Merge user-group-admin and query-access admin roles.
Update predefined roles and role names.
Change-Id: I23e266eaa5f89bc656b8dc22330fce580c74b658
diff --git a/src/main/java/de/ids_mannheim/korap/constant/PredefinedRole.java b/src/main/java/de/ids_mannheim/korap/constant/PredefinedRole.java
index 4f2dcbc..a015b0e 100644
--- a/src/main/java/de/ids_mannheim/korap/constant/PredefinedRole.java
+++ b/src/main/java/de/ids_mannheim/korap/constant/PredefinedRole.java
@@ -7,17 +7,11 @@
*
*/
public enum PredefinedRole {
- USER_GROUP_ADMIN_READ,
- USER_GROUP_ADMIN_WRITE,
- USER_GROUP_ADMIN_DELETE,
-
- USER_GROUP_MEMBER_DELETE,
-
- QUERY_ADMIN_READ,
- QUERY_ADMIN_WRITE,
- QUERY_ADMIN_DELETE,
-
- QUERY_MEMBER_READ;
+ GROUP_ADMIN,
+ GROUP_MEMBER,
+ @Deprecated
+ QUERY_ACCESS_ADMIN,
+ QUERY_ACCESS;
// USER_GROUP_ADMIN(1), USER_GROUP_MEMBER(2), VC_ACCESS_ADMIN(
// 3), VC_ACCESS_MEMBER(
diff --git a/src/main/java/de/ids_mannheim/korap/constant/PrivilegeType.java b/src/main/java/de/ids_mannheim/korap/constant/PrivilegeType.java
index 10bc511..5aea201 100644
--- a/src/main/java/de/ids_mannheim/korap/constant/PrivilegeType.java
+++ b/src/main/java/de/ids_mannheim/korap/constant/PrivilegeType.java
@@ -8,5 +8,11 @@
* @see Role
*/
public enum PrivilegeType {
- READ, WRITE, DELETE;
+ READ_MEMBER,
+ WRITE_MEMBER,
+ DELETE_MEMBER,
+ SHARE_QUERY,
+ DELETE_QUERY,
+ READ_QUERY,
+ READ_LARGE_SNIPPET;
}
diff --git a/src/main/java/de/ids_mannheim/korap/dao/UserGroupDao.java b/src/main/java/de/ids_mannheim/korap/dao/UserGroupDao.java
index e74e777..afd6086 100644
--- a/src/main/java/de/ids_mannheim/korap/dao/UserGroupDao.java
+++ b/src/main/java/de/ids_mannheim/korap/dao/UserGroupDao.java
@@ -89,18 +89,16 @@
private Set<Role> createUserGroupAdminRoles (UserGroup group) {
Set<Role> roles = new HashSet<Role>();
- roles.add(new Role(PredefinedRole.USER_GROUP_ADMIN_DELETE,
- PrivilegeType.DELETE, group));
- roles.add(new Role(PredefinedRole.USER_GROUP_ADMIN_READ,
- PrivilegeType.READ, group));
- roles.add(new Role(PredefinedRole.USER_GROUP_ADMIN_WRITE,
- PrivilegeType.WRITE, group));
- roles.add(new Role(PredefinedRole.QUERY_ADMIN_DELETE,
- PrivilegeType.DELETE, group));
- roles.add(new Role(PredefinedRole.QUERY_ADMIN_READ,
- PrivilegeType.READ, group));
- roles.add(new Role(PredefinedRole.QUERY_ADMIN_WRITE,
- PrivilegeType.WRITE, group));
+ roles.add(new Role(PredefinedRole.GROUP_ADMIN,
+ PrivilegeType.DELETE_MEMBER, group));
+ roles.add(new Role(PredefinedRole.GROUP_ADMIN, PrivilegeType.READ_MEMBER,
+ group));
+ roles.add(new Role(PredefinedRole.GROUP_ADMIN, PrivilegeType.WRITE_MEMBER,
+ group));
+ roles.add(new Role(PredefinedRole.GROUP_ADMIN, PrivilegeType.SHARE_QUERY,
+ group));
+ roles.add(new Role(PredefinedRole.GROUP_ADMIN, PrivilegeType.DELETE_QUERY,
+ group));
return roles;
}
diff --git a/src/main/java/de/ids_mannheim/korap/entity/Role.java b/src/main/java/de/ids_mannheim/korap/entity/Role.java
index bd247e6..434ab82 100644
--- a/src/main/java/de/ids_mannheim/korap/entity/Role.java
+++ b/src/main/java/de/ids_mannheim/korap/entity/Role.java
@@ -88,7 +88,8 @@
@Override
public boolean equals (Object obj) {
Role r = (Role) obj;
- if (this.id == r.getId() && this.name.equals(r.getName())) {
+ if (this.id == r.getId() && this.name.equals(r.getName())
+ && this.privilege.equals(r.getPrivilege())) {
return true;
}
return false;
diff --git a/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java b/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
index 24875b1..fa2a941 100644
--- a/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
+++ b/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
@@ -71,7 +71,7 @@
private RandomCodeGenerator random;
/**
- * Only users with {@link PredefinedRole#USER_GROUP_ADMIN}
+ * Only users with {@link PredefinedRole#GROUP_ADMIN}
* are allowed to see the members of the group.
