From: Richard Millet Date: Thu, 26 Aug 2010 04:31:53 +0000 (+0000) Subject: CSPACE-2146: Cannot delete an accountrole... Also, CSPACE-2632, CSPACE-2632 X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=92a97114c92f06dc447163d14ba59f094a0f213b;p=tmp%2Fjakarta-migration.git CSPACE-2146: Cannot delete an accountrole... Also, CSPACE-2632, CSPACE-2632 --- diff --git a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleClient.java b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleClient.java index 43df476be..59cb850eb 100644 --- a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleClient.java +++ b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleClient.java @@ -28,7 +28,7 @@ package org.collectionspace.services.client; import javax.ws.rs.core.Response; - +//import org.collectionspace.services.authorization.AccountRolesList; import org.collectionspace.services.authorization.AccountRole; import org.jboss.resteasy.client.ProxyFactory; import org.jboss.resteasy.plugins.providers.RegisterBuiltin; @@ -94,6 +94,17 @@ public class AccountRoleClient extends AbstractServiceClientImpl { return accountRoleProxy.read(csid, arcsid); } + /** + * Read. + * + * @param csid the csid + * @param arcsid the arcsid + * @return the client response + */ + public ClientResponse read(String csid) { + return accountRoleProxy.read(csid); + } + /** * @param csid * @param accRole relationships to create @@ -114,4 +125,11 @@ public class AccountRoleClient extends AbstractServiceClientImpl { public ClientResponse delete(String csid, AccountRole accRole) { return accountRoleProxy.delete(csid, "delete", accRole); } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.AbstractServiceClientImpl#delete(java.lang.String) + */ + public ClientResponse delete(String csid) { + return accountRoleProxy.delete(csid); + } } diff --git a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleFactory.java b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleFactory.java index b0c5c37a8..0ab1f1313 100644 --- a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleFactory.java +++ b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleFactory.java @@ -28,6 +28,7 @@ import java.util.ArrayList; import java.util.Collection; import org.collectionspace.services.authorization.AccountRole; import org.collectionspace.services.authorization.AccountValue; +import org.collectionspace.services.authorization.SubjectType; import org.collectionspace.services.authorization.RoleValue; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -56,7 +57,7 @@ public class AccountRoleFactory { AccountRole accRole = new AccountRole(); //service consume is not required to provide subject as it is determined //from URI used -// accRole.setSubject(SubjectType.ROLE); + accRole.setSubject(SubjectType.ROLE); if (usePermId) { ArrayList pvs = new ArrayList(); pvs.add(pv); diff --git a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleProxy.java b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleProxy.java index 7399bf705..04fdfe42c 100644 --- a/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleProxy.java +++ b/services/account/client/src/main/java/org/collectionspace/services/client/AccountRoleProxy.java @@ -29,13 +29,14 @@ package org.collectionspace.services.client; import javax.ws.rs.Consumes; import javax.ws.rs.GET; import javax.ws.rs.POST; +import javax.ws.rs.DELETE; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; - +//import org.collectionspace.services.authorization.AccountRolesList; import org.collectionspace.services.authorization.AccountRole; import org.jboss.resteasy.client.ClientResponse; @@ -52,6 +53,11 @@ public interface AccountRoleProxy extends CollectionSpaceProxy { @Path("/{csid}/accountroles") ClientResponse create(@PathParam("csid") String csid, AccountRole accRole); + //(R)ead + @GET + @Path("/{csid}/accountroles") + ClientResponse read(@PathParam("csid") String csid); + //(R)ead @GET @Path("/{csid}/accountroles/{arcsid}") @@ -64,4 +70,9 @@ public interface AccountRoleProxy extends CollectionSpaceProxy { ClientResponse delete(@PathParam("csid") String csid, @QueryParam("_method") String method, AccountRole accRole); + + //(D)elete + @DELETE + @Path("/{csid}/accountroles") + ClientResponse delete(@PathParam("csid") String csid); } diff --git a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java index fab84d5bb..38e9efeed 100644 --- a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java +++ b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java @@ -28,6 +28,7 @@ import java.util.Hashtable; import java.util.List; import javax.ws.rs.core.Response; +//import org.collectionspace.services.authorization.AccountRolesList; import org.collectionspace.services.account.AccountsCommon; import org.collectionspace.services.authorization.AccountRole; import org.collectionspace.services.authorization.AccountValue; @@ -257,7 +258,7 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. AccountRoleClient client = new AccountRoleClient(); ClientResponse res = client.read( - accValues.get("acc-role-user1").getAccountId(), "123"); + accValues.get("acc-role-user1").getAccountId()); int statusCode = res.getStatus(); try { // Check the status code of the response: does it match @@ -269,7 +270,7 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - AccountRole output = (AccountRole) res.getEntity(); + AccountRole output = res.getEntity(); Assert.assertNotNull(output); } finally { res.releaseConnection(); @@ -293,7 +294,7 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. AccountRoleClient client = new AccountRoleClient(); - ClientResponse res = client.read(this.NON_EXISTENT_ID, "123"); + ClientResponse res = client.read(this.NON_EXISTENT_ID); int statusCode = res.getStatus(); try { // Check the status code of the response: does it match @@ -323,7 +324,7 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. AccountRoleClient client = new AccountRoleClient(); ClientResponse res = client.read( - accValues.get("acc-role-user2").getAccountId(), "123"); + accValues.get("acc-role-user2").getAccountId()); int statusCode = res.getStatus(); try { // Check the status code of the response: does it match @@ -334,7 +335,7 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); Assert.assertEquals(statusCode, Response.Status.OK.getStatusCode()); - AccountRole output = (AccountRole) res.getEntity(); + AccountRole output = res.getEntity(); String sOutput = objectAsXmlString(output, AccountRole.class); if(logger.isDebugEnabled()) { @@ -430,27 +431,59 @@ public class AccountRoleServiceTest extends AbstractServiceTestImpl { // Perform setup. setupDelete(); - - // Submit the request to the service and store the response. + + // + // Lookup a know account, and delete all of its role relationships + // AccountRoleClient client = new AccountRoleClient(); - AccountValue av = accValues.get("acc-role-user1"); - AccountRole accRole = createAccountRoleInstance(av, - roleValues.values(), true, true); + ClientResponse readResponse = client.read( + accValues.get("acc-role-user1").getAccountId()); + AccountRole toDelete = null; + try { + toDelete = readResponse.getEntity(); + } finally { + readResponse.releaseConnection(); + } + ClientResponse res = client.delete( - accValues.get("acc-role-user1").getAccountId(), accRole); - int statusCode = res.getStatus(); + toDelete.getAccounts().get(0).getAccountId(), toDelete); try { - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); - } + int statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + res.releaseConnection(); + } + + // + // recreate 'acc-role-user1' account and roles + // + create(testName); + setupDelete(); + + // + // Lookup a know account, and delete all of its role relationships + // + readResponse = client.read( + accValues.get("acc-role-user1").getAccountId()); + toDelete = null; + try { + toDelete = readResponse.getEntity(); + } finally { + readResponse.releaseConnection(); + } + + res = client.delete(toDelete.getAccounts().get(0).getAccountId()); + try { + int statusCode = res.getStatus(); Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); } finally { res.releaseConnection(); } + } // Failure outcomes diff --git a/services/account/pstore/src/main/resources/db/mysql/account.sql b/services/account/pstore/src/main/resources/db/mysql/account.sql index 76a952b21..c92067828 100644 --- a/services/account/pstore/src/main/resources/db/mysql/account.sql +++ b/services/account/pstore/src/main/resources/db/mysql/account.sql @@ -6,4 +6,3 @@ create table accounts_common (csid varchar(128) not null, created_at datetime no create table accounts_tenants (HJID bigint not null auto_increment, tenant_id varchar(128) not null, TENANTS_ACCOUNTSCOMMON_CSID varchar(128), primary key (HJID)); create table tenants (id varchar(128) not null, created_at datetime not null, name varchar(255) not null, updated_at datetime, primary key (id)); alter table accounts_tenants add index FKFDA649B05A9CEEB5 (TENANTS_ACCOUNTSCOMMON_CSID), add constraint FKFDA649B05A9CEEB5 foreign key (TENANTS_ACCOUNTSCOMMON_CSID) references accounts_common (csid); - diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java index 03e6abc00..43a024aa1 100644 --- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java +++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java @@ -39,6 +39,8 @@ import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; +import