// Instance variables specific to this test.
/** The known resource id. */
private String knownResourceId = null;
-
+ private String knownResource = "accounts-test";
/** The add tenant. */
boolean addTenant = true;
/*
*/
@Override
protected CollectionSpaceClient getClientInstance() {
- return new PermissionClient();
+ return new PermissionClient();
}
-
+
/* (non-Javadoc)
* @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse)
*/
@Override
- protected AbstractCommonList getAbstractCommonList(
-
ClientResponse<AbstractCommonList> response) {
- //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
- throw new UnsupportedOperationException();
+ protected AbstractCommonList getAbstractCommonList(
+ ClientResponse<AbstractCommonList> response) {
+ //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
+ throw new UnsupportedOperationException();
}
-
- /* (non-Javadoc)
- * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String)
- */
- @Test(dataProvider = "testName")
- @Override
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String)
+ */
+ @Test(dataProvider = "testName")
+ @Override
public void readPaginatedList(String testName) throws Exception {
- //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
- }
+ //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
+ }
- // ---------------------------------------------------------------
+ // ---------------------------------------------------------------
// CRUD tests : CREATE tests
// ---------------------------------------------------------------
// Success outcomes
/* (non-Javadoc)
- * @see org.collectionspace.services.client.test.ServiceTest#create(java.lang.String)
- */
- @Override
+ * @see org.collectionspace.services.client.test.ServiceTest#create(java.lang.String)
+ */
+ @Override
@Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
public void create(String testName) throws Exception {
// Submit the request to the service and store the response.
List<PermissionAction> actions = PermissionFactory.createDefaultActions();
- Permission permission = createPermissionInstance("accounts",
+ Permission permission = createPermissionInstance(knownResource,
"default permissions for account",
actions,
EffectType.PERMIT,
*/
@Override
public void createWithEmptyEntityBody(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void createWithMalformedXml(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void createWithWrongXmlSchema(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
// ---------------------------------------------------------------
Permission permToUpdate = new Permission();
permToUpdate.setCsid(knownResourceId);
+ permToUpdate.setResourceName(knownResource);
// Update the content of this resource.
- permToUpdate.setResourceName("updated-resource");
+ permToUpdate.setDescription("updated description");
if (logger.isDebugEnabled()) {
logger.debug("updated object");
logger.debug(objectAsXmlString(permToUpdate,
Permission permUpdated = (Permission) res.getEntity();
Assert.assertNotNull(permUpdated);
- Assert.assertEquals(permUpdated.getResourceName(),
- permToUpdate.getResourceName(),
+ Assert.assertEquals(permUpdated.getDescription(),
+ permToUpdate.getDescription(),
"Data in updated object did not match submitted data.");
}
+ @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+ dependsOnMethods = {"read", "readList", "readNonExistent"})
+ public void updateNotAllowed(String testName) throws Exception {
+
+ // Perform setup.
+ setupUpdate(testName);
+
+ Permission permToUpdate = new Permission();
+ permToUpdate.setCsid(knownResourceId);
+ // Update the content of this resource.
+ permToUpdate.setResourceName("updated-resource");
+ if (logger.isDebugEnabled()) {
+ logger.debug("updated object");
+ logger.debug(objectAsXmlString(permToUpdate,
+ Permission.class));
+ }
+ PermissionClient client = new PermissionClient();
+ // Submit the request to the service and store the response.
+ ClientResponse<Permission> res = client.update(knownResourceId, permToUpdate);
+ int statusCode = res.getStatus();
+ // Check the status code of the response: does it match the expected response(s)?
+ if (logger.isDebugEnabled()) {
+ logger.debug(testName + ": status = " + statusCode);
+ }
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+
+ }
+
/**
* Update actions.
*
* @throws Exception the exception
*/
@Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
- dependsOnMethods = {"update"})
+ dependsOnMethods = {"updateNotAllowed"})
public void updateActions(String testName) throws Exception {
// Perform setup.
Permission permToUpdate = new Permission();
permToUpdate.setCsid(knownResourceId);
+ permToUpdate.setResourceName(knownResource);
// Update the content of this resource.
List<PermissionAction> actions = PermissionFactory.createDefaultActions();
int default_actions = actions.size();
*/
@Override
public void updateWithEmptyEntityBody(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void updateWithMalformedXml(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void updateWithWrongXmlSchema(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
// Instance variables specific to this test.
