePermissionClient.
* Read.
*
* @param csid the csid
- * @param prcsid relationship does not have an id, junk is fine
* @return the client response
* @see
*/
+ public ClientResponse<PermissionRole> read(String csid) {
+ return rolePermissionProxy.read(csid);
+ }
+
+ /**
+ * Read.
+ *
+ * @param csid the csid
+ * @param prcsid the prcsid
+ * @return the client response
+ */
public ClientResponse<PermissionRole> read(String csid, String prcsid) {
return rolePermissionProxy.read(csid, prcsid);
}
}
/**
- * delete given relationships between given role and permission(s)
- * @param csid
- * @param permRole
- * @return
+ * delete given relationships between given role and permission(s).
+ *
+ * @param csid the csid
+ * @param permRole the perm role
+ * @return the client response
*/
public ClientResponse<Response> delete(String csid, PermissionRole permRole) {
return rolePermissionProxy.delete(csid, "delete", permRole);
}
+
+ /**
+ * delete given relationships between given role and permission(s).
+ *
+ * @param csid the csid
+ * @return the client response
+ */
+ @Override
+ public ClientResponse<Response> delete(String csid) {
+ return rolePermissionProxy.delete(csid);
+ }
}
@Path("/{csid}/permroles")
ClientResponse<Response> create(@PathParam("csid") String csid, PermissionRole permRole);
+ //(R)ead
+ @GET
+ @Path("/{csid}/permroles")
+ ClientResponse<PermissionRole> read(@PathParam("csid") String csid);
+
//(R)ead
@GET
@Path("/{csid}/permroles/{prcsid}")
ClientResponse<PermissionRole> read(@PathParam("csid") String csid,
@PathParam("prcsid") String prcsid);
-
+ //(D)elete - with a payload
@POST
@Path("/{csid}/permroles")
ClientResponse<Response> delete(@PathParam("csid") String csid,
@QueryParam("_method") String method, PermissionRole permRole);
+
+ //(D)elete
+ @DELETE
+ @Path("/{csid}/permroles")
+ ClientResponse<Response> delete(@PathParam("csid") String csid);
}
import java.util.Hashtable;
import java.util.List;
import javax.ws.rs.core.Response;
-import org.collectionspace.services.authorization.EffectType;
+import org.collectionspace.services.jaxb.AbstractCommonList;
+import org.collectionspace.services.authorization.EffectType;
import org.collectionspace.services.authorization.Permission;
import org.collectionspace.services.authorization.PermissionAction;
import org.collectionspace.services.authorization.PermissionRole;
import org.collectionspace.services.authorization.PermissionValue;
import org.collectionspace.services.authorization.Role;
import org.collectionspace.services.authorization.RoleValue;
+
import org.collectionspace.services.client.CollectionSpaceClient;
import org.collectionspace.services.client.PermissionClient;
import org.collectionspace.services.client.PermissionFactory;
import org.collectionspace.services.client.PermissionRoleFactory;
import org.collectionspace.services.client.RoleClient;
import org.collectionspace.services.client.RoleFactory;
+
import org.collectionspace.services.client.test.AbstractServiceTestImpl;
import org.collectionspace.services.client.test.ServiceRequestType;
-import org.collectionspace.services.jaxb.AbstractCommonList;
+
import org.jboss.resteasy.client.ClientResponse;
import org.testng.Assert;
ClientResponse<PermissionRole> res = null;
try {
res = client.read(
- permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId(), "123");
+ permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
PermissionRoleClient client = new PermissionRoleClient();
ClientResponse<PermissionRole> res = null;
try {
- res = client.read(NON_EXISTENT_ID, "123");
+ res = client.read(NON_EXISTENT_ID);
int statusCode = res.getStatus();
// Check the status code of the response: does it match
ClientResponse<PermissionRole> res = null;
try {
res = client.read(
- permValues.get(TEST_SERVICE_NAME + TEST_MARKER + NO_REL_SUFFIX).getPermissionId(), "123");
+ permValues.get(TEST_SERVICE_NAME + TEST_MARKER + NO_REL_SUFFIX).getPermissionId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
// Perform setup.
setupDelete();
- // Submit the request to the service and store the response.
+ //
+ //
+ //
PermissionRoleClient client = new PermissionRoleClient();
- ClientResponse<Response> res = null;
+ ClientResponse<PermissionRole> readResponse = client.read(
+ permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId());
+ PermissionRole toDelete = null;
try {
- PermissionValue pv = permValues.get(TEST_SERVICE_NAME + TEST_MARKER);
- PermissionRole permRole = createPermissionRoleInstance(pv,
- roleValues.values(), true, true);
- res = client.delete(pv.getPermissionId(), permRole);
- int statusCode = res.getStatus();
+ toDelete = readResponse.getEntity();
+ } finally {
+ readResponse.releaseConnection();
+ }
- // Check the status code of the response: does it match
- // the expected response(s)?
