@After
public void tearDown() throws Exception {
if (accessApproval != null && accessApproval.getId() != null) {
accessApprovalDAO.delete(accessApproval.getId().toString());
}
if (accessApproval2 != null && accessApproval2.getId() != null) {
accessApprovalDAO.delete(accessApproval2.getId().toString());
}
if (accessRequirement != null && accessRequirement.getId() != null) {
accessRequirementDAO.delete(accessRequirement.getId().toString());
}
if (accessRequirement2 != null && accessRequirement2.getId() != null) {
accessRequirementDAO.delete(accessRequirement2.getId().toString());
}
if (node != null && nodeDAO != null) {
nodeDAO.delete(node.getId());
node = null;
}
if (node2 != null && nodeDAO != null) {
nodeDAO.delete(node2.getId());
node2 = null;
}
if (evaluation != null && evaluationDAO != null) {
evaluationDAO.delete(evaluation.getId());
evaluation = null;
}
individualGroup = userGroupDAO.findGroup(TEST_USER_NAME, true);
if (individualGroup != null) {
userGroupDAO.delete(individualGroup.getId());
}
individualGroup2 = userGroupDAO.findGroup(TEST_USER_NAME_2, true);
if (individualGroup2 != null) {
userGroupDAO.delete(individualGroup2.getId());
}
}
@Override
public void deleteAccessApproval(UserInfo userInfo, String accessApprovalId)
throws NotFoundException, DatastoreException, UnauthorizedException, ForbiddenException {
AccessApproval accessApproval = accessApprovalDAO.get(accessApprovalId);
verifyAccess(userInfo, accessApproval, ADMINISTER_ACCESS_APPROVAL_ACCESS_TYPE);
accessApprovalDAO.delete(accessApproval.getId().toString());
}
@Test
public void testUnmetARsForEvaluation() throws Exception {
RestrictableObjectDescriptor rod =
AccessRequirementUtilsTest.createRestrictableObjectDescriptor(
evaluation.getId(), RestrictableObjectType.EVALUATION);
// Logic for unmet requirements doesn't reflect ownership at the DAO level. It's factored in at
// the manager level.
// Therefore, the owner see unmet ARs for herself..
List<Long> unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
participateAndDownload);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement2.getId(), unmetARIds.iterator().next());
// ... just as someone else does, if they haven't signed the ToU
unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup2.getId())}),
participateAndDownload);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement2.getId(), unmetARIds.iterator().next());
// Create a new object
accessApproval2 = newAccessApproval(individualGroup2, accessRequirement2);
// Create it
accessApproval2 = accessApprovalDAO.create(accessApproval2);
String id = accessApproval2.getId().toString();
assertNotNull(id);
// no unmet requirement anymore ...
assertTrue(
accessRequirementDAO
.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup2.getId())}),
participateAndDownload)
.isEmpty());
// Get by evaluation Id
Collection<AccessApproval> ars =
accessApprovalDAO.getForAccessRequirementsAndPrincipals(
Arrays.asList(new String[] {accessRequirement2.getId().toString()}),
Arrays.asList(new String[] {individualGroup2.getId().toString()}));
assertEquals(1, ars.size());
assertEquals(accessApproval2, ars.iterator().next());
}
@Override
public <T extends AccessApproval> T updateAccessApproval(UserInfo userInfo, T accessApproval)
throws NotFoundException, DatastoreException, UnauthorizedException,
ConflictingUpdateException, InvalidModelException, ForbiddenException {
validateAccessApproval(userInfo, accessApproval);
verifyAccess(userInfo, accessApproval, ADMINISTER_ACCESS_APPROVAL_ACCESS_TYPE);
populateModifiedFields(userInfo, accessApproval);
return accessApprovalDAO.update(accessApproval);
}
@Override
public <T extends AccessApproval> T createAccessApproval(UserInfo userInfo, T accessApproval)
throws DatastoreException, InvalidModelException, UnauthorizedException, NotFoundException,
ForbiddenException {
validateAccessApproval(userInfo, accessApproval);
if ((accessApproval instanceof ACTAccessApproval)) {
verifyAccess(userInfo, accessApproval, ADMINISTER_ACCESS_APPROVAL_ACCESS_TYPE);
}
if ((accessApproval instanceof TermsOfUseAccessApproval)) {
verifyAccess(userInfo, accessApproval, ACCESS_TYPE.READ);
}
populateCreationFields(userInfo, accessApproval);
return accessApprovalDAO.create(accessApproval);
}
@Override
public QueryResults<AccessApproval> getAccessApprovalsForEntity(
UserInfo userInfo, String entityId)
