\r
import java.util.UUID;\r
\r
+import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl;\r
+\r
+/**\r
+ * A <code>AuthorityPermission</code> consists of two parts which are separated\r
+ * by a dot character '.' in the permissionString which can retrieved by\r
+ * {@link #getPermissionString(String)}:\r
+ *\r
+ * <ul>\r
+ * <li><code>className</code>: an {@link CdmPermissionClass} instance with represents a cdm\r
+ * type or a part of the cdm type hierarchy. The className is always represented\r
+ * as an upper case string.</li>\r
+ * <li><code>permission</code>: a string which specifies a {@link CdmPermission} on that set of cdm\r
+ * types</li>\r
+ * <li><code>targetUuid</code>: The permission may be restricted to a specific cdm entity by adding\r
+ * the entity uuid to the permission. The uuid string is enclosed in curly brackets '<code>{</code>'\r
+ * , '<code>}</code>' and appended to the end of the permission.</li>\r
+ * </ul>\r
+ * The authority string syntax looks like:<br>\r
+ * <pre>CLASSNAME.PERMISSION[{UUID}]</pre>\r
+ * Whereas the square brackets are indicating an optional element.\r
+ *\r
+ * <h3>Examples for permissionStrings</h3>\r
+ *\r
+ * <pre>\r
+ * TAXONBASE.CREATE\r
+ * TAXONBASE.READ\r
+ * TAXONBASE.UPDATE\r
+ * TAXONBASE.DELETE\r
+ * DESCRIPTIONBASE.UPDATE\r
+ * TAXONNODE.UPDATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}\r
+ * </pre>\r
+ *\r
+ * The method {@link #getPermissionString(String)} parses a full authority and returns permissionString and\r
+ * the {@link AuthorityPermission} from the <code>authority</code>.\r
+ *\r
+ *\r
+ *\r
+ * @author k.luther\r
+ */\r
public class AuthorityPermission{\r
- CdmPermissionClass className;\r
- CdmPermission permission;\r
- UUID targetUuid;\r
- \r
- public AuthorityPermission(Object targetDomainObject, CdmPermission permission, UUID uuid){\r
- this.className = CdmPermissionClass.getValueOf(targetDomainObject);\r
- this.permission = permission;\r
- targetUuid = uuid;\r
- }\r
- \r
- public CdmPermissionClass getClassName(){\r
- return className;\r
- }\r
- \r
- public CdmPermission getPermission(){\r
- return permission;\r
- }\r
- \r
- public UUID getTargetUUID(){\r
- return targetUuid;\r
- }\r
- public AuthorityPermission (String authority){\r
- String permissionString;\r
- int firstPoint = authority.indexOf(".");\r
- if (firstPoint == -1){\r
- className = CdmPermissionClass.valueOf(authority);\r
- }else{\r
- className = CdmPermissionClass.valueOf((authority.substring(0, firstPoint)));\r
- int bracket = authority.indexOf("{");\r
- permissionString = getPermissionString(authority);\r
- if (bracket != -1){\r
- int secondBracket = authority.indexOf("}");\r
- String uuid = authority.substring(bracket+1, secondBracket);\r
- targetUuid = UUID.fromString(uuid);\r
- }\r
- permission = CdmPermission.valueOf(permissionString.toUpperCase());\r
- }\r
- }\r
- \r
- private static String getPermissionString(String authority){\r
- int lastPoint = authority.lastIndexOf(".");\r
- int bracket = authority.indexOf("{");\r
- if (bracket == -1){\r
- return authority.substring(lastPoint+1);\r
- }else{\r
- return authority.substring(lastPoint+1, bracket);\r
- }\r
- }\r
- \r
+ CdmPermissionClass className;\r
+ CdmPermission permission;\r
+ UUID targetUuid;\r
+\r
+ public AuthorityPermission(Object targetDomainObject, CdmPermission permission, UUID uuid){\r
