use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaUserReferenceProvider method addUserReference.
/**
* {@inheritDoc}
*/
public void addUserReference(JpaUserReference user, String mechanism) {
// Create a JPA user with an encoded password.
Set<JpaRole> roles = UserDirectoryPersistenceUtil.saveRoles(user.getRoles(), emf);
JpaOrganization organization = UserDirectoryPersistenceUtil.saveOrganization((JpaOrganization) user.getOrganization(), emf);
JpaUserReference userReference = new JpaUserReference(user.getUsername(), user.getName(), user.getEmail(), mechanism, new Date(), organization, roles);
// Then save the user reference
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
JpaUserReference foundUserRef = findUserReference(user.getUsername(), user.getOrganization().getId(), emf);
if (foundUserRef == null) {
em.persist(userReference);
} else {
throw new IllegalStateException("User '" + user.getUsername() + "' already exists");
}
tx.commit();
cache.put(user.getUsername() + DELIMITER + user.getOrganization().getId(), user.toUser(PROVIDER_NAME));
} finally {
if (tx.isActive()) {
tx.rollback();
}
if (em != null)
em.close();
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaUserAndRoleProvider method filterRoles.
/**
* Select only internal roles
*
* @param userRoles
* the user's full set of roles
*/
private Set<JpaRole> filterRoles(Set<Role> userRoles) {
Set<JpaRole> roles = new HashSet<JpaRole>();
for (Role role : userRoles) {
if (Role.Type.INTERNAL.equals(role.getType()) && !role.getName().startsWith(Group.ROLE_PREFIX)) {
JpaRole jpaRole = (JpaRole) role;
roles.add(jpaRole);
}
}
return roles;
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaGroupRoleProviderTest method setUp.
@Before
public void setUp() throws Exception {
JpaUser adminUser = new JpaUser("admin", "pass1", org1, "Admin", "admin@localhost", "opencast", true, Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
// Set the security sevice
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
EasyMock.expect(securityService.getUser()).andReturn(adminUser).anyTimes();
EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
EasyMock.replay(securityService);
// Create the message sender service
MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
messageSender.sendObjectMessage(EasyMock.anyObject(String.class), EasyMock.anyObject(MessageSender.DestinationType.class), EasyMock.anyObject(Serializable.class));
EasyMock.expectLastCall();
EasyMock.replay(messageSender);
provider = new JpaGroupRoleProvider();
provider.setSecurityService(securityService);
provider.setMessageSender(messageSender);
provider.setEntityManagerFactory(newTestEntityManagerFactory(JpaUserAndRoleProvider.PERSISTENCE_UNIT));
provider.activate(null);
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaGroupRoleProviderTest method testUpdateGroupNotAllowedAsNonAdminUser.
@Test
public void testUpdateGroupNotAllowedAsNonAdminUser() throws UnauthorizedException {
JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
try {
provider.addGroup(group);
Group loadGroup = provider.loadGroup(group.getGroupId(), group.getOrganization().getId());
assertNotNull(loadGroup);
assertEquals(loadGroup.getGroupId(), loadGroup.getGroupId());
} catch (Exception e) {
fail("The group schould be added");
}
JpaUser user = new JpaUser("user", "pass1", org1, "User", "user@localhost", "opencast", true, Collections.set(new JpaRole("ROLE_USER", org1)));
// Set the security sevice
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
EasyMock.replay(securityService);
provider.setSecurityService(securityService);
try {
// try add ROLE_USER
Response updateGroupResponse = provider.updateGroup(group.getGroupId(), group.getName(), group.getDescription(), "ROLE_USER, " + SecurityConstants.GLOBAL_ADMIN_ROLE, null);
assertNotNull(updateGroupResponse);
assertEquals(HttpStatus.SC_FORBIDDEN, updateGroupResponse.getStatus());
// try remove ROLE_ADMIN
updateGroupResponse = provider.updateGroup(group.getGroupId(), group.getName(), group.getDescription(), "ROLE_USER", null);
assertNotNull(updateGroupResponse);
assertEquals(HttpStatus.SC_FORBIDDEN, updateGroupResponse.getStatus());
} catch (NotFoundException e) {
fail("The existing group isn't found");
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaGroupRoleProviderTest method testRoles.
@Test
@SuppressWarnings("unchecked")
public void testRoles() throws Exception {
Set<JpaRole> authorities = new HashSet<JpaRole>();
authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
authorities.add(new JpaRole("ROLE_ASTRO_109_SPRING_2012_STUDENT", org1));
Set<String> members = new HashSet<String>();
members.add("admin");
JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
provider.addGroup(group);
authorities.clear();
authorities.add(new JpaRole("ROLE_ASTRO_122_SPRING_2011_STUDENT", org1));
authorities.add(new JpaRole("ROLE_ASTRO_124_SPRING_2012_STUDENT", org1));
JpaGroup group2 = new JpaGroup("test2", org1, "Test2", "Test 2 group", authorities, members);
provider.addGroup(group2);
authorities.clear();
authorities.add(new JpaRole("ROLE_ASTRO_134_SPRING_2011_STUDENT", org2));
authorities.add(new JpaRole("ROLE_ASTRO_144_SPRING_2012_STUDENT", org2));
JpaGroup group3 = new JpaGroup("test2", org2, "Test2", "Test 2 group", authorities, members);
provider.addGroup(group3);
List<Role> roles = IteratorUtils.toList(provider.getRoles());
Assert.assertEquals("There should be four role", 6, roles.size());
roles.contains(new JpaRole(group.getRole(), org1));
roles.contains(new JpaRole(group2.getRole(), org1));
}
Aggregations