This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository observe. See http://git.codelutin.com/observe.git commit eb98b300a2464634a3ff4686598d551cfa2dba0d Author: Maven Release <maven-release@codelutin.com> Date: Mon Sep 14 16:57:48 2015 +0200 recuperation des permission à partir de la BD, et verification de ces permissions à l'execution des service (refs #7523) --- .../services/dto/UnauthorizedException.java | 24 +++ .../fr/ird/observe/services/TestClassResource.java | 2 + .../ird/observe/services/TestMethodResource.java | 2 + .../fr/ird/observe/services/ObserveJdbcHelper.java | 59 ++++++ .../services/ObserveServiceFactoryTopia.java | 32 +++ .../ObserveTopiaApplicationContextFactory.java | 10 +- .../services/service/DataSourceServiceTopia.java | 67 ++++++- .../services/service/ReferentialServiceTopia.java | 9 +- .../services/ApplicationContextResource.java | 11 ++ .../ird/observe/services/DataSourceResource.java | 11 ++ .../ObserveDataSourceConnectionTopiaTaiste.java | 15 ++ .../services/service/AbstractServiceTopiaTest.java | 21 +- .../service/DataSourceServiceTopiaTest.java | 5 +- .../fr/ird/observe/services/service/RigthTest.java | 215 +++++++++++++++++++++ 14 files changed, 465 insertions(+), 18 deletions(-) diff --git a/observe-services-model/src/main/java/fr/ird/observe/services/dto/UnauthorizedException.java b/observe-services-model/src/main/java/fr/ird/observe/services/dto/UnauthorizedException.java new file mode 100644 index 0000000..b9f15d0 --- /dev/null +++ b/observe-services-model/src/main/java/fr/ird/observe/services/dto/UnauthorizedException.java @@ -0,0 +1,24 @@ +package fr.ird.observe.services.dto; + +/** + * @author Sylvain Bavencoff - bavencoff@codelutin.com + */ +public class UnauthorizedException extends RuntimeException { + + protected final String className; + + protected final String methodName; + + public UnauthorizedException(String className, String methodName) { + this.className = className; + this.methodName = methodName; + } + + public String getClassName() { + return className; + } + + public String getMethodName() { + return methodName; + } +} diff --git a/observe-services-rest/src/test/java/fr/ird/observe/services/TestClassResource.java b/observe-services-rest/src/test/java/fr/ird/observe/services/TestClassResource.java index 31b0523..3ad06b0 100644 --- a/observe-services-rest/src/test/java/fr/ird/observe/services/TestClassResource.java +++ b/observe-services-rest/src/test/java/fr/ird/observe/services/TestClassResource.java @@ -59,6 +59,8 @@ public class TestClassResource implements TestRule { public TestClassResource() { this("http://localhost:8080/observeweb/api/v1"); + // pour les test sur Demo + //this("http://demo.codelutin.com/observeweb-latest/api/v1"); } public TestClassResource(String serverUrl) { diff --git a/observe-services-rest/src/test/java/fr/ird/observe/services/TestMethodResource.java b/observe-services-rest/src/test/java/fr/ird/observe/services/TestMethodResource.java index df82194..c71d292 100644 --- a/observe-services-rest/src/test/java/fr/ird/observe/services/TestMethodResource.java +++ b/observe-services-rest/src/test/java/fr/ird/observe/services/TestMethodResource.java @@ -62,6 +62,8 @@ public class TestMethodResource implements TestRule { public TestMethodResource(TestClassResource testClassResource, String databaseName) { this(testClassResource, databaseName, "admin", 'a'); + // pour les tests sur demo + //this(testClassResource, databaseName, "admin", ";;dm8-admin..".toCharArray()); } public TestMethodResource(TestClassResource testClassResource, String databaseName, String login, char... password) { diff --git a/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveJdbcHelper.java b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveJdbcHelper.java new file mode 100644 index 0000000..0b8d347 --- /dev/null +++ b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveJdbcHelper.java @@ -0,0 +1,59 @@ +package fr.ird.observe.services; + +import com.google.common.collect.Sets; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.nuiton.topia.persistence.jdbc.JdbcConfiguration; +import org.nuiton.topia.persistence.jdbc.JdbcHelper; + +import java.sql.Connection; +import java.sql.DatabaseMetaData; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.Set; + +/** + * @author Sylvain Bavencoff - bavencoff@codelutin.com + */ +public class ObserveJdbcHelper extends JdbcHelper { + + private static final Log log = LogFactory.getLog(ObserveJdbcHelper.class); + + public ObserveJdbcHelper(JdbcConfiguration jdbcConfiguration) { + super(jdbcConfiguration); + } + + public Set<String> getTablePrivileges(String tableName) { + Connection connection = null; + PreparedStatement preparedStatement = null; + try { + connection = openConnection(); + DatabaseMetaData metaData = connection.getMetaData(); + ResultSet observerDataPrivilege = metaData.getTablePrivileges(null, null, tableName); + + Set<String> tablePrivileges = Sets.newHashSet(); + + while (observerDataPrivilege.next()) { + String security = observerDataPrivilege.getString("PRIVILEGE"); + String grantee = observerDataPrivilege.getString("GRANTEE"); + if (grantee.equals(jdbcConfiguration.getJdbcConnectionUser())) { + if (log.isDebugEnabled()) { + log.debug("for " + tableName + " table " + grantee + '/' + security); + } + tablePrivileges.add(security); + } + } + + return tablePrivileges; + + } catch (SQLException e) { + throw new RuntimeException(e); + } finally { + closeQuietly(preparedStatement); + closeQuietly(connection); + } + + } + +} diff --git a/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveServiceFactoryTopia.java b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveServiceFactoryTopia.java index afa42cc..9220b3f 100644 --- a/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveServiceFactoryTopia.java +++ b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveServiceFactoryTopia.java @@ -32,8 +32,13 @@ import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaSupport; import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.configuration.ObserveDataSourceConnectionTopia; +import fr.ird.observe.services.dto.UnauthorizedException; import fr.ird.observe.services.spi.NoDataAccess; +import fr.ird.observe.services.spi.ReadDataPermission; +import fr.ird.observe.services.spi.ReadReferentialPermission; import fr.ird.observe.services.spi.Write; +import fr.ird.observe.services.spi.WriteDataPermission; +import fr.ird.observe.services.spi.WriteReferentialPermission; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -188,6 +193,33 @@ public class ObserveServiceFactoryTopia extends ObserveServiceFactorySupport { serviceContext.setTopiaApplicationContext(topiaApplicationContext); } + + if (method.isAnnotationPresent(ReadDataPermission.class) + || method.isAnnotationPresent(WriteDataPermission.class) + || method.isAnnotationPresent(ReadReferentialPermission.class) + || method.isAnnotationPresent(WriteReferentialPermission.class)) { + + if (serviceContext.withDataSourceConnection()) { + + ObserveDataSourceConnectionTopia dataSourceConnection = serviceContext.getDataSourceConnection(); + + if (method.isAnnotationPresent(ReadDataPermission.class) && !dataSourceConnection.canReadData() + || method.isAnnotationPresent(WriteDataPermission.class) && !dataSourceConnection.canWriteData() + || method.isAnnotationPresent(ReadReferentialPermission.class) && !dataSourceConnection.canReadReferential() + || method.isAnnotationPresent(WriteReferentialPermission.class) && !dataSourceConnection.canWriteReferential()) { + + throw new UnauthorizedException(method.getClass().getCanonicalName(), method.getName()); + + } + + } else { + + throw new UnauthorizedException(method.getClass().getCanonicalName(), method.getName()); + + } + + } + result = invokeMethodWithTransaction(method, args); } diff --git a/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveTopiaApplicationContextFactory.java b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveTopiaApplicationContextFactory.java index 6cc4414..88602dc 100644 --- a/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveTopiaApplicationContextFactory.java +++ b/observe-services-topia/src/main/java/fr/ird/observe/services/ObserveTopiaApplicationContextFactory.java @@ -121,7 +121,7 @@ public class ObserveTopiaApplicationContextFactory { } - protected static ObserveTopiaApplicationContext createTopiaApplicationContext(ObserveDataSourceConfigurationTopiaPG configuration, boolean initSchema) { + public static ObserveTopiaConfiguration createTopiaConfiguration(ObserveDataSourceConfigurationTopiaPG configuration, boolean initSchema) { ObserveTopiaConfiguration