diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/Privilege.java b/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/Privilege.java
index c0b555cc..f46fdaa3 100644
--- a/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/Privilege.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/Privilege.java
@@ -24,7 +24,7 @@ import ch.ethz.seb.sebserver.gbl.model.user.UserRole;
/** Defines a Privilege by combining a PrivilegeType for base (overall) rights,
* institutional rights and ownership rights.
- *
+ *
* A base-, institutional- and ownership- grant is checked in this exact order and the
* first match fund makes a grant or a denied if none of the three privilege levels has a match */
public final class Privilege {
@@ -87,11 +87,11 @@ public final class Privilege {
}
/** Checks if this Privilege has a grant for a given context.
- *
+ *
* The privilege grant check function always checks first the base privilege with no institutional or owner grant.
* If user has a grant on base privileges this returns true without checking further institutional or owner grant
* If user has no base privilege grant the function checks further grants, first the institutional grant, where
- * the institution id and the users institution id must match and further more the owner grant, where ownerId
+ * the institution id and the users institution id must match and furthermore the owner grant, where ownerId
* and the users id must match.
*
* @param userId The user identifier of the user to check the grant on
@@ -184,7 +184,7 @@ public final class Privilege {
}
/** Checks if the current user has role based edit access to a specified user account.
- *
+ *
* If user account has UserRole.SEB_SERVER_ADMIN this always gives true
* If user account has UserRole.INSTITUTIONAL_ADMIN this is true if the given user account has
* not the UserRole.SEB_SERVER_ADMIN (institutional administrators should not be able to edit SEB Server
@@ -197,17 +197,15 @@ public final class Privilege {
public static boolean hasRoleBasedUserAccountEditGrant(final UserAccount userAccount, final UserInfo currentUser) {
final EnumSet userRolesOfUserAccount = userAccount.getUserRoles();
final EnumSet userRolesOfCurrentUser = currentUser.getUserRoles();
+
if (userRolesOfCurrentUser.contains(UserRole.SEB_SERVER_ADMIN)) {
return true;
}
+
if (userRolesOfCurrentUser.contains(UserRole.INSTITUTIONAL_ADMIN)) {
return !userRolesOfUserAccount.contains(UserRole.SEB_SERVER_ADMIN);
}
- if (currentUser.equals(userAccount)) {
- return true;
- }
- return false;
+ return currentUser.equals(userAccount);
}
-
}
diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/PrivilegeType.java b/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/PrivilegeType.java
index ddeb7bee..3bcec162 100644
--- a/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/PrivilegeType.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gbl/api/authorization/PrivilegeType.java
@@ -8,18 +8,38 @@
package ch.ethz.seb.sebserver.gbl.api.authorization;
+import java.util.Arrays;
+
/** Defines SEB-Server internal privilege types **/
public enum PrivilegeType {
/** No privilege type at all (placeholder) */
- NONE,
+ NONE(0, 'n'),
+ /** Only assigned entity privileges for the specific entity type. This is used as a marker to indicate that
+ * the user has no overall entity type privileges but might have assigned entity privileges. */
+ ASSIGNED(1, 'a'),
/** The read privilege type for read access */
- READ,
+ READ( 2, 'r'),
/** The modify privilege type includes read-only type privilege plus privilege for editing right but without create
- * and delete
- * rights */
- MODIFY,
+ * and delete rights */
+ MODIFY(3, 'm'),
/** The write privilege type including modify privilege type plus creation and deletion rights */
- WRITE;
+ WRITE(4, 'w');
+
+ public final byte key;
+ public final char code;
+
+ PrivilegeType(final int key, final char code) {
+ this.key = (byte) key;
+ this.code = code;
+ }
+
+ public static PrivilegeType byKey(final byte key) {
+ return Arrays.stream(PrivilegeType.values()).filter(t -> t.key == key).findFirst().orElse(NONE);
+ }
+
+ public static PrivilegeType byCode(final char code) {
+ return Arrays.stream(PrivilegeType.values()).filter(t -> t.code == code).findFirst().orElse(NONE);
+ }
/** Use this to check implicit privilege.
