CSPACE-2211: Fix an additional error in the LoanoutAuthRefsTest that was omitting a write/read-verify test of the borrower field.

CSPACE-2211: Fix several errors in the LoanoutAuthRefsTest that were effectively omitting tests of the borrower and borrowersContact fields.

CSPACE-2205: 'ant undeploy' now cleans up all version-suffixed collectionspace_core JARs from nuxeo.ear/plugins.

NOJIRA: Updating version designation in Services trunk to 0.9-SNAPSHOT, from 0.8-SNAPSHOT, following the creation of the release 0.8 release branch.

CSPACE-2126 Added shortIdentifier to the list results item schema, for vocab+authority services.

CSPACE-590, CSPACE-2126, modifying authorities to support shortIdentifier. This is now used to create refNames, and used to get by name. Updated associated utilities for creating authorities and items. Updated all the various tests that create authorities and instances.

CSPACE-2183: The sub-body field is now an authority reference field in Organization item records.

CSPACE-2191: Declare instance of ContactsCommonList before using it as a generic to resolve 'incompatible types' error.

CSPACE-2180: Test case for a pseudorandom number generator in the ID service that returns probabilistic results now only generates warnings, not assertion exceptions, when the expected result is not obtained.

CSPACE-2138: Added 'web' field, removed 'notes' field, in Contact schema, in the services, per latest changes to Limited for 0.8 Name Authority schemas on the wiki.

CSPACE-2138: Changed 'status' field to 'termStatus' in Person schema, in the services, per latest changes to Limited for 0.8 Name Authority schemas on the wiki.

CSPACE-2138: Changed 'status' field to 'termStatus' in Organization services schema, per latest changes to Limited for 0.8 Name Authority schemas on the wiki. Services schema and wiki schema are now aligned on use of foundingDate and foundingPlace, as well as on subBody, per updates to the wiki schema.

CSPACE-2138: Removed 'honorifics' field from the Person schema in the services layer.  This field is equivalent to and redundant - at least according to the wiki schema and its multiple-source crosswalks - with the 'nameAdditions' field.

CSPACE-2135: Placeholder structured date fields removed from Intake schema in the services layer.

CSPACE-2152: Adding comment to line of code with unnecessary "AND ecm:isProxy = 0" clause in getContactList() method.

CSPACE-2136: Updated Loans In (aka Loan In) schema at the services layer to the Limited for 0.8 schema. Made the lenders field non-repeatable, which may have a salutary impact on as many as four currently open JIRAs.

CSPACE-2151: Delete permissions on specified SID is deleting incorrect permissions.

CSPACE-2135,CSPACE-1220: Updated Intake schema at the services layer to the Limited for 0.8 schema. Removed three fields and changed the names of two fields.

CSPACE-2133,CSPACE-1796,CSPACE-1219: Updated Acqusition schema at the services layer to Limited for 0.8 schema. Added one field, removed three fields, and changed the names of seven fields.

CSPACE-590 Added support to get list of items for a vocab using the vocab shortId.

CSPACE-2134: Updated Cataloging schema for release 0.8, adding one field and changing the names of 12 others - two required by wiki schema changes, and ten for consistency with other layers / clarity.

CSPACE-1929
The delete on accountrole sub resource of the account service now requires a POST with parameter _method=delete (/accounts/{accountcsid}/accountroles?_method=delete) and entity body (like POST for create). The delete only deletes the relationships found in the entity body.
test: all service tests

NOTE: all the tests pass with the first run. in the second run dimension service tests fail. this might be because some problem (debugging) introduced by eith the security/client/AuthorizationServiceTest or security/client/MultiTenancyTest which use "dimensions" service for security testing

CSPACE-2141
when deleting a role its association(s) with permissions are deleted
test: authorization-mgt

M    authorization/PermissionResource.java
M    authorization/RoleResource.java
M    authorization/PermissionRoleSubResource.java

CSPACE-2128: Move utility methods to end in keyword / full text search class in CollectionObject.

CSPACE-2128: Added initial (albeit minimal) prototype client test of keyword / full text search to the CollectionObject service.