- if (logger.isDebugEnabled()) {
- logger.debug(testName + ": status = " + statusCode);
- }
+ ClientResponse<Response> res = client.delete(
+ toDelete.getPermissions().get(0).getPermissionId(), toDelete);
+ try {
+ int statusCode = res.getStatus();
Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
res.releaseConnection();
}
}
+
+ //
+ // recreate 'TEST_SERVICE_NAME + TEST_MARKER' account and roles
+ //
+ create(testName);
+ setupDelete();
+
+ //
+ // Lookup a know permission, and delete all of its role relationships
+ //
+ readResponse = client.read(
+ permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId());
+ toDelete = null;
+ try {
+ toDelete = readResponse.getEntity();
+ } finally {
+ readResponse.releaseConnection();
+ }
+
+ res = client.delete(toDelete.getPermissions().get(0).getPermissionId());
+ try {
+ int statusCode = res.getStatus();
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
+ } finally {
+ res.releaseConnection();
+ }
+
}
// Failure outcomes
RolePermissionClient client = new RolePermissionClient();
ClientResponse<PermissionRole> res = null;
try {
- res = client.read(
- roleValues.get(getRoleName()).getRoleId(), "123");
+ res = client.read(roleValues.get(getRoleName()).getRoleId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
ClientResponse<PermissionRole> res = null;
try {
- res = client.read(NON_EXISTENT_ID, "123");
+ res = client.read(NON_EXISTENT_ID);
int statusCode = res.getStatus();
// Check the status code of the response: does it match
ClientResponse<PermissionRole> res = null;
try {
- res = client.read(roleValues.get(getRoleName() + NO_REL_SUFFIX).getRoleId(), "123");
+ res = client.read(roleValues.get(getRoleName() + NO_REL_SUFFIX).getRoleId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
if (logger.isDebugEnabled()) {
logger.debug(testBanner(testName, CLASS_NAME));
}
- ;
+
// Perform setup.
setupDelete();
-
+
// Submit the request to the service and store the response.
RolePermissionClient client = new RolePermissionClient();
+ RoleValue rv = roleValues.get(getRoleName());
+ ClientResponse<Response> delRes = null;
+ try {
+ delRes = client.delete(rv.getRoleId());
+ int statusCode = delRes.getStatus();
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
+ } finally {
+ if (delRes != null) {
+ delRes.releaseConnection();
+ }
+ }
+
+ // reset for next delete
+ create(testName);
+ setupDelete();
+
+ rv = roleValues.get(getRoleName());
+ ClientResponse<PermissionRole> readResponse = client.read(rv.getRoleId());
+ PermissionRole toDelete = readResponse.getEntity();
+ readResponse.releaseConnection();
+
+ rv = toDelete.getRoles().get(0);
ClientResponse<Response> res = null;
try {
- RoleValue rv = roleValues.get(getRoleName());
- PermissionRole permRole = createPermissionRoleInstance(rv,
- permValues.values(), true, true);
res = client.delete(
- roleValues.get(getRoleName()).getRoleId(), permRole);
+ rv.getRoleId(), toDelete);
int statusCode = res.getStatus();
-
- // Check the status code of the response: does it match
- // the expected response(s)?
- if (logger.isDebugEnabled()) {
- logger.debug(testName + ": status = " + statusCode);
- }
Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
List<PermissionRoleRel> permRoleRels = new ArrayList<PermissionRoleRel>();
for (PermissionRole pr : authzGen.getDefaultPermissionRoles()) {
- PermissionRoleUtil.buildPermissionRoleRel(pr, SubjectType.ROLE, permRoleRels);
+ PermissionRoleUtil.buildPermissionRoleRel(pr, SubjectType.ROLE, permRoleRels, false /*not for delete*/);
}
for (PermissionRoleRel permRoleRel : permRoleRels) {
authzStore.store(permRoleRel);
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
+
+import org.collectionspace.services.authorization.storage.PermissionRoleDocumentHandler;
import org.collectionspace.services.authorization.storage.AuthorizationDelegate;
+import org.collectionspace.services.common.storage.StorageClient;
+import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
import org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl;
-//import org.collectionspace.services.common.context.RemoteServiceContextImpl;
import org.collectionspace.services.common.ServiceMessages;
import org.collectionspace.services.common.context.ServiceContext;
import org.collectionspace.services.common.context.RemoteServiceContextFactory;
import org.collectionspace.services.common.document.DocumentNotFoundException;
import org.collectionspace.services.common.document.DocumentHandler;
import org.collectionspace.services.common.security.UnauthorizedException;
-import org.collectionspace.services.common.storage.StorageClient;
-import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
+
import org.jboss.resteasy.util.HttpResponseCodes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@GET
@Path("{csid}/permroles/{permrolecsid}")
- public PermissionRole getPermissionRole(
+ public PermissionRoleRel getPermissionRole(
@PathParam("csid") String permCsid,
@PathParam("permrolecsid") String permrolecsid) {
if (logger.isDebugEnabled()) {
"text/plain").build();
throw new WebApplicationException(response);
}
+ PermissionRoleRel result = null;
+ try {
+ PermissionRoleSubResource subResource =
+ new PermissionRoleSubResource(PermissionRoleSubResource.PERMISSION_PERMROLE_SERVICE);
+ //get relationships for a permission
+ result = subResource.getPermissionRoleRel(permCsid, SubjectType.ROLE, permrolecsid);
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getPermissionRole", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "permroles permission csid=" + permCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getPermissionRole", e);
+ }
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.GET_FAILED
+ + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ if (result == null) {
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "permroles permisison csid=" + permCsid
+ + ": was not found.").type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ return result;
+ }
+
+ @GET
+ @Path("{csid}/permroles")
+ public PermissionRole getPermissionRole(
+ @PathParam("csid") String permCsid) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getPermissionRole with permCsid=" + permCsid);
+ }
+ if (permCsid == null || "".equals(permCsid)) {
+ logger.error("getPermissionRole: missing permCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.GET_FAILED + "permroles permission "
+ + ServiceMessages.MISSING_INVALID_CSID + permCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
PermissionRole result = null;
try {
PermissionRoleSubResource subResource =
return result;
}
- public Response deletePermissionRole(
- @PathParam("csid") String permCsid,
- PermissionRole input) {
+ /**
+ * Delete permission role.