topiaConfiguration = ObserveTopiaConfigurationFactory.forPostgresqlDatabase( configuration.getJdbcUrl(), @@ -136,6 +136,14 @@ public class ObserveTopiaApplicationContextFactory { if (log.isInfoEnabled()) { log.info("PG Topia configuration: " + topiaConfiguration); } + return topiaConfiguration; + } + + + protected static ObserveTopiaApplicationContext createTopiaApplicationContext(ObserveDataSourceConfigurationTopiaPG configuration, boolean initSchema) { + + ObserveTopiaConfiguration topiaConfiguration = createTopiaConfiguration(configuration, initSchema); + ObserveTopiaApplicationContext topiaApplicationContext = new MyObserveTopiaApplicationContext(topiaConfiguration, configuration); return topiaApplicationContext; diff --git a/observe-services-topia/src/main/java/fr/ird/observe/services/service/DataSourceServiceTopia.java b/observe-services-topia/src/main/java/fr/ird/observe/services/service/DataSourceServiceTopia.java index ca17879..246b848 100644 --- a/observe-services-topia/src/main/java/fr/ird/observe/services/service/DataSourceServiceTopia.java +++ b/observe-services-topia/src/main/java/fr/ird/observe/services/service/DataSourceServiceTopia.java @@ -28,6 +28,7 @@ import com.google.common.collect.ImmutableSet; import fr.ird.observe.ObserveTopiaApplicationContext; import fr.ird.observe.ObserveTopiaConfiguration; import fr.ird.observe.ObserveTopiaConfigurationFactory; +import fr.ird.observe.services.ObserveJdbcHelper; import fr.ird.observe.services.ObserveServiceTopia; import fr.ird.observe.services.ObserveTopiaApplicationContextFactory; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; @@ -44,6 +45,7 @@ import org.nuiton.topia.persistence.jdbc.JdbcHelper; import java.io.File; import java.io.IOException; +import java.util.Set; import static org.nuiton.i18n.I18n.l; @@ -294,16 +296,57 @@ public class DataSourceServiceTopia extends ObserveServiceTopia implements DataS writeReferential = false; readData = true; writeData = true; + } else { + ObserveDataSourceConfigurationTopiaPG dataSourceConfigurationPG = (ObserveDataSourceConfigurationTopiaPG) dataSourceConfiguration; + + ObserveTopiaConfiguration topiaConfiguration = ObserveTopiaApplicationContextFactory.createTopiaConfiguration(dataSourceConfigurationPG, false); + + ObserveJdbcHelper observeJdbcHelper = new ObserveJdbcHelper(topiaConfiguration); + + // on recherche les droits de l'utilisateur sur cette base + + //TODO chemit 2010-10-28 : il vaudrait mieux utiliser les fonctions postgres adpéquates qui elle sont fiables... + //FIXME la recuperation des meta-donnees n'est pas fiable! + //FIXME en effet, sur un simple lecteur, on voit apparaître aussi + //FIXME des privileges INSERT ou UPDATE... + + // on pourrait utiliser une requete specifique postgres : + + // select count(*) from information_schema.table_privileges where + // grantee='ROLE' and table_name='maree' and + // privilege_type='INSERT'; + + // cependant cela n'est pas mieux car la requete peut ne pas etre + // extacte si l'utilisateur n'a pas les bons droits.... + + // la meilleure solution serait je pense de poser 2 fonctions + // stockées dans pg canWriteData, canWrite pour etre sur du resultat + + // recherche des droits sur les données observers + Set<String> dataPrivileges = observeJdbcHelper.getTablePrivileges("trip"); + + readData = canRead(dataPrivileges); + writeData = canWrite(dataPrivileges); + + + // recherche des droits sur le referentiel + Set<String> referentielPrivileges = observeJdbcHelper.getTablePrivileges("vessel"); + // Sur une base PG, on regarde en base ce que l'utilisateur peut lire/écrire - //FIXME A remplir apèrs avoir lue les droits sur le schema readReferential = true; - writeReferential = true; - readData = true; - writeData = true; + writeReferential = canWrite(referentielPrivileges); + + } + if (log.isDebugEnabled()) { + log.debug("User can read refererential : " + readReferential + ", " + + "write referential : " + writeReferential + ", " + + "read data : " + readData + ", " + + "write data : " + writeData + "."); } + ObserveDataSourceConnectionTopia dataSourceConnection = new ObserveDataSourceConnectionTopia( authenticationToken, readReferential, @@ -313,4 +356,20 @@ public class DataSourceServiceTopia extends ObserveServiceTopia implements DataS return dataSourceConnection; } + protected static boolean canWrite(Set<?