CSPACE-2140
files are generated into target instead of source
test: authorization-mgt

D    authorization-mgt/import/src/main/resources/import-data
M    authorization-mgt/import/pom.xml

CSPACE-1300
CSPACE-1930
The delete on permrole sub resource of authorization/permissions and authorization/roles services now requires a POST with parameter _method=delete (/authorization/roles/{rolecsid}/permroles?_method=delete) and entity body (like POST for create). The delete only deletes the relationships found in the entity body.
test: all service tests, permissionrole, rolepermission, authorization and multi tenancy tests

M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java
M    services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
M    services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
M    services/authorization-mgt/import/src/main/resources/import-data/import-roles.xml
M    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java
M    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java
M    services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleClient.java
M    services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java
M    services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleProxy.java
M    services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java
M    services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java
M    services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
M    services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java
M    services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java

CSPACE-1152 and CSPACE-2126. Changed Vocabulary schema to include a shortIdentifier. This is now used as the basis of the refName. Added support to vocabulary for readByName. Added validatorHandler to require that shortIdentifier only contain word chars.

CSPACE-1152 and CSPACE-2126. Changed Vocabulary schema to include a shortIdentifier. This is now used as the basis of the refName. Added support to vocabulary for readByName. Added validatorHandler to require that shortIdentifier only contain word chars.

CSPACE-1879: Brief Description is now a repeatable (single String scalar) field in CollectionObject records.

CSPACE-1895 Work towards adding repeating sections. For now, just put in notes in the key places where we need to make changes to support this, as we explore alternatives.

CSPACE-595 added a test for multi-tenancy. it uses two pre-configured users in ROLE_TEANAT_ADMINISTRATOR to create an account, a role and a permission for a service for each tenant. It then creates (potentially concurrently) dimension object as the newly created user for a tenant, tries to update the other tenant's object and fails successfully, tries to delete the other tenant's object and fails successfully.
test: MultiTenancyTest, all service tests

M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionDocumentHandler.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionJpaFilter.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java
M    services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java
M    services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountDocumentHandler.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountJpaFilter.java
A    services/security/client/src/test/java/org/collectionspace/services/security/client/test/MultiTenancyTest.java

CSPACE-2123: Added missing resource URL paths for the Relation service to the tenant bindings file.  After this change, permissions are now successfully created for these paths.

CSPACE-2121: Reverting inadvertent change to username in exec:java in pom.xml, used during testing of this issue and not relevant to the fix.  This username value and its corresponding password value in exec:java do not appear to be used currently.

CSPACE-2121: Added 'install' as a dependency of setup_hibernate.cfg in Ant buildfile in authorization-mgt/import. If the local target directory, created by 'install', was missing, a copy task failed in the 'import' target.

CSPACE-1782 where clauses in JPA services now use current tenant id
test: all service tests

M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionJpaFilter.java
M    services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
M    services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
M    services/authorization-mgt/import/src/main/resources/import-data/import-roles.xml
M    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
M    services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaDocumentFilter.java
M    services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java
M    services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java
M    services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
M    services/common/src/main/java/org/collectionspace/services/common/document/DocumentFilter.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountStorageClient.java
M    services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountJpaFilter.java
M    services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java

CSPACE-1936: Added initial, highly minimal set of client tests of the ID Service.

CSPACE-595 first pass at the side-by-side tenant test, although not used concurrently yet
CSPACE-1035 nuxeo domain (for each tenant) is created at the startup time if it does not already exist
- added pahma-domain (hearstmuseum.berkeley.edu) to the tenant bindings in addition to the default-domain (movingimages.us) that is currently used. both bindings are similar in this first pass, i.e. both tenants use the same set of services with same service object bindings as well.
- each tenant binding now specifies repository domain(s) used
- each repository domain embodies information about the repository client needed
- tenantrepository uses repository javaclient instead of using nuxeo connector directly
- each service binding now specifies the repository domain used
- account factory on the client side now takes tenant id from new property cspace.tenant that is added to collection-space-client.properties
- removed deadwood from test-xxx.sql scripts
- role and permissions doc handlers now utilize tenant id if provided by the consumer at the time of creation, if not, they continue to use logged in user's tenant id
-