+ *
+ * @param permCsid the perm csid
+ * @param input the input
+ * @return the response
+ */
+ public Response deletePermissionRole(String permCsid, PermissionRole input) {
if (logger.isDebugEnabled()) {
- logger.debug("deletePermissionRole with permCsid=" + permCsid);
+ logger.debug("Delete payload of permrole relationships with permission permCsid=" + permCsid);
}
if (permCsid == null || "".equals(permCsid)) {
logger.error("deletePermissionRole: missing permCsid!");
}
}
+
+ /**
+ * Delete permission role.
+ *
+ * @param permCsid the perm csid
+ * @return the response
+ */
+ @DELETE
+ @Path("{csid}/permroles")
+ public Response deletePermissionRole(
+ @PathParam("csid") String permCsid) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("Delete all the role relationships of the permissions with permCsid=" + permCsid);
+ }
+ if (permCsid == null || "".equals(permCsid)) {
+ logger.error("deletePermissionRole: missing permCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.DELETE_FAILED + "permroles permission "
+ + ServiceMessages.MISSING_INVALID_CSID + permCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ try {
+ PermissionRoleSubResource subResource =
+ new PermissionRoleSubResource(PermissionRoleSubResource.PERMISSION_PERMROLE_SERVICE);
+ //delete all relationships for a permission
+ subResource.deletePermissionRole(permCsid, SubjectType.ROLE);
+ return Response.status(HttpResponseCodes.SC_OK).build();
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("caught exception in deletePermissionRole", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.DELETE_FAILED + "permisison csid=" + permCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.DELETE_FAILED
+ + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ }
+
}
*/
package org.collectionspace.services.authorization;
+import org.collectionspace.services.authorization.storage.PermissionRoleDocumentHandler;
+
import org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl;
import org.collectionspace.services.common.context.RemoteServiceContextFactory;
import org.collectionspace.services.common.context.ServiceContext;
import org.collectionspace.services.common.document.DocumentHandler;
import org.collectionspace.services.common.storage.StorageClient;
import org.collectionspace.services.common.storage.jpa.JpaRelationshipStorageClient;
+import org.collectionspace.services.common.storage.jpa.JpaStorageUtils;
import org.collectionspace.services.common.context.ServiceContextProperties;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
final Logger logger = LoggerFactory.getLogger(PermissionRoleSubResource.class);
/** The storage client. */
final StorageClient storageClient = new JpaRelationshipStorageClient<PermissionRole>();
+ //
+ private String permissionRoleCsid = null;
+ /**
+ * Instantiates a new permission role sub resource.
+ *
+ * @param serviceName the service name
+ */
public PermissionRoleSubResource(String serviceName) {
this.serviceName = serviceName;
}
+
/* (non-Javadoc)
* @see org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl#getVersionString()
*/
-
@Override
protected String getVersionString() {
/** The last change revision. */
return getStorageClient(ctx).create(ctx, handler);
}
+ /**
+ * Gets the permission role rel.
+ *
+ * @param csid the csid
+ * @param subject the subject
+ * @param permissionRoleCsid the permission role csid
+ * @return the permission role rel
+ * @throws Exception the exception
+ */
+ public PermissionRoleRel getPermissionRoleRel(String csid,
+ SubjectType subject,
+ String permissionRoleCsid) throws Exception {
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("getAccountRole with csid=" + csid);
+ }
+// AccountRolesList result = new AccountRolesList();
+ ServiceContext<PermissionRole, PermissionRole> ctx = createServiceContext((PermissionRole) null, subject);
+ PermissionRoleDocumentHandler handler = (PermissionRoleDocumentHandler)createDocumentHandler(ctx);
+ handler.setPermissionRoleCsid(permissionRoleCsid);
+ //getStorageClient(ctx).get(ctx, csid, handler);
+ PermissionRoleRel permissionRoleRel = (PermissionRoleRel)JpaStorageUtils.getEntity(
+ new Long(permissionRoleCsid).longValue(), PermissionRoleRel.class);
+// List<AccountRoleListItem> accountRoleList = result.getAccountRoleListItems();
+// AccountRoleListItem listItem = new AccountRoleListItem();
+// // fill the item
+// listItem.setCsid(accountRoleRel.getHjid().toString());
+// listItem.setRoleId(accountRoleRel.getRoleId());
+// listItem.setRoleName(accountRoleRel.getRoleName());
+ // add item to result list
+// result = (AccountRolesList) ctx.getOutput();
+
+ return permissionRoleRel;
+ }
+
/**
* getPermissionRole retrieves permission-role relationships using given
* csid of object (permission/role) and subject (role/permission)
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+// TODO: Auto-generated Javadoc
/**
* The Class RoleResource.
