From ac799f4e6cde881fcef50d470dff167b08766005 Mon Sep 17 00:00:00 2001 From: Sanjay Dalal Date: Thu, 27 May 2010 22:28:53 +0000 Subject: [PATCH] CSPACE-1937 blocker, dup of 1299 CSPACE-1299 added permrole as a subresource of role. it is now possible to associate one or more permissions from a role service using roles/id/permroles test: authorization-mgt, all service tests --- .../client/PermissionRoleFactory.java | 50 +- .../services/client/RolePermissionClient.java | 124 ++++ .../services/client/RolePermissionProxy.java | 66 ++ .../test/PermissionRoleServiceTest.java | 321 +++++---- .../client/test/PermissionServiceTest.java | 4 +- .../test/RolePermissionServiceTest.java | 644 ++++++++++++++++++ .../client/test/RoleServiceTest.java | 5 +- .../import-data/import-permissions-roles.xml | 114 ++-- .../import-data/import-permissions.xml | 132 ++-- .../PermissionRoleSubResource.java | 10 +- .../services/authorization/RoleResource.java | 190 +++++- .../main/config/services/tenant-bindings.xml | 43 +- .../client/test/AuthorizationServiceTest.java | 4 +- 13 files changed, 1436 insertions(+), 271 deletions(-) create mode 100644 services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java create mode 100644 services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java create mode 100644 services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleFactory.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleFactory.java index 8797e1e5d..3d7a7a05e 100644 --- a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleFactory.java +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/PermissionRoleFactory.java @@ -23,9 +23,9 @@ */ package org.collectionspace.services.client; - import java.util.ArrayList; import java.util.Collection; +import java.util.List; import org.collectionspace.services.authorization.PermissionRole; import org.collectionspace.services.authorization.PermissionValue; import org.collectionspace.services.authorization.RoleValue; @@ -39,16 +39,17 @@ import org.slf4j.LoggerFactory; public class PermissionRoleFactory { static private final Logger logger = LoggerFactory.getLogger(PermissionRoleFactory.class); - /** - * create permRolerole instance - * @param permId - * @param roleValues array of role ids + + /** + * create permRolerole instance with permission as object and role as subject + * @param pv permvalue + * @param rvs roleValues * @param userPermId * @param useRoleId * @return */ public static PermissionRole createPermissionRoleInstance(PermissionValue pv, - Collection rvs, + List rvs, boolean usePermId, boolean useRoleId) { @@ -62,12 +63,37 @@ public class PermissionRoleFactory { permRole.setPermissions(pvs); } if (useRoleId) { - //FIXME is there a better way? - ArrayList rvas = new ArrayList(); - for (RoleValue rv : rvs) { - rvas.add(rv); - } - permRole.setRoles(rvas); + permRole.setRoles(rvs); + } + + return permRole; + } + + + /** + * create permRolerole instance with role as object and permission as subject + * @param rv roleValue + * @param pvs permValues + * @param userPermId + * @param useRoleId + * @return + */ + public static PermissionRole createPermissionRoleInstance(RoleValue rv, + List pvs, + boolean usePermId, + boolean useRoleId) { + + PermissionRole permRole = new PermissionRole(); + //service consume is not required to provide subject as it is determined + //from URI used +// permRole.setSubject(SubjectType.ROLE); + if (useRoleId) { + ArrayList rvs = new ArrayList(); + rvs.add(rv); + permRole.setRoles(rvs); + } + if (usePermId) { + permRole.setPermissions(pvs); } return permRole; diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java new file mode 100644 index 000000000..8ab11d10a --- /dev/null +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionClient.java @@ -0,0 +1,124 @@ +/** + * PermissionRoleClient.java + * + * {Purpose of This Class} + * + * {Other Notes Relating to This Class (Optional)} + * + * $LastChangedBy: $ + * $LastChangedRevision: $ + * $LastChangedDate: $ + * + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright (C) 2009 {Contributing Institution} + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + */ +package org.collectionspace.services.client; + +import javax.ws.rs.core.Response; + + +import org.collectionspace.services.authorization.PermissionRole; +import org.jboss.resteasy.client.ProxyFactory; +import org.jboss.resteasy.plugins.providers.RegisterBuiltin; +import org.jboss.resteasy.client.ClientResponse; +import org.jboss.resteasy.spi.ResteasyProviderFactory; + +/** + * A RolePermissionClient. + + * @version $Revision:$ + */ +public class RolePermissionClient extends AbstractServiceClientImpl { + + /** The role permission proxy. */ + private RolePermissionProxy rolePermissionProxy; + + /* (non-Javadoc) + * @see + */ + public String getServicePathComponent() { + return "authorization/roles"; + } + + /** + * + * Default constructor for PermissionRoleClient class. + * + */ + public RolePermissionClient() { + ResteasyProviderFactory factory = ResteasyProviderFactory.getInstance(); + RegisterBuiltin.register(factory); + setProxy(); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.CollectionSpaceClient#getProxy() + */ + @Override + public CollectionSpaceProxy getProxy() { + return this.rolePermissionProxy; + } + + /** + * allow to reset proxy as per security needs. + */ + public void setProxy() { + if (useAuth()) { + rolePermissionProxy = ProxyFactory.create(RolePermissionProxy.class, + getBaseURL(), getHttpClient()); + } else { + rolePermissionProxy = ProxyFactory.create(RolePermissionProxy.class, + getBaseURL()); + } + } + + + /** + * Read. + * + * @param csid the csid + * @param prcsid relationship does not have an id, junk is fine + * @return the client response + * @see + */ + public ClientResponse read(String csid, String prcsid) { + return rolePermissionProxy.read(csid, prcsid); + } + + /** + * Creates the. + * + * @param csid the csid + * @param permRole the perm role + * @return the client response + * @see + */ + public ClientResponse create(String csid, PermissionRole permRole) { + return rolePermissionProxy.create(csid, permRole); + } + + /** + * Delete. + * + * @param csid the csid + * @param prcsid relationship does not have an id, junk is fine + * @return response + * @see + */ + public ClientResponse delete(String csid, String prcsid) { + return rolePermissionProxy.delete(csid, prcsid); + } + +} diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java new file mode 100644 index 000000000..6dc9ac43b --- /dev/null +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RolePermissionProxy.java @@ -0,0 +1,66 @@ +/** + * PermissionRoleProxy.java + * + * {Purpose of This Class} + * + * {Other Notes Relating to This Class (Optional)} + * + * $LastChangedBy: $ + * $LastChangedRevision: $ + * $LastChangedDate: $ + * + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright (C) 2009 {Contributing Institution} + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + */ +package org.collectionspace.services.client; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Response; + + +import org.collectionspace.services.authorization.PermissionRole; +import org.jboss.resteasy.client.ClientResponse; + +/** + * @version $Revision:$ + */ +@Path("/authorization/roles") +@Produces({"application/xml"}) +@Consumes({"application/xml"}) +public interface RolePermissionProxy extends CollectionSpaceProxy { + + //(C)reate + @POST + @Path("/{csid}/permroles") + ClientResponse create(@PathParam("csid") String csid, PermissionRole permRole); + + //(R)ead + @GET + @Path("/{csid}/permroles/{prcsid}") + ClientResponse read(@PathParam("csid") String csid, + @PathParam("prcsid") String prcsid); + + //(D)elete + @DELETE + @Path("/{csid}/permroles/{prcsid}") + ClientResponse delete(@PathParam("csid") String csid, + @PathParam("prcsid") String prcsid); +} diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java index 20a9d810c..5aae52668 100644 --- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionRoleServiceTest.java @@ -70,14 +70,12 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Instance variables specific to this test. /** The known resource id. */ private String knownResourceId = null; - /** The all resource ids created. */ private List allResourceIdsCreated = new ArrayList(); - + final private static String TEST_MARKER = "_PermissionRoleServiceTest"; final private static String TEST_SERVICE_NAME = "fakeservice"; /** The perm values. */ private Hashtable permValues = new Hashtable(); - /** The role values. */ private Hashtable roleValues = new Hashtable(); /* @@ -97,7 +95,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @BeforeClass(alwaysRun = true) public void seedData() { - String ra = TEST_SERVICE_NAME; + String ra = TEST_SERVICE_NAME + TEST_MARKER; String accPermId = createPermission(ra, EffectType.PERMIT); PermissionValue pva = new PermissionValue(); pva.setResourceName(ra); @@ -118,14 +116,14 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // pvi.setPermissionId(iPermId); // permValues.put(pvi.getResourceName(), pvi); - String rn1 = "ROLE_CO1"; + String rn1 = "ROLE_CO1" + TEST_MARKER; String r1RoleId = createRole(rn1); RoleValue rv1 = new RoleValue(); rv1.setRoleId(r1RoleId); rv1.setRoleName(rn1); roleValues.put(rv1.getRoleName(), rv1); - String rn2 = "ROLE_CO2"; + String rn2 = "ROLE_CO2" + TEST_MARKER; String r2RoleId = createRole(rn2); RoleValue rv2 = new RoleValue(); rv2.setRoleId(r2RoleId); @@ -138,27 +136,27 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override protected CollectionSpaceClient getClientInstance() { - return new PermissionRoleClient(); + return new PermissionRoleClient(); } - + /* (non-Javadoc) * @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse) */ @Override - protected AbstractCommonList getAbstractCommonList( - ClientResponse response) { - //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 - throw new UnsupportedOperationException(); + protected AbstractCommonList getAbstractCommonList( + ClientResponse response) { + //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 + throw new UnsupportedOperationException(); } - - /* (non-Javadoc) - * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String) - */ - @Test(dataProvider = "testName") - @Override + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String) + */ + @Test(dataProvider = "testName") + @Override public void readPaginatedList(String testName) throws Exception { - //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 - } + //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 + } // --------------------------------------------------------------- // CRUD tests : CREATE tests // --------------------------------------------------------------- @@ -166,6 +164,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { /* (non-Javadoc) * @see org.collectionspace.services.client.test.ServiceTest#create(java.lang.String) */ + @Override @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class) public void create(String testName) throws Exception { @@ -176,26 +175,33 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { setupCreate(testName); // Submit the request to the service and store the response. - PermissionValue pv = permValues.get(TEST_SERVICE_NAME); + PermissionValue pv = permValues.get(TEST_SERVICE_NAME + TEST_MARKER); PermissionRole permRole = createPermissionRoleInstance(pv, roleValues.values(), true, true); PermissionRoleClient client = new PermissionRoleClient(); - ClientResponse res = client.create(pv.getPermissionId(), permRole); - int statusCode = res.getStatus(); + ClientResponse res = null; + try { + res = client.create(pv.getPermissionId(), permRole); + int statusCode = res.getStatus(); - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); - } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - res.releaseConnection(); - // Store the ID returned from this create operation - // for additional tests below. - //this is is not important in case of this relationship - knownResourceId = extractId(res); - if (logger.isDebugEnabled()) { - logger.debug(testName + ": knownResourceId=" + knownResourceId); + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + res.releaseConnection(); + // Store the ID returned from this create operation + // for additional tests below. + //this is is not important in case of this relationship + knownResourceId = extractId(res); + if (logger.isDebugEnabled()) { + logger.debug(testName + ": knownResourceId=" + knownResourceId); + } + } finally { + if (res != null) { + res.releaseConnection(); + } } } @@ -207,7 +213,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"create"}) public void createList(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } // Failure outcomes @@ -218,7 +224,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void createWithEmptyEntityBody(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } /* (non-Javadoc) @@ -226,7 +232,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void createWithMalformedXml(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } /* (non-Javadoc) @@ -234,7 +240,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void createWithWrongXmlSchema(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } // --------------------------------------------------------------- @@ -254,22 +260,29 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. PermissionRoleClient client = new PermissionRoleClient(); - ClientResponse res = client.read( - permValues.get(TEST_SERVICE_NAME).getPermissionId(), "123"); - int statusCode = res.getStatus(); + ClientResponse res = null; + try { + res = client.read( + permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId(), "123"); + int statusCode = res.getStatus(); - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + PermissionRole output = (PermissionRole) res.getEntity(); + Assert.assertNotNull(output); + } finally { + if (res != null) { + res.releaseConnection(); + } } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - PermissionRole output = (PermissionRole) res.getEntity(); - Assert.assertNotNull(output); - res.releaseConnection(); } // Failure outcomes @@ -285,18 +298,24 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. PermissionRoleClient client = new PermissionRoleClient(); - ClientResponse res = client.read(NON_EXISTENT_ID, "123"); - int statusCode = res.getStatus(); + ClientResponse res = null; + try { + res = client.read(NON_EXISTENT_ID, "123"); + int statusCode = res.getStatus(); - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + if (res != null) { + res.releaseConnection(); + } } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - res.releaseConnection(); } // --------------------------------------------------------------- @@ -310,7 +329,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"createList", "read"}) public void readList(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } // Failure outcomes @@ -326,7 +345,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"read", "readList", "readNonExistent"}) public void update(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } // Failure outcomes @@ -337,7 +356,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void updateWithEmptyEntityBody(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } /* (non-Javadoc) @@ -345,7 +364,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void updateWithMalformedXml(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } /* (non-Javadoc) @@ -353,7 +372,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { */ @Override public void updateWithWrongXmlSchema(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } /* (non-Javadoc) @@ -363,7 +382,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, dependsOnMethods = {"readNonExistent", "testSubmitRequest"}) public void updateNonExistent(String testName) throws Exception { - //Should this really be empty? + //Should this really be empty? } // --------------------------------------------------------------- @@ -383,19 +402,25 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. PermissionRoleClient client = new PermissionRoleClient(); - ClientResponse res = client.delete( - permValues.get(TEST_SERVICE_NAME).getPermissionId(), "123"); - int statusCode = res.getStatus(); + ClientResponse res = null; + try { + res = client.delete( + permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId(), "123"); + int statusCode = res.getStatus(); - // Check the status code of the response: does it match - // the expected response(s)? - if (logger.isDebugEnabled()) { - logger.debug(testName + ": status = " + statusCode); + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + if (res != null) { + res.releaseConnection(); + } } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - res.releaseConnection(); } // Failure outcomes @@ -425,7 +450,7 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // Submit the request to the service and store the response. String method = ServiceRequestType.READ.httpMethodName(); - String url = getResourceURL(permValues.get(TEST_SERVICE_NAME).getPermissionId()); + String url = getResourceURL(permValues.get(TEST_SERVICE_NAME + TEST_MARKER).getPermissionId()); int statusCode = submitRequest(method, url); // Check the status code of the response: does it match @@ -444,12 +469,9 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { // --------------------------------------------------------------- /** * create permRolerole instance - * @param pv - * @param rvs + * @param pv permissionvalue + * @param rvs rolevalue array * @param usePermId - * @param permId - * @param roleValues array of role ids - * @param userPermId * @param useRoleId * @return PermissionRole */ @@ -458,8 +480,10 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { boolean usePermId, boolean useRoleId) { + List rvls = new ArrayList(); + rvls.addAll(rvs); PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance( - pv, rvs, usePermId, useRoleId); + pv, rvls, usePermId, useRoleId); if (logger.isDebugEnabled()) { logger.debug("to be created, permRole"); logger.debug(objectAsXmlString(permRole, PermissionRole.class)); @@ -475,31 +499,31 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { public void cleanUp() { setupDelete("cleanUp"); String noTest = System.getProperty("noTestCleanup"); - if(Boolean.TRUE.toString().equalsIgnoreCase(noTest)) { + if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) { if (logger.isDebugEnabled()) { logger.debug("Skipping Cleanup phase ..."); } return; - } + } if (logger.isDebugEnabled()) { logger.debug("Cleaning up temporary resources created for testing ..."); } - + PermissionRoleClient client = new PermissionRoleClient(); for (String resourceId : allResourceIdsCreated) { ClientResponse res = client.delete(resourceId, "123"); int statusCode = res.getStatus(); try { - if (logger.isDebugEnabled()) { - logger.debug("cleanup: delete relationships for permission id=" - + resourceId + " status=" + statusCode); - } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + if (logger.isDebugEnabled()) { + logger.debug("cleanup: delete relationships for permission id=" + + resourceId + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); } finally { - res.releaseConnection(); + res.releaseConnection(); } } @@ -525,17 +549,26 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { Permission permission = PermissionFactory.createPermissionInstance(resName, "default permissions for " + resName, actions, effect, true, true, true); - ClientResponse res = permClient.create(permission); - int statusCode = res.getStatus(); - if (logger.isDebugEnabled()) { - logger.debug("createPermission: resName=" + resName - + " status = " + statusCode); + String id = null; + ClientResponse res = null; + try { + res = permClient.create(permission); + + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("createPermission: resName=" + resName + + " status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + id = extractId(res); + } finally { + if (res != null) { + res.releaseConnection(); + } } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - res.releaseConnection(); - return extractId(res); + return id; } /** @@ -546,20 +579,21 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { private void deletePermission(String permId) { setupDelete("deletePermission"); PermissionClient permClient = new PermissionClient(); - ClientResponse res = permClient.delete(permId); - int statusCode = res.getStatus(); + ClientResponse res = null; try { - if (logger.isDebugEnabled()) { - logger.debug("deletePermission: delete permission id=" - + permId + " status=" + statusCode); - } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + res = permClient.delete(permId); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("deletePermission: delete permission id=" + + permId + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); } finally { - res.releaseConnection(); + res.releaseConnection(); } - res.releaseConnection(); + } /** @@ -574,17 +608,24 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { Role role = RoleFactory.createRoleInstance(roleName, "role for " + roleName, true); - ClientResponse res = roleClient.create(role); - int statusCode = res.getStatus(); - if (logger.isDebugEnabled()) { - logger.debug("createRole: name=" + roleName - + " status = " + statusCode); + ClientResponse res = null; + String id = null; + try { + res = roleClient.create(role); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("createRole: name=" + roleName + + " status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + id = extractId(res); + } finally { + res.releaseConnection(); } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); - res.releaseConnection(); - return extractId(res); + return id; } /** @@ -595,19 +636,19 @@ public class PermissionRoleServiceTest extends AbstractServiceTestImpl { private void deleteRole(String roleId) { setupDelete("deleteRole"); RoleClient roleClient = new RoleClient(); - ClientResponse res = roleClient.delete(roleId); - int statusCode = res.getStatus(); + ClientResponse res = null; try { - if (logger.isDebugEnabled()) { - logger.debug("deleteRole: delete role id=" + roleId - + " status=" + statusCode); - } - Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), - invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); - Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + res = roleClient.delete(roleId); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("deleteRole: delete role id=" + roleId + + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); } finally { - res.releaseConnection(); + res.releaseConnection(); } - res.releaseConnection(); } } diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java index b0cce9f0e..8cfb9964c 100644 --- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/PermissionServiceTest.java @@ -611,7 +611,7 @@ public class PermissionServiceTest extends AbstractServiceTestImpl { */ @Override @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, - dependsOnMethods = {"updateActions"}) + dependsOnMethods = {"updateActions", "testSubmitRequest"}) public void delete(String testName) throws Exception { // Perform setup. @@ -667,7 +667,7 @@ public class