Example 6 with UserPermissionDTO
use of org.activityinfo.legacy.shared.model.UserPermissionDTO in project activityinfo by bedatadriven.
the class UpdateUserPermissionsHandlerTest method testOwnerUpdate.
/**
* Verifies that the owner of a database can update an existing users permission
*/
@Test
@OnDataSet("/dbunit/schema1.db.xml")
public void testOwnerUpdate() throws CommandException {
setUser(1);
UserPermissionDTO user = new UserPermissionDTO();
user.setEmail("bavon@nrcdrc.org");
user.setPartner(new PartnerDTO(1, "NRC"));
user.setAllowView(true);
user.setAllowViewAll(false);
user.setAllowEdit(true);
user.setAllowEdit(false);
user.setAllowDesign(true);
execute(new UpdateUserPermissions(1, user));
UserResult result = execute(new GetUsers(1));
UserPermissionDTO reUser = result.getData().get(0);
assertThat(reUser.getEmail(), equalTo("bavon@nrcdrc.org"));
assertThat(reUser.getAllowDesign(), equalTo(true));
}
Also used :
PartnerDTO(org.activityinfo.legacy.shared.model.PartnerDTO)
UpdateUserPermissions(org.activityinfo.legacy.shared.command.UpdateUserPermissions)
UserResult(org.activityinfo.legacy.shared.command.result.UserResult)
GetUsers(org.activityinfo.legacy.shared.command.GetUsers)
UserPermissionDTO(org.activityinfo.legacy.shared.model.UserPermissionDTO)
OnDataSet(org.activityinfo.server.database.OnDataSet)
Test(org.junit.Test)
Example 7 with UserPermissionDTO
use of org.activityinfo.legacy.shared.model.UserPermissionDTO in project activityinfo by bedatadriven.
the class UpdateUserPermissionsHandlerTest method ownerCanAddUser.
@Test
public void ownerCanAddUser() throws Exception {
UserPermissionDTO user = new UserPermissionDTO();
user.setEmail("other@foobar");
user.setName("Foo Bar");
user.setPartner(NRC_DTO);
user.setAllowView(true);
UpdateUserPermissions cmd = new UpdateUserPermissions(1, user);
handler.execute(cmd, owner);
assertThat(mailer.sentMails.size(), equalTo(1));
}
Also used :
UpdateUserPermissions(org.activityinfo.legacy.shared.command.UpdateUserPermissions)
UserPermissionDTO(org.activityinfo.legacy.shared.model.UserPermissionDTO)
Test(org.junit.Test)
Example 8 with UserPermissionDTO
use of org.activityinfo.legacy.shared.model.UserPermissionDTO in project activityinfo by bedatadriven.
the class UpdateUserPermissionsHandlerTest method testFailingVerifyAuthorityForView.
@Test(expected = IllegalAccessCommandException.class)
public void testFailingVerifyAuthorityForView() throws IllegalAccessCommandException {
UserPermission executingUserPermissions = new UserPermission();
executingUserPermissions.setPartner(IRC);
executingUserPermissions.setAllowManageUsers(true);
UserPermissionDTO dto = new UserPermissionDTO();
dto.setPartner(NRC_DTO);
dto.setAllowView(true);
dto.setAllowEdit(true);
UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
}
Also used :
UpdateUserPermissions(org.activityinfo.legacy.shared.command.UpdateUserPermissions)
UserPermissionDTO(org.activityinfo.legacy.shared.model.UserPermissionDTO)
Test(org.junit.Test)
Example 9 with UserPermissionDTO
use of org.activityinfo.legacy.shared.model.UserPermissionDTO in project activityinfo by bedatadriven.
the class UpdateUserPermissionsHandlerTest method testVerifyAuthorityForViewPermissions.
/**
* Asserts that someone with ManageUsersPermission will be permitted to
* grant some one edit rights.
*/
@Test
public void testVerifyAuthorityForViewPermissions() throws IllegalAccessCommandException {
UserPermission executingUserPermissions = new UserPermission();
executingUserPermissions.setPartner(NRC);
executingUserPermissions.setAllowManageUsers(true);
UserPermissionDTO dto = new UserPermissionDTO();
dto.setPartner(NRC_DTO);
dto.setAllowView(true);
UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
}
Also used :
UpdateUserPermissions(org.activityinfo.legacy.shared.command.UpdateUserPermissions)
UserPermissionDTO(org.activityinfo.legacy.shared.model.UserPermissionDTO)
Test(org.junit.Test)
Example 10 with UserPermissionDTO
use of org.activityinfo.legacy.shared.model.UserPermissionDTO in project activityinfo by bedatadriven.
the class UpdateUserPermissionsHandler method execute.
@Override
public CommandResult execute(UpdateUserPermissions cmd, User executingUser) {
LOGGER.info("UpdateUserPermissions: " + cmd);
Database database = databaseDAO.findById(cmd.getDatabaseId());
UserPermissionDTO dto = cmd.getModel();
/*
* First check that the current user has permission to add users to to
* the queries
*/
boolean isOwner = executingUser.getId() == database.getOwner().getId();
UserPermission executingUserPermission = queryUserPermission(executingUser, database);
LOGGER.info("executingUserPermission: isOwner: " + isOwner + ", executingUserPermissions: " + cmd);
if (!isOwner) {
verifyAuthority(cmd, executingUserPermission);
}
/* Database owner cannot be added */
if (database.getOwner().getEmail().equalsIgnoreCase(cmd.getModel().getEmail())) {
throw new UserExistsException();
}
User user = null;
if (userDAO.doesUserExist(dto.getEmail())) {
user = userDAO.findUserByEmail(dto.getEmail());
}
if (user == null) {
user = createNewUser(executingUser, dto);
}
/*
* Does the permission record exist ?
*/
UserPermission perm = queryUserPermission(user, database);
if (perm == null) {
perm = new UserPermission(database, user);
doUpdate(perm, dto, isOwner, executingUserPermission);
permDAO.persist(perm);
} else {
// If the user is intending to add a new user, verify that this user doesn't already exist
if (cmd.isNewUser() && perm.isAllowView()) {
throw new UserExistsException();
}
doUpdate(perm, dto, isOwner, executingUserPermission);
}
return null;
}
Also used :
UserExistsException(org.activityinfo.legacy.shared.command.result.UserExistsException)
User(org.activityinfo.server.database.hibernate.entity.User)
Database(org.activityinfo.server.database.hibernate.entity.Database)
UserPermissionDTO(org.activityinfo.legacy.shared.model.UserPermissionDTO)
UserPermission(org.activityinfo.server.database.hibernate.entity.UserPermission)
Aggregations
UserPermissionDTO (org.activityinfo.legacy.shared.model.UserPermissionDTO)15
UpdateUserPermissions (org.activityinfo.legacy.shared.command.UpdateUserPermissions)10
Test (org.junit.Test)9
UserResult (org.activityinfo.legacy.shared.command.result.UserResult)5
GetUsers (org.activityinfo.legacy.shared.command.GetUsers)4
PartnerDTO (org.activityinfo.legacy.shared.model.PartnerDTO)4
OnDataSet (org.activityinfo.server.database.OnDataSet)3
Database (org.activityinfo.server.database.hibernate.entity.Database)2
UserPermission (org.activityinfo.server.database.hibernate.entity.UserPermission)2
MaskingAsyncMonitor (org.activityinfo.ui.client.dispatch.monitor.MaskingAsyncMonitor)2
Record (com.extjs.gxt.ui.client.store.Record)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
BatchCommand (org.activityinfo.legacy.shared.command.BatchCommand)1
BatchResult (org.activityinfo.legacy.shared.command.result.BatchResult)1
UserExistsException (org.activityinfo.legacy.shared.command.result.UserExistsException)1
VoidResult (org.activityinfo.legacy.shared.command.result.VoidResult)1
FolderDTO (org.activityinfo.legacy.shared.model.FolderDTO)1
ResourceId (org.activityinfo.model.resource.ResourceId)1
Folder (org.activityinfo.server.database.hibernate.entity.Folder)1