!!ATTENTION!!
-ant create_db from the trunk (to verify nuxeo domain is created)
-ant import from the trunk (no need to checkin import-*.xml files)
-ant undeploy deploy from the trunk

M    trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionDocumentHandler.java
M    trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java
M    trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationSeed.java
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-roles.xml
M    trunk/services/authorization-mgt/import/src/main/resources/log4j.properties
M    trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java
M    trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
M    trunk/services/authorization/pstore/src/main/resources/db/mysql/test_authorization.sql
M    trunk/services/authentication/pstore/src/main/resources/db/mysql/test_authentication.sql
M    trunk/services/common/src/main/java/org/collectionspace/services/common/repository/RepositoryClient.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/document/JaxbUtils.java
M    trunk/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/RepositoryJavaClientImpl.java
M    trunk/services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/TenantRepository.java
M    trunk/services/common/src/main/config/services/service-config.xml
M    trunk/services/common/src/main/config/services/tenant-bindings.xml
M    trunk/services/common/src/main/resources/tenant.xsd
M    trunk/services/common/src/main/resources/service.xsd
M    trunk/services/account/pstore/src/main/resources/db/mysql/test_account.sql
M    trunk/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java
M    trunk/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
M    trunk/services/account/client/src/main/java/org/collectionspace/services/client/AccountFactory.java
M    trunk/services/account/client/src/main/java/org/collectionspace/services/client/AccountClient.java
M    trunk/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthenticationServiceTest.java
M    trunk/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java
M    trunk/services/client/src/main/java/org/collectionspace/services/client/AbstractServiceClientImpl.java
M    trunk/services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java
M    trunk/services/client/src/main/resources/collectionspace-client.properties
D    trunk/src/main/resources/db/mysql/service-dump.sql

NOJIRA: Updating dependencies in two Sample module POMs, Organization and Vocabulary, from 0.5-SNAPSHOT/1.0 to 0.8-SNAPSHOT.

CSPACE-2107: Added associatedObjectType field to CollectionObject schema, merging change made in 0.7 release branch into trunk.

CSPACE-2003, CSPACE-1969 ImportAuthZ now inserts default roles, permissions and permission-roles into the database in addtion to inserting ACLs in Spring. These could be retrieved using the respective authz services.
CSPACE-2004, CSPACE-1926 ImportAuthZ now creates a ROLE_TENANT_ADMINISTRATOR for each tenant that has all privileges to all services used by that tenant. It also creates a ROLE_TENANT_READER. This role has only READ, SEARCH privileges for all services used by the tenant
test: ant import, mvn test (service level)

CSPACE-2077: Moved assertion that checks for number of authority references returned out of a conditional block; added debug message for authrefs returned, in all AuthRefsTests of services.

CSPACE-2028: Added missing 'collection' field to CollectionObject schema in the Services layer, merging changes made to the 0.7 release branch to services trunk.

NOJIRA: Updating services/trunk poms to use <version> element value of 0.8-SNAPSHOT.

CSPACE-1937 if a role/permission/account does not have any relationship (to permission, role, role, resp.), return empty result instead of 404
test: added tests for this case in accountrole, permissionrole and rolepermission

M    authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java
M    authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java
M    account/client/src/test/java/org/collectionspace/services/account/client/test/AccountRoleServiceTest.java
M    account/service/src/main/java/org/collectionspace/services/account/storage/AccountRoleDocumentHandler.java
M    authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleDocumentHandler.java
M    common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java

NOJIRA re-enabling access control in service layer in the trunk (only)

M    security/SecurityInterceptor.java

CSPACE-1875: In Loan Out records in the Services Layer, merged into trunk from the 0.7 Release Branch, three scalar fields were added: loanedObjectStatus, loanedObjectStatusNote, and loanedObjectStatusDate. This is an interim step until sub-loans are implemented in a later release.

