zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

general entity controller and testing

Browse source
This commit is contained in:
anhefti 2019-01-21 14:21:56 +01:00
parent bf45576610
commit 36b5551ac5
16 changed files with 473 additions and 384 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/ActivatableEntityDAO.java
View file

@ -11,8 +11,6 @@ package ch.ethz.seb.sebserver.webservice.servicelayer.dao;
import java.util.Collection; import java.util.Collection;
import java.util.Set; import java.util.Set;
import org.springframework.transaction.annotation.Transactional;
import ch.ethz.seb.sebserver.gbl.model.Entity; import ch.ethz.seb.sebserver.gbl.model.Entity;
import ch.ethz.seb.sebserver.gbl.model.EntityKey; import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.ModelIdAware; import ch.ethz.seb.sebserver.gbl.model.ModelIdAware;
@ -23,13 +21,20 @@ import ch.ethz.seb.sebserver.gbl.util.Result;
* @param <T> the concrete Entity type */ * @param <T> the concrete Entity type */
public interface ActivatableEntityDAO<T extends Entity, M extends ModelIdAware> extends EntityDAO<T, M> { public interface ActivatableEntityDAO<T extends Entity, M extends ModelIdAware> extends EntityDAO<T, M> {
/** Get a Collection of all active Entity instances for a concrete entity-domain. Result<Collection<T>> all(Long institutionId, Boolean active);
*
* @return A Result refer to a Collection of all active Entity instances for a concrete entity-domain default Result<Collection<T>> allOfInstitution(final long institutionId, final Boolean active) {
* or refer to an error if happened */ return all(institutionId, active);
@Transactional(readOnly = true) }
default Result<Collection<T>> allActive() {
return all(i -> true, true); @Override
default Result<Collection<T>> all(final Long institutionId) {
return all(institutionId, true);
}
@Override
default Result<Collection<T>> allOfInstitution(final long institutionId) {
return all(institutionId, true);
} }
/** Set all entities referred by the given Collection of EntityKey active / inactive /** Set all entities referred by the given Collection of EntityKey active / inactive

15
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/EntityDAO.java
View file

@ -12,7 +12,6 @@ import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
@ -59,10 +58,11 @@ public interface EntityDAO<T extends Entity, M extends ModelIdAware> {
* If you need a fast filtering implement a specific filtering in SQL level * If you need a fast filtering implement a specific filtering in SQL level
* *
* @param predicate Predicate expecting instance of type specific entity type * @param predicate Predicate expecting instance of type specific entity type
* @param
* @param active indicates if only active entities should be included (on SQL level). Can be null. * @param active indicates if only active entities should be included (on SQL level). Can be null.
* @return Result of Collection of Entity that matches a given predicate. Or an exception result on error * @return Result of Collection of Entity that matches a given predicate. Or an exception result on error
* case */ * case */
Result<Collection<T>> all(Predicate<T> predicate, Boolean active); Result<Collection<T>> all(Long institutionId);
/** Use this to get a Collection of all entities of concrete type that matches a given predicate. /** Use this to get a Collection of all entities of concrete type that matches a given predicate.
* *
@ -73,15 +73,8 @@ public interface EntityDAO<T extends Entity, M extends ModelIdAware> {
* @param predicate Predicate expecting instance of type specific entity type * @param predicate Predicate expecting instance of type specific entity type
* @return Result of Collection of Entity that matches a given predicate. Or an exception result on error * @return Result of Collection of Entity that matches a given predicate. Or an exception result on error
* case */ * case */
default Result<Collection<T>> all(final Predicate<T> predicate) { default Result<Collection<T>> allOfInstitution(final long institutionId) {
return all(predicate, null); return all(institutionId);
}
/** Use this to get a Collection of all active entities of concrete type
*
* @return Result of Collection of all active entities or an exception result on error case */
default Result<Collection<T>> all() {
return all(entity -> true);
} }
Result<Collection<T>> loadEntities(Collection<EntityKey> keys); Result<Collection<T>> loadEntities(Collection<EntityKey> keys);

21
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/UserDAO.java
View file

@ -9,9 +9,6 @@
package ch.ethz.seb.sebserver.webservice.servicelayer.dao; package ch.ethz.seb.sebserver.webservice.servicelayer.dao;
import java.util.Collection; import java.util.Collection;
import java.util.function.Predicate;
import org.springframework.transaction.annotation.Transactional;
import ch.ethz.seb.sebserver.gbl.model.EntityKey; import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.user.UserFilter; import ch.ethz.seb.sebserver.gbl.model.user.UserFilter;
@ -50,23 +47,7 @@ public interface UserDAO extends ActivatableEntityDAO<UserInfo, UserMod>, BulkAc
* *
* @param filter The UserFilter instance containing all filter criteria * @param filter The UserFilter instance containing all filter criteria
* @return a Result of Collection of filtered UserInfo. Or an exception result on error case */ * @return a Result of Collection of filtered UserInfo. Or an exception result on error case */
@Transactional(readOnly = true) Result<Collection<UserInfo>> allMatching(final UserFilter filter);
default Result<Collection<UserInfo>> all(final UserFilter filter) {
return all(filter, userInfo -> true);
}
/** Use this to get a Collection of filtered UserInfo. The filter criteria
* from given UserFilter instance will be translated to SQL query and
* the filtering happens on data-base level
*
* Additional there can also given a predicate to filter UserInfo models after the SQL query
*
* NOTE: filter and predicate can be null. In this case(s) the default all methods are called
*
* @param filter The UserFilter instance containing all filter criteria
* @param predicate Predicate of UserInfo to filter the result of the SQL query afterwards
* @return a Result of Collection of filtered UserInfo. Or an exception result on error case */
Result<Collection<UserInfo>> all(UserFilter filter, Predicate<UserInfo> predicate);
/** Use this to get a Collection containing EntityKey's of all entities that belongs to a given User. /** Use this to get a Collection containing EntityKey's of all entities that belongs to a given User.
* *

5
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/ExamDAOImpl.java
View file

@ -82,7 +82,7 @@ public class ExamDAOImpl implements ExamDAO {
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<Exam>> all(final Predicate<Exam> predicate, final Boolean active) { public Result<Collection<Exam>> all(final Long institutionId, final Boolean active) {
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<ExamRecord>>> example = final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<ExamRecord>>> example =
this.examRecordMapper.selectByExample(); this.examRecordMapper.selectByExample();
@ -90,6 +90,9 @@ public class ExamDAOImpl implements ExamDAO {
return (active != null) return (active != null)
? example ? example
.where( .where(
ExamRecordDynamicSqlSupport.institutionId,
isEqualToWhenPresent(institutionId))
.and(
ExamRecordDynamicSqlSupport.active, ExamRecordDynamicSqlSupport.active,
isEqualToWhenPresent(BooleanUtils.toIntegerObject(active))) isEqualToWhenPresent(BooleanUtils.toIntegerObject(active)))
.build() .build()

7
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/InstitutionDAOImpl.java
View file

