@Override public Role saveRole( Role role ) throws RbacObjectInvalidException, RbacManagerException { Exception lastException = null; boolean allFailed = true; for ( RBACManager rbacManager : rbacManagersPerId.values() ) { try { if ( !rbacManager.isReadOnly() ) { role = rbacManager.saveRole( role ); allFailed = false; } } catch ( Exception e ) { lastException = e; } } if ( lastException != null && allFailed ) { throw new RbacManagerException( lastException.getMessage(), lastException ); } return role; }
@Override public Role saveRole( Role role ) throws RbacObjectInvalidException, RbacManagerException { Exception lastException = null; boolean allFailed = true; for ( RBACManager rbacManager : rbacManagersPerId.values() ) { try { if ( !rbacManager.isReadOnly() ) { role = rbacManager.saveRole( role ); allFailed = false; } } catch ( Exception e ) { lastException = e; } } if ( lastException != null && allFailed ) { throw new RbacManagerException( lastException.getMessage(), lastException ); } return role; }
public synchronized Role saveRole( Role role ) throws RbacObjectInvalidException, RbacManagerException { /* List assignments = this.rbacImpl.getUserAssignmentsForRoles( Collections.singletonList( role.getName() ) ); for ( Iterator i = assignments.iterator(); i.hasNext(); ) { log.debug( "invalidating user assignment with role " + role.getName() ); invalidateCachedUserAssignment( (UserAssignment)i.next() ); } */ /* the above commented out section would try and invalidate just that user caches that are effected by changes in the users permissions map due to role changes. however the implementations of those do not take into account child role hierarchies so wipe all user caches on role saving...which is a heavy handed way to solve the problem, but not going to happen frequently for current applications so not a huge deal. */ invalidateAllCachedUserAssignments(); invalidateCachedRole( role ); return this.rbacImpl.saveRole( role ); }
@Test public void testAddGetPermission() throws RbacManagerException { assertNotNull( rbacManager ); rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role adminRole = rbacManager.saveRole( getAdminRole() ); rbacManager.saveRole( getDeveloperRole() ); assertEquals( 2, rbacManager.getAllRoles().size() ); assertEquals( 2, rbacManager.getAllPermissions().size() ); Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" ); // perm shouldn't exist in manager (yet) assertEquals( 2, rbacManager.getAllPermissions().size() ); adminRole.addPermission( createUserPerm ); rbacManager.saveRole( adminRole ); // perm should exist in manager now. assertEquals( 3, rbacManager.getAllPermissions().size() ); Permission fetched = rbacManager.getPermission( "CREATE_USER" ); assertNotNull( fetched ); /* Assert some event tracker stuff */ assertEventTracker( 2, 0, 3, 0, true, true ); }
@Test public void testUserAssignmentWithChildRoles() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); Role developerRole = manager.saveRole( getDeveloperRole() ); Role adminRole = getAdminRole(); adminRole.addChildRoleName( developerRole.getName() ); adminRole = manager.saveRole( adminRole ); // don't use admin as ldap group need at least one member String adminPrincipal = "theadmin"; UserAssignment assignment = manager.createUserAssignment( adminPrincipal ); assignment.addRoleName( adminRole ); assignment = manager.saveUserAssignment( assignment ); assertEquals( 1, assignment.getRoleNames().size() ); assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() ); }
public Boolean updateRoleDescription( String roleName, String description ) throws RedbackServiceException { try { org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( roleName ); rbacRole.setDescription( description ); rbacManager.saveRole( rbacRole ); } catch ( RbacManagerException e ) { throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) ); } return Boolean.TRUE; }
@Test public void testStoreInitialization() throws Exception { assertNotNull( rbacManager ); Role role = getAdminRole(); assertNotNull( role ); Role added = rbacManager.saveRole( role ); assertEquals( 1, rbacManager.getAllRoles().size() ); assertNotNull( added ); rbacManager.removeRole( added ); assertEquals( 0, rbacManager.getAllRoles().size() ); /* Assert some event tracker stuff */ assertEventTracker( 1, 1, 1, 0, false, false ); //assertTrue( eventTracker.lastDbFreshness.booleanValue() ); }
@Test public void testAddGetChildRoleViaName() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); assertNotNull( manager ); Role adminRole = manager.saveRole( getAdminRole() ); Role develRole = manager.saveRole( getDeveloperRole() ); assertEquals( 2, manager.getAllRoles().size() ); Role actualAdmin = manager.getRole( adminRole.getName() ); Role actualDevel = manager.getRole( develRole.getName() ); assertEquals( adminRole.getName(), actualAdmin.getName() ); assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() ); assertEquals( develRole, actualDevel ); // Now do a child role. Role projectRole = getProjectAdminRole(); String projectRoleName = projectRole.getName(); manager.saveRole( projectRole ); develRole.addChildRoleName( projectRoleName ); manager.saveRole( develRole ); assertEquals( 3, manager.getAllRoles().size() ); /* Assert some event tracker stuff */ assertEventTracker( 3, 0, 3, 0, true, true ); }
@Test public void testAddGetChildRole() throws RbacManagerException { if ( !supportChildRole() ) { log.info( "child role feature not supported by the RBACManager impl: {}", rbacManager.getClass().getName() ); return; } RBACManager manager = rbacManager; assertNotNull( manager ); rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role adminRole = manager.saveRole( getAdminRole() ); Role develRole = manager.saveRole( getDeveloperRole() ); assertEquals( 2, manager.getAllRoles().size() ); Role actualAdmin = manager.getRole( adminRole.getName() ); Role actualDevel = manager.getRole( develRole.getName() ); assertEquals( adminRole.getName(), actualAdmin.getName() ); assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() ); assertEquals( develRole, actualDevel ); // Now add a child role. manager.addChildRole( develRole, getProjectAdminRole() ); manager.saveRole( develRole ); assertEquals( 3, manager.getAllRoles().size() ); /* Assert some event tracker stuff */ assertEventTracker( 3, 0, 3, 0, true, true ); }
@Test public void testGetAssignedPermissions() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); // Setup 3 roles. manager.saveRole( getAdminRole() ); manager.saveRole( getProjectAdminRole() ); Role added = manager.saveRole( getDeveloperRole() ); String roleName = added.getName(); assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 ); assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 ); // Setup User / Assignment with 1 role. String username = "bob"; UserAssignment assignment = manager.createUserAssignment( username ); assignment.addRoleName( roleName ); manager.saveUserAssignment( assignment ); assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) ); assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 ); assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 ); // Get the List of Assigned Roles for user bob. Collection<Permission> assignedPermissions = manager.getAssignedPermissions( username ); assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 ); }
@Test public void testGetAssignedPermissionsNoChildRoles() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role admin = getAdminRole(); admin = manager.saveRole( admin ); assertEquals( 1, manager.getAllRoles().size() ); String adminPrincipal = "admin"; UserAssignment ua = manager.createUserAssignment( adminPrincipal ); ua.addRoleName( admin ); manager.saveUserAssignment( ua ); assertEquals( 1, manager.getAllUserAssignments().size() ); Set<Permission> assignedPermissions = manager.getAssignedPermissions( adminPrincipal ); assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 ); /* Assert some event tracker stuff */ assertEventTracker( 1, 0, 1, 0, true, true ); }
@Test public void testGetAssignedRoles() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); Role adminRole = manager.saveRole( getAdminRole() ); Role projectAdminRole = manager.saveRole( getProjectAdminRole() ); Role developerRole = manager.saveRole( getDeveloperRole() ); // Setup 3 roles. assertEquals( 3, manager.getAllRoles().size() ); // Setup User / Assignment with 3 roles. String username = "bob"; UserAssignment assignment = manager.createUserAssignment( username ); assignment.addRoleName( developerRole.getName() ); assignment.addRoleName( projectAdminRole.getName() ); assignment.addRoleName( adminRole.getName() ); assignment = manager.saveUserAssignment( assignment ); assertThat( assignment.getRoleNames() ).isNotNull().isNotEmpty().hasSize( 3 ); assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) ); assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 ); afterSetup(); // Get the List of Assigned Roles for user bob. Collection<Role> assignedRoles = manager.getAssignedRoles( username ); assertThat( assignedRoles ).isNotNull().isNotEmpty().hasSize( 3 ); }
@Test public void testUserAssignmentMultipleRoles() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role devRole = getDeveloperRole(); manager.saveRole( devRole ); // Setup User / Assignment with 1 role. String username = "bob"; UserAssignment assignment = manager.createUserAssignment( username ); assignment.addRoleName( devRole ); assignment = manager.saveUserAssignment( assignment ); assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() ); assertEquals( 1, manager.getAllRoles().size() ); // assign the same role again to the same user assignment.addRoleName( devRole.getName() ); manager.saveUserAssignment( assignment ); // we certainly shouldn't have 2 roles here now assertEquals( 1, assignment.getRoleNames().size() ); /* Assert some event tracker stuff */ assertEventTracker( 1, 0, 1, 0, true, true ); }
@Test public void testUserAssignmentAddRole() throws RbacManagerException { RBACManager manager = rbacManager; rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role adminRole = manager.saveRole( getAdminRole() ); assertEquals( 1, manager.getAllRoles().size() ); String adminPrincipal = "admin"; UserAssignment assignment = manager.createUserAssignment( adminPrincipal ); assignment.addRoleName( adminRole ); manager.saveUserAssignment( assignment ); assertEquals( 1, manager.getAllUserAssignments().size() ); assertEquals( 1, manager.getAllRoles().size() ); UserAssignment ua = manager.getUserAssignment( adminPrincipal ); assertNotNull( ua ); Role fetched = manager.getRole( "ADMIN" ); assertNotNull( fetched ); /* Assert some event tracker stuff */ assertEventTracker( 1, 0, 1, 0, true, true ); }
@Test public void testAllowRoleWithoutPermissions() throws RbacManagerException { assertNotNull( rbacManager ); rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); String rolename = "Test Role"; Role testRole = rbacManager.createRole( rolename ); testRole = rbacManager.saveRole( testRole ); assertNotNull( testRole ); assertEquals( 1, rbacManager.getAllRoles().size() ); assertEquals( 0, rbacManager.getAllPermissions().size() ); Role actualRole = rbacManager.getRole( rolename ); assertEquals( testRole.getName(), actualRole.getName() ); assertEquals( testRole.getChildRoleNames(), actualRole.getChildRoleNames() ); assertEquals( 1, rbacManager.getAllRoles().size() ); assertEquals( 0, rbacManager.getAllPermissions().size() ); /* Assert some event tracker stuff */ assertEventTracker( 1, 0, 0, 0, true, true ); }
@Test public void testAddGetRole() throws RbacManagerException { assertNotNull( rbacManager ); rbacManager.eraseDatabase(); eventTracker.rbacInit( true ); Role adminRole = rbacManager.saveRole( getAdminRole() ); Role develRole = rbacManager.saveRole( getDeveloperRole() ); assertEquals( 2, rbacManager.getAllRoles().size() ); Role actualAdmin = rbacManager.getRole( adminRole.getName() ); Role actualDevel = rbacManager.getRole( develRole.getName() ); assertEquals( adminRole.getName(), actualAdmin.getName() ); assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() ); assertEquals( develRole, actualDevel ); /* Assert some event tracker stuff */ assertEventTracker( 2, 0, 2, 0, true, true ); }
role = this.rbacImpl.saveRole( role ); rolesCache.put( role.getName(), role );