*/
}
+ /**
+ * Creates the role permission.
+ *
+ * @param method the method
+ * @param roleCsid the role csid
+ * @param input the input
+ * @return the response
+ */
@POST
@Path("{csid}/permroles")
public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
}
}
+ /**
+ * Gets the role permission.
+ *
+ * @param roleCsid the role csid
+ * @param permrolecsid the permrolecsid
+ * @return the role permission
+ */
@GET
- @Path("{csid}/permroles/{permrolecsid}")
+ @Path("{csid}/permroles")
public PermissionRole getRolePermission(
- @PathParam("csid") String roleCsid,
- @PathParam("permrolecsid") String permrolecsid) {
+ @PathParam("csid") String roleCsid) {
if (logger.isDebugEnabled()) {
logger.debug("getRolePermission with roleCsid=" + roleCsid);
}
return result;
}
- public Response deleteRolePermission(
+ @GET
+ @Path("{csid}/permroles/{permrolecsid}")
+ public PermissionRoleRel getRolePermission(
@PathParam("csid") String roleCsid,
- PermissionRole input) {
+ @PathParam("permrolecsid") String permrolecsid) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getRolePermission with roleCsid=" + roleCsid);
+ }
+ if (roleCsid == null || "".equals(roleCsid)) {
+ logger.error("getRolePermission: missing roleCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.GET_FAILED + "permroles role "
+ + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ PermissionRoleRel result = null;
+ try {
+ PermissionRoleSubResource subResource =
+ new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
+ //get relationships for a role
+ result = subResource.getPermissionRoleRel(roleCsid, SubjectType.PERMISSION, permrolecsid);
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getRolePermission", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("getRolePermission", e);
+ }
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.GET_FAILED
+ + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ if (result == null) {
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid
+ + ": was not found.").type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ return result;
+ }
+
+ /**
+ * Delete role permission.
+ *
+ * @param roleCsid the role csid
+ * @param input the input
+ * @return the response
+ */
+ public Response deleteRolePermission(String roleCsid, PermissionRole input) {
if (logger.isDebugEnabled()) {
logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
}
}
+
+ /**
+ * Delete role permission.
+ *
+ * @param roleCsid the role csid
+ * @return the response
+ */
+ @DELETE
+ @Path("{csid}/permroles")
+ public Response deleteRolePermission(
+ @PathParam("csid") String roleCsid) {
+
+ if (logger.isDebugEnabled()) {
+ logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
+ }
+
+ if (roleCsid == null || "".equals(roleCsid)) {
+ logger.error("deleteRolePermission: missing roleCsid!");
+ Response response = Response.status(Response.Status.BAD_REQUEST).entity(
+ ServiceMessages.DELETE_FAILED + "permroles role "
+ + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ }
+ try {
+ PermissionRoleSubResource subResource =
+ new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
+ //delete all relationships for a permission
+ subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION);
+ return Response.status(HttpResponseCodes.SC_OK).build();
+ } catch (UnauthorizedException ue) {
+ Response response = Response.status(
+ Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED
+ + ue.getErrorReason()).type("text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (DocumentNotFoundException dnfe) {
+ if (logger.isDebugEnabled()) {
+ logger.debug("caught exception in deleteRolePermission", dnfe);
+ }
+ Response response = Response.status(Response.Status.NOT_FOUND).entity(
+ ServiceMessages.DELETE_FAILED + "role csid=" + roleCsid).type(
+ "text/plain").build();
+ throw new WebApplicationException(response);
+ } catch (Exception e) {
+ logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e);
+ Response response = Response.status(
+ Response.Status.INTERNAL_SERVER_ERROR).entity(
+ ServiceMessages.DELETE_FAILED
+ + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build();
+ throw new WebApplicationException(response);
+ }
+
+ }
}
import java.util.ArrayList;
import java.util.List;
+import org.collectionspace.services.authorization.AccountRole;
+import org.collectionspace.services.authorization.AccountRoleRel;
import org.collectionspace.services.authorization.Permission;
import org.collectionspace.services.authorization.PermissionRole;
import org.collectionspace.services.authorization.PermissionRoleRel;
import org.collectionspace.services.authorization.RoleValue;
import org.collectionspace.services.authorization.SubjectType;
+import org.collectionspace.services.common.authorization_mgt.AuthorizationRoleRel;
import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl;
import org.collectionspace.services.common.document.DocumentFilter;
import org.collectionspace.services.common.document.DocumentWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+// TODO: Auto-generated Javadoc
/**
- * Document handler for PermissionRole association
- * @author
+ * Document handler for PermissionRole association.