org.collectionspace.services.authorization.AccountRoleRel; +//import org.collectionspace.services.authorization.AccountRolesList; import org.collectionspace.services.account.storage.AccountStorageClient; import org.collectionspace.services.authorization.AccountRole; import org.collectionspace.services.authorization.SubjectType; @@ -54,6 +56,7 @@ import org.collectionspace.services.common.document.DocumentHandler; import org.collectionspace.services.common.security.UnauthorizedException; import org.collectionspace.services.common.storage.StorageClient; import org.jboss.resteasy.util.HttpResponseCodes; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -434,7 +437,7 @@ public class AccountResource @GET @Path("{csid}/accountroles/{accrolecsid}") - public AccountRole getAccountRole( + public AccountRoleRel getAccountRole( @PathParam("csid") String accCsid, @PathParam("accrolecsid") String accrolecsid) { if (logger.isDebugEnabled()) { @@ -448,6 +451,59 @@ public class AccountResource "text/plain").build(); throw new WebApplicationException(response); } + AccountRoleRel result = null; + try { + AccountRoleSubResource subResource = + new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE); + //get relationships for an account + result = subResource.getAccountRoleRel(accCsid, SubjectType.ROLE, accrolecsid); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("getAccountRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "account csid=" + accrolecsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("getAccountRole", e); + } + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.GET_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + if (result == null) { + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "account csid=" + accCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + @GET + @Path("{csid}/accountroles") + public AccountRole getAccountRole( + @PathParam("csid") String accCsid) { + if (logger.isDebugEnabled()) { + logger.debug("getAccountRole with accCsid=" + accCsid); + } + if (accCsid == null || "".equals(accCsid)) { + logger.error("getAccountRole: missing accCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.GET_FAILED + "accountroles account " + + ServiceMessages.MISSING_INVALID_CSID + accCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } AccountRole result = null; try { AccountRoleSubResource subResource = @@ -464,7 +520,7 @@ public class AccountResource logger.debug("getAccountRole", dnfe); } Response response = Response.status(Response.Status.NOT_FOUND).entity( - ServiceMessages.GET_FAILED + "account csid=" + accrolecsid).type( + ServiceMessages.GET_FAILED + "account csid=" + accCsid).type( "text/plain").build(); throw new WebApplicationException(response); } catch (Exception e) { @@ -486,9 +542,14 @@ public class AccountResource return result; } - public Response deleteAccountRole( - @PathParam("csid") String accCsid, - AccountRole input) { + /** + * Delete account role. + * + * @param accCsid the acc csid + * @param input the input + * @return the response + */ + public Response deleteAccountRole(String accCsid, AccountRole input) { if (logger.isDebugEnabled()) { logger.debug("deleteAccountRole with accCsid=" + accCsid); } @@ -526,6 +587,49 @@ public class AccountResource ServiceMessages.DELETE_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); throw new WebApplicationException(response); } - } + + @DELETE + @Path("{csid}/accountroles") + public Response deleteAccountRole( + @PathParam("csid") String accCsid) { + if (logger.isDebugEnabled()) { + logger.debug("deleteAccountRole: All roles related to account with accCsid=" + accCsid); + } + if (accCsid == null || "".equals(accCsid)) { + logger.error("deleteAccountRole: missing accCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.DELETE_FAILED + "accountroles account " + + ServiceMessages.MISSING_INVALID_CSID + accCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + AccountRoleSubResource subResource = + new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE); + //delete all relationships for an account + subResource.deleteAccountRole(accCsid, SubjectType.ROLE); + return Response.status(HttpResponseCodes.SC_OK).build(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caught exception in deleteAccountRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.DELETE_FAILED + "account csid=" + accCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.DELETE_FAILED + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + } + } diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java index e605ecf50..b00af2420 100644 --- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java +++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java @@ -23,7 +23,13 @@ */ package org.collectionspace.services.account; +import java.util.List; + +import org.collectionspace.services.account.storage.AccountRoleDocumentHandler; +//import org.collectionspace.services.authorization.AccountRolesList; +//import org.collectionspace.services.authorization.AccountRolesList.AccountRoleListItem; import org.collectionspace.services.authorization.AccountRole; +import org.collectionspace.services.authorization.AccountValue; import org.collectionspace.services.authorization.AccountRoleRel; import org.collectionspace.services.authorization.SubjectType; @@ -34,6 +40,7 @@ import org.collectionspace.services.common.context.ServiceContextFactory; import org.collectionspace.services.common.document.DocumentHandler; import org.collectionspace.services.common.storage.StorageClient; import org.collectionspace.services.common.storage.jpa.JpaRelationshipStorageClient; +import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; import org.collectionspace.services.common.context.ServiceContextProperties; import org.slf4j.Logger; @@ -44,7 +51,8 @@ import org.slf4j.LoggerFactory; * @author */ public class AccountRoleSubResource - extends AbstractCollectionSpaceResourceImpl { +// extends AbstractCollectionSpaceResourceImpl { + extends AbstractCollectionSpaceResourceImpl { final public static String ACCOUNT_ACCOUNTROLE_SERVICE = "accounts/accountroles"; final public static String ROLE_ACCOUNTROLE_SERVICE = "roles/accountroles"; @@ -96,6 +104,7 @@ public class AccountRoleSubResource */ @Override public ServiceContextFactory getServiceContextFactory() { +// public ServiceContextFactory getServiceContextFactory() { return RemoteServiceContextFactory.get(); } @@ -145,7 +154,10 @@ public class AccountRoleSubResource ServiceContext ctx = createServiceContext(input, subject); DocumentHandler handler = createDocumentHandler(ctx); - return getStorageClient(ctx).create(ctx, handler); + + String bogusCsid = getStorageClient(ctx).create(ctx, handler); + + return bogusCsid; } /** @@ -171,6 +183,57 @@ public class AccountRoleSubResource return result; } + /** + * Gets the account role. + * + * @param csid the csid + * @param subject the subject + * @param accountRoleCsid the account role csid + * @return the account role + * @throws Exception the exception + */ + public AccountRoleRel getAccountRoleRel(String csid, + SubjectType subject, + String accountRoleCsid) throws Exception { + + if (logger.isDebugEnabled()) { + logger.debug("getAccountRole with csid=" + csid); + } +// AccountRolesList result = new AccountRolesList(); + ServiceContext ctx = createServiceContext((AccountRole) null, subject); + AccountRoleDocumentHandler handler = (AccountRoleDocumentHandler)createDocumentHandler(ctx); + handler.setAccountRoleCsid(accountRoleCsid); + //getStorageClient(ctx).get(ctx, csid, handler); + AccountRoleRel accountRoleRel = (AccountRoleRel)JpaStorageUtils.getEntity(new Long(accountRoleCsid).longValue(), AccountRoleRel.class); +// List accountRoleList = result.getAccountRoleListItems(); +// AccountRoleListItem listItem = new AccountRoleListItem(); +// // fill the item +// listItem.setCsid(accountRoleRel.getHjid().toString()); +// listItem.setRoleId(accountRoleRel.getRoleId()); +// listItem.setRoleName(accountRoleRel.getRoleName()); + // add item to result list +// result = (AccountRolesList) ctx.getOutput(); + + return accountRoleRel; + } + + /** + * X_delete account role. + * + * @param csid the csid + * @param subject the subject + * @throws Exception the exception + */ + public void x_deleteAccountRole(String csid, + SubjectType subject) throws Exception { + + if (logger.isDebugEnabled()) { + logger.debug("deleteAccountRole with csid=" + csid); + } + AccountRole toDelete = getAccountRole(csid, subject); + deleteAccountRole(csid, subject, toDelete); + } + /** * deleteAccountRole deletes all account-role relationships using given * csid of object (account/role) and subject (role/account) diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountRoleDocumentHandler.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountRoleDocumentHandler.java index 9233d9f10..3da9334a2 100644 --- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountRoleDocumentHandler.java +++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountRoleDocumentHandler.java @@ -26,6 +26,10 @@ package org.collectionspace.services.account.storage; import java.util.ArrayList; import java.util.List; +//import org.collectionspace.services.authorization.AccountRolesList; +//import org.collectionspace.services.authorization.AccountRolesList.AccountRoleListItem; + +import org.collectionspace.services.common.authorization_mgt.AuthorizationRoleRel; import org.collectionspace.services.authorization.AccountRole; import org.collectionspace.services.authorization.AccountRoleRel; import org.collectionspace.services.authorization.AccountValue; @@ -43,48 +47,210 @@ import org.collectionspace.services.common.context.ServiceContextProperties; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +// TODO: Auto-generated Javadoc /** - * Document handler for AccountRole association - * @author + * Document handler for AccountRole association. + * + * @author */ public class AccountRoleDocumentHandler - extends JpaDocumentHandler, List> { + extends JpaDocumentHandler, List> { + /** The logger. */ private final Logger logger = LoggerFactory.getLogger(AccountRoleDocumentHandler.class); + + /** The account role. */ private AccountRole accountRole; - private PermissionsRolesList accountRolesList; - +// private AccountRolesList accountRolesList; + /** The account role csid. */ + private String accountRoleCsid = null; + + /** + * Gets the account role csid. + * + * @return the account role csid + */ + public String getAccountRoleCsid() { + return this.accountRoleCsid; + } + + /** + * Sets the account role csid. + * + * @param theAccountRoleCsid the new account role csid + */ + public void setAccountRoleCsid(String theAccountRoleCsid) { + this.accountRoleCsid = theAccountRoleCsid; + } + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleCreate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleCreate(DocumentWrapper> wrapDoc) throws Exception { fillCommonPart(getCommonPart(), wrapDoc); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleUpdate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleUpdate(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeUpdate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void completeUpdate(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGet(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleGet(DocumentWrapper> wrapDoc) throws Exception { + AccountRole output = extractCommonPart(wrapDoc); setCommonPart(extractCommonPart(wrapDoc)); - getServiceContext().setOutput(accountRole); +// AccountRole accountRoleList = extractCommonPartList(wrapDoc); + getServiceContext().setOutput(output); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGetAll(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleGetAll(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleDelete(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleDelete(DocumentWrapper> wrapDoc) throws Exception { - fillCommonPart(getCommonPart(), wrapDoc); + fillCommonPart(getCommonPart(), wrapDoc, true); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPartList(org.collectionspace.services.common.document.DocumentWrapper) + */ + @Override + public AccountRole extractCommonPartList( + DocumentWrapper> wrapDoc) + throws Exception { + + throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler"); + +// AccountRolesList result = new AccountRolesList(); +// List arrl = wrapDoc.getWrappedObject(); +// AccountRole ar = new AccountRole(); +// SubjectType subject = getSubject(getServiceContext()); +// if (arrl.size() == 0) { +// return result; +// } +// +//// result.setSubject(subject); +// AccountRoleRel ar0 = arrl.get(0); +// AccountValue av = buildAccountValue(ar0); +//// result.setAccount(av); +// +// List accountRoleListItems = result.getAccountRoleListItems(); +// if (accountRoleListItems == null) { +// accountRoleListItems = new ArrayList(); +// } +// for (AccountRoleRel e : arrl) { +// AccountRoleListItem accountRoleListItem = new AccountRoleListItem(); +// // fill the item +// accountRoleListItem.setRoleName(e.getRoleName()); +// accountRoleListItem.setRoleId(e.getRoleId()); +// accountRoleListItem.setCsid(e.getHjid().toString()); +// // add item to result list +// accountRoleListItems.add(accountRoleListItem); +// } +// +// // +// // Old Sanjay code +// // +// +// ar0 = arrl.get(0); +// if (SubjectType.ROLE.equals(subject)) { +// +// List avs = new ArrayList(); +// ar.setAccounts(avs); +// av = buildAccountValue(ar0); +// avs.add(av); +// +// //add roles +// List rvs = new ArrayList(); +// ar.setRoles(rvs); +// for (AccountRoleRel arr : arrl) { +// RoleValue rv = buildRoleValue(arr); +// rvs.add(rv); +// } +// } else if (SubjectType.ACCOUNT.equals(subject)) { +// +// List rvs = new ArrayList(); +// ar.setRoles(rvs); +// RoleValue rv = buildRoleValue(ar0); +// rvs.add(rv); +// +// //add accounts +// List avs = new ArrayList(); +// ar.setAccounts(avs); +// for (AccountRoleRel arr : arrl) { +// av = buildAccountValue(arr); +// avs.add(av); +// } +// } +// return result; + } + + public void fillCommonPart(AccountRole ar, + DocumentWrapper> wrapDoc, + boolean handleDelete) + throws Exception { + List arrl = wrapDoc.getWrappedObject(); + SubjectType subject = ar.getSubject(); + if (subject == null) { + //it is not required to give subject as URI determines the subject + subject = getSubject(getServiceContext()); + } else { + //subject mismatch should have been checked during validation + } + if (subject.equals(SubjectType.ROLE)) { + //FIXME: potential index out of bounds exception...negative test needed + AccountValue av = ar.getAccounts().get(0); + + for (RoleValue rv : ar.getRoles()) { + AccountRoleRel arr = buildAccountRoleRel(av, rv, handleDelete); + arrl.add(arr); + } + } else if (SubjectType.ACCOUNT.equals(subject)) { + //FIXME: potential index out of bounds exception...negative test needed + RoleValue rv = ar.getRoles().get(0); + for (AccountValue av : ar.getAccounts()) { + AccountRoleRel arr = buildAccountRoleRel(av, rv, handleDelete); + arrl.add(arr); + } + } + } + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#fillCommonPart(java.lang.Object, org.collectionspace.services.common.document.DocumentWrapper) + */ + @Override + public void fillCommonPart(AccountRole ar, + DocumentWrapper> wrapDoc) + throws Exception { + fillCommonPart(ar, wrapDoc, false); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPart(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public AccountRole extractCommonPart( DocumentWrapper> wrapDoc) @@ -107,14 +273,14 @@ public class AccountRoleDocumentHandler List rvs = new ArrayList(); ar.setRoles(rvs); for (AccountRoleRel arr : arrl) { - RoleValue rv = buildRoleValue(arr); + RoleValue rv = AuthorizationRoleRel.buildRoleValue(arr); rvs.add(rv); } } else if (SubjectType.ACCOUNT.equals(subject)) { List rvs = new ArrayList(); ar.setRoles(rvs); - RoleValue rv = buildRoleValue(ar0); + RoleValue rv = AuthorizationRoleRel.buildRoleValue(ar0); rvs.add(rv); //add accounts @@ -128,74 +294,62 @@ public class AccountRoleDocumentHandler return ar; } - @Override - public void fillCommonPart(AccountRole ar, DocumentWrapper> wrapDoc) - throws Exception { - List arrl = wrapDoc.getWrappedObject(); - SubjectType subject = ar.getSubject(); - if (subject == null) { - //it is not required to give subject as URI determines the subject - subject = getSubject(getServiceContext()); - } else { - //subject mismatch should have been checked during validation - } - if (subject.equals(SubjectType.ROLE)) { - //FIXME: potential index out of bounds exception...negative test needed - AccountValue av = ar.getAccounts().get(0); - - for (RoleValue rv : ar.getRoles()) { - AccountRoleRel arr = buildAccountRoleRel(av, rv); - arrl.add(arr); - } - } else if (SubjectType.ACCOUNT.equals(subject)) { - //FIXME: potential index out of bounds exception...negative test needed - RoleValue rv = ar.getRoles().get(0); - for (AccountValue av : ar.getAccounts()) { - AccountRoleRel arr = buildAccountRoleRel(av, rv); - arrl.add(arr); - } - } - } - - @Override - public PermissionsRolesList extractCommonPartList( - DocumentWrapper> wrapDoc) - throws Exception { - - throw new UnsupportedOperationException("operation not relevant for AccountRoleDocumentHandler"); - } - + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPart() + */ @Override public AccountRole getCommonPart() { return accountRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPart(java.lang.Object) + */ @Override public void setCommonPart(AccountRole accountRole) { this.accountRole = accountRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPartList() + */ @Override - public PermissionsRolesList getCommonPartList() { - return accountRolesList; + public AccountRole getCommonPartList() { + return accountRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPartList(java.lang.Object) + */ @Override - public void setCommonPartList(PermissionsRolesList accountRolesList) { - this.accountRolesList = accountRolesList; + public void setCommonPartList(AccountRole theAccountRole) { +// this.accountRolesList = accountRolesList; + this.accountRole = theAccountRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getQProperty(java.lang.String) + */ @Override public String getQProperty( String prop) { return null; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#createDocumentFilter() + */ @Override public DocumentFilter createDocumentFilter() { return new DocumentFilter(this.getServiceContext()); } + /** + * Builds the account value. + * + * @param arr the arr + * @return the account value + */ private AccountValue buildAccountValue(AccountRoleRel arr) { AccountValue av = new AccountValue(); av.setAccountId(arr.getAccountId()); @@ -204,24 +358,34 @@ public class AccountRoleDocumentHandler return av; } - private RoleValue buildRoleValue(AccountRoleRel arr) { - RoleValue rv = new RoleValue(); - rv.setRoleId(arr.getRoleId()); - rv.setRoleName(arr.getRoleName()); - return rv; - } - - private AccountRoleRel buildAccountRoleRel(AccountValue av, RoleValue rv) { + /** + * Builds the account role rel. + * + * @param av the av + * @param rv the rv + * @return the account role rel + */ + private AccountRoleRel buildAccountRoleRel(AccountValue av, RoleValue rv, boolean handleDelete) { AccountRoleRel arr = new AccountRoleRel(); arr.setAccountId(av.getAccountId()); arr.setUserId(av.getUserId()); arr.setScreenName(av.getScreenName()); - arr.setRoleId(rv.getRoleId()); arr.setRoleName(rv.getRoleName()); + + String relationshipId = rv.getRoleRelationshipId(); + if (relationshipId != null && handleDelete == true) { + arr.