Examples with ResourceId org.activityinfo.model.resource.ResourceId used on opensource projects

Search in sources :

Example 51 with ResourceId

use of org.activityinfo.model.resource.ResourceId in project activityinfo by bedatadriven.

the class AnalysesResource method assertAuthorized.

private void assertAuthorized(AnalysisUpdate update) {
    ResourceId databaseId = ResourceId.valueOf(update.getParentId());
    if (databaseId.getDomain() != CuidAdapter.DATABASE_DOMAIN) {
        throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("No such folder: " + databaseId).build());
    }
    permissionOracle.assertDesignPrivileges(CuidAdapter.getLegacyIdFromCuid(databaseId), userProvider.get());
}
Also used : ResourceId(org.activityinfo.model.resource.ResourceId)

Example 52 with ResourceId

use of org.activityinfo.model.resource.ResourceId in project activityinfo by bedatadriven.

the class GcsBlobFieldStorageServiceTest method blobPermissionAttack.

/**
 * 1. user1 : persist blob with FormInstance1 (FormClass1) user1
 * 2. user2 : persist the same blob with FormInstance2 (FormClass2) -> try to steal blob access
 */
@Test
@OnDataSet("/dbunit/sites-simple-blob-security.db.xml")
public void blobPermissionAttack() throws IOException {
    blobService.setTestBucketName();
    int activityId = 1;
    int databaseId = 1;
    int locationType = 10;
    ResourceId attachmentFieldId = ResourceId.generateFieldId(AttachmentType.TYPE_CLASS);
    FormClass formClass = addAttachmentField(activityId, attachmentFieldId);
    blobId = BlobId.generate();
    blobService.put(user, "attachment;filename=" + FILE_NAME, MimeTypeUtil.mimeTypeFromFileName(FILE_NAME), blobId, formClass.getId(), GcsBlobFieldStorageServiceTest.class.getResourceAsStream("goabout.png"));
    FormInstance instance = new FormInstance(CuidAdapter.cuid(SITE_DOMAIN, new KeyGenerator().generateInt()), formClass.getId());
    Attachment attachment = new Attachment();
    attachment.setMimeType(MimeTypeUtil.mimeTypeFromFileName(FILE_NAME));
    attachment.setBlobId(blobId.asString());
    attachment.setFilename(FILE_NAME);
    AttachmentValue attachmentValue = new AttachmentValue();
    attachmentValue.getValues().add(attachment);
    instance.set(indicatorField(1), 1);
    instance.set(indicatorField(2), 2);
    instance.set(attachmentFieldId, attachmentValue);
    instance.set(locationField(activityId), locationRef(CuidAdapter.locationFormClass(locationType), 1));
    instance.set(partnerField(activityId), partnerRef(databaseId, 1));
    instance.set(projectField(activityId), projectRef(databaseId, 1));
    instance.set(field(formClass.getId(), START_DATE_FIELD), new LocalDate(2014, 1, 1));
    instance.set(field(formClass.getId(), END_DATE_FIELD), new LocalDate(2014, 1, 1));
    instance.set(field(formClass.getId(), COMMENT_FIELD), "My comment");
    assertResolves(locator.persist(instance));
    assertInstanceExists(formClass.getId(), instance.getId());
    AuthenticationModuleStub.setUserId(USER_WITHOUT_ACCESS_TO_DB_1);
    int anotherActivityId = 32;
    ResourceId newAttachmentFieldId = ResourceId.generateFieldId(AttachmentType.TYPE_CLASS);
    addAttachmentField(anotherActivityId, newAttachmentFieldId);
    instance.setId(CuidAdapter.cuid(SITE_DOMAIN, new KeyGenerator().generateInt()));
    instance.setClassId(CuidAdapter.activityFormClass(anotherActivityId));
    instance.set(newAttachmentFieldId, attachmentValue);
    instance.set(field(instance.getFormId(), START_DATE_FIELD), new LocalDate(2014, 1, 1));
    instance.set(field(instance.getFormId(), END_DATE_FIELD), new LocalDate(2014, 1, 1));
    instance.set(partnerField(anotherActivityId), partnerRef(databaseId, 1));
    boolean persisted = true;
    try {
        // this must fail because of blob permission check
        assertResolves(locator.persist(instance));
    } catch (RuntimeException e) {
        e.printStackTrace();
        persisted = false;
    }
    assertFalse("Access to blob is stolen! Permissions check for blobs is broken.", persisted);
}
Also used : AttachmentValue(org.activityinfo.model.type.attachment.AttachmentValue) ResourceId(org.activityinfo.model.resource.ResourceId) FormClass(org.activityinfo.model.form.FormClass) Attachment(org.activityinfo.model.type.attachment.Attachment) FormInstance(org.activityinfo.model.form.FormInstance) KeyGenerator(org.activityinfo.model.legacy.KeyGenerator) LocalDate(org.activityinfo.model.type.time.LocalDate) OnDataSet(org.activityinfo.server.database.OnDataSet) Test(org.junit.Test)