+ *
+ * @author
*/
public class PermissionRoleDocumentHandler
extends JpaDocumentHandler<PermissionRole, PermissionsRolesList, List<PermissionRoleRel>, List<PermissionRoleRel>> {
+ /** The logger. */
private final Logger logger = LoggerFactory.getLogger(PermissionRoleDocumentHandler.class);
+
+ /** The permission role. */
private PermissionRole permissionRole;
+
+ /** The permission roles list. */
private PermissionsRolesList permissionRolesList;
+ //
+ /** The permission role csid. */
+ private String permissionRoleCsid = null;
+
+ /**
+ * Sets the permission role csid.
+ *
+ * @param thePermissionRoleCsid the new permission role csid
+ */
+ public void setPermissionRoleCsid(String thePermissionRoleCsid) {
+ this.permissionRoleCsid = thePermissionRoleCsid;
+ }
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleCreate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleCreate(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
fillCommonPart(getCommonPart(), wrapDoc);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeCreate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void completeCreate(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
PermissionRole pr = getCommonPart();
AuthorizationDelegate.addPermissions(getServiceContext(), pr);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleUpdate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleUpdate(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeUpdate(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void completeUpdate(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGet(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleGet(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
setCommonPart(extractCommonPart(wrapDoc));
getServiceContext().setOutput(permissionRole);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGetAll(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleGetAll(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleDelete(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void handleDelete(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
- fillCommonPart(getCommonPart(), wrapDoc);
+ fillCommonPart(getCommonPart(), wrapDoc, true);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeDelete(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public void completeDelete(DocumentWrapper<List<PermissionRoleRel>> wrapDoc) throws Exception {
PermissionRole pr = getCommonPart();
AuthorizationDelegate.deletePermissions(getServiceContext(), pr);
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPart(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public PermissionRole extractCommonPart(
DocumentWrapper<List<PermissionRoleRel>> wrapDoc)
List<PermissionValue> pvs = new ArrayList<PermissionValue>();
pr.setPermissions(pvs);
- PermissionValue pv = buildPermissionValue(prr0);
+ PermissionValue pv = AuthorizationRoleRel.buildPermissionValue(prr0);
pvs.add(pv);
//add roles
List<RoleValue> rvs = new ArrayList<RoleValue>();
pr.setRoles(rvs);
for (PermissionRoleRel prr : prrl) {
- RoleValue rv = buildRoleValue(prr);
+ RoleValue rv = AuthorizationRoleRel.buildRoleValue(prr);
rvs.add(rv);
}
} else if (SubjectType.PERMISSION.equals(subject)) {
List<RoleValue> rvs = new ArrayList<RoleValue>();
pr.setRoles(rvs);
- RoleValue rv = buildRoleValue(prr0);
+ RoleValue rv = AuthorizationRoleRel.buildRoleValue(prr0);
rvs.add(rv);
//add permssions
List<PermissionValue> pvs = new ArrayList<PermissionValue>();
pr.setPermissions(pvs);
for (PermissionRoleRel prr : prrl) {
- PermissionValue pv = buildPermissionValue(prr);
+ PermissionValue pv = AuthorizationRoleRel.buildPermissionValue(prr);
pvs.add(pv);
}
}
return pr;
}
- @Override
- public void fillCommonPart(PermissionRole pr, DocumentWrapper<List<PermissionRoleRel>> wrapDoc)
+ /**
+ * Fill common part.
+ *
+ * @param pr the pr
+ * @param wrapDoc the wrap doc
+ * @param handleDelete the handle delete
+ * @throws Exception the exception
+ */
+ public void fillCommonPart(PermissionRole pr,
+ DocumentWrapper<List<PermissionRoleRel>> wrapDoc,
+ boolean handleDelete)
throws Exception {
List<PermissionRoleRel> prrl = wrapDoc.getWrappedObject();
SubjectType subject = pr.getSubject();
} else {
//subject mismatch should have been checked during validation
}
- PermissionRoleUtil.buildPermissionRoleRel(pr, subject, prrl);
+ PermissionRoleUtil.buildPermissionRoleRel(pr, subject, prrl, handleDelete);
}
-
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#fillCommonPart(java.lang.Object, org.collectionspace.services.common.document.DocumentWrapper)
+ */
+ @Override
+ public void fillCommonPart(PermissionRole ar,
+ DocumentWrapper<List<PermissionRoleRel>> wrapDoc)
+ throws Exception {
+ fillCommonPart(ar, wrapDoc, false);
+ }
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPartList(org.collectionspace.services.common.document.DocumentWrapper)
+ */
@Override
public PermissionsRolesList extractCommonPartList(
DocumentWrapper<List<PermissionRoleRel>> wrapDoc)
throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler");
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPart()
+ */
@Override
public PermissionRole getCommonPart() {
return permissionRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPart(java.lang.Object)
+ */
@Override
public void setCommonPart(PermissionRole permissionRole) {
this.permissionRole = permissionRole;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPartList()
+ */
@Override
public PermissionsRolesList getCommonPartList() {
return permissionRolesList;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPartList(java.lang.Object)
+ */
@Override
public void setCommonPartList(PermissionsRolesList permissionRolesList) {
this.permissionRolesList = permissionRolesList;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getQProperty(java.lang.String)
+ */
@Override
public String getQProperty(
String prop) {
return null;
}
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#createDocumentFilter()
+ */
@Override
public DocumentFilter createDocumentFilter() {
return new DocumentFilter(this.getServiceContext());
}
-
- private PermissionValue buildPermissionValue(PermissionRoleRel prr) {
- PermissionValue pv = new PermissionValue();
- pv.setPermissionId(prr.getPermissionId());
- pv.setResourceName(prr.getPermissionResource());
- pv.setActionGroup(prr.getActionGroup());
- return pv;
- }
-
- private RoleValue buildRoleValue(PermissionRoleRel prr) {
- RoleValue rv = new RoleValue();
- rv.setRoleId(prr.getRoleId());
- rv.setRoleName(prr.getRoleName());
- return rv;
- }
}
import org.collectionspace.services.common.context.ServiceContextProperties;
import org.collectionspace.services.common.storage.jpa.JpaStorageUtils;
+// TODO: Auto-generated Javadoc
/**
+ * The Class PermissionRoleUtil.