*
diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/EntityPrivilege.java b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/EntityPrivilege.java
new file mode 100644
index 00000000..f0a244c1
--- /dev/null
+++ b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/EntityPrivilege.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2023 ETH Zürich, Educational Development and Technology (LET)
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+package ch.ethz.seb.sebserver.gbl.model.user;
+
+
+
+import java.util.Objects;
+
+import ch.ethz.seb.sebserver.gbl.api.EntityType;
+import ch.ethz.seb.sebserver.gbl.api.authorization.PrivilegeType;
+import ch.ethz.seb.sebserver.gbl.model.Domain.*;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class EntityPrivilege {
+
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ID)
+ public final Long id;
+
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ENTITY_TYPE)
+ public final EntityType entityType;
+
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ENTITY_ID)
+ public final Long entityId;
+
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_USER_UUID)
+ public final String userUUID;
+
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_PRIVILEGE_TYPE)
+ public final PrivilegeType privilegeType;
+
+ @JsonCreator
+ public EntityPrivilege(
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ID) final Long id,
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ENTITY_TYPE) final EntityType entityType,
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_ENTITY_ID) final Long entityId,
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_USER_UUID) final String userUUID,
+ @JsonProperty(ENTITY_PRIVILEGE.ATTR_PRIVILEGE_TYPE) final PrivilegeType privilegeType) {
+
+ this.id = id;
+ this.entityType = entityType;
+ this.entityId = entityId;
+ this.userUUID = userUUID;
+ this.privilegeType = privilegeType;
+ }
+
+ public Long getId() {
+ return this.id;
+ }
+
+ public EntityType getEntityType() {
+ return this.entityType;
+ }
+
+ public Long getEntityId() {
+ return this.entityId;
+ }
+
+ public String getUserUUID() {
+ return this.userUUID;
+ }
+
+ public PrivilegeType getPrivilegeType() {
+ return this.privilegeType;
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(this.id);
+ }
+
+ @Override
+ public boolean equals(final Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ final EntityPrivilege other = (EntityPrivilege) obj;
+ return Objects.equals(this.id, other.id);
+ }
+
+ @Override
+ public String toString() {
+ final StringBuilder builder = new StringBuilder();
+ builder.append("EntityPrivilege [id=");
+ builder.append(this.id);
+ builder.append(", entityType=");
+ builder.append(this.entityType);
+ builder.append(", entityId=");
+ builder.append(this.entityId);
+ builder.append(", userUUID=");
+ builder.append(this.userUUID);
+ builder.append(", privilegeType=");
+ builder.append(this.privilegeType);
+ builder.append("]");
+ return builder.toString();
+ }
+
+}
diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/FeaturePrivilege.java b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/FeaturePrivilege.java
new file mode 100644
index 00000000..23591e85
--- /dev/null
+++ b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/FeaturePrivilege.java
@@ -0,0 +1,62 @@
+package ch.ethz.seb.sebserver.gbl.model.user;
+
+import java.util.Objects;
+
+import ch.ethz.seb.sebserver.gbl.model.Domain.*;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class FeaturePrivilege {
+
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_ID)
+ public final Long id;
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_FEATURE_ID)
+ public final Long featureId;
+
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_USER_UUID)
+ public final String userUUID;
+
+ public FeaturePrivilege(
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_ID) final Long id,
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_FEATURE_ID) final Long featureId,
+ @JsonProperty(FEATURE_PRIVILEGE.ATTR_USER_UUID) final String userUUID) {
+
+ this.id = id;
+ this.featureId = featureId;
+ this.userUUID = userUUID;
+ }
+ public Long getId() {
+ return id;
+ }
+
+ public Long getFeatureId() {
+ return featureId;
+ }
+
+ public String getUserUUID() {
+ return userUUID;
+ }
+
+ @Override
+ public boolean equals(final Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+ final FeaturePrivilege that = (FeaturePrivilege) o;
+ return Objects.equals(id, that.id);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(id);
+ }
+
+ @Override
+ public String toString() {
+ return "FeaturePrivilege{" +
+ "id=" + id +
+ ", featureId=" + featureId +
+ ", userUUID='" + userUUID + '\'' +
+ '}';
+ }
+}
diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java
index a2fde698..50bca939 100644
--- a/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java
@@ -8,12 +8,9 @@
package ch.ethz.seb.sebserver.gbl.model.user;
+import java.io.Serial;
import java.io.Serializable;
-import java.util.Arrays;
-import java.util.EnumSet;
-import java.util.HashSet;
-import java.util.Locale;
-import java.util.Set;
+import java.util.*;
import java.util.stream.Collectors;
import javax.validation.constraints.Email;
@@ -21,17 +18,13 @@ import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
+import com.fasterxml.jackson.annotation.*;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.joda.time.DateTimeZone;
import org.springframework.util.CollectionUtils;
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import com.fasterxml.jackson.annotation.JsonProperty;
-
import ch.ethz.seb.sebserver.gbl.api.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Domain.USER;
import ch.ethz.seb.sebserver.gbl.model.Domain.USER_ROLE;
@@ -40,16 +33,20 @@ import ch.ethz.seb.sebserver.gbl.model.EntityName;
import ch.ethz.seb.sebserver.gbl.util.Utils;
/** The user info domain model contains primary user information
- *
+ *
* This domain model is annotated and fully serializable and deserializable
* to and from JSON within the Jackson library.
