From e2adb2e58bcf50180a2fad3b053ea6c1e0a4e018 Mon Sep 17 00:00:00 2001
From: Sanjay Dalal <sanjay.dalal@berkeley.edu>
Date: Wed, 17 Feb 2010 22:48:30 +0000
Subject: [PATCH] CSPACE-1010 added constraints to account, users and
 users_roles tables. added validation tests to account service client. in case
 of constraint violation (performed by db), 500 is returned instead of 400.
 account,authn poms use consistent mysql jdbc driver version test: account,
 security

M    services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
M    services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
M    services/authentication/pstore/pom.xml
M    services/account/jaxb/src/main/resources/accounts_common.xsd
M    services/account/pstore/src/main/resources/db/mysql/account.sql
M    services/account/pstore/pom.xml
M    services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
---
 .../client/test/AccountServiceTest.java       | 157 ++++++++++++++++--
 .../src/main/resources/accounts_common.xsd    |   6 +-
 services/account/pstore/pom.xml               |   2 +-
 .../src/main/resources/db/mysql/account.sql   |   2 +-
 .../authentication_identity_provider.xsd      |  52 +++---
 services/authentication/pstore/pom.xml        |   2 +-
 .../resources/db/mysql/authentication.sql     |   6 +-
 7 files changed, 182 insertions(+), 45 deletions(-)

diff --git a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
index bdeba004d..4d0f50a41 100644
--- a/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
+++ b/services/account/client/src/test/java/org/collectionspace/services/account/client/test/AccountServiceTest.java
@@ -83,7 +83,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
 
         // Submit the request to the service and store the response.
         AccountsCommon account =
-                createAccountInstance("barney", "hithere08", "barney@dinoland.com", true, true, true);
+                createAccountInstance("barney", "barney", "hithere08", "barney@dinoland.com",
+                true, true, true, true);
         ClientResponse<Response> res = client.create(account);
         int statusCode = res.getStatus();
 
@@ -108,6 +109,48 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         }
     }
 
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+    dependsOnMethods = {"create"})
+    public void createForUniqueUser(String testName) throws Exception {
+
+        setupCreate(testName);
+
+        // Submit the request to the service and store the response.
+        AccountsCommon account =
+                createAccountInstance("barney1", "barney", "hithere08", "barney@dinoland.com",
+                true, true, true, true);
+        ClientResponse<Response> res = client.create(account);
+        int statusCode = res.getStatus();
+
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
+    }
+
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+    dependsOnMethods = {"create"})
+    public void createForUniqueScreenName(String testName) throws Exception {
+
+        setupCreate(testName);
+
+        // Submit the request to the service and store the response.
+        AccountsCommon account =
+                createAccountInstance("barney", "otherUser", "hithere08", "barney@dinoland.com",
+                true, true, true, true);
+        ClientResponse<Response> res = client.create(account);
+        int statusCode = res.getStatus();
+
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
+    }
+
     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
     dependsOnMethods = {"create"})
     public void createWithoutTenant(String testName) throws Exception {
@@ -116,7 +159,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
 
         // Submit the request to the service and store the response.
         AccountsCommon account =
-                createAccountInstance("babybop", "hithere08", "babybop@dinoland.com", false, true, true);
+                createAccountInstance("babybop", "babybop", "hithere08", "babybop@dinoland.com",
+                true, false, true, true);
         ClientResponse<Response> res = client.create(account);
         int statusCode = res.getStatus();
         // Does it exactly match the expected status code?
@@ -137,7 +181,71 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
 
         // Submit the request to the service and store the response.
         AccountsCommon account =
-                createAccountInstance("babybop", "hithere08", "babybop@dinoland.com", true, false, true);
+                createAccountInstance("babybop", "babybop", "hithere08", "babybop@dinoland.com",
+                true, true, false, true);
+        ClientResponse<Response> res = client.create(account);
+        int statusCode = res.getStatus();
+        // Does it exactly match the expected status code?
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+    }
+
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+    dependsOnMethods = {"create"})
+    public void createWithInvalidEmail(String testName) throws Exception {
+
+        setupCreate(testName);
+
+        // Submit the request to the service and store the response.
+        AccountsCommon account =
+                createAccountInstance("babybop", "babybop", "hithere08", "babybop.dinoland.com",
+                true, true, true, true);
+        ClientResponse<Response> res = client.create(account);
+        int statusCode = res.getStatus();
+        // Does it exactly match the expected status code?
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+    }
+
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+    dependsOnMethods = {"create"})
+    public void createWithoutScreenName(String testName) throws Exception {
+
+        setupCreate(testName);
+
+        // Submit the request to the service and store the response.
+        AccountsCommon account =
+                createAccountInstance("babybop", "babybop", "hithere08", "babybop@dinoland.com",
+                false, true, true, true);
+        ClientResponse<Response> res = client.create(account);
+        int statusCode = res.getStatus();
+        // Does it exactly match the expected status code?
+        if (logger.isDebugEnabled()) {
+            logger.debug(testName + ": status = " + statusCode);
+        }
+        Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
+                invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
+        Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
+    }
+
+    @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
+    dependsOnMethods = {"create"})
+    public void createWithMostInvalid(String testName) throws Exception {
+
+        setupCreate(testName);
+
+        // Submit the request to the service and store the response.
+        AccountsCommon account =
+                createAccountInstance("babybop", "babybop", "hithere08", "babybop/dinoland.com",
+                false, false, false, false);
         ClientResponse<Response> res = client.create(account);
         int statusCode = res.getStatus();
         // Does it exactly match the expected status code?
@@ -158,7 +266,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         setupCreate(testName);
         // Submit the request to the service and store the response.
         AccountsCommon account1 =
-                createAccountInstance("curious", "hithere08", "curious@george.com", true, true, true);
+                createAccountInstance("curious", "curious", "hithere08", "curious@george.com",
+                true, true, true, true);
         ClientResponse<Response> res = client.create(account1);
         int statusCode = res.getStatus();
         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
@@ -167,7 +276,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         resource1Id = extractId(res);
 
         AccountsCommon account2 =
-                createAccountInstance("tom", "hithere09", "tom@jerry.com", true, true, true);
+                createAccountInstance("tom", "tom", "hithere09", "tom@jerry.com",
+                true, true, true, true);
         res = client.create(account2);
         statusCode = res.getStatus();
         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
@@ -176,7 +286,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         resource2Id = extractId(res);
 
         AccountsCommon account3 =
-                createAccountInstance("mj", "hithere10", "mj@dinoland.com", true, true, true);
+                createAccountInstance("mj", "mj", "hithere10", "mj@dinoland.com",
+                true, true, true, true);
         res = client.create(account3);
         statusCode = res.getStatus();
         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
@@ -624,7 +735,8 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
         // Note: The ID used in this 'create' call may be arbitrary.
         // The only relevant ID may be the one used in updateAccount(), below.
         AccountsCommon account =
-                createAccountInstance("simba", "tiger", "simba@lionking.com", true, true, true);
+                createAccountInstance("simba", "simba", "tiger", "simba@lionking.com",
+                true, true, true, true);
         ClientResponse<AccountsCommon> res =
                 client.update(NON_EXISTENT_ID, account);
         int statusCode = res.getStatus();
@@ -788,26 +900,35 @@ public class AccountServiceTest extends AbstractServiceTestImpl {
     // ---------------------------------------------------------------
     // Utility methods used by tests above
     // ---------------------------------------------------------------
-    /*
-     * createAccountInstance
-     * @param tenant fillup tenant
-     * @param user to fill up user
-     * @param password to fill up password
+    /**
+     * create account instance
+     * @param screenName
+     * @param userName
+     * @param passwd
+     * @param email
+     * @param useScreenName
+     * @param useTenant
+     * @param useUser
+     * @param usePassword
+     * @return
      */
     private AccountsCommon createAccountInstance(String screenName,
-            String passwd, String email, boolean tenant, boolean user, boolean password) {
+            String userName, String passwd, String email,
+            boolean useScreenName, boolean useTenant, boolean useUser, boolean usePassword) {
 
         AccountsCommon account = new AccountsCommon();
-        account.setScreenName(screenName);
-        if (user) {
-            account.setUserId(screenName);
+        if (useScreenName) {
+            account.setScreenName(screenName);
+        }
+        if (useUser) {
+            account.setUserId(userName);
         }
-        if (password) {
+        if (usePassword) {
             account.setPassword(Base64.encodeBase64(passwd.getBytes()));
         }
         account.setEmail(email);
         account.setPhone("1234567890");
-        if (tenant) {
+        if (useTenant) {
             List<AccountsCommon.Tenant> atl = new ArrayList<AccountsCommon.Tenant>();
             AccountsCommon.Tenant at = new AccountsCommon.Tenant();
             at.setId(UUID.randomUUID().toString());
diff --git a/services/account/jaxb/src/main/resources/accounts_common.xsd b/services/account/jaxb/src/main/resources/accounts_common.xsd
index efc5f0336..33d307939 100644
--- a/services/account/jaxb/src/main/resources/accounts_common.xsd
+++ b/services/account/jaxb/src/main/resources/accounts_common.xsd
@@ -35,7 +35,11 @@
             <xs:annotation>
                 <xs:appinfo>
                     <hj:entity>
-                        <orm:table name="accounts_common"/>
+                        <orm:table name="accounts_common">
+                            <orm:unique-constraint>
+                                <orm:column-name>screen_name</orm:column-name>
+                            </orm:unique-constraint>
+                        </orm:table>
                     </hj:entity>
                 </xs:appinfo>
             </xs:annotation>
diff --git a/services/account/pstore/pom.xml b/services/account/pstore/pom.xml
index 8dcd7084a..bf8f35f7f 100644
--- a/services/account/pstore/pom.xml
+++ b/services/account/pstore/pom.xml
@@ -128,7 +128,7 @@
                             <dependency>
                                 <groupId>mysql</groupId>
                                 <artifactId>mysql-connector-java</artifactId>
-                                <version>5.0.5</version>
+                                <version>5.1.5</version>
                             </dependency>
                         </dependencies>
                     </plugin>
diff --git a/services/account/pstore/src/main/resources/db/mysql/account.sql b/services/account/pstore/src/main/resources/db/mysql/account.sql
index 2f5c9a0b1..b7cebc854 100644
--- a/services/account/pstore/src/main/resources/db/mysql/account.sql
+++ b/services/account/pstore/src/main/resources/db/mysql/account.sql
@@ -1,6 +1,6 @@
 alter table tenants drop foreign key FKAAE82D09C4F08FD6;
 drop table if exists accounts_common;
 drop table if exists tenants;
-create table accounts_common (csid varchar(255) not null, email longtext not null, mobile varchar(255), phone varchar(255), screen_name varchar(128) not null, status varchar(15) not null, userid longtext not null, primary key (csid));
+create table accounts_common (csid varchar(255) not null, email longtext not null, mobile varchar(255), phone varchar(255), screen_name varchar(128) not null, status varchar(15) not null, userid longtext not null, primary key (csid), unique (screen_name));
 create table tenants (HJID bigint not null auto_increment, id varchar(255) not null, name varchar(255) not null, TENANT_ACCOUNTSCOMMON_CSID varchar(255), primary key (HJID));
 alter table tenants add index FKAAE82D09C4F08FD6 (TENANT_ACCOUNTSCOMMON_CSID), add constraint FKAAE82D09C4F08FD6 foreign key (TENANT_ACCOUNTSCOMMON_CSID) references accounts_common (csid);
diff --git a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
index 76eca985b..46e3266ba 100644
--- a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
+++ b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
@@ -2,31 +2,37 @@
 
 <!--
     CollectionSpace default (security) identity provider schema (XSD)
-    
+
     Entity(s)  : users, roles, users_roles
-    Used for: 
-    
+    Used for:
+
     $LastChangedRevision: 916 $
     $LastChangedDate: 2009-11-05 16:59:20 -0800 (Thu, 05 Nov 2009) $
 -->
 
 <xs:schema 
-  xmlns:xs="http://www.w3.org/2001/XMLSchema"
-  xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
-  xmlns:hj="http://hyperjaxb3.jvnet.org/ejb/schemas/customizations"
-  xmlns:orm="http://java.sun.com/xml/ns/persistence/orm"
-  xmlns:ns="http://collectionspace.org/servics/authentication"
-  xmlns="http://collectionspace.org/services/authentication"
-  targetNamespace="http://collectionspace.org/services/authentication"
-  version="0.1"
-  jaxb:extensionBindingPrefixes="hj orm"
->
+    xmlns:xs="http://www.w3.org/2001/XMLSchema"
+    xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
+    xmlns:hj="http://hyperjaxb3.jvnet.org/ejb/schemas/customizations"
+    xmlns:orm="http://java.sun.com/xml/ns/persistence/orm"
+    xmlns:ns="http://collectionspace.org/servics/authentication"
+    xmlns="http://collectionspace.org/services/authentication"
+    targetNamespace="http://collectionspace.org/services/authentication"
+    version="0.1"
+    jaxb:extensionBindingPrefixes="hj orm"
+    >
 
-<!--
+    <!--
     Avoid XmlRootElement nightmare:
     See http://weblogs.java.net/blog/kohsuke/archive/2006/03/why_does_jaxb_p.html
 -->
-
+<!--
+    Notes for MySQL
+    MySQL puts key length limit of 1000 bytes
+    username - rolename constraint shoudl be within 1000 bytes
+    hbm2ddl makes column length >= 256 as long text, such as column cannot be used
+    in defining a key (pk, fk or constraint)
+-->
     <xs:element name="user">
         <xs:complexType>
             <xs:annotation>
@@ -41,7 +47,7 @@
                     <xs:annotation>
                         <xs:appinfo>
                             <hj:id>
-                                <orm:column name="username"  nullable="false"/>
+                                <orm:column name="username" length="128" nullable="false"/>
                             </hj:id>
                         </xs:appinfo>
                     </xs:annotation>
@@ -73,7 +79,7 @@
                     <xs:annotation>
                         <xs:appinfo>
                             <hj:id>
-                                <orm:column name="rolename" nullable="false"/>
+                                <orm:column name="rolename" length="200" nullable="false"/>
                             </hj:id>
                         </xs:appinfo>
                     </xs:annotation>
@@ -96,7 +102,13 @@
             <xs:annotation>
                 <xs:appinfo>
                     <hj:entity>
-                        <orm:table name="users_roles"/>
+                        <orm:table name="users_roles">
+                            <orm:unique-constraint>
+                                <!-- combined length should be < 1000 bytes -->
+                                <orm:column-name>username</orm:column-name>
+                                <orm:column-name>rolename</orm:column-name>
+                            </orm:unique-constraint>
+                        </orm:table>
                     </hj:entity>
                 </xs:appinfo>
             </xs:annotation>
@@ -105,7 +117,7 @@
                     <xs:annotation>
                         <xs:appinfo>
                             <hj:basic>
-                                <orm:column name="username" nullable="false"/>
+                                <orm:column name="username" length="128" nullable="false"/>
                             </hj:basic>
                         </xs:appinfo>
                     </xs:annotation>
@@ -114,7 +126,7 @@
                     <xs:annotation>
                         <xs:appinfo>
                             <hj:basic>
-                                <orm:column name="rolename" nullable="false"/>
+                                <orm:column name="rolename" length="200" nullable="false"/>
                             </hj:basic>
                         </xs:appinfo>
                     </xs:annotation>
diff --git a/services/authentication/pstore/pom.xml b/services/authentication/pstore/pom.xml
index cb896ca76..1233816f6 100644
--- a/services/authentication/pstore/pom.xml
+++ b/services/authentication/pstore/pom.xml
@@ -128,7 +128,7 @@
                             <dependency>
                                 <groupId>mysql</groupId>
                                 <artifactId>mysql-connector-java</artifactId>
-                                <version>5.0.5</version>
+                                <version>5.1.5</version>
                             </dependency>
                         </dependencies>
                     </plugin>
diff --git a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql b/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
index a985e957e..3827bd2c4 100644
--- a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
+++ b/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql
@@ -1,6 +1,6 @@
 drop table if exists roles;
 drop table if exists users;
 drop table if exists users_roles;
-create table roles (rolename varchar(255) not null, rolegroup varchar(255) not null, primary key (rolename));
-create table users (username varchar(255) not null, passwd varchar(128) not null, primary key (username));
-create table users_roles (HJID bigint not null auto_increment, rolename varchar(255) not null, username varchar(255) not null, primary key (HJID));
+create table roles (rolename varchar(200) not null, rolegroup varchar(255) not null, primary key (rolename));
+create table users (username varchar(128) not null, passwd varchar(128) not null, primary key (username));
+create table users_roles (HJID bigint not null auto_increment, rolename varchar(200) not null, username varchar(128) not null, primary key (HJID), unique (username, rolename));
-- 
2.47.3