use of org.sagebionetworks.repo.model.ACLInheritanceException in project Synapse-Repository-Services by Sage-Bionetworks.
the class DefaultControllerAutowiredAllTypesTest method testUpdateEntityAcl.
@Test
public void testUpdateEntityAcl() throws Exception {
// First create one of each type
List<Entity> created = createEntitesOfEachType(1);
assertNotNull(created);
assertTrue(created.size() >= EntityType.values().length);
// Now update each
for (Entity entity : created) {
AccessControlList acl = null;
try {
acl = ServletTestHelper.getEntityACL(dispatchServlet, entity.getId(), userName);
} catch (ACLInheritanceException e) {
acl = ServletTestHelper.getEntityACL(dispatchServlet, e.getBenefactorId(), userName);
}
assertNotNull(acl);
ServletTestHelper.updateEntityAcl(dispatchServlet, acl.getId(), acl, userName);
}
}
use of org.sagebionetworks.repo.model.ACLInheritanceException in project Synapse-Repository-Services by Sage-Bionetworks.
the class DefaultControllerAutowiredAllTypesTest method testGetEntityAcl.
@Test
public void testGetEntityAcl() throws Exception {
// First create one of each type
List<Entity> created = createEntitesOfEachType(1);
assertNotNull(created);
assertTrue(created.size() >= EntityType.values().length);
// Now update each
for (Entity entity : created) {
AccessControlList acl = null;
try {
acl = ServletTestHelper.getEntityACL(dispatchServlet, entity.getId(), userName);
} catch (ACLInheritanceException e) {
acl = ServletTestHelper.getEntityACL(dispatchServlet, e.getBenefactorId(), userName);
}
assertNotNull(acl);
}
}
use of org.sagebionetworks.repo.model.ACLInheritanceException in project Synapse-Repository-Services by Sage-Bionetworks.
the class PermissionsManagerImpl method getACL.
@Override
public AccessControlList getACL(String nodeId, UserInfo userInfo) throws NotFoundException, DatastoreException, ACLInheritanceException {
// Get the id that this node inherits its permissions from
String benefactor = nodeInheritanceManager.getBenefactor(nodeId);
// This is a fix for PLFM-398
if (!benefactor.equals(nodeId)) {
throw new ACLInheritanceException("Cannot access the ACL of a node that inherits it permissions. This node inherits its permissions from: " + benefactor, benefactor);
}
AccessControlList acl = aclDAO.getForResource(nodeId);
if (!userInfo.isAdmin())
addOwnerPermissionsToAcl(acl);
return acl;
}
use of org.sagebionetworks.repo.model.ACLInheritanceException in project Synapse-Repository-Services by Sage-Bionetworks.
the class EntityBundleServiceImpl method getEntityBundle.
@Override
public EntityBundle getEntityBundle(String userId, String entityId, Long versionNumber, int mask, HttpServletRequest request) throws NotFoundException, DatastoreException, UnauthorizedException, ACLInheritanceException, ParseException {
EntityBundle eb = new EntityBundle();
if ((mask & EntityBundle.ENTITY) > 0) {
if (versionNumber == null) {
eb.setEntity(serviceProvider.getEntityService().getEntity(userId, entityId, request));
} else {
eb.setEntity(serviceProvider.getEntityService().getEntityForVersion(userId, entityId, versionNumber, request));
}
}
if ((mask & EntityBundle.ANNOTATIONS) > 0) {
if (versionNumber == null) {
eb.setAnnotations(serviceProvider.getEntityService().getEntityAnnotations(userId, entityId, request));
} else {
eb.setAnnotations(serviceProvider.getEntityService().getEntityAnnotationsForVersion(userId, entityId, versionNumber, request));
}
}
if ((mask & EntityBundle.PERMISSIONS) > 0) {
eb.setPermissions(serviceProvider.getEntityService().getUserEntityPermissions(userId, entityId));
}
if ((mask & EntityBundle.ENTITY_PATH) > 0) {
List<EntityHeader> path = serviceProvider.getEntityService().getEntityPath(userId, entityId);
EntityPath ep = new EntityPath();
ep.setPath(path);
eb.setPath(ep);
}
if ((mask & EntityBundle.ENTITY_REFERENCEDBY) > 0) {
eb.setReferencedBy(serviceProvider.getEntityService().getEntityReferences(userId, entityId, null, null, null, request));
}
if ((mask & EntityBundle.HAS_CHILDREN) > 0) {
eb.setHasChildren(serviceProvider.getEntityService().doesEntityHaveChildren(userId, entityId, request));
}
if ((mask & EntityBundle.ACL) > 0) {
try {
eb.setAccessControlList(serviceProvider.getEntityService().getEntityACL(entityId, userId, request));
} catch (ACLInheritanceException e) {
// ACL is inherited from benefactor. Set ACL to null.