*
- * @author
+ * @author
*/
public class PermissionRoleUtil {
+ /**
+ * Gets the relation subject.
+ *
+ * @param ctx the ctx
+ * @return the relation subject
+ */
static SubjectType getRelationSubject(ServiceContext ctx) {
Object o = ctx.getProperty(ServiceContextProperties.SUBJECT);
if (o == null) {
return (SubjectType) o;
}
+ /**
+ * Gets the relation subject.
+ *
+ * @param ctx the ctx
+ * @param pr the pr
+ * @return the relation subject
+ */
static SubjectType getRelationSubject(ServiceContext ctx, PermissionRole pr) {
SubjectType subject = pr.getSubject();
if (subject == null) {
/**
* buildPermissionRoleRel builds persistent relationship entities from given
- * permissionrole
+ * permissionrole.
+ *
* @param pr permissionrole
- * @param subject
+ * @param subject the subject
* @param prrl persistent entities built are inserted into this list
+ * @param toDelete the to delete
*/
- static public void buildPermissionRoleRel(PermissionRole pr, SubjectType subject, List<PermissionRoleRel> prrl) {
-
+ static public void buildPermissionRoleRel(PermissionRole pr,
+ SubjectType subject,
+ List<PermissionRoleRel> prrl,
+ boolean handleDelete) {
if (subject.equals(SubjectType.ROLE)) {
//FIXME: potential index out of bounds exception...negative test needed
PermissionValue pv = pr.getPermissions().get(0);
for (RoleValue rv : pr.getRoles()) {
- PermissionRoleRel prr = buildPermissonRoleRel(pv, rv);
+ PermissionRoleRel prr = buildPermissonRoleRel(pv, rv, subject, handleDelete);
prrl.add(prr);
}
} else if (SubjectType.PERMISSION.equals(subject)) {
//FIXME: potential index out of bounds exception...negative test needed
RoleValue rv = pr.getRoles().get(0);
for (PermissionValue pv : pr.getPermissions()) {
- PermissionRoleRel prr = buildPermissonRoleRel(pv, rv);
+ PermissionRoleRel prr = buildPermissonRoleRel(pv, rv, subject, handleDelete);
prrl.add(prr);
}
}
}
- static private PermissionRoleRel buildPermissonRoleRel(PermissionValue pv, RoleValue rv) {
+ /**
+ * Builds the permisson role rel.
+ *
+ * @param pv the pv
+ * @param rv the rv
+ * @param handleDelete the handle delete
+ * @return the permission role rel
+ */
+ static private PermissionRoleRel buildPermissonRoleRel(PermissionValue pv,
+ RoleValue rv,
+ SubjectType subject,
+ boolean handleDelete) {
PermissionRoleRel prr = new PermissionRoleRel();
prr.setPermissionId(pv.getPermissionId());
prr.setPermissionResource(pv.getResourceName());
prr.setActionGroup(pv.getActionGroup());
prr.setRoleId(rv.getRoleId());
prr.setRoleName(rv.getRoleName());
+
+ String relationshipId = null;
+ if (subject.equals(SubjectType.ROLE) == true) {
+ relationshipId = rv.getRoleRelationshipId();
+ } else if (subject.equals(SubjectType.PERMISSION) == true) {
+ relationshipId = pv.getPermRelationshipId();
+ }
+ if (relationshipId != null && handleDelete == true) {
+ prr.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation
+ }
return prr;
}
+ /**
+ * Checks if is invalid tenant.
