[Simexplorer-si-commits] r1404 - in trunk/simexplorer-is: simexplorer-is-security simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/credentials simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities simexplorer-is-security/src/test simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities simexp

Author: glandais Date: 2008-03-19 18:10:23 +0000 (Wed, 19 Mar 2008) New Revision: 1404 Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/log4j.properties trunk/simexplorer-is/src/site/fr/rst/rules.rst Removed: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTestbase.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTests.java trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java Modified: trunk/simexplorer-is/simexplorer-is-security/pom.xml trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerImpl.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActor.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActorImpl.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermission.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermissionImpl.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Actor.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Group.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/LoginAction.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Permission.java trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/User.java trunk/simexplorer-is/simexplorer-is-security/src/test/ejb3unit.properties trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationService.java trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationServiceImpl.java trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupEdit.java trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupList.java trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/UserEdit.java trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/GroupValueEncoder.java trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/UserValueEncoder.java Log: Security update JPA friendly Rules written Modified: trunk/simexplorer-is/simexplorer-is-security/pom.xml =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/pom.xml 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/pom.xml 2008-03-19 18:10:23 UTC (rev 1404) @@ -19,31 +19,6 @@ <version>0.1-SNAPSHOT</version> </parent> - <!--build> - <plugins> - <plugin> - <groupId>lutinplugin</groupId> - <artifactId>maven-i18n-plugin</artifactId> - <version>0.2-SNAPSHOT</version> - <configuration> - <bundles> - <param>fr_FR</param> - <param>en_GB</param> - </bundles> - </configuration> - <executions> - <execution> - <phase>compile</phase> - <goals> - <goal>parserJava</goal> - <goal>gen</goal> - </goals> - </execution> - </executions> - </plugin> - </plugins> - </build--> - <repositories> <repository> <snapshots> @@ -54,8 +29,8 @@ <url>http://ejb3unit.sourceforge.net/maven2</url> </repository> </repositories> - - <dependencies> + + <dependencies> <dependency> <groupId>javax.persistence</groupId> <artifactId>persistence-api</artifactId> @@ -79,13 +54,13 @@ <artifactId>h2</artifactId> <version>1.0.64</version> </dependency> - - <dependency> - <groupId>com.bm</groupId> - <artifactId>ejb3unit</artifactId> - <version>1.2</version> - <scope>test</scope> - </dependency> - + + <dependency> + <groupId>com.bm</groupId> + <artifactId>ejb3unit</artifactId> + <version>1.2</version> + <scope>test</scope> + </dependency> + </dependencies> </project> Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerImpl.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerImpl.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerImpl.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -49,7 +49,7 @@ /** The Constant log. */ private static final Log log = LogFactory.getLog(CredentialManagerImpl.class); - + /** The dao. */ @EJB private DaoActor daoActor; @@ -65,27 +65,24 @@ private final static Object usersCachedSynchronizer = new Object(); /** - * Gets the relative level. + * Check if permission accorded to actor applies to user. * + * @param userActor the user * @param actor the actor - * @param permission the permission * - * @return the relative level + * @return true, if successful */ - private int getRelativeLevel(Actor actor, Permission permission) { - int level = -1; - if (actor.equals(permission.getActor())) { - return 0; + private boolean appliesTo(Actor userActor, Actor actor) { + if (userActor.equals(actor)) { + return true; } - Collection<Group> groups = actor.getGroups(); + Collection<Group> groups = userActor.getMemberOf(); for (Group group : groups) { - int levelGroup = getRelativeLevel(group, permission); - if (levelGroup >= 0) { - level = levelGroup + 1; + if (appliesTo(group, actor)) { + return true; } } - - return level; + return false; } /* (non-Javadoc) @@ -98,54 +95,32 @@ if (user.isSuperAdmin()) { p = new Permission(); - p.setActor(user); - p.setBusinessId(businessId); p.setOwner(true); } else { - List<Permission> permissions = daoPermission.getPermissions(businessId); + p = new Permission(); + p.setOwner(false); + p.setCanAdmin(false); + p.setCanRead(false); + p.setCanWrite(false); - if (permissions.size() > 0) { - int minLevel = 0; - - for (Permission permission : permissions) { - int relativeLevel = getRelativeLevel(user, permission); - if (relativeLevel >= 0) { - if (p == null || minLevel > relativeLevel) { - p = permission; - minLevel = relativeLevel; - } - // TODO if minLevel == relativeLevel do OR - } + List<Permission> permissions = daoPermission.getPermissions(businessId); + for (Permission permission : permissions) { + boolean appliesTo = appliesTo(user, permission.getActor()); + if (appliesTo) { + p.setOwner(p.isOwner() || permission.isOwner()); + p.setCanAdmin(p.isCanAdmin() || permission.isCanAdmin()); + p.setCanRead(p.isCanRead() || permission.isCanRead()); + p.setCanWrite(p.isCanWrite() || permission.isCanWrite()); } - } else { - // no permission with this id exists, so create a default one with all rights - p = new Permission(); - p.setActor(user); - p.setBusinessId(businessId); - p.setOwner(true); - p.setCanAdmin(true); - p.setCanRead(true); - p.setCanWrite(true); } - } - if (p != null && p.isOwner()) { + if (p.isOwner()) { p.setCanAdmin(true); p.setCanRead(true); p.setCanWrite(true); } - if (p == null) { - p = new Permission(); - p.setActor(user); - p.setBusinessId(businessId); - p.setOwner(false); - p.setCanAdmin(false); - p.setCanRead(false); - p.setCanWrite(false); - } - return p; } @@ -154,9 +129,9 @@ */ public void saveElement(String token, String businessId) { User user = daoActor.getLoggedUser(token); - Permission p = getPermission(token, businessId); if (!user.isSuperAdmin()) { - if ((p == null) || (!user.getId().equals(p.getActor().getId()))) { + Permission p = daoPermission.getPermission(businessId, user); + if (p == null) { p = new Permission(); p.setActor(user); p.setBusinessId(businessId); @@ -238,7 +213,7 @@ */ private void getActors(Actor actor, Collection<Actor> actors) { actors.add(actor); - Collection<Group> groups = actor.getGroups(); + Collection<Group> groups = actor.getMemberOf(); for (Group group : groups) { getActors(group, actors); } @@ -251,7 +226,7 @@ @Override public String getUserFilter(String token) { User user = daoActor.getLoggedUser(token); - return user.getId().toString(); + return user.getActorId().toString(); } /* (non-Javadoc) Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActor.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActor.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActor.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -17,7 +17,7 @@ * ##% */ package fr.cemagref.simexplorer.is.security.dao; -import java.util.List; +import java.util.Collection; import fr.cemagref.simexplorer.is.security.entities.Actor; import fr.cemagref.simexplorer.is.security.entities.Group; @@ -159,42 +159,15 @@ * * @return the groups */ - public List<Group> getGroups(); + public Collection<Group> getGroups(); /** - * Gets the groups owned by. - * - * @param user the user - * - * @return the groups owned by - */ - public List<Group> getGroupsOwnedBy(User user); - - /** * Gets the users. * * @return the users */ - public List<User> getUsers(); + public Collection<User> getUsers(); - /** - * Gets the users of group. - * - * @param group the group - * - * @return the users of group - */ - public List<User> getUsersOfGroup(Group group); - - /** - * Gets the groups of actor. - * - * @param actor the actor - * - * @return the groups of actor - */ - public List<Group> getGroupsOfActor(Actor actor); - //public Object debugQuery(String query, int type); } Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActorImpl.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActorImpl.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoActorImpl.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -17,6 +17,7 @@ * ##% */ package fr.cemagref.simexplorer.is.security.dao; +import java.util.Collection; import java.util.Date; import java.util.List; @@ -43,7 +44,7 @@ /** The Constant log. */ private static final Log log = LogFactory.getLog(DaoActorImpl.class); - + /** The em. */ @PersistenceContext(unitName = "simexploreris-security") private EntityManager em; @@ -73,8 +74,8 @@ * * @return the object */ - private Object find(Class<?> clazz, Object arg) { - Object o; + private <T> T find(Class<T> clazz, Object arg) { + T o; try { o = em.find(clazz, arg); } catch (NoResultException e) { @@ -105,7 +106,7 @@ * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getGroup(java.lang.Integer) */ public Group getGroup(Integer id) { - Group g = (Group) find(Group.class, id); + Group g = find(Group.class, id); return g; } @@ -122,7 +123,7 @@ * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getUser(java.lang.Integer) */ public User getUser(Integer id) { - User u = (User) find(User.class, id); + User u = find(User.class, id); return u; } @@ -130,7 +131,7 @@ * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getActor(java.lang.Integer) */ public Actor getActor(Integer id) { - Actor a = (Actor) find(Actor.class, id); + Actor a = find(Actor.class, id); return a; } @@ -142,7 +143,7 @@ private void setActorVisible(Actor actor) { actor.setVisible(true); } - + /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#saveGroup(fr.cemagref.simexplorer.is.security.entities.Group) */ @@ -195,8 +196,8 @@ */ public User loginUser(String login, String passwordHash) { User user = (User) getSingleResult(em.createQuery( - "select u from User u where u.login=:login and u.passwordHash=:passwordHash and u.visible = true").setParameter("login", - login).setParameter("passwordHash", passwordHash)); + "select u from User u where u.login=:login and u.passwordHash=:passwordHash and u.visible = true") + .setParameter("login", login).setParameter("passwordHash", passwordHash)); return user; } @@ -231,51 +232,20 @@ * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getGroups() */ public List<Group> getGroups() { - List<Group> groups = CollectionUtil.toGenericList(em.createQuery("select g from Group g where g.visible = true").getResultList(), - Group.class); + List<Group> groups = CollectionUtil.toGenericList(em + .createQuery("select g from Group g where g.visible = true").getResultList(), Group.class); return groups; } /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getGroupsOwnedBy(fr.cemagref.simexplorer.is.security.entities.User) - */ - public List<Group> getGroupsOwnedBy(User user) { - List<Group> groups = CollectionUtil.toGenericList(em.createQuery("select g from Group g where g.owner=:owner and g.visible = true") - .setParameter("owner", user).getResultList(), Group.class); - return groups; - } - - /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getUsers() */ - public List<User> getUsers() { - List<User> users = CollectionUtil.toGenericList(em.createQuery("select u from User u where u.visible = true").getResultList(), - User.class); - return users; - } - - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.security.dao.DaoActor#getUsersOfGroup(fr.cemagref.simexplorer.is.security.entities.Group) - */ - public List<User> getUsersOfGroup(Group group) { - List<User> users = CollectionUtil.toGenericList(em.createQuery( - "select distinct u from User u where :group member of u.groups and u.visible = true").setParameter("group", group) + public Collection<User> getUsers() { + List<User> users = CollectionUtil.toGenericList(em.createQuery("select u from User u where u.visible = true") .getResultList(), User.class); return users; } - public List<Group> getGroupsOfActor(Actor actor) { - - //String query = "select distinct group from Actor actor join actor.groups as group where actor = :actor and group.visible = true"; - String query = "select distinct g from Group g, Actor actor where g member of actor.groups and g.visible = true and actor=:actor"; - List<Group> groups = CollectionUtil.toGenericList(em.createQuery( - query) - .setParameter("actor", actor).getResultList(), - Group.class); - - return groups; - } - /* public Object debugQuery(String query, int type) { Query jpaQuery = em.createQuery(query); @@ -291,7 +261,6 @@ } return null; } -*/ - + */ } Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermission.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermission.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermission.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -58,6 +58,16 @@ public int getPermissionsOwnedByCount(Actor user); /** + * Gets the permission. + * + * @param businessId the business id + * @param user the user + * + * @return the permission + */ + public Permission getPermission(String businessId, Actor user); + + /** * Save permission. * * @param p the p Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermissionImpl.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermissionImpl.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/dao/DaoPermissionImpl.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -17,11 +17,14 @@ * ##% */ package fr.cemagref.simexplorer.is.security.dao; +import java.util.Arrays; import java.util.Collection; +import java.util.HashSet; import java.util.List; import javax.ejb.Stateless; import javax.persistence.EntityManager; +import javax.persistence.NoResultException; import javax.persistence.PersistenceContext; import org.apache.commons.logging.Log; @@ -55,6 +58,20 @@ return permissions; } + @Override + public Permission getPermission(String businessId, Actor actor) { + Permission permission; + try { + permission = (Permission) em.createQuery( + "select p from Permission p where p.businessId=:businessId and p.actor=:actor").setParameter( + "businessId", businessId).setParameter("actor", actor).getSingleResult(); + } catch (NoResultException e) { + permission = null; + } + + return permission; + } + /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.security.dao.DaoPermission#getPermissionsOwnedBy(fr.cemagref.simexplorer.is.security.entities.Actor) */ @@ -87,9 +104,21 @@ */ @Override public void setPermissions(String uuid, Permission[] permissions) { - em.createQuery("delete from Permission p where p.businessId=:businessId").setParameter("businessId", uuid) - .executeUpdate(); - for (Permission permission : permissions) { + HashSet<Permission> permissionSet = new HashSet<Permission>(Arrays.asList(permissions)); + List<Permission> existingPermissions = CollectionUtil.toGenericList(em.createQuery( + "select p from Permission p where p.businessId=:businessId").setParameter("businessId", uuid) + .getResultList(), Permission.class); + + for (Permission permission : existingPermissions) { + if (permissionSet.contains(permission)) { + em.merge(permission); + permissionSet.remove(permission); + } else { + em.remove(permission); + } + } + + for (Permission permission : permissionSet) { em.persist(permission); } } @@ -106,9 +135,11 @@ public List<String> getBusinessIdsVisibleBy(Collection<Actor> actors) { StringBuffer query = new StringBuffer(); query.append("select p.businessId from Permission p").append( - " where (p.canRead = true or p.canAdmin = true or p.isOwner = true)").append(" and p.actor in (:actors)"); + " where (p.canRead = true or p.canAdmin = true or p.isOwner = true)").append( + " and p.actor in (:actors)"); List<String> businessIds = CollectionUtil.toGenericList(em.createQuery(query.toString()).setParameter("actors", actors).getResultList(), String.class); return businessIds; } + } Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Actor.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Actor.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Actor.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -21,17 +21,16 @@ import java.util.ArrayList; import java.util.Collection; import java.util.Iterator; -import java.util.List; -import javax.persistence.Basic; +import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Inheritance; import javax.persistence.InheritanceType; import javax.persistence.ManyToMany; +import javax.persistence.OneToMany; import javax.persistence.Table; import javax.persistence.Transient; @@ -42,42 +41,44 @@ @Table(name = "ACTORS") @Inheritance(strategy = InheritanceType.JOINED) public class Actor implements Serializable { - + /** The Constant serialVersionUID. */ @Transient private static final long serialVersionUID = 1; /** The id. */ @Id - @GeneratedValue(strategy = GenerationType.SEQUENCE) - protected Integer id; + @GeneratedValue + protected Integer actorId; - /** The groups. */ + /** The groups with actor is member of. */ @ManyToMany(fetch = FetchType.EAGER, targetEntity = Group.class) - //@Cascade(value = {CascadeType.ALL}) - private Collection<Group> groups; + private Collection<Group> memberOf; /** The visible. */ - @Basic + @Column(nullable = false) private boolean visible; - + + /** The permissions. */ + @OneToMany(targetEntity = Permission.class, mappedBy = "actor") + private Collection<Permission> permissions; + /** - * Gets the id. + * Gets the actor id. * - * @return the id + * @return the actor id */ - public Integer getId() { - return id; + public Integer getActorId() { + return actorId; } /** - * Sets the id. + * Sets the actor id. * - * @param id - * the new id + * @param actorId the new actor id */ - public void setId(Integer id) { - this.id = id; + public void setActorId(Integer actorId) { + this.actorId = actorId; } /** @@ -92,40 +93,58 @@ /** * Sets the visible. * - * @param visible - * the new visible + * @param visible the new visible */ public void setVisible(boolean visible) { this.visible = visible; } /** - * Gets the groups. + * Gets the member of. * - * @return the groups + * @return the member of */ - public Collection<Group> getGroups() { - if (groups == null) { - groups = new ArrayList<Group>(); + public Collection<Group> getMemberOf() { + if (memberOf == null) { + return new ArrayList<Group>(); } - return groups; + return memberOf; } /** - * Sets the groups. + * Sets the member of. * - * @param groups - * the new groups + * @param memberOf the new member of */ - public void setGroups(List<Group> groups) { - this.groups = groups; + public void setMemberOf(Collection<Group> memberOf) { + this.memberOf = memberOf; } /** + * Gets the permissions. + * + * @return the permissions + */ + public Collection<Permission> getPermissions() { + if (permissions == null) { + return new ArrayList<Permission>(); + } + return permissions; + } + + /** + * Sets the permissions. + * + * @param permissions the new permissions + */ + public void setPermissions(Collection<Permission> permissions) { + this.permissions = permissions; + } + + /** * Hash code groups. * - * @param hashedGroups - * the hashed groups + * @param hashedGroups the hashed groups * * @return the int */ @@ -134,7 +153,7 @@ int result = 1; result = prime * result + hashedGroups.size(); for (Group group : hashedGroups) { - result = prime * result + ((group == null) ? 0 : group.getId()); + result = prime * result + ((group == null) ? 0 : group.actorId); } return result; } @@ -146,18 +165,16 @@ public int hashCode() { final int prime = 31; int result = 1; - result = prime * result + hashCodeGroups(groups); - result = prime * result + ((id == null) ? 0 : id.hashCode()); + result = prime * result + hashCodeGroups(memberOf); + result = prime * result + ((actorId == null) ? 0 : actorId.hashCode()); return result; } /** * Equals groups. * - * @param groups1 - * the groups1 - * @param groups2 - * the groups2 + * @param groups1 the groups1 + * @param groups2 the groups2 * * @return true, if successful */ @@ -175,9 +192,9 @@ if (group1 == null) { if (group2 != null) return false; - } else if (group1.getId() == null) { + } else if (group1.actorId == null) { return false; - } else if (!group1.getId().equals(group2.getId())) + } else if (!group1.actorId.equals(group2.actorId)) return false; } return true; @@ -195,15 +212,15 @@ if (getClass() != obj.getClass()) return false; final Actor other = (Actor) obj; - if (groups == null) { - if (other.groups != null) + if (memberOf == null) { + if (other.memberOf != null) return false; - } else if (!equalsGroups(groups, other.groups)) + } else if (!equalsGroups(memberOf, other.memberOf)) return false; - if (id == null) { - if (other.id != null) + if (actorId == null) { + if (other.actorId != null) return false; - } else if (!id.equals(other.id)) + } else if (!actorId.equals(other.actorId)) return false; return true; } Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Group.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Group.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Group.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -17,11 +17,14 @@ * ##% */ package fr.cemagref.simexplorer.is.security.entities; -import javax.persistence.Basic; +import java.util.ArrayList; +import java.util.Collection; + +import javax.persistence.CascadeType; import javax.persistence.Column; import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.OneToOne; +import javax.persistence.ManyToMany; +import javax.persistence.ManyToOne; import javax.persistence.Table; import javax.persistence.Transient; @@ -35,16 +38,19 @@ /** The Constant serialVersionUID. */ @Transient private static final long serialVersionUID = 1; - + /** The name. */ - @Basic - @Column(unique = true) + @Column(unique = true, nullable = false, length = 256) private String name; - + /** The owner. */ - @OneToOne(fetch = FetchType.EAGER) + @ManyToOne(optional = false) private User owner; + /** The members. */ + @ManyToMany(targetEntity = Actor.class, mappedBy = "memberOf") + private Collection<Actor> members; + /** * Gets the name. * @@ -81,6 +87,27 @@ this.owner = owner; } + /** + * Gets the members. + * + * @return the members + */ + public Collection<Actor> getMembers() { + if (members == null) { + return new ArrayList<Actor>(); + } + return members; + } + + /** + * Sets the members. + * + * @param members the new members + */ + public void setMembers(Collection<Actor> members) { + this.members = members; + } + /* (non-Javadoc) * @see java.lang.Object#toString() */ Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/LoginAction.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/LoginAction.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/LoginAction.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -19,13 +19,11 @@ import java.io.Serializable; -import javax.persistence.Basic; +import javax.persistence.Column; import javax.persistence.Entity; -import javax.persistence.FetchType; import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; -import javax.persistence.OneToOne; +import javax.persistence.ManyToOne; import javax.persistence.Table; import javax.persistence.Transient; @@ -36,29 +34,25 @@ @Table(name = "LOGINS") public class LoginAction implements Serializable { - /** The Constant log. */ - private static final org.apache.commons.logging.Log log = org.apache.commons.logging.LogFactory - .getLog(LoginAction.class); - /** The Constant serialVersionUID. */ @Transient private static final long serialVersionUID = 1; /** The id. */ @Id - @GeneratedValue(strategy = GenerationType.SEQUENCE) + @GeneratedValue private Integer id; /** The time. */ - @Basic + @Column(nullable = false) private long loginDate; /** The logged user. */ - @OneToOne(fetch = FetchType.EAGER) + @ManyToOne(optional = false) private User loggedUser; /** The token. */ - @Basic + @Column(unique = true, nullable = false, length = 64) private String token; /** Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Permission.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Permission.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/Permission.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -19,13 +19,11 @@ import java.io.Serializable; -import javax.persistence.Basic; +import javax.persistence.Column; import javax.persistence.Entity; -import javax.persistence.FetchType; import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; -import javax.persistence.OneToOne; +import javax.persistence.ManyToOne; import javax.persistence.Table; import javax.persistence.Transient; @@ -42,31 +40,31 @@ /** The id. */ @Id - @GeneratedValue(strategy = GenerationType.SEQUENCE) + @GeneratedValue private Integer id; /** The business id. */ - @Basic + @Column(unique = false, nullable = false, length = 64) private String businessId; /** The actor. */ - @OneToOne(fetch = FetchType.EAGER) + @ManyToOne(optional = false) private Actor actor; /** The can read. */ - @Basic + @Column(nullable = false) private boolean canRead; /** The can write. */ - @Basic + @Column(nullable = false) private boolean canWrite; /** The can admin. */ - @Basic + @Column(nullable = false) private boolean canAdmin; /** The is owner. */ - @Basic + @Column(nullable = false) private boolean isOwner; /* (non-Javadoc) Modified: trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/User.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/User.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/java/fr/cemagref/simexplorer/is/security/entities/User.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -17,9 +17,13 @@ * ##% */ package fr.cemagref.simexplorer.is.security.entities; -import javax.persistence.Basic; +import java.util.ArrayList; +import java.util.Collection; + +import javax.persistence.CascadeType; import javax.persistence.Column; import javax.persistence.Entity; +import javax.persistence.OneToMany; import javax.persistence.Table; import javax.persistence.Transient; @@ -33,28 +37,35 @@ /** The Constant serialVersionUID. */ @Transient private static final long serialVersionUID = 1; - + /** The login. */ - @Basic - @Column(unique = true) + @Column(unique = true, nullable = false, length = 256) private String login; - + /** The mail. */ - @Basic + @Column(unique = true, nullable = false, length = 256) private String mail; - + /** The password hash. */ - @Basic + @Column(unique = false, nullable = false, length = 256) private String passwordHash; - + /** The admin. */ - @Basic + @Column(nullable = false) private boolean admin; - + /** The super admin. */ - @Basic + @Column(nullable = false) private boolean superAdmin; + /** The groups owned. */ + @OneToMany(targetEntity = Group.class, mappedBy = "owner") + private Collection<Group> groupsOwned; + + /** The logins. */ + @OneToMany(targetEntity = LoginAction.class, mappedBy = "loggedUser") + private Collection<LoginAction> logins; + /** * Gets the login. * @@ -145,6 +156,48 @@ this.superAdmin = superAdmin; } + /** + * Gets the groups owned. + * + * @return the groups owned + */ + public Collection<Group> getGroupsOwned() { + if (groupsOwned == null) { + return new ArrayList<Group>(); + } + return groupsOwned; + } + + /** + * Sets the groups owned. + * + * @param groupsOwned the new groups owned + */ + public void setGroupsOwned(Collection<Group> groupsOwned) { + this.groupsOwned = groupsOwned; + } + + /** + * Gets the logins. + * + * @return the logins + */ + public Collection<LoginAction> getLogins() { + if (logins == null) { + return new ArrayList<LoginAction>(); + } + return logins; + } + + /** + * Sets the logins. + * + * @param logins the new logins + */ + public void setLogins(Collection<LoginAction> logins) { + this.logins = logins; + } + /* (non-Javadoc) * @see java.lang.Object#toString() */ @@ -163,8 +216,7 @@ result = prime * result + (admin ? 1231 : 1237); result = prime * result + ((login == null) ? 0 : login.hashCode()); result = prime * result + ((mail == null) ? 0 : mail.hashCode()); - result = prime * result - + ((passwordHash == null) ? 0 : passwordHash.hashCode()); + result = prime * result + ((passwordHash == null) ? 0 : passwordHash.hashCode()); result = prime * result + (superAdmin ? 1231 : 1237); return result; } Modified: trunk/simexplorer-is/simexplorer-is-security/src/test/ejb3unit.properties =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/ejb3unit.properties 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/ejb3unit.properties 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,3 +1,12 @@ ### The ejb3unit configuration file ### -ejb3unit.inMemoryTest=true +#ejb3unit.inMemoryTest=true +ejb3unit.inMemoryTest=false +ejb3unit.connection.url=jdbc:h2:mem:ejb3unit +ejb3unit.connection.driver_class=org.h2.Driver +ejb3unit.connection.username= +ejb3unit.connection.password= +ejb3unit.dialect=org.hibernate.dialect.H2Dialect ejb3unit.show_sql=false + +## values are create-drop, create, update ## +ejb3unit.schema.update=create Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,279 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.credentials; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; - -import javax.persistence.EntityManager; -import javax.persistence.EntityTransaction; - -import com.bm.introspectors.EntityBeanIntrospector; -import com.bm.testsuite.dataloader.EntityInitialDataSet; -import com.bm.utils.UndoScriptGenerator; - -import fr.cemagref.simexplorer.is.security.entities.Actor; -import fr.cemagref.simexplorer.is.security.entities.Group; -import fr.cemagref.simexplorer.is.security.entities.LoginAction; -import fr.cemagref.simexplorer.is.security.entities.Permission; -import fr.cemagref.simexplorer.is.security.entities.User; - -public class CredentialDataSet extends EntityInitialDataSet { - - private static final org.apache.commons.logging.Log log = org.apache.commons.logging.LogFactory - .getLog(CredentialDataSet.class); - - protected EntityManager entityManager = null; - - private User user3; - - public static final int N_PERMISSIONS_USER3 = 378; - - public CredentialDataSet() { - // ... - super(Actor.class); - } - - public CredentialDataSet(Class entityType) { - super(entityType); - throw new IllegalStateException(); - } - - public void setEntityManager(EntityManager em) { - this.entityManager = em; - } - - @Override - public void cleanup(EntityManager em) { - EntityTransaction tx = entityManager.getTransaction(); - tx.begin(); - List resultList = entityManager.createQuery("SELECT a FROM Actor a").getResultList(); - for (Object object : resultList) { - Actor actor = (Actor) object; - actor.getGroups().clear(); - entityManager.merge(actor); - } - tx.commit(); - - tx.begin(); - entityManager.createQuery("DELETE FROM LoginAction").executeUpdate(); - entityManager.createQuery("DELETE FROM Permission").executeUpdate(); - entityManager.createQuery("DELETE FROM Group").executeUpdate(); - entityManager.createQuery("DELETE FROM User").executeUpdate(); - entityManager.createQuery("DELETE FROM Actor").executeUpdate(); - tx.commit(); - } - - @Override - public void create() { - User user1 = new User(); - user1.setAdmin(false); - user1.setSuperAdmin(false); - user1.setGroups(new ArrayList<Group>()); - user1.setLogin("user1"); - user1.setMail("user1 at user.user"); - user1.setVisible(true); - entityManager.persist(user1); - - User user2 = new User(); - user2.setAdmin(false); - user2.setSuperAdmin(false); - user2.setGroups(new ArrayList<Group>()); - user2.setLogin("user2"); - user2.setMail("user2 at user.user"); - user2.setVisible(true); - entityManager.persist(user2); - - user3 = new User(); - user3.setAdmin(false); - user3.setSuperAdmin(false); - user3.setGroups(new ArrayList<Group>()); - user3.setLogin("user3"); - user3.setMail("user3 at user.user"); - user3.setVisible(true); - entityManager.persist(user3); - - User user4 = new User(); - user4.setAdmin(false); - user4.setSuperAdmin(false); - user4.setGroups(new ArrayList<Group>()); - user4.setLogin("user4"); - user4.setMail("user4 at user.user"); - user4.setVisible(true); - entityManager.persist(user4); - - User admin = new User(); - admin.setAdmin(true); - admin.setSuperAdmin(false); - admin.setGroups(new ArrayList<Group>()); - admin.setLogin("admin"); - admin.setMail("admin at admin.admin"); - admin.setVisible(true); - entityManager.persist(admin); - - User superadmin = new User(); - superadmin.setAdmin(true); - superadmin.setSuperAdmin(true); - superadmin.setGroups(new ArrayList<Group>()); - superadmin.setLogin("superadmin"); - superadmin.setMail("superadmin at superadmin.superadmin"); - superadmin.setVisible(true); - entityManager.persist(superadmin); - - LoginAction loginActionUser1 = new LoginAction(); - loginActionUser1.setLoggedUser(user1); - loginActionUser1.setLoginDate((new Date()).getTime()); - loginActionUser1.setToken("user1"); - entityManager.persist(loginActionUser1); - - LoginAction loginActionUser2 = new LoginAction(); - loginActionUser2.setLoggedUser(user2); - loginActionUser2.setLoginDate((new Date()).getTime()); - loginActionUser2.setToken("user2"); - entityManager.persist(loginActionUser2); - - LoginAction loginActionUser4 = new LoginAction(); - loginActionUser4.setLoggedUser(user4); - loginActionUser4.setLoginDate((new Date()).getTime()); - loginActionUser4.setToken("user4"); - entityManager.persist(loginActionUser4); - - LoginAction loginActionAdmin = new LoginAction(); - loginActionAdmin.setLoggedUser(admin); - loginActionAdmin.setLoginDate((new Date()).getTime()); - loginActionAdmin.setToken("admin"); - entityManager.persist(loginActionAdmin); - - LoginAction loginActionSuperAdmin = new LoginAction(); - loginActionSuperAdmin.setLoggedUser(superadmin); - loginActionSuperAdmin.setLoginDate((new Date()).getTime()); - loginActionSuperAdmin.setToken("superadmin"); - entityManager.persist(loginActionSuperAdmin); - - Group groupA = new Group(); - groupA.setGroups(new ArrayList<Group>()); - groupA.setName("groupA"); - groupA.setOwner(admin); - groupA.setVisible(true); - entityManager.persist(groupA); - - Group groupB = new Group(); - groupB.setGroups(new ArrayList<Group>()); - groupB.setName("groupB"); - groupB.setOwner(admin); - groupB.setVisible(true); - entityManager.persist(groupB); - - user1.getGroups().add(groupA); - entityManager.merge(user1); - - user2.getGroups().add(groupB); - entityManager.merge(user2); - - user4.getGroups().add(groupB); - entityManager.merge(user4); - - Group groupC = new Group(); - groupC.setGroups(new ArrayList<Group>()); - groupC.setName("groupC"); - groupC.setOwner(admin); - groupC.setVisible(true); - entityManager.persist(groupC); - - groupB.getGroups().add(groupC); - entityManager.merge(groupB); - - Permission[] p = new Permission[6]; - int i = 0; - - p[i] = new Permission(); - p[i].setActor(user1); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - i++; - p[i] = new Permission(); - p[i].setActor(user2); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - i++; - p[i] = new Permission(); - p[i].setActor(groupA); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - i++; - p[i] = new Permission(); - p[i].setActor(groupB); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - i++; - p[i] = new Permission(); - p[i].setActor(groupC); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - i++; - p[i] = new Permission(); - p[i].setActor(user4); - p[i].setBusinessId("b" + i); - p[i].setCanRead(true); - p[i].setCanAdmin(true); - p[i].setCanWrite(true); - p[i].setOwner(true); - - for (Permission permission : p) { - entityManager.persist(permission); - } - - for (int j = 0; j < N_PERMISSIONS_USER3; j++) { - Permission permission = new Permission(); - permission.setActor(user3); - permission.setBusinessId("u3_" + j); - permission.setCanRead(true); - permission.setCanAdmin(true); - permission.setCanWrite(true); - permission.setOwner(true); - entityManager.persist(permission); - } - - } - - public User getUser3() { - return user3; - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialDataSet.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,245 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.credentials; + +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import javax.persistence.EntityManager; +import javax.persistence.EntityTransaction; + +import com.bm.testsuite.dataloader.EntityInitialDataSet; + +import fr.cemagref.simexplorer.is.security.entities.Actor; +import fr.cemagref.simexplorer.is.security.entities.Group; +import fr.cemagref.simexplorer.is.security.entities.LoginAction; +import fr.cemagref.simexplorer.is.security.entities.Permission; +import fr.cemagref.simexplorer.is.security.entities.User; + +/** + * The Class CredentialDataSet. + */ +public class CredentialDataSet extends EntityInitialDataSet { + + /** The Constant log. */ + private static final org.apache.commons.logging.Log log = org.apache.commons.logging.LogFactory + .getLog(CredentialDataSet.class); + + /** The entity manager. */ + protected EntityManager entityManager = null; + + /** The user3. */ + private User user3; + + /** The Constant N_PERMISSIONS_USER3. */ + public static final int N_PERMISSIONS_USER3 = 13; + + /** + * Instantiates a new credential data set. + */ + public CredentialDataSet() { + // ... + super(Actor.class); + } + + /** + * Instantiates a new credential data set. + * + * @param entityType the entity type + */ + public CredentialDataSet(Class entityType) { + super(entityType); + throw new IllegalStateException(); + } + + /* (non-Javadoc) + * @see com.bm.testsuite.dataloader.EntityInitialDataSet#setEntityManager(javax.persistence.EntityManager) + */ + public void setEntityManager(EntityManager em) { + this.entityManager = em; + } + + /* (non-Javadoc) + * @see com.bm.testsuite.dataloader.EntityInitialDataSet#cleanup(javax.persistence.EntityManager) + */ + @Override + public void cleanup(EntityManager em) { + EntityTransaction tx = em.getTransaction(); + if (!tx.isActive()) + tx.begin(); + + List resultList = entityManager.createQuery("SELECT a FROM Actor a").getResultList(); + for (Object object : resultList) { + Actor actor = (Actor) object; + actor.getMemberOf().clear(); + actor.getPermissions().clear(); + entityManager.merge(actor); + } + + resultList = entityManager.createQuery("SELECT u FROM User u").getResultList(); + for (Object object : resultList) { + User user = (User) object; + user.getGroupsOwned().clear(); + user.getLogins().clear(); + entityManager.merge(user); + } + tx.commit(); + tx.begin(); + + em.createQuery("DELETE FROM LoginAction").executeUpdate(); + em.createQuery("DELETE FROM Permission").executeUpdate(); + + em.createQuery("DELETE FROM Group").executeUpdate(); + em.createQuery("DELETE FROM User").executeUpdate(); + em.createQuery("DELETE FROM Actor").executeUpdate(); + + tx.commit(); + } + + /** + * Creates the user. + * + * @param login the login + * @param admin the admin + * @param superadmin the superadmin + * + * @return the user + */ + private User createUser(String login, boolean admin, boolean superadmin) { + User user = new User(); + user.setAdmin(admin); + user.setSuperAdmin(superadmin); + user.setGroupsOwned(new ArrayList<Group>()); + user.setMemberOf(new ArrayList<Group>()); + user.setLogin(login); + user.setMail(login + "@user.user"); + user.setVisible(true); + user.setPasswordHash("---"); + entityManager.persist(user); + + LoginAction loginActionUser = new LoginAction(); + loginActionUser.setLoggedUser(user); + loginActionUser.setLoginDate((new Date()).getTime()); + loginActionUser.setToken(login); + entityManager.persist(loginActionUser); + + return user; + } + + /** + * Creates the group. + * + * @param name the name + * @param owner the owner + * + * @return the group + */ + private Group createGroup(String name, User owner) { + Group group = new Group(); + group.setMemberOf(new ArrayList<Group>()); + group.setMembers(new ArrayList<Actor>()); + group.setName(name); + group.setOwner(owner); + group.setVisible(true); + entityManager.persist(group); + return group; + } + + /** + * Creates the permission. + * + * @param bid the bid + * @param actor the actor + * + * @return the permission + */ + private Permission createPermission(String bid, Actor actor) { + Permission p = new Permission(); + p.setActor(actor); + p.setBusinessId(bid); + p.setCanRead(true); + p.setCanAdmin(true); + p.setCanWrite(true); + p.setOwner(true); + entityManager.persist(p); + return p; + } + + /* (non-Javadoc) + * @see com.bm.testsuite.dataloader.InitialDataSet#create() + */ + @Override + public void create() { + User user1 = createUser("user1", false, false); + User user2 = createUser("user2", false, false); + user3 = createUser("user3", false, false); + User user4 = createUser("user4", false, false); + User admin = createUser("admin", true, false); + User superadmin = createUser("superadmin", true, true); + + Group groupA = createGroup("groupA", admin); + + user1.getMemberOf().add(groupA); + entityManager.merge(user1); + + Group groupB = createGroup("groupB", admin); + groupB.getMembers().add(user2); + groupB.getMembers().add(user4); + entityManager.merge(groupB); + + user2.getMemberOf().add(groupB); + user4.getMemberOf().add(groupB); + entityManager.merge(user2); + entityManager.merge(user4); + + Group groupC = createGroup("groupC", admin); + groupB.getMemberOf().add(groupC); + entityManager.merge(groupB); + + Permission[] p = new Permission[6]; + int i = 0; + + p[i] = createPermission("b" + i, user1); + i++; + p[i] = createPermission("b" + i, user2); + i++; + p[i] = createPermission("b" + i, groupA); + i++; + p[i] = createPermission("b" + i, groupB); + i++; + p[i] = createPermission("b" + i, groupC); + i++; + p[i] = createPermission("b" + i, user4); + + for (int j = 0; j < N_PERMISSIONS_USER3; j++) { + createPermission("u3_" + j, user3); + } + + } + + /** + * Gets the user3. + * + * @return the user3 + */ + public User getUser3() { + return user3; + } + +} Copied: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTest.java (from rev 1402, trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTestbase.java) =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,207 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.credentials; + +import java.util.Collection; +import java.util.List; + +import javax.persistence.EntityTransaction; + +import com.bm.testsuite.BaseSessionBeanFixture; + +import fr.cemagref.simexplorer.is.security.entities.Actor; +import fr.cemagref.simexplorer.is.security.entities.Group; +import fr.cemagref.simexplorer.is.security.entities.LoginAction; +import fr.cemagref.simexplorer.is.security.entities.Permission; +import fr.cemagref.simexplorer.is.security.entities.User; + +/** + * The Class CredentialManagerTest. + */ +public class CredentialManagerTest extends BaseSessionBeanFixture<CredentialManagerImpl> { + + /** The Constant usedEntityBeans. */ + private static final Class<?>[] usedEntityBeans = { Actor.class, User.class, Group.class, Permission.class, + LoginAction.class }; + + /** The credential data set. */ + private static CredentialDataSet credentialDataSet = new CredentialDataSet(); + + /** + * Instantiates a new credential manager testbase. + */ + public CredentialManagerTest() { + super(CredentialManagerImpl.class, usedEntityBeans, credentialDataSet); + } + + /** + * Gets the credential manager. + * + * @return the credential manager + */ + private CredentialManager getCredentialManager() { + return getBeanToTest(); + } + + /** + * Assert permission ok. + * + * @param p the p + * @param onlyOwner the only owner + */ + private static void assertPermissionOk(Permission p, boolean onlyOwner) { + if (!onlyOwner) { + assertTrue(p.isCanRead()); + assertTrue(p.isCanWrite()); + assertTrue(p.isCanAdmin()); + } + assertTrue(p.isOwner()); + } + + /** + * Test get permission. + */ + public void testGetPermission() { + assertPermissionOk(getCredentialManager().getPermission("user1", "b0"), false); + assertPermissionOk(getCredentialManager().getPermission("user2", "b1"), false); + assertPermissionOk(getCredentialManager().getPermission("user1", "b2"), false); + assertPermissionOk(getCredentialManager().getPermission("user2", "b3"), false); + assertPermissionOk(getCredentialManager().getPermission("user2", "b4"), false); + assertPermissionOk(getCredentialManager().getPermission("user4", "b3"), false); + assertPermissionOk(getCredentialManager().getPermission("user4", "b4"), false); + } + + /** + * Test get permissions. + */ + public void testGetPermissions() { + Permission[] permissions; + for (int i = 0; i < 5; i++) { + permissions = getCredentialManager().getPermissions("b" + i); + assertEquals(permissions.length, 1); + } + } + + /** + * Test save element. + */ + public void testSaveElement() { + if (!getEntityManager().getTransaction().isActive()) { + getEntityManager().getTransaction().begin(); + } + getCredentialManager().saveElement("user1", "s0"); + getEntityManager().getTransaction().commit(); + getEntityManager().getTransaction().begin(); + assertPermissionOk(getCredentialManager().getPermission("user1", "s0"), true); + } + + /** + * Test set permissions. + */ + public void testSetPermissions() { + if (!getEntityManager().getTransaction().isActive()) { + getEntityManager().getTransaction().begin(); + } + getCredentialManager().saveElement("user1", "s1"); + getCredentialManager().saveElement("user2", "s1"); + getEntityManager().getTransaction().commit(); + + Permission[] permissions = getCredentialManager().getPermissions("s1"); + for (Permission permission : permissions) { + permission.setOwner(false); + permission.setCanAdmin(false); + permission.setCanWrite(false); + permission.setCanRead(true); + } + + getEntityManager().getTransaction().begin(); + getCredentialManager().setPermissions("s1", permissions); + getEntityManager().getTransaction().commit(); + + for (int i = 1; i < 3; i++) { + Permission permission = getCredentialManager().getPermission("user" + i, "s1"); + assertFalse(permission.isCanAdmin()); + assertFalse(permission.isCanWrite()); + assertFalse(permission.isOwner()); + assertTrue(permission.isCanRead()); + } + } + + /** + * Test get permissions owned by. + */ + public void testGetPermissionsOwnedBy() { + List<Permission> permissionsOwnedBy = getCredentialManager().getPermissionsOwnedBy( + credentialDataSet.getUser3(), 0, CredentialDataSet.N_PERMISSIONS_USER3); + for (Permission permission : permissionsOwnedBy) { + assertTrue(credentialDataSet.getUser3().equals(permission.getActor())); + assertPermissionOk(permission, false); + } + } + + /** + * Test get permissions owned by count. + */ + public void testGetPermissionsOwnedByCount() { + int permissionsOwnedByCount = getCredentialManager().getPermissionsOwnedByCount(credentialDataSet.getUser3()); + assertEquals(permissionsOwnedByCount, CredentialDataSet.N_PERMISSIONS_USER3); + } + + /** + * Test get elements visible by. + */ + public void testGetElementsVisibleBy() { + Collection<String> elementsVisibleBy = getCredentialManager().getElementsVisibleBy("user4"); + assertTrue(elementsVisibleBy.contains("b3")); + assertTrue(elementsVisibleBy.contains("b4")); + assertTrue(elementsVisibleBy.contains("b5")); + assertEquals(elementsVisibleBy.size(), 3); + } + + /** + * Test get user filter. + */ + public void testGetUserFilter() { + assertNotNull(getCredentialManager().getUserFilter("user1")); + assertNotNull(getCredentialManager().getUserFilter("user2")); + assertNotNull(getCredentialManager().getUserFilter("admin")); + assertNotNull(getCredentialManager().getUserFilter("superadmin")); + } + + /** + * Test is cache valid for. + */ + public void testIsCacheValidFor() { + EntityTransaction transaction = getEntityManager().getTransaction(); + if (!transaction.isActive()) { + transaction.begin(); + } + getCredentialManager().saveElement("user1", "c1"); + transaction.commit(); + assertFalse(getCredentialManager().isCacheValidFor(getCredentialManager().getUserFilter("user1"))); + getCredentialManager().getElementsVisibleBy("user1"); + assertTrue(getCredentialManager().isCacheValidFor(getCredentialManager().getUserFilter("user1"))); + Permission[] permissions = new Permission[0]; + transaction.begin(); + getCredentialManager().setPermissions("c1", permissions); + transaction.commit(); + assertFalse(getCredentialManager().isCacheValidFor(getCredentialManager().getUserFilter("user1"))); + getCredentialManager().getElementsVisibleBy("user1"); + assertTrue(getCredentialManager().isCacheValidFor(getCredentialManager().getUserFilter("user1"))); + } +} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTestbase.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTestbase.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/credentials/CredentialManagerTestbase.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,153 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.credentials; - -import java.util.Collection; -import java.util.List; - -import com.bm.testsuite.BaseSessionBeanFixture; - -import fr.cemagref.simexplorer.is.security.entities.Actor; -import fr.cemagref.simexplorer.is.security.entities.Group; -import fr.cemagref.simexplorer.is.security.entities.LoginAction; -import fr.cemagref.simexplorer.is.security.entities.Permission; -import fr.cemagref.simexplorer.is.security.entities.User; - -/** - * The Class CredentialManagerTestbase. - */ -public class CredentialManagerTestbase extends BaseSessionBeanFixture<CredentialManagerImpl> { - - private static final org.apache.commons.logging.Log log = org.apache.commons.logging.LogFactory - .getLog(CredentialManagerTestbase.class); - - /** The Constant usedEntityBeans. */ - private static final Class<?>[] usedEntityBeans = { Permission.class, User.class, Group.class, Actor.class, - LoginAction.class }; - - private static CredentialDataSet credentialDataSet = new CredentialDataSet(); - - /** - * Instantiates a new credential manager testbase. - */ - public CredentialManagerTestbase() { - super(CredentialManagerImpl.class, usedEntityBeans, credentialDataSet); - } - - private CredentialManager getCredentialManager() { - return (CredentialManager) getBeanToTest(); - } - - private static void assertPermissionOk(Permission p, boolean onlyOwner) { - log.info(p); - if (!onlyOwner) { - assertTrue(p.isCanRead()); - assertTrue(p.isCanWrite()); - assertTrue(p.isCanAdmin()); - } - assertTrue(p.isOwner()); - } - - public void testGetPermission() { - assertPermissionOk(getCredentialManager().getPermission("user1", "b0"), false); - assertPermissionOk(getCredentialManager().getPermission("user2", "b1"), false); - assertPermissionOk(getCredentialManager().getPermission("user1", "b2"), false); - assertPermissionOk(getCredentialManager().getPermission("user2", "b3"), false); - assertPermissionOk(getCredentialManager().getPermission("user2", "b4"), false); - } - - public void testGetPermissions() { - Permission[] permissions; - for (int i = 0; i < 5; i++) { - permissions = getCredentialManager().getPermissions("b" + i); - assertEquals(permissions.length, 1); - } - } - - public void testSaveElement() { - getCredentialManager().saveElement("user1", "s0"); - assertPermissionOk(getCredentialManager().getPermission("user1", "s0"), true); - } - - public void testSetPermissions() { - getEntityManager().getTransaction().begin(); - getCredentialManager().saveElement("user1", "s1"); - getCredentialManager().saveElement("user2", "s1"); - getEntityManager().getTransaction().commit(); - Permission[] permissions = getCredentialManager().getPermissions("s1"); - for (Permission permission : permissions) { - permission.setOwner(false); - permission.setCanAdmin(false); - permission.setCanWrite(false); - permission.setCanRead(true); - } - - getEntityManager().getTransaction().begin(); - getCredentialManager().setPermissions("s1", permissions); - getEntityManager().getTransaction().commit(); - - for (int i = 1; i < 3; i++) { - Permission permission = getCredentialManager().getPermission("user" + i, "s1"); - assertFalse(permission.isCanAdmin()); - assertFalse(permission.isCanWrite()); - assertFalse(permission.isOwner()); - assertTrue(permission.isCanRead()); - } - } - - public void testGetPermissionsOwnedBy() { - List<Permission> permissionsOwnedBy = getCredentialManager().getPermissionsOwnedBy( - credentialDataSet.getUser3(), 0, credentialDataSet.N_PERMISSIONS_USER3); - for (Permission permission : permissionsOwnedBy) { - assertTrue(credentialDataSet.getUser3().equals(permission.getActor())); - assertPermissionOk(permission, false); - } - } - - public void testGetPermissionsOwnedByCount() { - int permissionsOwnedByCount = getCredentialManager().getPermissionsOwnedByCount(credentialDataSet.getUser3()); - assertEquals(permissionsOwnedByCount, credentialDataSet.N_PERMISSIONS_USER3); - } - - public void testGetElementsVisibleBy() { - Collection<String> elementsVisibleBy = getCredentialManager().getElementsVisibleBy("user4"); - assertTrue(elementsVisibleBy.contains("b3")); - assertTrue(elementsVisibleBy.contains("b4")); - assertTrue(elementsVisibleBy.contains("b5")); - assertEquals(elementsVisibleBy.size(), 3); - } - - public void testGetUserFilter() { - assertNotNull(getCredentialManager().getUserFilter("user1")); - assertNotNull(getCredentialManager().getUserFilter("user2")); - assertNotNull(getCredentialManager().getUserFilter("admin")); - assertNotNull(getCredentialManager().getUserFilter("superadmin")); - } - - public void testIsCacheValidFor() { - getCredentialManager().saveElement("user1", "c1"); - assertFalse(getCredentialManager().isCacheValidFor("user1")); - getCredentialManager().getElementsVisibleBy("user1"); - assertTrue(getCredentialManager().isCacheValidFor("user1")); - Permission[] permissions = new Permission[0]; - getCredentialManager().setPermissions("c1", permissions); - assertFalse(getCredentialManager().isCacheValidFor("user1")); - getCredentialManager().getElementsVisibleBy("user1"); - assertTrue(getCredentialManager().isCacheValidFor("user1")); - } -} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,32 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -/** - * The Class GroupTest. - */ -public class GroupTest extends SecurityEntityTest { - - /** - * Instantiates a new group test. - */ - public GroupTest() { - super(Group.class, SPECIAL_GENERATORS); - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/GroupTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,32 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.entities; + +/** + * The Class GroupTest. + */ +public class GroupTest extends SecurityEntityTest { + + /** + * Instantiates a new group test. + */ + public GroupTest() { + super(Group.class, SPECIAL_GENERATORS); + } + +} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,32 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -/** - * The Class LoginActionTest. - */ -public class LoginActionTest extends SecurityEntityTest { - - /** - * Instantiates a new login action test. - */ - public LoginActionTest() { - super(LoginAction.class, SPECIAL_GENERATORS); - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/LoginActionTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,32 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.entities; + +/** + * The Class LoginActionTest. + */ +public class LoginActionTest extends SecurityEntityTest { + + /** + * Instantiates a new login action test. + */ + public LoginActionTest() { + super(LoginAction.class, SPECIAL_GENERATORS); + } + +} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,32 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -/** - * The Class PermissionTest. - */ -public class PermissionTest extends SecurityEntityTest { - - /** - * Instantiates a new permission test. - */ - public PermissionTest() { - super(Permission.class, SPECIAL_GENERATORS); - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/PermissionTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,32 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.entities; + +/** + * The Class PermissionTest. + */ +public class PermissionTest extends SecurityEntityTest { + + /** + * Instantiates a new permission test. + */ + public PermissionTest() { + super(Permission.class, SPECIAL_GENERATORS); + } + +} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,139 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -import java.util.List; - -import com.bm.datagen.Generator; -import com.bm.datagen.annotations.GeneratorType; -import com.bm.datagen.relation.BeanCollectionGenerator; -import com.bm.datagen.relation.SingleBeanGenerator; -import com.bm.testsuite.BaseEntityFixture; - -/** - * The Class SecurityEntityTest. - */ - at SuppressWarnings("unchecked") -public abstract class SecurityEntityTest extends BaseEntityFixture { - - /** The Constant SPECIAL_GENERATORS. */ - protected static final Generator<?>[] SPECIAL_GENERATORS = { new GroupCreator(), new GroupsCreator(), - new ActorCreator(), new UserCreator(), new LoginActionCreator(), new PermissionCreator() }; - - /** - * Should not be called... - */ - public SecurityEntityTest() { - super(null); - } - - /** - * Instantiates a new security entity test. - * - * @param entityToTest the entity to test - * @param additionalGenerators the additional generators - */ - public SecurityEntityTest(Class<?> entityToTest, Generator<?>[] additionalGenerators) { - super(entityToTest, additionalGenerators); - } - - /** - * The Class GroupCreator. - */ - @GeneratorType(className = Group.class) - protected static final class GroupCreator extends SingleBeanGenerator<Group> { - - /** - * Instantiates a new group creator. - */ - protected GroupCreator() { - super(Group.class); - } - } - - /** - * The Class GroupsCreator. - */ - @GeneratorType(className = List.class, field = "groups") - protected static final class GroupsCreator extends BeanCollectionGenerator<Group> { - - /** - * Instantiates a new groups creator. - */ - protected GroupsCreator() { - super(Group.class, 10); - } - } - - /** - * The Class UserCreator. - */ - @GeneratorType(className = User.class) - protected static final class UserCreator extends SingleBeanGenerator<User> { - - /** - * Instantiates a new user creator. - */ - protected UserCreator() { - super(User.class); - } - } - - /** - * The Class UserCreator. - */ - @GeneratorType(className = Actor.class) - protected static final class ActorCreator extends SingleBeanGenerator { - - /** - * Instantiates a new user creator. - */ - protected ActorCreator() { - super(User.class); - } - } - - /** - * The Class LoginActionCreator. - */ - @GeneratorType(className = LoginAction.class) - protected static final class LoginActionCreator extends SingleBeanGenerator<LoginAction> { - - /** - * Instantiates a new login action creator. - */ - protected LoginActionCreator() { - super(LoginAction.class); - } - } - - /** - * The Class PermissionCreator. - */ - @GeneratorType(className = Permission.class) - protected static final class PermissionCreator extends SingleBeanGenerator<Permission> { - - /** - * Instantiates a new permission creator. - */ - protected PermissionCreator() { - super(Permission.class); - } - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,159 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.entities; + +import java.util.List; + +import com.bm.datagen.Generator; +import com.bm.datagen.annotations.GeneratorType; +import com.bm.datagen.relation.BeanCollectionGenerator; +import com.bm.datagen.relation.SingleBeanGenerator; +import com.bm.testsuite.BaseEntityFixture; + +/** + * The Class SecurityEntityTest. + */ + at SuppressWarnings("unchecked") +public abstract class SecurityEntityTest extends BaseEntityFixture { + + private static final org.apache.commons.logging.Log log = org.apache.commons.logging.LogFactory + .getLog(SecurityEntityTest.class); + + /** The Constant ACTOR_GENERATORS. */ + protected static final SingleBeanGenerator ACTOR_GENERATORS = new ActorCreator(); + + /** The Constant GROUP_GENERATORS. */ + protected static final SingleBeanGenerator<Group> GROUP_GENERATORS = new GroupCreator(); + + /** The Constant GROUPS_GENERATORS. */ + protected static final BeanCollectionGenerator<Group> GROUPS_GENERATORS = new GroupsCreator(); + + /** The Constant USER_GENERATORS. */ + protected static final SingleBeanGenerator<User> USER_GENERATORS = new UserCreator(); + + /** The Constant LOGINACTION_GENERATORS. */ + protected static final SingleBeanGenerator<LoginAction> LOGINACTION_GENERATORS = new LoginActionCreator(); + + /** The Constant PERMISSION_GENERATORS. */ + protected static final SingleBeanGenerator<Permission> PERMISSION_GENERATORS = new PermissionCreator(); + + protected static final Generator<?>[] SPECIAL_GENERATORS = { ACTOR_GENERATORS, USER_GENERATORS, GROUP_GENERATORS, + GROUPS_GENERATORS, LOGINACTION_GENERATORS, PERMISSION_GENERATORS }; + + /** + * Should not be called... + */ + public SecurityEntityTest() { + super(null); + } + + /** + * Instantiates a new security entity test. + * + * @param entityToTest the entity to test + * @param additionalGenerators the additional generators + */ + public SecurityEntityTest(Class<?> entityToTest, Generator<?>[] additionalGenerators) { + super(entityToTest, additionalGenerators); + } + + /** + * The Class GroupCreator. + */ + @GeneratorType(className = Group.class) + protected static final class GroupCreator extends SingleBeanGenerator<Group> { + + /** + * Instantiates a new group creator. + */ + protected GroupCreator() { + super(Group.class); + } + } + + /** + * The Class GroupsCreator. + */ + @GeneratorType(className = List.class, field = "groups") + protected static final class GroupsCreator extends BeanCollectionGenerator<Group> { + + /** + * Instantiates a new groups creator. + */ + protected GroupsCreator() { + super(Group.class, 10); + } + } + + /** + * The Class UserCreator. + */ + @GeneratorType(className = User.class) + protected static final class UserCreator extends SingleBeanGenerator<User> { + + /** + * Instantiates a new user creator. + */ + protected UserCreator() { + super(User.class); + } + } + + /** + * The Class UserCreator. + */ + @GeneratorType(className = Actor.class) + protected static final class ActorCreator extends SingleBeanGenerator { + + /** + * Instantiates a new user creator. + */ + protected ActorCreator() { + super(User.class); + } + } + + /** + * The Class LoginActionCreator. + */ + @GeneratorType(className = LoginAction.class) + protected static final class LoginActionCreator extends SingleBeanGenerator<LoginAction> { + + /** + * Instantiates a new login action creator. + */ + protected LoginActionCreator() { + super(LoginAction.class); + } + } + + /** + * The Class PermissionCreator. + */ + @GeneratorType(className = Permission.class) + protected static final class PermissionCreator extends SingleBeanGenerator<Permission> { + + /** + * Instantiates a new permission creator. + */ + protected PermissionCreator() { + super(Permission.class); + } + } + +} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTests.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTests.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/SecurityEntityTests.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,46 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -import fr.cemagref.simexplorer.is.security.credentials.CredentialManagerTestbase; -import junit.framework.Test; -import junit.framework.TestSuite; - -/** - * The Class SecurityEntityTests. - */ -public class SecurityEntityTests { - - /** - * Suite. - * - * @return the test - */ - public static Test suite() { - TestSuite suite = new TestSuite("Test for fr.cemagref.simexplorer.is.security.entities"); - // $JUnit-BEGIN$ - suite.addTestSuite(CredentialManagerTestbase.class); - suite.addTestSuite(UserTest.class); - suite.addTestSuite(GroupTest.class); - suite.addTestSuite(PermissionTest.class); - suite.addTestSuite(LoginActionTest.class); - // $JUnit-END$ - return suite; - } - -} Deleted: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -1,32 +0,0 @@ -/* -* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais -* -* This program is free software; you can redistribute it and/or -* modify it under the terms of the GNU General Public License -* as published by the Free Software Foundation; either version 2 -* of the License, or (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -* ##% */ -package fr.cemagref.simexplorer.is.security.entities; - -/** - * The Class UserTest. - */ -public class UserTest extends SecurityEntityTest { - - /** - * Instantiates a new user test. - */ - public UserTest() { - super(User.class, SPECIAL_GENERATORS); - } - -} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/fr/cemagref/simexplorer/is/security/entities/UserTest.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,32 @@ +/* +* ##% Copyright (C) 2008 Code Lutin, Gabriel Landais +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +* ##% */ +package fr.cemagref.simexplorer.is.security.entities; + +/** + * The Class UserTest. + */ +public class UserTest extends SecurityEntityTest { + + /** + * Instantiates a new user test. + */ + public UserTest() { + super(User.class, SPECIAL_GENERATORS); + } + +} Added: trunk/simexplorer-is/simexplorer-is-security/src/test/log4j.properties =================================================================== --- trunk/simexplorer-is/simexplorer-is-security/src/test/log4j.properties (rev 0) +++ trunk/simexplorer-is/simexplorer-is-security/src/test/log4j.properties 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,13 @@ +# Global logging configuration +log4j.rootLogger=ERROR, stdout +# Console output... +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%5p [%t] (%F:%L) %M - %m%n + +# package level +log4j.logger.fr.cemagref.simexplorer.is=ERROR +log4j.logger.org.codelutin=ERROR +log4j.logger.com.bm=ERROR + + Modified: trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationService.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationService.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationService.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -148,75 +148,6 @@ public User[] getUsers(String token) throws SimExplorerException; /** - * Gets the users of group. - * - * @param token the token - * @param group the group - * - * @return the users of group - * - * @throws SimExplorerException the sim explorer service exception - */ - public User[] getUsersOfGroup(String token, Group group) throws SimExplorerException; - - /** - * Sets the users of group. - * - * @param token the token - * @param group the group - * @param usersInGroup the users in group - * - * @throws SimExplorerException the sim explorer service exception - */ - public void setUsersOfGroup(String token, Group group, Integer[] usersInGroup) throws SimExplorerException; - - /** - * Sets the groups of group. - * - * @param token the token - * @param group the group - * @param groupsIds the groups ids - * - * @throws SimExplorerException the sim explorer service exception - */ - public void setGroupsOfGroup(String token, Group group, Integer[] groupsIds) throws SimExplorerException; - - /** - * Gets the groups of user. - * - * @param token the token - * @param user the user - * - * @return the groups of user - * - * @throws SimExplorerException the sim explorer service exception - */ - public Group[] getGroupsOfUser(String token, User user) throws SimExplorerException; - - /** - * Gets the groups of group. - * - * @param token the token - * @param group the group - * - * @return the groups of group - * - * @throws SimExplorerException the sim explorer service exception - */ - public Group[] getGroupsOfGroup(String token, Group group) throws SimExplorerException; - - /** - * Sets the groups of user. - * - * @param token the token - * @param user the user - * @param groupsIds the groups ids - * - * @throws SimExplorerException the sim explorer service exception - */ - public void setGroupsOfUser(String token, User user, Integer[] groupsIds) throws SimExplorerException; - - /** * Save group. * * @param token the token @@ -286,19 +217,8 @@ public Group[] getGroups(String token) throws SimExplorerException; /** - * Gets the groups owned by. - * - * @param token the token - * @param user the user - * - * @return the groups owned by - * - * @throws SimExplorerException the sim explorer service exception - */ - public Group[] getGroupsOwnedBy(String token, User user) throws SimExplorerException; - - /** * Gets the logged user. + * Throws SimExplorerException if token is invalid (ie not logged) * * @param token the token * Modified: trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationServiceImpl.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationServiceImpl.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-service/src/java/fr/cemagref/simexplorer/is/service/AuthenticationServiceImpl.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -193,10 +193,10 @@ * @return true, if successful */ private boolean userOwnerOfGroup(User loggedUser, Group group) { - if (group.getOwner().getId().equals(loggedUser.getId())) { + if (group.getOwner().getActorId().equals(loggedUser.getActorId())) { return true; } - Collection<Group> groups = group.getGroups(); + Collection<Group> groups = group.getMemberOf(); for (Group parent : groups) { if (userOwnerOfGroup(loggedUser, parent)) { return true; @@ -223,9 +223,9 @@ } if (loggedUser.isAdmin()) { User user = daoActor.getUser(id); - Collection<Group> groups = user.getGroups(); + Collection<Group> groups = user.getMemberOf(); for (Group group : groups) { - if (canAdminGroup(token, group.getId())) { + if (canAdminGroup(token, group.getActorId())) { return true; } } @@ -235,24 +235,6 @@ } /** - * Removes the user from group. - * - * @param user the user - * @param group the group - */ - private void removeUserFromGroup(User user, Group group) { - List<Group> toRemove = new ArrayList<Group>(); - for (Group testGroup : user.getGroups()) { - if (testGroup.getId().equals(group.getId())) { - toRemove.add(testGroup); - } - } - for (Group groupToRemove : toRemove) { - user.getGroups().remove(groupToRemove); - } - } - - /** * Can delete group. * * @param token the token @@ -266,22 +248,12 @@ return canAdminGroup(token, id); } - /** - * Delete group impl. - * - * @param token the token - * @param id the id - */ - private void deleteGroupImpl(String token, Integer id) { - daoActor.deleteGroup(id); - } - /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.service.AuthenticationService#deleteGroup(java.lang.String, java.lang.Integer) */ public void deleteGroup(String token, Integer id) throws SimExplorerException { if (canDeleteGroup(token, id)) { - deleteGroupImpl(token, id); + daoActor.deleteGroup(id); } else { throw new SimExplorerSecurityException(); } @@ -301,22 +273,12 @@ return canAdminUser(token, id); } - /** - * Delete user impl. - * - * @param token the token - * @param id the id - */ - private void deleteUserImpl(String token, Integer id) { - daoActor.deleteUser(id); - } - /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.service.AuthenticationService#deleteUser(java.lang.String, java.lang.Integer) */ public void deleteUser(String token, Integer id) throws SimExplorerException { if (canDeleteUser(token, id)) { - deleteUserImpl(token, id); + daoActor.deleteUser(id); } else { throw new SimExplorerSecurityException(); } @@ -405,8 +367,8 @@ */ private boolean canSaveElement(String token) throws SimExplorerException { User loggedUser = getLoggedUser(token); - boolean canView = loggedUser.isAdmin() || loggedUser.isSuperAdmin(); - return canView; + boolean canSave = loggedUser.isAdmin() || loggedUser.isSuperAdmin(); + return canSave; } /* (non-Javadoc) @@ -423,7 +385,7 @@ group.setName(name); group.setOwner(getLoggedUser(token)); daoActor.saveGroup(group); - group = getGroup(token, group.getId()); + group = getGroup(token, group.getActorId()); return group; } throw new SimExplorerSecurityException(); @@ -452,7 +414,7 @@ user.setAdmin(false); user.setSuperAdmin(false); daoActor.saveUser(user); - user = getUser(token, user.getId()); + user = getUser(token, user.getActorId()); return user; } throw new SimExplorerSecurityException(); @@ -476,7 +438,8 @@ * @see fr.cemagref.simexplorer.is.service.AuthenticationService#updateGroup(java.lang.String, fr.cemagref.simexplorer.is.security.entities.Group) */ public Group updateGroup(String token, Group group) throws SimExplorerException { - if (canUpdateGroup(token, group.getId())) { + if (canUpdateGroup(token, group.getActorId())) { + // TODO isContaining return daoActor.updateGroup(group); } throw new SimExplorerSecurityException(); @@ -493,11 +456,11 @@ * @throws SimExplorerException the sim explorer service exception */ private boolean canUpdateUser(String token, User user) throws SimExplorerException { - if (canAdminUser(token, user.getId())) { + if (canAdminUser(token, user.getActorId())) { if (getLoggedUser(token).isSuperAdmin()) { return true; } - User oldUser = daoActor.getUser(user.getId()); + User oldUser = daoActor.getUser(user.getActorId()); if (oldUser.isAdmin() == user.isAdmin() && oldUser.isSuperAdmin() == user.isSuperAdmin()) { return true; } @@ -597,7 +560,7 @@ */ public void resetPassword(String token, String login) throws SimExplorerException { User user = getUser(token, login); - if (canAdminUser(token, user.getId())) { + if (canAdminUser(token, user.getActorId())) { char[] password = generatePassword(); sendMail(Config.getProperties().getProperty("simexplorer.adminmail"), user.getMail(), _("simexplorer.service.mail.subject"), getMailContentWithPassword(login, password)); @@ -616,128 +579,23 @@ */ public Group[] getGroups(String token) throws SimExplorerException { if (canViewElements(token)) { - List<Group> groups = daoActor.getGroups(); + Collection<Group> groups = daoActor.getGroups(); return groups.toArray(new Group[groups.size()]); } throw new SimExplorerSecurityException(); } /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getGroupsOwnedBy(java.lang.String, fr.cemagref.simexplorer.is.security.entities.User) - */ - public Group[] getGroupsOwnedBy(String token, User user) throws SimExplorerException { - if (canViewElements(token)) { - List<Group> list = daoActor.getGroupsOwnedBy(user); - return list.toArray(new Group[list.size()]); - } - throw new SimExplorerSecurityException(); - } - - /* (non-Javadoc) * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getUsers(java.lang.String) */ public User[] getUsers(String token) throws SimExplorerException { if (canViewElements(token)) { - List<User> users = daoActor.getUsers(); + Collection<User> users = daoActor.getUsers(); return users.toArray(new User[users.size()]); } throw new SimExplorerSecurityException(); } - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getUsersOfGroup(java.lang.String, fr.cemagref.simexplorer.is.security.entities.Group) - */ - public User[] getUsersOfGroup(String token, Group group) throws SimExplorerException { - if (canViewElements(token)) { - List<User> usersOfGroup = daoActor.getUsersOfGroup(group); - return usersOfGroup.toArray(new User[usersOfGroup.size()]); - } - throw new SimExplorerSecurityException(); - } - - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#setUsersOfGroup(java.lang.String, fr.cemagref.simexplorer.is.security.entities.Group, java.lang.Integer[]) - */ - public void setUsersOfGroup(String token, Group group, Integer[] usersInGroup) throws SimExplorerException { - if (canUpdateGroup(token, group.getId())) { - List<Integer> newUsers = new ArrayList<Integer>(); - newUsers.addAll(Arrays.asList(usersInGroup)); - - List<Integer> usersToAdd = new ArrayList<Integer>(); - List<Integer> usersToRemove = new ArrayList<Integer>(); - - List<User> users = daoActor.getUsersOfGroup(group); - - List<Integer> currentUsers = new ArrayList<Integer>(); - for (User user : users) { - currentUsers.add(user.getId()); - } - - for (Integer user : currentUsers) { - if (!newUsers.contains(user)) { - usersToRemove.add(user); - } - } - for (Integer user : newUsers) { - if (!currentUsers.contains(user)) { - usersToAdd.add(user); - } - } - - for (Integer idUser : usersToAdd) { - User user = daoActor.getUser(idUser); - user.getGroups().add(group); - daoActor.updateUser(user); - } - for (Integer idUser : usersToRemove) { - User user = daoActor.getUser(idUser); - removeUserFromGroup(user, group); - daoActor.updateUser(user); - } - } else { - throw new SimExplorerSecurityException(); - } - } - - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#setGroupsOfUser(java.lang.String, fr.cemagref.simexplorer.is.security.entities.User, java.lang.Integer[]) - */ - public void setGroupsOfUser(String token, User user, Integer[] groupsIds) throws SimExplorerException { - if (canUpdateUser(token, user)) { - User realUser = daoActor.getUser(user.getId()); - realUser.getGroups().clear(); - for (Integer groupsId : groupsIds) { - Group group = daoActor.getGroup(groupsId); - realUser.getGroups().add(group); - } - daoActor.updateUser(realUser); - } else { - throw new SimExplorerSecurityException(); - } - } - - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getGroupsOfUser(java.lang.String, fr.cemagref.simexplorer.is.security.entities.User) - */ - public Group[] getGroupsOfUser(String token, User user) throws SimExplorerException { - if (canViewElements(token)) { - List<Group> list = daoActor.getGroupsOfActor(user); - return list.toArray(new Group[list.size()]); - } - throw new SimExplorerSecurityException(); - } - - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getGroupsOfGroup(java.lang.String, fr.cemagref.simexplorer.is.security.entities.Group) - */ - public Group[] getGroupsOfGroup(String token, Group group) throws SimExplorerException { - if (canViewElements(token)) { - List<Group> groupsOfGroup = daoActor.getGroupsOfActor(group); - return groupsOfGroup.toArray(new Group[groupsOfGroup.size()]); - } - throw new SimExplorerSecurityException(); - } - /** * Checks if container contains contained. * @@ -747,10 +605,10 @@ * @return true, if is containing */ private boolean isContaining(Group container, Group contained) { - if (container.getId().equals(contained.getId())) { + if (container.getActorId().equals(contained.getActorId())) { return true; } - Collection<Group> groups = container.getGroups(); + Collection<Group> groups = container.getMemberOf(); for (Group group : groups) { if (isContaining(group, contained)) { return true; @@ -759,25 +617,6 @@ return false; } - /* (non-Javadoc) - * @see fr.cemagref.simexplorer.is.service.AuthenticationService#setGroupsOfGroup(java.lang.String, fr.cemagref.simexplorer.is.security.entities.Group, java.lang.Integer[]) - */ - public void setGroupsOfGroup(String token, Group group, Integer[] groupsIds) throws SimExplorerException { - if (canUpdateGroup(token, group.getId())) { - Group realGroup = daoActor.getGroup(group.getId()); - realGroup.getGroups().clear(); - for (Integer groupsId : groupsIds) { - Group groupOwned = daoActor.getGroup(groupsId); - if (!isContaining(groupOwned, realGroup)) { - realGroup.getGroups().add(groupOwned); - } - } - daoActor.updateGroup(realGroup); - } else { - throw new SimExplorerSecurityException(); - } - } - /** * Can admin permissions. * @@ -815,6 +654,7 @@ */ @Override public String[] getElementsOwnedBy(String token, User user, int indexStart, int count) { + // TODO security List<String> uuids = new ArrayList<String>(); List<Permission> permissions = credentialManager.getPermissionsOwnedBy(user, indexStart, count); for (Permission permission : permissions) { @@ -827,6 +667,7 @@ * @see fr.cemagref.simexplorer.is.service.AuthenticationService#getElementsOwnedByCount(java.lang.String, fr.cemagref.simexplorer.is.security.entities.User) */ public int getElementsOwnedByCount(String token, User user) { + // TODO security return credentialManager.getPermissionsOwnedByCount(user); } Modified: trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupEdit.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupEdit.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupEdit.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -19,6 +19,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.List; import java.util.StringTokenizer; @@ -27,6 +28,7 @@ import org.apache.tapestry.annotations.Persist; import fr.cemagref.simexplorer.is.exceptions.SimExplorerException; +import fr.cemagref.simexplorer.is.security.entities.Actor; import fr.cemagref.simexplorer.is.security.entities.Group; import fr.cemagref.simexplorer.is.security.entities.User; import fr.cemagref.simexplorer.is.service.remote.RemoteSecurityService; @@ -87,11 +89,15 @@ } else { this.group = RemoteSecurityService.getAuthentificationService().getGroup(getToken(), groupId); - User[] users = RemoteSecurityService.getAuthentificationService().getUsersOfGroup(getToken(), group); - this.usersInGroup.addAll(Arrays.asList(users)); - - Group[] groups = RemoteSecurityService.getAuthentificationService().getGroupsOfGroup(getToken(), group); - this.groupsInGroup.addAll(Arrays.asList(groups)); + Collection<Actor> members = this.group.getMembers(); + for (Actor actor : members) { + if (actor instanceof User) { + this.usersInGroup.add((User) actor); + } + if (actor instanceof Group) { + this.groupsInGroup.add((Group) actor); + } + } } userEncoder = new UserValueEncoder(getToken()); groupEncoder = new GroupValueEncoder(getToken()); @@ -118,28 +124,17 @@ * @throws SimExplorerException the sim explorer exception */ public Object onSuccess() throws SimExplorerException { - if (group.getId() == null) { + Collection<Actor> members = new ArrayList<Actor>(); + members.addAll(usersInGroup); + members.addAll(groupsInGroup); + group.setMembers(members); + + if (group.getActorId() == null) { group = RemoteSecurityService.getAuthentificationService().saveGroup(getToken(), group.getName()); } else { group = RemoteSecurityService.getAuthentificationService().updateGroup(getToken(), group); } - Integer[] usersIds = new Integer[usersInGroup.size()]; - int i = 0; - for (User user : usersInGroup) { - usersIds[i] = user.getId(); - i++; - } - RemoteSecurityService.getAuthentificationService().setUsersOfGroup(getToken(), group, usersIds); - - Integer[] groupsIds = new Integer[groupsInGroup.size()]; - i = 0; - for (Group aGroup : groupsInGroup) { - groupsIds[i] = aGroup.getId(); - i++; - } - RemoteSecurityService.getAuthentificationService().setGroupsOfGroup(getToken(), group, groupsIds); - return groupList; } Modified: trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupList.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupList.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/GroupList.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -92,7 +92,8 @@ if (isUserSuperAdmin()) { groups = RemoteSecurityService.getAuthentificationService().getGroups(getToken()); } else { - groups = RemoteSecurityService.getAuthentificationService().getGroupsOwnedBy(getToken(), getUserLogged()); + Collection<Group> groupsOwned = getUserLogged().getGroupsOwned(); + groups = groupsOwned.toArray(new Group[groupsOwned.size()]); } return groups; @@ -148,7 +149,7 @@ private TreeNode buildNode(Group group) { TreeNode node = new TreeNode(); - Collection<Group> children = group.getGroups(); + Collection<Group> children = group.getMemberOf(); if (children.size() == 0) { node.setType(TreeNode.TYPE_DOCUMENT); } else { @@ -160,7 +161,7 @@ node.setChildren(childrenNodes); } - Link link = getResources().createPageLink("GroupEdit", false, group.getId()); + Link link = getResources().createPageLink("GroupEdit", false, group.getActorId()); StringBuffer sb = new StringBuffer(""); sb.append("<a href=\""); sb.append(link.toString()); @@ -191,7 +192,7 @@ usage.put(group, 0); } for (Group group : groups) { - Collection<Group> children = group.getGroups(); + Collection<Group> children = group.getMemberOf(); for (Group child : children) { usage.put(child, usage.get(child) + 1); } Modified: trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/UserEdit.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/UserEdit.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/pages/UserEdit.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -19,6 +19,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.List; import org.apache.tapestry.ComponentResources; @@ -57,7 +58,7 @@ /** The groups of user. */ @Persist - private List<Group> groupsOfUser; + private Collection<Group> groupsOfUser; /** The group encoder. */ @Persist @@ -120,10 +121,7 @@ if (userId == -1) { this.user = new User(); } else { - this.user = RemoteSecurityService.getAuthentificationService().getUser(getToken(), userId); - Group[] groups = RemoteSecurityService.getAuthentificationService().getGroupsOfUser(getToken(), this.user); - groupsOfUser.addAll(Arrays.asList(groups)); - + groupsOfUser = getUserLogged().getMemberOf(); } groupEncoder = new GroupValueEncoder(getToken()); } @@ -149,19 +147,13 @@ * @throws SimExplorerException the sim explorer exception */ public Object onSuccess() throws SimExplorerException { - if (user.getId() == null) { + if (user.getActorId() == null) { user = RemoteSecurityService.getAuthentificationService().saveUser(getToken(), user.getLogin(), user.getMail()); return this; - } - user = RemoteSecurityService.getAuthentificationService().updateUser(getToken(), user); - Integer[] groupsIds = new Integer[groupsOfUser.size()]; - int i = 0; - for (Group group : groupsOfUser) { - groupsIds[i] = group.getId(); - i++; - } - RemoteSecurityService.getAuthentificationService().setGroupsOfUser(getToken(), user, groupsIds); + } + user.setMemberOf(groupsOfUser); + user = RemoteSecurityService.getAuthentificationService().updateUser(getToken(), user); return userList; } @@ -188,10 +180,12 @@ * @throws SimExplorerException the sim explorer exception */ public Group[] getOwnedGroups() throws SimExplorerException { - if (user.getId() == null) { + if (user.getActorId() == null) { return new Group[0]; } - return RemoteSecurityService.getAuthentificationService().getGroupsOwnedBy(getToken(), user); + Collection<Group> groupsOwned = user.getGroupsOwned(); + Group[] result = groupsOwned.toArray(new Group[groupsOwned.size()]); + return result; } /** @@ -222,7 +216,7 @@ * @return the creating */ public boolean getCreating() { - return (user.getId() == null); + return (user.getActorId() == null); } /** @@ -278,7 +272,7 @@ * * @return the groups of user */ - public List<Group> getGroupsOfUser() { + public Collection<Group> getGroupsOfUser() { return groupsOfUser; } Modified: trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/GroupValueEncoder.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/GroupValueEncoder.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/GroupValueEncoder.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -46,7 +46,7 @@ * @see org.apache.tapestry.ValueEncoder#toClient(java.lang.Object) */ public String toClient(Group arg0) { - return Integer.toString(arg0.getId()); + return Integer.toString(arg0.getActorId()); } /* (non-Javadoc) Modified: trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/UserValueEncoder.java =================================================================== --- trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/UserValueEncoder.java 2008-03-19 18:05:45 UTC (rev 1403) +++ trunk/simexplorer-is/simexplorer-is-web/src/java/fr/cemagref/simexplorer/is/ui/web/services/UserValueEncoder.java 2008-03-19 18:10:23 UTC (rev 1404) @@ -46,7 +46,7 @@ * @see org.apache.tapestry.ValueEncoder#toClient(java.lang.Object) */ public String toClient(User arg0) { - return Integer.toString(arg0.getId()); + return Integer.toString(arg0.getActorId()); } /* (non-Javadoc) Added: trunk/simexplorer-is/src/site/fr/rst/rules.rst =================================================================== --- trunk/simexplorer-is/src/site/fr/rst/rules.rst (rev 0) +++ trunk/simexplorer-is/src/site/fr/rst/rules.rst 2008-03-19 18:10:23 UTC (rev 1404) @@ -0,0 +1,25 @@ +Security +======== + +Accès à l'EJB +------------- + +L'accès peut se faire uniquement au sein d'autres EJB déployés au sein du même serveur d'application (EJB local). + +Permissions +----------- + +Droits sur un élément : + + - le superadmin possède tous les droits sur tous les éléments + - "atomique" : droits explicites ou d'admin ou propriétaire de l'Actor + - global : droits atomique de l'Actor ou d'un de ses parents (memberOf récursif). Ainsi + si l'utilisateur n'a pas les droits explicites, mais qu'un de ses groupes auxquels il apprtient les possède, + l'utilisateur acquière ces droits. + - si un User est propriétaire d'un groupe sans en être membre, il n'a pas les droits du groupe + +Sauvegarde d'un élément : + + - les droits associés sont mis à jour via cette méthode + - aucune permission n'est créée si l'utilisateur est super admin + -