From e193409cb03afdefbb21b3da57dd20be18e8c05a Mon Sep 17 00:00:00 2001 From: Sanjay Dalal Date: Mon, 5 Apr 2010 19:50:20 +0000 Subject: [PATCH] CSPACE-1293 create a role CSPACE-1294 delete a role CSPACE-1295 get a role CSPACE-1296 update a role CSPACE-1310 list roles CSPACE-1308 search for a role (using role name only) Refactored roles.xsd into roles.xsd and roles_list.xsd to accommodate XmlRootElement per xsd Added authorization-mgt service for roles and permissions management. This checkin adds only the RoleResource and corresponding tests. test: authorization-mgt test, mvn test at the service level require: ant create_db for the authorization service M trunk/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CollectionSpaceJaxRsApplication.java M trunk/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml M trunk/services/JaxRsServiceProvider/pom.xml A trunk/services/authorization-mgt A trunk/services/authorization-mgt/service A trunk/services/authorization-mgt/service/src A trunk/services/authorization-mgt/service/src/test A trunk/services/authorization-mgt/service/src/test/java A trunk/services/authorization-mgt/service/src/test/resources A trunk/services/authorization-mgt/service/src/main A trunk/services/authorization-mgt/service/src/main/java A trunk/services/authorization-mgt/service/src/main/java/org A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleStorageConstants.java A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleValidatorHandler.java A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java A trunk/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java A trunk/services/authorization-mgt/service/src/main/javadoc A trunk/services/authorization-mgt/service/src/main/javadoc/org A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage/package.html A trunk/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/package.html A trunk/services/authorization-mgt/service/src/main/javadoc/overview.html A trunk/services/authorization-mgt/service/src/main/resources A trunk/services/authorization-mgt/service/pom.xml A trunk/services/authorization-mgt/service/build.xml A trunk/services/authorization-mgt/pom.xml A trunk/services/authorization-mgt/build.xml A trunk/services/authorization-mgt/client A trunk/services/authorization-mgt/client/src A trunk/services/authorization-mgt/client/src/test A trunk/services/authorization-mgt/client/src/test/java A trunk/services/authorization-mgt/client/src/test/java/org A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test A trunk/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java A trunk/services/authorization-mgt/client/src/test/resources A trunk/services/authorization-mgt/client/src/test/resources/log4j.properties A trunk/services/authorization-mgt/client/src/main A trunk/services/authorization-mgt/client/src/main/java A trunk/services/authorization-mgt/client/src/main/java/org A trunk/services/authorization-mgt/client/src/main/java/org/collectionspace A trunk/services/authorization-mgt/client/src/main/java/org/collectionspace/services A trunk/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client A trunk/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java A trunk/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleProxy.java A trunk/services/authorization-mgt/client/src/main/javadoc A trunk/services/authorization-mgt/client/src/main/javadoc/org A trunk/services/authorization-mgt/client/src/main/javadoc/org/collectionspace A trunk/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services A trunk/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client A trunk/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client/package.html A trunk/services/authorization-mgt/client/src/main/javadoc/overview.html A trunk/services/authorization-mgt/client/src/main/resources A trunk/services/authorization-mgt/client/pom.xml A trunk/services/authorization-mgt/client/build.xml M trunk/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java M trunk/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGenTest.java M trunk/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java M trunk/services/authorization/service/pom.xml M trunk/services/authorization/jaxb/src/main/resources/roles.xsd A trunk/services/authorization/jaxb/src/main/resources/roles_list.xsd M trunk/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql M trunk/services/authentication/service/pom.xml M trunk/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java M trunk/services/common/src/main/config/services/tenant-bindings.xml D trunk/services/common/src/main/svn-commit.tmp~ D trunk/services/account/client/src/test/java/org/collectionspace/services/client/test --- services/JaxRsServiceProvider/pom.xml | 4 +- .../CollectionSpaceJaxRsApplication.java | 4 +- .../main/resources/META-INF/persistence.xml | 2 + services/authentication/service/pom.xml | 1 + services/authorization-mgt/build.xml | 138 +++++ services/authorization-mgt/client/build.xml | 126 ++++ services/authorization-mgt/client/pom.xml | 115 ++++ .../services/client/RoleClient.java | 132 +++++ .../services/client/RoleProxy.java | 79 +++ .../services/client/package.html | 52 ++ .../client/src/main/javadoc/overview.html | 39 ++ .../client/test/RoleServiceTest.java | 557 ++++++++++++++++++ .../src/test/resources/log4j.properties | 25 + services/authorization-mgt/pom.xml | 18 + services/authorization-mgt/service/build.xml | 132 +++++ services/authorization-mgt/service/pom.xml | 190 ++++++ .../services/authorization/RoleResource.java | 291 +++++++++ .../storage/RoleDocumentHandler.java | 152 +++++ .../authorization/storage/RoleJpaFilter.java | 100 ++++ .../storage/RoleStorageConstants.java | 63 ++ .../storage/RoleValidatorHandler.java | 105 ++++ .../services/authorization/package.html | 52 ++ .../authorization/storage/package.html | 50 ++ .../service/src/main/javadoc/overview.html | 40 ++ .../jaxb/src/main/resources/roles.xsd | 46 +- .../jaxb/src/main/resources/roles_list.xsd | 56 ++ .../main/resources/db/mysql/authorization.sql | 8 +- services/authorization/service/pom.xml | 1 + .../services/authorization/AuthZ.java | 2 +- .../test/AuthorizationGenTest.java | 6 +- .../test/AuthorizationSeedTest.java | 4 +- .../main/config/services/tenant-bindings.xml | 85 ++- .../storage/jpa/JpaStorageClientImpl.java | 43 ++ services/common/src/main/svn-commit.tmp~ | 5 - 34 files changed, 2652 insertions(+), 71 deletions(-) create mode 100644 services/authorization-mgt/build.xml create mode 100644 services/authorization-mgt/client/build.xml create mode 100644 services/authorization-mgt/client/pom.xml create mode 100644 services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java create mode 100644 services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleProxy.java create mode 100644 services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client/package.html create mode 100644 services/authorization-mgt/client/src/main/javadoc/overview.html create mode 100644 services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java create mode 100644 services/authorization-mgt/client/src/test/resources/log4j.properties create mode 100644 services/authorization-mgt/pom.xml create mode 100644 services/authorization-mgt/service/build.xml create mode 100644 services/authorization-mgt/service/pom.xml create mode 100644 services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java create mode 100644 services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java create mode 100644 services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java create mode 100644 services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleStorageConstants.java create mode 100644 services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleValidatorHandler.java create mode 100644 services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/package.html create mode 100644 services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage/package.html create mode 100644 services/authorization-mgt/service/src/main/javadoc/overview.html create mode 100644 services/authorization/jaxb/src/main/resources/roles_list.xsd delete mode 100644 services/common/src/main/svn-commit.tmp~ diff --git a/services/JaxRsServiceProvider/pom.xml b/services/JaxRsServiceProvider/pom.xml index db58a1d01..cc0e8e7be 100644 --- a/services/JaxRsServiceProvider/pom.xml +++ b/services/JaxRsServiceProvider/pom.xml @@ -65,11 +65,11 @@ org.collectionspace.services.account.service ${project.version} - + org.collectionspace.services org.collectionspace.services.collectionobject.service diff --git a/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CollectionSpaceJaxRsApplication.java b/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CollectionSpaceJaxRsApplication.java index 60cdd95c3..baa7c5f62 100644 --- a/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CollectionSpaceJaxRsApplication.java +++ b/services/JaxRsServiceProvider/src/main/java/org/collectionspace/services/jaxrs/CollectionSpaceJaxRsApplication.java @@ -20,7 +20,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.collectionspace.services.jaxrs; import org.collectionspace.services.account.AccountResource; @@ -42,6 +41,7 @@ import org.collectionspace.services.person.PersonAuthorityResource; import javax.ws.rs.core.Application; import java.util.HashSet; import java.util.Set; +import org.collectionspace.services.authorization.RoleResource; import org.collectionspace.services.common.security.SecurityInterceptor; /** @@ -52,7 +52,6 @@ import org.collectionspace.services.common.security.SecurityInterceptor; * $LastChangedRevision$ * $LastChangedDate$ */ - public class CollectionSpaceJaxRsApplication extends Application { private Set singletons = new HashSet(); @@ -61,6 +60,7 @@ public class CollectionSpaceJaxRsApplication extends Application { public CollectionSpaceJaxRsApplication() { singletons.add(new SecurityInterceptor()); singletons.add(new AccountResource()); + singletons.add(new RoleResource()); singletons.add(new CollectionObjectResource()); singletons.add(new IDResource()); singletons.add(new IntakeResource()); diff --git a/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml b/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml index b0061ffaa..dc4ee6643 100644 --- a/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml +++ b/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml @@ -10,7 +10,9 @@ org.collectionspace.services.account.Status org.collectionspace.services.authentication.User org.collectionspace.services.authorization.Role + org.collectionspace.services.authorization.RolesList org.collectionspace.services.authorization.UserRole + org.collectionspace.services.authorization.UsersRolesList diff --git a/services/authentication/service/pom.xml b/services/authentication/service/pom.xml index dce7225c6..1fe4af387 100644 --- a/services/authentication/service/pom.xml +++ b/services/authentication/service/pom.xml @@ -66,6 +66,7 @@ jboss jbosssx 4.2.3.GA + provided org.springframework.security diff --git a/services/authorization-mgt/build.xml b/services/authorization-mgt/build.xml new file mode 100644 index 000000000..b76c3a622 --- /dev/null +++ b/services/authorization-mgt/build.xml @@ -0,0 +1,138 @@ + + + + authorization service + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/services/authorization-mgt/client/build.xml b/services/authorization-mgt/client/build.xml new file mode 100644 index 000000000..4dc84bbcf --- /dev/null +++ b/services/authorization-mgt/client/build.xml @@ -0,0 +1,126 @@ + + + + collectionspace authorization-mgt service + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/services/authorization-mgt/client/pom.xml b/services/authorization-mgt/client/pom.xml new file mode 100644 index 000000000..41a8a7c03 --- /dev/null +++ b/services/authorization-mgt/client/pom.xml @@ -0,0 +1,115 @@ + + + + org.collectionspace.services + org.collectionspace.services.authorization-mgt + 0.6-SNAPSHOT + + + 4.0.0 + org.collectionspace.services + org.collectionspace.services.authorization-mgt.client + services.authorization-mgt.client + + + + + org.slf4j + slf4j-api + test + + + org.slf4j + slf4j-log4j12 + test + + + org.collectionspace.services + org.collectionspace.services.authorization.jaxb + ${project.version} + + + org.collectionspace.services + org.collectionspace.services.client + ${project.version} + + + + + + + mysql + mysql-connector-java + test + + + + org.testng + testng + 5.6 + + + org.jboss.resteasy + resteasy-jaxrs + 1.1.GA + + + tjws + webserver + + + + + org.jboss.resteasy + resteasy-jaxb-provider + 1.1.GA + + + org.jboss.resteasy + resteasy-multipart-provider + 1.1.GA + + + commons-httpclient + commons-httpclient + 3.1 + + + + + cspace-services-authorization-client + + + + org.apache.maven.plugins + maven-surefire-plugin + + + + log4j.configuration + file:target/test-classes/log4j.properties + + + + + + maven-compiler-plugin + 2.0.2 + + 1.6 + 1.6 + + + + + + + diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java new file mode 100644 index 000000000..6ba71c339 --- /dev/null +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleClient.java @@ -0,0 +1,132 @@ +/** + * RoleClient.java + * + * {Purpose of This Class} + * + * {Other Notes Relating to This Class (Optional)} + * + * $LastChangedBy: $ + * $LastChangedRevision: $ + * $LastChangedDate: $ + * + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright (C) 2009 {Contributing Institution} + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + */ +package org.collectionspace.services.client; + +import javax.ws.rs.core.Response; + + +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RolesList; +import org.jboss.resteasy.client.ProxyFactory; +import org.jboss.resteasy.plugins.providers.RegisterBuiltin; +import org.jboss.resteasy.client.ClientResponse; +import org.jboss.resteasy.spi.ResteasyProviderFactory; + +/** + * A RoleClient. + + * @version $Revision:$ + */ +public class RoleClient extends AbstractServiceClientImpl { + + /** + * + */ + private RoleProxy roleProxy; + + /* (non-Javadoc) + * @see org.collectionspace.services.client.AbstractServiceClientImpl#getServicePathComponent() + */ + public String getServicePathComponent() { + return "authorization/roles"; + } + + /** + * + * Default constructor for RoleClient class. + * + */ + public RoleClient() { + ResteasyProviderFactory factory = ResteasyProviderFactory.getInstance(); + RegisterBuiltin.register(factory); + setProxy(); + } + + /** + * allow to reset proxy as per security needs + */ + public void setProxy() { + if (useAuth()) { + roleProxy = ProxyFactory.create(RoleProxy.class, + getBaseURL(), getHttpClient()); + } else { + roleProxy = ProxyFactory.create(RoleProxy.class, + getBaseURL()); + } + } + + /** + * @return + * @see org.collectionspace.hello.client.RoleProxy#readList() + */ + public ClientResponse readList() { + return roleProxy.readList(); + + } + + public ClientResponse readSearchList(String roleName) { + return roleProxy.readSearchList(roleName); + + } + + /** + * @param csid + * @return + * @see org.collectionspace.hello.client.RoleProxy#getAccount(java.lang.String) + */ + public ClientResponse read(String csid) { + return roleProxy.read(csid); + } + + /** + * @param role + * @return + * @see org.collectionspace.hello.client.RoleProxy#create(org.collectionspace.services.role.Role) + */ + public ClientResponse create(Role role) { + return roleProxy.create(role); + } + + /** + * @param csid + * @param role + * @return + * @see org.collectionspace.hello.client.RoleProxy#updateAccount(java.lang.Long, org.collectionspace.services.role.Role) + */ + public ClientResponse update(String csid, Role role) { + return roleProxy.update(csid, role); + } + + /** + * @param csid + * @return + * @see org.collectionspace.hello.client.RoleProxy#deleteAccount(java.lang.Long) + */ + public ClientResponse delete(String csid) { + return roleProxy.delete(csid); + } +} diff --git a/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleProxy.java b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleProxy.java new file mode 100644 index 000000000..a65aab021 --- /dev/null +++ b/services/authorization-mgt/client/src/main/java/org/collectionspace/services/client/RoleProxy.java @@ -0,0 +1,79 @@ +/** + * RoleProxy.java + * + * {Purpose of This Class} + * + * {Other Notes Relating to This Class (Optional)} + * + * $LastChangedBy: $ + * $LastChangedRevision: $ + * $LastChangedDate: $ + * + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright (C) 2009 {Contributing Institution} + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + */ +package org.collectionspace.services.client; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.Response; + + +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RolesList; +import