- implemented default model handler
- added JUnit 4 test case
This commit is contained in:
eitch
parent
f491dd7293
commit
b523f680f9
|
|
@ -1,8 +1,10 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" path="src"/>
|
||||
<classpathentry kind="src" path="test"/>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
|
||||
<classpathentry kind="lib" path="lib/dom4j-1.6.1.jar" sourcepath="lib/dom4j-1.6.1-src.zip"/>
|
||||
<classpathentry kind="lib" path="lib/log4j-1.2.15.jar"/>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/4"/>
|
||||
<classpathentry kind="output" path="bin"/>
|
||||
</classpath>
|
||||
|
|
|
|||
|
|
@ -25,8 +25,6 @@ import ch.eitchnet.privilege.helper.XmlHelper;
|
|||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
|
||||
/**
|
||||
* TODO make persistence handle not accessible
|
||||
*
|
||||
* @author rvonburg
|
||||
*/
|
||||
public class PrivilegeContainer {
|
||||
|
|
|
|||
|
|
@ -10,12 +10,16 @@
|
|||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.HashSet;
|
||||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.dom4j.Element;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.helper.PrivilegeHelper;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
|
|
@ -31,6 +35,8 @@ import ch.eitchnet.privilege.model.internal.User;
|
|||
*/
|
||||
public class DefaultModelHandler implements ModelHandler {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(DefaultModelHandler.class);
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
|
||||
/**
|
||||
|
|
@ -48,10 +54,18 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void addOrReplacePrivilege(Certificate certificate, PrivilegeRep privilegeRep) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// create a new privilege
|
||||
Privilege privilege = new Privilege(privilegeRep.getName(), privilegeRep.getPolicy(), privilegeRep
|
||||
.isAllAllowed(), privilegeRep.getDenyList(), privilegeRep.getAllowList());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(privilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -62,24 +76,46 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// create new role
|
||||
Role role = new Role(roleRep.getName(), roleRep.getPrivileges());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(role);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addOrReplaceUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.UserRep)
|
||||
* ch.eitchnet.privilege.model.UserRep, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep) {
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, String password) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// hash password
|
||||
String passwordHash;
|
||||
if (password == null)
|
||||
passwordHash = null;
|
||||
else
|
||||
passwordHash = PrivilegeContainer.getInstance().getEncryptionHandler().convertToHash(password);
|
||||
|
||||
// create new user
|
||||
User user = new User(userRep.getUsername(), passwordHash, userRep.getFirstname(), userRep.getSurname(), userRep
|
||||
.getUserState(), userRep.getRoles(), userRep.getLocale());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -90,10 +126,39 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void addPrivilegeToRole(Certificate certificate, String roleName, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get role
|
||||
Role role = getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new PrivilegeException("Role " + roleName + " does not exist!");
|
||||
}
|
||||
|
||||
// ignore if role already has this privilege
|
||||
Set<String> currentPrivileges = role.getPrivileges();
|
||||
if (currentPrivileges.contains(roleName)) {
|
||||
logger.error("Role " + roleName + " already has privilege " + privilegeName);
|
||||
return;
|
||||
}
|
||||
|
||||
// validate that privilege exists
|
||||
if (getPrivilege(privilegeName) == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist and can not be added to role "
|
||||
+ roleName);
|
||||
}
|
||||
|
||||
// create new role with the additional privilege
|
||||
Set<String> newPrivileges = new HashSet<String>(currentPrivileges);
|
||||
newPrivileges.add(roleName);
|
||||
|
||||
Role newRole = new Role(role.getName(), newPrivileges);
|
||||
|
||||
// delegate role replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(newRole);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -101,13 +166,42 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void addRoleToUser(Certificate certificate, String username, String rolename) {
|
||||
public void addRoleToUser(Certificate certificate, String username, String roleName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get user
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// ignore if user already has role
|
||||
Set<String> currentRoles = user.getRoles();
|
||||
if (currentRoles.contains(roleName)) {
|
||||
logger.error("User " + username + " already has role " + roleName);
|
||||
return;
|
||||
}
|
||||
|
||||
// validate that role exists
|
||||
