You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ma...@apache.org on 2020/11/26 21:20:35 UTC
[archiva-redback-core] 05/05: Switching to role id for
userassignment
This is an automated email from the ASF dual-hosted git repository.
martin_s pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/archiva-redback-core.git
commit f86d7396248a1d467d1047a0217778b50311b0b6
Author: Martin Stockhammer <ma...@apache.org>
AuthorDate: Thu Nov 26 22:20:10 2020 +0100
Switching to role id for userassignment
---
.../security/LockedAdminEnvironmentCheck.java | 2 +-
.../security/role/RedbackRoleConstants.java | 1 +
.../services/DefaultRoleManagementService.java | 35 ++++--
.../rest/services/v2/BaseRedbackService.java | 2 +-
.../rest/services/v2/DefaultUserService.java | 14 +--
.../rest/services/v2/NativeGroupServiceTest.java | 5 +-
.../rest/services/v2/NativeRoleServiceTest.java | 56 +++++++++
.../archiva/redback/rbac/AbstractRBACManager.java | 24 ++--
.../redback/rbac/AbstractUserAssignment.java | 28 +++++
.../apache/archiva/redback/rbac/RBACManager.java | 4 +-
.../archiva/redback/rbac/RBACObjectAssertions.java | 6 +-
.../archiva/redback/rbac/UserAssignment.java | 17 ++-
.../redback/rbac/cached/CachedRbacManager.java | 4 +-
.../archiva/redback/rbac/jpa/JpaRbacManager.java | 6 +-
.../redback/rbac/jpa/model/JpaUserAssignment.java | 23 +++-
.../archiva/redback/rbac/ldap/LdapRbacManager.java | 127 +++++++++++++++++----
.../redback/rbac/memory/MemoryRbacManager.java | 8 +-
.../redback/rbac/memory/MemoryUserAssignment.java | 17 +++
.../archiva/redback/role/DefaultRoleManager.java | 35 +++---
.../redback/role/AbstractRoleManagerTest.java | 8 +-
.../AbstractRbacManagerPerformanceTestCase.java | 12 +-
.../redback/tests/AbstractRbacManagerTestCase.java | 69 +++++------
.../archiva/redback/tests/utils/RBACDefaults.java | 4 +
23 files changed, 368 insertions(+), 139 deletions(-)
diff --git a/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/LockedAdminEnvironmentCheck.java b/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/LockedAdminEnvironmentCheck.java
index 3580637..3494823 100644
--- a/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/LockedAdminEnvironmentCheck.java
+++ b/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/LockedAdminEnvironmentCheck.java
@@ -74,7 +74,7 @@ public class LockedAdminEnvironmentCheck
if ( !checked && !userManager.isReadOnly() )
{
List<String> roles = new ArrayList<String>();
- roles.add( RedbackRoleConstants.SYSTEM_ADMINISTRATOR_ROLE );
+ roles.add( RedbackRoleConstants.SYSTEM_ADMINISTRATOR_ROLE_ID );
List<? extends UserAssignment> systemAdminstrators;
try
diff --git a/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java b/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
index 44c9fd2..7ffb1a8 100644
--- a/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
+++ b/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
@@ -31,6 +31,7 @@ public interface RedbackRoleConstants
// roles
public static final String SYSTEM_ADMINISTRATOR_ROLE = "System Administrator";
+ public static final String SYSTEM_ADMINISTRATOR_ROLE_ID = "system-administrator";
public static final String USER_ADMINISTRATOR_ROLE = "User Administrator";
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultRoleManagementService.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultRoleManagementService.java
index 40ec9a3..6f936f6 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultRoleManagementService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultRoleManagementService.java
@@ -60,7 +60,9 @@ import java.util.Comparator;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Optional;
import java.util.Set;
+import java.util.stream.Collectors;
/**
* @author Olivier Lamy
@@ -390,13 +392,14 @@ public class DefaultRoleManagementService
org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( roleName );
Role role = new Role( rbacRole );
- Map<String, ? extends org.apache.archiva.redback.rbac.Role> parentRoles = rbacManager.getParentRoleNames( rbacRole );
- for ( String parentRoleName : parentRoles.keySet() )
+ Map<String, ? extends org.apache.archiva.redback.rbac.Role> parentRoleIds = rbacManager.getParentRoleIds( rbacRole );
+ for ( String parentRoleId : parentRoleIds.keySet() )
{
- role.getParentRoleNames().add( parentRoleName );
+ org.apache.archiva.redback.rbac.Role rbacParentRole = rbacManager.getRoleById( parentRoleId );
+ role.getParentRoleNames().add( rbacParentRole.getName() );
}
- List<? extends UserAssignment> userAssignments = rbacManager.getUserAssignmentsForRoles( Arrays.asList( roleName ) );
+ List<? extends UserAssignment> userAssignments = rbacManager.getUserAssignmentsForRoles( Arrays.asList( rbacRole.getId() ) );
if ( userAssignments != null )
{
@@ -417,7 +420,7 @@ public class DefaultRoleManagementService
if ( !role.getParentRoleNames().isEmpty() )
{
List<? extends UserAssignment> userParentAssignments =
- rbacManager.getUserAssignmentsForRoles( parentRoles.keySet() );
+ rbacManager.getUserAssignmentsForRoles( parentRoleIds.keySet() );
if ( userParentAssignments != null )
{
for ( UserAssignment userAssignment : userParentAssignments )
@@ -507,7 +510,8 @@ public class DefaultRoleManagementService
assignment = rbacManager.createUserAssignment( username );
}
- assignment.addRoleName( role.getName() );
+ org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( role.getName( ) );
+ assignment.addRoleId( rbacRole.getId() );
assignment = rbacManager.saveUserAssignment( assignment );
log.info( "{} role assigned to {}", role.getName(), username );
}
@@ -548,7 +552,8 @@ public class DefaultRoleManagementService
assignment = rbacManager.createUserAssignment( username );
}
- assignment.removeRoleName( role.getName() );
+ org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( role.getName( ) );
+ assignment.removeRoleId( rbacRole.getId() );
assignment = rbacManager.saveUserAssignment( assignment );