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation + } return arr; } + /** + * Gets the subject. + * + * @param ctx the ctx + * @return the subject + */ static SubjectType getSubject(ServiceContext ctx) { Object o = ctx.getProperty(ServiceContextProperties.SUBJECT); if (o == null) { diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleClient.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleClient.java index b6e297146..8a56491bf 100644 --- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleClient.java +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleClient.java @@ -96,6 +96,18 @@ public class PermissionRoleClient extends AbstractServiceClientImpl { return permissionRoleProxy.read(csid, prcsid); } + /** + * Read. + * + * @param csid the csid + * @param prcsid relationship does not have an id, junk is fine + * @return the client response + * @see + */ + public ClientResponse read(String csid) { + return permissionRoleProxy.read(csid); + } + /** * Creates the. * @@ -120,4 +132,10 @@ public class PermissionRoleClient extends AbstractServiceClientImpl { public ClientResponse delete(String csid, PermissionRole permRole) { return permissionRoleProxy.delete(csid, "delete", permRole); } + + @Override + public ClientResponse delete(String csid) { + return permissionRoleProxy.delete(csid); + } + } diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleProxy.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleProxy.java index e3f2b9ad0..f2389678d 100644 --- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleProxy.java +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleProxy.java @@ -27,6 +27,7 @@ package org.collectionspace.services.client; import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.Path; @@ -52,16 +53,27 @@ public interface PermissionRoleProxy extends CollectionSpaceProxy { @Path("/{csid}/permroles") ClientResponse create(@PathParam("csid") String csid, PermissionRole permRole); + //(R)ead + @GET + @Path("/{csid}/permroles") + ClientResponse read(@PathParam("csid") String csid); + //(R)ead @GET @Path("/{csid}/permroles/{prcsid}") ClientResponse read(@PathParam("csid") String csid, @PathParam("prcsid") String prcsid); - + //(D)elete @POST @Path("/{csid}/permroles") ClientResponse delete(@PathParam("csid") String csid, @QueryParam("_method") String method, PermissionRole permRole); + + //(D)elete + @DELETE + @Path("/{csid}/permroles") + ClientResponse delete(@PathParam("csid") String csid); + } diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java index 4077ce8a7..ce1930f75 100644 --- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java @@ -35,6 +35,7 @@ import org.jboss.resteasy.plugins.providers.RegisterBuiltin; import org.jboss.resteasy.client.ClientResponse; import org.jboss.resteasy.spi.ResteasyProviderFactory; +// TODO: Auto-generated Javadoc /** * A RolePermissionClient. @@ -88,10 +89,20 @@ public class RolePermissionClient extends AbstractServiceClientImpl { * Read. * * @param csid the csid - * @param prcsid relationship does not have an id, junk is fine * @return the client response * @see */ + public ClientResponse read(String csid) { + return rolePermissionProxy.read(csid); + } + + /** + * Read. + * + * @param csid the csid + * @param prcsid the prcsid + * @return the client response + */ public ClientResponse read(String csid, String prcsid) { return rolePermissionProxy.read(csid, prcsid); } @@ -109,12 +120,24 @@ public class RolePermissionClient extends AbstractServiceClientImpl { } /** - * delete given relationships between given role and permission(s) - * @param csid - * @param permRole - * @return + * delete given relationships between given role and permission(s). + * + * @param csid the csid + * @param permRole the perm role + * @return the client response */ public ClientResponse delete(String csid, PermissionRole permRole) { return rolePermissionProxy.delete(csid, "delete", permRole); } + + /** + * delete given relationships between given role and permission(s). + * + * @param csid the csid + * @return the client response + */ + @Override + public ClientResponse delete(String csid) { + return rolePermissionProxy.delete(csid); + } } diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java index 3613ba4c2..b613ab7ff 100644 --- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java @@ -53,15 +53,25 @@ public interface RolePermissionProxy extends CollectionSpaceProxy { @Path("/{csid}/permroles") ClientResponse create(@PathParam("csid") String csid, PermissionRole permRole); + //(R)ead + @GET + @Path("/{csid}/permroles") + ClientResponse read(@PathParam("csid") String csid); + //(R)ead @GET @Path("/{csid}/permroles/{prcsid}") ClientResponse read(@PathParam("csid") String csid, @PathParam("prcsid") String prcsid); - + //(D)elete - with a payload @POST @Path("/{csid}/permroles") ClientResponse delete(@PathParam("csid") String csid, @QueryParam("_method") String method, PermissionRole permRole); + + //(D)elete + @DELETE + @Path("/{csid}/permroles") + ClientResponse delete(@PathParam("csid") String csid); } diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java index 82be06e7d..0f498b46d 100644 --- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java @@ -27,14 +27,16 @@ import java.util.Collection; import java.util.Hashtable; import java.util.List; import javax.ws.rs.core.Response; -import org.collectionspace.services.authorization.EffectType; +import org.collectionspace.services.jaxb.AbstractCommonList; +import org.collectionspace.services.authorization.EffectType; import org.collectionspace.services.authorization.Permission; import org.collectionspace.services.authorization.PermissionAction; import org.collectionspace.services.authorization.PermissionRole; import org.collectionspace.services.authorization.PermissionValue; import org.collectionspace.services.authorization.Role; import org.collectionspace.services.authorization.RoleValue; + import org.collectionspace.services.client.CollectionSpaceClient; import org.collectionspace.services.client.PermissionClient; import org.collectionspace.services.client.PermissionFactory; @@ -42,9 +44,10 @@ import org.collectionspace.services.client.PermissionRoleClient; import org.collectionspace.services.client.PermissionRoleFactory; import org.collectionspace.services.client.RoleClient; import org.collectionspace.services.client.RoleFactory; + import org.collectionspace.services.client.test.AbstractServiceTestImpl; import org.collectionspace.services.client.test.ServiceRequestType; -import org.collectionspace.services.jaxb.AbstractCommonList; + import org.jboss.resteasy.client.ClientResponse; import org.testng.Assert; @@ -271,7 +274,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { ClientResponse res = null; try { res = client.read( - permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId(), "123"); + permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -311,7 +314,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { PermissionRoleClient client = new PermissionRoleClient(); ClientResponse res = null; try { - res = client.read(NON_EXISTENT_ID, "123"); + res = client.read(NON_EXISTENT_ID); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -344,7 +347,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { ClientResponse res = null; try { res = client.read( - permValues.get(TEST_SERVICE_NAME + TEST_MARKER + NO_REL_SUFFIX).getPermissionId(), "123"); + permValues.get(TEST_SERVICE_NAME + TEST_MARKER + NO_REL_SUFFIX).getPermissionId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -455,21 +458,23 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Perform setup. setupDelete(); - // Submit the request to the service and store the response. + // + // + // PermissionRoleClient client = new PermissionRoleClient(); - ClientResponse res = null; + ClientResponse readResponse = client.read( + permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId()); + PermissionRole toDelete = null; try { - PermissionValue pv = permValues.get(TEST_SERVICE_NAME + TEST_MARKER); - PermissionRole permRole = createPermissionRoleInstance(pv, - roleValues.values(), true, true); - res = client.delete(pv.getPermissionId(), permRole); - int statusCode = res.getStatus(); + toDelete = readResponse.getEntity(); + } finally { + readResponse.releaseConnection(); + } - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); - } + ClientResponse res = client.delete( + toDelete.getPermissions().get(0).getPermissionId(), toDelete); + try { + int statusCode = res.getStatus(); Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); @@ -478,6 +483,35 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { res.releaseConnection(); } } + + // + // recreate 'TEST_SERVICE_NAME + TEST_MARKER' account and roles + // + create(testName); + setupDelete(); + + // + // Lookup a know permission, and delete all of its role relationships + // + readResponse = client.read( + permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId()); + toDelete = null; + try { + toDelete = readResponse.getEntity(); + } finally { + readResponse.releaseConnection(); + } + + res = client.delete(toDelete.getPermissions().get(0).getPermissionId()); + try { + int statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + res.releaseConnection(); + } + } // Failure outcomes diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java index 2df850362..9dadbc25d 100644 --- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java @@ -269,8 +269,7 @@ public class RolePermissionServiceTest extends AbstractServiceTestImpl { RolePermissionClient client = new RolePermissionClient(); ClientResponse res = null; try { - res = client.read( - roleValues.get(getRoleName()).getRoleId(), "123"); + res = client.read(roleValues.get(getRoleName()).getRoleId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -311,7 +310,7 @@ public class RolePermissionServiceTest extends AbstractServiceTestImpl { ClientResponse res = null; try { - res = client.read(NON_EXISTENT_ID, "123"); + res = client.read(NON_EXISTENT_ID); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -342,7 +341,7 @@ public class RolePermissionServiceTest extends AbstractServiceTestImpl { ClientResponse res = null; try { - res = client.read(roleValues.get(getRoleName() + NO_REL_SUFFIX).getRoleId(), "123"); + res = client.read(roleValues.get(getRoleName() + NO_REL_SUFFIX).getRoleId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -448,26 +447,41 @@ public class RolePermissionServiceTest extends AbstractServiceTestImpl { if (logger.isDebugEnabled()) { logger.debug(testBanner(testName, CLASS_NAME)); } - ; + // Perform setup. setupDelete(); - + // Submit the request to the service and store the response. RolePermissionClient client = new RolePermissionClient(); + RoleValue rv = roleValues.get(getRoleName()); + ClientResponse delRes = null; + try { + delRes = client.delete(rv.getRoleId()); + int statusCode = delRes.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + if (delRes != null) { + delRes.releaseConnection(); + } + } + + // reset for next delete + create(testName); + setupDelete(); + + rv = roleValues.get(getRoleName()); + ClientResponse readResponse = client.read(rv.getRoleId()); + PermissionRole toDelete = readResponse.getEntity(); + readResponse.releaseConnection(); + + rv = toDelete.getRoles().get(0); ClientResponse res = null; try { - RoleValue rv = roleValues.get(getRoleName()); - PermissionRole permRole = createPermissionRoleInstance(rv, - permValues.values(), true, true); res = client.delete( - roleValues.get(getRoleName()).getRoleId(), permRole); + rv.getRoleId(), toDelete); int statusCode = res.getStatus(); - - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); - } Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); diff --git a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java index 1102943bd..bf84ab486 100644 --- a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java +++ b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java @@ -193,7 +193,7 @@ public class AuthorizationSeedDriver { List permRoleRels = new ArrayList(); for (PermissionRole pr : authzGen.getDefaultPermissionRoles()) { - PermissionRoleUtil.buildPermissionRoleRel(pr, SubjectType.ROLE, permRoleRels); + PermissionRoleUtil.buildPermissionRoleRel(pr, SubjectType.ROLE, permRoleRels, false /*not for delete*/); } for (PermissionRoleRel permRoleRel : permRoleRels) { authzStore.store(permRoleRel); diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java index 02594b98a..367076a05 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java @@ -38,10 +38,13 @@ import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; + +import org.collectionspace.services.authorization.storage.PermissionRoleDocumentHandler; import org.collectionspace.services.authorization.storage.AuthorizationDelegate; +import org.collectionspace.services.common.storage.StorageClient; +import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl; import org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl; -//import org.collectionspace.services.common.context.RemoteServiceContextImpl; import org.collectionspace.services.common.ServiceMessages; import org.collectionspace.services.common.context.ServiceContext; import org.collectionspace.services.common.context.RemoteServiceContextFactory; @@ -51,8 +54,7 @@ import org.collectionspace.services.common.document.DocumentFilter; import org.collectionspace.services.common.document.DocumentNotFoundException; import org.collectionspace.services.common.document.DocumentHandler; import org.collectionspace.services.common.security.UnauthorizedException; -import org.collectionspace.services.common.storage.StorageClient; -import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl; + import org.jboss.resteasy.util.HttpResponseCodes; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -442,7 +444,7 @@ public class PermissionResource @GET @Path("{csid}/permroles/{permrolecsid}") - public PermissionRole getPermissionRole( + public PermissionRoleRel getPermissionRole( @PathParam("csid") String permCsid, @PathParam("permrolecsid") String permrolecsid) { if (logger.isDebugEnabled()) { @@ -456,6 +458,61 @@ public class PermissionResource "text/plain").build(); throw new WebApplicationException(response); } + PermissionRoleRel result = null; + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.PERMISSION_PERMROLE_SERVICE); + //get relationships for a permission + result = subResource.getPermissionRoleRel(permCsid, SubjectType.ROLE, permrolecsid); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("getPermissionRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles permission csid=" + permCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("getPermissionRole", e); + } + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.GET_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + if (result == null) { + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles permisison csid=" + permCsid + + ": was not found.").type( + "text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + @GET + @Path("{csid}/permroles") + public PermissionRole getPermissionRole( + @PathParam("csid") String permCsid) { + if (logger.isDebugEnabled()) { + logger.debug("getPermissionRole with permCsid=" + permCsid); + } + if (permCsid == null || "".equals(permCsid)) { + logger.error("getPermissionRole: missing permCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.GET_FAILED + "permroles permission " + + ServiceMessages.MISSING_INVALID_CSID + permCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } PermissionRole result = null; try { PermissionRoleSubResource subResource = @@ -496,11 +553,16 @@ public class PermissionResource return result; } - public Response deletePermissionRole( - @PathParam("csid") String permCsid, - PermissionRole input) { + /** + * Delete permission role. + * + * @param permCsid the perm csid + * @param input the input + * @return the response + */ + public Response deletePermissionRole(String permCsid, PermissionRole input) { if (logger.isDebugEnabled()) { - logger.debug("deletePermissionRole with permCsid=" + permCsid); + logger.debug("Delete payload of permrole relationships with permission permCsid=" + permCsid); } if (permCsid == null || "".equals(permCsid)) { logger.error("deletePermissionRole: missing permCsid!"); @@ -539,4 +601,55 @@ public class PermissionResource } } + + /** + * Delete permission role. + * + * @param permCsid the perm csid + * @return the response + */ + @DELETE + @Path("{csid}/permroles") + public Response deletePermissionRole( + @PathParam("csid") String permCsid) { + if (logger.isDebugEnabled()) { + logger.debug("Delete all the role relationships of the permissions with permCsid=" + permCsid); + } + if (permCsid == null || "".equals(permCsid)) { + logger.error("deletePermissionRole: missing permCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.DELETE_FAILED + "permroles permission " + + ServiceMessages.MISSING_INVALID_CSID + permCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.PERMISSION_PERMROLE_SERVICE); + //delete all relationships for a permission + subResource.deletePermissionRole(permCsid, SubjectType.ROLE); + return Response.status(HttpResponseCodes.SC_OK).build(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caught exception in deletePermissionRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.DELETE_FAILED + "permisison csid=" + permCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.DELETE_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + } + } diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java index 6215c8df0..ca3bd7026 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java @@ -23,6 +23,8 @@ */ package org.collectionspace.services.authorization; +import org.collectionspace.services.authorization.storage.PermissionRoleDocumentHandler; + import org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl; import org.collectionspace.services.common.context.RemoteServiceContextFactory; import org.collectionspace.services.common.context.ServiceContext; @@ -30,7 +32,9 @@ import org.collectionspace.services.common.context.ServiceContextFactory; import org.collectionspace.services.common.document.DocumentHandler; import org.collectionspace.services.common.storage.StorageClient; import org.collectionspace.services.common.storage.jpa.JpaRelationshipStorageClient; +import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; import org.collectionspace.services.common.context.ServiceContextProperties; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -51,14 +55,21 @@ public class PermissionRoleSubResource final Logger logger = LoggerFactory.getLogger(PermissionRoleSubResource.class); /** The storage client. */ final StorageClient storageClient = new JpaRelationshipStorageClient(); + // + private String permissionRoleCsid = null; + /** + * Instantiates a new permission role sub resource. + * + * @param serviceName the service name + */ public PermissionRoleSubResource(String serviceName) { this.serviceName = serviceName; } + /* (non-Javadoc) * @see org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl#getVersionString() */ - @Override protected String getVersionString() { /** The last change revision. */ @@ -150,6 +161,41 @@ public class PermissionRoleSubResource return getStorageClient(ctx).create(ctx, handler); } + /** + * Gets the permission role rel. + * + * @param csid the csid + * @param subject the subject + * @param permissionRoleCsid the permission role csid + * @return the permission role rel + * @throws Exception the exception + */ + public PermissionRoleRel getPermissionRoleRel(String csid, + SubjectType subject, + String permissionRoleCsid) throws Exception { + + if (logger.isDebugEnabled()) { + logger.debug("getAccountRole with csid=" + csid); + } +// AccountRolesList result = new AccountRolesList(); + ServiceContext ctx = createServiceContext((PermissionRole) null, subject); + PermissionRoleDocumentHandler handler = (PermissionRoleDocumentHandler)createDocumentHandler(ctx); + handler.setPermissionRoleCsid(permissionRoleCsid); + //getStorageClient(ctx).get(ctx, csid, handler); + PermissionRoleRel permissionRoleRel = (PermissionRoleRel)JpaStorageUtils.getEntity( + new Long(permissionRoleCsid).longValue(), PermissionRoleRel.class); +// List accountRoleList = result.getAccountRoleListItems(); +// AccountRoleListItem listItem = new AccountRoleListItem(); +// // fill the item +// listItem.setCsid(accountRoleRel.getHjid().toString()); +// listItem.setRoleId(accountRoleRel.getRoleId()); +// listItem.setRoleName(accountRoleRel.getRoleName()); + // add item to result list +// result = (AccountRolesList) ctx.getOutput(); + + return permissionRoleRel; + } + /** * getPermissionRole retrieves permission-role relationships using given * csid of object (permission/role) and subject (role/permission) diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java index f94135106..4aa34d569 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java @@ -56,6 +56,7 @@ import org.jboss.resteasy.util.HttpResponseCodes; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +// TODO: Auto-generated Javadoc /** * The Class RoleResource. */ @@ -382,6 +383,14 @@ public class RoleResource } + /** + * Creates the role permission. + * + * @param method the method + * @param roleCsid the role csid + * @param input the input + * @return the response + */ @POST @Path("{csid}/permroles") public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid, @@ -433,11 +442,17 @@ public class RoleResource } } + /** + * Gets the role permission. + * + * @param roleCsid the role csid + * @param permrolecsid the permrolecsid + * @return the role permission + */ @GET - @Path("{csid}/permroles/{permrolecsid}") + @Path("{csid}/permroles") public PermissionRole getRolePermission( - @PathParam("csid") String roleCsid, - @PathParam("permrolecsid") String permrolecsid) { + @PathParam("csid") String roleCsid) { if (logger.isDebugEnabled()) { logger.debug("getRolePermission with roleCsid=" + roleCsid); } @@ -489,9 +504,70 @@ public class RoleResource return result; } - public Response deleteRolePermission( + @GET + @Path("{csid}/permroles/{permrolecsid}") + public PermissionRoleRel getRolePermission( @PathParam("csid") String roleCsid, - PermissionRole input) { + @PathParam("permrolecsid") String permrolecsid) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission with roleCsid=" + roleCsid); + } + if (roleCsid == null || "".equals(roleCsid)) { + logger.error("getRolePermission: missing roleCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.GET_FAILED + "permroles role " + + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + PermissionRoleRel result = null; + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE); + //get relationships for a role + result = subResource.getPermissionRoleRel(roleCsid, SubjectType.PERMISSION, permrolecsid); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission", e); + } + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.GET_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + if (result == null) { + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid + + ": was not found.").type( + "text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + /** + * Delete role permission. + * + * @param roleCsid the role csid + * @param input the input + * @return the response + */ + public Response deleteRolePermission(String roleCsid, PermissionRole input) { if (logger.isDebugEnabled()) { logger.debug("deleteRolePermission with roleCsid=" + roleCsid); @@ -534,4 +610,57 @@ public class RoleResource } } + + /** + * Delete role permission. + * + * @param roleCsid the role csid + * @return the response + */ + @DELETE + @Path("{csid}/permroles") + public Response deleteRolePermission( + @PathParam("csid") String roleCsid) { + + if (logger.isDebugEnabled()) { + logger.debug("deleteRolePermission with roleCsid=" + roleCsid); + } + + if (roleCsid == null || "".equals(roleCsid)) { + logger.error("deleteRolePermission: missing roleCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.DELETE_FAILED + "permroles role " + + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE); + //delete all relationships for a permission + subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION); + return Response.status(HttpResponseCodes.SC_OK).build(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caught exception in deleteRolePermission", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.DELETE_FAILED + "role csid=" + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.DELETE_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + + } } diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java index f8cbda541..c4e7da89f 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java @@ -26,6 +26,8 @@ package org.collectionspace.services.authorization.storage; import java.util.ArrayList; import java.util.List; +import org.collectionspace.services.authorization.AccountRole; +import org.collectionspace.services.authorization.AccountRoleRel; import org.collectionspace.services.authorization.Permission; import org.collectionspace.services.authorization.PermissionRole; import org.collectionspace.services.authorization.PermissionRoleRel; @@ -35,6 +37,7 @@ import org.collectionspace.services.authorization.PermissionsRolesList; import org.collectionspace.services.authorization.RoleValue; import org.collectionspace.services.authorization.SubjectType; +import org.collectionspace.services.common.authorization_mgt.AuthorizationRoleRel; import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl; import org.collectionspace.services.common.document.DocumentFilter; import org.collectionspace.services.common.document.DocumentWrapper; @@ -42,60 +45,107 @@ import org.collectionspace.services.common.storage.jpa.JpaDocumentHandler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +// TODO: Auto-generated Javadoc /** - * Document handler for PermissionRole association - * @author + * Document handler for PermissionRole association. + * + * @author */ public class PermissionRoleDocumentHandler extends JpaDocumentHandler, List> { + /** The logger. */ private final Logger logger = LoggerFactory.getLogger(PermissionRoleDocumentHandler.class); + + /** The permission role. */ private PermissionRole permissionRole; + + /** The permission roles list. */ private PermissionsRolesList permissionRolesList; + // + /** The permission role csid. */ + private String permissionRoleCsid = null; + + /** + * Sets the permission role csid. + * + * @param thePermissionRoleCsid the new permission role csid + */ + public void setPermissionRoleCsid(String thePermissionRoleCsid) { + this.permissionRoleCsid = thePermissionRoleCsid; + } + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleCreate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleCreate(DocumentWrapper> wrapDoc) throws Exception { fillCommonPart(getCommonPart(), wrapDoc); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeCreate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void completeCreate(DocumentWrapper> wrapDoc) throws Exception { PermissionRole pr = getCommonPart(); AuthorizationDelegate.addPermissions(getServiceContext(), pr); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleUpdate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleUpdate(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeUpdate(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void