*
* @param username
@@ -114,7 +114,7 @@
private List<UserGroupMember> retrieveMembers (int groupId, String username)
throws KustvaktException {
List<UserGroupMember> groupAdmins = groupMemberDao.retrieveMemberByRole(
- groupId, PredefinedRole.USER_GROUP_ADMIN_DELETE);
+ groupId, PredefinedRole.GROUP_ADMIN);
List<UserGroupMember> members = null;
for (UserGroupMember admin : groupAdmins) {
@@ -164,21 +164,16 @@
public List<UserGroupMember> retrieveQueryAccessAdmins (UserGroup userGroup)
throws KustvaktException {
List<UserGroupMember> groupAdmins = groupMemberDao.retrieveMemberByRole(
- userGroup.getId(), PredefinedRole.QUERY_ADMIN_DELETE);
+ userGroup.getId(), PredefinedRole.QUERY_ACCESS_ADMIN);
return groupAdmins;
}
private Set<Role> prepareMemberRoles (UserGroup userGroup) {
- Role r1 = new Role(PredefinedRole.USER_GROUP_MEMBER_DELETE,
- PrivilegeType.DELETE, userGroup);
- Role r2 = new Role(PredefinedRole.QUERY_MEMBER_READ,
- PrivilegeType.DELETE, userGroup);
+ Role r1 = new Role(PredefinedRole.GROUP_MEMBER,
+ PrivilegeType.DELETE_MEMBER, userGroup);
roleDao.addRole(r1);
- roleDao.addRole(r2);
-
- Set<Role>memberRoles = new HashSet<Role>(2);
+ Set<Role>memberRoles = new HashSet<Role>(1);
memberRoles.add(r1);
- memberRoles.add(r2);
return memberRoles;
}
@@ -186,11 +181,11 @@
* Group owner is automatically added when creating a group.
* Do not include owners in group members.
*
- * {@link PredefinedRole#USER_GROUP_MEMBER} and
+ * {@link PredefinedRole#GROUP_MEMBER} and
* {@link PredefinedRole#VC_ACCESS_MEMBER} roles are
* automatically assigned to each group member.
*
- * {@link PredefinedRole#USER_GROUP_MEMBER} restrict users
+ * {@link PredefinedRole#GROUP_MEMBER} restrict users
* to see other group members and allow users to remove
* themselves from the groups.
*
@@ -405,12 +400,12 @@
}
}
- private boolean isUserGroupAdmin (String username, UserGroup userGroup)
+ public boolean isUserGroupAdmin (String username, UserGroup userGroup)
throws KustvaktException {
List<UserGroupMember> userGroupAdmins = groupMemberDao
.retrieveMemberByRole(userGroup.getId(),
- PredefinedRole.USER_GROUP_ADMIN_DELETE);
+ PredefinedRole.GROUP_ADMIN);
for (UserGroupMember admin : userGroupAdmins) {
if (username.equals(admin.getUserId())) {
@@ -420,6 +415,18 @@
return false;
}
+ public boolean isUserGroupAdmin (UserGroupMember member)
+ throws KustvaktException {
+
+ for (Role r : member.getRoles()) {
+ if (r.getName().equals(PredefinedRole.GROUP_ADMIN)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+
/**
* Updates the {@link GroupMemberStatus} of a pending member
* to {@link GroupMemberStatus#ACTIVE} and add default member
@@ -635,12 +642,27 @@
Set<Role> roles = member.getRoles();
for (PredefinedRole role : roleNames) {
- String[] roleArray = role.name().split("_");
- String privilege = roleArray[roleArray.length-1];
- Role r = new Role(role,
- Enum.valueOf(PrivilegeType.class, privilege), userGroup);
- roleDao.addRole(r);
- roles.add(r);
+ if (role.equals(PredefinedRole.GROUP_ADMIN)) {
+ Role r1 = new Role(role,PrivilegeType.READ_MEMBER, userGroup);
+ roleDao.addRole(r1);
+ roles.add(r1);
+
+ Role r2 = new Role(role,PrivilegeType.DELETE_MEMBER, userGroup);
+ roleDao.addRole(r2);
+ roles.add(r2);
+
+ Role r3 = new Role(role,PrivilegeType.WRITE_MEMBER, userGroup);
+ roleDao.addRole(r3);
+ roles.add(r3);
+
+ Role r4 = new Role(role,PrivilegeType.SHARE_QUERY, userGroup);
+ roleDao.addRole(r4);
+ roles.add(r4);
+
+ Role r5 = new Role(role,PrivilegeType.DELETE_QUERY, userGroup);
+ roleDao.addRole(r5);
+ roles.add(r5);
+ }
}
member.setRoles(roles);
groupMemberDao.updateMember(member);
diff --git a/src/main/resources/db/sqlite/V1.13__user_group_alteration.sql b/src/main/resources/db/sqlite/V1.13__user_group_alteration.sql
index d13dde0..6746d49 100644
--- a/src/main/resources/db/sqlite/V1.13__user_group_alteration.sql
+++ b/src/main/resources/db/sqlite/V1.13__user_group_alteration.sql
@@ -1,7 +1,7 @@
--DROP INDEX IF EXISTS group_member_role_index;
--DROP INDEX IF EXISTS user_group_member_index;
-DROP INDEX IF EXISTS user_group_member_status_index;
-DROP INDEX IF EXISTS role_index;
+--DROP INDEX IF EXISTS user_group_member_status_index;
+--DROP INDEX IF EXISTS role_index;
-- please commented out the triggers in V1.2__triggers.sql later
--DROP TRIGGER IF EXISTS insert_member_status;
@@ -42,7 +42,7 @@
);
INSERT INTO role_new (name, privilege, group_id, query_id)
- SELECT DISTINCT r.name || '_' || p.name, p.name, ug.id, qa.query_id
+ SELECT DISTINCT r.name, p.name, ug.id, qa.query_id
FROM user_group ug
JOIN query_access qa ON ug.id=qa.user_group_id
JOIN user_group_member ugm ON ugm.group_id = ug.id
@@ -50,27 +50,6 @@
JOIN role r ON gmr.role_id = r.id
JOIN privilege p ON p.role_id = r.id;
---CREATE TABLE IF NOT EXISTS user_role (
--- id INTEGER PRIMARY KEY AUTOINCREMENT,
--- user_id VARCHAR(100) NOT NULL,
--- status VARCHAR(100) NOT NULL,
--- role_id INTEGER,
--- FOREIGN KEY (role_id)
--- REFERENCES role_new (id)
--- ON DELETE CASCADE
---);
---
---INSERT INTO user_role (user_id,status,role_id)
---SELECT ugm.user_id, ugm.status, rn.id
--- FROM query_access qa
--- JOIN user_group_member ugm ON ugm.group_id = qa.user_group_id
--- JOIN group_member_role gmr ON gmr.group_member_id = ugm.id
--- JOIN role r ON gmr.role_id = r.id
--- JOIN privilege p ON p.role_id = r.id
--- JOIN role_new rn
--- where r.name || '_' || p.name = rn.name
--- and rn.group_id=qa.user_group_id;
-
DROP INDEX IF EXISTS privilege_index;
DROP INDEX IF EXISTS virtual_corpus_access_unique_index;
DROP INDEX IF EXISTS virtual_corpus_status_index;
diff --git a/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java b/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
index 15662f9..4064dd8 100644
--- a/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
+++ b/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
@@ -40,7 +40,7 @@
// member roles
Set<Role> roles = roleDao.retrieveRoleByGroupMemberId(m.getId());
- assertEquals(6, roles.size());
+ assertEquals(2, roles.size());
}
@Test
