From 48d9fc85bde8da917c6f35ccf26513e3b0d6e592 Mon Sep 17 00:00:00 2001
From: Richard Millet <richard.millet@berkeley.edu>
Date: Mon, 14 Mar 2011 20:49:11 +0000
Subject: [PATCH] CSPACE-3281: Services now enforce unique display names for
 Roles.  Will return HTTP 400 if the display name is not unique.

---
 .../client/test/RoleServiceTest.java          | 92 ++++++++++++++++++-
 .../jaxb/src/main/resources/roles.xsd         |  6 +-
 .../main/resources/db/mysql/authorization.sql |  2 +-
 3 files changed, 95 insertions(+), 5 deletions(-)

diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java
index 3683b5f8f..f670f16a2 100644
--- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java
+++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java
@@ -59,6 +59,7 @@ public class RoleServiceTest extends AbstractServiceTestImpl {
     /** The known resource id. */
     private String knownResourceId = null;
     private String knownRoleName = "ROLE_USERS_TEST";
+    private String knownRoleDisplayName = "ROLE_DISPLAYNAME_USERS_TEST";
     private String verifyResourceId = null;
     private String verifyRoleName = "collections_manager_test";
 //    private List<String> allResourceIdsCreated = new ArrayList<String>();
@@ -147,6 +148,49 @@ public class RoleServiceTest extends AbstractServiceTestImpl {
             logger.debug(testName + ": knownResourceId=" + knownResourceId);
         }
     }
+    
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"create"})
+    public void createWithDisplayname(String testName) throws Exception {
+
+        if (logger.isDebugEnabled()) {
+            logger.debug(testBanner(testName, CLASS_NAME));
+        }
+        // Perform setup, such as initializing the type of service request
+        // (e.g. CREATE, DELETE), its valid and expected status codes, and
+        // its associated HTTP method name (e.g. POST, DELETE).
+        setupCreate();
+
+        // Submit the request to the service and store the response.
+        RoleClient client = new RoleClient();
+        Role role = createRoleInstance(knownRoleName + "_" + knownRoleDisplayName,
+                "all users are required to be in this role",
+                true);
+        role.setDisplayName(knownRoleDisplayName);
+        ClientResponse<Response> res = client.create(role);
+        int statusCode = res.getStatus();
+
+        // Check the status code of the response: does it match
+        // the expected response(s)?
+        //
+        // Specifically:
+        // Does it fall within the set of valid status codes?
+        // Does it exactly match the expected status code?
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
+
+        // Store the ID returned from this create operation
+        // for additional tests below.
+        String csid = extractId(res);
+        allResourceIdsCreated.add(csid);
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": csid=" + csid);
+        }
+    }
+    
 
     /**
      * Creates the for unique role.
@@ -154,8 +198,7 @@ public class RoleServiceTest extends AbstractServiceTestImpl {
      * @param testName the test name
      * @throws Exception the exception
      */
-    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
-    dependsOnMethods = {"create"})
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"create"})
     public void createForUniqueRole(String testName) throws Exception {
 
         if (logger.isDebugEnabled()) {
@@ -181,6 +224,49 @@ public class RoleServiceTest extends AbstractServiceTestImpl {
                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
         Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
     }
+    
+    /**
+     * Creates the for unique display name of role.
+     *
+     * @param testName the test name
+     * @throws Exception the exception
+     */
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"createWithDisplayname"})
+    public void createForUniqueDisplayRole(String testName) throws Exception {
+
+        if (logger.isDebugEnabled()) {
+            logger.debug(testBanner(testName, CLASS_NAME));
+        }
+        setupCreate();
+
+        // Submit the request to the service and store the response.
+        RoleClient client = new RoleClient();
+        Role role = createRoleInstance(knownRoleName + System.currentTimeMillis(),
+                "role users with non-unique display name",
+                true);
+        role.setDisplayName(knownRoleDisplayName);
+        ClientResponse<Response> res = client.create(role);
+        int statusCode = res.getStatus();
+
+        if (logger.isDebugEnabled()) {
+        	logger.debug(testName + ": Role with name \"" +
+        			knownRoleName + "\" should already exist, so this request should fail.");
+            logger.debug(testName + ": status = " + statusCode);
+            logger.debug(testName + ": " + res);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        if (statusCode != Response.Status.BAD_REQUEST.getStatusCode()) {
+            // If the test fails then we've just created a Role that we need to delete, so
+            // store the ID returned from this create operation.
+            String csid = extractId(res);
+            allResourceIdsCreated.add(csid);
+            if (logger.isDebugEnabled()) {
+                logger.debug(testName + ": csid=" + csid);
+            }
+        	Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+        }
+    }
 
     /**
      * Creates the without role name.
@@ -219,7 +305,7 @@ public class RoleServiceTest extends AbstractServiceTestImpl {
      */
     @Override
     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
-    dependsOnMethods = {"create"})
+    dependsOnMethods = {"createWithDisplayname"})
     public void createList(String testName) throws Exception {
 
         if (logger.isDebugEnabled()) {
diff --git a/services/authorization/jaxb/src/main/resources/roles.xsd b/services/authorization/jaxb/src/main/resources/roles.xsd
index 1577ec86e..a1eab6d5c 100644
--- a/services/authorization/jaxb/src/main/resources/roles.xsd
+++ b/services/authorization/jaxb/src/main/resources/roles.xsd
@@ -55,6 +55,10 @@
                             <orm:column-name>rolename</orm:column-name>
                             <orm:column-name>tenant_id</orm:column-name>
                         </orm:unique-constraint>
+                        <orm:unique-constraint>
+                        	<orm:column-name>displayname</orm:column-name>
+                            <orm:column-name>tenant_id</orm:column-name>
+                        </orm:unique-constraint>
                     </orm:table>
                 </hj:entity>
             </xs:appinfo>
@@ -64,7 +68,7 @@
                 <xs:annotation>
                     <xs:appinfo>
                         <hj:basic>
-                            <orm:column name="displayName" length="200" nullable="false"/>
+                            <orm:column name="displayname" length="200" nullable="false"/>
                         </hj:basic>
                     </xs:appinfo>
                 </xs:annotation>
diff --git a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql
index 00a5f081d..e63e1b37b 100644
--- a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql
+++ b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql
@@ -8,5 +8,5 @@ create table accounts_roles (HJID bigint not null auto_increment, account_id var
 create table permissions (csid varchar(128) not null, action_group varchar(128), attribute_name varchar(128), created_at datetime not null, description varchar(255), effect varchar(32) not null, resource_name varchar(128) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid));
 create table permissions_actions (HJID bigint not null auto_increment, name varchar(128) not null, objectIdentity varchar(128) not null, objectIdentityResource varchar(128) not null, ACTIONS_PERMISSION_CSID varchar(128), primary key (HJID));
 create table permissions_roles (HJID bigint not null auto_increment, actionGroup varchar(255), created_at datetime not null, permission_id varchar(128) not null, permission_resource varchar(255), role_id varchar(128) not null, role_name varchar(255), primary key (HJID), unique (permission_id, role_id));
-create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), displayName varchar(200) not null, rolegroup varchar(255), rolename varchar(200) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid), unique (rolename, tenant_id));
+create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), displayname varchar(200) not null, rolegroup varchar(255), rolename varchar(200) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid), unique (rolename, tenant_id), unique (displayname, tenant_id));
 alter table permissions_actions add index FK85F82042E2DC84FD (ACTIONS_PERMISSION_CSID), add constraint FK85F82042E2DC84FD foreign key (ACTIONS_PERMISSION_CSID) references permissions (csid);
-- 
2.47.3