completeUpdate(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGet(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleGet(DocumentWrapper> wrapDoc) throws Exception { setCommonPart(extractCommonPart(wrapDoc)); getServiceContext().setOutput(permissionRole); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleGetAll(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleGetAll(DocumentWrapper> wrapDoc) throws Exception { throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#handleDelete(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void handleDelete(DocumentWrapper> wrapDoc) throws Exception { - fillCommonPart(getCommonPart(), wrapDoc); + fillCommonPart(getCommonPart(), wrapDoc, true); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#completeDelete(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public void completeDelete(DocumentWrapper> wrapDoc) throws Exception { PermissionRole pr = getCommonPart(); AuthorizationDelegate.deletePermissions(getServiceContext(), pr); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPart(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public PermissionRole extractCommonPart( DocumentWrapper> wrapDoc) @@ -111,36 +161,45 @@ public class PermissionRoleDocumentHandler List pvs = new ArrayList(); pr.setPermissions(pvs); - PermissionValue pv = buildPermissionValue(prr0); + PermissionValue pv = AuthorizationRoleRel.buildPermissionValue(prr0); pvs.add(pv); //add roles List rvs = new ArrayList(); pr.setRoles(rvs); for (PermissionRoleRel prr : prrl) { - RoleValue rv = buildRoleValue(prr); + RoleValue rv = AuthorizationRoleRel.buildRoleValue(prr); rvs.add(rv); } } else if (SubjectType.PERMISSION.equals(subject)) { List rvs = new ArrayList(); pr.setRoles(rvs); - RoleValue rv = buildRoleValue(prr0); + RoleValue rv = AuthorizationRoleRel.buildRoleValue(prr0); rvs.add(rv); //add permssions List pvs = new ArrayList(); pr.setPermissions(pvs); for (PermissionRoleRel prr : prrl) { - PermissionValue pv = buildPermissionValue(prr); + PermissionValue pv = AuthorizationRoleRel.buildPermissionValue(prr); pvs.add(pv); } } return pr; } - @Override - public void fillCommonPart(PermissionRole pr, DocumentWrapper> wrapDoc) + /** + * Fill common part. + * + * @param pr the pr + * @param wrapDoc the wrap doc + * @param handleDelete the handle delete + * @throws Exception the exception + */ + public void fillCommonPart(PermissionRole pr, + DocumentWrapper> wrapDoc, + boolean handleDelete) throws Exception { List prrl = wrapDoc.getWrappedObject(); SubjectType subject = pr.getSubject(); @@ -150,9 +209,22 @@ public class PermissionRoleDocumentHandler } else { //subject mismatch should have been checked during validation } - PermissionRoleUtil.buildPermissionRoleRel(pr, subject, prrl); + PermissionRoleUtil.buildPermissionRoleRel(pr, subject, prrl, handleDelete); } - + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#fillCommonPart(java.lang.Object, org.collectionspace.services.common.document.DocumentWrapper) + */ + @Override + public void fillCommonPart(PermissionRole ar, + DocumentWrapper> wrapDoc) + throws Exception { + fillCommonPart(ar, wrapDoc, false); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#extractCommonPartList(org.collectionspace.services.common.document.DocumentWrapper) + */ @Override public PermissionsRolesList extractCommonPartList( DocumentWrapper> wrapDoc) @@ -161,49 +233,52 @@ public class PermissionRoleDocumentHandler throw new UnsupportedOperationException("operation not relevant for PermissionRoleDocumentHandler"); } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPart() + */ @Override public PermissionRole getCommonPart() { return permissionRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPart(java.lang.Object) + */ @Override public void setCommonPart(PermissionRole permissionRole) { this.permissionRole = permissionRole; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getCommonPartList() + */ @Override public PermissionsRolesList getCommonPartList() { return permissionRolesList; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#setCommonPartList(java.lang.Object) + */ @Override public void setCommonPartList(PermissionsRolesList permissionRolesList) { this.permissionRolesList = permissionRolesList; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#getQProperty(java.lang.String) + */ @Override public String getQProperty( String prop) { return null; } + /* (non-Javadoc) + * @see org.collectionspace.services.common.document.AbstractDocumentHandlerImpl#createDocumentFilter() + */ @Override public DocumentFilter createDocumentFilter() { return new DocumentFilter(this.getServiceContext()); } - - private PermissionValue buildPermissionValue(PermissionRoleRel prr) { - PermissionValue pv = new PermissionValue(); - pv.setPermissionId(prr.getPermissionId()); - pv.setResourceName(prr.getPermissionResource()); - pv.setActionGroup(prr.getActionGroup()); - return pv; - } - - private RoleValue buildRoleValue(PermissionRoleRel prr) { - RoleValue rv = new RoleValue(); - rv.setRoleId(prr.getRoleId()); - rv.setRoleName(prr.getRoleName()); - return rv; - } } diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java index 365716a11..59ad027fc 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java @@ -34,12 +34,20 @@ import org.collectionspace.services.common.context.ServiceContext; import org.collectionspace.services.common.context.ServiceContextProperties; import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; +// TODO: Auto-generated Javadoc /** + * The Class PermissionRoleUtil. * - * @author + * @author */ public class PermissionRoleUtil { + /** + * Gets the relation subject. + * + * @param ctx the ctx + * @return the relation subject + */ static SubjectType getRelationSubject(ServiceContext ctx) { Object o = ctx.getProperty(ServiceContextProperties.SUBJECT); if (o == null) { @@ -50,6 +58,13 @@ public class PermissionRoleUtil { return (SubjectType) o; } + /** + * Gets the relation subject. + * + * @param ctx the ctx + * @param pr the pr + * @return the relation subject + */ static SubjectType getRelationSubject(ServiceContext ctx, PermissionRole pr) { SubjectType subject = pr.getSubject(); if (subject == null) { @@ -61,40 +76,72 @@ public class PermissionRoleUtil { /** * buildPermissionRoleRel builds persistent relationship entities from given - * permissionrole + * permissionrole. + * * @param pr permissionrole - * @param subject + * @param subject the subject * @param prrl persistent entities built are inserted into this list + * @param toDelete the to delete */ - static public void buildPermissionRoleRel(PermissionRole pr, SubjectType subject, List prrl) { - + static public void buildPermissionRoleRel(PermissionRole pr, + SubjectType subject, + List prrl, + boolean handleDelete) { if (subject.equals(SubjectType.ROLE)) { //FIXME: potential index out of bounds exception...negative test needed PermissionValue pv = pr.getPermissions().get(0); for (RoleValue rv : pr.getRoles()) { - PermissionRoleRel prr = buildPermissonRoleRel(pv, rv); + PermissionRoleRel prr = buildPermissonRoleRel(pv, rv, subject, handleDelete); prrl.add(prr); } } else if (SubjectType.PERMISSION.equals(subject)) { //FIXME: potential index out of bounds exception...negative test needed RoleValue rv = pr.getRoles().get(0); for (PermissionValue pv : pr.getPermissions()) { - PermissionRoleRel prr = buildPermissonRoleRel(pv, rv); + PermissionRoleRel prr = buildPermissonRoleRel(pv, rv, subject, handleDelete); prrl.add(prr); } } } - static private PermissionRoleRel buildPermissonRoleRel(PermissionValue pv, RoleValue rv) { + /** + * Builds the permisson role rel. + * + * @param pv the pv + * @param rv the rv + * @param handleDelete the handle delete + * @return the permission role rel + */ + static private PermissionRoleRel buildPermissonRoleRel(PermissionValue pv, + RoleValue rv, + SubjectType subject, + boolean handleDelete) { PermissionRoleRel prr = new PermissionRoleRel(); prr.setPermissionId(pv.getPermissionId()); prr.setPermissionResource(pv.getResourceName()); prr.setActionGroup(pv.getActionGroup()); prr.setRoleId(rv.getRoleId()); prr.setRoleName(rv.getRoleName()); + + String relationshipId = null; + if (subject.equals(SubjectType.ROLE) == true) { + relationshipId = rv.getRoleRelationshipId(); + } else if (subject.equals(SubjectType.PERMISSION) == true) { + relationshipId = pv.getPermRelationshipId(); + } + if (relationshipId != null && handleDelete == true) { + prr.