This is an automated email from the git hooks/post-receive script. New commit to branch feature/7494 in repository observe. See http://git.codelutin.com/observe.git commit 177d80cb4149cd329e3172f4d21f15990782e46c Author: Tony CHEMIT <chemit@codelutin.com> Date: Sun Aug 30 17:54:20 2015 +0200 Vérification des permissions des utilisateurs en utilisant la configurations des bases (See #7494) --- .../web/ObserveWebApplicationContext.java | 3 +- .../configuration/user/ObserveWebUsersHelper.java | 36 ++++++++++++----- .../db/ObserveWebDatabasesHelperTest.java | 40 ++++++++++--------- .../user/ObserveWebUsersHelperTest.java | 45 ++++++++++++---------- 4 files changed, 73 insertions(+), 51 deletions(-) diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebApplicationContext.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebApplicationContext.java index 0ad4882..a487916 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebApplicationContext.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebApplicationContext.java @@ -64,13 +64,12 @@ public class ObserveWebApplicationContext implements Closeable { applicationConfiguration.init(); // init databases - ObserveWebDatabasesHelper databasesHelper = new ObserveWebDatabasesHelper(); databases = databasesHelper.load(applicationConfiguration.getDatabasesConfigurationFile()); // init users ObserveWebUsersHelper usersHelper = new ObserveWebUsersHelper(); - users = usersHelper.load(applicationConfiguration.getUsersConfigurationFile()); + users = usersHelper.load(databases, applicationConfiguration.getUsersConfigurationFile()); // init service application context serviceApplicationContext = new ObserveServiceApplicationContext(); diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelper.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelper.java index 4f82b1f..db5cc8f 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelper.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelper.java @@ -4,7 +4,11 @@ import com.esotericsoftware.yamlbeans.YamlConfig; import com.esotericsoftware.yamlbeans.YamlReader; import com.esotericsoftware.yamlbeans.YamlWriter; import com.google.common.base.Charsets; +import com.google.common.base.Optional; import com.google.common.io.Files; +import fr.ird.observe.application.web.configuration.db.ObserveWebDatabase; +import fr.ird.observe.application.web.configuration.db.ObserveWebDatabaseRole; +import fr.ird.observe.application.web.configuration.db.ObserveWebDatabases; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUserBean; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUserPermissionBean; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUsersBean; @@ -30,10 +34,10 @@ public class ObserveWebUsersHelper { /** Logger. */ private static final Log log = LogFactory.getLog(ObserveWebUsersHelper.class); - public ObserveWebUsersImmutable load(File file) throws InvalidObserveWebUsersException, InvalidObserveWebUserException, InvalidObserveWebUserPermissionException { + public ObserveWebUsersImmutable load(ObserveWebDatabases databases, File file) throws InvalidObserveWebUsersException, InvalidObserveWebUserException, InvalidObserveWebUserPermissionException { ObserveWebUsersBean observeWebUsersBean = loadBean(file); - validateObserveWebUsersBean(observeWebUsersBean); + validateObserveWebUsersBean(databases, observeWebUsersBean); ObserveWebUsersImmutable observeWebUsersImmutable = observeWebUsersBean.toImmutable(); return observeWebUsersImmutable; @@ -53,19 +57,19 @@ public class ObserveWebUsersHelper { return result; } - public void validateObserveWebUsersBean(ObserveWebUsersBean observeWebUsersBean) throws InvalidObserveWebUsersException, InvalidObserveWebUserException, InvalidObserveWebUserPermissionException { + public void validateObserveWebUsersBean(ObserveWebDatabases databases, ObserveWebUsersBean observeWebUsersBean) throws InvalidObserveWebUsersException, InvalidObserveWebUserException, InvalidObserveWebUserPermissionException { if (CollectionUtils.isEmpty(observeWebUsersBean.getUsers())) { throw