CSPACE-2006 added tenant id to unique constraint

M    authorization/jaxb/src/main/resources/roles.xsd
M    authorization/pstore/src/main/resources/db/mysql/authorization.sql

NOJIRA added timestamp to role name to test if app layer test was failing because of that

M    client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java

NOJIRA - removed deadwood detected during walkthrough

M    security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java

CSPACE-1227,CSPACE-1916: Added previously-missing recordStatus field to CollectionObject schema in the Services layer.

CSPACE-1227,CSPACE-1916: Filled out CollectionObject schema, in the Services Layer, with the remaining fields required by Cataloging Schema Limited for 0.7 on the wiki. Note that briefDescription is still a single, non-repatable scalar in this check-in, and that the three fields - relatedObjectNumber, relatedObjectAssociation, and relatedObjectNote - are not included, per Megan in IRC on 2010-06-01.  Changes a Nuxeo document type, and thus requires stopping the 2 JBoss servers and performing an 'ant deploy'.

CSPACE-1946: TEMPORARILY commenting out the block, in SecurityInterceptor, that checks whether a services client is authorized to access resources at a particular URL.  This effectively DISABLES authorization checks on access requests to the services layer. This is a temporary workaround, suggested in one of Sanjay's comments on this issue, to facilitate testing on nightly.collectionspace.org on 2010-05-31, and should be reversed as soon as practical.

CSPACE-1911: 'Banners' output between Services client tests now properly show calling class and line number in their log statements. Banner generation is now separated from test setup (e.g. specifying expected status code, valid status codes), in the client test framework, and each can be used independently.  Formerly banners were output as an undocumented side effect of test setup; while that was convenient, it was not good practice.

CSPACE-1960: Adding support for XML Schema validation of service payloads.

CSPACE-1937 blocker, dup of 1299
CSPACE-1299 added permrole as a subresource of role. it is now possible to associate one or more permissions from a role service using roles/id/permroles
test: authorization-mgt, all service tests

CSPACE-1828 service name fixes role name with ROLE_{uppercase role name} if ROLE_ is not present in the role name
CSPACE-1944 role name in role once set cannot be changed
CSPACE-1945 resource name in permission once set cannot be changed
test: authorization-mgt/client

CSPACE-1407: In tenant bindings for Movement service, added (uncommented) 'currentLocation' and 'normalLocation' as authority reference fields for this service, now that the StorageLocation / Location service is available.

NOJIRA: Updating Eclipse settings.

CSPACE-864: Added a native Nuxeo "repeatable" information group to the CollectionObject schema for the "otherNumber" information group "otherNumber" = {otherNumberValue, otherNumberType}.

CSPACE-1935 moved import driver out of test framework into a standalone utility
use ant import at any level to invoke the driver. requires build.

!!NOTE!!
this change overrides req. of mvn test (at authorization-mgt/import) as described in r2225 to import default permissions

cd trunk
mvn test -DskipTests
ant import
ant undeploy deploy
mvn test

D    trunk/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java
D    trunk/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AbstractAuthorizationTestImpl.java
D    trunk/services/authorization-mgt/import/src/test/resources/applicationContext-authorization-test.xml
D    trunk/services/authorization-mgt/import/src/test/resources/log4j.properties
A    trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver
A  + trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/driver/AuthorizationSeedDriver.java
A    trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/ImportAuthz.java
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
A  + trunk/services/authorization-mgt/import/src/main/resources/applicationContext-authorization-test.xml
A  + trunk/services/authorization-mgt/import/src/main/resources/log4j.properties
M    trunk/services/authorization-mgt/import/pom.xml
M    trunk/services/authorization-mgt/import/build.xml
M    trunk/services/authorization-mgt/build.xml
M    trunk/services/pom.xml
M    trunk/services/build.xml
M    trunk/build.xml