/** The known resource id. */
private String knownResourceId = null;
+ private String knownRoleName = "ROLE_USERS_TEST";
+ private String verifyResourceId = null;
+ private String verifyRoleName = "collections_manager_test";
// private List<String> allResourceIdsCreated = new ArrayList<String>();
/** The add tenant. */
-boolean addTenant = true;
+ boolean addTenant = true;
/*
* This method is called only by the parent class, AbstractServiceTestImpl
*/
*/
@Override
protected CollectionSpaceClient getClientInstance() {
- return new RoleClient();
+ return new RoleClient();
}
-
+
/* (non-Javadoc)
* @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse)
*/
@Override
- protected AbstractCommonList getAbstractCommonList(
-
ClientResponse<AbstractCommonList> response) {
- //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
- throw new UnsupportedOperationException();
+ protected AbstractCommonList getAbstractCommonList(
+ ClientResponse<AbstractCommonList> response) {
+ //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
+ throw new UnsupportedOperationException();
}
-
- /* (non-Javadoc)
- * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String)
- */
- @Test(dataProvider = "testName")
- @Override
+
+ /* (non-Javadoc)
+ * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String)
+ */
+ @Test(dataProvider = "testName")
+ @Override
public void readPaginatedList(String testName) throws Exception {
- //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
- }
-
+ //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
+ }
+
// ---------------------------------------------------------------
// CRUD tests : CREATE tests
// ---------------------------------------------------------------
// Submit the request to the service and store the response.
RoleClient client = new RoleClient();
- Role role = createRoleInstance("ROLE_USERS_TEST",
+ Role role = createRoleInstance(knownRoleName,
"all users are required to be in this role",
true);
ClientResponse<Response> res = client.create(role);
setupCreate(testName);
// Submit the request to the service and store the response.
- RoleClient client = new RoleClient();
- Role role1 = createRoleInstance("ROLE_COLLECTIONS_MANGER_TEST",
+ RoleClient client = new RoleClient();
+ //create a role with lowercase role name without role prefix
+ //the service should make it upper case and add the role prefix
+ Role role1 = createRoleInstance(verifyRoleName,
"collection manager",
true);
ClientResponse<Response> res = client.create(role1);
Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
- allResourceIdsCreated.add(extractId(res));
+ verifyResourceId = extractId(res);
+ allResourceIdsCreated.add(verifyResourceId);
Role role2 = createRoleInstance("ROLE_COLLECTIONS_CURATOR_TEST",
"collections curator",
*/
@Override
public void createWithEmptyEntityBody(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void createWithMalformedXml(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void createWithWrongXmlSchema(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
// ---------------------------------------------------------------
Assert.assertNotNull(output);
}
+ @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+ dependsOnMethods = {"createList"})
+ public void readToVerify(String testName) throws Exception {
+
+ // Perform setup.
+ setupRead(testName);
+
+ // Submit the request to the service and store the response.
+ RoleClient client = new RoleClient();
+ ClientResponse<Role> res = client.read(verifyResourceId);
+ int statusCode = res.getStatus();
+
+ // Check the status code of the response: does it match
+ // the expected response(s)?
+ if (logger.isDebugEnabled()) {
+ logger.debug(testName + ": status = " + statusCode);
+ }
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
+
+ Role output = (Role) res.getEntity();
+ Assert.assertNotNull(output);
+
+ String roleNameToVerify = "ROLE_" + verifyRoleName.toUpperCase();
+ Assert.assertEquals(output.getRoleName(), roleNameToVerify,
+ "RoleName fix did not work!");
+ }
// Failure outcomes
/* (non-Javadoc)
* @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readNonExistent(java.lang.String)
*/
+
@Override
@Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
dependsOnMethods = {"read"})
Role roleToUpdate = new Role();
roleToUpdate.setCsid(knownResourceId);
-
+ roleToUpdate.setRoleName(knownRoleName);
+
// Update the content of this resource.
- roleToUpdate.setRoleName("updated-role");
+ roleToUpdate.setDescription("updated role description");
if (logger.isDebugEnabled()) {
logger.debug("updated object");
logger.debug(objectAsXmlString(roleToUpdate,
Role roleUpdated = (Role) res.getEntity();
Assert.assertNotNull(roleUpdated);
- Assert.assertEquals(roleUpdated.getRoleName(),
- roleToUpdate.getRoleName(),
+ Assert.assertEquals(roleUpdated.getDescription(),
+ roleToUpdate.getDescription(),
"Data in updated object did not match submitted data.");
}
+ @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+ dependsOnMethods = {"read", "readList", "readNonExistent"})
+ public void updateNotAllowed(String testName) throws Exception {
+
+ // Perform setup.