org.jboss.resteasy.client.ClientResponse; + +/** + * @version $Revision:$ + */ +@Path("/authorization/roles") +@Produces({"application/xml"}) +@Consumes({"application/xml"}) +public interface RoleProxy { + + @GET + @Produces({"application/xml"}) + ClientResponse readList(); + + @GET + + ClientResponse readSearchList(@QueryParam("r") String roleName); + + //(C)reate + @POST + ClientResponse create(Role role); + + //(R)ead + @GET + @Path("/{csid}") + ClientResponse read(@PathParam("csid") String csid); + + //(U)pdate + @PUT + @Path("/{csid}") + ClientResponse update(@PathParam("csid") String csid, Role role); + + //(D)elete + @DELETE + @Path("/{csid}") + ClientResponse delete(@PathParam("csid") String csid); +} diff --git a/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client/package.html b/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client/package.html new file mode 100644 index 000000000..cc301cc35 --- /dev/null +++ b/services/authorization-mgt/client/src/main/javadoc/org/collectionspace/services/client/package.html @@ -0,0 +1,52 @@ + + + + + + + + + Provides classes and interfaces for Java client of the CollectionSpace + Authorization Management Service. These includes JBoss RESTeasy client and proxy for the + Authorization Management Service. + +

Package Specification

+ + +
    +
  • +
+ +

Related Documentation

+ + For overviews, tutorials, examples, guides, and tool documentation, please see: +
    +
  • +
+ + + + + diff --git a/services/authorization-mgt/client/src/main/javadoc/overview.html b/services/authorization-mgt/client/src/main/javadoc/overview.html new file mode 100644 index 000000000..0ef1c8a0d --- /dev/null +++ b/services/authorization-mgt/client/src/main/javadoc/overview.html @@ -0,0 +1,39 @@ + + + + + + CollectionSpace Authorization Management Service Client Overview + + + This document describes the source code of the Java client of the CollectionSpace + Authorization Management Service, a.k.a (Roles and Permissions Management) +
+ It includes the classes and interfaces for the following. +
+ - A JBoss RESTeasy client for the Authorizaion Management Service + - A JBoss RESTeasy client proxy for the Authorizaion Management Service + + \ No newline at end of file diff --git a/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java new file mode 100644 index 000000000..cda37b7b6 --- /dev/null +++ b/services/authorization-mgt/client/src/test/java/org/collectionspace/services/authorization/client/test/RoleServiceTest.java @@ -0,0 +1,557 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright © 2009 Regents of the University of California + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.collectionspace.services.authorization.client.test; + +import java.util.ArrayList; +import java.util.List; +import javax.ws.rs.core.Response; + +import org.collectionspace.services.client.RoleClient; +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RolesList; +import org.collectionspace.services.client.test.AbstractServiceTestImpl; +import org.collectionspace.services.client.test.ServiceRequestType; +import org.jboss.resteasy.client.ClientResponse; + +import org.testng.Assert; +import org.testng.annotations.Test; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.testng.annotations.AfterClass; + +/** + * RoleServiceTest, carries out tests against a + * deployed and running Role Service. + * + * $LastChangedRevision: 917 $ + * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $ + */ +public class RoleServiceTest extends AbstractServiceTestImpl { + + private final Logger logger = + LoggerFactory.getLogger(RoleServiceTest.class); + // Instance variables specific to this test. + private RoleClient client = new RoleClient(); + private String knownResourceId = null; + private List allResourceIdsCreated = new ArrayList(); + boolean addTenant = true; + /* + * This method is called only by the parent class, AbstractServiceTestImpl + */ + + @Override + protected String getServicePathComponent() { + return client.getServicePathComponent(); + } + + // --------------------------------------------------------------- + // CRUD tests : CREATE tests + // --------------------------------------------------------------- + // Success outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class) + public void create(String testName) throws Exception { + + // Perform setup, such as initializing the type of service request + // (e.g. CREATE, DELETE), its valid and expected status codes, and + // its associated HTTP method name (e.g. POST, DELETE). + setupCreate(testName); + + // Submit the request to the service and store the response. + Role role = createRoleInstance("ROLE_USERS_TEST", + "all users are required to be in this role", + true); + ClientResponse res = client.create(role); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + // + // Specifically: + // Does it fall within the set of valid status codes? + // Does it exactly match the expected status code? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + // Store the ID returned from this create operation + // for additional tests below. + knownResourceId = extractId(res); + if (logger.isDebugEnabled()) { + logger.debug(testName + ": knownResourceId=" + knownResourceId); + } + } + + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void createForUniqueRole(String testName) throws Exception { + + setupCreate(testName); + + // Submit the request to the service and store the response. + Role role = createRoleInstance("ROLE_USERS", + "role users", + true); + ClientResponse res = client.create(role); + int statusCode = res.getStatus(); + + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()); + } + + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void createWithoutRoleName(String testName) throws Exception { + + setupCreate(testName); + + // Submit the request to the service and store the response. + Role role = createRoleInstance("ROLE_USERS", + "role for users", + false); + ClientResponse res = client.create(role); + int statusCode = res.getStatus(); + // Does it exactly match the expected status code? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode()); + } + + //to not cause uniqueness violation for role, createList is removed + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void createList(String testName) throws Exception { + + setupCreate(testName); + // Submit the request to the service and store the response. + Role role1 = createRoleInstance("ROLE_COLLECTIONS_MANGER_TEST", + "collection manager", + true); + ClientResponse res = client.create(role1); + int statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + allResourceIdsCreated.add(extractId(res)); + + Role role2 = createRoleInstance("ROLE_COLLECTIONS_CURATOR_TEST", + "collections curator", + true); + res = client.create(role2); + statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + allResourceIdsCreated.add(extractId(res)); + + Role role3 = createRoleInstance("ROLE_MOVINGIMAGE_ADMIN_TEST", + "moving image admin", + true); + res = client.create(role3); + statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + allResourceIdsCreated.add(extractId(res)); + } + + // Failure outcomes + // Placeholders until the three tests below can be uncommented. + // See Issue CSPACE-401. + @Override + public void createWithEmptyEntityBody(String testName) throws Exception { + } + + @Override + public void createWithMalformedXml(String testName) throws Exception { + } + + @Override + public void createWithWrongXmlSchema(String testName) throws Exception { + } + + // --------------------------------------------------------------- + // CRUD tests : READ tests + // --------------------------------------------------------------- + // Success outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"create"}) + public void read(String testName) throws Exception { + + // Perform setup. + setupRead(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.read(knownResourceId); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + Role output = (Role) res.getEntity(); + Assert.assertNotNull(output); + } + + // Failure outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"read"}) + public void readNonExistent(String testName) throws Exception { + + // Perform