log.info( "{} role unassigned to {}", role.getName(), username );
}
@@ -724,10 +729,18 @@ public class DefaultRoleManagementService
{
assignment = rbacManager.createUserAssignment( username );
}
-
- assignment.setRoleNames( user.getAssignedRoles() );
-
- assignment = rbacManager.saveUserAssignment( assignment );
+ List<String> assignedRoleIds = user.getAssignedRoles().stream().map(roleName -> {
+ try
+ {
+ return Optional.of( rbacManager.getRole( roleName ).getId( ) );
+ }
+ catch ( RbacManagerException e )
+ {
+ return Optional.<String>empty( );
+ }
+ } ).filter( Optional::isPresent ).map(Optional::get).collect( Collectors.toList());
+ assignment.setRoleIds( assignedRoleIds );
+ rbacManager.saveUserAssignment( assignment );
}
catch ( RbacManagerException e )
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/BaseRedbackService.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/BaseRedbackService.java
index 63318bb..4dc9ab3 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/BaseRedbackService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/BaseRedbackService.java
@@ -86,7 +86,7 @@ public class BaseRedbackService
{
try
{
- return rbacManager.getUserAssignmentsForRoles( recurseRoles( rbacRole ).map( role -> role.getName( ) ).collect( Collectors.toList( ) ) )
+ return rbacManager.getUserAssignmentsForRoles( recurseRoles( rbacRole ).map( role -> role.getId( ) ).collect( Collectors.toList( ) ) )
.stream( ).map( assignment -> getUserInfo( assignment.getPrincipal( ) ) ).collect( Collectors.toList( ) );
}
catch ( RuntimeException e )
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
index 5561d5c..f32d595 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
@@ -984,20 +984,20 @@ public class DefaultUserService extends BaseRedbackService
try
{
- final Set<String> assignedRoleNames = new HashSet( rbacManager.getUserAssignment( username ).getRoleNames( ) );
+ final Set<String> assignedRoleIds = new HashSet( rbacManager.getUserAssignment( username ).getRoleIds( ) );
// We have to reuse the BaseRoleInfo objects, because the roles are not returned starting from the roots
- final Map<String, BaseRoleInfo> roleNameCache = new HashMap<>( );
+ final Map<String, BaseRoleInfo> roleIdCache = new HashMap<>( );
List<BaseRoleInfo> roleList = rbacManager.getAllRoles( ).stream( ).flatMap( this::flattenRole ).map( role ->
{
- BaseRoleInfo roleInfo = roleNameCache.computeIfAbsent( role.getName( ), s -> new BaseRoleInfo( ) );
+ BaseRoleInfo roleInfo = roleIdCache.computeIfAbsent( role.getId( ), s -> new BaseRoleInfo( ) );
// Setting the role data, as there may be child role objects that are not completely initialized
roleInfo = BaseRoleInfo.of( role, roleInfo );
roleInfo.setApplicationId( roleApplicationMap.get( role.getId( ) ) );
- roleInfo.setAssigned( assignedRoleNames.contains( role.getName( ) ) );
- roleInfo.setChildren( role.getChildRoleNames( ).stream( )
- .map( roleName ->
+ roleInfo.setAssigned( assignedRoleIds.contains( role.getId( ) ) );
+ roleInfo.setChildren( role.getChildRoleIds( ).stream( )
+ .map( roleId ->
{
- BaseRoleInfo childRoleInfo = roleNameCache.computeIfAbsent( roleName, s -> BaseRoleInfo.ofName( roleName ) );
+ BaseRoleInfo childRoleInfo = roleIdCache.computeIfAbsent( roleId, s -> BaseRoleInfo.ofId( roleId ) );
childRoleInfo.setChild( true );
return childRoleInfo;
} )
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeGroupServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeGroupServiceTest.java
index 96d25dd..5e8e855 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeGroupServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeGroupServiceTest.java
@@ -22,6 +22,7 @@ import io.restassured.filter.log.UrlDecoder;
import io.restassured.http.ContentType;
import io.restassured.response.Response;
import org.apache.archiva.components.apacheds.ApacheDs;
+import org.apache.archiva.redback.rest.api.Constants;
import org.apache.archiva.redback.rest.api.model.Group;
import org.apache.archiva.redback.rest.api.model.v2.GroupMapping;
import org.apache.archiva.redback.rest.services.BaseSetup;
@@ -323,7 +324,7 @@ public class NativeGroupServiceTest extends AbstractNativeRestServices
List<Group> data = response.body( ).jsonPath( ).getList( "data", Group.class );
assertNotNull( data );
assertEquals( Integer.valueOf( 0 ), response.body( ).jsonPath( ).get( "pagination.offset" ) );
- assertEquals( Integer.valueOf( 1000 ), response.body( ).jsonPath( ).get( "pagination.limit" ) );
+ assertEquals( Integer.valueOf( Constants.DEFAULT_PAGE_LIMIT ), response.body( ).jsonPath( ).get( "pagination.limit" ) );
assertEquals( Integer.valueOf( 6 ), response.body( ).jsonPath( ).get( "pagination.total_count" ) );
assertEquals( 6, data.size( ) );
String[] values = data.stream( ).map( ldapInfo -> ldapInfo.getName( ) ).sorted( ).collect( Collectors.toList( ) ).toArray( new String[0] );
@@ -363,7 +364,7 @@ public class NativeGroupServiceTest extends AbstractNativeRestServices
List<Group> data = response.body( ).jsonPath( ).getList( "data", Group.class );
assertNotNull( data );
assertEquals( Integer.valueOf( 2 ), response.body( ).jsonPath( ).get( "pagination.offset" ) );
- assertEquals( Integer.valueOf( 1000 ), response.body( ).jsonPath( ).get( "pagination.limit" ) );
+ assertEquals( Integer.valueOf( Constants.DEFAULT_PAGE_LIMIT ), response.body( ).jsonPath( ).get( "pagination.limit" ) );
assertEquals( Integer.valueOf( 6 ), response.body( ).jsonPath( ).get( "pagination.total_count" ) );
assertEquals( 4, data.size( ) );
String[] values = data.stream( ).map( ldapInfo -> ldapInfo.getName( ) ).sorted( ).collect( Collectors.toList( ) ).toArray( new String[0] );
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeRoleServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeRoleServiceTest.java
index 863b871..b62b4fa 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeRoleServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeRoleServiceTest.java