+ this.className = CdmPermissionClass.getValueOf(targetDomainObject);\r
+ this.permission = permission;\r
+ targetUuid = uuid;\r
+ }\r
+\r
+ public CdmPermissionClass getClassName(){\r
+ return className;\r
+ }\r
+\r
+ public CdmPermission getPermission(){\r
+ return permission;\r
+ }\r
+\r
+ public UUID getTargetUUID(){\r
+ return targetUuid;\r
+ }\r
+\r
+ /**\r
+ * Constructs a new AuthorityPermission by parsing the contents of an\r
+ * authority string. For details on the syntax please refer to the class\r
+ * documentation above.\r
+ *\r
+ * @param authority\r
+ */\r
+ public AuthorityPermission (String authority){\r
+ String permissionString;\r
+ int firstPoint = authority.indexOf(".");\r
+ if (firstPoint == -1){\r
+ // no dot: the authorityString only holds a CdmPermissionClass\r
+ className = CdmPermissionClass.valueOf(authority);\r
+ }else{\r
+ // has a dot: the authorityString only holds a CdmPermissionClass and a permissionString\r
+ className = CdmPermissionClass.valueOf((authority.substring(0, firstPoint)));\r
+ int bracket = authority.indexOf("{");\r
+ permissionString = getPermissionString(authority);\r
+ if (bracket != -1){\r
+ // having a bracket means the permissionString contains a uuid !!!\r
+ int secondBracket = authority.indexOf("}");\r
+ String uuid = authority.substring(bracket+1, secondBracket);\r
+ targetUuid = UUID.fromString(uuid);\r
+ }\r
+ permission = CdmPermission.valueOf(permissionString.toUpperCase());\r
+ }\r
+ }\r
+\r
+ /**\r
+ * The method {@link #getPermissionString(String)} parses a full authority\r
+ * string like\r
+ * "<code>TAXONNODE.READ{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}</code>"and\r
+ * returns the string representation of the CdmPermission "<code>READ</code>"\r
+ * contained in the authority string\r
+ *\r
+ * @param authority\r
+ * @return\r
+ */\r
+ private static String getPermissionString(String authority){\r
+ int lastPoint = authority.lastIndexOf(".");\r
+ int bracket = authority.indexOf("{");\r
+ if (bracket == -1){\r
+ return authority.substring(lastPoint+1);\r
+ }else{\r
+ return authority.substring(lastPoint+1, bracket);\r
+ }\r
+ }\r
+\r
}
\ No newline at end of file
*\r
* The contents of this file are subject to the Mozilla Public License Version 1.1\r
* See LICENSE.TXT at the top of this package for the full license terms.\r
-*/ \r
+*/\r
package eu.etaxonomy.cdm.persistence.hibernate.permission;\r
\r
import java.io.Serializable;\r
public class CdmPermissionEvaluator implements PermissionEvaluator {\r
protected static final Logger logger = Logger.getLogger(CdmPermissionEvaluator.class);\r
\r
- \r
- \r
\r
- public boolean hasPermission(Authentication authentication,\r
- Serializable targetId, String targetType, Object permission) {\r
- logger.info("hasPermission returns false");\r
- // TODO Auto-generated method stub\r
- return false;\r
- }\r
+\r
+\r
+ public boolean hasPermission(Authentication authentication,\r
+ Serializable targetId, String targetType, Object permission) {\r
+ logger.info("hasPermission returns false");\r
+ // TODO Auto-generated method stub\r
+ return false;\r
+ }\r
\r
\r
public boolean hasPermission(Authentication authentication,\r
Object targetDomainObject, Object permission) {\r
- \r
- \r
- AuthorityPermission evalPermission;\r
+\r
+\r
+ AuthorityPermission evalPermission;\r
CdmPermission cdmPermission;\r
- if (!(permission instanceof CdmPermission)){\r