+ setupUpdate(testName);
+
+ Role roleToUpdate = new Role();
+ roleToUpdate.setCsid(knownResourceId);
+ // Update the content of this resource.
+ roleToUpdate.setRoleName("UPDATED-ROLE_USERS_TEST");
+ if (logger.isDebugEnabled()) {
+ logger.debug("updated object");
+ logger.debug(objectAsXmlString(roleToUpdate,
+ Role.class));
+ }
+ RoleClient client = new RoleClient();
+ // Submit the request to the service and store the response.
+ ClientResponse<Role> res = client.update(knownResourceId, roleToUpdate);
+ int statusCode = res.getStatus();
+ // Check the status code of the response: does it match the expected response(s)?
+ if (logger.isDebugEnabled()) {
+ logger.debug(testName + ": status = " + statusCode);
+ }
+ Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+ invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+ Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+
+ }
+
// Failure outcomes
// Placeholders until the three tests below can be uncommented.
// See Issue CSPACE-401.
*/
@Override
public void updateWithEmptyEntityBody(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void updateWithMalformedXml(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
public void updateWithWrongXmlSchema(String testName) throws Exception {
- //FIXME: Should this test really be empty? If so, please comment accordingly.
+ //FIXME: Should this test really be empty? If so, please comment accordingly.
}
/* (non-Javadoc)
*/
@Override
@Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
- dependsOnMethods = {"update"})
+ dependsOnMethods = {"updateNotAllowed"})
public void delete(String testName) throws Exception {
// Perform setup.
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>2bfb81c6-6d08-4928-aa56-1b3c22f52af1</permissionId>
+ <permissionId>5a0bad92-cac6-4694-84d6-d393a52aafd9</permissionId>
<resourceName>idgenerators</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>69302e5e-2600-45e3-937b-b18cd1a1009d</permissionId>
+ <permissionId>3e0a37ab-4ca3-4659-bef6-ff7e7c3ce590</permissionId>
<resourceName>id</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>cd9da6b0-672a-445a-8c91-8eb60790c163</permissionId>
+ <permissionId>0d8826df-d61a-448e-8d8a-9e41bf178582</permissionId>
<resourceName>
/idgenerators/*/ids
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>5a39680a-a76c-4c35-88ce-01ce78f70866</permissionId>
+ <permissionId>f872859a-7f05-4d0a-b898-ef8f1b7745ba</permissionId>
<resourceName>collectionobjects</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>c7adacd4-d663-4979-af33-309cff3c1d5b</permissionId>
+ <permissionId>cca70419-20ce-4bf7-ad9f-cb5d8c542577</permissionId>
<resourceName>
/collectionobjects/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>026c638d-7b59-4e07-9ac8-55f4cf5bcf88</permissionId>
+ <permissionId>ca89d98e-7fc4-44e5-9e5f-fea49bdb7e89</permissionId>
<resourceName>intakes</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>afd64e21-5e85-4103-a005-ebdd1768689e</permissionId>
+ <permissionId>c3e6c0c6-b6c0-4bb1-a03d-2e86857b74b4</permissionId>
<resourceName>
/intakes/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>2e9ceeeb-df32-4f8a-94ad-064b2e56c35e</permissionId>
+ <permissionId>cea2e847-0944-49c0-8746-4622c1169a65</permissionId>
<resourceName>loansin</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>74e0498d-86ff-4e2e-812f-7f894c7a0842</permissionId>
+ <permissionId>b163f821-5791-4044-be1c-ddbd3738a4b4</permissionId>
<resourceName>
/loansin/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>6b1dd0f9-6eb4-40fb-b8d4-c68f85d992fc</permissionId>
+ <permissionId>3a77ffcf-8052-466c-99d7-61fff28d9f88</permissionId>
<resourceName>loansout</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>835ddebc-ab0c-46ca-9bed-7cd65901fec9</permissionId>
+ <permissionId>859d46be-9bf6-4bce-9950-3e07fd35fc91</permissionId>
<resourceName>
/loansout/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>cb18affd-0c86-4c80-85ab-cd01fc0169e4</permissionId>