throws DatastoreException, NotFoundException, ForbiddenException {
if (!authorizationManager.canAccess(userInfo, entityId, ACCESS_TYPE.READ)) {
throw new ForbiddenException("You are not allowed to access the requested resource.");
}
List<AccessRequirement> ars = accessRequirementDAO.getForNode(entityId);
List<String> arIds = new ArrayList<String>();
for (AccessRequirement ar : ars) arIds.add(ar.getId().toString());
List<String> principalIds = new ArrayList<String>();
principalIds.add(userInfo.getIndividualGroup().getId());
for (UserGroup ug : userInfo.getGroups()) principalIds.add(ug.getId());
List<AccessApproval> aas =
accessApprovalDAO.getForAccessRequirementsAndPrincipals(arIds, principalIds);
QueryResults<AccessApproval> result = new QueryResults<AccessApproval>(aas, aas.size());
return result;
}
@Test
public void testCRUD() throws Exception {
// first of all, we should see the unmet requirement
RestrictableObjectDescriptor rod =
AccessRequirementUtilsTest.createRestrictableObjectDescriptor(node.getId());
List<Long> unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
downloadAccessType);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement.getId(), unmetARIds.iterator().next());
// while we're at it, check the edge cases:
// same result for ficticious principal ID
unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod, Arrays.asList(new Long[] {8888L}), downloadAccessType);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement.getId(), unmetARIds.iterator().next());
// no unmet requirements for ficticious node ID
assertTrue(
accessRequirementDAO
.unmetAccessRequirements(
AccessRequirementUtilsTest.createRestrictableObjectDescriptor("syn7890"),
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
downloadAccessType)
.isEmpty());
// no unmet requirement for other type of access
assertTrue(
accessRequirementDAO
.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
updateAccessType)
.isEmpty());
// Create a new object
accessApproval = newAccessApproval(individualGroup, accessRequirement);
// Create it
accessApproval = accessApprovalDAO.create(accessApproval);
String id = accessApproval.getId().toString();
assertNotNull(id);
// no unmet requirement anymore ...
assertTrue(
accessRequirementDAO
.unmetAccessRequirements(
rod,
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
downloadAccessType)
.isEmpty());
// ... but for a different (ficticious) user, the requirement isn't met...
unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod, Arrays.asList(new Long[] {8888L}), downloadAccessType);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement.getId(), unmetARIds.iterator().next());
// ... and it's still unmet for the second node
RestrictableObjectDescriptor rod2 =
AccessRequirementUtilsTest.createRestrictableObjectDescriptor(node2.getId());
unmetARIds =
accessRequirementDAO.unmetAccessRequirements(
rod2,
Arrays.asList(new Long[] {Long.parseLong(individualGroup.getId())}),
participateAndDownload);
assertEquals(1, unmetARIds.size());
assertEquals(accessRequirement2.getId(), unmetARIds.iterator().next());
// Fetch it
AccessApproval clone = accessApprovalDAO.get(id);
assertNotNull(clone);
assertEquals(accessApproval, clone);
// Get by Node Id
Collection<AccessApproval> ars =
accessApprovalDAO.getForAccessRequirementsAndPrincipals(
Arrays.asList(new String[] {accessRequirement.getId().toString()}),
Arrays.asList(new String[] {individualGroup.getId().toString()}));
assertEquals(1, ars.size());
assertEquals(accessApproval, ars.iterator().next());
// update it
clone = ars.iterator().next();
AccessApproval updatedAA = accessApprovalDAO.update(clone);
assertEquals(
((TermsOfUseAccessApproval) clone).getEntityType(),
((TermsOfUseAccessApproval) updatedAA).getEntityType());
assertTrue(
"etags should be different after an update", !clone.getEtag().equals(updatedAA.getEtag()));
try {
accessApprovalDAO.update(clone);
fail("conflicting update exception not thrown");
} catch (ConflictingUpdateException e) {
// We expected this exception
}
try {
// Update from a backup.
updatedAA = accessApprovalDAO.updateFromBackup(clone);
assertEquals(clone.getEtag(), updatedAA.getEtag());
} catch (ConflictingUpdateException e) {
fail("Update from backup should not generate exception even if the e-tag is different.");
}
// Delete it
accessApprovalDAO.delete(id);
}