+ *
+ * @param tenantId the tenant id
+ * @param msgBldr the msg bldr
+ * @return true, if is invalid tenant
+ */
static boolean isInvalidTenant(String tenantId, StringBuilder msgBldr) {
boolean invalid = false;
<xs:schema
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
+ jaxb:version="1.0" elementFormDefault="unqualified"
xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"
xmlns:hj="http://hyperjaxb3.jvnet.org/ejb/schemas/customizations"
xmlns:orm="http://java.sun.com/xml/ns/persistence/orm"
xmlns="http://collectionspace.org/services/authorization"
targetNamespace="http://collectionspace.org/services/authorization"
version="0.1"
- jaxb:version="1.0"
jaxb:extensionBindingPrefixes="hj orm xjc"
>
</xs:sequence>
</xs:complexType>
+ <xs:complexType name="AuthorizationRoleRel">
+ <xs:annotation>
+ <xs:appinfo>
+ <jaxb:class ref="org.collectionspace.services.authorization.AuthorizationRoleRel"/>
+ </xs:appinfo>
+ </xs:annotation>
+ </xs:complexType>
- <xs:complexType name="account_role_rel">
+ <xs:complexType name="account_role_rel">
<xs:annotation>
<xs:documentation>AccountRole defines association between account and role in CollectionSpace</xs:documentation>
<xs:appinfo>
</xs:sequence>
</xs:complexType>
-
+<!--
+ AccountRolesList will eventually replace the above structures/classes as it is the more
+ common format for result lists in CollectionSpace.
+ -->
+ <xs:element name="x_account-roles-list">
+ <xs:complexType>
+ <xs:annotation>
+ <xs:documentation>
+ AccountRoleList defines 1-n association between
+ either account and role or role and account.
+ </xs:documentation>
+ <xs:appinfo>
+ <hj:ignored/>
+ </xs:appinfo>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="x_account-role-list-item" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:annotation>
+ <xs:documentation>
+ </xs:documentation>
+ <xs:appinfo>
+ <hj:ignored/>
+ </xs:appinfo>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="csid" type="xs:string"
+ minOccurs="1"/>
+ <xs:element name="roleName" type="xs:string"
+ minOccurs="1" maxOccurs="1"/>
+ <xs:element name="roleId" type="xs:string"
+ minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
</xs:schema>
-->
<!--xs:annotation>
Note that roles.xsd already defines global bindings for the authorization namespace
- so, it is not necessary to give the bindingings here because all the xsds are compiled
+ so, it is not necessary to give the bindings here because all the xsds are compiled
at once for this namespace
<xs:appinfo>
<jaxb:globalBindings>
</xs:appinfo>
</xs:annotation-->
-
<xs:complexType name="account_value" >
<xs:annotation>
<xs:documentation>
</xs:appinfo>
</xs:annotation>
<xs:sequence>
+ <xs:element name="roleRelationshipId" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="roleId" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="roleName" type="xs:string" minOccurs="1" maxOccurs="1"/>
</xs:sequence>
</xs:appinfo>
</xs:annotation>
<xs:sequence>
+ <xs:element name="permRelationshipId" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="permissionId" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="resourceName" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="actionGroup" type="xs:string" minOccurs="1" maxOccurs="1"/>
create table permissions_roles (HJID bigint not null auto_increment, actionGroup varchar(255), created_at datetime not null, permission_id varchar(128) not null, permission_resource varchar(255), role_id varchar(128) not null, role_name varchar(255), primary key (HJID), unique (permission_id, role_id));
create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), rolegroup varchar(255), rolename varchar(200) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid), unique (rolename, tenant_id));
alter table permissions_actions add index FK85F82042E2DC84FD (ACTIONS_PERMISSION_CSID), add constraint FK85F82042E2DC84FD foreign key (ACTIONS_PERMISSION_CSID) references permissions (csid);
-
</xs:complexType>\r
</xs:element>\r
<!-- FIXME [1.0 alpha] Make fieldCollectionEventName a repeatable scalar field. DONE -->\r
- <xs:element name="fieldCollectionEventNames">\r
+ <xs:element name="fieldColEventNames">\r
<xs:complexType>\r
<xs:sequence>\r
- <xs:element name="fieldCollectionEventName" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>\r
+ <xs:element name="fieldColEventName" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>\r
</xs:sequence>\r
</xs:complexType>\r
</xs:element>\r
<xs:element name="fieldCollectionPlace" type="xs:string"/>
<xs:element name="fieldCollectionSources" type="fieldCollectionSourceList"/>
<xs:element name="fieldCollectors" type="fieldCollectorList"/>
- <xs:element name="fieldCollectionEventNames" type="fieldCollectionEventNameList"/>
+ <xs:element name="fieldColEventNames" type="fieldColEventNameList"/>
<!-- Object Description Date Information -->
<!-- This appears to be a placeholder structured date -->
</xs:sequence>
</xs:complexType>
- <xs:complexType name="fieldCollectionEventNameList">
+ <xs:complexType name="fieldColEventNameList">
<xs:sequence>
- <xs:element name="fieldCollectionEventName" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="fieldColEventName" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
--- /dev/null
+package org.collectionspace.services.common.authorization_mgt;\r
+\r