new InvalidObserveWebUserException("No user defined"); } for (ObserveWebUserBean observeWebUserBean : observeWebUsersBean.getUsers()) { - validateObserveWebUserBean(observeWebUserBean); + validateObserveWebUserBean(databases, observeWebUserBean); } } - public void validateObserveWebUserBean(ObserveWebUserBean observeWebUserBean) throws InvalidObserveWebUserPermissionException, InvalidObserveWebUserException { + public void validateObserveWebUserBean(ObserveWebDatabases databases, ObserveWebUserBean observeWebUserBean) throws InvalidObserveWebUserPermissionException, InvalidObserveWebUserException { String login = observeWebUserBean.getLogin(); if (StringUtils.isBlank(login)) { @@ -85,7 +89,7 @@ public class ObserveWebUsersHelper { for (ObserveWebUserPermissionBean observeWebUserPermissionBean : observeWebUserBean.getPermissions()) { - validateObserveWebUserPermissionBean(observeWebUserBean, observeWebUserPermissionBean); + validateObserveWebUserPermissionBean(databases, observeWebUserBean, observeWebUserPermissionBean); boolean added = databaseNames.add(observeWebUserPermissionBean.getDatabase()); if (!added) { @@ -96,17 +100,29 @@ public class ObserveWebUsersHelper { } - public void validateObserveWebUserPermissionBean(ObserveWebUserBean observeWebUserBean, ObserveWebUserPermissionBean observeWebUserRoleBean) throws InvalidObserveWebUserPermissionException { + public void validateObserveWebUserPermissionBean(ObserveWebDatabases<?> databases, ObserveWebUserBean observeWebUserBean, ObserveWebUserPermissionBean observeWebUserRoleBean) throws InvalidObserveWebUserPermissionException { String login = observeWebUserBean.getLogin(); - if (StringUtils.isBlank(observeWebUserRoleBean.getDatabase())) { + String databaseName = observeWebUserRoleBean.getDatabase(); + if (StringUtils.isBlank(databaseName)) { throw new InvalidObserveWebUserPermissionException("User " + login + ", found a permission with no database name defined"); } - if (StringUtils.isBlank(observeWebUserRoleBean.getRole())) { - throw new InvalidObserveWebUserPermissionException("User " + login + ", found a permission " + observeWebUserRoleBean.getDatabase() + " with no role defined"); + String role = observeWebUserRoleBean.getRole(); + if (StringUtils.isBlank(role)) { + throw new InvalidObserveWebUserPermissionException("User " + login + ", found a permission " + databaseName + " with no role defined"); } + Optional<? extends ObserveWebDatabase> databaseByName = databases.getDatabaseByName(databaseName); + if (!databaseByName.isPresent()) { + throw new InvalidObserveWebUserPermissionException("User " + login + ", found a permission " + databaseName + ", but database does not exists"); + } + + ObserveWebDatabase<?> database = databaseByName.get(); + Optional<? extends ObserveWebDatabaseRole> observeWebDatabaseRole = database.getDatabaseRoleByLogin(role); + if (!observeWebDatabaseRole.isPresent()) { + throw new InvalidObserveWebUserPermissionException("User " + login + ", found a permission " + databaseName + " with role " + role + ", but this role is not defined on this database"); + } } public void store(ObserveWebUsers users, File file) { diff --git a/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/db/ObserveWebDatabasesHelperTest.java b/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/db/ObserveWebDatabasesHelperTest.java index 7d78f85..ba8749e 100644 --- a/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/db/ObserveWebDatabasesHelperTest.java +++ b/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/db/ObserveWebDatabasesHelperTest.java @@ -16,6 +16,7 @@ import org.junit.Before; import org.junit.Test; import java.io.File; +import java.io.IOException; import java.util.Collection; import java.util.LinkedHashSet; import java.util.Set; @@ -27,10 +28,6 @@ import java.util.Set; */ public class ObserveWebDatabasesHelperTest { - protected ObserveWebApplicationConfiguration configuration; - - protected ObserveWebDatabasesHelper observeWebDatabasesHelper; - public static final String FILE_CONTENT = "databases: \n" + "- name: production\n" + " defaultDatabase: true\n" + @@ -56,21 +53,32 @@ public class ObserveWebDatabasesHelperTest { " password: passwordReferentiel\n" + " url: jdbc:postgresql://localhost:5432/test\n"; + protected ObserveWebApplicationConfiguration configuration; + + protected ObserveWebDatabasesHelper observeWebDatabasesHelper; + + protected File databasesConfigurationFile; + + public static File loadDatabasesConfigurationFileMock(ObserveWebApplicationConfiguration configuration) throws IOException { + File databasesConfigurationFile = configuration.getDatabasesConfigurationFile(); + Files.write(FILE_CONTENT, databasesConfigurationFile, Charsets.UTF_8); + return databasesConfigurationFile; + } + @Before public void setUp() { configuration = new ObserveWebApplicationConfiguration(); configuration.init(); observeWebDatabasesHelper = new ObserveWebDatabasesHelper(); + databasesConfigurationFile = configuration.getDatabasesConfigurationFile(); } @Test public void testLoadBean() throws Exception { - File databasesFile = configuration.getDatabasesConfigurationFile(); + loadDatabasesConfigurationFileMock(configuration); - Files.write(FILE_CONTENT, databasesFile, Charsets.UTF_8); - - ObserveWebDatabasesBean databases = observeWebDatabasesHelper.loadBean(databasesFile); + ObserveWebDatabasesBean databases = observeWebDatabasesHelper.loadBean(databasesConfigurationFile); Assert.assertNotNull(databases); Set<ObserveWebDatabaseBean> databasesSet = databases.getDatabases(); Assert.assertNotNull(databasesSet); @@ -96,11 +104,9 @@ public class ObserveWebDatabasesHelperTest { @Test public void testLoad() throws Exception { - File databasesFile = configuration.getDatabasesConfigurationFile(); - - Files.write(FILE_CONTENT, databasesFile, Charsets.UTF_8); + loadDatabasesConfigurationFileMock(configuration); - ObserveWebDatabasesImmutable databases = observeWebDatabasesHelper.load(databasesFile); + ObserveWebDatabasesImmutable databases = observeWebDatabasesHelper.load(databasesConfigurationFile); Assert.assertNotNull(databases); Collection<ObserveWebDatabaseImmutable> databasesSet = databases.getDatabases(); Assert.assertNotNull(databasesSet); @@ -219,18 +225,16 @@ public class ObserveWebDatabasesHelperTest { ObserveWebDatabasesBean databases = new ObserveWebDatabasesBean(); databases.setDatabases(databaseSet); - File databasesFile = configuration.getDatabasesConfigurationFile(); - - observeWebDatabasesHelper.store(databases, databasesFile); + observeWebDatabasesHelper.store(databases, databasesConfigurationFile); - String fileContent = Files.asCharSource(databasesFile, Charsets.UTF_8).read(); + String fileContent = Files.asCharSource(databasesConfigurationFile, Charsets.UTF_8).read(); Assert.assertEquals(FILE_CONTENT, fileContent); System.out.println(fileContent); - observeWebDatabasesHelper.store(databases.toImmutable(), databasesFile); + observeWebDatabasesHelper.store(databases.toImmutable(), databasesConfigurationFile); - String fileContent2 = Files.asCharSource(databasesFile, Charsets.UTF_8).read(); + String fileContent2 = Files.asCharSource(databasesConfigurationFile, Charsets.UTF_8).read(); Assert.assertEquals(FILE_CONTENT, fileContent2); } diff --git a/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelperTest.java b/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelperTest.java index 67b337d..6745ec6 100644 --- a/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelperTest.java +++ b/observe-application-web/src/test/java/fr/ird/observe/application/web/configuration/user/ObserveWebUsersHelperTest.java @@ -5,6 +5,9 @@ import com.google.common.base.Optional; import com.google.common.collect.Iterables; import com.google.common.io.Files; import fr.ird.observe.application.web.configuration.ObserveWebApplicationConfiguration; +import fr.ird.observe.application.web.configuration.db.ObserveWebDatabasesHelper; +import fr.ird.observe.application.web.configuration.db.ObserveWebDatabasesHelperTest; +import