diff --git a/src/test/java/de/ids_mannheim/korap/dao/UserGroupMemberDaoTest.java b/src/test/java/de/ids_mannheim/korap/dao/UserGroupMemberDaoTest.java
index 4907c70..6f5ce5e 100644
--- a/src/test/java/de/ids_mannheim/korap/dao/UserGroupMemberDaoTest.java
+++ b/src/test/java/de/ids_mannheim/korap/dao/UserGroupMemberDaoTest.java
@@ -30,44 +30,41 @@
@Autowired
private RoleDao roleDao;
- private static UserGroup group;
-
- @BeforeEach
- public void setUp() throws KustvaktException {
- group = createDoryGroup();
- }
-
- @AfterEach
- public void tearDown() throws KustvaktException {
- deleteUserGroup(group.getId(), "dory");
- }
-
@Test
public void testRetrieveMemberByRole () throws KustvaktException {
+ UserGroup group = createDoryGroup();
+
// dory group
List<UserGroupMember> vcaAdmins = dao.retrieveMemberByRole(group.getId(),
- PredefinedRole.QUERY_ADMIN_DELETE);
+ PredefinedRole.QUERY_ACCESS_ADMIN);
// System.out.println(vcaAdmins);
assertEquals(1, vcaAdmins.size());
assertEquals(vcaAdmins.get(0).getUserId(), "dory");
+
+ deleteUserGroup(group.getId(), "dory");
}
// EM: now it is possible to add duplicate member role !
@Test
public void testAddSameMemberRole () throws KustvaktException {
+ UserGroup group = createDoryGroup();
int groupId = group.getId();
- Role newRole = new Role(PredefinedRole.USER_GROUP_ADMIN_DELETE,
- PrivilegeType.DELETE, group);
+ Role newRole = new Role(PredefinedRole.GROUP_ADMIN,
+ PrivilegeType.DELETE_MEMBER, group);
roleDao.addRole(newRole);
UserGroupMember member = dao.retrieveMemberById("dory", groupId);
Set<Role> roles = member.getRoles();
+ assertEquals(6, roles.size());
+
roles.add(newRole);
member.setRoles(roles);
dao.updateMember(member);
member = dao.retrieveMemberById("dory", groupId);
member.getRoles();
assertEquals(7, roles.size());
+
+ deleteUserGroup(group.getId(), "dory");
}
}
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerAdminTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerAdminTest.java
index 93c3d58..99e1454 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerAdminTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerAdminTest.java
@@ -229,9 +229,9 @@
Form form = new Form();
form.param("memberUsername", memberUsername);
// USER_GROUP_ADMIN
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
// USER_GROUP_MEMBER
- form.param("role", PredefinedRole.USER_GROUP_MEMBER_DELETE.name());
+ form.param("role", PredefinedRole.GROUP_MEMBER.name());
addMemberRole(groupName, sysAdminUser, form);
JsonNode node = retrieveGroup(groupName).at("/members");
@@ -239,8 +239,7 @@
for (int i = 0; i < node.size(); i++) {
member = node.get(i);
if (member.at("/userId").asText().equals(memberUsername)) {
- assertEquals(4, member.at("/roles").size());
- System.out.println(member.at("/roles").asText());
+ assertEquals(6, member.at("/roles").size());
break;
}
}
@@ -251,14 +250,13 @@
Form form = new Form();
form.param("memberUsername", memberUsername);
// USER_GROUP_ADMIN
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
Response response = target().path(API_VERSION).path("group")
.path("@" + groupName).path("role").path("delete").request()
.header(Attributes.AUTHORIZATION,
HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue(
sysAdminUser, "password"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.post(Entity.form(form));
assertEquals(Status.OK.getStatusCode(), response.getStatus());
JsonNode node = retrieveGroup(groupName).at("/members");
@@ -266,7 +264,7 @@
for (int i = 0; i < node.size(); i++) {
member = node.get(i);
if (member.at("/userId").asText().equals(memberUsername)) {
- assertEquals(3, member.at("/roles").size());
+ assertEquals(1, member.at("/roles").size());
break;
}
}
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerTest.java
index c4dac73..bf653bc 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupControllerTest.java
@@ -108,7 +108,7 @@
assertEquals(username, node.at("/members/0/userId").asText());
assertEquals(GroupMemberStatus.ACTIVE.name(),
node.at("/members/0/status").asText());
- assertEquals(6, node.at("/members/0/roles").size());
+ assertEquals(5, node.at("/members/0/roles").size());
testUpdateUserGroup(groupName);
testInviteMember(groupName, username, "darla");
@@ -244,8 +244,8 @@
Form form = new Form();
