From: Sanjay Dalal <sanjay.dalal@berkeley.edu>
Date: Wed, 19 May 2010 18:17:34 +0000 (+0000)
Subject: CSPACE-1482 import module with the help of tenant bindings now generates and imports... 
X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=28b5a555f3f5f472d59007dd8d74a91c18129fb3;p=tmp%2Fjakarta-migration.git

CSPACE-1482 import module with the help of tenant bindings now generates and imports default permissions for all the services for all the tenants for ROLE_ADMINISTRATOR
---

diff --git a/services/authorization-mgt/import/pom.xml b/services/authorization-mgt/import/pom.xml
index a2ceb0b21..56da2d481 100644
--- a/services/authorization-mgt/import/pom.xml
+++ b/services/authorization-mgt/import/pom.xml
@@ -26,12 +26,6 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-log4j12</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.collectionspace.services</groupId>
-            <artifactId>org.collectionspace.services.authentication.service</artifactId>
-            <version>${project.version}</version>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>org.collectionspace.services</groupId>
             <artifactId>org.collectionspace.services.authorization.service</artifactId>
@@ -49,50 +43,12 @@
             <version>${project.version}</version>
             <scope>provided</scope>
         </dependency>
-        <dependency>
-            <groupId>org.collectionspace.services</groupId>
-            <artifactId>org.collectionspace.services.client</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-
-        <!-- Needed if/when client test framework files are moved into -->
-        <!-- /services/client/src/test from /services/client/src/main -->
-
-        <!-- <dependency>
-            <groupId>org.collectionspace.services</groupId>
-            <artifactId>org.collectionspace.services.client</artifactId>
-            <version>${project.version}</version>
-            <scope>test</scope>
-            <type>test-jar</type>
-        </dependency> -->
         <dependency>
             <groupId>org.testng</groupId>
             <artifactId>testng</artifactId>
             <version>5.6</version>
         </dependency>
-        <dependency>
-            <groupId>org.jboss.resteasy</groupId>
-            <artifactId>resteasy-jaxrs</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>tjws</groupId>
-                    <artifactId>webserver</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        <dependency>
-            <groupId>org.jboss.resteasy</groupId>
-            <artifactId>resteasy-jaxb-provider</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.jboss.resteasy</groupId>
-            <artifactId>resteasy-multipart-provider</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>commons-httpclient</groupId>
-            <artifactId>commons-httpclient</artifactId>
-            <version>3.1</version>
-        </dependency>
+
 