eb.setAccessControlList(null);
}
}
if ((mask & EntityBundle.ACCESS_REQUIREMENTS) > 0) {
eb.setAccessRequirements(serviceProvider.getAccessRequirementService().getAccessRequirements(userId, entityId, request).getResults());
}
if ((mask & EntityBundle.UNMET_ACCESS_REQUIREMENTS) > 0) {
eb.setUnmetAccessRequirements(serviceProvider.getAccessRequirementService().getUnfulfilledAccessRequirements(userId, entityId, request).getResults());
}
return eb;
}
use of org.sagebionetworks.repo.model.ACLInheritanceException in project Synapse-Repository-Services by Sage-Bionetworks.
the class Helpers method addPublicReadOnlyAclToEntity.
/**
* Give identified individuals read-only access to the entity
* @param entity
* @throws Exception
* @throws JSONException
*/
public void addPublicReadOnlyAclToEntity(JSONObject entity) throws JSONException, Exception {
JSONObject entityAcl = null;
String method = null;
try {
// First try to get the ACL, this will fail of this entity inherits its permissions
entityAcl = testGetJsonEntity(entity.getString("accessControlList"));
// This will be an update
method = "PUT";
} catch (ACLInheritanceException e) {
// Since this entity inherits its permission, start with a new ACL.
entityAcl = new JSONObject();
entityAcl.put("resourceAccess", new JSONArray());
entityAcl.put("etag", "");
// This will be a create
method = "POST";
}
entityAcl.getJSONArray("resourceAccess").put(new JSONObject(getIdentifiedUserReadOnlyACL()));
// TODO uncomment this line and delete the stuff that follows when PLFM-321 is fixed
// testUpdateJsonEntity(entityAcl);
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
request.setMethod(method);
request.addHeader("Accept", "application/json");
request.addHeader(ServiceConstants.ETAG_HEADER, entityAcl.getString("etag"));
request.setRequestURI(entity.getString("accessControlList"));
if (null != userId)
request.setParameter(AuthorizationConstants.USER_ID_PARAM, userId);
request.addHeader("Content-Type", "application/json; charset=UTF-8");
request.setContent(entityAcl.toString().getBytes("UTF-8"));
log.info("About to send: " + entityAcl.toString(JSON_INDENT));
servlet.service(request, response);
log.info("Results: " + response.getContentAsString());
if (response.getStatus() != HttpStatus.OK.value() && response.getStatus() != HttpStatus.CREATED.value()) {
fail("Expected OK or CREATED, but was: " + response.getStatus());
}
JSONObject results = new JSONObject(response.getContentAsString());
log.info(results.toString(JSON_INDENT));
// Check default properties
// PLFM-321 assertExpectedEntityProperties(results);
assertEquals(entity.getString("id"), results.getString("id"));
// PLFM-321 assertEquals(entityAcl.getString("uri"), results.getString("uri"));
// Check our response headers
String etagHeader = (String) response.getHeader(ServiceConstants.ETAG_HEADER);
assertNotNull(etagHeader);
assertEquals(etagHeader, results.getString("etag"));
// Make sure we got an updated etag
assertFalse(etagHeader.equals(entityAcl.getString("etag")));
}
Aggregations