> privileges) { + boolean result = privileges != null && + privileges.contains("DELETE") && + privileges.contains("UPDATE") && + privileges.contains("INSERT"); + return result; + } + + protected static boolean canRead(Set<?> privileges) { + // seul les utilisateurs avec au moins un droit sur les donnes + // observer peut les lire + boolean result = privileges != null && + ! privileges.isEmpty(); + return result; + } + } diff --git a/observe-services-topia/src/main/java/fr/ird/observe/services/service/ReferentialServiceTopia.java b/observe-services-topia/src/main/java/fr/ird/observe/services/service/ReferentialServiceTopia.java index ff11b37..70b7b16 100644 --- a/observe-services-topia/src/main/java/fr/ird/observe/services/service/ReferentialServiceTopia.java +++ b/observe-services-topia/src/main/java/fr/ird/observe/services/service/ReferentialServiceTopia.java @@ -88,8 +88,8 @@ public class ReferentialServiceTopia extends ObserveServiceTopia implements Refe public <D extends ReferentialDto> String save(FormDto<D> form) { Class<D> dtoType = form.getType(); - TopiaEntity entity = referentialDtoToEntity(form.getForm()); Class<TopiaEntity> entityType = getEntityType(dtoType); + TopiaEntity entity = dtoToEntity(dtoType, entityType, form.getForm()); entity = saveEntity(entityType, entity); FormDto<D> model = entityToEditFormDto(dtoType, entityType, entity); return model.getForm().getId(); @@ -107,11 +107,4 @@ public class ReferentialServiceTopia extends ObserveServiceTopia implements Refe deleteEntity(dtoType, entityType, ids); } - protected <D extends ReferentialDto, E extends TopiaEntity> E referentialDtoToEntity(D dto) { - Class<D> aClass = (Class<D>) dto.getClass(); - Class<TopiaEntity> entityType = getEntityType(aClass); - E entity = null; - return null; - } - } diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/ApplicationContextResource.java b/observe-services-topia/src/test/java/fr/ird/observe/services/ApplicationContextResource.java index a6332fe..cea80a5 100644 --- a/observe-services-topia/src/test/java/fr/ird/observe/services/ApplicationContextResource.java +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/ApplicationContextResource.java @@ -26,6 +26,7 @@ import fr.ird.observe.ObserveTopiaApplicationContext; import fr.ird.observe.ObserveTopiaPersistenceContext; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaH2; +import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.dto.constants.ReferentialLocale; import fr.ird.observe.test.TestHelper; import org.apache.commons.logging.Log; @@ -87,6 +88,16 @@ public class ApplicationContextResource implements TestRule { return serviceFactory.newService(observeServiceInitializer, serviceType); } + public <S extends ObserveService> S newService(ObserveDataSourceConnection dataSourceConnection, Class<S> serviceType) { + ObserveServiceInitializer observeServiceInitializer = ObserveServiceInitializer.create( + Locale.FRANCE, + ReferentialLocale.FR, + temporaryDirectoryRoot.toFile(), + dataSourceConnection + ); + return serviceFactory.newService(observeServiceInitializer, serviceType); + } + public void closeServiceFactory() { serviceFactory.close(); } diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/DataSourceResource.java b/observe-services-topia/src/test/java/fr/ird/observe/services/DataSourceResource.java index 0c8cb8b..4f57135 100644 --- a/observe-services-topia/src/test/java/fr/ird/observe/services/DataSourceResource.java +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/DataSourceResource.java @@ -28,6 +28,7 @@ import com.google.common.io.Resources; import fr.ird.observe.ObserveTopiaApplicationContext; import fr.ird.observe.ObserveTopiaPersistenceContext; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaH2; +import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.dto.DataSourceCreateConfigurationDto; import fr.ird.observe.services.dto.DataSourceCreateWithNoReferentialImportException; import fr.ird.observe.services.dto.IncompatibleDataSourceCreateConfigurationException; @@ -64,6 +65,8 @@ public class DataSourceResource implements TestRule { protected ObserveDataSourceConfigurationTopiaH2 dataSourceConfiguration; + protected ObserveDataSourceConnection dataSourceConnection; + protected Set<String> testNamesChangeDataBase; protected String scriptName; @@ -78,6 +81,14 @@ public class DataSourceResource implements TestRule { return dataSourceConfiguration; } + public ObserveDataSourceConnection getDataSourceConnection() { + return dataSourceConnection; + } + + public void setDataSourceConnection(ObserveDataSourceConnection dataSourceConnection) { + this.dataSourceConnection = dataSourceConnection; + } + public byte[] getDatabaseToImportContent(String scriptPath) throws IOException { URL url = getClass().getResource(scriptPath); diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/ObserveDataSourceConnectionTopiaTaiste.java b/observe-services-topia/src/test/java/fr/ird/observe/services/ObserveDataSourceConnectionTopiaTaiste.java new file mode 100644 index 0000000..c106377 --- /dev/null +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/ObserveDataSourceConnectionTopiaTaiste.java @@ -0,0 +1,15 @@ +package fr.ird.observe.services; + +import fr.ird.observe.services.configuration.ObserveDataSourceConnectionTopia; + +/** + * @author Sylvain Bavencoff - bavencoff@codelutin.com + */ +public class ObserveDataSourceConnectionTopiaTaiste extends ObserveDataSourceConnectionTopia { + + public ObserveDataSourceConnectionTopiaTaiste(String authenticationToken) { + // on se donne tout les droit pour pouvoir tout tester + super(authenticationToken, true, true, true, true); + } + +} diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/service/AbstractServiceTopiaTest.java b/observe-services-topia/src/test/java/fr/ird/observe/services/service/AbstractServiceTopiaTest.java index 1157dce..dd3197d 100644 --- a/observe-services-topia/src/test/java/fr/ird/observe/services/service/AbstractServiceTopiaTest.java +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/service/AbstractServiceTopiaTest.java @@ -28,8 +28,10 @@ import fr.ird.observe.entities.LastUpdateTypeTopiaDao; import fr.ird.observe.entities.migration.H2DataSourceMigration; import fr.ird.observe.services.ApplicationContextResource; import fr.ird.observe.services.DataSourceResource; +import fr.ird.observe.services.ObserveDataSourceConnectionTopiaTaiste; import fr.ird.observe.services.ObserveService; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaH2; +import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.dto.ReferenceDto; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -100,11 +102,24 @@ public abstract class AbstractServiceTopiaTest { } - public <S extends ObserveService> S newService(Class<S> serviceType) { + public <S extends ObserveService> S newService(Class<S> serviceType) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { - ObserveDataSourceConfigurationTopiaH2 dataSourceConfiguration = dataSourceResource.getDataSourceConfiguration(); + ObserveDataSourceConnection dataSourceConnection = dataSourceResource.getDataSourceConnection(); - S service = applicationContextResource.newService(dataSourceConfiguration, serviceType); + if (dataSourceConnection == null) { + + ObserveDataSourceConfigurationTopiaH2 dataSourceConfiguration = dataSourceResource.getDataSourceConfiguration(); + + DataSourceService dataSourceService = applicationContextResource.newService(dataSourceConfiguration, DataSourceService.class); + + dataSourceConnection = dataSourceService.open(dataSourceConfiguration); + + dataSourceConnection = new ObserveDataSourceConnectionTopiaTaiste(dataSourceConnection.getAuthenticationToken()); + + dataSourceResource.setDataSourceConnection(dataSourceConnection); + } + + S service = applicationContextResource.newService(dataSourceConnection, serviceType); return service; } diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/service/DataSourceServiceTopiaTest.java b/observe-services-topia/src/test/java/fr/ird/observe/services/service/DataSourceServiceTopiaTest.java index b41a88c..aba7451 100644 --- a/observe-services-topia/src/test/java/fr/ird/observe/services/service/DataSourceServiceTopiaTest.java +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/service/DataSourceServiceTopiaTest.java @@ -29,6 +29,7 @@ import fr.ird.observe.services.ApplicationContextResource; import fr.ird.observe.services.DataSourceResource; import fr.ird.observe.services.ObserveTopiaApplicationContextFactory; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaH2; +import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.dto.DataSourceCreateConfigurationDto; import