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation + } return prr; } + /** + * Checks if is invalid tenant. + * + * @param tenantId the tenant id + * @param msgBldr the msg bldr + * @return true, if is invalid tenant + */ static boolean isInvalidTenant(String tenantId, StringBuilder msgBldr) { boolean invalid = false; diff --git a/services/authorization/jaxb/src/main/resources/accounts_roles.xsd b/services/authorization/jaxb/src/main/resources/accounts_roles.xsd index 4b6d2dda7..ca932e36c 100644 --- a/services/authorization/jaxb/src/main/resources/accounts_roles.xsd +++ b/services/authorization/jaxb/src/main/resources/accounts_roles.xsd @@ -13,6 +13,7 @@ @@ -68,8 +68,15 @@ + + + + + + + - + AccountRole defines association between account and role in CollectionSpace @@ -142,7 +149,44 @@ - + + + + + + AccountRoleList defines 1-n association between + either account and role or role and account. + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/services/authorization/jaxb/src/main/resources/authorization_common.xsd b/services/authorization/jaxb/src/main/resources/authorization_common.xsd index 583613b4f..5d2b4a8b9 100644 --- a/services/authorization/jaxb/src/main/resources/authorization_common.xsd +++ b/services/authorization/jaxb/src/main/resources/authorization_common.xsd @@ -30,7 +30,7 @@ --> - @@ -66,6 +65,7 @@ + @@ -81,6 +81,7 @@ + diff --git a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql index e4a160970..2683107b1 100644 --- a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql +++ b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql @@ -10,4 +10,3 @@ create table permissions_actions (HJID bigint not null auto_increment, name varc create table permissions_roles (HJID bigint not null auto_increment, actionGroup varchar(255), created_at datetime not null, permission_id varchar(128) not null, permission_resource varchar(255), role_id varchar(128) not null, role_name varchar(255), primary key (HJID), unique (permission_id, role_id)); create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), rolegroup varchar(255), rolename varchar(200) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid), unique (rolename, tenant_id)); alter table permissions_actions add index FK85F82042E2DC84FD (ACTIONS_PERMISSION_CSID), add constraint FK85F82042E2DC84FD foreign key (ACTIONS_PERMISSION_CSID) references permissions (csid); - diff --git a/services/collectionobject/3rdparty/nuxeo-platform-cs-collectionobject/src/main/resources/schemas/collectionobjects_common.xsd b/services/collectionobject/3rdparty/nuxeo-platform-cs-collectionobject/src/main/resources/schemas/collectionobjects_common.xsd index 705682ad8..68687b484 100644 --- a/services/collectionobject/3rdparty/nuxeo-platform-cs-collectionobject/src/main/resources/schemas/collectionobjects_common.xsd +++ b/services/collectionobject/3rdparty/nuxeo-platform-cs-collectionobject/src/main/resources/schemas/collectionobjects_common.xsd @@ -545,10 +545,10 @@ - + - + diff --git a/services/collectionobject/jaxb/src/main/resources/collectionobjects_common.xsd b/services/collectionobject/jaxb/src/main/resources/collectionobjects_common.xsd index aade70e49..72093abc3 100644 --- a/services/collectionobject/jaxb/src/main/resources/collectionobjects_common.xsd +++ b/services/collectionobject/jaxb/src/main/resources/collectionobjects_common.xsd @@ -225,7 +225,7 @@ - + @@ -497,9 +497,9 @@ - + - + diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java new file mode 100644 index 000000000..4bba070b8 --- /dev/null +++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationRoleRel.java @@ -0,0 +1,53 @@ +package org.collectionspace.services.common.authorization_mgt; + +import org.collectionspace.services.authorization.PermissionRoleRel; +import org.collectionspace.services.authorization.AccountRoleRel; +import org.collectionspace.services.authorization.PermissionValue; +import org.collectionspace.services.authorization.RoleValue; + +public class AuthorizationRoleRel { + + /** + * Builds the role value. + * + * @param arr the arr + * @return the role account value + */ + static public RoleValue buildRoleValue(AccountRoleRel arr) { + RoleValue rv = new RoleValue(); + rv.setRoleId(arr.getRoleId()); + rv.setRoleName(arr.getRoleName()); + rv.setRoleRelationshipId(arr.getHjid().toString()); + return rv; + } + + /** + * Builds the permission value. + * + * @param prr the prr + * @return the permission value + */ + static public PermissionValue buildPermissionValue(PermissionRoleRel prr) { + PermissionValue pv = new PermissionValue(); + pv.setPermissionId(prr.getPermissionId()); + pv.setResourceName(prr.getPermissionResource()); + pv.setActionGroup(prr.getActionGroup()); + pv.setPermRelationshipId(prr.getHjid().toString()); + return pv; + } + + /** + * Builds the role value. + * + * @param prr the prr + * @return the role value + */ + static public RoleValue buildRoleValue(PermissionRoleRel prr) { + RoleValue rv = new RoleValue(); + rv.setRoleId(prr.getRoleId()); + rv.setRoleName(prr.getRoleName()); + rv.setRoleRelationshipId(prr.getHjid().toString()); + return rv; + } + +} diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java index ed5a8b68b..0405ddba2 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java @@ -24,14 +24,20 @@ package org.collectionspace.services.common.storage.jpa; import org.collectionspace.services.common.context.ServiceContextProperties; + import java.util.ArrayList; import java.util.Date; import java.util.List; import java.util.UUID; + import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.NoResultException; import javax.persistence.Query; + +import org.collectionspace.services.authorization.AccountRoleRel; +import org.collectionspace.services.authorization.PermissionRoleRel; + import org.collectionspace.services.common.context.ServiceContext; import org.collectionspace.services.common.document.BadRequestException; import org.collectionspace.services.common.document.DocumentException; @@ -225,6 +231,51 @@ public class JpaRelationshipStorageClient extends JpaStorageClientImpl { } } } + + /** + * Gets the id. + * + * @param relationship the relationship + * @return the id + */ + private Long getId(T relationship) { + Long result = null; + + if (relationship != null) { + if (relationship instanceof AccountRoleRel) { + AccountRoleRel accountRoleRel = (AccountRoleRel)relationship; + result = accountRoleRel.getHjid(); + } else if (relationship instanceof PermissionRoleRel) { + PermissionRoleRel permissionRoleRel = (PermissionRoleRel)relationship; + result = permissionRoleRel.getHjid(); + } + } + + return result; + } + + /** + * Gets the relationship. + * + * @param em the em + * @param relationship the relationship + * @return the relationship + * @throws DocumentNotFoundException the document not found exception + */ + private T getRelationship(EntityManager em, T relationship) + throws DocumentNotFoundException { + Long id = getId(relationship); + + T relationshipFound = (T)em.find(relationship.getClass(), id); + if (relationshipFound == null) { + String msg = "Could not find relationship with id=" + id; + if (logger.isErrorEnabled() == true) { + logger.error(msg); + } + throw new DocumentNotFoundException(msg); + } + return relationshipFound; + } /** * delete removes all the relationships for the object in the relationship @@ -332,7 +383,7 @@ public class JpaRelationshipStorageClient extends JpaStorageClientImpl { //the following could be much more efficient if done with a single //sql/jql for (T r : rl) { - em.remove(r); + em.remove(getRelationship(em, r)); } em.getTransaction().commit(); handler.complete(Action.DELETE, wrapDoc); diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java index dac25d852..73bf887e8 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java @@ -66,6 +66,23 @@ public class JpaStorageUtils { return entityFound; } + public static Object getEntity(long id, Class entityClazz) { + EntityManagerFactory emf = null; + EntityManager em = null; + Object entityFound = null; + try { + emf = getEntityManagerFactory(); + em = emf.createEntityManager(); + //FIXME: it would be nice to verify tenantid as well + entityFound = em.find(entityClazz, id); + } finally { + if (em != null) { + releaseEntityManagerFactory(emf); + } + } + return entityFound; + } + /** * getEntity with given id and class using given entity manager * diff --git a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java index d683b8d14..390aff377 100644 --- a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java +++ b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java @@ -709,7 +709,7 @@ public class AuthorizationServiceTest extends AbstractServiceTestImpl { AccountRole accRole = AccountRoleFactory.createAccountRoleInstance( av, rvs, true, true); ClientResponse res = client.delete( - av.getAccountId(), accRole); + av.getAccountId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -756,7 +756,7 @@ public class AuthorizationServiceTest extends AbstractServiceTestImpl { PermissionRoleClient client = new PermissionRoleClient(); PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance( pv, rvls, true, true); - ClientResponse res = client.delete(pv.getPermissionId(), permRole); + ClientResponse res = client.delete(pv.getPermissionId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match diff --git a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java index 349a93d29..9a829cc60 100644 --- a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java +++ b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java @@ -830,7 +830,7 @@ public class MultiTenancyTest extends AbstractServiceTestImpl { AccountRole accRole = AccountRoleFactory.createAccountRoleInstance( av, rvs, true, true); ClientResponse res = client.delete( - av.getAccountId(), accRole); + av.getAccountId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match @@ -878,7 +878,7 @@ public class MultiTenancyTest extends AbstractServiceTestImpl { client.setAuth(true, ui.userName, true, ui.password, true); PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance( pv, rvls, true, true); - ClientResponse res = client.delete(pv.getPermissionId(), permRole); + ClientResponse res = client.delete(pv.getPermissionId()); int statusCode = res.getStatus(); // Check the status code of the response: does it match