         <dependency>
             <groupId>org.springframework.security</groupId>
@@ -169,14 +125,22 @@
                 <artifactId>maven-surefire-plugin</artifactId>
                 <configuration>
                     <systemProperties>
-                        <property>
-                            <name>maven.basedir</name>
-                            <value>${basedir}</value>
-                        </property>
                         <property>
                             <name>log4j.configuration</name>
                             <value>file:${project.build.directory}/test-classes/log4j.properties</value>
                         </property>
+                        <property>
+                            <name>importdir</name>
+                            <value>${basedir}/src/main/resources/import-data/</value>
+                        </property>
+                        <property>
+                            <name>exportdir</name>
+                            <value>${basedir}/src/main/resources/import-data/</value>
+                        </property>
+                        <property>
+                            <name>tenantbindings</name>
+                            <value>${basedir}/../../common/src/main/config/services/tenant-bindings.xml</value>
+                        </property>
                         <property>
                             <name>spring-beans-config</name>
                             <value>applicationContext-authorization-test.xml</value>
diff --git a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
index ef35f5a0f..53ff7fd92 100644
--- a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
+++ b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
@@ -3,7 +3,150 @@
     <permissionRole>
         <subject>ROLE</subject>
         <permission>
-            <permissionId>1</permissionId>
+            <permissionId>d517250a-91a8-4b19-b1a4-75ad56d3012a</permissionId>
+            <resourceName>collectionobjects</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>eb155cad-cfac-4bcd-bdb3-34c8406bb6c7</permissionId>
+            <resourceName>intakes</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>04383c28-f9d0-4628-bd8d-90c07963630d</permissionId>
+            <resourceName>loansin</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>1280b13b-0e02-4c11-955d-5151ac15cb16</permissionId>
+            <resourceName>loansout</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>86ed3672-c338-4537-893d-69bbef22ea7e</permissionId>
+            <resourceName>movements</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>293a5a00-e2ca-49f9-9f52-6cefbceae1a7</permissionId>
+            <resourceName>vocabularies</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>1c1152e4-2e7b-4744-bf86-8c47f62f6b2a</permissionId>
+            <resourceName>vocabularyitems</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>29e217f7-d1a0-463b-9f3e-1804be23f127</permissionId>
+            <resourceName>orgauthorities</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>34197256-031f-4218-bb8d-c02a9d202986</permissionId>
+            <resourceName>organizations</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>d327da0e-da21-4716-a01c-47ad828ec2b4</permissionId>
+            <resourceName>personauthorities</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>d2746267-4ade-4e12-8dc4-11ee151c7f2e</permissionId>
+            <resourceName>persons</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>5dcbce71-bc19-4da0-8072-d994c8854007</permissionId>
+            <resourceName>acquisitions</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>a2cd134f-c418-4c9c-8a85-bb530a97cea8</permissionId>
+            <resourceName>relations</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>bfd8768d-64bc-47b7-9193-edfb5fc17884</permissionId>
             <resourceName>accounts</resourceName>
         </permission>
         <role>
@@ -14,7 +157,7 @@
     <permissionRole>
         <subject>ROLE</subject>
         <permission>
-            <permissionId>2</permissionId>
+            <permissionId>eb77d422-5019-470f-9670-b62bcd8eb9be</permissionId>
             <resourceName>dimensions</resourceName>
         </permission>
         <role>
@@ -22,4 +165,59 @@
             <roleName>ROLE_ADMINISTRATOR</roleName>
         </role>
     </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>c66becf5-0670-4e6f-83be-283ca28b9220</permissionId>
+            <resourceName>contacts</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>9ce72e7a-dded-4b92-b0c1-3333e117a152</permissionId>
+            <resourceName>authorization/roles</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>407df950-207a-4490-a122-61ab43984956</permissionId>
+            <resourceName>authorization/permissions</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>5e16a57f-8c6d-4c93-b167-85c2c7881f02</permissionId>
+            <resourceName>authorization/permroles</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
+    <permissionRole>
+        <subject>ROLE</subject>
+        <permission>
+            <permissionId>d1a3663a-645b-4ac4-86b8-c6ecd05e1e12</permissionId>
+            <resourceName>accounts/accountroles</resourceName>
+        </permission>
+        <role>
+            <roleId>1</roleId>
+            <roleName>ROLE_ADMINISTRATOR</roleName>
+        </role>
+    </permissionRole>
 </ns2:permissions_roles_list>
diff --git a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
index 3287d54ff..f1f501c89 100644
--- a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
+++ b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
@@ -1,6 +1,266 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <ns2:permissions_list xmlns:ns2="http://collectionspace.org/services/authorization">
-    <permission csid="1">
+    <permission csid="d517250a-91a8-4b19-b1a4-75ad56d3012a">
+        <resourceName>collectionobjects</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="eb155cad-cfac-4bcd-bdb3-34c8406bb6c7">
+        <resourceName>intakes</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="04383c28-f9d0-4628-bd8d-90c07963630d">
+        <resourceName>loansin</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="1280b13b-0e02-4c11-955d-5151ac15cb16">
+        <resourceName>loansout</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="86ed3672-c338-4537-893d-69bbef22ea7e">
+        <resourceName>movements</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="293a5a00-e2ca-49f9-9f52-6cefbceae1a7">
+        <resourceName>vocabularies</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="1c1152e4-2e7b-4744-bf86-8c47f62f6b2a">
+        <resourceName>vocabularyitems</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="29e217f7-d1a0-463b-9f3e-1804be23f127">
+        <resourceName>orgauthorities</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="34197256-031f-4218-bb8d-c02a9d202986">
+        <resourceName>organizations</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="d327da0e-da21-4716-a01c-47ad828ec2b4">
+        <resourceName>personauthorities</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="d2746267-4ade-4e12-8dc4-11ee151c7f2e">
+        <resourceName>persons</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="5dcbce71-bc19-4da0-8072-d994c8854007">
+        <resourceName>acquisitions</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="a2cd134f-c418-4c9c-8a85-bb530a97cea8">
+        <resourceName>relations</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="bfd8768d-64bc-47b7-9193-edfb5fc17884">
         <resourceName>accounts</resourceName>
         <action>
             <name>CREATE</name>
@@ -14,10 +274,13 @@
         <action>
             <name>DELETE</name>
         </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
         <effect>PERMIT</effect>
         <tenant_id>1</tenant_id>
     </permission>
-    <permission csid="2">
+    <permission csid="eb77d422-5019-470f-9670-b62bcd8eb9be">
         <resourceName>dimensions</resourceName>
         <action>
             <name>CREATE</name>
@@ -31,6 +294,109 @@
         <action>
             <name>DELETE</name>
         </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="c66becf5-0670-4e6f-83be-283ca28b9220">
+        <resourceName>contacts</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="9ce72e7a-dded-4b92-b0c1-3333e117a152">
+        <resourceName>authorization/roles</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="407df950-207a-4490-a122-61ab43984956">
+        <resourceName>authorization/permissions</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="5e16a57f-8c6d-4c93-b167-85c2c7881f02">
+        <resourceName>authorization/permroles</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
+        <effect>PERMIT</effect>
+        <tenant_id>1</tenant_id>
+    </permission>
+    <permission csid="d1a3663a-645b-4ac4-86b8-c6ecd05e1e12">
+        <resourceName>accounts/accountroles</resourceName>
+        <action>
+            <name>CREATE</name>
+        </action>
+        <action>
+            <name>READ</name>
+        </action>
+        <action>
+            <name>UPDATE</name>
+        </action>
+        <action>
+            <name>DELETE</name>
+        </action>
+        <action>
+            <name>SEARCH</name>
+        </action>
         <effect>PERMIT</effect>
         <tenant_id>1</tenant_id>
     </permission>
diff --git a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/generator/AuthorizationGen.java b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/generator/AuthorizationGen.java
index da0a05f5e..73633d03d 100644
--- a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/generator/AuthorizationGen.java
+++ b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/generator/AuthorizationGen.java
@@ -23,10 +23,15 @@
  */
 package org.collectionspace.services.authorization.generator;
 
+import java.io.File;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import java.util.ArrayList;
+import java.util.Hashtable;
 import java.util.List;
+import java.util.UUID;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
 import org.collectionspace.services.authorization.ActionType;
 import org.collectionspace.services.authorization.Permission;
 import org.collectionspace.services.authorization.EffectType;
@@ -37,6 +42,9 @@ import org.collectionspace.services.authorization.PermissionsList;
 import org.collectionspace.services.authorization.PermissionsRolesList;
 import org.collectionspace.services.authorization.RoleValue;
 import org.collectionspace.services.authorization.SubjectType;
+import org.collectionspace.services.common.config.TenantBindingConfigReaderImpl;
+import org.collectionspace.services.common.service.ServiceBindingType;
+import org.collectionspace.services.common.tenant.TenantBindingType;
 
 /**
  *
@@ -45,27 +53,42 @@ import org.collectionspace.services.authorization.SubjectType;
 public class AuthorizationGen {
 
     final Logger logger = LoggerFactory.getLogger(AuthorizationGen.class);
-    private PermissionsList pcList = new PermissionsList();
-    PermissionsRolesList psrsl = new PermissionsRolesList();
+    private List<Permission> permList = new ArrayList<Permission>();
+    private List<PermissionRole> permRoleList = new ArrayList<PermissionRole>();
+    private Hashtable<String, TenantBindingType> tenantBindings =
+            new Hashtable<String, TenantBindingType>();
+
+    public void initialize(String tenantBindingFile) throws Exception {
+        TenantBindingConfigReaderImpl tenantBindingConfigReader =
+                new TenantBindingConfigReaderImpl(null);
+        tenantBindingConfigReader.read(tenantBindingFile);
+        tenantBindings = tenantBindingConfigReader.getTenantBindings();
+    }
 
-    public PermissionsList genPermissions() {
-        ArrayList<Permission> apcList = new ArrayList<Permission>();
-        pcList.setPermissions(apcList);
+    public void createDefaultServicePermissions() {
+        for (String tenantId : tenantBindings.keySet()) {
+            List<Permission> perms = createDefaultServicePermissions(tenantId);
+            permList.addAll(perms);
+        }
+    }
 
-        Permission accPerm = buildCommonPermission("1", "1", "accounts");
-        apcList.add(accPerm);
-        Permission dimPerm = buildCommonPermission("1", "2", "dimensions");
-        apcList.add(dimPerm);
-        return pcList;
+    public List<Permission> createDefaultServicePermissions(String tenantId) {
+        ArrayList<Permission> apcList = new ArrayList<Permission>();
+        TenantBindingType tbinding = tenantBindings.get(tenantId);
+        for (ServiceBindingType sbinding : tbinding.getServiceBindings()) {
+            Permission accPerm = buildCommonPermission(tbinding.getId(),
+                    sbinding.getName());
+            apcList.add(accPerm);
+        }
+        return apcList;
 
     }
 
-
-    private Permission buildCommonPermission(String tenantId, String permId, String resourceName) {
-        //String id = UUID.randomUUID().toString();
+    private Permission buildCommonPermission(String tenantId, String resourceName) {
+        String id = UUID.randomUUID().toString();
         Permission perm = new Permission();
-        perm.setCsid(permId);
-        perm.setResourceName(resourceName);
+        perm.setCsid(id);
+        perm.setResourceName(resourceName.toLowerCase());
         perm.setEffect(EffectType.PERMIT);
         perm.setTenantId(tenantId);
         ArrayList<PermissionAction> pas = new ArrayList<PermissionAction>();
@@ -83,37 +106,86 @@ public class AuthorizationGen {
         PermissionAction pa3 = new PermissionAction();
         pa3.setName(ActionType.DELETE);
         pas.add(pa3);
+        PermissionAction pa4 = new PermissionAction();
+        pa4.setName(ActionType.SEARCH);
+        pas.add(pa4);
         return perm;
     }
 
-    public PermissionsRolesList genPermissionsRoles(PermissionsList pcList) {
-        ArrayList<PermissionRole> prl = new ArrayList<PermissionRole>();
-        prl.add(buildCommonPermissionRoles("1", "1", "accounts"));
-        prl.add(buildCommonPermissionRoles("1", "2", "dimensions"));
-        psrsl.setPermissionRoles(prl);
-        return psrsl;
+    public List<Permission> getDefaultServicePermissions() {
+        return permList;
+    }
+
+    public void createDefaultPermissionsRoles(String roleName) {
+        for (Permission p : permList) {
+            PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
+                    p.getResourceName(), roleName);
+            permRoleList.add(permRole);
+        }
+    }
+
+    public List<PermissionRole> createPermissionsRoles(List<Permission> perms, String roleName) {
+        List<PermissionRole> permRoles = new ArrayList<PermissionRole>();
+        for (Permission p : perms) {
+            PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
+                    p.getResourceName(), roleName);
+            permRoles.add(permRole);
+        }
+        return permRoles;
     }
 
-    private PermissionRole buildCommonPermissionRoles(String tenantId, String permissionId,
-            String resName) {
+    private PermissionRole buildCommonPermissionRoles(String tenantId, String permId,
+            String resName, String roleName) {
 
         PermissionRole pr = new PermissionRole();
         pr.setSubject(SubjectType.ROLE);
         List<PermissionValue> permValues = new ArrayList<PermissionValue>();
         pr.setPermissions(permValues);
         PermissionValue permValue = new PermissionValue();
-        permValue.setPermissionId(permissionId);
-        permValue.setResourceName(resName);
+        permValue.setPermissionId(permId);
+        permValue.setResourceName(resName.toLowerCase());
         permValues.add(permValue);
 
         List<RoleValue> roleValues = new ArrayList<RoleValue>();
         RoleValue radmin = new RoleValue();
-        radmin.setRoleName("ROLE_ADMINISTRATOR");
+        radmin.setRoleName(roleName.toUpperCase());
         radmin.setRoleId(tenantId);
         roleValues.add(radmin);
         pr.setRoles(roleValues);
 
         return pr;
+    }
+
+    public List<PermissionRole> getDefaultServicePermissionRoles() {
+        return permRoleList;
+    }
+
+    public void exportPermissions(String fileName) {
+        PermissionsList pcList = new PermissionsList();
+        pcList.setPermissions(permList);
+        toFile(pcList, PermissionsList.class,
+                fileName);
+        logger.info("exported permissions to " + fileName);
+    }
+
+    public void exportPermissionRoles(String fileName) {
+        PermissionsRolesList psrsl = new PermissionsRolesList();
+        psrsl.setPermissionRoles(permRoleList);
+        toFile(psrsl, PermissionsRolesList.class,
+                fileName);
+        logger.info("exported permissions-roles to " + fileName);
+    }
 
+    private void toFile(Object o, Class jaxbClass, String fileName) {
+        File f = new File(fileName);
+        try {
+            JAXBContext jc = JAXBContext.newInstance(jaxbClass);
+            Marshaller m = jc.createMarshaller();
+            m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
+                    Boolean.TRUE);
+            m.marshal(o, f);
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
     }
 }
diff --git a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AbstractAuthorizationTestImpl.java b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AbstractAuthorizationTestImpl.java
index 0a3d7965b..039241090 100644
--- a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AbstractAuthorizationTestImpl.java
+++ b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AbstractAuthorizationTestImpl.java
@@ -80,19 +80,8 @@ import org.testng.annotations.Test;
  */
 public abstract class AbstractAuthorizationTestImpl {
 
-    static protected final String MAVEN_BASEDIR_PROPERTY = "maven.basedir";
     final Logger logger = LoggerFactory.getLogger(AbstractAuthorizationTestImpl.class);
     private org.springframework.jdbc.datasource.DataSourceTransactionManager txManager;
-    final static String importDataDir = "src/main/resources/import-data/";
-    static String baseDir;
-
-    static {
-        baseDir = System.getProperty(AbstractAuthorizationTestImpl.MAVEN_BASEDIR_PROPERTY);
-        if (baseDir == null || baseDir.isEmpty()) {
-            baseDir = System.getProperty("user.dir");
-        }
-        baseDir = baseDir + System.getProperty("file.separator");
-    }
 
     /**
      * Returns the name of the currently running test.
@@ -147,18 +136,6 @@ public abstract class AbstractAuthorizationTestImpl {
         txManager.commit(status);
     }
 
-    static void toFile(Object o, Class jaxbClass, String fileName) {
-        File f = new File(fileName);
-        try {
-            JAXBContext jc = JAXBContext.newInstance(jaxbClass);
-            Marshaller m = jc.createMarshaller();
-            m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
-                    Boolean.TRUE);
-            m.marshal(o, f);
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
 
     static Object fromFile(Class jaxbClass, String fileName) throws Exception {
         InputStream is = new FileInputStream(fileName);
@@ -179,21 +156,6 @@ public abstract class AbstractAuthorizationTestImpl {
     }
 
 
-    public void writePermissions(PermissionsList pcList, String fileName) {
-        AbstractAuthorizationTestImpl.toFile(pcList, PermissionsList.class,
-                AbstractAuthorizationTestImpl.importDataDir + fileName);
-        logger.info("generated permissions to "
-                + AbstractAuthorizationTestImpl.importDataDir + fileName);
-    }
-
-    
-    public void writePermissionRoles(PermissionsRolesList psrsl, String fileName) {
-        AbstractAuthorizationTestImpl.toFile(psrsl, PermissionsRolesList.class,
-                AbstractAuthorizationTestImpl.importDataDir + fileName);
-        logger.info("generated permissions-roles to "
-                + AbstractAuthorizationTestImpl.importDataDir + fileName);
-    }
-
     @Test(dataProvider = "testName", dataProviderClass = AbstractAuthorizationTestImpl.class)
     public void test(String testName) {
         if (logger.isDebugEnabled()) {
diff --git a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java
index 0f5997ee5..292ad614b 100644
--- a/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java
+++ b/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java
@@ -25,8 +25,8 @@ package org.collectionspace.services.authorization.importer;
 
 //import java.util.ArrayList;
 //import java.util.List;
+import java.io.File;
 import org.collectionspace.services.authorization.generator.AuthorizationGen;
-import org.collectionspace.services.authorization.importer.AbstractAuthorizationTestImpl;
 import java.util.ArrayList;
 import java.util.List;
 import org.collectionspace.services.authorization.ActionType;
@@ -62,10 +62,13 @@ public class AuthorizationSeedTest extends AbstractAuthorizationTestImpl {
         TransactionStatus status = beginTransaction("seedData");
         try {
             AuthorizationGen authzGen = new AuthorizationGen();
-            PermissionsList pl = authzGen.genPermissions();
-            writePermissions(pl, PERMISSION_FILE);
-            PermissionsRolesList prl = authzGen.genPermissionsRoles(pl);
-            writePermissionRoles(prl, PERMISSION_ROLE_FILE);
+            String tenantBindingFile = getTenantBindingFile();
+            authzGen.initialize(tenantBindingFile);
+            authzGen.createDefaultServicePermissions();
+            authzGen.createDefaultPermissionsRoles("ROLE_ADMINISTRATOR");
+            String exportDir = getExportDir();
+            authzGen.exportPermissions(exportDir + PERMISSION_FILE);
+            authzGen.exportPermissionRoles(exportDir + PERMISSION_ROLE_FILE);
             seedRoles();
             seedPermissions();
         } catch (Exception ex) {
@@ -81,16 +84,17 @@ public class AuthorizationSeedTest extends AbstractAuthorizationTestImpl {
     }
 