+import org.collectionspace.services.authorization.PermissionRoleRel;\r
+import org.collectionspace.services.authorization.AccountRoleRel;\r
+import org.collectionspace.services.authorization.PermissionValue;\r
+import org.collectionspace.services.authorization.RoleValue;\r
+\r
+public class AuthorizationRoleRel {\r
+\r
+ /**\r
+ * Builds the role value.\r
+ *\r
+ * @param arr the arr\r
+ * @return the role account value\r
+ */\r
+ static public RoleValue buildRoleValue(AccountRoleRel arr) {\r
+ RoleValue rv = new RoleValue();\r
+ rv.setRoleId(arr.getRoleId());\r
+ rv.setRoleName(arr.getRoleName());\r
+ rv.setRoleRelationshipId(arr.getHjid().toString()); \r
+ return rv;\r
+ }\r
+ \r
+ /**\r
+ * Builds the permission value.\r
+ *\r
+ * @param prr the prr\r
+ * @return the permission value\r
+ */\r
+ static public PermissionValue buildPermissionValue(PermissionRoleRel prr) {\r
+ PermissionValue pv = new PermissionValue();\r
+ pv.setPermissionId(prr.getPermissionId());\r
+ pv.setResourceName(prr.getPermissionResource());\r
+ pv.setActionGroup(prr.getActionGroup());\r
+ pv.setPermRelationshipId(prr.getHjid().toString());\r
+ return pv;\r
+ }\r
+ \r
+ /**\r
+ * Builds the role value.\r
+ *\r
+ * @param prr the prr\r
+ * @return the role value\r
+ */\r
+ static public RoleValue buildRoleValue(PermissionRoleRel prr) {\r
+ RoleValue rv = new RoleValue();\r
+ rv.setRoleId(prr.getRoleId());\r
+ rv.setRoleName(prr.getRoleName());\r
+ rv.setRoleRelationshipId(prr.getHjid().toString());\r
+ return rv;\r
+ }\r
+ \r
+}\r
package org.collectionspace.services.common.storage.jpa;
import org.collectionspace.services.common.context.ServiceContextProperties;
+
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.UUID;
+
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.NoResultException;
import javax.persistence.Query;
+
+import org.collectionspace.services.authorization.AccountRoleRel;
+import org.collectionspace.services.authorization.PermissionRoleRel;
+
import org.collectionspace.services.common.context.ServiceContext;
import org.collectionspace.services.common.document.BadRequestException;
import org.collectionspace.services.common.document.DocumentException;
}
}
}
+
+ /**
+ * Gets the id.
+ *
+ * @param relationship the relationship
+ * @return the id
+ */
+ private Long getId(T relationship) {
+ Long result = null;
+
+ if (relationship != null) {
+ if (relationship instanceof AccountRoleRel) {
+ AccountRoleRel accountRoleRel = (AccountRoleRel)relationship;
+ result = accountRoleRel.getHjid();
+ } else if (relationship instanceof PermissionRoleRel) {
+ PermissionRoleRel permissionRoleRel = (PermissionRoleRel)relationship;
+ result = permissionRoleRel.getHjid();
+ }
+ }
+
+ return result;
+ }
+
+ /**
+ * Gets the relationship.
+ *
+ * @param em the em
+ * @param relationship the relationship
+ * @return the relationship
+ * @throws DocumentNotFoundException the document not found exception
+ */
+ private T getRelationship(EntityManager em, T relationship)
+ throws DocumentNotFoundException {
+ Long id = getId(relationship);
+
+ T relationshipFound = (T)em.find(relationship.getClass(), id);
+ if (relationshipFound == null) {
+ String msg = "Could not find relationship with id=" + id;
+ if (logger.isErrorEnabled() == true) {
+ logger.error(msg);
+ }
+ throw new DocumentNotFoundException(msg);
+ }
+ return relationshipFound;
+ }
/**
* delete removes all the relationships for the object in the relationship
//the following could be much more efficient if done with a single
//sql/jql
for (T r : rl) {
- em.remove(r);
+ em.remove(getRelationship(em, r));
}
em.getTransaction().commit();
handler.complete(Action.DELETE, wrapDoc);
return entityFound;
}
+ public static Object getEntity(long id, Class entityClazz) {
+ EntityManagerFactory emf = null;
+ EntityManager em = null;
+ Object entityFound = null;
+ try {
+ emf = getEntityManagerFactory();
+ em = emf.createEntityManager();
+ //FIXME: it would be nice to verify tenantid as well
+ entityFound = em.find(entityClazz, id);
+ } finally {
+ if (em != null) {
+ releaseEntityManagerFactory(emf);
+ }
+ }
+ return entityFound;
+ }
+
/**
* getEntity with given id and class using given entity manager
*
AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
av, rvs, true, true);
ClientResponse<Response> res = client.delete(
- av.getAccountId(), accRole);
+ av.getAccountId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
PermissionRoleClient client = new PermissionRoleClient();
PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
pv, rvls, true, true);
- ClientResponse<Response> res = client.delete(pv.getPermissionId(), permRole);
+ ClientResponse<Response> res = client.delete(pv.getPermissionId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
av, rvs, true, true);
ClientResponse<Response> res = client.delete(
- av.getAccountId(), accRole);
+ av.getAccountId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
client.setAuth(true, ui.userName, true, ui.password, true);
PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
pv, rvls, true, true);
- ClientResponse<Response> res = client.delete(pv.getPermissionId(), permRole);
+ ClientResponse<Response> res = client.delete(pv.getPermissionId());
int statusCode = res.getStatus();
// Check the status code of the response: does it match
projects / tmp / jakarta-migration.git / commitdiff