CSPACE-1364, CSPACE-1365
Enabled access control for all the services at the record/procedure type level. Permissions are seeded (authorization-mgt/import) for ROLE_ADMINISTRATOR using the tenant bindings. Seeding still happens through a test driver in the import module...would be moved to a Java main class later.
Test do/should not delete the seeded permissions...fixed those tests that were doing the same. These tests now either do not delete permissions
or create permissions for non-functional services.
Wired delete for account role and permission role sub resources.
All alternate URIs with which a service could be accessed shoudl be in service bindings element named uriPath
test: all tests multiple times

!!NOTE!!
cd trunk/services
ant create_db
mvn clean install -DskipTests
ant undeploy deploy
mvn test

If you are not running all the tests, at least seed default permissions using the following
cd trunk/services/authorization-mgt/import
mvn test

M    trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionResource.java
M    trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java
M    trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java
M    trunk/services/authorization-mgt/import/src/test/java/org/collectionspace/services/authorization/importer/AuthorizationSeedTest.java
M    trunk/services/authorization-mgt/import/src/test/resources/applicationContext-authorization-test.xml
M    trunk/services/authorization-mgt/import/src/test/resources/log4j.properties
M    trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationSeed.java
M    trunk/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml
M    trunk/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml
M    trunk/services/authorization-mgt/import/pom.xml
M    trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java
M    trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java
M    trunk/services/pom.xml
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringPermissionManager.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringAuthorizationProvider.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringPermissionEvaluator.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/CSpaceResourceImpl.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/URIResourceImpl.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java
M    trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/spi/CSpacePermissionManager.java
M    trunk/services/authorization/service/src/main/resources/applicationContext-authorization.xml
_M   trunk/services/location/jaxb
M    trunk/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java
M    trunk/services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
M    trunk/services/common/src/main/config/services/tenant-bindings.xml
M    trunk/services/common/src/main/resources/service.xsd
M    trunk/services/account/service/src/main/java/org/collectionspace/services/account/AccountRoleSubResource.java
M    trunk/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
_M   trunk/services/note/service
_M   trunk/services/note/jaxb
_M   trunk/services/note/client
M    trunk/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthenticationServiceTest.java
M    trunk/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java

CSPACE-1911: In client test framework, 'banner' signifying the start of a test can now be output using a passed-in Logger.  This reflects the caller's class name and line number in the log statement, and can also print the class name in the banner.  Examples of such calls are implemented, for now, only in PersonAuthoritySearchTest, but can be trivially bulk-implemented in all other test classes.

CSPACE-1895: Moved 'note' module slightly down, below account (and generally below authZ- and authN-related modules) in main services POM, per discussion with Sanjay.  JIRA issue pertains to Location, but includes Patrick's work on a new, generalizable Note (aka Comment) service, which is the relevant module to this minor change.

CSPACE-1895 Working on the repeating sections of Location, and general support for this. Fixed a bug with update.

CSPACE-1895 Working on the repeating sections of Location, and general support for this.

CSPACE-1895 Working on the repeating sections of Location, and general support for this.

CSPACE-809,CSPACE-562,CSPACE-1685: Created standalone class for Search tests, pulling partial term matching tests out of PersonServiceTest, to aid in rapidly creating tests for partial term matching (and later, keyword searches), and as an early step in the direction of moving some search test functionality into base classes in the client test framework.

CSPACE-1911: Minoir formatting changes to test banner in BaseServiceTest, intended to make it easier to spot transitions between tests and to output log statements showing relevant test class and line number.  Trivial change in class comment in AbstractServiceTestImpl.

CSPACE-1880: Partial matches in authorities causing sql errors

NOJIRA: Updating Eclipse settings.

CSPACE-384: Additional trivial cleanup of base classes in client test framework.

CSPACE-384: Minor cleanup of base classes in client test framework, in preparation for work on issues such as CSPACE-1685, as well as re-familiarization for current work on CSPACE-809.

CSPACE-1357, CSPACE-131, CSPACE-133 - Adding basic LocationAuthority support.

CSPACE-1244: On updates, treating tags (xml elements) with empty content as blank value that -so blank elements essentially deletes field values from the database records.

CSPACE-809,CSPACE-1886: Fixed trivial but embarrassing typo in Lech Walesa's name, used for partial term matching tests in PersonServiceTest.  Also allows noting that a UTF-8 test of partial matches, as per CSPACE-1886, is present but currently fails and is commented out for now.

CSPACE-809,CSPACE-1880: Introduced first partial term matching client tests, in the Person service. Identified and made a tentative fix for CSPACE-1880 issue, required to make the partial term matching tests succeed, and pending Richard's more knowledgeable and detailed examination of this issue.

CSPACE-1153: Setting Person's displayNameComputed flag to false generates Exception on create.  Also fixed an edge-case bug in pagination.

NOJIRA moved ServiceLayerTests to new module common-test that is built after authorization-mgt module so permissions could be inserted in db before running the service layer tests
test: all service tests

CSPACE-1482 refactored authgen and authseed such that these could be invoked from service runtime as well (at startup time).
test authz import

CSPACE-1482 import module with the help of tenant bindings now generates and imports default permissions for all the services for all the tenants for ROLE_ADMINISTRATOR

CSPACE-1081: Relation list should probably include relationship type
CSPACE-1846: Relation Service needs to paginate list results.
CSPACE-602: Update Relations service/manager to use Nuxeo queries instead of "get all" and filter with Java code

NOJIRA: Removing unneeded Eclipse settings.

CSPACE-1286: Setting SVN 'Date' and 'Revision' keyword properties on .java and .xsd files in the Loan In (aka Loans In) service module.

CSPACE-1292: Setting SVN 'Date' and 'Revision' keyword properties on .java and .xsd files in the Loan Out (aka Loans Out) service module.

CSPACE-144: Setting SVN 'Date' and 'Revision' keyword properties on .java and .xsd files in the Movement service module.

CSPACE-144: Added Nuxeo document type XML Schema file, inadvertently omitted in r2104.

CSPACE-144: Trivial addition of movement methods list in sample records used in client test of the Movement service.

CSPACE-144: Basic infrastructure for the Movement (aka Location & Movement) service is in place in the Services Layer.  Introduces a new Nuxeo document type, and requires an 'ant deploy' and restarting the two JBoss servers.  Data modeling may possibly need some future attention.

CSPACE-1850: Adding support in doc and repository client framework for tenant ID. All creates, updates, gets and getFiltered on Nuxeo-based documents now use Tenant ID from the service context.

CSPACE-1850: Adding support in doc and repository client framework for tenant id.

CSPACE-1832: All CSpace specific Nuxeo document types now contain new "core" document type with tenant_id.

NOJIRA - refactoried tenantbindingconfigreader so it could be used just to read the bindings, not for workspace retrieval. moved nuxeo workspace specific stuff to new class ...nuxeo.client.java.TenantRepository
test: service tests

M    services/authorization-mgt/import/pom.xml
M    services/common/src/main/java/org/collectionspace/services/common/context/AbstractServiceContextImpl.java
M    services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
M    services/common/src/main/java/org/collectionspace/services/common/config/TenantBindingConfigReaderImpl.java
A    services/common/src/main/java/org/collectionspace/services/nuxeo/client/java/TenantRepository.java

CSPACE-1364, CSPACE-1365 moved gen/seed of authorization to import module in order to expand the functionality to generate permisssions for all the services as well as all the permission-role relationships for bootstrapping purposes.
test: authorization-mgt all service tests

NOJIRA
incorporate some code review changes. started refactoring seed test in order to convert it to generator and import for all services

M    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java
M    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGen.java
M    services/authorization-mgt/client/src/test/resources/test-data/test-permissions-roles.xml
M    services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringPermissionManager.java
M    services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringAuthorizationProvider.java
M    services/authorization/service/src/main/java/org/collectionspace/services/authorization/spring/SpringPermissionEvaluator.java

CSPACE-1591: Added three simple, temporary test classes for creating large numbers of CollectionObject records, each with minor variations in client instantiation and HTTP connection closing, that may help surface any subtleties in behavior around this issue.  Run with 'mvn test -Dtest={test name or wildcard to run multiple tests; e.g. I1591*} -Pperftests'.

CSPACE-1364 allow user bigbird (ROLE_MMI_CM) POST, GET and PUT operations on the dimension service, allow user elmo (ROLE_MMI_INTERN) GET operation, allow user test (ROLE_ADMINISTRATOR) POST, PUT, GET and DELETE operations
CSPACE-1365 deny elmo PUT and deny bigbird DELETE operations on the dimension service
Pre-requisite : authorization-mgt/client tests seed some permissions used
by this test
test: security/client

M    services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java

CSPACE-1824: Changing DocumentFilter.setPagination() method to use "get" instead of "remove" on incoming query params

CSPACE-1364 allow user test in ROLE_ADMINISTRATOR to access (CRUDL) dimension service
CSPACE-1365 deny user bigbird2010 in ROLE_MMI_CM access (C) to the dimension service
moved authorization generation and seeding to authorization-mgt/client from authorization service
enabled access control for the dimension service only in the security interceptor
added setAuth convenience method into client test framework to change authn properites, httpclient and proxy
test: all service tests, specifically security/client and authorization-mgt/client tests

!!REQUIRES the following sequence of actions at the services level
- mvn clean install -DskipTests
- ant undeploy deploy
- mvn test (note that authorization-mgt/client tests have to run before running dimension/client and security/client tests)

A    services/authorization-mgt/service/src/test/javadoc
A    services/authorization-mgt/service/src/test/javadoc/org
A    services/authorization-mgt/service/src/test/javadoc/org/collectionspace
A    services/authorization-mgt/service/src/test/javadoc/org/collectionspace/services
A    services/authorization-mgt/service/src/test/javadoc/org/collectionspace/services/authorization
A    services/authorization-mgt/service/src/test/javadoc/org/collectionspace/services/authorization/test
A  + services/authorization-mgt/service/src/test/javadoc/org/collectionspace/services/authorization/test/package.html
M    services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java
A    services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test
A  + services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java
A  + services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test/AbstractAuthorizationTestImpl.java
A  + services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGen.java
A  + services/authorization-mgt/client/src/test/resources/applicationContext-authorization-test.xml
A    services/authorization-mgt/client/src/test/resources/test-data
A  + services/authorization-mgt/client/src/test/resources/test-data/test-permissions.xml
A  + services/authorization-mgt/client/src/test/resources/test-data/test-permissions-roles.xml
M    services/authorization-mgt/client/pom.xml
M    services/dimension/client/src/test/java/org/collectionspace/services/client/test/DimensionServiceTest.java
A    services/dimension/client/src/main/java/org/collectionspace/services/client/DimensionFactory.java
M    services/dimension/client/pom.xml
D    services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java
D    services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AbstractAuthorizationTestImpl.java
D    services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGen.java
D    services/authorization/service/src/test/javadoc/org/collectionspace/services/authorization/test/package.html
D    services/authorization/service/src/test/resources/applicationContext-authorization-test.xml
D    services/authorization/service/src/test/resources/test-data/test-permissions.xml
D    services/authorization/service/src/test/resources/test-data/test-permissions-roles.xml
M    services/authorization/service/pom.xml
M    services/authorization/pstore/src/main/resources/db/mysql/test_authorization.sql
M    services/common/src/main/java/org/collectionspace/services/common/security/SecurityInterceptor.java
M    services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthenticationServiceTest.java
A    services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java
M    services/security/client/pom.xml
M    services/client/src/main/java/org/collectionspace/services/client/test/BaseServiceTest.java
M    services/client/src/main/java/org/collectionspace/services/client/TestServiceClient.java
M    services/client/src/main/java/org/collectionspace/services/client/AbstractServiceClientImpl.java
M    services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java

CSPACE-1815: Trivial addition of 'affects' as a valid enumerated value for relationshipType in the Relation JAXB schema, to mirror the use of that type in the Application Layer. (Ultimately, relationshipTypes are likely to come from a vocabulary.)