@ -15,7 +15,6 @@ import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.BooleanUtils;
@ -63,7 +62,7 @@ public class InstitutionDAOImpl implements InstitutionDAO {
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<Institution>> all(final Predicate<Institution> predicate, final Boolean active) { public Result<Collection<Institution>> all(final Long institutionId, final Boolean active) {
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<InstitutionRecord>>> example = final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<InstitutionRecord>>> example =
this.institutionRecordMapper.selectByExample(); this.institutionRecordMapper.selectByExample();
@ -71,6 +70,9 @@ public class InstitutionDAOImpl implements InstitutionDAO {
final List<InstitutionRecord> records = (active != null) final List<InstitutionRecord> records = (active != null)
? example ? example
.where( .where(
InstitutionRecordDynamicSqlSupport.id,
isEqualToWhenPresent(institutionId))
.and(
InstitutionRecordDynamicSqlSupport.active, InstitutionRecordDynamicSqlSupport.active,
isEqualToWhenPresent(BooleanUtils.toIntegerObject(active))) isEqualToWhenPresent(BooleanUtils.toIntegerObject(active)))
.build() .build()
@ -80,7 +82,6 @@ public class InstitutionDAOImpl implements InstitutionDAO {
return records.stream() return records.stream()
.map(InstitutionDAOImpl::toDomainModel) .map(InstitutionDAOImpl::toDomainModel)
.flatMap(Result::skipOnError) .flatMap(Result::skipOnError)
.filter(predicate)
.collect(Collectors.toList()); .collect(Collectors.toList());
}); });
} }

7
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/LmsSetupDAOImpl.java
View file

@ -15,7 +15,6 @@ import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.BooleanUtils;
@ -62,7 +61,7 @@ public class LmsSetupDAOImpl implements LmsSetupDAO {
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<LmsSetup>> all(final Predicate<LmsSetup> predicate, final Boolean active) { public Result<Collection<LmsSetup>> all(final Long institutionId, final Boolean active) {
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<LmsSetupRecord>>> example = final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<LmsSetupRecord>>> example =
this.lmsSetupRecordMapper.selectByExample(); this.lmsSetupRecordMapper.selectByExample();
@ -70,6 +69,9 @@ public class LmsSetupDAOImpl implements LmsSetupDAO {
final List<LmsSetupRecord> records = (active != null) final List<LmsSetupRecord> records = (active != null)
? example ? example
.where( .where(
LmsSetupRecordDynamicSqlSupport.institutionId,
isEqualToWhenPresent(institutionId))
.and(
LmsSetupRecordDynamicSqlSupport.active, LmsSetupRecordDynamicSqlSupport.active,
isEqualToWhenPresent(BooleanUtils.toIntegerObject(active))) isEqualToWhenPresent(BooleanUtils.toIntegerObject(active)))
.build() .build()
@ -79,7 +81,6 @@ public class LmsSetupDAOImpl implements LmsSetupDAO {
return records.stream() return records.stream()
.map(LmsSetupDAOImpl::toDomainModel) .map(LmsSetupDAOImpl::toDomainModel)
.flatMap(Result::skipOnError) .flatMap(Result::skipOnError)
.filter(predicate)
.collect(Collectors.toList()); .collect(Collectors.toList());
}); });
} }

37
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserActivityLogDAOImpl.java
View file

@ -255,7 +255,7 @@ public class UserActivityLogDAOImpl implements UserActivityLogDAO {
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<UserActivityLog>> all(final Predicate<UserActivityLog> predicate, final Boolean active) { public Result<Collection<UserActivityLog>> all(final Long institutionId) {
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
// first check if there is a page limitation set. Otherwise set the default // first check if there is a page limitation set. Otherwise set the default
@ -263,15 +263,32 @@ public class UserActivityLogDAOImpl implements UserActivityLogDAO {
this.paginationService.setDefaultLimitOfNotSet( this.paginationService.setDefaultLimitOfNotSet(
UserActivityLogRecordDynamicSqlSupport.userActivityLogRecord); UserActivityLogRecordDynamicSqlSupport.userActivityLogRecord);
return this.userLogRecordMapper if (institutionId == null) {
.selectByExample() return this.userLogRecordMapper
.build() .selectByExample()
.execute() .build()
.stream() .execute()
.map(UserActivityLogDAOImpl::toDomainModel) .stream()
.flatMap(Result::skipOnError) .map(UserActivityLogDAOImpl::toDomainModel)
.filter(predicate) .flatMap(Result::skipOnError)
.collect(Collectors.toList()); .collect(Collectors.toList());
} else {
return this.userLogRecordMapper
.selectByExample()
.join(UserRecordDynamicSqlSupport.userRecord)
.on(
UserRecordDynamicSqlSupport.uuid,
SqlBuilder.equalTo(UserActivityLogRecordDynamicSqlSupport.userUuid))
.where(
UserRecordDynamicSqlSupport.institutionId,
SqlBuilder.isEqualTo(institutionId))
.build()
.execute()
.stream()
.map(UserActivityLogDAOImpl::toDomainModel)
.flatMap(Result::skipOnError)
.collect(Collectors.toList());
}
}); });
} }

37
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDaoImpl.java
View file

@ -17,15 +17,12 @@ import java.util.List;
import java.util.Locale; import java.util.Locale;
import java.util.Set; import java.util.Set;
import java.util.UUID; import java.util.UUID;
import java.util.function.Predicate;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import javax.validation.constraints.NotNull; import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.BooleanUtils;
import org.joda.time.DateTimeZone; import org.joda.time.DateTimeZone;
import org.mybatis.dynamic.sql.select.MyBatis3SelectModelAdapter;
import org.mybatis.dynamic.sql.select.QueryExpressionDSL;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
@ -60,7 +57,6 @@ import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserDAO;
public class UserDaoImpl implements UserDAO { public class UserDaoImpl implements UserDAO {
private static final Logger log = LoggerFactory.getLogger(UserDaoImpl.class); private static final Logger log = LoggerFactory.getLogger(UserDaoImpl.class);
private static final UserFilter ALL_ACTIVE_ONLY_FILTER = new UserFilter(null, null, null, null, true, null);
private final UserRecordMapper userRecordMapper; private final UserRecordMapper userRecordMapper;
private final RoleRecordMapper roleRecordMapper; private final RoleRecordMapper roleRecordMapper;
@ -118,43 +114,35 @@ public class UserDaoImpl implements UserDAO {
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<UserInfo>> allActive() { public Result<Collection<UserInfo>> all(final Long institutionId, final Boolean active) {
return all(ALL_ACTIVE_ONLY_FILTER);
}
@Override
@Transactional(readOnly = true)
public Result<Collection<UserInfo>> all(final Predicate<UserInfo> predicate, final Boolean active) {
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
final QueryExpressionDSL<MyBatis3SelectModelAdapter<List<UserRecord>>> example =
this.userRecordMapper.selectByExample();
final List<UserRecord> records = (active != null) final List<UserRecord> records = (active != null)
? example ? this.userRecordMapper.selectByExample()
.where( .where(
UserRecordDynamicSqlSupport.institutionId,
isEqualToWhenPresent(institutionId))
.and(
UserRecordDynamicSqlSupport.active, UserRecordDynamicSqlSupport.active,
isEqualToWhenPresent(BooleanUtils.toIntegerObject(active))) isEqualToWhenPresent(BooleanUtils.toIntegerObject(active)))
.build() .build()
.execute() .execute()
: example.build().execute(); : this.userRecordMapper.selectByExample()
.where(
UserRecordDynamicSqlSupport.institutionId,
isEqualToWhenPresent(institutionId))
.build()
.execute();
return records.stream() return records.stream()
.map(this::toDomainModel) .map(this::toDomainModel)
.flatMap(Result::skipOnError) .flatMap(Result::skipOnError)
.filter(predicate)
.collect(Collectors.toList()); .collect(Collectors.toList());
}); });
} }
@Override @Override
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Result<Collection<UserInfo>> all(final UserFilter filter, final Predicate<UserInfo> predicate) { public Result<Collection<UserInfo>> allMatching(final UserFilter filter) {
if (filter == null) {
return (predicate == null)
? all()
: all(predicate);
}
return Result.tryCatch(() -> this.userRecordMapper.selectByExample().where( return Result.tryCatch(() -> this.userRecordMapper.selectByExample().where(
UserRecordDynamicSqlSupport.active, UserRecordDynamicSqlSupport.active,
isEqualToWhenPresent(BooleanUtils.toIntegerObject(filter.active))) isEqualToWhenPresent(BooleanUtils.toIntegerObject(filter.active)))
@ -168,7 +156,6 @@ public class UserDaoImpl implements UserDAO {
.stream() .stream()
.map(this::toDomainModel) .map(this::toDomainModel)
.flatMap(Result::skipOnError) .flatMap(Result::skipOnError)
.filter(predicate)
.collect(Collectors.toList())); .collect(Collectors.toList()));
} }