fr.ird.observe.application.web.configuration.db.impl.ObserveWebDatabasesImmutable; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUserBean; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUserImmutable; import fr.ird.observe.application.web.configuration.user.impl.ObserveWebUserPermissionBean; @@ -27,10 +30,6 @@ import java.util.Set; */ public class ObserveWebUsersHelperTest { - protected ObserveWebApplicationConfiguration configuration; - - protected ObserveWebUsersHelper observeWebUsersHelper; - public static final String FILE_CONTENT = "users: \n" + "- login: user1\n" + " password: password1\n" + @@ -45,30 +44,38 @@ public class ObserveWebUsersHelperTest { " - database: test\n" + " role: referentiel\n"; + protected ObserveWebApplicationConfiguration configuration; + + protected ObserveWebUsersHelper observeWebUsersHelper; + + protected File usersConfigurationFile; + @Before public void setUp() throws Exception { configuration = new ObserveWebApplicationConfiguration(); configuration.init(); observeWebUsersHelper = new ObserveWebUsersHelper(); + usersConfigurationFile = configuration.getUsersConfigurationFile(); } @Test public void testLoad() throws Exception { - File databasesFile = configuration.getUsersConfigurationFile(); + File databasesConfigurationFileMock = ObserveWebDatabasesHelperTest.loadDatabasesConfigurationFileMock(configuration); + ObserveWebDatabasesImmutable databases = new ObserveWebDatabasesHelper().load(databasesConfigurationFileMock); - Files.write(FILE_CONTENT, databasesFile, Charsets.UTF_8); + Files.write(FILE_CONTENT, usersConfigurationFile, Charsets.UTF_8); - ObserveWebUsersImmutable databases = observeWebUsersHelper.load(databasesFile); - Assert.assertNotNull(databases); - Collection<ObserveWebUserImmutable> usersSet = databases.getUsers(); + ObserveWebUsersImmutable users = observeWebUsersHelper.load(databases, usersConfigurationFile); + Assert.assertNotNull(users); + Collection<ObserveWebUserImmutable> usersSet = users.getUsers(); Assert.assertNotNull(usersSet); Assert.assertEquals(2, usersSet.size()); - Optional<ObserveWebUserImmutable> production = databases.getUserByLogin("user1"); + Optional<ObserveWebUserImmutable> production = users.getUserByLogin("user1"); Assert.assertTrue(production.isPresent()); - Optional<ObserveWebUserImmutable> production2 = databases.getUserByLogin("user3"); + Optional<ObserveWebUserImmutable> production2 = users.getUserByLogin("user3"); Assert.assertFalse(production2.isPresent()); { @@ -101,11 +108,9 @@ public class ObserveWebUsersHelperTest { @Test public void testLoadBean() throws Exception { - File databasesFile = configuration.getUsersConfigurationFile(); - - Files.write(FILE_CONTENT, databasesFile, Charsets.UTF_8); + Files.write(FILE_CONTENT, usersConfigurationFile, Charsets.UTF_8); - ObserveWebUsersBean users = observeWebUsersHelper.loadBean(databasesFile); + ObserveWebUsersBean users = observeWebUsersHelper.loadBean(usersConfigurationFile); Assert.assertNotNull(users); Set<ObserveWebUserBean> usersSet = users.getUsers(); Assert.assertNotNull(usersSet); @@ -170,18 +175,16 @@ public class ObserveWebUsersHelperTest { ObserveWebUsersBean users = new ObserveWebUsersBean(); users.setUsers(userSet); - File databasesFile = configuration.getUsersConfigurationFile(); - - observeWebUsersHelper.store(users, databasesFile); + observeWebUsersHelper.store(users, usersConfigurationFile); - String fileContent = Files.asCharSource(databasesFile, Charsets.UTF_8).read(); + String fileContent = Files.asCharSource(usersConfigurationFile, Charsets.UTF_8).read(); Assert.assertEquals(FILE_CONTENT, fileContent); System.out.println(fileContent); - observeWebUsersHelper.store(users.toImmutable(), databasesFile); + observeWebUsersHelper.store(users.toImmutable(), usersConfigurationFile); - String fileContent2 = Files.asCharSource(databasesFile, Charsets.UTF_8).read(); + String fileContent2 = Files.asCharSource(usersConfigurationFile, Charsets.UTF_8).read(); Assert.assertEquals(FILE_CONTENT, fileContent2); } -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@list.forge.codelutin.com>.