PermissionServiceTest extends AbstractServiceTestImpl { * of the methods above. * @throws Exception */ - @Test(dependsOnMethods = {"create", "read"}) + @Test(dependsOnMethods = {"create"}) public void testSubmitRequest() throws Exception { // Expected status code: 200 OK diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java new file mode 100644 index 000000000..893005232 --- /dev/null +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RolePermissionServiceTest.java @@ -0,0 +1,644 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright © 2009 Regents of the University of California + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permRoles and + * limitations under the License. + */ +package org.collectionspace.services.authorization.client.test; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Hashtable; +import java.util.List; +import javax.ws.rs.core.Response; +import org.collectionspace.services.authorization.EffectType; + +import org.collectionspace.services.authorization.Permission; +import org.collectionspace.services.authorization.PermissionAction; +import org.collectionspace.services.authorization.PermissionRole; +import org.collectionspace.services.authorization.PermissionValue; +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RoleValue; +import org.collectionspace.services.client.CollectionSpaceClient; +import org.collectionspace.services.client.PermissionClient; +import org.collectionspace.services.client.PermissionFactory; +import org.collectionspace.services.client.RolePermissionClient; +import org.collectionspace.services.client.PermissionRoleFactory; +import org.collectionspace.services.client.RoleClient; +import org.collectionspace.services.client.RoleFactory; +import org.collectionspace.services.client.test.AbstractServiceTestImpl; +import org.collectionspace.services.client.test.ServiceRequestType; +import org.collectionspace.services.jaxb.AbstractCommonList; +import org.jboss.resteasy.client.ClientResponse; + +import org.testng.Assert; +import org.testng.annotations.Test; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; + +/** + * PermissionServiceTest, carries out tests against a + * deployed and running Permission, Role and PermissionRole Services. + * + * $LastChangedRevision: 917 $ + * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $ + */ +public class RolePermissionServiceTest extends AbstractServiceTestImpl { + + /** The Constant logger. */ + static private final Logger logger = + LoggerFactory.getLogger(RolePermissionServiceTest.class); + // Instance variables specific to this test. + /** The known resource id. */ + private String knownResourceId = null; + /** The all resource ids created. */ + private List allResourceIdsCreated = new ArrayList(); + final private static String TEST_MARKER = "_RolePermissionServiceTest"; + final private static String TEST_ROLE_NAME = "ROLE"; + /** The perm values. */ + private Hashtable permValues = new Hashtable(); + /** The role values. */ + private Hashtable roleValues = new Hashtable(); + /* + * This method is called only by the parent class, AbstractServiceTestImpl + */ + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.BaseServiceTest#getServicePathComponent() + */ + @Override + protected String getServicePathComponent() { + return new RolePermissionClient().getServicePathComponent(); + } + + /** + * Seed data. + */ + @BeforeClass(alwaysRun = true) + public void seedData() { + + String rn1 = TEST_ROLE_NAME + TEST_MARKER; + String r1RoleId = createRole(rn1); + RoleValue rv1 = new RoleValue(); + rv1.setRoleId(r1RoleId); + rv1.setRoleName(rn1); + roleValues.put(rv1.getRoleName(), rv1); + + String ra1 = "fooService" + TEST_MARKER; + String permId1 = createPermission(ra1, EffectType.PERMIT); + PermissionValue pva1 = new PermissionValue(); + pva1.setResourceName(ra1); + pva1.setPermissionId(permId1); + permValues.put(pva1.getResourceName(), pva1); + + String ra2 = "barService" + TEST_MARKER; + String permId2 = createPermission(ra1, EffectType.PERMIT); + PermissionValue pva2 = new PermissionValue(); + pva2.setResourceName(ra2); + pva2.setPermissionId(permId2); + permValues.put(pva2.getResourceName(), pva2); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.BaseServiceTest#getClientInstance() + */ + @Override + protected CollectionSpaceClient getClientInstance() { + return new RolePermissionClient(); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse) + */ + @Override + protected AbstractCommonList getAbstractCommonList( + ClientResponse response) { + //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 + throw new UnsupportedOperationException(); + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readPaginatedList(java.lang.String) + */ + @Test(dataProvider = "testName") + @Override + public void readPaginatedList(String testName) throws Exception { + //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697 + } + // --------------------------------------------------------------- + // CRUD tests : CREATE tests + // --------------------------------------------------------------- + // Success outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.ServiceTest#create(java.lang.String) + */ + + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class) + public void create(String testName) throws Exception { + + // Perform setup, such as initializing the type of service request + // (e.g. CREATE, DELETE), its valid and expected status codes, and + // its associated HTTP method name (e.g. POST, DELETE). + setupCreate(testName); + + // Submit the request to the service and store the response. + RoleValue rv = roleValues.get(TEST_ROLE_NAME + TEST_MARKER); + PermissionRole permRole = createPermissionRoleInstance(rv, + permValues.values(), true, true); + RolePermissionClient client = new RolePermissionClient(); + ClientResponse res = null; + try { + res = client.create(rv.getRoleId(), permRole); + + int statusCode = res.getStatus(); + + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + // Store the ID returned from this create operation + // for additional tests below. + //this is is not important in case of this relationship + knownResourceId = extractId(res); + if (logger.isDebugEnabled()) { + logger.debug(testName + ": knownResourceId=" + knownResourceId); + } + } finally { + if (res != null) { + res.releaseConnection(); + } + } + } + + //to not cause uniqueness violation for permRole, createList is removed + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#createList(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void createList(String testName) throws Exception { + //Should this really be empty? + } + + // Failure outcomes + // Placeholders until the three tests below can be uncommented. + // See Issue CSPACE-401. + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#createWithEmptyEntityBody(java.lang.String) + */ + @Override + public void createWithEmptyEntityBody(String testName) throws Exception { + //Should this really be empty? + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#createWithMalformedXml(java.lang.String) + */ + @Override + public void createWithMalformedXml(String testName) throws Exception { + //Should this really be empty? + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#createWithWrongXmlSchema(java.lang.String) + */ + @Override + public void createWithWrongXmlSchema(String testName) throws Exception { + //Should this really be empty? + } + + // --------------------------------------------------------------- + // CRUD tests : READ tests + // --------------------------------------------------------------- + // Success outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#read(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void read(String testName) throws Exception { + + // Perform setup. + setupRead(testName); + + // Submit the request to the service and store the response. + RolePermissionClient client = new RolePermissionClient(); + ClientResponse res = null; + try { + res = client.read( + roleValues.get(TEST_ROLE_NAME + TEST_MARKER).getRoleId(), "123"); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + PermissionRole output = (PermissionRole) res.getEntity(); + Assert.assertNotNull(output); + } finally { + if (res != null) { + res.releaseConnection(); + } + } + } + + // Failure outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readNonExistent(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class) + public void readNonExistent(String testName) throws Exception { + + // Perform setup. + setupReadNonExistent(testName); + + // Submit the request to the service and store the response. + RolePermissionClient client = new RolePermissionClient(); + ClientResponse res = null; + try { + + res = client.read(NON_EXISTENT_ID, "123"); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + if (res != null) { + res.releaseConnection(); + } + } + } + + // --------------------------------------------------------------- + // CRUD tests : READ_LIST tests + // --------------------------------------------------------------- + // Success outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#readList(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"createList", "read"}) + public void readList(String testName) throws Exception { + //Should this really be empty? + } + + // Failure outcomes + // None at present. + // --------------------------------------------------------------- + // CRUD tests : UPDATE tests + // --------------------------------------------------------------- + // Success outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#update(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"read", "readList", "readNonExistent"}) + public void update(String testName) throws Exception { + //Should this really be empty? + } + + // Failure outcomes + // Placeholders until the three tests below can be uncommented. + // See Issue CSPACE-401. + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#updateWithEmptyEntityBody(java.lang.String) + */ + @Override + public void updateWithEmptyEntityBody(String testName) throws Exception { + //Should this really be empty? + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#updateWithMalformedXml(java.lang.String) + */ + @Override + public void updateWithMalformedXml(String testName) throws Exception { + //Should this really be empty? + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#updateWithWrongXmlSchema(java.lang.String) + */ + @Override + public void updateWithWrongXmlSchema(String testName) throws Exception { + //Should this really be empty? + } + + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#updateNonExistent(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"readNonExistent", "testSubmitRequest"}) + public void updateNonExistent(String testName) throws Exception { + //Should this really be empty? + } + + // --------------------------------------------------------------- + // CRUD tests : DELETE tests + // --------------------------------------------------------------- + // Success outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#delete(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"read"}) + public void delete(String testName) throws Exception { + + // Perform setup. + setupDelete(testName); + + // Submit the request to the service and store the response. + RolePermissionClient client = new RolePermissionClient(); + ClientResponse res = null; + try { + res = client.delete( + roleValues.get(TEST_ROLE_NAME + TEST_MARKER).getRoleId(), "123"); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + if (res != null) { + res.releaseConnection(); + } + } + } + + // Failure outcomes + /* (non-Javadoc) + * @see org.collectionspace.services.client.test.AbstractServiceTestImpl#deleteNonExistent(java.lang.String) + */ + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class) + public void deleteNonExistent(String testName) throws Exception { + //ignoring this test as the service side returns 200 now even if it does + //not find a record in the db + } + + // --------------------------------------------------------------- + // Utility tests : tests of code used in tests above + // --------------------------------------------------------------- + /** + * Tests the code for manually submitting data that is used by several + * of the methods above. + * @throws Exception + */ + @Test(dependsOnMethods = {"create"}) + public void testSubmitRequest() throws Exception { + + // Expected status code: 200 OK + final int EXPECTED_STATUS = Response.Status.OK.getStatusCode(); + + // Submit the request to the service and store the response. + String method = ServiceRequestType.READ.httpMethodName(); + String url = getResourceURL(roleValues.get(TEST_ROLE_NAME + TEST_MARKER).getRoleId()); + int statusCode = submitRequest(method, url); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug("testSubmitRequest: url=" + url + + " status=" + statusCode); + } + Assert.assertEquals(statusCode, EXPECTED_STATUS); + + + } + + // --------------------------------------------------------------- + // Utility methods used by tests above + // --------------------------------------------------------------- + /** + * create PermissionRole instance + * @param rv rolevalue + * @param pvs permission value array + * @param usePermId + * @param useRoleId + * @return PermissionRole + */ + public static PermissionRole createPermissionRoleInstance(RoleValue rv, + Collection pvs, + boolean usePermId, + boolean useRoleId) { + List pvls = new ArrayList(); + pvls.addAll(pvs); + PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance( + rv, pvls, usePermId, useRoleId); + if (logger.isDebugEnabled()) { + logger.debug("to be created, permRole"); + logger.debug(objectAsXmlString(permRole, PermissionRole.class)); + } + return permRole; + } + + /** + * Clean up. + */ + @AfterClass(alwaysRun = true) + @Override + public void cleanUp() { + setupDelete("cleanUp"); + String noTest = System.getProperty("noTestCleanup"); + if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) { + if (logger.isDebugEnabled()) { + logger.debug("Skipping Cleanup phase ..."); + } + return; + } + if (logger.isDebugEnabled()) { + logger.debug("Cleaning up temporary resources created for testing ..."); + } + + RolePermissionClient client = new RolePermissionClient(); + for (String resourceId : allResourceIdsCreated) { + + ClientResponse res = client.delete(resourceId, "123"); + int statusCode = res.getStatus(); + try { + if (logger.isDebugEnabled()) { + logger.debug("cleanup: delete relationships for permission id=" + + resourceId + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + res.releaseConnection(); + } + } + + for (PermissionValue pv : permValues.values()) { + deletePermission(pv.getPermissionId()); + } + for (RoleValue rv : roleValues.values()) { + deleteRole(rv.getRoleId()); + } + } + + /** + * Creates the permission. + * + * @param resName the res name + * @param effect the effect + * @return the string + */ + private String createPermission(String resName, EffectType effect) { + setupCreate("createPermission"); + PermissionClient permClient = new PermissionClient(); + List actions = PermissionFactory.createDefaultActions(); + Permission permission = PermissionFactory.createPermissionInstance(resName, + "default permissions for " + resName, + actions, effect, true, true, true); + ClientResponse res = null; + String id = null; + try { + res = permClient.create(permission); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("createPermission: resName=" + resName + + " status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + id = extractId(res); + } finally { + if (res != null) { + res.releaseConnection(); + } + } + return id; + } + + /** + * Delete permission. + * + * @param permId the perm id + */ + private void deletePermission(String permId) { + setupDelete("deletePermission"); + PermissionClient permClient = new PermissionClient(); + + ClientResponse res = null; + try { + res = permClient.delete(permId); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("deletePermission: delete permission id=" + + permId + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + } finally { + if (res != null) { + res.releaseConnection(); + } + } + } + + /** + * Creates the role. + * + * @param roleName the role name + * @return the string + */ + private String createRole(String roleName) { + setupCreate("createRole"); + RoleClient roleClient = new RoleClient(); + + Role role = RoleFactory.createRoleInstance(roleName, + "role for " + roleName, true); + ClientResponse res = null; + String id = null; + try { + res = roleClient.create(role); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("createRole: name=" + roleName + + " status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + id = extractId(res); + } finally { + if (res != null) { + res.releaseConnection(); + } + } + return id; + } + + /** + * Delete role. + * + * @param roleId the role id + */ + private void deleteRole(String roleId) { + setupDelete("deleteRole"); + RoleClient roleClient = new RoleClient(); + ClientResponse res = null; + try { + res = roleClient.delete(roleId); + int statusCode = res.getStatus(); + if (logger.isDebugEnabled()) { + logger.debug("deleteRole: delete role id=" + roleId + + " status=" + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } finally { + res.releaseConnection(); + } + + } +} diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java index 3e3c0d847..abaceb776 100644 --- a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java @@ -592,7 +592,7 @@ public class RoleServiceTest extends AbstractServiceTestImpl { */ @Override @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, - dependsOnMethods = {"updateNotAllowed"}) + dependsOnMethods = {"updateNotAllowed", "testSubmitRequest"}) public void delete(String testName) throws Exception { // Perform setup. @@ -648,7 +648,8 @@ public class RoleServiceTest extends AbstractServiceTestImpl { * of the methods above. * @throws Exception */ - @Test(dependsOnMethods = {"create", "read"}) + + @Test(dependsOnMethods = {"create"}) public void testSubmitRequest() throws Exception { // Expected status code: 200 OK diff --git a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml index fa4292edc..edf8aef0f 100644 --- a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml +++ b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions-roles.xml @@ -3,7 +3,7 @@ ROLE - 5a0bad92-cac6-4694-84d6-d393a52aafd9 + 68eea582-e5b0-4aab-a01b-e45126ce1924 idgenerators @@ -14,7 +14,7 @@ ROLE - 3e0a37ab-4ca3-4659-bef6-ff7e7c3ce590 + 150c809f-ffd6-4b23-b86b-a6533feeda29 id @@ -25,7 +25,7 @@ ROLE - 0d8826df-d61a-448e-8d8a-9e41bf178582 + 30f13249-56c6-428e-9f9b-be092520ca30 /idgenerators/*/ids @@ -38,7 +38,7 @@ ROLE - f872859a-7f05-4d0a-b898-ef8f1b7745ba + e5005679-b03a-4911-9081-741dced66508 collectionobjects @@ -49,7 +49,7 @@ ROLE - cca70419-20ce-4bf7-ad9f-cb5d8c542577 + 676a2ce3-f65a-445e-bc0f-cce5dc056eac /collectionobjects/*/authorityrefs/ @@ -62,7 +62,7 @@ ROLE - ca89d98e-7fc4-44e5-9e5f-fea49bdb7e89 + 200f1961-8910-4170-8f7b-32fcf7eef047 intakes @@ -73,7 +73,7 @@ ROLE - c3e6c0c6-b6c0-4bb1-a03d-2e86857b74b4 + aa534e0f-6979-4c52-873c-d58bd0151f9c /intakes/*/authorityrefs/ @@ -86,7 +86,7 @@ ROLE - cea2e847-0944-49c0-8746-4622c1169a65 + 0a3692cd-94f6-44dd-854a-1fb0b19fe71d loansin @@ -97,7 +97,7 @@ ROLE - b163f821-5791-4044-be1c-ddbd3738a4b4 + f56deb15-81a5-47ad-89c7-ea4738451b8c /loansin/*/authorityrefs/ @@ -110,7 +110,7 @@ ROLE - 3a77ffcf-8052-466c-99d7-61fff28d9f88 + 1628fe32-a657-4577-a6cd-87bcf942d56d loansout @@ -121,7 +121,7 @@ ROLE - 859d46be-9bf6-4bce-9950-3e07fd35fc91 + d38171bb-62b2-402b-a8e9-329433f7092c /loansout/*/authorityrefs/ @@ -134,7 +134,7 @@ ROLE - f079772b-b15a-45b9-9e30-ba93ec62886b + bf39f493-8e5b-4ca1-baaf-67dd8283b299 movements @@ -145,7 +145,7 @@ ROLE - 05a0e8d6-c623-470f-8562-e1ebaa8661a0 + 30130f70-6122-478c-9425-428815c0006c /movements/*/authorityrefs/ @@ -158,7 +158,7 @@ ROLE - 72115711-331e-4e6d-a4d7-2d9ad22bb2e3 + 61dc8d8b-8d2e-4d0b-a76f-87d5be9a583c vocabularies @@ -169,7 +169,7 @@ ROLE - 401d9a19-add1-475b-97c6-715d18001fed + cdff0a6a-ca8a-4651-a291-d7e4e9e531ba vocabularyitems @@ -180,7 +180,7 @@ ROLE - 862e5aa7-40e0-433c-b918-025a649543e0 + 2bbbbe30-9562-4686-8237-00422e24e1d6 /vocabularies/*/items/ @@ -193,7 +193,7 @@ ROLE - b8fbde29-bb5a-4d88-88c9-01881b4953a7 + 60e310d8-8d49-4ced-bdff-d1bc82d8cabd orgauthorities @@ -204,7 +204,7 @@ ROLE - 458a330f-1b4d-4e52-950c-f2aacf9a4870 + 0562b8c3-1883-4491-b77f-d8437c1433d6 /orgauthorities/*/items/*/authorityrefs/ @@ -217,7 +217,7 @@ ROLE - 3552c6ca-c830-4aa0-a940-00296e87ba3d + 44cba976-171b-408e-b3ed-3bd5b18e95e1 organizations @@ -228,7 +228,7 @@ ROLE - 821f288c-4958-405c-bc73-b34f47411066 + c8e68564-bd16-462d-b191-a4fb4ad6d93a /orgauthorities/*/items/ @@ -241,7 +241,7 @@ ROLE - 5a99cd36-768a-4001-b855-d75899fcb19b + faf6fdb6-654e-44a3-b7de-e98eb3105e3f /orgauthorities/*/items/*/refobjs @@ -254,7 +254,7 @@ ROLE - 75127a9c-d433-419e-b2b8-fb3368dc2fd3 + fc3845e7-122b-44c6-b46f-756421291994 personauthorities @@ -265,7 +265,7 @@ ROLE - 33af3708-d5ab-4668-be8f-535de4845150 + 44b6f2f5-2ae5-4f9f-aaf6-21361e38992e /personauthorities/*/items/ @@ -278,7 +278,7 @@ ROLE - b918c0ec-7005-4f51-ac6b-62daf86560b1 + f488f02a-0107-4991-847f-db811fa843f5 /personauthorities/*/items/*/refobjs @@ -291,7 +291,7 @@ ROLE - 026f957b-763f-4e31-8a5c-90c6f4c1017d + b1236cf3-c8e3-462a-b189-e5bcebdd382e persons @@ -302,7 +302,7 @@ ROLE - 96749d08-3320-408d-b812-815fb0702562 + 7e329610-aa02-4d66-9a44-f7f5302c2ea4 /personauthorities/*/items/ @@ -315,7 +315,7 @@ ROLE - 6da6f72b-ecf0-4f08-a220-223a2f0e0b16 + abee33c0-e304-44e1-ae27-0e518e0ee55b locationauthorities @@ -326,7 +326,7 @@ ROLE - 454c4a67-e21d-4402-9d13-5f0eb05e6028 + 1924cf31-7025-4f43-896e-e6d7a7352788 /locationauthorities/*/items/ @@ -339,7 +339,7 @@ ROLE - 8b04ac84-968d-476d-8cac-fc0fd507f8d7 + 273e7918-f911-4f54-bc86-122aa539e813 locations @@ -350,7 +350,7 @@ ROLE - cdeb851e-0f68-43de-8b29-e2e2b9e3faf3 + 934a970c-221e-41b5-92be-6ba22276bd7a acquisitions @@ -361,7 +361,7 @@ ROLE - c1ada994-34f7-4a5d-a91f-3414ac872bae + 61a10a62-4f23-4427-b262-f978a3b03806 /acquisitions/*/authorityrefs/ @@ -374,7 +374,7 @@ ROLE - 8d4b8274-fc30-4175-b5de-a328d16b898a + 463dc11d-8324-4fb9-9d07-7c134c68eb47 relations @@ -385,7 +385,7 @@ ROLE - 6be0be1c-9269-475a-8ac0-e2cd1e38836c + 3c536b47-b851-4dca-bbd2-12d0fc20f713 relations/subject/*/type/*/object/* @@ -398,7 +398,7 @@ ROLE - 849ece17-b3f6-4792-a7aa-ecf950e76bf5 + 87c457d9-3bf4-40d4-a3e1-7a9aae90c5c9 accounts @@ -409,7 +409,7 @@ ROLE - a7f645ca-e8be-4c76-9b2b-22d154f487a3 + 5762278c-fceb-4d67-908d-af389ac309ba dimensions @@ -420,7 +420,7 @@ ROLE - cb815554-aab2-43a9-9f4b-49ecd72b95e7 + bd9104e1-1931-4d0e-aff4-d06ec78f069f contacts @@ -431,7 +431,7 @@ ROLE - 3b67af55-4d7a-43b6-aba3-0327aa7f5eb1 + aa3c23d7-7d42-43f0-899a-3b8bc0c03c3a /personauthorities/*/items/*/contacts @@ -444,7 +444,7 @@ ROLE - 986483a9-d97d-464a-91d8-992c7653e7fa + a0f846e4-343c-4479-831e-04cc40e51902 /orgauthorities/*/items/*/contacts @@ -457,7 +457,7 @@ ROLE - 5a619a25-91d8-4fa9-808f-05c3bb349506 + b975509e-d1bd-42a2-98d4-bfde50a342c3 notes @@ -468,7 +468,7 @@ ROLE - 37f949ba-bdf5-435f-9649-4301bd29b957 + c9524c19-4819-4aea-aab3-341887d83b3f authorization/roles @@ -479,7 +479,7 @@ ROLE - dd02ab68-4774-4533-8969-641eca0e0178 + eec11401-da9e-4a33-b68d-b3d4906c3329 authorization/permissions @@ -490,7 +490,7 @@ ROLE - 64d08e83-0a6b-4c0e-bd63-ce20219463c9 + 975a8e80-8a30-426c-9d5b-aa32f6813f6d authorization/permissions/permroles @@ -501,7 +501,7 @@ ROLE - 8eeb4333-fdf1-4171-bd24-d719b24d1452 + 76ae1b26-9c42-4011-8130-178d90ff4c3b /authorization/permissions/*/permroles/ @@ -514,7 +514,7 @@ ROLE - a5f3dd1c-66c2-41a3-bbfb-dd2c72162fe5 + 662f9c6c-f8f1-4a78-922e-9c4250237b36 accounts/accountroles @@ -525,7 +525,7 @@ ROLE - 56145553-6b17-449c-ae8a-b7ed14f85af1 + e8cca9fb-a6cc-4944-a441-857d661280a9 /accounts/*/accountroles/ @@ -535,4 +535,28 @@ ROLE_ADMINISTRATOR + + ROLE + + f771df0b-98c8-4f84-aaf3-ae62c113d4cb + authorization/roles/permroles + + + 1 + ROLE_ADMINISTRATOR + + + + ROLE + + 937a7ab0-6c26-497b-a901-49f550987320 + + /authorization/roles/*/permroles/ + + + + 1 + ROLE_ADMINISTRATOR + + diff --git a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml index 74d711dc8..7ff06ee01 100644 --- a/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml +++ b/services/authorization-mgt/import/src/main/resources/import-data/import-permissions.xml @@ -1,6 +1,6 @@ - + idgenerators CREATE @@ -20,7 +20,7 @@ PERMIT 1 - + id CREATE @@ -40,7 +40,7 @@ PERMIT 1 - + /idgenerators/*/ids @@ -62,7 +62,7 @@ PERMIT 1 - + collectionobjects CREATE @@ -82,7 +82,7 @@ PERMIT 1 - + /collectionobjects/*/authorityrefs/ @@ -104,7 +104,7 @@ PERMIT 1 - + intakes CREATE @@ -124,7 +124,7 @@ PERMIT 1 - + /intakes/*/authorityrefs/ @@ -146,7 +146,7 @@ PERMIT 1 - + loansin CREATE @@ -166,7 +166,7 @@ PERMIT 1 - + /loansin/*/authorityrefs/ @@ -188,7 +188,7 @@ PERMIT 1 - + loansout CREATE @@ -208,7 +208,7 @@ PERMIT 1 - + /loansout/*/authorityrefs/ @@ -230,7 +230,7 @@ PERMIT 1 - + movements CREATE @@ -250,7 +250,7 @@ PERMIT 1 - + /movements/*/authorityrefs/ @@ -272,7 +272,7 @@ PERMIT 1 - + vocabularies CREATE @@ -292,7 +292,7 @@ PERMIT 1 - + vocabularyitems CREATE @@ -312,7 +312,7 @@ PERMIT 1 - + /vocabularies/*/items/ @@ -334,7 +334,7 @@ PERMIT 1 - + orgauthorities CREATE @@ -354,7 +354,7 @@ PERMIT 1 - + /orgauthorities/*/items/*/authorityrefs/ @@ -376,7 +376,7 @@ PERMIT 1 - + organizations CREATE @@ -396,7 +396,7 @@ PERMIT 1 - + /orgauthorities/*/items/ @@ -418,7 +418,7 @@ PERMIT 1 - + /orgauthorities/*/items/*/refobjs @@ -440,7 +440,7 @@ PERMIT 1 - + personauthorities CREATE @@ -460,7 +460,7 @@ PERMIT 1 - + /personauthorities/*/items/ @@ -482,7 +482,7 @@ PERMIT 1 - + /personauthorities/*/items/*/refobjs @@ -504,7 +504,7 @@ PERMIT 1 - + persons CREATE @@ -524,7 +524,7 @@ PERMIT 1 - + /personauthorities/*/items/ @@ -546,7 +546,7 @@ PERMIT 1 - + locationauthorities CREATE @@ -566,7 +566,7 @@ PERMIT 1 - + /locationauthorities/*/items/ @@ -588,7 +588,7 @@ PERMIT 1 - + locations CREATE @@ -608,7 +608,7 @@ PERMIT 1 - + acquisitions CREATE @@ -628,7 +628,7 @@ PERMIT 1 - + /acquisitions/*/authorityrefs/ @@ -650,7 +650,7 @@ PERMIT 1 - + relations CREATE @@ -670,7 +670,7 @@ PERMIT 1 - + relations/subject/*/type/*/object/* @@ -692,7 +692,7 @@ PERMIT 1 - + accounts CREATE @@ -712,7 +712,7 @@ PERMIT 1 - + dimensions CREATE @@ -732,7 +732,7 @@ PERMIT 1 - + contacts CREATE @@ -752,7 +752,7 @@ PERMIT 1 - + /personauthorities/*/items/*/contacts @@ -774,7 +774,7 @@ PERMIT 1 - + /orgauthorities/*/items/*/contacts @@ -796,7 +796,7 @@ PERMIT 1 - + notes CREATE @@ -816,7 +816,7 @@ PERMIT 1 - + authorization/roles CREATE @@ -836,7 +836,7 @@ PERMIT 1 - + authorization/permissions CREATE @@ -856,7 +856,7 @@ PERMIT 1 - + authorization/permissions/permroles CREATE @@ -876,7 +876,7 @@ PERMIT 1 - + /authorization/permissions/*/permroles/ @@ -898,7 +898,7 @@ PERMIT 1 - + accounts/accountroles CREATE @@ -918,7 +918,7 @@ PERMIT 1 - + /accounts/*/accountroles/ @@ -940,4 +940,46 @@ PERMIT 1 + + authorization/roles/permroles + + CREATE + + + READ + + + UPDATE + + + DELETE + + + SEARCH + + PERMIT + 1 + + + + /authorization/roles/*/permroles/ + + + CREATE + + + READ + + + UPDATE + + + DELETE + + + SEARCH + + PERMIT + 1 + diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java index b265607dc..b56f81a97 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/PermissionRoleSubResource.java @@ -58,6 +58,7 @@ public class PermissionRoleSubResource /* (non-Javadoc) * @see org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl#getVersionString() */ + @Override protected String getVersionString() { /** The last change revision. */ @@ -108,8 +109,13 @@ public class PermissionRoleSubResource //subject name is necessary to indicate if role or permission is a subject ctx.setProperty(ServiceContextProperties.SUBJECT, subject); //set context for the relationship query - ctx.setProperty(ServiceContextProperties.OBJECT_CLASS, Permission.class); - ctx.setProperty(ServiceContextProperties.OBJECT_ID, "permission_id"); + if (subject == SubjectType.ROLE) { + ctx.setProperty(ServiceContextProperties.OBJECT_CLASS, Permission.class); + ctx.setProperty(ServiceContextProperties.OBJECT_ID, "permission_id"); + } else if (subject == SubjectType.PERMISSION) { + ctx.setProperty(ServiceContextProperties.OBJECT_CLASS, Role.class); + ctx.setProperty(ServiceContextProperties.OBJECT_ID, "role_id"); + } return ctx; } diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java index c0af78922..49f27fe49 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java @@ -152,8 +152,8 @@ public class RoleResource throw new WebApplicationException(response); } catch (UnauthorizedException ue) { Response response = Response.status( - Response.Status.UNAUTHORIZED).entity(ServiceMessages.POST_FAILED + - ue.getErrorReason()).type("text/plain").build(); + Response.Status.UNAUTHORIZED).entity(ServiceMessages.POST_FAILED + + ue.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (Exception e) { if (logger.isDebugEnabled()) { @@ -161,8 +161,8 @@ public class RoleResource } logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); Response response = Response.status( - Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.POST_FAILED + - ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.POST_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); throw new WebApplicationException(response); } } @@ -196,8 +196,8 @@ public class RoleResource result = (Role) ctx.getOutput(); } catch (UnauthorizedException ue) { Response response = Response.status( - Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + - ue.getErrorReason()).type("text/plain").build(); + Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + + ue.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (DocumentNotFoundException dnfe) { if (logger.isDebugEnabled()) { @@ -213,8 +213,8 @@ public class RoleResource } logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); Response response = Response.status( - Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.GET_FAILED + - ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.GET_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); throw new WebApplicationException(response); } @@ -251,8 +251,8 @@ public class RoleResource roleList = (RolesList) handler.getCommonPartList(); } catch (UnauthorizedException ue) { Response response = Response.status( - Response.Status.UNAUTHORIZED).entity(ServiceMessages.LIST_FAILED + - ue.getErrorReason()).type("text/plain").build(); + Response.Status.UNAUTHORIZED).entity(ServiceMessages.LIST_FAILED + + ue.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (Exception e) { @@ -261,8 +261,8 @@ public class RoleResource } logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); Response response = Response.status( - Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.LIST_FAILED + - ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + Response.Status.INTERNAL_SERVER_ERROR).entity(ServiceMessages.LIST_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); throw new WebApplicationException(response); } return roleList; @@ -287,8 +287,8 @@ public class RoleResource if (csid == null || "".equals(csid)) { logger.error("updateRole: missing csid!"); Response response = Response.status(Response.Status.BAD_REQUEST).entity( - ServiceMessages.PUT_FAILED + "role " + - ServiceMessages.MISSING_INVALID_CSID + csid).type( + ServiceMessages.PUT_FAILED + "role " + + ServiceMessages.MISSING_INVALID_CSID + csid).type( "text/plain").build(); throw new WebApplicationException(response); } @@ -300,13 +300,13 @@ public class RoleResource result = (Role) ctx.getOutput(); } catch (BadRequestException bre) { Response response = Response.status( - Response.Status.BAD_REQUEST).entity(ServiceMessages.PUT_FAILED + - bre.getErrorReason()).type("text/plain").build(); + Response.Status.BAD_REQUEST).entity(ServiceMessages.PUT_FAILED + + bre.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (UnauthorizedException ue) { Response response = Response.status( - Response.Status.UNAUTHORIZED).entity(ServiceMessages.PUT_FAILED + - ue.getErrorReason()).type("text/plain").build(); + Response.Status.UNAUTHORIZED).entity(ServiceMessages.PUT_FAILED + + ue.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (DocumentNotFoundException dnfe) { if (logger.isDebugEnabled()) { @@ -320,8 +320,8 @@ public class RoleResource logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); Response response = Response.status( Response.Status.INTERNAL_SERVER_ERROR).entity( - ServiceMessages.PUT_FAILED + - ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + ServiceMessages.PUT_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); throw new WebApplicationException(response); } return result; @@ -354,7 +354,7 @@ public class RoleResource return Response.status(HttpResponseCodes.SC_OK).build(); } catch (UnauthorizedException ue) { Response response = Response.status( - Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + ue.getErrorReason()).type("text/plain").build(); + Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + ue.getErrorReason()).type("text/plain").build(); throw new WebApplicationException(response); } catch (DocumentNotFoundException dnfe) { @@ -374,4 +374,152 @@ public class RoleResource } } + + @POST + @Path("{csid}/permroles") + public Response createRolePermission(@PathParam("csid") String roleCsid, + PermissionRole input) { + if (logger.isDebugEnabled()) { + logger.debug("createRolePermission with roleCsid=" + roleCsid); + } + if (roleCsid == null || "".equals(roleCsid)) { + logger.error("createRolePermission: missing roleCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.POST_FAILED + "permroles role " + + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE); + String permrolecsid = subResource.createPermissionRole(input, SubjectType.PERMISSION); + UriBuilder path = UriBuilder.fromResource(PermissionResource.class); + path.path(roleCsid + "/permroles/" + permrolecsid); + Response response = Response.created(path.build()).build(); + return response; + } catch (BadRequestException bre) { + Response response = Response.status( + Response.Status.BAD_REQUEST).entity("Create failed reason " + + bre.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Create failed reason " + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("Caught exception in createRolePermission", e); + } + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.POST_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + } + + @GET + @Path("{csid}/permroles/{permrolecsid}") + public PermissionRole getRolePermission( + @PathParam("csid") String roleCsid, + @PathParam("permrolecsid") String permrolecsid) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission with roleCsid=" + roleCsid); + } + if (roleCsid == null || "".equals(roleCsid)) { + logger.error("getRolePermission: missing roleCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.GET_FAILED + "permroles role " + + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + PermissionRole result = null; + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE); + //get relationships for a role + result = subResource.getPermissionRole(roleCsid, SubjectType.PERMISSION); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.GET_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("getRolePermission", e); + } + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.GET_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + if (result == null) { + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.GET_FAILED + "permroles role csid=" + roleCsid + + ": was not found.").type( + "text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + @DELETE + @Path("{csid}/permroles/{permrolecsid}") + public Response deleteRolePermission( + @PathParam("csid") String roleCsid, + @PathParam("permrolecsid") String permrolecsid) { + if (logger.isDebugEnabled()) { + logger.debug("deleteRolePermission with roleCsid=" + roleCsid); + } + if (roleCsid == null || "".equals(roleCsid)) { + logger.error("deleteRolePermission: missing roleCsid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + ServiceMessages.DELETE_FAILED + "permroles role " + + ServiceMessages.MISSING_INVALID_CSID + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + PermissionRoleSubResource subResource = + new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE); + //delete all relationships for a permission + subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION); + return Response.status(HttpResponseCodes.SC_OK).build(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity(ServiceMessages.DELETE_FAILED + + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caught exception in deleteRolePermission", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + ServiceMessages.DELETE_FAILED + "role csid=" + roleCsid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + logger.error(ServiceMessages.UNKNOWN_ERROR_MSG, e); + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity( + ServiceMessages.DELETE_FAILED + + ServiceMessages.UNKNOWN_ERROR_MSG).type("text/plain").build(); + throw new WebApplicationException(response); + } + + } } diff --git a/services/common/src/main/config/services/tenant-bindings.xml b/services/common/src/main/config/services/tenant-bindings.xml index e8bc3eabb..f4f82470b 100644 --- a/services/common/src/main/config/services/tenant-bindings.xml +++ b/services/common/src/main/config/services/tenant-bindings.xml @@ -533,7 +533,7 @@ - + /locationauthorities/*/items/ @@ -912,6 +912,8 @@ + + @@ -985,6 +987,45 @@ + + + + + + + /authorization/roles/*/permroles/ + + + org.collectionspace.services.authorization.storage.PermissionRoleDocumentHandler + + + + + + + + + + + + + + + + + + diff --git a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java index 58298e832..fa9242a64 100644 --- a/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java +++ b/services/security/client/src/test/java/org/collectionspace/services/security/client/test/AuthorizationServiceTest.java @@ -667,8 +667,10 @@ public class AuthorizationServiceTest extends AbstractServiceTestImpl { private String createPermissionRole(PermissionValue pv, Collection rvs) { setupCreate("createPermissionRole"); + List rvls = new ArrayList(); + rvls.addAll(rvs); PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance( - pv, rvs, true, true); + pv, rvls, true, true); PermissionRoleClient client = new PermissionRoleClient(); ClientResponse res = client.create(pv.getPermissionId(), permRole); int statusCode = res.getStatus(); -- 2.47.3