fr.ird.observe.services.dto.DataSourceCreateWithNoReferentialImportException; import fr.ird.observe.services.dto.IncompatibleDataSourceCreateConfigurationException; @@ -126,10 +127,10 @@ public class DataSourceServiceTopiaTest { } dataSourceConfiguration.setPassword(password); - service.open(dataSourceConfiguration); + ObserveDataSourceConnection dataSourceConnection = service.open(dataSourceConfiguration); // La base n'est pas encore lockée - ReferentialService referentialService = applicationContextResource.newService(dataSourceConfiguration, ReferentialService.class); + ReferentialService referentialService = applicationContextResource.newService(dataSourceConnection, ReferentialService.class); referentialService.getReferentialReferenceSet(GearDto.class); // Base déjà en cours d'utilisation diff --git a/observe-services-topia/src/test/java/fr/ird/observe/services/service/RigthTest.java b/observe-services-topia/src/test/java/fr/ird/observe/services/service/RigthTest.java new file mode 100644 index 0000000..c1fe848 --- /dev/null +++ b/observe-services-topia/src/test/java/fr/ird/observe/services/service/RigthTest.java @@ -0,0 +1,215 @@ +package fr.ird.observe.services.service; + +import fr.ird.observe.services.ObserveService; +import fr.ird.observe.services.ObserveServiceContextTopia; +import fr.ird.observe.services.ObserveServiceContextTopiaTaiste; +import fr.ird.observe.services.ObserveServiceFactoryTopia; +import fr.ird.observe.services.ObserveServiceInitializer; +import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationTopiaPG; +import fr.ird.observe.services.configuration.ObserveDataSourceConnection; +import fr.ird.observe.services.dto.FormDto; +import fr.ird.observe.services.dto.UnauthorizedException; +import fr.ird.observe.services.dto.constants.ReferentialLocale; +import fr.ird.observe.services.dto.referential.ProgramDto; +import fr.ird.observe.services.dto.seine.TripSeineDto; +import fr.ird.observe.services.service.seine.TripSeineService; +import fr.ird.observe.test.TestHelper; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Ignore; +import org.junit.Test; + +import java.io.File; +import java.util.Locale; + +/** + * @author Sylvain Bavencoff - bavencoff@codelutin.com + */ +@Ignore +public class RigthTest { + + public static final String TRIP_SEINE_ID = "fr.ird.observe.entities.seine.TripSeine#1359167789871#0.6765335978809843"; + + public static final String PROGRAM_ID = "fr.ird.observe.entities.referentiel.Program#1239832686262#0.31033946454061234"; + + + protected File temporaryDirectoryRoot; + + protected ObserveServiceFactoryTopia serviceFactory; + + @Before + public void before() { + temporaryDirectoryRoot = TestHelper.newFile("testWright"); + + this.serviceFactory = new ObserveServiceFactoryTopia() { + + @Override + protected ObserveServiceContextTopia createServiceContext(ObserveServiceInitializer observeServiceInitializer) { + ObserveServiceContextTopiaTaiste serviceContext = new ObserveServiceContextTopiaTaiste(observeServiceInitializer, mainServiceFactory, this); + return serviceContext; + } + }; + serviceFactory.setMainServiceFactory(serviceFactory); + + + } + + + protected ObserveDataSourceConfigurationTopiaPG createDataSourceConfigurationH2(String login) { + + ObserveDataSourceConfigurationTopiaPG configurationTopiaPG = new ObserveDataSourceConfigurationTopiaPG(); + + configurationTopiaPG.setJdbcUrl("jdbc:postgresql://localhost:5432/obstuna"); + configurationTopiaPG.setUsername(login); + configurationTopiaPG.setPassword('a'); + configurationTopiaPG.setAutoMigrate(true); + + return configurationTopiaPG; + + } + + protected ObserveDataSourceConnection getDataSourceConnection(String login) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConfigurationTopiaPG adminConfig = createDataSourceConfigurationH2(login); + + DataSourceService dataSourceServices = newService(adminConfig, DataSourceService.class); + + return dataSourceServices.open(adminConfig); + + } + + + + public <S extends ObserveService> S newService(ObserveDataSourceConnection dataSourceConnection, Class<S> serviceType) { + ObserveServiceInitializer observeServiceInitializer = ObserveServiceInitializer.create( + Locale.FRANCE, + ReferentialLocale.FR, + temporaryDirectoryRoot, + dataSourceConnection + ); + return serviceFactory.newService(observeServiceInitializer, serviceType); + } + + public <S extends ObserveService> S newService(ObserveDataSourceConfiguration dataSourceConfiguration, Class<S> serviceType) { + ObserveServiceInitializer observeServiceInitializer = ObserveServiceInitializer.create( + Locale.FRANCE, + ReferentialLocale.FR, + temporaryDirectoryRoot, + dataSourceConfiguration + ); + return serviceFactory.newService(observeServiceInitializer, serviceType); + } + + protected void testUser(String login, boolean readData, boolean writeData, boolean readReferential, boolean writeReferential) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConfigurationTopiaPG adminConfig = createDataSourceConfigurationH2(login); + + DataSourceService service = newService(adminConfig, DataSourceService.class); + + ObserveDataSourceConnection dataSourceConnection = service.open(adminConfig); + + Assert.assertEquals(readData, dataSourceConnection.canReadData()); + Assert.assertEquals(writeData, dataSourceConnection.canWriteData()); + Assert.assertEquals(readReferential, dataSourceConnection.canReadReferential()); + Assert.assertEquals(writeReferential, dataSourceConnection.canWriteReferential()); + + } + + @Test + public void testAdminRight() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testUser("admin", true, true, true, true); + } + + @Test + public void testTechnicienAdminRight() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testUser("technicien", true, true, true, true); + } + + @Test + public void testUtilisateurRight() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testUser("utilisateur", true, false, true, false); + } + + @Test + public void testReferentielRight() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testUser("referentiel", false, false, true, false); + } + + protected void testReadData(String login) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConnection dataSourceConnection = getDataSourceConnection(login); + + TripSeineService service = newService(dataSourceConnection, TripSeineService.class); + + service.loadToRead(TRIP_SEINE_ID); + } + + protected void testWriteData(String login) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConnection dataSourceConnection = getDataSourceConnection(login); + + TripSeineService service = newService(dataSourceConnection, TripSeineService.class); + + FormDto<TripSeineDto> tripSeineDtoFormDto = service.loadToEdit(TRIP_SEINE_ID); + + service.save(tripSeineDtoFormDto); + } + + protected void testReadReferential(String login) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConnection dataSourceConnection = getDataSourceConnection(login); + + ReferentialService service = newService(dataSourceConnection, ReferentialService.class); + + service.loadToRead(ProgramDto.class, PROGRAM_ID); + } + + protected void testWriteReferential(String login) throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + + ObserveDataSourceConnection dataSourceConnection = getDataSourceConnection(login); + + ReferentialService service = newService(dataSourceConnection, ReferentialService.class); + + FormDto<ProgramDto> formDto = service.loadToEdit(ProgramDto.class, PROGRAM_ID); + + service.save(formDto); + } + + @Test + public void testAdminReadData() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testReadData("admin"); + } + + @Test + public void testAdminWriteData() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testWriteData("admin"); + } + + @Test + public void testAdminReadReferential() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testReadReferential("admin"); + } + + @Test + public void testAdminWriteReferential() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testWriteReferential("admin"); + } + + @Test(expected = UnauthorizedException.class) + public void testReferentielReadData() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testReadData("referentiel"); + } + + @Test(expected = UnauthorizedException.class) + public void testReferentielWriteData() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testWriteData("referentiel"); + } + + @Test(expected = UnauthorizedException.class) + public void testReferentielWriteReferential() throws DatabaseConnexionNotAuthorizedException, DatabaseNotFoundException { + testWriteReferential("referentiel"); + } + + +} -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@list.forge.codelutin.com>.