if (getRole(roleName) == null) {
|
||||
throw new PrivilegeException("Role " + roleName + " doest not exist!");
|
||||
}
|
||||
|
||||
// create new user
|
||||
Set<String> newRoles = new HashSet<String>(currentRoles);
|
||||
currentRoles.add(roleName);
|
||||
|
||||
User newUser = new User(user.getUsername(), user.getPassword(certificate), user.getFirstname(), user
|
||||
.getSurname(), user.getState(), newRoles, user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -117,11 +211,13 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public boolean persist(Certificate certificate) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return false;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
return false;
|
||||
return persistenceHandler.persist(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -132,11 +228,20 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public PrivilegeRep removePrivilege(Certificate certificate, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return null;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// delegate privilege removal to persistence handler
|
||||
Privilege removedPrivilege = persistenceHandler.removePrivilege(privilegeName);
|
||||
|
||||
return null;
|
||||
// return privilege rep if it was removed
|
||||
if (removedPrivilege != null)
|
||||
return removedPrivilege.asPrivilegeRep();
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -147,10 +252,32 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void removePrivilegeFromRole(Certificate certificate, String roleName, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get role
|
||||
Role role = getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new PrivilegeException("Role " + roleName + " does not exist!");
|
||||
}
|
||||
|
||||
// ignore if role does not have privilege
|
||||
Set<String> currentPrivileges = role.getPrivileges();
|
||||
if (!currentPrivileges.contains(privilegeName)) {
|
||||
logger.error("Role " + roleName + " doest not have privilege " + privilegeName);
|
||||
return;
|
||||
}
|
||||
|
||||
// create new role
|
||||
Set<String> newPrivileges = new HashSet<String>(currentPrivileges);
|
||||
newPrivileges.remove(privilegeName);
|
||||
Role newRole = new Role(role.getName(), newPrivileges);
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(newRole);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -161,11 +288,20 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public RoleRep removeRole(Certificate certificate, String roleName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return null;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// delegate role removal to persistence handler
|
||||
Role removedRole = persistenceHandler.removeRole(roleName);
|
||||
|
||||
return null;
|
||||
// return role rep if it was removed
|
||||
if (removedRole != null)
|
||||
return removedRole.asRoleRep();
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -173,13 +309,36 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String rolename) {
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String roleName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get User
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// ignore if user does not have role
|
||||
Set<String> currentRoles = user.getRoles();
|
||||
if (!currentRoles.contains(roleName)) {
|
||||
logger.error("User " + user + " does not have role " + roleName);
|
||||
return;
|
||||
}
|
||||
|
||||
// create new user
|
||||
Set<String> newRoles = new HashSet<String>(currentRoles);
|
||||
newRoles.remove(roleName);
|
||||
User newUser = new User(user.getUsername(), user.getPassword(certificate), user.getFirstname(), user
|
||||
.getSurname(), user.getState(), newRoles, user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -190,11 +349,20 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public UserRep removeUser(Certificate certificate, String username) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return null;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// delegate user removal to persistence handler
|
||||
User removedUser = persistenceHandler.removeUser(username);
|
||||
|
||||
return null;
|
||||
// return user rep if it was removed
|
||||
if (removedUser != null)
|
||||
return removedUser.asUserRep();
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -205,38 +373,87 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void setPrivilegeAllAllowed(Certificate certificate, String privilegeName, boolean allAllowed) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get Privilege
|
||||
Privilege privilege = getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
||||
// ignore if privilege is already set to argument
|
||||
if (privilege.isAllAllowed() == allAllowed) {
|
||||
logger.error("Privilege " + privilegeName + " is already set to "
|
||||
+ (allAllowed ? "all allowed" : "not all allowed"));
|
||||
return;
|
||||
}
|
||||
|
||||
// create new privilege
|
