Fixed policy validity. Added policy and resource tests.
Change-Id: I4a8f40f0bcfb0d13d2e904a641048d98f6e26d89
diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
index d1a3162..d3694b8 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/AdminService.java
@@ -1,9 +1,7 @@
package de.ids_mannheim.korap.web.service.full;
-import java.util.HashMap;
import java.util.List;
import java.util.Locale;
-import java.util.Map;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
@@ -14,7 +12,6 @@
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.SecurityContext;
import org.joda.time.DateTime;
import org.slf4j.Logger;
@@ -24,12 +21,10 @@
import com.sun.jersey.spi.container.ResourceFilters;
import de.ids_mannheim.korap.auditing.AuditRecord;
-import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.config.BeansFactory;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.exceptions.StatusCodes;
import de.ids_mannheim.korap.handlers.DocumentDao;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
import de.ids_mannheim.korap.interfaces.db.AuditingIface;
import de.ids_mannheim.korap.resources.Document;
import de.ids_mannheim.korap.resources.KustvaktResource;
@@ -37,7 +32,6 @@
import de.ids_mannheim.korap.resources.ResourceFactory;
import de.ids_mannheim.korap.security.PolicyCondition;
import de.ids_mannheim.korap.security.ac.PolicyBuilder;
-import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.utils.JsonUtils;
import de.ids_mannheim.korap.utils.TimeUtils;
@@ -47,7 +41,9 @@
import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
/**
- * Created by hanl on 6/11/14.
+ * @author hanl, margaretha
+ * Created date 6/11/14.
+ * Last update: 04/2017
*/
@Path(KustvaktServer.API_VERSION + "/admin")
@ResourceFilters({ AdminFilter.class, PiwikFilter.class })
@@ -56,7 +52,6 @@
private static Logger jlog = LoggerFactory.getLogger(AdminService.class);
- private AuthenticationManagerIface authManager;
private AuditingIface auditingController;
private DocumentDao documentDao;
@@ -64,13 +59,11 @@
public AdminService () {
this.auditingController = BeansFactory.getKustvaktContext()
.getAuditingProvider();
- this.authManager = BeansFactory.getKustvaktContext()
- .getAuthenticationManager();
- this.documentDao = new DocumentDao(BeansFactory.getKustvaktContext()
- .getPersistenceClient());
+ this.documentDao = new DocumentDao(
+ BeansFactory.getKustvaktContext().getPersistenceClient());
}
-
+ // EM: not documented and tested, not sure what the purpose of the service is
@GET
@Path("audit/{type}")
public Response getAudits (@PathParam("type") String type,
@@ -111,8 +104,41 @@
@QueryParam("description") String description,
@QueryParam("group") String group,
@QueryParam("perm") List<String> permissions,
- @QueryParam("loc") String loc, @QueryParam("expire") String duration,
- @Context HttpContext context) {
+ @QueryParam("loc") String loc,
+ @QueryParam("expire") String duration, @Context HttpContext context)
+ throws KustvaktException {
+
+ if (type == null | type.isEmpty()) {
+ KustvaktException e = new KustvaktException(
+ StatusCodes.MISSING_ARGUMENT,
+ "The value of parameter type is missing.");
+ throw KustvaktResponseHandler.throwit(e);
+ }
+ else if (name == null | name.isEmpty()) {
+ KustvaktException e = new KustvaktException(
+ StatusCodes.MISSING_ARGUMENT,
+ "The value of parameter name is missing.");
+ throw KustvaktResponseHandler.throwit(e);
+ }
+ else if (description == null | description.isEmpty()) {
+ KustvaktException e = new KustvaktException(
+ StatusCodes.MISSING_ARGUMENT,
+ "The value of parameter description is missing.");
+ throw KustvaktResponseHandler.throwit(e);
+ }
+ else if (group == null | group.isEmpty()) {
+ KustvaktException e = new KustvaktException(
+ StatusCodes.MISSING_ARGUMENT,
+ "The value of parameter group is missing.");
+ throw KustvaktResponseHandler.throwit(e);
+ }
+ else if (permissions == null | permissions.isEmpty()) {
+ KustvaktException e = new KustvaktException(
+ StatusCodes.MISSING_ARGUMENT,
+ "The value of parameter permissions is missing.");
+ throw KustvaktResponseHandler.throwit(e);
+ }
+
try {
KustvaktResource resource = ResourceFactory.getResource(type);
@@ -120,22 +146,23 @@
resource.setDescription(description);
resource.setName(name);
- Permissions.Permission[] p = Permissions.read(permissions
- .toArray(new String[0]));
-
+ Permissions.Permission[] p = Permissions
+ .read(permissions.toArray(new String[0]));
+
User user = (User) context.getProperties().get("user");
-
+
PolicyBuilder pb = new PolicyBuilder(user)
.setConditions(new PolicyCondition(group))
.setResources(resource);
-
- if (loc != null && !loc.isEmpty())
+
+ if (loc != null && !loc.isEmpty()){
pb.setLocation(loc);
-
- if (duration != null && !duration.isEmpty())
- pb.setContext(TimeUtils.getNow().getMillis(),
- TimeUtils.convertTimeToSeconds(duration));
-
+ }
+ if (duration != null && !duration.isEmpty()){
+ long now = TimeUtils.getNow().getMillis();
+ pb.setContext(now,
+ now + TimeUtils.convertTimeToSeconds(duration));
+ }
pb.setPermissions(p);
pb.create();
}