+ <permissionId>f079772b-b15a-45b9-9e30-ba93ec62886b</permissionId>
<resourceName>movements</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>73c7c7e1-d652-4b1b-8c2f-a0f6d31e861d</permissionId>
+ <permissionId>05a0e8d6-c623-470f-8562-e1ebaa8661a0</permissionId>
<resourceName>
/movements/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>75d80adc-5dc5-4044-b463-ca549f920d12</permissionId>
+ <permissionId>72115711-331e-4e6d-a4d7-2d9ad22bb2e3</permissionId>
<resourceName>vocabularies</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>7ed9eb73-fe3c-4f34-be69-40c7dd4c8cfe</permissionId>
+ <permissionId>401d9a19-add1-475b-97c6-715d18001fed</permissionId>
<resourceName>vocabularyitems</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>ba430b16-d4c2-455d-a5f0-a006c56fba40</permissionId>
+ <permissionId>862e5aa7-40e0-433c-b918-025a649543e0</permissionId>
<resourceName>
/vocabularies/*/items/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>e51f2c07-8cec-423e-909d-f7e26b708250</permissionId>
+ <permissionId>b8fbde29-bb5a-4d88-88c9-01881b4953a7</permissionId>
<resourceName>orgauthorities</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>6057bcf9-6130-42fb-9a39-6912fa337861</permissionId>
+ <permissionId>458a330f-1b4d-4e52-950c-f2aacf9a4870</permissionId>
<resourceName>
/orgauthorities/*/items/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>719809d0-3afb-48b2-bd35-76690eb409d4</permissionId>
+ <permissionId>3552c6ca-c830-4aa0-a940-00296e87ba3d</permissionId>
<resourceName>organizations</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>fd8483fb-8ddc-432f-88fe-6f1f858f5b8d</permissionId>
+ <permissionId>821f288c-4958-405c-bc73-b34f47411066</permissionId>
<resourceName>
/orgauthorities/*/items/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>20fad09b-86b3-4fc4-9f77-e6f0c83e3b4f</permissionId>
+ <permissionId>5a99cd36-768a-4001-b855-d75899fcb19b</permissionId>
<resourceName>
/orgauthorities/*/items/*/refobjs
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>0f5f7073-6ad7-4149-9c7d-522759d08619</permissionId>
+ <permissionId>75127a9c-d433-419e-b2b8-fb3368dc2fd3</permissionId>
<resourceName>personauthorities</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>0bbcae28-a9f8-4093-b797-ec61f4777243</permissionId>
+ <permissionId>33af3708-d5ab-4668-be8f-535de4845150</permissionId>
<resourceName>
/personauthorities/*/items/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>30e5b4c8-853d-406e-9053-7b3689f38e13</permissionId>
+ <permissionId>b918c0ec-7005-4f51-ac6b-62daf86560b1</permissionId>
<resourceName>
/personauthorities/*/items/*/refobjs
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>cee68b4a-5d74-4c7b-99b5-79ea1d6d84e6</permissionId>
+ <permissionId>026f957b-763f-4e31-8a5c-90c6f4c1017d</permissionId>
<resourceName>persons</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>e6166551-917f-4802-bb8f-33e9a26897a6</permissionId>
+ <permissionId>96749d08-3320-408d-b812-815fb0702562</permissionId>
<resourceName>
/personauthorities/*/items/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>cd071fb9-93ab-4d84-9a48-2763cb5505d2</permissionId>
+ <permissionId>6da6f72b-ecf0-4f08-a220-223a2f0e0b16</permissionId>
<resourceName>locationauthorities</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>e66aca29-4fb6-4800-a776-93988d5ae16a</permissionId>
+ <permissionId>454c4a67-e21d-4402-9d13-5f0eb05e6028</permissionId>
<resourceName>
/locationauthorities/*/items/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>6b961b0d-1cb6-4358-a469-4c3b058fee3f</permissionId>
+ <permissionId>8b04ac84-968d-476d-8cac-fc0fd507f8d7</permissionId>
<resourceName>locations</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>51a94926-b603-43f8-9e2d-a371c0e42fc4</permissionId>
+ <permissionId>cdeb851e-0f68-43de-8b29-e2e2b9e3faf3</permissionId>
<resourceName>acquisitions</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>3387d9e0-f942-436e-8f15-8a2b53d6669c</permissionId>
+ <permissionId>c1ada994-34f7-4a5d-a91f-3414ac872bae</permissionId>
<resourceName>