||||
Privilege newPrivilege = new Privilege(privilege.getName(), privilege.getPolicy(), allAllowed, privilege
|
||||
.getDenyList(), privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegeAllowList(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.util.List)
|
||||
* java.lang.String, java.util.Set)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, List<String> allowList) {
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, Set<String> allowList) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get Privilege
|
||||
Privilege privilege = getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
||||
// create new privilege
|
||||
Privilege newPrivilege = new Privilege(privilege.getName(), privilege.getPolicy(), privilege.isAllAllowed(),
|
||||
privilege.getDenyList(), allowList);
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegeDenyList(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.util.List)
|
||||
* java.lang.String, java.util.Set)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, List<String> denyList) {
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, Set<String> denyList) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get Privilege
|
||||
Privilege privilege = getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
||||
// create new privilege
|
||||
Privilege newPrivilege = new Privilege(privilege.getName(), privilege.getPolicy(), privilege.isAllAllowed(),
|
||||
denyList, privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -247,10 +464,24 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void setPrivilegePolicy(Certificate certificate, String privilegeName, String policyName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get Privilege
|
||||
Privilege privilege = getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
||||
// create new privilege
|
||||
Privilege newPrivilege = new Privilege(privilege.getName(), policyName, privilege.isAllAllowed(), privilege
|
||||
.getDenyList(), privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -261,24 +492,52 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void setUserLocaleState(Certificate certificate, String username, Locale locale) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get User
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUsername(), user.getPassword(certificate), user.getFirstname(), user
|
||||
.getSurname(), user.getState(), user.getRoles(), locale);
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserNamePassword(ch.eitchnet.privilege.model.Certificate,
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserName(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setUserNamePassword(Certificate certificate, String username, String firstname, String surname) {
|
||||
public void setUserName(Certificate certificate, String username, String firstname, String surname) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get User
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUsername(), user.getPassword(certificate), firstname, surname, user.getState(),
|
||||
user.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -289,10 +548,27 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void setUserPassword(Certificate certificate, String username, String password) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get User
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// hash password
|
||||
String passwordHash = PrivilegeContainer.getInstance().getEncryptionHandler().convertToHash(password);
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUsername(), passwordHash, user.getFirstname(), user.getSurname(), user
|
||||
.getState(), user.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -303,10 +579,24 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public void setUserState(Certificate certificate, String username, UserState state) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
if (!PrivilegeHelper.isUserPrivilegeAdmin(certificate)) {
|
||||
logger.error("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role! Certificate: "
|
||||
+ certificate);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
// get User
|
||||
User user = getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUsername(), user.getPassword(certificate), user.getFirstname(), user
|
||||
.getSurname(), state, user.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -314,8 +604,7 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
*/
|
||||
@Override
|
||||
public void initialize(Element element) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
// nothing to initialize
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -341,5 +630,4 @@ public class DefaultModelHandler implements ModelHandler {
|
|||
public User getUser(String username) {
|
||||
return persistenceHandler.getUser(username);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ package ch.eitchnet.privilege.handler;
|
|||
|
||||