@@ -664,5 +664,61 @@ public class NativeRoleServiceTest extends AbstractNativeRestServices
}
}
+ @Test
+ void unAssignTemplatedRole( )
+ {
+ String token = getAdminToken( );
+ Map<String, Object> jsonAsMap = new HashMap<>( );
+ jsonAsMap.put( "user_id", "aragorn" );
+ jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+ jsonAsMap.put( "full_name", "Aragorn King of Gondor " );
+ jsonAsMap.put( "password", "pAssw0rD" );
+
+ try
+ {
+ given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .put( "template/archiva-repository-manager/repository12" )
+ .then( ).statusCode( 201 );
+ given( ).spec( getRequestSpec( token, getUserServicePath( ) ) ).contentType( JSON )
+ .body( jsonAsMap )
+ .when( )
+ .post( )
+ .then( ).statusCode( 201 );
+ given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .put( "template/archiva-repository-manager/repository12/user/aragorn" )
+ .then( ).statusCode( 200 );
+ Response response = given( ).spec( getRequestSpec( token, getUserServicePath( ) ) ).contentType( JSON )
+ .when( )
+ .get( "aragorn/roles" )
+ .then( ).statusCode( 200 ).extract( ).response( );
+ List<RoleInfo> roles = response.getBody( ).jsonPath( ).getList( "", RoleInfo.class );
+ assertTrue( roles.stream( ).filter( role -> "archiva-repository-manager.repository12".equals( role.getId( ) ) ).findAny( ).isPresent( ) );
+ given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .delete( "archiva-repository-manager.repository12/user/aragorn" )
+ .then( ).statusCode( 200 );
+ response = given( ).spec( getRequestSpec( token, getUserServicePath( ) ) ).contentType( JSON )
+ .when( )
+ .get( "aragorn/roles" )
+ .then( ).statusCode( 200 ).extract( ).response( );
+ roles = response.getBody( ).jsonPath( ).getList( "", RoleInfo.class );
+ assertFalse( roles.stream( ).filter( role -> "archiva-repository-manager.repository12".equals( role.getId( ) ) ).findAny( ).isPresent( ) );
+ }
+ finally
+ {
+ given( ).spec( getRequestSpec( token, getUserServicePath( ) ) ).contentType( JSON )
+ .when( )
+ .delete( "aragorn" ).then().statusCode( 200 );
+ given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .delete( "template/archiva-repository-manager/repository12" ).then().statusCode( 200 );
+ given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .delete( "template/archiva-repository-observer/repository12" ).then().statusCode( 200 );
+
+ }
+ }
}
diff --git a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java
index bdecd29..656a05b 100644
--- a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java
+++ b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java
@@ -432,17 +432,17 @@ public abstract class AbstractRBACManager
Set<Permission> permissionSet = new HashSet<Permission>();
- if ( ua.getRoleNames() != null )
+ if ( ua.getRoleIds() != null )
{
boolean childRoleNamesUpdated = false;
- Iterator<String> it = ua.getRoleNames().listIterator();
+ Iterator<String> it = ua.getRoleIds().listIterator();
while ( it.hasNext() )
{
- String roleName = it.next();
+ String roleId = it.next();
try
{
- Role role = getRole( roleName );
+ Role role = getRoleById( roleId );
gatherUniquePermissions( role, permissionSet );
}
catch ( RbacObjectNotFoundException e )
@@ -563,17 +563,17 @@ public abstract class AbstractRBACManager
{
Set<Role> roleSet = new HashSet<Role>();
- if ( ua.getRoleNames() != null )
+ if ( ua.getRoleIds() != null )
{
boolean childRoleNamesUpdated = false;
- Iterator<String> it = ua.getRoleNames().listIterator();
+ Iterator<String> it = ua.getRoleIds().listIterator();
while ( it.hasNext() )
{
- String roleName = it.next();
+ String roleId = it.next();
try
{
- Role role = getRole( roleName );
+ Role role = getRoleById( roleId );
if ( !roleSet.contains( role ) )
{
@@ -650,17 +650,17 @@ public abstract class AbstractRBACManager
{
Set<Role> roleSet = new HashSet<Role>();
- if ( ua != null && ua.getRoleNames() != null )
+ if ( ua != null && ua.getRoleIds() != null )
{
boolean childRoleNamesUpdated = false;
- Iterator<String> it = ua.getRoleNames().listIterator();
+ Iterator<String> it = ua.getRoleIds().listIterator();
while ( it.hasNext() )
{
- String roleName = it.next();
+ String roleId = it.next();
try
{
- Role role = getRole( roleName );
+ Role role = getRoleById( roleId );
gatherEffectiveRoles( role, roleSet );
}
diff --git a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractUserAssignment.java b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractUserAssignment.java
index 80dabf0..8b8d194 100644
--- a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractUserAssignment.java
+++ b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractUserAssignment.java
@@ -33,6 +33,12 @@ public abstract class AbstractUserAssignment
addRoleName( role.getName() );
}
+ @Override
+ public void addRoleId( Role role )
+ {
+ addRoleId( role.getId( ) );
+ }
+
public void addRoleName( String roleName )
{
List<String> names = getRoleNames();
@@ -43,6 +49,16 @@ public abstract class AbstractUserAssignment
setRoleNames( names );
}
+ @Override
+ public void addRoleId( String roleId )
+ {
+ final List<String> ids = getRoleIds( );
+ if (!ids.contains( roleId )) {
+ ids.add( roleId );
+ }
+ setRoleIds( ids );
+ }
+
public void removeRoleName( Role role )
{
removeRoleName( role.getName() );
@@ -52,4 +68,16 @@ public abstract class AbstractUserAssignment
{
getRoleNames().remove( roleName );
}
+
+ @Override
+ public void removeRoleId( Role role )
+ {
+ removeRoleId( role.getId() );
+ }
+
+ @Override
+ public void removeRoleId( String roleId )
+ {
+ getRoleIds( ).remove( roleId );
+ }
}
diff --git a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACManager.java b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACManager.java
index 16ac43d..289371b 100644
--- a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACManager.java
+++ b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACManager.java
@@ -433,10 +433,10 @@ public interface RBACManager
/**