/acquisitions/*/authorityrefs/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>01a98695-da9a-4e94-b94a-f1c18228a520</permissionId>
+ <permissionId>8d4b8274-fc30-4175-b5de-a328d16b898a</permissionId>
<resourceName>relations</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>8703dd4c-72b6-46a6-8c35-fb5bf86a6c92</permissionId>
+ <permissionId>6be0be1c-9269-475a-8ac0-e2cd1e38836c</permissionId>
<resourceName>
relations/subject/*/type/*/object/*
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>97f34c8a-e978-467e-9881-15ebc2d11f05</permissionId>
+ <permissionId>849ece17-b3f6-4792-a7aa-ecf950e76bf5</permissionId>
<resourceName>accounts</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>eb0e3f69-96db-4f05-9316-021094bbcfec</permissionId>
+ <permissionId>a7f645ca-e8be-4c76-9b2b-22d154f487a3</permissionId>
<resourceName>dimensions</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>10d0cf8b-1759-4692-8553-391e2bb568f3</permissionId>
+ <permissionId>cb815554-aab2-43a9-9f4b-49ecd72b95e7</permissionId>
<resourceName>contacts</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>4da515c5-cf33-4eb7-b0ab-3ace1d3192a6</permissionId>
+ <permissionId>3b67af55-4d7a-43b6-aba3-0327aa7f5eb1</permissionId>
<resourceName>
/personauthorities/*/items/*/contacts
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>7a00e318-ea14-4ebb-906f-8aea1bc9f0c4</permissionId>
+ <permissionId>986483a9-d97d-464a-91d8-992c7653e7fa</permissionId>
<resourceName>
/orgauthorities/*/items/*/contacts
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>bda263c9-148f-452d-8e87-98b7427fc054</permissionId>
+ <permissionId>5a619a25-91d8-4fa9-808f-05c3bb349506</permissionId>
<resourceName>notes</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>180ab379-d045-43f9-8ce0-6e7bbc23ce72</permissionId>
+ <permissionId>37f949ba-bdf5-435f-9649-4301bd29b957</permissionId>
<resourceName>authorization/roles</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>1874f2cd-17ce-407a-ae12-31206906ae18</permissionId>
+ <permissionId>dd02ab68-4774-4533-8969-641eca0e0178</permissionId>
<resourceName>authorization/permissions</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>cfe9fa81-c846-4025-b212-5c4a1f51298b</permissionId>
+ <permissionId>64d08e83-0a6b-4c0e-bd63-ce20219463c9</permissionId>
<resourceName>authorization/permissions/permroles</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>39872df7-2f7b-4f80-859a-ee01e3c5c995</permissionId>
+ <permissionId>8eeb4333-fdf1-4171-bd24-d719b24d1452</permissionId>
<resourceName>
/authorization/permissions/*/permroles/
</resourceName>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>7376c78f-faef-40f2-a22a-ee1b4790d951</permissionId>
+ <permissionId>a5f3dd1c-66c2-41a3-bbfb-dd2c72162fe5</permissionId>
<resourceName>accounts/accountroles</resourceName>
</permission>
<role>
<permissionRole>
<subject>ROLE</subject>
<permission>
- <permissionId>305b230d-f5cf-43c4-bdc4-474c0520aeed</permissionId>
+ <permissionId>56145553-6b17-449c-ae8a-b7ed14f85af1</permissionId>
<resourceName>
/accounts/*/accountroles/
</resourceName>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:permissions_list xmlns:ns2="http://collectionspace.org/services/authorization">
- <permission csid="2bfb81c6-6d08-4928-aa56-1b3c22f52af1">
+ <permission csid="5a0bad92-cac6-4694-84d6-d393a52aafd9">
<resourceName>idgenerators</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="69302e5e-2600-45e3-937b-b18cd1a1009d">
+ <permission csid="3e0a37ab-4ca3-4659-bef6-ff7e7c3ce590">
<resourceName>id</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="cd9da6b0-672a-445a-8c91-8eb60790c163">
+ <permission csid="0d8826df-d61a-448e-8d8a-9e41bf178582">
<resourceName>
/idgenerators/*/ids
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="5a39680a-a76c-4c35-88ce-01ce78f70866">
+ <permission csid="f872859a-7f05-4d0a-b898-ef8f1b7745ba">
<resourceName>collectionobjects</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="c7adacd4-d663-4979-af33-309cff3c1d5b">