import java.io.File;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
|
|
@ -379,7 +380,8 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
// create user
|
||||
User user = User.buildUser(username, password, firstname, surname, userState, roles, locale);
|
||||
User user = new User(username, password, firstname, surname, userState, Collections.unmodifiableSet(roles),
|
||||
locale);
|
||||
|
||||
// put user in map
|
||||
userMap.put(username, user);
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@
|
|||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainerObject;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
|
|
@ -33,21 +33,21 @@ public interface ModelHandler extends PrivilegeContainerObject {
|
|||
|
||||
public User getUser(String username);
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep);
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, String password);
|
||||
|
||||
public UserRep removeUser(Certificate certificate, String username);
|
||||
|
||||
public void setUserPassword(Certificate certificate, String username, String password);
|
||||
|
||||
public void setUserNamePassword(Certificate certificate, String username, String firstname, String surname);
|
||||
public void setUserName(Certificate certificate, String username, String firstname, String surname);
|
||||
|
||||
public void setUserState(Certificate certificate, String username, UserState state);
|
||||
|
||||
public void setUserLocaleState(Certificate certificate, String username, Locale locale);
|
||||
|
||||
public void addRoleToUser(Certificate certificate, String username, String rolename);
|
||||
public void addRoleToUser(Certificate certificate, String username, String roleName);
|
||||
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String rolename);
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String roleName);
|
||||
|
||||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep);
|
||||
|
||||
|
|
@ -69,9 +69,9 @@ public interface ModelHandler extends PrivilegeContainerObject {
|
|||
|
||||
public void setPrivilegeAllAllowed(Certificate certificate, String privilegeName, boolean allAllowed);
|
||||
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, List<String> denyList);
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, Set<String> denyList);
|
||||
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, List<String> allowList);
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, Set<String> allowList);
|
||||
|
||||
public boolean persist(Certificate certificate);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainerObject;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
|
|
@ -18,8 +17,6 @@ import ch.eitchnet.privilege.model.internal.Role;
|
|||
import ch.eitchnet.privilege.model.internal.User;
|
||||
|
||||
/**
|
||||
* TODO {@link PersistenceHandler} may not be freely accessible via {@link PrivilegeContainer}
|
||||
*
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -32,12 +32,14 @@ public class PrivilegeHelper {
|
|||
User user = PrivilegeContainer.getInstance().getModelHandler().getUser(certificate.getUsername());
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid!");
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid! Certificate: "
|
||||
+ certificate);
|
||||
}
|
||||
|
||||
// validate user has PrivilegeAdmin role
|
||||
if (!user.hasRole(PrivilegeContainer.PRIVILEGE_ADMIN_ROLE)) {
|
||||
throw new AccessDeniedException("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE + " role!");
|
||||
throw new AccessDeniedException("User does not have " + PrivilegeContainer.PRIVILEGE_ADMIN_ROLE
|
||||
+ " role! Certificate: " + certificate);
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.HashSet;
|
||||
|
||||
import org.apache.log4j.BasicConfigurator;
|
||||
import org.apache.log4j.ConsoleAppender;
|
||||
|
|
@ -21,6 +22,8 @@ import org.apache.log4j.PatternLayout;
|
|||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.handler.ModelHandler;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
|
|
@ -43,15 +46,19 @@ public class TestConfigurationHelper {
|
|||
PrivilegeContainer privilegeContainer = PrivilegeContainer.getInstance();
|
||||
privilegeContainer.initialize(privilegeContainerXml);
|
||||
|
||||
// ModelHandler modelHandler = privilegeContainer.getModelHandler();
|
||||
ModelHandler modelHandler = privilegeContainer.getModelHandler();
|
||||
|
||||
Certificate certificate = auth("eitch", "1234567890");
|
||||
|
||||
for (int i = 0; i < 10; i++) {
|
||||
// let's authenticate a session
|
||||
auth("eitch", "1234567890");
|
||||
}
|
||||
|
||||
// TODO let's add a user
|
||||
// persistenceHandler.addUser(certificate, user);
|
||||
// let's add a new user bob
|
||||
UserRep userRep = new UserRep("bob", "Bob", "Newman", UserState.NEW, new HashSet<String>(), null);
|
||||
modelHandler.addOrReplaceUser(certificate, userRep, null);
|
||||
logger.info("Added user bob");
|
||||
|
||||
// TODO let's add a role
|
||||
|
||||
|
|