61
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/ActivatableEntityController.java
View file

@ -8,35 +8,87 @@
package ch.ethz.seb.sebserver.webservice.weblayer.api; package ch.ethz.seb.sebserver.webservice.weblayer.api;
import java.util.Collection;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import ch.ethz.seb.sebserver.gbl.model.Entity;
import ch.ethz.seb.sebserver.gbl.model.EntityKey; import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport; import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport;
import ch.ethz.seb.sebserver.gbl.model.EntityType; import ch.ethz.seb.sebserver.gbl.model.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Page;
import ch.ethz.seb.sebserver.gbl.util.Result; import ch.ethz.seb.sebserver.gbl.util.Result;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordDynamicSqlSupport;
import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService; import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.GrantEntity; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.GrantEntity;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction.Type; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction.Type;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.EntityDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.ActivatableEntityDAO;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO;
public abstract class ActivatableEntityController<T extends GrantEntity, M extends GrantEntity> public abstract class ActivatableEntityController<T extends GrantEntity, M extends GrantEntity>
extends EntityController<T, M> { extends EntityController<T, M> {
private final ActivatableEntityDAO<T, M> activatableEntityDAO;
public ActivatableEntityController( public ActivatableEntityController(
final AuthorizationGrantService authorizationGrantService, final AuthorizationGrantService authorizationGrantService,
final BulkActionService bulkActionService, final BulkActionService bulkActionService,
final EntityDAO<T, M> entityDAO, final ActivatableEntityDAO<T, M> entityDAO,
final UserActivityLogDAO userActivityLogDAO, final UserActivityLogDAO userActivityLogDAO,
final PaginationService paginationService) { final PaginationService paginationService) {
super(authorizationGrantService, bulkActionService, entityDAO, userActivityLogDAO, paginationService); super(authorizationGrantService, bulkActionService, entityDAO, userActivityLogDAO, paginationService);
this.activatableEntityDAO = entityDAO;
}
@RequestMapping(path = "/active", method = RequestMethod.GET)
public Page<T> allActive(
@RequestParam(
name = Entity.ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = Page.ATTR_PAGE_NUMBER, required = false) final Integer pageNumber,
@RequestParam(name = Page.ATTR_PAGE_SIZE, required = false) final Integer pageSize,
@RequestParam(name = Page.ATTR_SORT_BY, required = false) final String sortBy,
@RequestParam(name = Page.ATTR_SORT_ORDER, required = false) final Page.SortOrder sortOrder) {
checkReadPrivilege(institutionId);
return this.paginationService.getPage(
pageNumber,
pageSize,
sortBy,
sortOrder,
UserRecordDynamicSqlSupport.userRecord,
() -> this.activatableEntityDAO.all(institutionId, true).getOrThrow());
}
@RequestMapping(path = "/inactive", method = RequestMethod.GET)
public Page<T> allInactive(
@RequestParam(
name = Entity.ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = Page.ATTR_PAGE_NUMBER, required = false) final Integer pageNumber,
@RequestParam(name = Page.ATTR_PAGE_SIZE, required = false) final Integer pageSize,
@RequestParam(name = Page.ATTR_SORT_BY, required = false) final String sortBy,
@RequestParam(name = Page.ATTR_SORT_ORDER, required = false) final Page.SortOrder sortOrder) {
checkReadPrivilege(institutionId);
return this.paginationService.getPage(
pageNumber,
pageSize,
sortBy,
sortOrder,
UserRecordDynamicSqlSupport.userRecord,
() -> this.activatableEntityDAO.all(institutionId, false).getOrThrow());
} }
@RequestMapping(path = "/{id}/activate", method = RequestMethod.POST) @RequestMapping(path = "/{id}/activate", method = RequestMethod.POST)
@ -56,6 +108,11 @@ public abstract class ActivatableEntityController<T extends GrantEntity, M exten
return deactivate(id); return deactivate(id);
} }
@Override
protected Result<Collection<T>> getAll(final Long institutionId, final Boolean active) {
return this.activatableEntityDAO.all(institutionId, active);
}
private Result<EntityProcessingReport> setActive(final String id, final boolean active) { private Result<EntityProcessingReport> setActive(final String id, final boolean active) {
final EntityType entityType = this.entityDAO.entityType(); final EntityType entityType = this.entityDAO.entityType();
final BulkAction bulkAction = new BulkAction( final BulkAction bulkAction = new BulkAction(

51
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/EntityController.java
View file