- String permissionString = (String)permission;\r
- if (permissionString.equals("changePassword")){\r
- if (targetDomainObject.equals(((User)authentication.getPrincipal()))){\r
- return true;\r
- }else{\r
- cdmPermission = CdmPermission.ADMIN;\r
- }\r
- }else{\r
- cdmPermission = CdmPermission.valueOf(permissionString);\r
- }\r
- }else {\r
- cdmPermission = (CdmPermission)permission;\r
- }\r
- \r
+ if (!(permission instanceof CdmPermission)){\r
+ String permissionString = (String)permission;\r
+ if (permissionString.equals("changePassword")){\r
+ if (targetDomainObject.equals(((User)authentication.getPrincipal()))){\r
+ return true;\r
+ }else{\r
+ cdmPermission = CdmPermission.ADMIN;\r
+ }\r
+ }else{\r
+ cdmPermission = CdmPermission.valueOf(permissionString);\r
+ }\r
+ }else {\r
+ cdmPermission = (CdmPermission)permission;\r
+ }\r
+\r
Collection<GrantedAuthority> authorities = ((User)authentication.getPrincipal()).getAuthorities();\r
- \r
+\r
try{\r
- //evalPermission = new AuthorityPermission(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, ((CdmBase)targetDomainObject).getUuid());\r
- evalPermission = new AuthorityPermission(targetDomainObject, cdmPermission, ((CdmBase)targetDomainObject).getUuid());\r
+ //evalPermission = new AuthorityPermission(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, ((CdmBase)targetDomainObject).getUuid());\r
+ evalPermission = new AuthorityPermission(targetDomainObject, cdmPermission, ((CdmBase)targetDomainObject).getUuid());\r
}catch(NullPointerException e){\r
- //evalPermission = new AuthorityPermission(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, null);\r
- evalPermission = new AuthorityPermission(targetDomainObject, cdmPermission, null);\r
+ //evalPermission = new AuthorityPermission(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, null);\r
+ evalPermission = new AuthorityPermission(targetDomainObject, cdmPermission, null);\r
+ }\r
+\r
+\r
+ if (evalPermission.className != null) {\r
+ return evalPermission(authorities, evalPermission, (CdmBase) targetDomainObject);\r
+\r
+ }else{\r
+ return true;\r
}\r
- \r
- \r
- if (evalPermission.className != null) {\r
- return evalPermission(authorities, evalPermission,\r
- (CdmBase) targetDomainObject);\r
- \r
- }else{\r
- return true;\r
- }\r
- \r
+\r
}\r
\r
private TaxonNode findTargetUuidInTree(UUID targetUuid, TaxonNode node){\r
\r
public boolean evalPermission(Collection<GrantedAuthority> authorities, AuthorityPermission evalPermission, CdmBase targetDomainObject){\r
\r
- //if user has administrator rights return true;\r
- for (GrantedAuthority authority: authorities){\r
- if (authority.getAuthority().equals("ALL.ADMIN"))return true;\r
- }\r
- \r
- //if targetDomainObject is instance of DescriptionBase or DescriptionElementBase use the DescriptionPermissionEvaluator\r
- if (targetDomainObject instanceof DescriptionElementBase || targetDomainObject instanceof DescriptionBase){\r
- return DescriptionPermissionEvaluator.hasPermission(authorities, targetDomainObject, evalPermission);\r
- }\r
- \r
- \r
- \r
- \r
- \r
- \r
+ //if user has administrator rights return true;\r
+ for (GrantedAuthority authority: authorities){\r
+ if (authority.getAuthority().equals("ALL.ADMIN"))return true;\r
+ }\r
+\r
+ //if targetDomainObject is instance of DescriptionBase or DescriptionElementBase use the DescriptionPermissionEvaluator\r
+ if (targetDomainObject instanceof DescriptionElementBase || targetDomainObject instanceof DescriptionBase){\r
+ return DescriptionPermissionEvaluator.hasPermission(authorities, targetDomainObject, evalPermission);\r
+ }\r
+\r
for (GrantedAuthority authority: authorities){\r
AuthorityPermission authorityPermission= new AuthorityPermission(authority.getAuthority());\r
//evaluate authorities\r
- //if classnames match or the authorityClassName is ALL, AND the permission matches or is ADMIN the evaluation is successful \r
+ //if classnames match or the authorityClassName is ALL, AND the permission matches or is ADMIN the evaluation is successful\r
if ((authorityPermission.className.equals(evalPermission.className) || authorityPermission.className.equals(CdmPermissionClass.ALL))\r
- && (authorityPermission.permission.equals(evalPermission.permission)|| authorityPermission.permission.equals(CdmPermission.ADMIN))){\r
+ && (authorityPermission.permission.equals(evalPermission.permission)|| authorityPermission.permission.equals(CdmPermission.ADMIN))){\r
/* if (authorityPermission.targetUuid != null){\r
//TODO\r
\r
}else{*/\r
- return true;\r
+ return true;\r
//}\r
\r
}\r
- //if authority is restricted to only one object (and the cascaded objects???) \r
+ //if authority is restricted to only one object (and the cascaded objects???)\r
if (authorityPermission.targetUuid != null){\r
if (authorityPermission.targetUuid.equals(((CdmBase)targetDomainObject).getUuid())){\r
if (authorityPermission.permission.equals(evalPermission.permission)){\r
- return true;\r
+ return true;\r
}\r
}\r
}\r
//if the user has the rights for a subtree\r
if (authorityPermission.className.equals(CdmPermissionClass.TAXONBASE) && targetDomainObject.getClass().getSimpleName().toUpperCase().equals("TaxonNode")){\r
- \r
+\r
TaxonNode node = (TaxonNode)targetDomainObject;\r
TaxonNode targetNode = findTargetUuidInTree(authorityPermission.targetUuid, node);\r
if (targetNode != null){\r
if (evalPermission.permission.equals(authorityPermission.permission) ){\r
- return true;\r
+ return true;\r
}\r
}\r
}\r
- \r
+\r
\r
}\r
return false;\r
*\r
* The contents of this file are subject to the Mozilla Public License Version 1.1\r
* See LICENSE.TXT at the top of this package for the full license terms.\r
-*/ \r
+*/\r
package eu.etaxonomy.cdm.persistence.hibernate.permission;\r
\r
import java.util.Collection;\r
import eu.etaxonomy.cdm.model.description.Feature;\r
\r
/**\r
+ * Evaluates permissions ...\r
+ *\r
* @author k.luther\r
* @date 06.07.2011\r
*\r
*/\r
public class DescriptionPermissionEvaluator {\r
- \r
- public static boolean hasPermission(Collection<GrantedAuthority> authorities,\r
- Object targetDomainObject, AuthorityPermission evalPermission) {\r
- Feature feature = null;\r
- String authorityString;\r
- AuthorityPermission authorityPermission;\r
- \r
- \r
- if (targetDomainObject instanceof DescriptionElementBase){\r
- feature = ((DescriptionElementBase)targetDomainObject).getFeature();\r
- } \r
- \r
- for (GrantedAuthority authority: authorities){\r
- \r
- authorityString = authority.getAuthority();\r
- authorityPermission = new AuthorityPermission(authorityString);\r
- \r
- if (targetDomainObject instanceof DescriptionElementBase){\r
- try{\r
- //check for a special feature\r
- if (feature != null){\r
- if (authorityString.contains(feature.getLabel()) && (evalPermission.permission.equals(authorityPermission.permission) || authorityPermission.equals(CdmPermission.ADMIN))){\r
- return true;\r
- } else if (authorityPermission.className.equals(CdmPermissionClass.DESCRIPTIONBASE)) {\r
- if (evalPermission.permission.equals(authorityPermission.permission) ){\r
- return true;\r
- } else if (authorityPermission.permission.equals(CdmPermission.ADMIN)){\r
- return true;\r
- }\r
- }\r
- }\r
- }catch(Exception e){\r
- //in tests the initialisation of terms like features fails...\r
- if (org.hibernate.ObjectNotFoundException.class.isInstance(e)){\r
- if (evalPermission.permission.equals(authorityPermission.permission)|| authorityPermission.permission.equals(CdmPermission.ADMIN)){\r
- return true;\r
- }\r
- }else {\r
- return false;\r
- }\r
- \r
- }\r
- //the user has the general right for descriptions\r
- if (authorityPermission.className.equals(CdmPermissionClass.DESCRIPTIONBASE)){\r
- //no special feature\r
- if (authority.getAuthority().lastIndexOf(".") == authority.getAuthority().indexOf(".") && (authorityPermission.className.equals(evalPermission.permission) || authorityPermission.equals(CdmPermission.ADMIN))){\r
- return true;\r
- }\r
- }\r
- } else{\r
- if (authorityPermission.getClassName().equals(CdmPermissionClass.DESCRIPTIONBASE) && authorityPermission.permission.equals(evalPermission.permission)){\r
- return true;\r
- }\r
- }\r
- }\r
- \r
- return false;\r
- }\r
- \r
- \r
- /*public static boolean hasPermission (Collection<GrantedAuthority> authorities,\r
- DescriptionBase targetDomainObject, AuthorityPermission evalPermission){\r
- Set<DescriptionElementBase> elements = targetDomainObject.getElements();\r
- \r
- for (GrantedAuthority authority :authorities){\r
- if (authority.getAuthority().contains(CdmPermissionClass.DESCRIPTIONBASE.toString())){\r
- if (authority.getAuthority().lastIndexOf(".") == authority.getAuthority().indexOf(".") && authority.getAuthority().contains(evalPermission.permission.toString())){\r
- return true;\r
- }else{\r
- //TODO: das stimmt noch nicht so ganz!!!\r
- for (DescriptionElementBase element: elements){\r
- if (authority.getAuthority().contains(element.getFeature().getLabel()) && authority.getAuthority().contains(evalPermission.permission.toString())){\r
- return true;\r
- }\r
- }\r
- }\r
- }\r
- }\r
- \r
- \r
- return false;\r
- \r
- }*/\r
+\r
+ public static boolean hasPermission(Collection<GrantedAuthority> authorities,\r
+ Object targetDomainObject, AuthorityPermission evalPermission) {\r
+ Feature feature = null;\r
+ String authorityString;\r
+ AuthorityPermission authorityPermission;\r
+\r
+\r
+ if (targetDomainObject instanceof DescriptionElementBase){\r
+ feature = ((DescriptionElementBase)targetDomainObject).getFeature();\r
+ }\r
+\r
+ for (GrantedAuthority authority: authorities){\r
+\r
+ authorityString = authority.getAuthority();\r
+ authorityPermission = new AuthorityPermission(authorityString);\r
+\r
+ if (targetDomainObject instanceof DescriptionElementBase){\r
+ try{\r
+ //check for a special feature\r
+ if (feature != null){\r
+ if (authorityString.contains(feature.getLabel()) && (evalPermission.permission.equals(authorityPermission.permission) || authorityPermission.equals(CdmPermission.ADMIN))){\r
+ return true;\r
+ } else if (authorityPermission.className.equals(CdmPermissionClass.DESCRIPTIONBASE)) {\r
+ if (evalPermission.permission.equals(authorityPermission.permission) ){\r
+ return true;\r
+ } else if (authorityPermission.permission.equals(CdmPermission.ADMIN)){\r
+ return true;\r
+ }\r
+ }\r
+ }\r
+ }catch(Exception e){\r
+ //in tests the initialisation of terms like features fails...\r
+ if (org.hibernate.ObjectNotFoundException.class.isInstance(e)){\r
+ if (evalPermission.permission.equals(authorityPermission.permission)|| authorityPermission.permission.equals(CdmPermission.ADMIN)){\r
+ return true;\r
+ }\r
+ }else {\r
+ return false;\r
+ }\r
+\r
+ }\r
+ //the user has the general right for descriptions\r
+ if (authorityPermission.className.equals(CdmPermissionClass.DESCRIPTIONBASE)){\r
+ //no special feature\r
+ if (authority.getAuthority().lastIndexOf(".") == authority.getAuthority().indexOf(".") && (authorityPermission.className.equals(evalPermission.permission) || authorityPermission.equals(CdmPermission.ADMIN))){\r
+ return true;\r
+ }\r
+ }\r
+ } else{\r
+ if (authorityPermission.getClassName().equals(CdmPermissionClass.DESCRIPTIONBASE) && authorityPermission.permission.equals(evalPermission.permission)){\r
+ return true;\r
+ }\r
+ }\r
+ }\r
+\r
+ return false;\r
+ }\r
+\r
+\r
+ /*public static boolean hasPermission (Collection<GrantedAuthority> authorities,\r
+ DescriptionBase targetDomainObject, AuthorityPermission evalPermission){\r
+ Set<DescriptionElementBase> elements = targetDomainObject.getElements();\r
+\r
+ for (GrantedAuthority authority :authorities){\r
+ if (authority.getAuthority().contains(CdmPermissionClass.DESCRIPTIONBASE.toString())){\r
+ if (authority.getAuthority().lastIndexOf(".") == authority.getAuthority().indexOf(".") && authority.getAuthority().contains(evalPermission.permission.toString())){\r
+ return true;\r
+ }else{\r
+ //TODO: das stimmt noch nicht so ganz!!!\r
+ for (DescriptionElementBase element: elements){\r
+ if (authority.getAuthority().contains(element.getFeature().getLabel()) && authority.getAuthority().contains(evalPermission.permission.toString())){\r
+ return true;\r
+ }\r
+ }\r
+ }\r
+ }\r
+ }\r
+\r
+\r
+ return false;\r
+\r
+ }*/\r
}\r
@Transactional\r
@Ignore\r
public class SecurityWithTransaction {\r
- private static final Logger logger = Logger\r
- .getLogger(SecurityWithTransaction.class);\r
+ private static final Logger logger = Logger.getLogger(SecurityWithTransaction.class);\r
\r
@SpringBeanByName\r
private ITaxonService taxonService;\r
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator();\r
assertFalse(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));\r
node = node.getChildNodes().iterator().next();\r
+\r
System.err.println(node.getUuid());\r
+\r
assertTrue(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));\r
node = node.getChildNodes().iterator().next();\r
assertTrue(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));\r
<!-- <PERMISSIONGROUP_GRANTEDAUTHORITYIMPL PERMISSIONGROUP_ID="3" GRANTEDAUTHORITIES_ID="10"/> -->\r
\r
\r
- <GRANTEDAUTHORITYIMPL ID="1" UUID="441a3c40-0c84-11de-8c30-0800200c9a66" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.READ"/>\r
- <GRANTEDAUTHORITYIMPL ID="2" UUID="14788361-1a7e-4eed-b22f-fd90a0b424ac" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.UPDATE"/>\r
- <GRANTEDAUTHORITYIMPL ID="3" UUID="fa56073c-0ffd-4384-b459-b2f07e35b689" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.CREATE"/>\r
- <GRANTEDAUTHORITYIMPL ID="4" UUID="e5354c0e-657b-4b4d-bb2f-791612199711" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.DELETE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="1" UUID="441a3c40-0c84-11de-8c30-0800200c9a66" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.READ"/>\r
+ <GRANTEDAUTHORITYIMPL ID="2" UUID="14788361-1a7e-4eed-b22f-fd90a0b424ac" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.UPDATE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="3" UUID="fa56073c-0ffd-4384-b459-b2f07e35b689" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.CREATE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="4" UUID="e5354c0e-657b-4b4d-bb2f-791612199711" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.DELETE"/>\r
<GRANTEDAUTHORITYIMPL ID="10" UUID="2fbcbdd4-97f0-4561-b635-1e479dd00375" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONBASE.ADMIN"/>\r
- <GRANTEDAUTHORITYIMPL ID="5" UUID="9eabd2c6-0590-4a1e-95f5-99cc58b63aa7" CREATED="2009-02-03 17:52:26.0" AUTHORITY="ALL.ADMIN"/>\r
- <GRANTEDAUTHORITYIMPL ID="7" UUID="2fc19d6c-a227-41d8-94e4-7c31accebc26" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.UPDATE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="5" UUID="9eabd2c6-0590-4a1e-95f5-99cc58b63aa7" CREATED="2009-02-03 17:52:26.0" AUTHORITY="ALL.ADMIN"/>\r
+ <GRANTEDAUTHORITYIMPL ID="7" UUID="2fc19d6c-a227-41d8-94e4-7c31accebc26" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.UPDATE"/>\r
<GRANTEDAUTHORITYIMPL ID="13" UUID="2883374b-9556-4f3b-9b17-08fdf3d4bba6" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.CREATE"/>\r
- <GRANTEDAUTHORITYIMPL ID="11" UUID="fc8088cf-cf96-42b6-9aa5-7c1ec5ccf145" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.Ecology.UPDATE"/>\r
- <GRANTEDAUTHORITYIMPL ID="12" UUID="8d131171-d281-4911-a960-16992de384c7" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.Ecology.CREATE"/>\r
- <GRANTEDAUTHORITYIMPL ID="8" UUID="45b40e93-88b0-40eb-92a4-ffdd8f1d7bc3" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONNODE.UPDATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}"/>\r
- <GRANTEDAUTHORITYIMPL ID="9" UUID="8696ef0f-e98c-4842-b9d2-456b82584c25" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONNODE.CREATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}"/>\r
+ <GRANTEDAUTHORITYIMPL ID="11" UUID="fc8088cf-cf96-42b6-9aa5-7c1ec5ccf145" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.Ecology.UPDATE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="12" UUID="8d131171-d281-4911-a960-16992de384c7" CREATED="2009-02-03 17:52:26.0" AUTHORITY="DESCRIPTIONBASE.Ecology.CREATE"/>\r
+ <GRANTEDAUTHORITYIMPL ID="8" UUID="45b40e93-88b0-40eb-92a4-ffdd8f1d7bc3" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONNODE.UPDATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}"/>\r
+ <GRANTEDAUTHORITYIMPL ID="9" UUID="8696ef0f-e98c-4842-b9d2-456b82584c25" CREATED="2009-02-03 17:52:26.0" AUTHORITY="TAXONNODE.CREATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}"/>\r
\r
<USERACCOUNT USERNAME="ben" ID="1" CREATED="2009-06-18 13:47:59.0" UUID="e4acf200-63b6-11dd-ad8b-0800200c9a66" PASSWORD="e141bbb8bb7f4579aa3156fdbe0d1226" ENABLED="true" ACCOUNTNONEXPIRED="true" CREDENTIALSNONEXPIRED="true" ACCOUNTNONLOCKED="true"/>\r
<USERACCOUNT USERNAME="descriptionEditor" ID="2" CREATED="2009-06-18 13:47:59.0" UUID="49efface-4c2b-40d2-84bb-e3915c0e77b1" PASSWORD="d211b476c3f3795f801c959fb9671b0c" ENABLED="true" ACCOUNTNONEXPIRED="true" CREDENTIALSNONEXPIRED="true" ACCOUNTNONLOCKED="true"/>\r