+ <permission csid="cca70419-20ce-4bf7-ad9f-cb5d8c542577">
<resourceName>
/collectionobjects/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="026c638d-7b59-4e07-9ac8-55f4cf5bcf88">
+ <permission csid="ca89d98e-7fc4-44e5-9e5f-fea49bdb7e89">
<resourceName>intakes</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="afd64e21-5e85-4103-a005-ebdd1768689e">
+ <permission csid="c3e6c0c6-b6c0-4bb1-a03d-2e86857b74b4">
<resourceName>
/intakes/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="2e9ceeeb-df32-4f8a-94ad-064b2e56c35e">
+ <permission csid="cea2e847-0944-49c0-8746-4622c1169a65">
<resourceName>loansin</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="74e0498d-86ff-4e2e-812f-7f894c7a0842">
+ <permission csid="b163f821-5791-4044-be1c-ddbd3738a4b4">
<resourceName>
/loansin/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="6b1dd0f9-6eb4-40fb-b8d4-c68f85d992fc">
+ <permission csid="3a77ffcf-8052-466c-99d7-61fff28d9f88">
<resourceName>loansout</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="835ddebc-ab0c-46ca-9bed-7cd65901fec9">
+ <permission csid="859d46be-9bf6-4bce-9950-3e07fd35fc91">
<resourceName>
/loansout/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="cb18affd-0c86-4c80-85ab-cd01fc0169e4">
+ <permission csid="f079772b-b15a-45b9-9e30-ba93ec62886b">
<resourceName>movements</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="73c7c7e1-d652-4b1b-8c2f-a0f6d31e861d">
+ <permission csid="05a0e8d6-c623-470f-8562-e1ebaa8661a0">
<resourceName>
/movements/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="75d80adc-5dc5-4044-b463-ca549f920d12">
+ <permission csid="72115711-331e-4e6d-a4d7-2d9ad22bb2e3">
<resourceName>vocabularies</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="7ed9eb73-fe3c-4f34-be69-40c7dd4c8cfe">
+ <permission csid="401d9a19-add1-475b-97c6-715d18001fed">
<resourceName>vocabularyitems</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="ba430b16-d4c2-455d-a5f0-a006c56fba40">
+ <permission csid="862e5aa7-40e0-433c-b918-025a649543e0">
<resourceName>
/vocabularies/*/items/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="e51f2c07-8cec-423e-909d-f7e26b708250">
+ <permission csid="b8fbde29-bb5a-4d88-88c9-01881b4953a7">
<resourceName>orgauthorities</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="6057bcf9-6130-42fb-9a39-6912fa337861">
+ <permission csid="458a330f-1b4d-4e52-950c-f2aacf9a4870">
<resourceName>
/orgauthorities/*/items/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="719809d0-3afb-48b2-bd35-76690eb409d4">
+ <permission csid="3552c6ca-c830-4aa0-a940-00296e87ba3d">
<resourceName>organizations</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="fd8483fb-8ddc-432f-88fe-6f1f858f5b8d">
+ <permission csid="821f288c-4958-405c-bc73-b34f47411066">
<resourceName>
/orgauthorities/*/items/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="20fad09b-86b3-4fc4-9f77-e6f0c83e3b4f">
+ <permission csid="5a99cd36-768a-4001-b855-d75899fcb19b">
<resourceName>
/orgauthorities/*/items/*/refobjs
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="0f5f7073-6ad7-4149-9c7d-522759d08619">
+ <permission csid="75127a9c-d433-419e-b2b8-fb3368dc2fd3">
<resourceName>personauthorities</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="0bbcae28-a9f8-4093-b797-ec61f4777243">
+ <permission csid="33af3708-d5ab-4668-be8f-535de4845150">
<resourceName>
/personauthorities/*/items/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="30e5b4c8-853d-406e-9053-7b3689f38e13">
+ <permission csid="b918c0ec-7005-4f51-ac6b-62daf86560b1">
<resourceName>
/personauthorities/*/items/*/refobjs
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="cee68b4a-5d74-4c7b-99b5-79ea1d6d84e6">
+ <permission csid="026f957b-763f-4e31-8a5c-90c6f4c1017d">
<resourceName>persons</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="e6166551-917f-4802-bb8f-33e9a26897a6">
+ <permission csid="96749d08-3320-408d-b812-815fb0702562">
<resourceName>