form.param("memberUsername", "dory");
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_WRITE.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
+ form.param("role", PredefinedRole.QUERY_ACCESS_ADMIN.name());
addMemberRole(marlinGroupName, "marlin", form);
// dory is a group admin in marlin-group
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupMemberTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupMemberTest.java
index 324a8a0..ab72b75 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupMemberTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupMemberTest.java
@@ -109,15 +109,14 @@
Form form = new Form();
form.param("memberUsername", "marlin");
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_WRITE.name());
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_DELETE.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
+ form.param("role", PredefinedRole.QUERY_ACCESS_ADMIN.name());
addMemberRole(doryGroupName, "dory", form);
UserGroupMember member = memberDao.retrieveMemberById("marlin",
groupId);
Set<Role> roles = member.getRoles();
- assertEquals(5, roles.size());
+ assertEquals(6, roles.size());
deleteGroupByName(doryGroupName, "dory");
}
@@ -132,12 +131,12 @@
Form form = new Form();
form.param("memberUsername", "dory");
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
addMemberRole(marlinGroupName, "marlin", form);
UserGroupMember member = memberDao.retrieveMemberById("dory", groupId);
Set<Role> roles = member.getRoles();
- assertEquals(3, roles.size());
+ assertEquals(6, roles.size());
testAddSameMemberRole(groupId);
testDeleteMemberRole(groupId);
@@ -152,20 +151,20 @@
throws ProcessingException, KustvaktException {
Form form = new Form();
form.param("memberUsername", "dory");
- form.param("role", PredefinedRole.USER_GROUP_MEMBER_DELETE.name());
+ form.param("role", PredefinedRole.GROUP_MEMBER.name());
addMemberRole(marlinGroupName, "marlin", form);
UserGroupMember member = memberDao.retrieveMemberById("dory", groupId);
Set<Role> roles = member.getRoles();
- assertEquals(4, roles.size());
+ assertEquals(6, roles.size());
}
private void testDeleteMemberRole (int groupId)
throws ProcessingException, KustvaktException {
Form form = new Form();
form.param("memberUsername", "dory");
- form.param("role", PredefinedRole.USER_GROUP_ADMIN_READ.name());
+ form.param("role", PredefinedRole.GROUP_ADMIN.name());
Response response = target().path(API_VERSION).path("group")
.path("@marlin-group").path("role").path("delete").request()
.header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
@@ -174,7 +173,7 @@
assertEquals(Status.OK.getStatusCode(), response.getStatus());
UserGroupMember member = memberDao.retrieveMemberById("dory", groupId);
Set<Role> roles = member.getRoles();
- assertEquals(3, roles.size());
+ assertEquals(1, roles.size());
}
@Deprecated
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupSubscriptionTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupSubscriptionTest.java
index b08a27f..57c4227 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupSubscriptionTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/usergroup/UserGroupSubscriptionTest.java
@@ -78,7 +78,7 @@
assertEquals(GroupMemberStatus.ACTIVE.name(),
group.at("/userMemberStatus").asText());
- assertEquals(2, group.at("/userRoles").size());
+ assertEquals(1, group.at("/userRoles").size());
// unsubscribe marlin from dory-group
testUnsubscribeActiveMember("dory-group");
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/vc/VirtualCorpusSharingTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/vc/VirtualCorpusSharingTest.java
index 26e6334..bd15a76 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/vc/VirtualCorpusSharingTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/vc/VirtualCorpusSharingTest.java
@@ -181,9 +181,9 @@
assertEquals(memberName, node.at("/members/1/userId").asText());
assertEquals(GroupMemberStatus.ACTIVE.name(),
node.at("/members/1/status").asText());
- assertEquals(PredefinedRole.QUERY_MEMBER_READ,
+ assertEquals(PredefinedRole.QUERY_ACCESS,
node.at("/members/1/roles/1").asText());
- assertEquals(PredefinedRole.USER_GROUP_MEMBER_DELETE,
+ assertEquals(PredefinedRole.GROUP_MEMBER,
node.at("/members/1/roles/0").asText());
}