setup. + setupReadNonExistent(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.read(NON_EXISTENT_ID); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } + + // --------------------------------------------------------------- + // CRUD tests : READ_LIST tests + // --------------------------------------------------------------- + // Success outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"createList", "read"}) + public void readList(String testName) throws Exception { + + // Perform setup. + setupReadList(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.readList(); + RolesList list = res.getEntity(); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + // Optionally output additional data about list members for debugging. + boolean iterateThroughList = true; + if (iterateThroughList && logger.isDebugEnabled()) { + printList(testName, list); + } + } + + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"createList", "read"}) + public void searchRoleName(String testName) throws Exception { + + // Perform setup. + setupReadList(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.readSearchList("movingImage"); + RolesList list = res.getEntity(); + int statusCode = res.getStatus(); + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + int EXPECTED_ITEMS = 1; + if (logger.isDebugEnabled()) { + logger.debug(testName + ": received = " + list.getRoles().size() + + " expected=" + EXPECTED_ITEMS); + } + Assert.assertEquals(EXPECTED_ITEMS, list.getRoles().size()); + // Optionally output additional data about list members for debugging. + boolean iterateThroughList = true; + if (iterateThroughList && logger.isDebugEnabled()) { + printList(testName, list); + } + } + + // Failure outcomes + // None at present. + // --------------------------------------------------------------- + // CRUD tests : UPDATE tests + // --------------------------------------------------------------- + // Success outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"read", "readList", "readNonExistent"}) + public void update(String testName) throws Exception { + + // Perform setup. + setupUpdate(testName); + + + ClientResponse res = + client.read(knownResourceId); + if (logger.isDebugEnabled()) { + logger.debug(testName + ": read status = " + res.getStatus()); + } + Assert.assertEquals(res.getStatus(), EXPECTED_STATUS_CODE); + + if (logger.isDebugEnabled()) { + logger.debug("got object to update with ID: " + knownResourceId); + } + Role toUpdateRole = + (Role) res.getEntity(); + Assert.assertNotNull(toUpdateRole); + + // Update the content of this resource. + toUpdateRole.setRoleName("updated-" + toUpdateRole.getRoleName()); + if (logger.isDebugEnabled()) { + logger.debug("updated object"); + logger.debug(objectAsXmlString(toUpdateRole, + Role.class)); + } + + // Submit the request to the service and store the response. + res = client.update(knownResourceId, toUpdateRole); + int statusCode = res.getStatus(); + // Check the status code of the response: does it match the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + + + Role updatedRole = (Role) res.getEntity(); + Assert.assertNotNull(updatedRole); + + Assert.assertEquals(updatedRole.getRoleName(), + toUpdateRole.getRoleName(), + "Data in updated object did not match submitted data."); + } + + // Failure outcomes + // Placeholders until the three tests below can be uncommented. + // See Issue CSPACE-401. + @Override + public void updateWithEmptyEntityBody(String testName) throws Exception { + } + + @Override + public void updateWithMalformedXml(String testName) throws Exception { + } + + @Override + public void updateWithWrongXmlSchema(String testName) throws Exception { + } + + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"readNonExistent", "testSubmitRequest"}) + public void updateNonExistent(String testName) throws Exception { + + // Perform setup. + setupUpdateNonExistent(testName); + + // Submit the request to the service and store the response. + // + // Note: The ID used in this 'create' call may be arbitrary. + // The only relevant ID may be the one used in updateRole(), below. + Role role = createRoleInstance("ROLE_XXX", + "xxx", + true); + ClientResponse res = + client.update(NON_EXISTENT_ID, role); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } + + // --------------------------------------------------------------- + // CRUD tests : DELETE tests + // --------------------------------------------------------------- + // Success outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"testSubmitRequest"}) + public void delete(String testName) throws Exception { + + // Perform setup. + setupDelete(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.delete(knownResourceId); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } + + // Failure outcomes + @Override + @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class, + dependsOnMethods = {"delete"}) + public void deleteNonExistent(String testName) throws Exception { + + // Perform setup. + setupDeleteNonExistent(testName); + + // Submit the request to the service and store the response. + ClientResponse res = client.delete(NON_EXISTENT_ID); + int statusCode = res.getStatus(); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug(testName + ": status = " + statusCode); + } + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } + + // --------------------------------------------------------------- + // Utility tests : tests of code used in tests above + // --------------------------------------------------------------- + /** + * Tests the code for manually submitting data that is used by several + * of the methods above. + */ + @Test(dependsOnMethods = {"create", "read"}) + public void testSubmitRequest() throws Exception { + + // Expected status code: 200 OK + final int EXPECTED_STATUS = Response.Status.OK.getStatusCode(); + + // Submit the request to the service and store the response. + String method = ServiceRequestType.READ.httpMethodName(); + String url = getResourceURL(knownResourceId); + int statusCode = submitRequest(method, url); + + // Check the status code of the response: does it match + // the expected response(s)? + if (logger.isDebugEnabled()) { + logger.debug("testSubmitRequest: url=" + url + + " status=" + statusCode); + } + Assert.assertEquals(statusCode, EXPECTED_STATUS); + + } + + // --------------------------------------------------------------- + // Utility methods used by tests above + // --------------------------------------------------------------- + /** + * create role instance + * @param roleName + * @param description + * @param useRoleName + * @return + */ + private Role createRoleInstance(String roleName, + String description, + boolean useRoleName) { + + Role role = new Role(); + if (useRoleName) { + role.setRoleName(roleName); + } + + if (logger.isDebugEnabled()) { + logger.debug("to be created, role common"); + logger.debug(objectAsXmlString(role, Role.class)); + } + return role; + + } + + @AfterClass(alwaysRun = true) + public void cleanUp() { + setupDelete("delete"); + if (logger.isDebugEnabled()) { + logger.debug("Cleaning up temporary resources created for testing ..."); + } + for (String resourceId : allResourceIdsCreated) { + // Note: Any non-success responses are ignored and not reported. + ClientResponse res = client.delete(resourceId); + int statusCode = res.getStatus(); + Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode), + invalidStatusCodeMessage(REQUEST_TYPE, statusCode)); + Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE); + } + } + + private int printList(String testName, RolesList list) { + + int i = 0; + + for (Role role : list.getRoles()) { + logger.debug(testName + " role csid=" + role.getCsid() + + " name=" + role.getRoleName() + + " desc=" + role.getDescription()); + i++; + } + return i; + } +} diff --git a/services/authorization-mgt/client/src/test/resources/log4j.properties b/services/authorization-mgt/client/src/test/resources/log4j.properties new file mode 100644 index 000000000..f9c47870a --- /dev/null +++ b/services/authorization-mgt/client/src/test/resources/log4j.properties @@ -0,0 +1,25 @@ +log4j.rootLogger=debug, stdout, R + +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout + +# Pattern to output the caller's file name and line number. +log4j.appender.stdout.layout.ConversionPattern=%d %-5p [%t] [%c:%L] %m%n + +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=target/test-client.log + +log4j.appender.R.MaxFileSize=100KB +# Keep one backup file +log4j.appender.R.MaxBackupIndex=1 + +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%d %-5p [%t] [%c:%L] %m%n + +#packages +log4j.logger.org.collectionspace=DEBUG +log4j.logger.org.apache=INFO +log4j.logger.httpclient=INFO +log4j.logger.org.jboss.resteasy=INFO +log4j.logger.org.hibernate=INFO +log4j.logger.org.hibernate.cfg=WARN diff --git a/services/authorization-mgt/pom.xml b/services/authorization-mgt/pom.xml new file mode 100644 index 000000000..747058d5a --- /dev/null +++ b/services/authorization-mgt/pom.xml @@ -0,0 +1,18 @@ + + + 4.0.0 + + org.collectionspace.services.main + org.collectionspace.services + 0.6-SNAPSHOT + + org.collectionspace.services + org.collectionspace.services.authorization-mgt + services.authorization-mgt + pom + http://www.collectionspace.org + + service + client + + diff --git a/services/authorization-mgt/service/build.xml b/services/authorization-mgt/service/build.xml new file mode 100644 index 000000000..11b3ee137 --- /dev/null +++ b/services/authorization-mgt/service/build.xml @@ -0,0 +1,132 @@ + + + + collectionspace authorization service + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/services/authorization-mgt/service/pom.xml b/services/authorization-mgt/service/pom.xml new file mode 100644 index 000000000..97e0ad3c7 --- /dev/null +++ b/services/authorization-mgt/service/pom.xml @@ -0,0 +1,190 @@ + + + 4.0.0 + + org.collectionspace.services.authorization-mgt + org.collectionspace.services + 0.6-SNAPSHOT + + org.collectionspace.services + org.collectionspace.services.authorization-mgt.service + jar + services.authorization-mgt.service + http://www.collectionspace.org + + + 4.2.3.GA + 3.0 + UTF-8 + 3.0.0.RELEASE + 3.0.2.RELEASE + + + + + + + + + commons-logging + commons-logging + 1.1.1 + + + log4j + log4j + 1.2.14 + provided + + + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + + + junit + junit + 4.1 + test + + + org.testng + testng + 5.6 + test + + + + javax.security + jaas + 1.0.01 + provided + + + + + org.jboss.logging + jboss-logging-log4j + 2.1.0.GA + + + jboss + jbosssx + 4.2.3.GA + provided + + + org.jboss.resteasy + resteasy-jaxrs + 1.1.GA + + + tjws + webserver + + + + + org.jboss.resteasy + resteasy-jaxb-provider + 1.1.GA + + + org.jboss.resteasy + resteasy-multipart-provider + 1.1.GA + + + + + org.springframework.security + spring-security-core + ${spring.security.version} + provided + + + org.springframework.security + spring-security-config + ${spring.security.version} + provided + + + org.springframework.security + spring-security-acl + ${spring.security.version} + provided + + + org.springframework.security + spring-security-web + ${spring.security.version} + provided + + + org.springframework + spring-context + ${spring.version} + provided + + + org.springframework + spring-context-support + ${spring.version} + provided + + + org.springframework + spring-aop + ${spring.version} + provided + + + aopalliance + aopalliance + 1.0 + provided + + + + net.sf.ehcache + ehcache + 1.6.2 + true + + + + + org.collectionspace.services + org.collectionspace.services.authorization.jaxb + ${project.version} + + + org.collectionspace.services + org.collectionspace.services.authorization.service + ${project.version} + provided + + + org.collectionspace.services + org.collectionspace.services.common + ${project.version} + + + + + collectionspace-services-authz-mgt + + + + + diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java new file mode 100644 index 000000000..67edf0acb --- /dev/null +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/RoleResource.java @@ -0,0 +1,291 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.collectionspace.services.authorization; + +import javax.ws.rs.Consumes; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.DELETE; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.PathParam; +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MultivaluedMap; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriBuilder; +import javax.ws.rs.core.UriInfo; + +import org.collectionspace.services.common.AbstractCollectionSpaceResourceImpl; +import org.collectionspace.services.common.context.RemoteServiceContextImpl; +import org.collectionspace.services.common.context.ServiceContext; +import org.collectionspace.services.common.document.BadRequestException; +import org.collectionspace.services.common.document.DocumentFilter; +import org.collectionspace.services.common.document.DocumentNotFoundException; +import org.collectionspace.services.common.document.DocumentHandler; +import org.collectionspace.services.common.security.UnauthorizedException; +import org.collectionspace.services.common.storage.StorageClient; +import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl; +import org.jboss.resteasy.util.HttpResponseCodes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +@Path("/authorization/roles") +@Consumes("application/xml") +@Produces("application/xml") +public class RoleResource + extends AbstractCollectionSpaceResourceImpl { + + final private String serviceName = "authorization/roles"; + final Logger logger = LoggerFactory.getLogger(RoleResource.class); + final StorageClient storageClient = new JpaStorageClientImpl(); + + @Override + protected String getVersionString() { + /** The last change revision. */ + final String lastChangeRevision = "$LastChangedRevision: 1165 $"; + return lastChangeRevision; + } + + @Override + public String getServiceName() { + return serviceName; + } + + private ServiceContext createServiceContext(T obj) throws Exception { + ServiceContext ctx = new RemoteServiceContextImpl(getServiceName()); + ctx.setInput(obj); + ctx.setDocumentType(Role.class.getPackage().getName()); //persistence unit + ctx.setProperty("entity-name", Role.class.getName()); + return ctx; + } + + @Override + public StorageClient getStorageClient(ServiceContext ctx) { + //FIXME use ctx to identify storage client + return storageClient; + } + + @Override + public DocumentHandler createDocumentHandler(ServiceContext ctx) throws Exception { + DocumentHandler docHandler = ctx.getDocumentHandler(); + docHandler.setCommonPart(ctx.getInput()); + return docHandler; + } + + @POST + public Response createRole(Role input) { + try { + ServiceContext ctx = createServiceContext(input); + DocumentHandler handler = createDocumentHandler(ctx); + String csid = getStorageClient(ctx).create(ctx, handler); + UriBuilder path = UriBuilder.fromResource(RoleResource.class); + path.path("" + csid); + Response response = Response.created(path.build()).build(); + return response; + } catch (BadRequestException bre) { + Response response = Response.status( + Response.Status.BAD_REQUEST).entity("Create failed reason " + bre.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Create failed reason " + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("Caught exception in createRole", e); + } + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity("Create failed").type("text/plain").build(); + throw new WebApplicationException(response); + } + } + + @GET + @Path("{csid}") + public Role getRole( + @PathParam("csid") String csid) { + if (logger.isDebugEnabled()) { + logger.debug("getRole with csid=" + csid); + } + if (csid == null || "".equals(csid)) { + logger.error("getRole: missing csid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + "get failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + Role result = null; + try { + ServiceContext ctx = createServiceContext((Role) null); + DocumentHandler handler = createDocumentHandler(ctx); + getStorageClient(ctx).get(ctx, csid, handler); + result = (Role) ctx.getOutput(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Get failed reason " + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("getRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + "Get failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("getRole", e); + } + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity("Get failed").type("text/plain").build(); + throw new WebApplicationException(response); + } + + if (result == null) { + Response response = Response.status(Response.Status.NOT_FOUND).entity( + "Get failed, the requested Role CSID:" + csid + ": was not found.").type( + "text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + @GET + @Produces("application/xml") + public RolesList getRoleList( + @Context UriInfo ui) { + RolesList roleList = new RolesList(); + try { + ServiceContext ctx = createServiceContext((RolesList) null); + DocumentHandler handler = createDocumentHandler(ctx); + MultivaluedMap queryParams = ui.getQueryParameters(); + DocumentFilter myFilter = handler.createDocumentFilter(ctx); + myFilter.setPagination(queryParams); + myFilter.setQueryParams(queryParams); + handler.setDocumentFilter(myFilter); + getStorageClient(ctx).getFiltered(ctx, handler); + roleList = (RolesList) handler.getCommonPartList(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Index failed reason " + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + + } catch (Exception e) { + if (logger.isDebugEnabled()) { + logger.debug("Caught exception in getRoleList", e); + } + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity("Index failed").type("text/plain").build(); + throw new WebApplicationException(response); + } + return roleList; + } + + @PUT + @Path("{csid}") + public Role updateRole( + @PathParam("csid") String csid, + Role theUpdate) { + if (logger.isDebugEnabled()) { + logger.debug("updateRole with csid=" + csid); + } + if (csid == null || "".equals(csid)) { + logger.error("updateRole: missing csid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + "update failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + Role result = null; + try { + ServiceContext ctx = createServiceContext(theUpdate); + DocumentHandler handler = createDocumentHandler(ctx); + getStorageClient(ctx).update(ctx, csid, handler); + result = (Role) ctx.getOutput(); + } catch (BadRequestException bre) { + Response response = Response.status( + Response.Status.BAD_REQUEST).entity("Update failed reason " + bre.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Update failed reason " + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caugth exception in updateRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + "Update failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity("Update failed").type("text/plain").build(); + throw new WebApplicationException(response); + } + return result; + } + + @DELETE + @Path("{csid}") + public Response deleteRole(@PathParam("csid") String csid) { + + if (logger.isDebugEnabled()) { + logger.debug("deleteRole with csid=" + csid); + } + if (csid == null || "".equals(csid)) { + logger.error("deleteRole: missing csid!"); + Response response = Response.status(Response.Status.BAD_REQUEST).entity( + "delete failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } + try { + ServiceContext ctx = createServiceContext((Role) null); + getStorageClient(ctx).delete(ctx, csid); + return Response.status(HttpResponseCodes.SC_OK).build(); + } catch (UnauthorizedException ue) { + Response response = Response.status( + Response.Status.UNAUTHORIZED).entity("Delete failed reason " + ue.getErrorReason()).type("text/plain").build(); + throw new WebApplicationException(response); + + } catch (DocumentNotFoundException dnfe) { + if (logger.isDebugEnabled()) { + logger.debug("caught exception in deleteRole", dnfe); + } + Response response = Response.status(Response.Status.NOT_FOUND).entity( + "Delete failed on Role csid=" + csid).type( + "text/plain").build(); + throw new WebApplicationException(response); + } catch (Exception e) { + Response response = Response.status( + Response.Status.INTERNAL_SERVER_ERROR).entity("Delete failed").type("text/plain").build(); + throw new WebApplicationException(response); + } + + } +} diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java new file mode 100644 index 000000000..b0667ee2f --- /dev/null +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleDocumentHandler.java @@ -0,0 +1,152 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.collectionspace.services.authorization.storage; + +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; + +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.authorization.RolesList; +import org.collectionspace.services.common.context.ServiceContext; + +import org.collectionspace.services.common.document.AbstractDocumentHandlerImpl; +import org.collectionspace.services.common.document.DocumentFilter; +import org.collectionspace.services.common.document.DocumentWrapper; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Document handler for Role + * @author + */ +public class RoleDocumentHandler + extends AbstractDocumentHandlerImpl { + + private final Logger logger = LoggerFactory.getLogger(RoleDocumentHandler.class); + private Role role; + private RolesList rolesList; + + @Override + public void handleCreate(DocumentWrapper wrapDoc) throws Exception { + String id = UUID.randomUUID().toString(); + Role role = wrapDoc.getWrappedObject(); + role.setCsid(id); + } + + @Override + public void handleUpdate(DocumentWrapper wrapDoc) throws Exception { + } + + @Override + public void completeUpdate(DocumentWrapper wrapDoc) throws Exception { + Role upAcc = wrapDoc.getWrappedObject(); + getServiceContext().setOutput(role); + sanitize(upAcc); + } + + @Override + public void handleGet(DocumentWrapper wrapDoc) throws Exception { + setCommonPart(extractCommonPart(wrapDoc)); + sanitize(getCommonPart()); + getServiceContext().setOutput(role); + } + + @Override + public void handleGetAll(DocumentWrapper wrapDoc) throws Exception { + RolesList rolesList = extractCommonPartList(wrapDoc); + setCommonPartList(rolesList); + getServiceContext().setOutput(getCommonPartList()); + } + + @Override + public Role extractCommonPart( + DocumentWrapper wrapDoc) + throws Exception { + return wrapDoc.getWrappedObject(); + } + + @Override + public void fillCommonPart(Role obj, DocumentWrapper wrapDoc) + throws Exception { + throw new UnsupportedOperationException("operation not relevant for AccountDocumentHandler"); + } + + @Override + public RolesList extractCommonPartList( + DocumentWrapper wrapDoc) + throws Exception { + + RolesList rolesList = new RolesList(); + List list = new ArrayList(); + rolesList.setRoles(list); + for (Object obj : wrapDoc.getWrappedObject()) { + Role role = (Role) obj; + list.add(role); + } + return rolesList; + } + + @Override + public Role getCommonPart() { + return role; + } + + @Override + public void setCommonPart(Role role) { + this.role = role; + } + + @Override + public RolesList getCommonPartList() { + return rolesList; + } + + @Override + public void setCommonPartList(RolesList rolesList) { + this.rolesList = rolesList; + } + + @Override + public String getQProperty( + String prop) { + return null; + } + + @Override + public DocumentFilter createDocumentFilter(ServiceContext ctx) { + DocumentFilter filter = new RoleJpaFilter(); + filter.setPageSize( + ctx.getServiceBindingPropertyValue( + DocumentFilter.PAGE_SIZE_DEFAULT_PROPERTY)); + return filter; + } + + /** + * sanitize removes data not needed to be sent to the consumer + * @param role + */ + private void sanitize(Role role) { + } +} diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java new file mode 100644 index 000000000..51c2028f2 --- /dev/null +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleJpaFilter.java @@ -0,0 +1,100 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *//** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.collectionspace.services.authorization.storage; + +import java.util.ArrayList; +import java.util.List; +import org.collectionspace.services.common.storage.jpa.JpaDocumentFilter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * RoleJpaFilter is to build where clause for role queries + * @author + */ +public class RoleJpaFilter extends JpaDocumentFilter { + + private final Logger logger = LoggerFactory.getLogger(RoleJpaFilter.class); + + @Override + public List buildWhereForSearch(StringBuilder queryStrBldr) { + + List paramList = new ArrayList(); + boolean hasWhere = false; + //TODO: add tenant id + + String roleName = null; + List rn = getQueryParam(RoleStorageConstants.Q_ROLE_NAME); + if (rn != null) { + roleName = rn.get(0); + } + if (null != roleName && !roleName.isEmpty()) { + hasWhere = true; + queryStrBldr.append(" WHERE"); + queryStrBldr.append(" UPPER(a." + RoleStorageConstants.ROLE_NAME + ")"); + queryStrBldr.append(" LIKE"); + queryStrBldr.append(" :" + RoleStorageConstants.Q_ROLE_NAME); + paramList.add(new ParamBinding(RoleStorageConstants.Q_ROLE_NAME, "%" + + roleName.toUpperCase() + "%")); + } + + if (logger.isDebugEnabled()) { + String query = queryStrBldr.toString(); + logger.debug("query=" + query); + } + + return paramList; + } + + @Override + public List buildWhere(StringBuilder queryStrBldr) { + return new ArrayList(); + } +} diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleStorageConstants.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleStorageConstants.java new file mode 100644 index 000000000..4ee7dfec6 --- /dev/null +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleStorageConstants.java @@ -0,0 +1,63 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *//** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package org.collectionspace.services.authorization.storage; + +/** + * RoleStorageConstants declares query params, etc. + * @author + */ +public class RoleStorageConstants { + + final public static String Q_ROLE_NAME = "r"; + + final public static String ROLE_NAME = "roleName"; + +} diff --git a/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleValidatorHandler.java b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleValidatorHandler.java new file mode 100644 index 000000000..fcf288797 --- /dev/null +++ b/services/authorization-mgt/service/src/main/java/org/collectionspace/services/authorization/storage/RoleValidatorHandler.java @@ -0,0 +1,105 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *//** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + + * http://www.collectionspace.org + * http://wiki.collectionspace.org + + * Copyright 2009 University of California at Berkeley + + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + + * You may obtain a copy of the ECL 2.0 License at + + * https://source.collectionspace.org/collection-space/LICENSE.txt + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.collectionspace.services.authorization.storage; + +import org.collectionspace.services.authorization.Role; +import org.collectionspace.services.common.context.ServiceContext; +import org.collectionspace.services.common.document.DocumentHandler.Action; +import org.collectionspace.services.common.document.InvalidDocumentException; +import org.collectionspace.services.common.document.ValidatorHandler; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * RoleValidatorHandler executes validation rules for role + * @author + */ +public class RoleValidatorHandler implements ValidatorHandler { + + final Logger logger = LoggerFactory.getLogger(RoleValidatorHandler.class); + + @Override + public void validate(Action action, ServiceContext ctx) + throws InvalidDocumentException { + if (logger.isDebugEnabled()) { + logger.debug("validate() action=" + action.name()); + } + try { + Role role = (Role) ctx.getInput(); + StringBuilder msgBldr = new StringBuilder("validate() "); + boolean invalid = false; + + if (action.equals(Action.CREATE)) { + + //create specific validation here + if (role.getRoleName() == null || role.getRoleName().isEmpty()) { + invalid = true; + msgBldr.append("\nroleName : missing"); + } + } else if (action.equals(Action.UPDATE)) { + //update specific validation here + if (role.getRoleName() != null && role.getRoleName().isEmpty()) { + invalid = true; + msgBldr.append("\nroleName : cannot be changed!"); + } + } + if (invalid) { + String msg = msgBldr.toString(); + logger.error(msg); + throw new InvalidDocumentException(msg); + } + } catch (InvalidDocumentException ide) { + throw ide; + } catch (Exception e) { + throw new InvalidDocumentException(e); + } + } + +} diff --git a/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/package.html b/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/package.html new file mode 100644 index 000000000..3c8c3d25a --- /dev/null +++ b/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/package.html @@ -0,0 +1,52 @@ + + + + + + + + + Provides classes and interfaces for CollectionSpace Authorization Management Service. + These includes JAVA XML bindings, RESTful web service resource and + persistence management. + +

Package Specification

+ + +
    +
  • +
+ +

Related Documentation

+ + For overviews, tutorials, examples, guides, and tool documentation, please see: +
    +
  • +
+ + + + + diff --git a/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage/package.html b/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage/package.html new file mode 100644 index 000000000..9f0567a9a --- /dev/null +++ b/services/authorization-mgt/service/src/main/javadoc/org/collectionspace/services/authorization/storage/package.html @@ -0,0 +1,50 @@ + + + + + + + + Provides classes and interfaces for persistence management for + CollectionSpace Authorization Management Service. + +

Package Specification

+ + +
    +
  • +
+ +

Related Documentation

+ + For overviews, tutorials, examples, guides, and tool documentation, please see: +
    +
  • +
+ + + + + diff --git a/services/authorization-mgt/service/src/main/javadoc/overview.html b/services/authorization-mgt/service/src/main/javadoc/overview.html new file mode 100644 index 000000000..0c1e9a96c --- /dev/null +++ b/services/authorization-mgt/service/src/main/javadoc/overview.html @@ -0,0 +1,40 @@ + + + + + + Authorization Management Service Overview + + + This document describes the source code of the CollectionSpace + Authorization Management Service, a.k.a (Roles and Permissions Management) +
+ It includes the classes and interfaces for the following. +
+ - Java XML bindings for role, permission, roles_permissions, users_roles + - Service side source including RESTful web service resources for role, + permission, roles_permissions, users_roles and their persistence management + + \ No newline at end of file diff --git a/services/authorization/jaxb/src/main/resources/roles.xsd b/services/authorization/jaxb/src/main/resources/roles.xsd index b29c53b0f..ddf75ef02 100644 --- a/services/authorization/jaxb/src/main/resources/roles.xsd +++ b/services/authorization/jaxb/src/main/resources/roles.xsd @@ -13,42 +13,38 @@ - - - - - - - - - - - role list - - - - - + + + + + + + + + + Role definition in CollectionSpace @@ -72,20 +68,20 @@ - + - + - + - + @@ -119,7 +115,5 @@ - - diff --git a/services/authorization/jaxb/src/main/resources/roles_list.xsd b/services/authorization/jaxb/src/main/resources/roles_list.xsd new file mode 100644 index 000000000..6a038ddc0 --- /dev/null +++ b/services/authorization/jaxb/src/main/resources/roles_list.xsd @@ -0,0 +1,56 @@ + + + + + + + + + + + + + + + + + + + + role list + + + + + + + + diff --git a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql index e3d6a60ae..f4c7e6aac 100644 --- a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql +++ b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql @@ -1,12 +1,12 @@ -alter table permissions_actions drop foreign key FK85F8204295972CE9; +alter table permissions_actions drop foreign key FK85F82042E2DC84FD; drop table if exists permissions; drop table if exists permissions_actions; drop table if exists permissions_roles; drop table if exists roles; drop table if exists users_roles; create table permissions (csid varchar(128) not null, attribute_name varchar(128), created_at datetime not null, description varchar(255), effect varchar(32) not null, resource_name varchar(128) not null, updated_at datetime, primary key (csid)); -create table permissions_actions (HJID bigint not null auto_increment, name varchar(128) not null, ACTION__PERMISSION_CSID varchar(128), primary key (HJID)); +create table permissions_actions (HJID bigint not null auto_increment, name varchar(128) not null, ACTIONS_PERMISSION_CSID varchar(128), primary key (HJID)); create table permissions_roles (HJID bigint not null auto_increment, created_at datetime not null, permission_id varchar(128) not null, role_id varchar(128) not null, updated_at datetime, primary key (HJID), unique (permission_id, role_id)); -create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), rolegroup varchar(255) not null, rolename varchar(200) not null, updated_at datetime, primary key (csid), unique (rolename)); +create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), rolegroup varchar(255), rolename varchar(200) not null, updated_at datetime, primary key (csid), unique (rolename)); create table users_roles (HJID bigint not null auto_increment, created_at datetime not null, role_id varchar(128) not null, updated_at datetime, username varchar(128) not null, primary key (HJID), unique (username, role_id)); -alter table permissions_actions add index FK85F8204295972CE9 (ACTION__PERMISSION_CSID), add constraint FK85F8204295972CE9 foreign key (ACTION__PERMISSION_CSID) references permissions (csid); +alter table permissions_actions add index FK85F82042E2DC84FD (ACTIONS_PERMISSION_CSID), add constraint FK85F82042E2DC84FD foreign key (ACTIONS_PERMISSION_CSID) references permissions (csid); diff --git a/services/authorization/service/pom.xml b/services/authorization/service/pom.xml index aa2c14057..8537fe960 100644 --- a/services/authorization/service/pom.xml +++ b/services/authorization/service/pom.xml @@ -78,6 +78,7 @@ jboss jbosssx 4.2.3.GA + provided diff --git a/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java b/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java index d9caba470..13547bb76 100644 --- a/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java +++ b/services/authorization/service/src/main/java/org/collectionspace/services/authorization/AuthZ.java @@ -117,7 +117,7 @@ public class AuthZ { //FIXME should use role name principals.add(permRole.getRoleId()); } - List permActions = perm.getAction(); + List permActions = perm.getActions(); for (PermissionAction permAction : permActions) { URIResourceImpl uriRes = new URIResourceImpl(perm.getResourceName(), permAction.getName()); diff --git a/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGenTest.java b/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGenTest.java index 50fb55ae6..3896e8297 100644 --- a/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGenTest.java +++ b/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationGenTest.java @@ -69,7 +69,7 @@ public class AuthorizationGenTest extends AbstractAuthorizationTestImpl { public void genPermissions() { PermissionsList pcList = new PermissionsList(); ArrayList apcList = new ArrayList(); - pcList.setPermission(apcList); + pcList.setPermissions(apcList); Permission accPerm = buildCommonPermission("1", "accounts"); apcList.add(accPerm); @@ -86,7 +86,7 @@ public class AuthorizationGenTest extends AbstractAuthorizationTestImpl { perm.setEffect(EffectType.PERMIT); ArrayList pas = new ArrayList(); - perm.setAction(pas); + perm.setActions(pas); PermissionAction pa = new PermissionAction(); pa.setName(ActionType.CREATE); @@ -108,7 +108,7 @@ public class AuthorizationGenTest extends AbstractAuthorizationTestImpl { PermissionsRolesList psrsl = new PermissionsRolesList(); ArrayList prl = buildCommonPermissionRoles("1"); prl.addAll(buildCommonPermissionRoles("2")); - psrsl.setPermissionRole(prl); + psrsl.setPermissionRoles(prl); toFile(psrsl, PermissionsRolesList.class, "./target/test-permissions-roles.xml"); } diff --git a/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java b/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java index 7e2b9236a..63781455c 100644 --- a/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java +++ b/services/authorization/service/src/test/java/org/collectionspace/services/authorization/test/AuthorizationSeedTest.java @@ -95,7 +95,7 @@ public class AuthorizationSeedTest extends AbstractAuthorizationTestImpl { "./test-data/test-permissions-roles.xml"); AuthZ authZ = AuthZ.get(); - for (Permission p : pcList.getPermission()) { + for (Permission p : pcList.getPermissions()) { if (logger.isDebugEnabled()) { logger.debug("adding permission for res=" + p.getResourceName()); } @@ -106,7 +106,7 @@ public class AuthorizationSeedTest extends AbstractAuthorizationTestImpl { private List getPermissionRoles(PermissionsRolesList pcrList, String permId) { List prList = new ArrayList(); - for (PermissionRole pr : pcrList.getPermissionRole()) { + for (PermissionRole pr : pcrList.getPermissionRoles()) { if (pr.getPermissionId().equals(permId)) { prList.add(pr); } diff --git a/services/common/src/main/config/services/tenant-bindings.xml b/services/common/src/main/config/services/tenant-bindings.xml index aa20f0693..83f3d7fc6 100644 --- a/services/common/src/main/config/services/tenant-bindings.xml +++ b/services/common/src/main/config/services/tenant-bindings.xml @@ -5,11 +5,11 @@ Description: tenant bindings --> + xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' + xmlns:tenant='http://collectionspace.org/services/common/tenant' + xmlns:types='http://collectionspace.org/services/common/types' + xsi:schemaLocation='http://collectionspace.org/services/common/tenant http://collectionspace.org/services/common/tenant.xsd' + > @@ -40,11 +40,11 @@ versionable="true" auditable="false" label="collectionobjects_common" updated="" order="1"> - authRefcontentOrganization - authRefcontentPeople - authRefcontentPerson - authRefinscriber - + authRefcontentOrganization + authRefcontentPeople + authRefcontentPerson + authRefinscriber + - authRefcurrentOwner - authRefdepositor - authRefconditionCheckAssesor - authRefinsurer - authReffieldCollector - authRefvaluer - + authRefcurrentOwner + authRefdepositor + authRefconditionCheckAssesor + authRefinsurer + authReffieldCollector + authRefvaluer + - + authReflendersAuthorizer authReflendersContact authRefloanInContact - + - authRefacquisitionAuthorizer - authRefacquisitionFundingSource - - authReffieldCollector - - + authRefacquisitionAuthorizer + authRefacquisitionFundingSource + + authReffieldCollector + + @@ -472,7 +472,7 @@ + schemaLocation="http://collectionspace.org/services/account http://collectionspace.org/services/account/accounts_common.xsd"> @@ -545,6 +545,39 @@ + + + + org.collectionspace.services.authorization.storage.RoleDocumentHandler + + + org.collectionspace.services.authorization.storage.RoleValidatorHandler + + + + + + + + + + + + + + + + + diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java index 423f3a144..6fcb2b577 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageClientImpl.java @@ -19,6 +19,7 @@ package org.collectionspace.services.common.storage.jpa; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.util.Date; import java.util.List; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; @@ -43,6 +44,36 @@ import org.slf4j.LoggerFactory; * It uses @see DocumentHandler as IOHandler with the client. * All the operations in this client are carried out under their own transactions. * A call to any method would start and commit/rollback a transaction. + * + * Assumption: each persistent entity has the following 3 attributes + + + + + + + + + + + + + + + + + + + + + + + + + + + + * * $LastChangedRevision: $ $LastChangedDate: $ */ @@ -83,6 +114,7 @@ public class JpaStorageClientImpl implements StorageClient { Object entity = handler.getCommonPart(); DocumentWrapper wrapDoc = new DocumentWrapperImpl(entity); handler.handle(Action.CREATE, wrapDoc); + setValue(entity, "setCreatedAtItem", Date.class, new Date()); emf = getEntityManagerFactory(); em = emf.createEntityManager(); em.getTransaction().begin(); @@ -90,6 +122,11 @@ public class JpaStorageClientImpl implements StorageClient { em.getTransaction().commit(); handler.complete(Action.CREATE, wrapDoc); return (String) getValue(entity, "getCsid"); + } catch (BadRequestException bre) { + if (em != null && em.getTransaction().isActive()) { + em.getTransaction().rollback(); + } + throw bre; } catch (DocumentException de) { throw de; } catch (Exception e) { @@ -288,6 +325,7 @@ public class JpaStorageClientImpl implements StorageClient { handler.prepare(Action.UPDATE); Object entity = handler.getCommonPart(); setCsid(entity, id); + setValue(entity, "setUpdatedAtItem", Date.class, new Date()); DocumentWrapper wrapDoc = new DocumentWrapperImpl(entity); handler.handle(Action.UPDATE, wrapDoc); emf = getEntityManagerFactory(); @@ -305,6 +343,11 @@ public class JpaStorageClientImpl implements StorageClient { em.merge(entity); em.getTransaction().commit(); handler.complete(Action.UPDATE, wrapDoc); + } catch (BadRequestException bre) { + if (em != null && em.getTransaction().isActive()) { + em.getTransaction().rollback(); + } + throw bre; } catch (DocumentException de) { throw de; } catch (Exception e) { diff --git a/services/common/src/main/svn-commit.tmp~ b/services/common/src/main/svn-commit.tmp~ deleted file mode 100644 index 6990c4d59..000000000 --- a/services/common/src/main/svn-commit.tmp~ +++ /dev/null @@ -1,5 +0,0 @@ - ---This line, and those below, will be ignored-- - -D resources/common.xsd -A resources/system-response.xsd -- 2.47.3