@ -27,9 +27,7 @@ import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.EntityKeyAndName; import ch.ethz.seb.sebserver.gbl.model.EntityKeyAndName;
import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport; import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport;
import ch.ethz.seb.sebserver.gbl.model.EntityType; import ch.ethz.seb.sebserver.gbl.model.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Page;
import ch.ethz.seb.sebserver.gbl.util.Result; import ch.ethz.seb.sebserver.gbl.util.Result;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordDynamicSqlSupport;
import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService; import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.GrantEntity; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.GrantEntity;
@ -74,37 +72,8 @@ public abstract class EntityController<T extends GrantEntity, M extends GrantEnt
.getOrThrow(); .getOrThrow();
} }
@RequestMapping(path = "/all", method = RequestMethod.GET) @RequestMapping(path = "/in", method = RequestMethod.GET)
public Page<T> allActive( public Collection<T> getForIds(@RequestParam(name = "ids", required = true) final String ids) {
@RequestParam(
name = Entity.ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = Page.ATTR_PAGE_NUMBER, required = false) final Integer pageNumber,
@RequestParam(name = Page.ATTR_PAGE_SIZE, required = false) final Integer pageSize,
@RequestParam(name = Page.ATTR_SORT_BY, required = false) final String sortBy,
@RequestParam(name = Page.ATTR_SORT_ORDER, required = false) final Page.SortOrder sortOrder) {
checkReadPrivilege(institutionId);
return this.paginationService.getPage(
pageNumber,
pageSize,
sortBy,
sortOrder,
UserRecordDynamicSqlSupport.userRecord,
() -> this.entityDAO.all(entity -> true, true).getOrThrow());
}
@RequestMapping(path = "/all/in", method = RequestMethod.GET)
public Collection<T> getForIds(
@RequestParam(
name = Entity.ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = "ids", required = true) final String ids) {
checkReadPrivilege(institutionId);
return Result.tryCatch(() -> { return Result.tryCatch(() -> {
return Arrays.asList(StringUtils.split(ids, Constants.LIST_SEPARATOR_CHAR)) return Arrays.asList(StringUtils.split(ids, Constants.LIST_SEPARATOR_CHAR))
.stream() .stream()
@ -112,16 +81,24 @@ public abstract class EntityController<T extends GrantEntity, M extends GrantEnt
.collect(Collectors.toList()); .collect(Collectors.toList());
}) })
.flatMap(this.entityDAO::loadEntities) .flatMap(this.entityDAO::loadEntities)
.getOrThrow(); .getOrThrow()
.stream()
.filter(entity -> this.authorizationGrantService.hasGrant(entity, PrivilegeType.READ_ONLY))
.collect(Collectors.toList());
} }
@RequestMapping(path = "/names", method = RequestMethod.GET) @RequestMapping(path = "/names", method = RequestMethod.GET)
public Collection<EntityKeyAndName> getNames( public Collection<EntityKeyAndName> getNames(
@RequestParam(
name = Entity.ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = Entity.ATTR_ACTIVE, required = false) final Boolean active) { @RequestParam(name = Entity.ATTR_ACTIVE, required = false) final Boolean active) {
return this.entityDAO.all(entity -> true, true) return getAll(institutionId, active)
.getOrThrow() .getOrThrow()
.stream() .stream()
.filter(entity -> this.authorizationGrantService.hasGrant(entity, PrivilegeType.READ_ONLY))
.map(Entity::toName) .map(Entity::toName)
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
@ -170,4 +147,8 @@ public abstract class EntityController<T extends GrantEntity, M extends GrantEnt
PrivilegeType.READ_ONLY, PrivilegeType.READ_ONLY,
institutionId); institutionId);
} }
protected Result<Collection<T>> getAll(final Long institutionId, final Boolean active) {
return this.entityDAO.all(institutionId);
}
} }

72
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/ExamAdministrationController.java
View file

@ -13,22 +13,16 @@ import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import javax.validation.Valid;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime; import org.joda.time.DateTime;
import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import ch.ethz.seb.sebserver.gbl.Constants; import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport;
import ch.ethz.seb.sebserver.gbl.model.EntityType; import ch.ethz.seb.sebserver.gbl.model.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Page; import ch.ethz.seb.sebserver.gbl.model.Page;
import ch.ethz.seb.sebserver.gbl.model.Page.SortOrder; import ch.ethz.seb.sebserver.gbl.model.Page.SortOrder;
@ -37,29 +31,21 @@ import ch.ethz.seb.sebserver.gbl.model.exam.Exam.ExamStatus;
import ch.ethz.seb.sebserver.gbl.model.exam.Exam.ExamType; import ch.ethz.seb.sebserver.gbl.model.exam.Exam.ExamType;
import ch.ethz.seb.sebserver.gbl.model.exam.QuizData; import ch.ethz.seb.sebserver.gbl.model.exam.QuizData;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile; import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.gbl.util.Result;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.ExamRecordDynamicSqlSupport; import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.ExamRecordDynamicSqlSupport;
import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService; import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction.Type;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.ExamDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.ExamDAO;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO.ActivityType;
@WebServiceProfile @WebServiceProfile
@RestController @RestController
@RequestMapping("/${sebserver.webservice.api.admin.endpoint}" + RestAPI.ENDPOINT_EXAM_ADMINISTRATION) @RequestMapping("/${sebserver.webservice.api.admin.endpoint}" + RestAPI.ENDPOINT_EXAM_ADMINISTRATION)
public class ExamAdministrationController { public class ExamAdministrationController extends ActivatableEntityController<Exam, Exam> {
private final AuthorizationGrantService authorizationGrantService;
private final UserActivityLogDAO userActivityLogDAO;
private final ExamDAO examDAO; private final ExamDAO examDAO;
private final PaginationService paginationService;
private final BulkActionService bulkActionService;
public ExamAdministrationController( public ExamAdministrationController(
final AuthorizationGrantService authorizationGrantService, final AuthorizationGrantService authorizationGrantService,
@ -68,11 +54,8 @@ public class ExamAdministrationController {
final PaginationService paginationService, final PaginationService paginationService,
final BulkActionService bulkActionService) { final BulkActionService bulkActionService) {
this.authorizationGrantService = authorizationGrantService; super(authorizationGrantService, bulkActionService, examDAO, userActivityLogDAO, paginationService);
this.userActivityLogDAO = userActivityLogDAO;
this.examDAO = examDAO; this.examDAO = examDAO;
this.paginationService = paginationService;
this.bulkActionService = bulkActionService;
} }
@InitBinder @InitBinder
@ -96,7 +79,7 @@ public class ExamAdministrationController {
@RequestParam(name = Exam.FILTER_ATTR_TYPE, required = false) final ExamType type, @RequestParam(name = Exam.FILTER_ATTR_TYPE, required = false) final ExamType type,
@RequestParam(name = Exam.FILTER_ATTR_OWNER, required = false) final String owner) { @RequestParam(name = Exam.FILTER_ATTR_OWNER, required = false) final String owner) {
checkBaseReadPrivilege(institutionId); checkReadPrivilege(institutionId);
this.paginationService.setDefaultLimit(ExamRecordDynamicSqlSupport.examRecord); this.paginationService.setDefaultLimit(ExamRecordDynamicSqlSupport.examRecord);
return getExams(institutionId, lmsSetupId, active, name, from, status, type, owner); return getExams(institutionId, lmsSetupId, active, name, from, status, type, owner);
@ -120,7 +103,7 @@ public class ExamAdministrationController {
@RequestParam(name = Page.ATTR_SORT_BY, required = false) final String sortBy, @RequestParam(name = Page.ATTR_SORT_BY, required = false) final String sortBy,
@RequestParam(name = Page.ATTR_SORT_ORDER, required = false) final Page.SortOrder sortOrder) { @RequestParam(name = Page.ATTR_SORT_ORDER, required = false) final Page.SortOrder sortOrder) {
checkBaseReadPrivilege(institutionId); checkReadPrivilege(institutionId);
// NOTE: several attributes for sorting may be originated by the QuizData from LMS not by the database // NOTE: several attributes for sorting may be originated by the QuizData from LMS not by the database
// of the SEB Server. Therefore in the case we have no or the default sorting we can use the // of the SEB Server. Therefore in the case we have no or the default sorting we can use the
@ -166,46 +149,6 @@ public class ExamAdministrationController {
} }
} }
@RequestMapping(path = "/{id}", method = RequestMethod.GET)
public Exam byId(@PathVariable final Long id) {
return this.examDAO
.byPK(id)
.flatMap(exam -> this.authorizationGrantService.checkGrantOnEntity(
exam,
PrivilegeType.READ_ONLY))
.getOrThrow();
}
@RequestMapping(path = "/save", method = RequestMethod.POST)
public Exam save(@Valid @RequestBody final Exam exam) {
return this.authorizationGrantService
.checkGrantOnEntity(exam, PrivilegeType.MODIFY)
.flatMap(this.examDAO::save)
.flatMap(entity -> this.userActivityLogDAO.log(ActivityType.MODIFY, entity))
.getOrThrow();
}
@RequestMapping(path = "/{id}/activate", method = RequestMethod.POST)
public EntityProcessingReport activate(@PathVariable final Long id) {
return setActive(id, true)
.getOrThrow();
}
@RequestMapping(value = "/{id}/deactivate", method = RequestMethod.POST)
public EntityProcessingReport deactivate(@PathVariable final Long id) {
return setActive(id, false)
.getOrThrow();
}
private Result<EntityProcessingReport> setActive(final Long id, final boolean active) {
return this.bulkActionService.createReport(new BulkAction(
(active) ? Type.ACTIVATE : Type.DEACTIVATE,
EntityType.LMS_SETUP,
new EntityKey(id, EntityType.LMS_SETUP)));
}
private Collection<Exam> getExams( private Collection<Exam> getExams(
final Long institutionId, final Long institutionId,
final Long lmsSetupId, final Long lmsSetupId,
@ -236,11 +179,4 @@ public class ExamAdministrationController {
active).getOrThrow(); active).getOrThrow();
} }
private void checkBaseReadPrivilege(final Long institutionId) {
this.authorizationGrantService.checkPrivilege(
EntityType.EXAM,
PrivilegeType.READ_ONLY,
institutionId);
}
} }

5
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/InstitutionController.java
View file

@ -33,7 +33,6 @@ import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO;
public class InstitutionController extends ActivatableEntityController<Institution, Institution> { public class InstitutionController extends ActivatableEntityController<Institution, Institution> {
private final InstitutionDAO institutionDAO; private final InstitutionDAO institutionDAO;
private final AuthorizationGrantService authorizationGrantService;
public InstitutionController( public InstitutionController(
final InstitutionDAO institutionDAO, final InstitutionDAO institutionDAO,
@ -43,9 +42,7 @@ public class InstitutionController extends ActivatableEntityController<Instituti
final PaginationService paginationService) { final PaginationService paginationService) {
super(authorizationGrantService, bulkActionService, institutionDAO, userActivityLogDAO, paginationService); super(authorizationGrantService, bulkActionService, institutionDAO, userActivityLogDAO, paginationService);
this.institutionDAO = institutionDAO; this.institutionDAO = institutionDAO;
this.authorizationGrantService = authorizationGrantService;
} }
@RequestMapping(path = "/self", method = RequestMethod.GET) @RequestMapping(path = "/self", method = RequestMethod.GET)
@ -69,7 +66,7 @@ public class InstitutionController extends ActivatableEntityController<Instituti
// User has only institutional privilege, can see only the institution he/she belongs to // User has only institutional privilege, can see only the institution he/she belongs to
return Arrays.asList(getOwn()); return Arrays.asList(getOwn());
} else { } else {
return this.institutionDAO.all(inst -> true, active).getOrThrow(); return this.institutionDAO.all(null, active).getOrThrow();
} }
} }

137
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/LmsSetupController.java
View file

@ -10,10 +10,8 @@ package ch.ethz.seb.sebserver.webservice.weblayer.api;
import java.io.InputStream; import java.io.InputStream;
import java.util.Collection; import java.util.Collection;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import org.apache.tomcat.util.http.fileupload.IOUtils; import org.apache.tomcat.util.http.fileupload.IOUtils;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
@ -21,40 +19,30 @@ import org.springframework.http.MediaType;
import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.EntityKeyAndName;
import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport;
import ch.ethz.seb.sebserver.gbl.model.EntityType; import ch.ethz.seb.sebserver.gbl.model.EntityType;
import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup; import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup;
import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup.LmsType; import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup.LmsType;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile; import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.gbl.util.Result; import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkAction.Type;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.LmsSetupDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.LmsSetupDAO;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.UserActivityLogDAO.ActivityType;
import ch.ethz.seb.sebserver.webservice.servicelayer.lms.LmsAPIService; import ch.ethz.seb.sebserver.webservice.servicelayer.lms.LmsAPIService;
@WebServiceProfile @WebServiceProfile
@RestController @RestController
@RequestMapping("/${sebserver.webservice.api.admin.endpoint}" + RestAPI.ENDPOINT_LMS_SETUP) @RequestMapping("/${sebserver.webservice.api.admin.endpoint}" + RestAPI.ENDPOINT_LMS_SETUP)
public class LmsSetupController { public class LmsSetupController extends ActivatableEntityController<LmsSetup, LmsSetup> {
private final LmsSetupDAO lmsSetupDAO; private final LmsSetupDAO lmsSetupDAO;
private final AuthorizationGrantService authorizationGrantService;
private final UserActivityLogDAO userActivityLogDAO;
private final BulkActionService bulkActionService;
private final LmsAPIService lmsAPIService; private final LmsAPIService lmsAPIService;
public LmsSetupController( public LmsSetupController(
@ -62,12 +50,12 @@ public class LmsSetupController {
final AuthorizationGrantService authorizationGrantService, final AuthorizationGrantService authorizationGrantService,
final UserActivityLogDAO userActivityLogDAO, final UserActivityLogDAO userActivityLogDAO,
final BulkActionService bulkActionService, final BulkActionService bulkActionService,
final LmsAPIService lmsAPIService) { final LmsAPIService lmsAPIService,
final PaginationService paginationService) {
super(authorizationGrantService, bulkActionService, lmsSetupDAO, userActivityLogDAO, paginationService);
this.lmsSetupDAO = lmsSetupDAO; this.lmsSetupDAO = lmsSetupDAO;
this.authorizationGrantService = authorizationGrantService;
this.userActivityLogDAO = userActivityLogDAO;
this.bulkActionService = bulkActionService;
this.lmsAPIService = lmsAPIService; this.lmsAPIService = lmsAPIService;
} }
@ -95,34 +83,6 @@ public class LmsSetupController {
.getOrThrow(); .getOrThrow();
} }
@RequestMapping(path = "/names", method = RequestMethod.GET)
public Collection<EntityKeyAndName> getNames(
@RequestParam(
name = LmsSetup.FILTER_ATTR_INSTITUTION,
required = true,
defaultValue = UserService.USERS_INSTITUTION_AS_DEFAULT) final Long institutionId,
@RequestParam(name = LmsSetup.FILTER_ATTR_NAME, required = false) final String name,
@RequestParam(name = LmsSetup.FILTER_ATTR_LMS_TYPE, required = false) final LmsType lmsType,
@RequestParam(name = LmsSetup.FILTER_ATTR_ACTIVE, required = false) final Boolean active) {
checkReadPrivilege(institutionId);
return getAll(institutionId, name, lmsType, active)
.stream()
.map(LmsSetup::toName)
.collect(Collectors.toList());
}
@RequestMapping(path = "/{id}", method = RequestMethod.GET)
public LmsSetup getById(@PathVariable final Long id) {
return this.lmsSetupDAO
.byPK(id)
.flatMap(lmsSetup -> this.authorizationGrantService.checkGrantOnEntity(
lmsSetup,
PrivilegeType.READ_ONLY))
.getOrThrow();
}
@RequestMapping( @RequestMapping(
path = "/create_seb_config/{id}", path = "/create_seb_config/{id}",
method = RequestMethod.GET, method = RequestMethod.GET,
@ -151,89 +111,4 @@ public class LmsSetupController {
} }
} }
@RequestMapping(path = "/create", method = RequestMethod.PUT)
public LmsSetup create(@Valid @RequestBody final LmsSetup lmsSetup) {
return save(lmsSetup, PrivilegeType.WRITE)
.getOrThrow();
}
@RequestMapping(path = "/save", method = RequestMethod.POST)
public LmsSetup save(@Valid @RequestBody final LmsSetup lmsSetup) {
return save(lmsSetup, PrivilegeType.MODIFY)
.getOrThrow();
}
@RequestMapping(path = "/{id}/activate", method = RequestMethod.POST)
public EntityProcessingReport activate(@PathVariable final Long id) {
return setActive(id, true);
}
@RequestMapping(value = "/{id}/deactivate", method = RequestMethod.POST)
public EntityProcessingReport deactivate(@PathVariable final Long id) {
return setActive(id, false);
}
@RequestMapping(path = "/{id}/delete", method = RequestMethod.DELETE)
public EntityProcessingReport deleteUser(@PathVariable final Long id) {
checkPrivilegeForInstitution(id, PrivilegeType.WRITE);
return this.bulkActionService.createReport(new BulkAction(
Type.DEACTIVATE,
EntityType.LMS_SETUP,
new EntityKey(id, EntityType.LMS_SETUP)))
.getOrThrow();
}
@RequestMapping(path = "/{id}/hard-delete", method = RequestMethod.DELETE)
public EntityProcessingReport hardDeleteUser(@PathVariable final Long id) {
checkPrivilegeForInstitution(id, PrivilegeType.WRITE);
return this.bulkActionService.createReport(new BulkAction(
Type.HARD_DELETE,
EntityType.LMS_SETUP,
new EntityKey(id, EntityType.LMS_SETUP)))
.getOrThrow();
}
private void checkPrivilegeForInstitution(final Long lmsSetupId, final PrivilegeType type) {
this.authorizationGrantService.checkHasAnyPrivilege(
EntityType.LMS_SETUP,
type);
this.lmsSetupDAO.byPK(lmsSetupId)
.flatMap(institution -> this.authorizationGrantService.checkGrantOnEntity(
institution,
type))
.getOrThrow();
}
private EntityProcessingReport setActive(final Long id, final boolean active) {
checkPrivilegeForInstitution(id, PrivilegeType.MODIFY);
return this.bulkActionService.createReport(new BulkAction(
(active) ? Type.ACTIVATE : Type.DEACTIVATE,
EntityType.LMS_SETUP,
new EntityKey(id, EntityType.LMS_SETUP)))
.getOrThrow();
}
private Result<LmsSetup> save(final LmsSetup lmsSetup, final PrivilegeType privilegeType) {
final ActivityType activityType = (lmsSetup.id == null)
? ActivityType.CREATE
: ActivityType.MODIFY;
return this.authorizationGrantService
.checkGrantOnEntity(lmsSetup, privilegeType)
.flatMap(this.lmsSetupDAO::save)
.flatMap(exam -> this.userActivityLogDAO.log(activityType, exam));
}
private void checkReadPrivilege(final Long institutionId) {
this.authorizationGrantService.checkPrivilege(
EntityType.LMS_SETUP,
PrivilegeType.READ_ONLY,
institutionId);
}
} }

25
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/UserAccountController.java
View file

@ -9,6 +9,8 @@
package ch.ethz.seb.sebserver.webservice.weblayer.api; package ch.ethz.seb.sebserver.webservice.weblayer.api;
import java.util.Collection; import java.util.Collection;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import org.springframework.context.ApplicationEventPublisher; import org.springframework.context.ApplicationEventPublisher;
import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.WebDataBinder;
@ -28,6 +30,7 @@ import ch.ethz.seb.sebserver.gbl.util.Result;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordDynamicSqlSupport; import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordDynamicSqlSupport;
import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService; import ch.ethz.seb.sebserver.webservice.servicelayer.PaginationService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.AuthorizationGrantService;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.GrantEntity;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.PrivilegeType;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService; import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.UserService;
import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService; import ch.ethz.seb.sebserver.webservice.servicelayer.bulkaction.BulkActionService;
@ -41,8 +44,6 @@ import ch.ethz.seb.sebserver.webservice.weblayer.oauth.RevokeTokenEndpoint;
public class UserAccountController extends ActivatableEntityController<UserInfo, UserMod> { public class UserAccountController extends ActivatableEntityController<UserInfo, UserMod> {
private final UserDAO userDao; private final UserDAO userDao;
private final AuthorizationGrantService authorizationGrantService;
private final PaginationService paginationService;
private final ApplicationEventPublisher applicationEventPublisher; private final ApplicationEventPublisher applicationEventPublisher;
public UserAccountController( public UserAccountController(
@ -55,8 +56,6 @@ public class UserAccountController extends ActivatableEntityController<UserInfo,
super(authorizationGrantService, bulkActionService, userDao, userActivityLogDAO, paginationService); super(authorizationGrantService, bulkActionService, userDao, userActivityLogDAO, paginationService);
this.userDao = userDao; this.userDao = userDao;
this.authorizationGrantService = authorizationGrantService;
this.paginationService = paginationService;
this.applicationEventPublisher = applicationEventPublisher; this.applicationEventPublisher = applicationEventPublisher;
} }
@ -137,17 +136,21 @@ public class UserAccountController extends ActivatableEntityController<UserInfo,
PrivilegeType.READ_ONLY)) { PrivilegeType.READ_ONLY)) {
return this.userDao return this.userDao
.all(userFilter) .allMatching(userFilter)
.getOrThrow(); .getOrThrow();
} else { } else {
return this.userDao.all( final Predicate<GrantEntity> grantFilter = this.authorizationGrantService.getGrantFilter(
userFilter, EntityType.USER,
this.authorizationGrantService.getGrantFilter( PrivilegeType.READ_ONLY);
EntityType.USER,
PrivilegeType.READ_ONLY)) return this.userDao
.getOrThrow(); .allMatching(userFilter)
.getOrThrow()
.stream()
.filter(grantFilter)
.collect(Collectors.toList());
} }
} }

123
src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/AdministrationAPIIntegrationTest.java
View file

@ -9,10 +9,13 @@
package ch.ethz.seb.sebserver.webservice.integration.api; package ch.ethz.seb.sebserver.webservice.integration.api;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import java.util.HashMap;
import java.util.Map;
import org.junit.Before; import org.junit.Before;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -20,16 +23,22 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.json.JacksonJsonParser; import org.springframework.boot.json.JacksonJsonParser;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.RequestBuilder;
import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.ResultActions;
import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.WebApplicationContext;
import com.fasterxml.jackson.core.type.TypeReference;
import ch.ethz.seb.sebserver.SEBServer; import ch.ethz.seb.sebserver.SEBServer;
import ch.ethz.seb.sebserver.gbl.JSONMapper; import ch.ethz.seb.sebserver.gbl.JSONMapper;
@ -99,12 +108,110 @@ public abstract class AdministrationAPIIntegrationTest {
return obtainAccessToken("examAdmin1", "admin"); return obtainAccessToken("examAdmin1", "admin");
} }
// protected static class TestHelper { protected class RestAPITestHelper {
//
// private Supplier<String> accessTokenSuplier; private String path = "";
// private String query; private final Map<String, String> queryAttrs = new HashMap<>();
// private String endpoint; private String accessToken;
// private Object private HttpStatus expectedStatus;
// } private HttpMethod httpMethod = HttpMethod.GET;
public RestAPITestHelper withAccessToken(final String accessToken) {
this.accessToken = accessToken;
return this;
}
public RestAPITestHelper withPath(final String path) {
this.path = this.path + path;
return this;
}
public RestAPITestHelper withAttribute(final String name, final String value) {
this.queryAttrs.put(name, value);
return this;
}
public RestAPITestHelper withExpectedStatus(final HttpStatus expectedStatus) {
this.expectedStatus = expectedStatus;
return this;
}
public RestAPITestHelper withMethod(final HttpMethod httpMethod) {
this.httpMethod = httpMethod;
return this;
}
public String getAsString() throws Exception {
final ResultActions action = AdministrationAPIIntegrationTest.this.mockMvc
.perform(requestBuilder());
if (this.expectedStatus != null) {
action.andExpect(status().is(this.expectedStatus.value()));
}
return action
.andReturn()
.getResponse()
.getContentAsString();
}
public <T> T getAsObject(final TypeReference<T> ref) throws Exception {
final ResultActions action = AdministrationAPIIntegrationTest.this.mockMvc
.perform(requestBuilder());
if (this.expectedStatus != null) {
action.andExpect(status().is(this.expectedStatus.value()));
}
return AdministrationAPIIntegrationTest.this.jsonMapper.readValue(
action
.andReturn()
.getResponse()
.getContentAsString(),
ref);
}
private RequestBuilder requestBuilder() {
MockHttpServletRequestBuilder builder = get(getFullPath());
switch (this.httpMethod) {
case GET:
builder = get(getFullPath());
break;
case POST:
builder = post(getFullPath());
break;
case PUT:
builder = put(getFullPath());
break;
case DELETE:
builder = delete(getFullPath());
break;
case PATCH:
builder = patch(getFullPath());
break;
default:
get(getFullPath());
break;
}
return builder.header("Authorization", "Bearer " + this.accessToken);
}
private String getFullPath() {
final StringBuilder sb = new StringBuilder();
sb.append(AdministrationAPIIntegrationTest.this.endpoint);
sb.append(this.path);
if (!this.queryAttrs.isEmpty()) {
sb.append("?");
this.queryAttrs.entrySet()
.stream()
.reduce(
sb,
(buffer, entry) -> buffer.append(entry.getKey()).append("=").append(entry.getValue())
.append("&"),
(sb1, sb2) -> sb1.append(sb2));
sb.deleteCharAt(sb.length() - 1);
}
return sb.toString();
}
}
} }

231
src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/UserAPITest.java
View file

@ -24,6 +24,7 @@ import java.util.stream.Stream;
import org.joda.time.DateTime; import org.joda.time.DateTime;
import org.joda.time.DateTimeZone; import org.joda.time.DateTimeZone;
import org.junit.Test; import org.junit.Test;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.test.context.jdbc.Sql; import org.springframework.test.context.jdbc.Sql;
@ -32,6 +33,7 @@ import com.fasterxml.jackson.core.type.TypeReference;
import ch.ethz.seb.sebserver.gbl.Constants; import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.model.APIMessage; import ch.ethz.seb.sebserver.gbl.model.APIMessage;
import ch.ethz.seb.sebserver.gbl.model.EntityKey; import ch.ethz.seb.sebserver.gbl.model.EntityKey;
import ch.ethz.seb.sebserver.gbl.model.EntityKeyAndName;
import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport; import ch.ethz.seb.sebserver.gbl.model.EntityProcessingReport;
import ch.ethz.seb.sebserver.gbl.model.Page; import ch.ethz.seb.sebserver.gbl.model.Page;
import ch.ethz.seb.sebserver.gbl.model.user.UserActivityLog; import ch.ethz.seb.sebserver.gbl.model.user.UserActivityLog;
@ -46,11 +48,11 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
@Test @Test
public void getMyUserInfo() throws Exception { public void getMyUserInfo() throws Exception {
String sebAdminAccessToken = getSebAdminAccess(); String contentAsString = new RestAPITestHelper()
String contentAsString = this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/me") .withAccessToken(getSebAdminAccess())
.header("Authorization", "Bearer " + sebAdminAccessToken)) .withPath(RestAPI.ENDPOINT_USER_ACCOUNT + "/me")
.andExpect(status().isOk()) .withExpectedStatus(HttpStatus.OK)
.andReturn().getResponse().getContentAsString(); .getAsString();
assertEquals( assertEquals(
"{\"uuid\":\"user1\"," "{\"uuid\":\"user1\","
@ -64,11 +66,11 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
+ "\"userRoles\":[\"SEB_SERVER_ADMIN\"]}", + "\"userRoles\":[\"SEB_SERVER_ADMIN\"]}",
contentAsString); contentAsString);
sebAdminAccessToken = getAdminInstitution1Access(); contentAsString = new RestAPITestHelper()
contentAsString = this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/me") .withAccessToken(getAdminInstitution1Access())
.header("Authorization", "Bearer " + sebAdminAccessToken)) .withPath(RestAPI.ENDPOINT_USER_ACCOUNT + "/me")
.andExpect(status().isOk()) .withExpectedStatus(HttpStatus.OK)
.andReturn().getResponse().getContentAsString(); .getAsString();
assertEquals( assertEquals(
"{\"uuid\":\"user2\"," "{\"uuid\":\"user2\","
@ -119,22 +121,20 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
@Test @Test
public void institutionalAdminNotAllowedToSeeUsersOfOtherInstitution() throws Exception { public void institutionalAdminNotAllowedToSeeUsersOfOtherInstitution() throws Exception {
final String token = getAdminInstitution1Access(); new RestAPITestHelper()
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "?institution=2") .withAccessToken(getAdminInstitution1Access())
.header("Authorization", "Bearer " + token)) .withPath(RestAPI.ENDPOINT_USER_ACCOUNT + "?institution=2")
.andExpect(status().isForbidden()) .withExpectedStatus(HttpStatus.FORBIDDEN)
.andReturn().getResponse().getContentAsString(); .getAsString();
} }
@Test @Test
public void getAllUserInfoNoFilter() throws Exception { public void getAllUserInfoNoFilter() throws Exception {
String token = getSebAdminAccess(); List<UserInfo> userInfos = new RestAPITestHelper()
List<UserInfo> userInfos = this.jsonMapper.readValue( .withAccessToken(getSebAdminAccess())
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT) .withPath(RestAPI.ENDPOINT_USER_ACCOUNT)
.header("Authorization", "Bearer " + token)) .withExpectedStatus(HttpStatus.OK)
.andExpect(status().isOk()) .getAsObject(new TypeReference<List<UserInfo>>() {
.andReturn().getResponse().getContentAsString(),
new TypeReference<List<UserInfo>>() {
}); });
// expecting all users for a SEBAdmin except inactive. // expecting all users for a SEBAdmin except inactive.
@ -144,13 +144,12 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
assertNotNull(getUserInfo("inst1Admin", userInfos)); assertNotNull(getUserInfo("inst1Admin", userInfos));
assertNotNull(getUserInfo("examSupporter", userInfos)); assertNotNull(getUserInfo("examSupporter", userInfos));
token = getAdminInstitution2Access(); userInfos = new RestAPITestHelper()
userInfos = this.jsonMapper.readValue( .withAccessToken(getAdminInstitution2Access())
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "?institution=2") .withPath(RestAPI.ENDPOINT_USER_ACCOUNT)
.header("Authorization", "Bearer " + token)) .withAttribute("institution", "2")
.andExpect(status().isOk()) .withExpectedStatus(HttpStatus.OK)
.andReturn().getResponse().getContentAsString(), .getAsObject(new TypeReference<List<UserInfo>>() {
new TypeReference<List<UserInfo>>() {
}); });
// expecting all users of institution 2 also inactive when active flag is not set // expecting all users of institution 2 also inactive when active flag is not set
@ -162,13 +161,13 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
assertNotNull(getUserInfo("user1", userInfos)); assertNotNull(getUserInfo("user1", userInfos));
//.. and without inactive, if active flag is set to true //.. and without inactive, if active flag is set to true
token = getAdminInstitution2Access(); userInfos = new RestAPITestHelper()
userInfos = this.jsonMapper.readValue( .withAccessToken(getAdminInstitution2Access())
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "?institution=2&active=true") .withPath(RestAPI.ENDPOINT_USER_ACCOUNT)
.header("Authorization", "Bearer " + token)) .withAttribute("institution", "2")
.andExpect(status().isOk()) .withAttribute("active", "true")
.andReturn().getResponse().getContentAsString(), .withExpectedStatus(HttpStatus.OK)
new TypeReference<List<UserInfo>>() { .getAsObject(new TypeReference<List<UserInfo>>() {
}); });
assertNotNull(userInfos); assertNotNull(userInfos);
@ -178,13 +177,13 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
assertNotNull(getUserInfo("user1", userInfos)); assertNotNull(getUserInfo("user1", userInfos));
//.. and only inactive, if active flag is set to false //.. and only inactive, if active flag is set to false
token = getAdminInstitution2Access(); userInfos = new RestAPITestHelper()
userInfos = this.jsonMapper.readValue( .withAccessToken(getAdminInstitution2Access())
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "?institution=2&active=false") .withPath(RestAPI.ENDPOINT_USER_ACCOUNT)
.header("Authorization", "Bearer " + token)) .withAttribute("institution", "2")
.andExpect(status().isOk()) .withAttribute("active", "false")
.andReturn().getResponse().getContentAsString(), .withExpectedStatus(HttpStatus.OK)
new TypeReference<List<UserInfo>>() { .getAsObject(new TypeReference<List<UserInfo>>() {
}); });
assertNotNull(userInfos); assertNotNull(userInfos);
@ -887,6 +886,152 @@ public class UserAPITest extends AdministrationAPIIntegrationTest {
assertEquals("user6", userLog.entityId); assertEquals("user6", userLog.entityId);
} }
@Test
public void testGeneralAllActiveInactiveEndpoint() throws Exception {
final String sebAdminToken = getSebAdminAccess();
// all active for the own institution
Page<UserInfo> usersPage = this.jsonMapper.readValue(
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/active")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Page<UserInfo>>() {
});
assertNotNull(usersPage);
assertTrue(usersPage.pageSize == 3);
assertEquals("[user1, user2, user5]", getOrderedUUIDs(usersPage.content));
// all inactive of the own institution
usersPage = this.jsonMapper.readValue(
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/inactive")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Page<UserInfo>>() {
});
assertNotNull(usersPage);
assertTrue(usersPage.pageSize == 0);
assertEquals("[]", getOrderedUUIDs(usersPage.content));
// all active of institution 2
usersPage = this.jsonMapper.readValue(
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/active?institution=2")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Page<UserInfo>>() {
});
assertNotNull(usersPage);
assertTrue(usersPage.pageSize == 3);
assertEquals("[user3, user4, user7]", getOrderedUUIDs(usersPage.content));
// all inactive of institution 2
usersPage = this.jsonMapper.readValue(
this.mockMvc.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/inactive?institution=2")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Page<UserInfo>>() {
});
assertNotNull(usersPage);
assertTrue(usersPage.pageSize == 1);
assertEquals("[user6]", getOrderedUUIDs(usersPage.content));
}
@Test
public void testGeneralInEndpoint() throws Exception {
final String sebAdminToken = getSebAdminAccess();
// for SEB Admin it should be possible to get from different institutions
Collection<UserInfo> users = this.jsonMapper.readValue(
this.mockMvc
.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/in?ids=user1,user2,user6,user7")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Collection<UserInfo>>() {
});
assertNotNull(users);
assertTrue(users.size() == 4);
assertEquals("[user1, user2, user6, user7]", getOrderedUUIDs(users));
// for an institutional admin it should only be possible to get from own institution
final String instAdminToken = getAdminInstitution2Access();
users = this.jsonMapper.readValue(
this.mockMvc
.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/in?ids=user1,user2,user6,user7")
.header("Authorization", "Bearer " + instAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Collection<UserInfo>>() {
});
assertNotNull(users);
assertTrue(users.size() == 2);
assertEquals("[user6, user7]", getOrderedUUIDs(users));
}
@Test
public void testGeneralNamesEndpoint() throws Exception {
final String sebAdminToken = getSebAdminAccess();
// for SEB Admin
Collection<EntityKeyAndName> names = this.jsonMapper.readValue(
this.mockMvc
.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/names")
.header("Authorization", "Bearer " + sebAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Collection<EntityKeyAndName>>() {
});
assertNotNull(names);
assertTrue(names.size() == 3);
assertEquals("[EntityIdAndName [entityType=USER, id=user1, name=SEBAdmin], "
+ "EntityIdAndName [entityType=USER, id=user2, name=Institutional1 Admin], "
+ "EntityIdAndName [entityType=USER, id=user5, name=Exam Supporter]]", names.toString());
// for an institutional admin 2
final String instAdminToken = getAdminInstitution2Access();
names = this.jsonMapper.readValue(
this.mockMvc
.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/names")
.header("Authorization", "Bearer " + instAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Collection<EntityKeyAndName>>() {
});
assertNotNull(names);
assertTrue(names.size() == 4);
assertEquals("[EntityIdAndName [entityType=USER, id=user3, name=Institutional2 Admin], "
+ "EntityIdAndName [entityType=USER, id=user4, name=ExamAdmin1], "
+ "EntityIdAndName [entityType=USER, id=user6, name=Deactivated], "
+ "EntityIdAndName [entityType=USER, id=user7, name=User]]", names.toString());
// for an institutional admin 2 only active
names = this.jsonMapper.readValue(
this.mockMvc
.perform(get(this.endpoint + RestAPI.ENDPOINT_USER_ACCOUNT + "/names?active=true")
.header("Authorization", "Bearer " + instAdminToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString(),
new TypeReference<Collection<EntityKeyAndName>>() {
});
assertNotNull(names);
assertTrue(names.size() == 3);
assertEquals("[EntityIdAndName [entityType=USER, id=user3, name=Institutional2 Admin], "
+ "EntityIdAndName [entityType=USER, id=user4, name=ExamAdmin1], "
+ "EntityIdAndName [entityType=USER, id=user7, name=User]]", names.toString());
}
private UserInfo getUserInfo(final String name, final Collection<UserInfo> infos) { private UserInfo getUserInfo(final String name, final Collection<UserInfo> infos) {
try { try {
return infos return infos