     public void seedPermissions() throws Exception {
+        String importDir = getImportDir();
         PermissionsList pcList =
-                (PermissionsList) fromFile(PermissionsList.class, baseDir
-                + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_FILE);
+                (PermissionsList) fromFile(PermissionsList.class,
+                importDir + PERMISSION_FILE);
         logger.info("read permissions from "
-                + baseDir + AbstractAuthorizationTestImpl.importDataDir +  PERMISSION_FILE);
+                + importDir + PERMISSION_FILE);
         PermissionsRolesList pcrList =
-                (PermissionsRolesList) fromFile(PermissionsRolesList.class, baseDir
-                + AbstractAuthorizationTestImpl.importDataDir + PERMISSION_ROLE_FILE);
+                (PermissionsRolesList) fromFile(PermissionsRolesList.class,
+                importDir + PERMISSION_ROLE_FILE);
         logger.info("read permissions-roles from "
-                + baseDir + AbstractAuthorizationTestImpl.importDataDir +  PERMISSION_ROLE_FILE);
+                + importDir + PERMISSION_ROLE_FILE);
         AuthZ authZ = AuthZ.get();
         for (Permission p : pcList.getPermissions()) {
             if (logger.isDebugEnabled()) {
@@ -157,4 +161,31 @@ public class AuthorizationSeedTest extends AbstractAuthorizationTestImpl {
         }
         throw new IllegalArgumentException("action = " + action.toString());
     }
+
+    private String getTenantBindingFile() {
+        String tenantBindingFile = System.getProperty("tenantbindings");
+        if (tenantBindingFile == null || tenantBindingFile.isEmpty()) {
+            throw new IllegalStateException("tenantbindings are required."
+                    + " System property tenantbindings is missing or empty");
+        }
+        return tenantBindingFile;
+    }
+
+    private String getImportDir() {
+        String importDir = System.getProperty("importdir");
+        if (importDir == null || importDir.isEmpty()) {
+            throw new IllegalStateException("importdir required."
+                    + " System property importdir is missing or empty");
+        }
+        return importDir + File.separator;
+    }
+
+    private String getExportDir() {
+        String exportDir = System.getProperty("exportdir");
+        if (exportDir == null || exportDir.isEmpty()) {
+            throw new IllegalStateException("exportdir required."
+                    + " System property exportdir is missing or empty");
+        }
+        return exportDir + File.separator;
+    }
 }
diff --git a/services/common/src/main/java/org/collectionspace/services/common/config/AbstractConfigReaderImpl.java b/services/common/src/main/java/org/collectionspace/services/common/config/AbstractConfigReaderImpl.java
index ed79fa52a..034ba5770 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/config/AbstractConfigReaderImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/config/AbstractConfigReaderImpl.java
@@ -52,8 +52,10 @@ public abstract class AbstractConfigReaderImpl<T>
     abstract public void read() throws Exception;
 
     @Override
-    abstract public T getConfiguration();
+    abstract public void read(String configFile) throws Exception;
 
+    @Override
+    abstract public T getConfiguration();
 
     /**
      * parse parses given configuration file from the disk based on given class
@@ -67,17 +69,17 @@ public abstract class AbstractConfigReaderImpl<T>
         JAXBContext jc = JAXBContext.newInstance(clazz);
         Unmarshaller um = jc.createUnmarshaller();
         Object readObject = um.unmarshal(configFile);
-        if(logger.isDebugEnabled()){
+        if (logger.isDebugEnabled()) {
             logger.debug("read() read file " + configFile.getAbsolutePath());
         }
         return readObject;
     }
 
     protected String getAbsoluteFileName(String configFileName) {
-        return serverRootDir +
-                File.separator + CSPACE_DIR_NAME +
-                File.separator + CONFIG_DIR_NAME +
-                File.separator + configFileName;
+        return serverRootDir
+                + File.separator + CSPACE_DIR_NAME
+                + File.separator + CONFIG_DIR_NAME
+                + File.separator + configFileName;
     }
 
     protected String getServerRootDir() {
diff --git a/services/common/src/main/java/org/collectionspace/services/common/config/ConfigReader.java b/services/common/src/main/java/org/collectionspace/services/common/config/ConfigReader.java
index 689841cf8..74bf767d2 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/config/ConfigReader.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/config/ConfigReader.java
@@ -21,7 +21,6 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-
 package org.collectionspace.services.common.config;
 
 import java.io.File;
@@ -41,11 +40,18 @@ public interface ConfigReader<T> {
     public String getFileName();
 
     /**
-     * read parse and read the configruation file.
+     * read parse and read the default configruation file from default location
      * @throws Exception
      */
     public void read() throws Exception;
 
+    /**
+     * read parse and read the given configruation file.
+     * @param configFile fully qualified file name
+     * @throws Exception
+     */
+    public void read(String configFile) throws Exception;
+
     /**
      * getConfig get configuration binding
      * @return
diff --git a/services/common/src/main/java/org/collectionspace/services/common/config/ServicesConfigReaderImpl.java b/services/common/src/main/java/org/collectionspace/services/common/config/ServicesConfigReaderImpl.java
index 7a15ab374..e1621d062 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/config/ServicesConfigReaderImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/config/ServicesConfigReaderImpl.java
@@ -55,26 +55,34 @@ public class ServicesConfigReaderImpl
     @Override
     public void read() throws Exception {
         String configFileName = getAbsoluteFileName(CONFIG_FILE_NAME);
+        read(configFileName);
+    }
+
+    @Override
+    public void read(String configFileName) throws Exception {
+        if (logger.isDebugEnabled()) {
+            logger.debug("read() config file=" + configFileName);
+        }
         File configFile = new File(configFileName);
-        if(!configFile.exists()){
+        if (!configFile.exists()) {
             String msg = "Could not find configuration file " + configFileName;
             logger.error(msg);
             throw new RuntimeException(msg);
         }
         serviceConfig = (ServiceConfig) parse(configFile, ServiceConfig.class);
         clientType = serviceConfig.getRepositoryClient().getClientType();
-        if(clientType == null){
+        if (clientType == null) {
             String msg = "Missing <client-type> in <repository-client>";
             logger.error(msg);
             throw new IllegalArgumentException(msg);
         }
         clientClassName = serviceConfig.getRepositoryClient().getClientClass();
-        if(clientClassName == null){
+        if (clientClassName == null) {
             String msg = "Missing <client-class> in <repository-client>";
             logger.error(msg);
             throw new IllegalArgumentException(msg);
         }
-        if(logger.isDebugEnabled()){
+        if (logger.isDebugEnabled()) {
             logger.debug("using client=" + clientType.toString() + " class=" + clientClassName);
         }
     }
diff --git a/services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java b/services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java
index df575594a..38bd41569 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java
@@ -47,7 +47,7 @@ public class TenantBindingConfigReaderImpl
     final private static String CONFIG_FILE_NAME = "tenant-bindings.xml";
     final Logger logger = LoggerFactory.getLogger(TenantBindingConfigReaderImpl.class);
     private TenantBindingConfig tenantBindingConfig;
-    //tenant name, tenant binding
+    //tenant id, tenant binding
     private Hashtable<String, TenantBindingType> tenantBindings =
             new Hashtable<String, TenantBindingType>();
     //tenant-qualified servicename, service binding
@@ -66,6 +66,14 @@ public class TenantBindingConfigReaderImpl
     @Override
     public void read() throws Exception {
         String configFileName = getAbsoluteFileName(CONFIG_FILE_NAME);
+        read(configFileName);
+    }
+
+    @Override
+    public void read(String configFileName) throws Exception {
+        if (logger.isDebugEnabled()) {
+            logger.debug("read() config file=" + configFileName);
+        }
         File configFile = new File(configFileName);
         if (!configFile.exists()) {
             String msg = "Could not find configuration file " + configFileName;
@@ -108,7 +116,7 @@ public class TenantBindingConfigReaderImpl
     public Hashtable<String, TenantBindingType> getTenantBindings() {
         return tenantBindings;
     }
-    
+
     /**
      * getTenantBinding gets tenant binding for given tenant
      * @param tenantId
@@ -154,7 +162,6 @@ public class TenantBindingConfigReaderImpl
         return list;
     }
 
-
     /**
      * @param tenantId
      * @param serviceName