/personauthorities/*/items/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="cd071fb9-93ab-4d84-9a48-2763cb5505d2">
+ <permission csid="6da6f72b-ecf0-4f08-a220-223a2f0e0b16">
<resourceName>locationauthorities</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="e66aca29-4fb6-4800-a776-93988d5ae16a">
+ <permission csid="454c4a67-e21d-4402-9d13-5f0eb05e6028">
<resourceName>
/locationauthorities/*/items/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="6b961b0d-1cb6-4358-a469-4c3b058fee3f">
+ <permission csid="8b04ac84-968d-476d-8cac-fc0fd507f8d7">
<resourceName>locations</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="51a94926-b603-43f8-9e2d-a371c0e42fc4">
+ <permission csid="cdeb851e-0f68-43de-8b29-e2e2b9e3faf3">
<resourceName>acquisitions</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="3387d9e0-f942-436e-8f15-8a2b53d6669c">
+ <permission csid="c1ada994-34f7-4a5d-a91f-3414ac872bae">
<resourceName>
/acquisitions/*/authorityrefs/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="01a98695-da9a-4e94-b94a-f1c18228a520">
+ <permission csid="8d4b8274-fc30-4175-b5de-a328d16b898a">
<resourceName>relations</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="8703dd4c-72b6-46a6-8c35-fb5bf86a6c92">
+ <permission csid="6be0be1c-9269-475a-8ac0-e2cd1e38836c">
<resourceName>
relations/subject/*/type/*/object/*
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="97f34c8a-e978-467e-9881-15ebc2d11f05">
+ <permission csid="849ece17-b3f6-4792-a7aa-ecf950e76bf5">
<resourceName>accounts</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="eb0e3f69-96db-4f05-9316-021094bbcfec">
+ <permission csid="a7f645ca-e8be-4c76-9b2b-22d154f487a3">
<resourceName>dimensions</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="10d0cf8b-1759-4692-8553-391e2bb568f3">
+ <permission csid="cb815554-aab2-43a9-9f4b-49ecd72b95e7">
<resourceName>contacts</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="4da515c5-cf33-4eb7-b0ab-3ace1d3192a6">
+ <permission csid="3b67af55-4d7a-43b6-aba3-0327aa7f5eb1">
<resourceName>
/personauthorities/*/items/*/contacts
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="7a00e318-ea14-4ebb-906f-8aea1bc9f0c4">
+ <permission csid="986483a9-d97d-464a-91d8-992c7653e7fa">
<resourceName>
/orgauthorities/*/items/*/contacts
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="bda263c9-148f-452d-8e87-98b7427fc054">
+ <permission csid="5a619a25-91d8-4fa9-808f-05c3bb349506">
<resourceName>notes</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="180ab379-d045-43f9-8ce0-6e7bbc23ce72">
+ <permission csid="37f949ba-bdf5-435f-9649-4301bd29b957">
<resourceName>authorization/roles</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="1874f2cd-17ce-407a-ae12-31206906ae18">
+ <permission csid="dd02ab68-4774-4533-8969-641eca0e0178">
<resourceName>authorization/permissions</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="cfe9fa81-c846-4025-b212-5c4a1f51298b">
+ <permission csid="64d08e83-0a6b-4c0e-bd63-ce20219463c9">
<resourceName>authorization/permissions/permroles</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="39872df7-2f7b-4f80-859a-ee01e3c5c995">
+ <permission csid="8eeb4333-fdf1-4171-bd24-d719b24d1452">
<resourceName>
/authorization/permissions/*/permroles/
</resourceName>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="7376c78f-faef-40f2-a22a-ee1b4790d951">
+ <permission csid="a5f3dd1c-66c2-41a3-bbfb-dd2c72162fe5">
<resourceName>accounts/accountroles</resourceName>
<action>
<name>CREATE</name>
<effect>PERMIT</effect>
<tenant_id>1</tenant_id>
</permission>
- <permission csid="305b230d-f5cf-43c4-bdc4-474c0520aeed">
+ <permission csid="56145553-6b17-449c-ae8a-b7ed14f85af1">
<resourceName>
/accounts/*/accountroles/
</resourceName>
package org.collectionspace.services.authorization.storage;
import java.util.ArrayList;
-import java.util.Date;
import java.util.List;
import java.util.UUID;
import org.collectionspace.services.authorization.PermissionsList;
import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl;