* Returns the assignments for the given roles
- * @param roleNames collection of role names
+ * @param roleIds collection of role names
* @throws RbacManagerException if the access to the backend datastore failed
*/
- List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
+ List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleIds )
throws RbacManagerException;
/**
diff --git a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACObjectAssertions.java b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACObjectAssertions.java
index 560b0f1..16bb780 100644
--- a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACObjectAssertions.java
+++ b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/RBACObjectAssertions.java
@@ -140,7 +140,7 @@ public class RBACObjectAssertions
throw new RbacObjectInvalidException( scope, "UserAssigment.principal cannot be empty." );
}
- if ( assignment.getRoleNames() == null )
+ if ( assignment.getRoleIds() == null )
{
throw new RbacObjectInvalidException( scope, "UserAssignment.roles cannot be null." );
}
@@ -153,11 +153,11 @@ public class RBACObjectAssertions
}
*/
int i = 0;
- for ( String name : assignment.getRoleNames() )
+ for ( String name : assignment.getRoleIds() )
{
if ( StringUtils.isEmpty( name ) )
{
- throw new RbacObjectInvalidException( scope, "UserAssignment.rolename[" + i + "] cannot be empty." );
+ throw new RbacObjectInvalidException( scope, "UserAssignment.roleid[" + i + "] cannot be empty." );
}
i++;
}
diff --git a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/UserAssignment.java b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/UserAssignment.java
index 6d68c0a..5d1b974 100644
--- a/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/UserAssignment.java
+++ b/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/UserAssignment.java
@@ -48,7 +48,9 @@ public interface UserAssignment
* @return List of <{@link String}> objects representing the Role Names.
*/
List<String> getRoleNames();
-
+
+ List<String> getRoleIds();
+
/**
* Add a rolename to this assignment.
*
@@ -62,6 +64,13 @@ public interface UserAssignment
* @param roleName the role name.
*/
void addRoleName( String roleName );
+
+ void addRoleId( Role role );
+ /**
+ * Adds a role id to this assignment
+ * @param roleId
+ */
+ void addRoleId( String roleId );
/**
* Remove a rolename from this assignment.
@@ -77,6 +86,10 @@ public interface UserAssignment
*/
void removeRoleName( String roleName );
+ void removeRoleId( Role role );
+
+ void removeRoleId( String roleId );
+
/**
* Set the user principal object for this association.
*
@@ -92,6 +105,8 @@ public interface UserAssignment
* @param roles the List of <{@link String}> objects representing the Role Names.
*/
void setRoleNames( List<String> roles );
+
+ void setRoleIds( List<String> roles );
/**
* Test to see if the object is a permanent object or not.
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-cached/src/main/java/org/apache/archiva/redback/rbac/cached/CachedRbacManager.java b/redback-rbac/redback-rbac-providers/redback-rbac-cached/src/main/java/org/apache/archiva/redback/rbac/cached/CachedRbacManager.java
index 7fbbcdd..9a6258c 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-cached/src/main/java/org/apache/archiva/redback/rbac/cached/CachedRbacManager.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-cached/src/main/java/org/apache/archiva/redback/rbac/cached/CachedRbacManager.java
@@ -479,11 +479,11 @@ public class CachedRbacManager
}
@Override
- public List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
+ public List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleIds )
throws RbacManagerException
{
log.debug( "NOT CACHED - .getUserAssignmentsForRoles(Collection)" );
- return this.rbacImpl.getUserAssignmentsForRoles( roleNames );
+ return this.rbacImpl.getUserAssignmentsForRoles( roleIds );
}
@Override
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/JpaRbacManager.java b/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/JpaRbacManager.java
index 8bd3212..9253867 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/JpaRbacManager.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/JpaRbacManager.java
@@ -466,11 +466,11 @@ public class JpaRbacManager extends AbstractRBACManager {
}
@Override
- public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleNames) throws RbacManagerException {
+ public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleIds ) throws RbacManagerException {
try {
final EntityManager em = getEm();
- TypedQuery<JpaUserAssignment> q = em.createQuery("SELECT ua FROM JpaUserAssignment ua WHERE ua.roleNames IN :roles", JpaUserAssignment.class);
- q.setParameter("roles", roleNames);
+ TypedQuery<JpaUserAssignment> q = em.createQuery("SELECT ua FROM JpaUserAssignment ua WHERE ua.roleIds IN :roles", JpaUserAssignment.class);
+ q.setParameter("roles", roleIds );
return q.getResultList();
} catch (Exception ex) {
log.error("Query failed: {}",ex.getMessage(),ex);
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/model/JpaUserAssignment.java b/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/model/JpaUserAssignment.java
index 7e64bdd..dcce5e3 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/model/JpaUserAssignment.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-jpa/src/main/java/org/apache/archiva/redback/rbac/jpa/model/JpaUserAssignment.java
@@ -56,7 +56,8 @@ public class JpaUserAssignment extends AbstractUserAssignment implements UserAss
@JoinColumn(name = "PRINCIPAL_OID", referencedColumnName = "PRINCIPAL", nullable = false)
}
)
- private List<String> roleNames = new ArrayList<String>();
+ private List<String> roleIds = new ArrayList<>( );
+
@Column(name="PERMANENT", nullable = false)
private Boolean permanent = false;
@@ -69,18 +70,30 @@ public class JpaUserAssignment extends AbstractUserAssignment implements UserAss
}
@Override
+ public List<String> getRoleNames( )
