use of org.olat.basesecurity.Grant in project OpenOLAT by OpenOLAT.
the class GroupDAOTest method getGrants_withResource_withRole.
@Test
public void getGrants_withResource_withRole() {
Group group = groupDao.createGroup();
OLATResource resource = JunitTestHelper.createRandomResource();
groupDao.addGrant(group, "getGrants-role-1", "getGrants-role-1-perm", resource);
groupDao.addGrant(group, "getGrants-role-2", "getGrants-role-2-perm", resource);
dbInstance.commitAndCloseSession();
List<Grant> grants = groupDao.getGrants(group, "getGrants-role-2", resource);
Assert.assertNotNull(grants);
Assert.assertEquals(1, grants.size());
Grant grant = grants.get(0);
Assert.assertNotNull(grant);
Assert.assertEquals(group, grant.getGroup());
Assert.assertEquals(resource, grant.getResource());
Assert.assertEquals("getGrants-role-2", grant.getRole());
Assert.assertEquals("getGrants-role-2-perm", grant.getPermission());
}
use of org.olat.basesecurity.Grant in project OpenOLAT by OpenOLAT.
the class GroupDAOTest method getGrants_withResource.
@Test
public void getGrants_withResource() {
Group group = groupDao.createGroup();
OLATResource resource = JunitTestHelper.createRandomResource();
groupDao.addGrant(group, "getGrants-res", "getGrants-res-perm", resource);
dbInstance.commitAndCloseSession();
List<Group> groups = Collections.singletonList(group);
List<Grant> grants = groupDao.getGrants(groups, resource);
Assert.assertNotNull(grants);
Assert.assertEquals(1, grants.size());
Grant grant = grants.get(0);
Assert.assertNotNull(grant);
Assert.assertEquals(group, grant.getGroup());
Assert.assertEquals(resource, grant.getResource());
Assert.assertEquals("getGrants-res", grant.getRole());
Assert.assertEquals("getGrants-res-perm", grant.getPermission());
}
use of org.olat.basesecurity.Grant in project OpenOLAT by OpenOLAT.
the class BGRightManagerTest method testBGRights.
/**
* BGContextManagerImpl:deleteBGContext() *
*/
@Test
public void testBGRights() {
RepositoryEntry c1 = JunitTestHelper.createAndPersistRepositoryEntry();
RepositoryEntry c2 = JunitTestHelper.createAndPersistRepositoryEntry();
BusinessGroup g1 = businessGroupService.createBusinessGroup(null, "g1", null, -1, -1, false, false, c1);
BusinessGroup g2 = businessGroupService.createBusinessGroup(null, "g2", null, -1, -1, false, false, c1);
BusinessGroup g3 = businessGroupService.createBusinessGroup(null, "g3", null, -1, -1, false, false, c2);
businessGroupRelationDao.addRole(id1, g1, GroupRoles.participant.name());
businessGroupRelationDao.addRole(id2, g1, GroupRoles.participant.name());
businessGroupRelationDao.addRole(id1, g2, GroupRoles.participant.name());
businessGroupRelationDao.addRole(id3, g3, GroupRoles.participant.name());
rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g1, BGRightsRole.participant);
rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g1, BGRightsRole.participant);
rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g2, BGRightsRole.participant);
rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3, BGRightsRole.participant);
// simulate user clicks
DBFactory.getInstance().closeSession();
List<Grant> grants = groupDao.getGrants(g1.getBaseGroup(), GroupRoles.participant.name());
// read, parti, archiving, courseeditor
Assert.assertEquals(2, grants.size());
// simulate user clicks
DBFactory.getInstance().closeSession();
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id1, c2.getOlatResource()));
assertTrue(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id1, c1.getOlatResource()));
assertTrue(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id2, c1.getOlatResource()));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, id2, c1.getOlatResource()));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id3, c2.getOlatResource()));
assertTrue(rightManager.hasBGRight(CourseRights.RIGHT_COURSEEDITOR, id3, c2.getOlatResource()));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_COURSEEDITOR, id3, c1.getOlatResource()));
Assert.assertEquals(2, rightManager.findBGRights(g1, BGRightsRole.participant).size());
Assert.assertEquals(1, rightManager.findBGRights(g2, BGRightsRole.participant).size());
// simulate user clicks
DBFactory.getInstance().closeSession();
rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g1.getBaseGroup(), c1.getOlatResource(), BGRightsRole.participant);
rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g1.getBaseGroup(), c1.getOlatResource(), BGRightsRole.participant);
rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g2.getBaseGroup(), c1.getOlatResource(), BGRightsRole.participant);
rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g3.getBaseGroup(), c2.getOlatResource(), BGRightsRole.participant);
// simulate user clicks
DBFactory.getInstance().closeSession();
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id1, c1.getOlatResource()));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id2, c1.getOlatResource()));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_COURSEEDITOR, id3, c2.getOlatResource()));
Assert.assertEquals(0, rightManager.findBGRights(g1, BGRightsRole.participant).size());
Assert.assertEquals(0, rightManager.findBGRights(g2, BGRightsRole.participant).size());
}
use of org.olat.basesecurity.Grant in project OpenOLAT by OpenOLAT.
the class GroupDAO method removeGrant.
public void removeGrant(Group group, String role, String permission, OLATResource resource) {
StringBuilder sb = new StringBuilder();
sb.append("select grant from bgrant as grant").append(" inner join fetch grant.group as baseGroup").append(" inner join fetch grant.resource as res").append(" where baseGroup=:group and res.key=:resourceKey and grant.permission=:permission and grant.role=:role");
EntityManager em = dbInstance.getCurrentEntityManager();
List<Grant> grantToDelete = em.createQuery(sb.toString(), Grant.class).setParameter("group", group).setParameter("resourceKey", resource.getKey()).setParameter("role", role).setParameter("permission", permission).getResultList();
for (Grant grant : grantToDelete) {
em.remove(grant);
}
}
use of org.olat.basesecurity.Grant in project OpenOLAT by OpenOLAT.
the class BGRightManagerImpl method hasBGRight.
@Override
public boolean hasBGRight(List<BusinessGroup> groups) {
if (groups == null || groups.isEmpty())
return false;
List<Group> secGroups = new ArrayList<>(groups.size());
for (BusinessGroup group : groups) {
secGroups.add(group.getBaseGroup());
}
List<Grant> grants = groupDao.getGrants(secGroups);
// start with bgr.
for (Grant grant : grants) {
String right = grant.getPermission();
if (right.indexOf(BG_RIGHT_PREFIX) == 0) {
return true;
}
}
return false;
}
Aggregations