+import org.collectionspace.services.common.document.BadRequestException;
import org.collectionspace.services.common.document.DocumentFilter;
import org.collectionspace.services.common.document.DocumentWrapper;
import org.collectionspace.services.common.document.JaxbUtils;
* @param to
* @return merged permission
*/
- private Permission merge(Permission from, Permission to) {
- Date now = new Date();
- to.setUpdatedAtItem(now);
- if (from.getResourceName() != null) {
- to.setResourceName(from.getResourceName());
- }
- if (from.getAttributeName() != null) {
- to.setAttributeName(from.getAttributeName());
+ private Permission merge(Permission from, Permission to) throws Exception {
+ if (!(from.getResourceName().equalsIgnoreCase(to.getResourceName()))) {
+ String msg = "Resource name cannot be changed " + to.getResourceName();
+ logger.error(msg);
+ throw new BadRequestException(msg);
}
+ //resource name, attribute cannot be changed
+
if (from.getDescription() != null) {
to.setDescription(from.getDescription());
}
Permission upAcc = wrapDoc.getWrappedObject();
getServiceContext().setOutput(permission);
sanitize(upAcc);
+ //FIXME update lower-layer authorization (acls)
+ //will require deleting old permissions for this resource and adding
+ //new based on new actions and effect
}
@Override
invalid = true;
}
}
- }
+ }
if (invalid) {
String msg = msgBldr.toString();
logger.error(msg);
}
} else if (action.equals(Action.UPDATE)) {
//update specific validation here
- if (permission.getResourceName() != null && permission.getResourceName().isEmpty()) {
+ if (permission.getResourceName() == null || permission.getResourceName().isEmpty()) {
invalid = true;
- msgBldr.append("\nresourceName : cannot be empty");
+ msgBldr.append("\nresourceName : cannot be missing or empty");
}
}
if (invalid) {
import org.collectionspace.services.authorization.RolesList;
import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl;
+import org.collectionspace.services.common.document.BadRequestException;
import org.collectionspace.services.common.document.DocumentFilter;
import org.collectionspace.services.common.document.DocumentWrapper;
import org.collectionspace.services.common.document.JaxbUtils;
public void handleCreate(DocumentWrapper<Role> wrapDoc) throws Exception {
String id = UUID.randomUUID().toString();
Role role = wrapDoc.getWrappedObject();
+ role.setRoleName(fixRoleName(role.getRoleName()));
role.setCsid(id);
//FIXME: if admin updating the role is a CS admin rather than
//the tenant admin, tenant id should be retrieved from the request
public void handleUpdate(DocumentWrapper<Role> wrapDoc) throws Exception {
Role roleFound = wrapDoc.getWrappedObject();
Role roleReceived = getCommonPart();
+ roleReceived.setRoleName(fixRoleName(roleReceived.getRoleName()));
merge(roleReceived, roleFound);
}
* @param to
* @return merged role
*/
- private Role merge(Role from, Role to) {
- if (from.getRoleName() != null) {
- to.setRoleName(from.getRoleName());
+ private Role merge(Role from, Role to) throws Exception {
+ //role name cannot be changed
+ if (!(from.getRoleName().equalsIgnoreCase(to.getRoleName()))) {
+ String msg = "Role name cannot be changed " + to.getRoleName();
+ logger.error(msg);
+ throw new BadRequestException(msg);
}
if (from.getRoleGroup() != null) {
to.setRoleGroup(from.getRoleGroup());
private void sanitize(Role role) {
role.setTenantId(null);
}
+
+ private String fixRoleName(String role) {
+ String roleName = role.toUpperCase();
+ String rolePrefix = "ROLE_";
+ if (!roleName.startsWith(rolePrefix)) {
+ roleName = rolePrefix + roleName;
+ }
+ return roleName;
+ }
}
}
} else if (action.equals(Action.UPDATE)) {
//update specific validation here
- if (role.getRoleName() != null && role.getRoleName().isEmpty()) {
+ if (role.getRoleName() == null || role.getRoleName().isEmpty()) {
invalid = true;
- msgBldr.append("\nroleName : cannot be empty");
+ msgBldr.append("\nroleName : cannot be missing or empty");
}
}
if (invalid) {
projects / tmp / jakarta-migration.git / commitdiff