+ {
+ return roleIds;
+ }
+
+ @Override
public void setPrincipal(String principal) {
this.principal = principal;
}
@Override
- public List<String> getRoleNames() {
- return roleNames;
+ public void setRoleNames( List<String> roles )
+ {
+ this.roleIds = roles;
+ }
+
+ @Override
+ public List<String> getRoleIds() {
+ return roleIds;
}
@Override
- public void setRoleNames(List<String> roleNames) {
- this.roleNames = roleNames;
+ public void setRoleIds( List<String> roleIds ) {
+ this.roleIds = roleIds;
}
@Override
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java
index c5d9e8a..f38a46d 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java
@@ -62,6 +62,7 @@ import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
+import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
@@ -688,7 +689,17 @@ public class LdapRbacManager
{
ldapConnection = ldapConnectionFactory.getConnection();
context = ldapConnection.getDirContext();
- List<String> roles = ldapRoleMapper.getRoles( username, context, getRealRoles() );
+ List<String> roles = ldapRoleMapper.getRoles( username, context, getRealRoles() )
+ .stream( ).map( roleName -> {
+ try
+ {
+ return Optional.of( rbacImpl.getRole( roleName ).getId() );
+ }
+ catch ( RbacManagerException e )
+ {
+ return Optional.<String>empty( );
+ }
+ } ).filter( Optional::isPresent ).map( Optional::get ).collect( Collectors.toList() );
ua = new UserAssignmentImpl( username, roles );
@@ -714,11 +725,11 @@ public class LdapRbacManager
}
@Override
- public List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
+ public List<? extends UserAssignment> getUserAssignmentsForRoles( Collection<String> roleIds )
throws RbacManagerException
{
// TODO from ldap
- return this.rbacImpl.getUserAssignmentsForRoles( roleNames );
+ return this.rbacImpl.getUserAssignmentsForRoles( roleIds );
}
@Override
@@ -1114,27 +1125,41 @@ public class LdapRbacManager
List<String> currentUserRoles =
ldapRoleMapper.getRoles( userAssignment.getPrincipal(), context, getRealRoles() );
+ Map<String, String> currentUserIds = currentUserRoles.stream( ).map( roleName -> {
+ try
+ {
+ return Optional.of( rbacImpl.getRole( roleName ) );
+ }
+ catch ( RbacManagerException e )
+ {
+ return Optional.<Role>empty( );
+ }
+ } ).filter( Optional::isPresent ).map(Optional::get)
+ .collect( Collectors.toMap( Role::getName, Role::getId ) );
- for ( String role : userAssignment.getRoleNames() )
+ for ( String roleId : userAssignment.getRoleIds() )
{
- if ( !currentUserRoles.contains( role ) && writableLdap )
+ Role rbacRole = rbacImpl.getRoleById( roleId );
+ String roleName = rbacRole.getName( );
+ if ( !currentUserRoles.contains( roleName ) && writableLdap )
{
// role exists in ldap ?
- if ( !allRoles.contains( role ) )
+ if ( !allRoles.contains( roleName ) )
{
- ldapRoleMapper.saveRole( role, context );
- allRoles.add( role );
+ ldapRoleMapper.saveRole( roleName, context );
+ allRoles.add( roleName );
}
- ldapRoleMapper.saveUserRole( role, userAssignment.getPrincipal(), context );
- currentUserRoles.add( role );
+ ldapRoleMapper.saveUserRole( roleName, userAssignment.getPrincipal(), context );
+ currentUserRoles.add( roleName );
+ currentUserIds.put( roleName, rbacRole.getId( ) );
}
}
- for ( String role : currentUserRoles )
+ for ( String roleName : currentUserRoles )
{
- if ( !userAssignment.getRoleNames().contains( role ) && writableLdap )
+ if ( !userAssignment.getRoleIds().contains( currentUserIds.get(roleName) ) && writableLdap )
{
- ldapRoleMapper.removeUserRole( role, userAssignment.getPrincipal(), context );
+ ldapRoleMapper.removeUserRole( roleName, userAssignment.getPrincipal(), context );
}
}
@@ -1491,21 +1516,21 @@ public class LdapRbacManager
{
private String username;
- private List<String> roleNames;
+ private List<String> roleIds;
private boolean permanent;
- private UserAssignmentImpl( String username, Collection<String> roleNames )
+ private UserAssignmentImpl( String username, Collection<String> roleIds )
{
this.username = username;
- if ( roleNames == null )
+ if ( roleIds == null )
{
- this.roleNames = new ArrayList<String>();
+ this.roleIds = new ArrayList<>( );
}
else
{
- this.roleNames = new ArrayList<String>( roleNames );
+ this.roleIds = new ArrayList<>( roleIds );
}
}
@@ -1518,7 +1543,13 @@ public class LdapRbacManager
@Override
public List<String> getRoleNames()
{
- return this.roleNames;
+ return this.roleIds;
+ }
+
+ @Override
+ public List<String> getRoleIds( )
+ {
+ return this.roleIds;
}
@Override
@@ -1528,7 +1559,7 @@ public class LdapRbacManager
{
return;
}
- this.roleNames.add( role.getName() );
+ this.roleIds.add( role.getName() );
}
@Override
@@ -1538,7 +1569,27 @@ public class LdapRbacManager
{
return;
}
- this.roleNames.add( roleName );
+ this.roleIds.add( roleName );
+ }
+
+ @Override
+ public void addRoleId( Role role )
+ {
+ if ( role == null )
+ {
+ return;
+ }
+ this.roleIds.add( role.getId() );
+ }
+
+ @Override
+ public void addRoleId( String roleId )
+ {
+ if ( roleId == null )
+ {
+ return;
+ }
+ this.roleIds.add( roleId );
}
@Override
@@ -1548,7 +1599,7 @@ public class LdapRbacManager
{
return;
}
- this.roleNames.remove( role.getName() );
+ this.roleIds.remove( role.getName() );
}
@Override
@@ -1558,7 +1609,27 @@ public class LdapRbacManager
{
return;
}
- this.roleNames.remove( roleName );
+ this.roleIds.remove( roleName );
+ }
+
+ @Override
+ public void removeRoleId( Role role )
+ {
+ if ( role == null )
+ {
+ return;
+ }
+ this.roleIds.remove( role.getId() );
+ }
+
+ @Override
+ public void removeRoleId( String roleId )
+ {
+ if ( roleId == null )
+ {
+ return;
+ }
+ this.roleIds.remove( roleId );
}
@Override
@@ -1570,7 +1641,13 @@ public class LdapRbacManager
@Override
public void setRoleNames( List<String> roles )
{
- this.roleNames = roles;
+ this.roleIds = roles;
+ }
+
+ @Override
+ public void setRoleIds( List<String> roles )
+ {
+ this.roleIds = roles;
}
@Override
@@ -1591,7 +1668,7 @@ public class LdapRbacManager
final StringBuilder sb = new StringBuilder();
sb.append( "UserAssignmentImpl" );
sb.append( "{username='" ).append( username ).append( '\'' );
- sb.append( ", roleNames=" ).append( roleNames );
+ sb.append( ", roleNames=" ).append( roleIds );
sb.append( ", permanent=" ).append( permanent );
sb.append( '}' );
return sb.toString();
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryRbacManager.java b/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryRbacManager.java
index 235d3ab..9ac875c 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryRbacManager.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryRbacManager.java
@@ -515,18 +515,18 @@ public class MemoryRbacManager
}
@Override
- public List<UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
+ public List<UserAssignment> getUserAssignmentsForRoles( Collection<String> roleIds )
throws RbacManagerException
{
List<UserAssignment> allUserAssignments = getAllUserAssignments();
- List<UserAssignment> userAssignments = new ArrayList<UserAssignment>( allUserAssignments.size() );
+ List<UserAssignment> userAssignments = new ArrayList<>( allUserAssignments.size( ) );
for ( UserAssignment ua : allUserAssignments )
{
- for ( String roleName : roleNames )
+ for ( String roleId : roleIds )
{
- if ( ua.getRoleNames().contains( roleName ) )
+ if ( ua.getRoleIds().contains( roleId ) )
{
userAssignments.add( ua );
break;
diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryUserAssignment.java b/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryUserAssignment.java
index 49e01d2..fcf46a9 100644
--- a/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryUserAssignment.java
+++ b/redback-rbac/redback-rbac-providers/redback-rbac-memory/src/main/java/org/apache/archiva/redback/rbac/memory/MemoryUserAssignment.java
@@ -97,6 +97,17 @@ public class MemoryUserAssignment
return this.roles;
}
+ @Override
+ public List<String> getRoleIds( )
+ {
+ if ( this.roles == null )
+ {
+ this.roles = new ArrayList<String>( 0 );
+ }
+
+ return this.roles;
+ }
+
/**
* Method hashCode
*/
@@ -127,6 +138,12 @@ public class MemoryUserAssignment
this.roles = roles;
}
+ @Override
+ public void setRoleIds( List<String> roles )
+ {
+ this.roles = roles;
+ }
+
/**
* Method toString
*/
diff --git a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/DefaultRoleManager.java b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/DefaultRoleManager.java
index d83e642..5969633 100644
--- a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/DefaultRoleManager.java
+++ b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/DefaultRoleManager.java
@@ -205,9 +205,9 @@ public class DefaultRoleManager
Role role = rbacManager.getRoleById( roleId );
for ( UserAssignment assignment : rbacManager.getUserAssignmentsForRoles(
- Arrays.asList( role.getName() ) ) )
+ Arrays.asList( role.getId() ) ) )
{
- assignment.removeRoleName( role );
+ assignment.removeRoleId( role );
rbacManager.saveUserAssignment( assignment );
}
@@ -240,16 +240,19 @@ public class DefaultRoleManager
String oldRoleName = template.getNamePrefix() + template.getDelimiter() + oldResource;
String newRoleName = template.getNamePrefix() + template.getDelimiter() + newResource;
+ String oldRoleId = RoleModelUtils.getRoleId( templateId, oldResource );
+ String newRoleId = RoleModelUtils.getRoleId( templateId, newResource );
+
try
{
Role role = rbacManager.getRole( oldRoleName );
// remove the user assignments
for ( UserAssignment assignment : rbacManager.getUserAssignmentsForRoles(
- Arrays.asList( role.getName() ) ) )
+ Arrays.asList( role.getId() ) ) )
{
- assignment.removeRoleName( oldRoleName );
- assignment.addRoleName( newRoleName );
+ assignment.removeRoleId( oldRoleId );
+ assignment.addRoleId( newRoleId );
rbacManager.saveUserAssignment( assignment );
}
}
@@ -286,7 +289,7 @@ public class DefaultRoleManager
userAssignment = rbacManager.createUserAssignment( principal );
}
- userAssignment.addRoleName( modelRole.getName() );
+ userAssignment.addRoleId( modelRole.getId() );
rbacManager.saveUserAssignment( userAssignment );
}
catch ( RbacManagerException e )
@@ -301,6 +304,7 @@ public class DefaultRoleManager
{
try
{
+ Role role = rbacManager.getRole( roleName );
UserAssignment userAssignment;
if ( rbacManager.userAssignmentExists( principal ) )
@@ -317,7 +321,7 @@ public class DefaultRoleManager
throw new RoleManagerException( "Unable to assign role: " + roleName + " does not exist." );
}
- userAssignment.addRoleName( roleName );
+ userAssignment.addRoleId( role.getId() );
rbacManager.saveUserAssignment( userAssignment );
}
catch ( RbacManagerException e )
@@ -355,7 +359,7 @@ public class DefaultRoleManager
userAssignment = rbacManager.createUserAssignment( principal );
}
- userAssignment.addRoleName( modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + resource );
+ userAssignment.addRoleId( RoleModelUtils.getRoleId( modelTemplate.getId(), resource ) );
rbacManager.saveUserAssignment( userAssignment );
}
catch ( RbacManagerException e )
@@ -368,15 +372,10 @@ public class DefaultRoleManager
public void unassignRole( String roleId, String principal )
throws RoleManagerException
{
- ModelRole modelRole = RoleModelUtils.getModelRole( blessedModel, roleId );
-
- if ( modelRole == null )
- {
- throw new RoleNotFoundException( "Unable to assign role: " + roleId + " does not exist." );
- }
try
{
+ rbacManager.getRoleById( roleId );
UserAssignment userAssignment;
if ( rbacManager.userAssignmentExists( principal ) )
@@ -389,9 +388,12 @@ public class DefaultRoleManager
"UserAssignment for principal " + principal + "does not exist, can't unassign role." );
}
- userAssignment.removeRoleName( modelRole.getName() );
+ userAssignment.removeRoleId( roleId );
rbacManager.saveUserAssignment( userAssignment );
}
+ catch (RoleNotFoundException e) {
+ throw new RoleNotFoundException( "Unable to unassign role: " + roleId + " does not exist." );
+ }
catch ( RbacManagerException e )
{
throw new RoleManagerException( "Unable to unassign role: unable to manage user assignment", e );
@@ -421,7 +423,8 @@ public class DefaultRoleManager
throw new RoleManagerException( "Unable to unassign role: " + roleName + " does not exist." );
}
- userAssignment.removeRoleName( roleName );
+ Role rbacRole = rbacManager.getRole( roleName );
+ userAssignment.removeRoleId( rbacRole.getId() );
rbacManager.saveUserAssignment( userAssignment );
}
catch ( RbacManagerException e )
diff --git a/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/AbstractRoleManagerTest.java b/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/AbstractRoleManagerTest.java
index 50b303a..9bc074c 100644
--- a/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/AbstractRoleManagerTest.java
+++ b/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/AbstractRoleManagerTest.java
@@ -110,14 +110,14 @@ public abstract class AbstractRoleManagerTest
UserAssignment assignment = rbacManager.getUserAssignment( principal );
- List<String> assignments = assignment.getRoleNames();
+ List<String> assignments = assignment.getRoleIds();
assertEquals( 3, assignments.size() );
- for ( String roleName : assignments )
+ for ( String roleId : assignments )
{
- logger.info( roleName );
- assertTrue( "Test Role".equals( roleName ) || "Foo 2 - frigid".equals( roleName ) || "Test Role 1".equals( roleName ) );
+ logger.info( roleId );
+ assertTrue( "test-role".equals( roleId ) || "test-template-2.frigid".equals( roleId ) || "test-role-1".equals( roleId ) );
}
}
diff --git a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerPerformanceTestCase.java b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerPerformanceTestCase.java
index 7d1512f..0c37200 100644
--- a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerPerformanceTestCase.java
+++ b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerPerformanceTestCase.java
@@ -176,7 +176,7 @@ public class AbstractRbacManagerPerformanceTestCase
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
+ assignment.addRoleId( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( 1, manager.getAllUserAssignments().size() );
@@ -187,11 +187,11 @@ public class AbstractRbacManagerPerformanceTestCase
assertEquals( 2, manager.getAllRoles().size() );
// assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
+ assignment.addRoleId( devRole.getId() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, assignment.getRoleIds().size() );
String bobId = assignment.getPrincipal();
@@ -203,7 +203,7 @@ public class AbstractRbacManagerPerformanceTestCase
manager.saveRole( devPlusRole );
assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
+ assignment.addRoleId( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( 2, manager.getAllUserAssignments().size() );
@@ -214,11 +214,11 @@ public class AbstractRbacManagerPerformanceTestCase
assertEquals( 2, manager.getAllRoles().size() );
// assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
+ assignment.addRoleId( devRole.getId() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, assignment.getRoleIds().size() );
String janetId = assignment.getPrincipal();
diff --git a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerTestCase.java b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerTestCase.java
index bca655e..4994e21 100644
--- a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerTestCase.java
+++ b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/AbstractRbacManagerTestCase.java
@@ -104,7 +104,7 @@ public abstract class AbstractRbacManagerTestCase
private Role getDeveloperRole()
throws RbacManagerException
{
- Role role = rbacManager.createRole( "DEVELOPER" );
+ Role role = rbacManager.createRole( "developer","DEVELOPER" );
role.setAssignable( true );
Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
@@ -117,7 +117,7 @@ public abstract class AbstractRbacManagerTestCase
private Role getProjectAdminRole()
throws RbacManagerException
{
- Role role = rbacManager.createRole( "PROJECT_ADMIN" );
+ Role role = rbacManager.createRole( "project-admin","PROJECT_ADMIN" );
role.setAssignable( true );
Permission perm = rbacManager.createPermission( "EDIT_PROJECT", "EDIT", "Project:Foo" );
@@ -129,7 +129,8 @@ public abstract class AbstractRbacManagerTestCase
private Role getSuperDeveloperRole()
{
- Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
+ Role role = rbacManager.createRole( "super-developer","SUPER_DEVELOPER" );
+ role.setId( "super-developer" );
role.setAssignable( true );
return role;
@@ -402,7 +403,7 @@ public abstract class AbstractRbacManagerTestCase
UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
- assignment.addRoleName( adminRole );
+ assignment.addRoleId( adminRole );
manager.saveUserAssignment( assignment );
@@ -436,10 +437,10 @@ public abstract class AbstractRbacManagerTestCase
// don't use admin as ldap group need at least one member
String adminPrincipal = "theadmin";
UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
- assignment.addRoleName( adminRole );
+ assignment.addRoleId( adminRole );
assignment = manager.saveUserAssignment( assignment );
- assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, assignment.getRoleIds().size() );
assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() );
}
@@ -462,7 +463,7 @@ public abstract class AbstractRbacManagerTestCase
UserAssignment ua = manager.createUserAssignment( adminPrincipal );
- ua.addRoleName( admin );
+ ua.addRoleId( admin );
manager.saveUserAssignment( ua );
@@ -536,7 +537,7 @@ public abstract class AbstractRbacManagerTestCase
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( developerRole );
+ assignment.addRoleId( developerRole );
manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
@@ -544,41 +545,41 @@ public abstract class AbstractRbacManagerTestCase
// Create another role add it to manager.
Role projectAdmin = getProjectAdminRole();
- String projectAdminRoleName = projectAdmin.getName();
+ String projectAdminRoleId = projectAdmin.getId();
manager.saveRole( projectAdmin );
// Get User Assignment, add a second role
UserAssignment bob = manager.getUserAssignment( username );
- bob.addRoleName( projectAdminRoleName );
+ bob.addRoleId( projectAdminRoleId );
bob = manager.saveUserAssignment( bob );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( 2, manager.getAllRoles().size() );
- assertEquals( 2, bob.getRoleNames().size() );
+ assertEquals( 2, bob.getRoleIds().size() );
assertEquals( 0, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
- List<String> roles = bob.getRoleNames();
+ List<String> roles = bob.getRoleIds();
assertEquals( 2, roles.size() );
// Remove 1 role from bob, end up with 1 role for bob.
- roles.remove( projectAdminRoleName );
+ roles.remove( projectAdminRoleId );
assertEquals( 1, roles.size() );
- bob.setRoleNames( roles );
+ bob.setRoleIds( roles );
bob = manager.saveUserAssignment( bob );
- assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleNames().size() );
+ assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleIds().size() );
assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
assertEquals( "Should have 1 assignable role", 1, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
// Fetch bob again. see if role is missing.
UserAssignment cousin = manager.getUserAssignment( username );
- assertEquals( 1, cousin.getRoleNames().size() );
+ assertEquals( 1, cousin.getRoleIds().size() );
- assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleNames().size() );
+ assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleIds().size() );
assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
// remove the last role
- roles.remove( developerRole.getName() );
- bob.setRoleNames( roles );
+ roles.remove( developerRole.getId() );
+ bob.setRoleIds( roles );
bob = manager.saveUserAssignment( bob );
assertEquals( "Should have 2 assignable roles.", 2, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
@@ -602,18 +603,18 @@ public abstract class AbstractRbacManagerTestCase
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
+ assignment.addRoleId( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( 1, manager.getAllRoles().size() );
// assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
+ assignment.addRoleId( devRole.getId() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, assignment.getRoleIds().size() );
/* Assert some event tracker stuff */
assertEventTracker( 1, 0, 1, 0, true, true );
@@ -639,7 +640,7 @@ public abstract class AbstractRbacManagerTestCase
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
+ assignment.addRoleId( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
@@ -650,11 +651,11 @@ public abstract class AbstractRbacManagerTestCase
assertEquals( 2, manager.getAllRoles().size() );
// assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
+ assignment.addRoleId( devRole.getId() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, assignment.getRoleIds().size() );
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 1, 0, true, true );
@@ -678,12 +679,12 @@ public abstract class AbstractRbacManagerTestCase
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( developerRole.getName() );
- assignment.addRoleName( projectAdminRole.getName() );
- assignment.addRoleName( adminRole.getName() );
+ assignment.addRoleId( developerRole.getId() );
+ assignment.addRoleId( projectAdminRole.getId() );
+ assignment.addRoleId( adminRole.getId() );
assignment = manager.saveUserAssignment( assignment );
- assertThat( assignment.getRoleNames() ).isNotNull().isNotEmpty().hasSize( 3 );
+ assertThat( assignment.getRoleIds() ).isNotNull().isNotEmpty().hasSize( 3 );
assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) );
assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
@@ -718,7 +719,7 @@ public abstract class AbstractRbacManagerTestCase
manager.saveRole( getAdminRole() );
manager.saveRole( getProjectAdminRole() );
Role added = manager.saveRole( getDeveloperRole() );
- String roleName = added.getName();
+ String roleId = added.getId();
assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 );
@@ -727,7 +728,7 @@ public abstract class AbstractRbacManagerTestCase
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( roleName );
+ assignment.addRoleId( roleId );
manager.saveUserAssignment( assignment );
assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) );
@@ -816,7 +817,7 @@ public abstract class AbstractRbacManagerTestCase
String username = "bob";
UserAssignment assignment = rbacManager.createUserAssignment( username );
- assignment.addRoleName( "Developer" );
+ assignment.addRoleId( "developer" );
rbacManager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
@@ -824,7 +825,7 @@ public abstract class AbstractRbacManagerTestCase
assertEquals( 6, rbacManager.getAllPermissions().size() );
// Get the List of Assigned Roles for user bob.
- Role devel = rbacManager.getRole( "Developer" );
+ Role devel = rbacManager.getRoleById( "developer" );
assertNotNull( devel );
// First Depth.
@@ -850,7 +851,7 @@ public abstract class AbstractRbacManagerTestCase
String username = "bob";
UserAssignment assignment = rbacManager.createUserAssignment( username );
- assignment.addRoleName( "Developer" );
+ assignment.addRoleId( "developer" );
rbacManager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
diff --git a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/utils/RBACDefaults.java b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/utils/RBACDefaults.java
index a451485..024a664 100644
--- a/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/utils/RBACDefaults.java
+++ b/redback-rbac/redback-rbac-tests/src/main/java/org/apache/archiva/redback/tests/utils/RBACDefaults.java
@@ -149,6 +149,7 @@ public class RBACDefaults
if ( !manager.roleExists( "User Administrator" ) )
{
Role userAdmin = manager.createRole( "User Administrator" );
+ userAdmin.setId( "user-administrator" );
userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
userAdmin.setAssignable( true );
@@ -158,6 +159,7 @@ public class RBACDefaults
if ( !manager.roleExists( "System Administrator" ) )
{
Role admin = manager.createRole( "System Administrator" );
+ admin.setId( "system-administrator" );
admin.addChildRoleName( "User Administrator" );
admin.addChildRoleId( "user-administrator" );
admin.addPermission( manager.getPermission( "Edit Configuration" ) );
@@ -171,6 +173,7 @@ public class RBACDefaults
if ( !manager.roleExists( "Trusted Developer" ) )
{
Role developer = manager.createRole( "Trusted Developer" );
+ developer.setId( "trusted-developer" );
developer.addChildRoleName( "System Administrator" );
developer.addChildRoleId( "system-administrator" );
developer.addPermission( manager.getPermission( "Run Indexer" ) );
@@ -181,6 +184,7 @@ public class RBACDefaults
if ( !manager.roleExists( "Developer" ) )
{
Role developer = manager.createRole( "Developer" );
+ developer.setId( "developer" );
developer.addChildRoleName( "Trusted Developer" );
developer.addChildRoleId( "trusted-developer" );
developer.addPermission( manager.getPermission( "Run Indexer" ) );