Example 53 with ResourceId

use of org.activityinfo.model.resource.ResourceId in project activityinfo by bedatadriven.

the class ActivityTest method orderIndicatorsActivities.

@Test
public void orderIndicatorsActivities() {
    SchemaDTO schema = execute(new GetSchema());
    UserDatabaseDTO db = schema.getDatabaseById(1);
    LocationTypeDTO locType = schema.getCountryById(1).getLocationTypes().get(0);
    ActivityFormDTO act = new ActivityFormDTO();
    act.setName("Household Survey");
    act.setLocationType(locType);
    act.setReportingFrequency(ActivityFormDTO.REPORT_ONCE);
    CreateResult createResult = execute(CreateEntity.Activity(db, act));
    ResourceId classId = activityFormClass(createResult.getNewId());
    FormClass formClass = assertResolves(locator.getFormClass(classId));
    // create three new fields with an order that mixes "attributes" and "indicators"
    FormField newField = new FormField(ResourceId.generateFieldId(QuantityType.TYPE_CLASS));
    newField.setLabel("How old are you?");
    newField.setType(new QuantityType().setUnits("years"));
    formClass.addElement(newField);
    FormField newGenderField = new FormField(ResourceId.generateFieldId(EnumType.TYPE_CLASS));
    newGenderField.setLabel("Gender");
    EnumItem male = new EnumItem(EnumItem.generateId(), "Male");
    EnumItem female = new EnumItem(EnumItem.generateId(), "Female");
    newGenderField.setType(new EnumType(Cardinality.SINGLE, Arrays.asList(male, female)));
    formClass.addElement(newGenderField);
    FormField newTextField = new FormField(ResourceId.generateFieldId(TextType.TYPE_CLASS));
    newTextField.setLabel("What is your name?");
    newTextField.setType(TextType.SIMPLE);
    formClass.addElement(newTextField);
    assertResolves(locator.persist(formClass));
    TFormClass reform = new TFormClass(assertResolves(locator.getFormClass(formClass.getId())));
    System.out.println(Joiner.on("\n").join(reform.getFormClass().getFields()));
    int a = reform.indexOfField("How old are you?");
    int b = reform.indexOfField("Gender");
    int c = reform.indexOfField("What is your name?");
    assertTrue(a < b && b < c);
}
Also used : CreateResult(org.activityinfo.legacy.shared.command.result.CreateResult) ResourceId(org.activityinfo.model.resource.ResourceId) QuantityType(org.activityinfo.model.type.number.QuantityType) CuidAdapter.activityFormClass(org.activityinfo.model.legacy.CuidAdapter.activityFormClass) EnumType(org.activityinfo.model.type.enumerated.EnumType) EnumItem(org.activityinfo.model.type.enumerated.EnumItem) Test(org.junit.Test)

Example 54 with ResourceId

use of org.activityinfo.model.resource.ResourceId in project activityinfo by bedatadriven.

the class ActivityFormClassBuilderTest method nullLocationTypeIsNotVisible.

@Test
@OnDataSet("/dbunit/chad-form.db.xml")
public void nullLocationTypeIsNotVisible() {
    setUser(9944);
    int databaseId = 1470;
    FormClass formClass = assertResolves(locator.getFormClass(CuidAdapter.activityFormClass(11218)));
    ResourceId locationFieldId = CuidAdapter.field(formClass.getId(), CuidAdapter.LOCATION_FIELD);
    assertThat(formClass.getFields(), not(hasItem(withId(locationFieldId))));
    // Make sure we can update if location is not specified
    FormInstance instance = new FormInstance(CuidAdapter.newLegacyFormInstanceId(formClass.getId()), formClass.getId());
    instance.set(CuidAdapter.field(formClass.getId(), CuidAdapter.START_DATE_FIELD), new LocalDate(2014, 1, 1));
    instance.set(CuidAdapter.field(formClass.getId(), CuidAdapter.END_DATE_FIELD), new LocalDate(2014, 1, 2));
    instance.set(CuidAdapter.field(formClass.getId(), CuidAdapter.PARTNER_FIELD), CuidAdapter.partnerRef(databaseId, 1734));
    instance.set(ResourceId.valueOf("Q0000031845"), new EnumValue(CuidAdapter.attributeField(166617)));
    assertResolves(locator.persist(instance));
    // Make sure the null location object is visible to legacy code
    SiteDTO site = execute(GetSites.byId(CuidAdapter.getLegacyIdFromCuid(instance.getId()))).getData().get(0);
    assertThat(site.getLocationName(), equalTo("Chad"));
}
Also used : ResourceId(org.activityinfo.model.resource.ResourceId) FormClass(org.activityinfo.model.form.FormClass) EnumValue(org.activityinfo.model.type.enumerated.EnumValue) SiteDTO(org.activityinfo.legacy.shared.model.SiteDTO) FormInstance(org.activityinfo.model.form.FormInstance) LocalDate(org.activityinfo.model.type.time.LocalDate) OnDataSet(org.activityinfo.server.database.OnDataSet) Test(org.junit.Test)

Example 55 with ResourceId

use of org.activityinfo.model.resource.ResourceId in project activityinfo by bedatadriven.

the class ResourceIdAdapterTest method locationInstance.

@Test
public void locationInstance() {
    int id = 998707825;
    final ResourceId resourceId = CuidAdapter.locationInstanceId(id);
    final int legacyIdFromCuid = CuidAdapter.getLegacyIdFromCuid(resourceId);
    Assert.assertEquals(id, legacyIdFromCuid);
    ResourceId fieldId = CuidAdapter.field(resourceId, CuidAdapter.ADMIN_FIELD);
    assertThat(CuidAdapter.getBlock(fieldId, 0), equalTo(id));
    assertThat(CuidAdapter.getBlock(fieldId, 1), equalTo(CuidAdapter.ADMIN_FIELD));
}
Also used : ResourceId(org.activityinfo.model.resource.ResourceId) Test(org.junit.Test)

Aggregations

ResourceId (org.activityinfo.model.resource.ResourceId)198 Test (org.junit.Test)42 FormClass (org.activityinfo.model.form.FormClass)41 FormField (org.activityinfo.model.form.FormField)34 RecordRef (org.activityinfo.model.type.RecordRef)30 JsonValue (org.activityinfo.json.JsonValue)21 FormTree (org.activityinfo.model.formTree.FormTree)18 ReferenceValue (org.activityinfo.model.type.ReferenceValue)17 FieldValue (org.activityinfo.model.type.FieldValue)16 FormInstance (org.activityinfo.model.form.FormInstance)15 HashMap (java.util.HashMap)14 QuantityType (org.activityinfo.model.type.number.QuantityType)13 ColumnSet (org.activityinfo.model.query.ColumnSet)12 QueryModel (org.activityinfo.model.query.QueryModel)12 EnumValue (org.activityinfo.model.type.enumerated.EnumValue)11 SubFormReferenceType (org.activityinfo.model.type.subform.SubFormReferenceType)11 ReferenceType (org.activityinfo.model.type.ReferenceType)10 EnumItem (org.activityinfo.model.type.enumerated.EnumItem)10 FormStorage (org.activityinfo.store.spi.FormStorage)10 ArrayList (java.util.ArrayList)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial