Project

General

Profile

« Previous | Next » 

Revision 928ee151

Added by Niels Hoffmann almost 13 years ago

Changed CdmPermission to use "update" instead of "edit" for consistency reasons; Added a comment about getting authorities from a user's groups;

View differences:

cdmlib-model/src/main/java/eu/etaxonomy/cdm/permission/CdmPermission.java
2 2

  
3 3

  
4 4
public enum CdmPermission {
5
	CREATE, READ, DELETE, EDIT, PUBLISH, ANNOTATE , CHECKANNOTATION;
5
	CREATE, READ, UPDATE, DELETE, PUBLISH, ANNOTATE , CHECKANNOTATION;
6 6
	
7 7
}
8 8

  
cdmlib-model/src/main/java/eu/etaxonomy/cdm/permission/CdmPermissionEvaluator.java
58 58
		String permissionString = (String)permission;
59 59
		
60 60
		Collection<GrantedAuthority> authorities = authentication.getAuthorities();
61
		// FIXME this should not be necessary. See User.initAuthorities() and User.getAuthorities(); a User object should always 
62
		// return all GrantedAuthorities including its groups authorities. If that is not working correctly please fix it.
61 63
		Set<Group> groups =((User)authentication.getPrincipal()).getGroups();
62 64
		Set<GrantedAuthority> groupAuthorities = new HashSet<GrantedAuthority>();
63 65
		for (Group group: groups){
64 66
			groupAuthorities.addAll(group.getGrantedAuthorities());
65 67
		}
66 68
		groupAuthorities.addAll(authorities);
67
		
69
		// FIXME END
68 70
		
69 71
		AuthorityPermission evalPermission = new AuthorityPermission(targetDomainObject.getClass().getSimpleName().toUpperCase(), CdmPermission.valueOf(permissionString), ((CdmBase)targetDomainObject).getUuid());
70 72
		
cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/UserService.java
189 189
	}
190 190

  
191 191
	@Transactional(readOnly=false)
192
	@PreAuthorize("hasPermission(#user, 'EDIT')")
192
	@PreAuthorize("hasPermission(#user, 'UPDATE')")
193 193
	public void updateUser(UserDetails user) {
194 194
		Assert.isInstanceOf(User.class, user);
195 195
		
cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/UserServiceImplTest.java
22 22
import org.joda.time.DateTime;
23 23
import org.junit.Assert;
24 24
import org.junit.Before;
25
import org.junit.Ignore;
26 25
import org.junit.Test;
27 26
import org.junit.runner.RunWith;
28

  
29

  
30 27
import org.springframework.beans.factory.annotation.Autowired;
31 28
import org.springframework.beans.factory.annotation.Qualifier;
32 29
import org.springframework.security.access.PermissionEvaluator;
......
37 34
import org.springframework.security.core.context.SecurityContext;
38 35
import org.springframework.security.core.context.SecurityContextHolder;
39 36
import org.springframework.test.context.ContextConfiguration;
40

  
41 37
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
42
import org.springframework.test.context.transaction.TransactionConfiguration;
43
import org.springframework.transaction.PlatformTransactionManager;
44 38
import org.springframework.transaction.annotation.Transactional;
45

  
46 39
import org.unitils.database.annotations.TestDataSource;
47 40
import org.unitils.dbunit.annotation.DataSet;
48
import org.unitils.spring.annotation.SpringBean;
49
import org.unitils.spring.annotation.SpringBeanByName;
50
import org.unitils.spring.annotation.SpringBeanByType;
51 41

  
52 42
import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl;
53
import eu.etaxonomy.cdm.model.common.Group;
54 43
import eu.etaxonomy.cdm.model.common.User;
55
import eu.etaxonomy.cdm.model.name.BotanicalName;
56
import eu.etaxonomy.cdm.model.name.Rank;
57
import eu.etaxonomy.cdm.model.taxon.Taxon;
58
import eu.etaxonomy.cdm.permission.CdmPermission;
59 44
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator;
60 45
import eu.etaxonomy.cdm.persistence.query.MatchMode;
61
import eu.etaxonomy.cdm.test.integration.CdmIntegrationTest;
62 46

  
63 47

  
64 48
@RunWith(SpringJUnit4ClassRunner.class)
......
98 82
		
99 83
		expectedRoles = new HashSet<GrantedAuthority>();
100 84
		
101
		GrantedAuthorityImpl edit = GrantedAuthorityImpl.NewInstance();
102
		edit.setAuthority("USER.Edit");
103
		edit.setUuid(UUID.fromString("14788361-1a7e-4eed-b22f-fd90a0b424ac"));
104
		edit.setCreated(new DateTime(2009,2,3,17,52,26,0));
85
		GrantedAuthorityImpl update = GrantedAuthorityImpl.NewInstance();
86
		update.setAuthority("USER.Update");
87
		update.setUuid(UUID.fromString("14788361-1a7e-4eed-b22f-fd90a0b424ac"));
88
		update.setCreated(new DateTime(2009,2,3,17,52,26,0));
105 89
		GrantedAuthorityImpl annotate = GrantedAuthorityImpl.NewInstance();
106 90
		annotate.setAuthority("USER.Create");
107 91
		annotate.setUuid(UUID.fromString("fa56073c-0ffd-4384-b459-b2f07e35b689"));
......
111 95
		checkAnnotation.setUuid(UUID.fromString("e5354c0e-657b-4b4d-bb2f-791612199711"));
112 96
		checkAnnotation.setCreated(new DateTime(2009,2,3,17,52,26,0));
113 97
		
114
		expectedRoles.add(edit);
98
		expectedRoles.add(update);
115 99
		expectedRoles.add(annotate);
116 100
		expectedRoles.add(checkAnnotation);
117 101
		String username = "useradmin";

Also available in: Unified diff