@ -62,10 +69,11 @@ public class TestConfigurationHelper {
|
|||
/**
|
||||
*
|
||||
*/
|
||||
private static void auth(String username, String password) {
|
||||
private static Certificate auth(String username, String password) {
|
||||
long start = System.currentTimeMillis();
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate(username, password);
|
||||
logger.info("Auth took " + (System.currentTimeMillis() - start));
|
||||
logger.info("Authenticated with certificate: " + certificate);
|
||||
return certificate;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@ public class RoleRep implements Serializable {
|
|||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
public final String name;
|
||||
public final Set<String> privileges;
|
||||
private String name;
|
||||
private Set<String> privileges;
|
||||
|
||||
/**
|
||||
* @param name
|
||||
|
|
@ -32,4 +32,34 @@ public class RoleRep implements Serializable {
|
|||
this.name = name;
|
||||
this.privileges = privileges;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the name
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param name
|
||||
* the name to set
|
||||
*/
|
||||
public void setName(String name) {
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the privileges
|
||||
*/
|
||||
public Set<String> getPrivileges() {
|
||||
return privileges;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param privileges
|
||||
* the privileges to set
|
||||
*/
|
||||
public void setPrivileges(Set<String> privileges) {
|
||||
this.privileges = privileges;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,12 +22,12 @@ public class UserRep implements Serializable {
|
|||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
public final String username;
|
||||
public final String firstname;
|
||||
public final String surname;
|
||||
public final UserState userState;
|
||||
public final Set<String> roles;
|
||||
public final Locale locale;
|
||||
private String username;
|
||||
private String firstname;
|
||||
private String surname;
|
||||
private UserState userState;
|
||||
private Set<String> roles;
|
||||
private Locale locale;
|
||||
|
||||
/**
|
||||
* @param username
|
||||
|
|
@ -46,4 +46,88 @@ public class UserRep implements Serializable {
|
|||
this.roles = roles;
|
||||
this.locale = locale;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the username
|
||||
*/
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param username the username to set
|
||||
*/
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the firstname
|
||||
*/
|
||||
public String getFirstname() {
|
||||
return firstname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param firstname the firstname to set
|
||||
*/
|
||||
public void setFirstname(String firstname) {
|
||||
this.firstname = firstname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the surname
|
||||
*/
|
||||
public String getSurname() {
|
||||
return surname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param surname the surname to set
|
||||
*/
|
||||
public void setSurname(String surname) {
|
||||
this.surname = surname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the userState
|
||||
*/
|
||||
public UserState getUserState() {
|
||||
return userState;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param userState the userState to set
|
||||
*/
|
||||
public void setUserState(UserState userState) {
|
||||
this.userState = userState;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the roles
|
||||
*/
|
||||
public Set<String> getRoles() {
|
||||
return roles;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param roles the roles to set
|
||||
*/
|
||||
public void setRoles(Set<String> roles) {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the locale
|
||||
*/
|
||||
public Locale getLocale() {
|
||||
return locale;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param locale the locale to set
|
||||
*/
|
||||
public void setLocale(Locale locale) {
|
||||
this.locale = locale;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,12 +10,10 @@
|
|||
|
||||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.helper.PrivilegeHelper;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
|
|
@ -39,9 +37,16 @@ public final class User {
|
|||
private final Locale locale;
|
||||
|
||||
/**
|
||||
* The {@link User} constructor is private to ensure no unauthorized creation of {@link User} objects
|
||||
*
|
||||
* @param username
|
||||
* @param password
|
||||
* @param firstname
|
||||
* @param surname
|
||||
* @param userState
|
||||
* @param roles
|
||||
* @param locale
|
||||
*/
|
||||
private User(String username, String password, String firstname, String surname, UserState userState,
|
||||
public User(String username, String password, String firstname, String surname, UserState userState,
|
||||
Set<String> roles, Locale locale) {
|
||||
|
||||
this.username = username;
|
||||
|
|
@ -153,34 +158,4 @@ public final class User {
|
|||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return a new {@link User} object which is authenticated on the current Java Virtual Machine
|
||||
*/
|
||||
public static User buildUser(String username, String password, String firstname, String surname,
|
||||
UserState userState, Set<String> roles, Locale locale) {
|
||||
|
||||
// set a default locale
|
||||
if (locale == null)
|
||||
locale = Locale.getDefault();
|
||||
|
||||
// TODO validate who is creating this User object
|
||||
|
||||
if (username.length() < 3) {
|
||||
throw new PrivilegeException("The given username is shorter than 3 characters");
|
||||
}
|
||||
|
||||
if (firstname.isEmpty()) {
|
||||
throw new PrivilegeException("The given firstname is empty");
|
||||
}
|
||||
|
||||
if (surname.isEmpty()) {
|
||||
throw new PrivilegeException("The given firstname is empty");
|
||||
}
|
||||
|
||||
User user = new User(username, password, firstname, surname, userState, Collections.unmodifiableSet(roles),
|
||||
locale);
|
||||
|
||||
return user;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,136 @@
|
|||
/*
|
||||
* Copyright (c) 2010
|
||||
*
|
||||
* Robert von Burg
|
||||
* eitch@eitchnet.ch
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.test;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.HashSet;
|
||||
|
||||
import org.apache.log4j.BasicConfigurator;
|
||||
import org.apache.log4j.ConsoleAppender;
|
||||
import org.apache.log4j.Level;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.apache.log4j.PatternLayout;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.handler.ModelHandler;
|
||||
import ch.eitchnet.privilege.i18n.AccessDeniedException;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public class PrivilegeTest {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(PrivilegeTest.class);
|
||||
|
||||
/**
|
||||
* @throws java.lang.Exception
|
||||
*/
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
|
||||
// set up log4j
|
||||
BasicConfigurator.resetConfiguration();
|
||||
BasicConfigurator.configure(new ConsoleAppender(new PatternLayout("%d %5p [%t] %C{1} %M - %m%n")));
|
||||
Logger.getRootLogger().setLevel(Level.INFO);
|
||||
|
||||
// initialize container
|
||||
String pwd = System.getProperty("user.dir");
|
||||
File privilegeContainerXml = new File(pwd + "/config/PrivilegeContainer.xml");
|
||||
PrivilegeContainer privilegeContainer = PrivilegeContainer.getInstance();
|
||||
privilegeContainer.initialize(privilegeContainerXml);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAuthenticationOk() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("eitch",
|
||||
"1234567890");
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
public void testAuthenticationNOk() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("eitch", "123");
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
}
|
||||
|
||||
@Test(expected = PrivilegeException.class)
|
||||
public void testAuthenticationPWNull() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("eitch", null);
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAddUserBobWithPW() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("eitch",
|
||||
"1234567890");
|
||||
|
||||
ModelHandler modelHandler = PrivilegeContainer.getInstance().getModelHandler();
|
||||
|
||||
// let's add a new user bob
|
||||
UserRep userRep = new UserRep("bob", "Bob", "Newman", UserState.NEW, new HashSet<String>(), null);
|
||||
modelHandler.addOrReplaceUser(certificate, userRep, null);
|
||||
logger.info("Added user bob");
|
||||
|
||||
// set bob's password
|
||||
modelHandler.setUserPassword(certificate, "bob", "12345678901");
|
||||
logger.info("Set Bob's password");
|
||||
}
|
||||
|
||||
/**
|
||||
* Will fail because user bob is not yet enabled
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
public void testAuthAsBob() throws Exception {
|
||||
|
||||
PrivilegeContainer.getInstance().getSessionHandler().authenticate("bob", "12345678901");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEnableUserBob() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("eitch",
|
||||
"1234567890");
|
||||
|
||||
ModelHandler modelHandler = PrivilegeContainer.getInstance().getModelHandler();
|
||||
modelHandler.setUserState(certificate, "bob", UserState.ENABLED);
|
||||
}
|
||||
|
||||
/**
|
||||
* Will fail because user bob does not have admin rights
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
public void testAddUserTedAsBob() throws Exception {
|
||||
|
||||
Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate("bob",
|
||||
"12345678901");
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// let's add a new user bob
|
||||
UserRep userRep = new UserRep("bob", "Bob", "Newman", UserState.NEW, new HashSet<String>(), null);
|
||||
PrivilegeContainer.getInstance().getModelHandler().addOrReplaceUser(certificate, userRep, null);
|
||||
logger.info("Added user bob");
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue