From cec0dc4fca5320ad133f91504934c630a35f60b7 Mon Sep 17 00:00:00 2001 From: Richard Millet Date: Mon, 30 Aug 2010 22:44:18 +0000 Subject: [PATCH] CSPACE-2678: actionGroup not always returned in permroles list views. PermRoles were not being derived from existing Roles and Permissions. Instead, they were being created as independent entities. Now the Import util still creates them as independent payloads, but service calls will create derived entities. --- .../storage/AccountValidatorHandler.java | 4 +- .../storage/AuthorizationDelegate.java | 9 +- .../storage/PermissionRoleUtil.java | 97 ++++++++++++++----- .../PermissionRoleValidatorHandler.java | 7 +- .../jpa/JpaRelationshipStorageClient.java | 23 ++++- .../common/storage/jpa/JpaStorageUtils.java | 40 +++++++- 6 files changed, 148 insertions(+), 32 deletions(-) diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java index ca58bb4df..438e9495f 100644 --- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java +++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java @@ -58,6 +58,7 @@ import org.collectionspace.services.account.Tenant; import org.collectionspace.services.common.ServiceMessages; import org.collectionspace.services.common.context.ServiceContext; import org.collectionspace.services.common.document.DocumentHandler.Action; +import org.collectionspace.services.common.document.DocumentNotFoundException; import org.collectionspace.services.common.document.InvalidDocumentException; import org.collectionspace.services.common.document.ValidatorHandler; import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; @@ -149,7 +150,8 @@ public class AccountValidatorHandler implements ValidatorHandler { return invalid; } - private boolean isInvalidTenant(List atList, StringBuilder msgBldr) { + private boolean isInvalidTenant(List atList, StringBuilder msgBldr) + throws DocumentNotFoundException { boolean invalid = false; for (AccountTenant at : atList) { String tid = at.getTenantId(); diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java index 119618cd6..87519d436 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/AuthorizationDelegate.java @@ -189,7 +189,8 @@ public class AuthorizationDelegate { * @return string array with role names * @see RoleValue */ - private static String[] getRoles(List rvl) { + private static String[] getRoles(List rvl) + throws DocumentNotFoundException { List rvls = new ArrayList(); for (RoleValue rv : rvl) { Role r = getRole(rv.getRoleId()); @@ -228,13 +229,15 @@ public class AuthorizationDelegate { return rl.toArray(new CSpaceResource[0]); } - private static Permission getPermission(String permCsid) { + private static Permission getPermission(String permCsid) + throws DocumentNotFoundException { Permission p = (Permission) JpaStorageUtils.getEntity(permCsid, Permission.class); return p; } - private static Role getRole(String roleCsid) { + private static Role getRole(String roleCsid) + throws DocumentNotFoundException { Role r = (Role) JpaStorageUtils.getEntity(roleCsid, Role.class); return r; diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java index 59ad027fc..071f2a1a7 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleUtil.java @@ -25,14 +25,24 @@ package org.collectionspace.services.authorization.storage; import java.util.HashMap; import java.util.List; + +import org.collectionspace.services.common.document.DocumentNotFoundException; +import org.collectionspace.services.common.context.ServiceContext; +import org.collectionspace.services.common.context.ServiceContextProperties; +import org.collectionspace.services.common.storage.jpa.JpaRelationshipStorageClient; +import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; + +import org.collectionspace.services.authorization.Permission; import org.collectionspace.services.authorization.PermissionRole; import org.collectionspace.services.authorization.PermissionRoleRel; import org.collectionspace.services.authorization.PermissionValue; +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RoleResource; import org.collectionspace.services.authorization.RoleValue; import org.collectionspace.services.authorization.SubjectType; -import org.collectionspace.services.common.context.ServiceContext; -import org.collectionspace.services.common.context.ServiceContextProperties; -import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; // TODO: Auto-generated Javadoc /** @@ -42,6 +52,8 @@ import org.collectionspace.services.common.storage.jpa.JpaStorageUtils; */ public class PermissionRoleUtil { + final Logger logger = LoggerFactory.getLogger(PermissionRoleUtil.class); + /** * Gets the relation subject. * @@ -86,7 +98,8 @@ public class PermissionRoleUtil { static public void buildPermissionRoleRel(PermissionRole pr, SubjectType subject, List prrl, - boolean handleDelete) { + boolean handleDelete) + throws DocumentNotFoundException { if (subject.equals(SubjectType.ROLE)) { //FIXME: potential index out of bounds exception...negative test needed PermissionValue pv = pr.getPermissions().get(0); @@ -105,34 +118,74 @@ public class PermissionRoleUtil { } /** - * Builds the permisson role rel. + * Builds a permisson role relationship for either 'create' or 'delete' * - * @param pv the pv - * @param rv the rv + * @param pv the pv (currently using only the ID) + * @param rv the rv (currently using only the ID) * @param handleDelete the handle delete * @return the permission role rel */ - static private PermissionRoleRel buildPermissonRoleRel(PermissionValue pv, - RoleValue rv, + static private PermissionRoleRel buildPermissonRoleRel(PermissionValue permissionValue, + RoleValue roleValue, SubjectType subject, - boolean handleDelete) { - PermissionRoleRel prr = new PermissionRoleRel(); - prr.setPermissionId(pv.getPermissionId()); - prr.setPermissionResource(pv.getResourceName()); - prr.setActionGroup(pv.getActionGroup()); - prr.setRoleId(rv.getRoleId()); - prr.setRoleName(rv.getRoleName()); - + boolean handleDelete) + throws DocumentNotFoundException { + + PermissionRoleRel result = null; + + // + // Ensure we can find both the Permission and Role to relate. + // FIXME: REM - This is a workaround until the Import utility creates Perm/Role relationships + // correctly. The import utility should create and store the permissions and roles BEFORE creating the relationships + // + PermissionValue pv = permissionValue; + try { + Permission permission = (Permission)JpaStorageUtils.getEntity(pv.getPermissionId(), + Permission.class); + if (permission != null) { + // If the permission already exists, then use it to fill our the relation record + pv = JpaRelationshipStorageClient.createPermissionValue(permission); + } + } catch (DocumentNotFoundException e) { + // ignore this exception, pv is set to permissionValue; + } + // + // Ensure we can find both the Permission and Role to relate. + // FIXME: REM - This is a workaround until the Import utility creates Perm/Role relationships + // correctly. The import utility should create and store the permissions and roles BEFORE creating the relationships + // + RoleValue rv = roleValue; + try { + Role role = (Role)JpaStorageUtils.getEntity(rv.getRoleId(), + Role.class); + if (role != null) { + // If the role already exists, then use it to fill out the relation record + rv = JpaRelationshipStorageClient.createRoleValue(role); + } + } catch (DocumentNotFoundException e) { + // ignore this exception, rv is set to roleValue + } + + result = new PermissionRoleRel(); + result.setPermissionId(pv.getPermissionId()); + result.setPermissionResource(pv.getResourceName()); + result.setActionGroup(pv.getActionGroup()); + result.setRoleId(rv.getRoleId()); + result.setRoleName(rv.getRoleName()); + // + // For 'delete' we need to set the hjid of the existing relstionship + // String relationshipId = null; if (subject.equals(SubjectType.ROLE) == true) { - relationshipId = rv.getRoleRelationshipId(); + relationshipId = roleValue.getRoleRelationshipId(); } else if (subject.equals(SubjectType.PERMISSION) == true) { - relationshipId = pv.getPermRelationshipId(); + relationshipId = permissionValue.getPermRelationshipId(); } if (relationshipId != null && handleDelete == true) { - prr.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation - } - return prr; + result.setHjid(Long.parseLong(relationshipId)); // set this so we can convince JPA to del the relation + } + + return result; } /** diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleValidatorHandler.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleValidatorHandler.java index e1ae9049c..8d41506ce 100644 --- a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleValidatorHandler.java +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/PermissionRoleValidatorHandler.java @@ -24,6 +24,7 @@ */ package org.collectionspace.services.authorization.storage; +import org.collectionspace.services.common.document.DocumentNotFoundException; import org.collectionspace.services.authorization.Permission; import org.collectionspace.services.authorization.PermissionRole; import org.collectionspace.services.authorization.PermissionValue; @@ -82,7 +83,8 @@ public class PermissionRoleValidatorHandler implements ValidatorHandler { } } - private boolean isPermissionInvalid(String id, StringBuilder msgBldr) { + private boolean isPermissionInvalid(String id, StringBuilder msgBldr) + throws DocumentNotFoundException { boolean invalid = false; if (id == null || id.isEmpty()) { @@ -100,7 +102,8 @@ public class PermissionRoleValidatorHandler implements ValidatorHandler { return invalid; } - private boolean isRoleInvalid(String id, StringBuilder msgBldr) { + private boolean isRoleInvalid(String id, StringBuilder msgBldr) + throws DocumentNotFoundException { boolean invalid = false; if (id == null || id.isEmpty()) { diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java index 0405ddba2..2b4569f79 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaRelationshipStorageClient.java @@ -35,6 +35,10 @@ import javax.persistence.EntityManagerFactory; import javax.persistence.NoResultException; import javax.persistence.Query; +import org.collectionspace.services.authorization.Permission; +import org.collectionspace.services.authorization.PermissionValue; +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RoleValue; import org.collectionspace.services.authorization.AccountRoleRel; import org.collectionspace.services.authorization.PermissionRoleRel; @@ -64,7 +68,23 @@ public class JpaRelationshipStorageClient extends JpaStorageClientImpl { private final Logger logger = LoggerFactory.getLogger(JpaRelationshipStorageClient.class); + public static PermissionValue createPermissionValue(Permission permission) { + PermissionValue result = new PermissionValue(); + result.setPermissionId(permission.getCsid()); + result.setResourceName(permission.getResourceName()); + result.setActionGroup(permission.getActionGroup()); + return result; + } + + public static RoleValue createRoleValue(Role role) { + RoleValue result = new RoleValue(); + result.setRoleId(role.getCsid()); + result.setRoleName(role.getRoleName()); + return result; + } + public JpaRelationshipStorageClient() { + //empty } /** @@ -446,7 +466,8 @@ public class JpaRelationshipStorageClient extends JpaStorageClientImpl { * @param id * @return */ - protected Object getObject(ServiceContext ctx, String id) { + protected Object getObject(ServiceContext ctx, String id) + throws DocumentNotFoundException { Class objectClass = getObjectClass(ctx); return JpaStorageUtils.getEntity(id, objectClass); } diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java index 73bf887e8..4a6ad32e5 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java @@ -24,12 +24,17 @@ package org.collectionspace.services.common.storage.jpa; import java.util.HashMap; + +import javax.persistence.PersistenceException; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.NoResultException; import javax.persistence.Persistence; import javax.persistence.Query; + +import org.collectionspace.services.common.document.DocumentNotFoundException; import org.collectionspace.services.common.security.SecurityUtils; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -42,6 +47,7 @@ public class JpaStorageUtils { final private static Logger logger = LoggerFactory.getLogger(JpaStorageUtils.class); /** The Constant CS_PERSISTENCE_UNIT. */ public final static String CS_PERSISTENCE_UNIT = "org.collectionspace.services"; + private final static String CS_AUTHZ_PERSISTENCE_UNIT = "org.collectionspace.services.authorization"; /** * getEntity for given id and class @@ -49,7 +55,8 @@ public class JpaStorageUtils { * @param entityClazz * @return null if entity is not found */ - public static Object getEntity(String id, Class entityClazz) { + public static Object getEntity(String id, Class entityClazz) + throws DocumentNotFoundException { EntityManagerFactory emf = null; EntityManager em = null; Object entityFound = null; @@ -66,7 +73,8 @@ public class JpaStorageUtils { return entityFound; } - public static Object getEntity(long id, Class entityClazz) { + public static Object getEntity(long id, Class entityClazz) + throws DocumentNotFoundException { EntityManagerFactory emf = null; EntityManager em = null; Object entityFound = null; @@ -226,7 +234,33 @@ public class JpaStorageUtils { * @return the entity manager factory */ public static EntityManagerFactory getEntityManagerFactory() { - return getEntityManagerFactory(CS_PERSISTENCE_UNIT); + EntityManagerFactory result = null; + PersistenceException persistenceException = null; + + try { + result = getEntityManagerFactory(CS_PERSISTENCE_UNIT); + } catch (PersistenceException e) { + persistenceException = e; + } + // + // If the CS_PERSISTENCE_UNIT does not exist, our caller may be from + // the import utility. + // FIXME: REM - EntityManagerFactory should be passed in from the Import utility. + // + if (result == null) { + try { + result = getEntityManagerFactory(CS_AUTHZ_PERSISTENCE_UNIT); + return result; + } catch (PersistenceException e) { + persistenceException = e; + } + } + + if (result == null) { + throw persistenceException; + } + + return result; } /** -- 2.47.3