- *
+ *
* This domain model is immutable and thread-save */
@JsonIgnoreProperties(ignoreUnknown = true)
public final class UserInfo implements UserAccount, Serializable {
+ @Serial
private static final long serialVersionUID = 2526446136264377808L;
+ public static final String ATTR_ENTITY_PRIVILEGES = "entityPrivileges";
+ public static final String ATTR_FEATURE_PRIVILEGES = "featurePrivileges";
+
public static final String FILTER_ATTR_SURNAME = "surname";
public static final String FILTER_ATTR_USER_NAME = "username";
public static final String FILTER_ATTR_EMAIL = "email";
@@ -112,6 +109,13 @@ public final class UserInfo implements UserAccount, Serializable {
@JsonProperty(USER_ROLE.REFERENCE_NAME)
public final Set roles;
+ @JsonProperty(ATTR_ENTITY_PRIVILEGES)
+ @JsonInclude(JsonInclude.Include.NON_EMPTY)
+ public final Collection entityPrivileges;
+ @JsonProperty(ATTR_FEATURE_PRIVILEGES)
+ @JsonInclude(JsonInclude.Include.NON_EMPTY)
+ public final Collection featurePrivileges;
+
@JsonCreator
public UserInfo(
@JsonProperty(USER.ATTR_UUID) final String uuid,
@@ -124,7 +128,9 @@ public final class UserInfo implements UserAccount, Serializable {
@JsonProperty(USER.ATTR_ACTIVE) final Boolean active,
@JsonProperty(USER.ATTR_LANGUAGE) final Locale language,
@JsonProperty(USER.ATTR_TIMEZONE) final DateTimeZone timeZone,
- @JsonProperty(USER_ROLE.REFERENCE_NAME) final Set roles) {
+ @JsonProperty(USER_ROLE.REFERENCE_NAME) final Set roles,
+ @JsonProperty(ATTR_ENTITY_PRIVILEGES) final Collection entityPrivileges,
+ @JsonProperty(ATTR_FEATURE_PRIVILEGES) final Collection featurePrivileges) {
this.uuid = uuid;
this.institutionId = institutionId;
@@ -137,6 +143,8 @@ public final class UserInfo implements UserAccount, Serializable {
this.language = language;
this.timeZone = timeZone;
this.roles = Utils.immutableSetOf(roles);
+ this.entityPrivileges = Utils.immutableCollectionOf(entityPrivileges);
+ this.featurePrivileges = Utils.immutableCollectionOf(featurePrivileges);
}
@Override
@@ -213,6 +221,14 @@ public final class UserInfo implements UserAccount, Serializable {
return this.roles;
}
+ public Collection getEntityPrivileges() {
+ return entityPrivileges;
+ }
+
+ public Collection getFeaturePrivileges() {
+ return featurePrivileges;
+ }
+
@Override
@JsonIgnore
public EnumSet getUserRoles() {
@@ -323,7 +339,9 @@ public final class UserInfo implements UserAccount, Serializable {
userInfo.getActive(),
userInfo.getLanguage(),
userInfo.getTimeZone(),
- userInfo.roles);
+ userInfo.roles,
+ userInfo.entityPrivileges,
+ userInfo.featurePrivileges);
}
/** Use this to create a copy of a given UserInfo by overriding available arguments.
@@ -358,7 +376,9 @@ public final class UserInfo implements UserAccount, Serializable {
userInfo.getActive(),
(language != null) ? language : userInfo.getLanguage(),
(timeZone != null) ? timeZone : userInfo.getTimeZone(),
- (roles != null) ? new HashSet<>(Arrays.asList(roles)) : userInfo.roles);
+ (roles != null) ? new HashSet<>(Arrays.asList(roles)) : userInfo.roles,
+ userInfo.entityPrivileges,
+ userInfo.featurePrivileges);
}
public static UserInfo withEMail(final UserInfo userInfo, final String email) {
diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/UserServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/UserServiceImpl.java
index 19cfd637..812d18b3 100644
--- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/UserServiceImpl.java
+++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/UserServiceImpl.java
@@ -12,6 +12,7 @@ import java.beans.PropertyEditorSupport;
import java.security.Principal;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Collections;
import java.util.stream.Collectors;
import org.slf4j.Logger;
@@ -140,11 +141,12 @@ public class UserServiceImpl implements UserService {
private static final SEBServerUser ANONYMOUS_USER = new SEBServerUser(
-1L,
new UserInfo("SEB_SERVER_ANONYMOUS_USER", -2L, null, "anonymous", "anonymous", "anonymous", null, false,
- null,
- null,
+ null, null,
Arrays.stream(UserRole.values())
.map(Enum::name)
- .collect(Collectors.toSet())),
+ .collect(Collectors.toSet()),
+ Collections.emptyList(),
+ Collections.emptyList()),
null);
}
diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDAOImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDAOImpl.java
index 6f51b102..46df54ce 100644
--- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDAOImpl.java
+++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDAOImpl.java
@@ -23,6 +23,11 @@ import java.util.stream.Collectors;
import javax.validation.constraints.NotNull;
+import ch.ethz.seb.sebserver.gbl.api.authorization.PrivilegeType;
+import ch.ethz.seb.sebserver.gbl.model.user.*;
+import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.*;
+import ch.ethz.seb.sebserver.webservice.datalayer.batis.model.EntityPrivilegeRecord;
+import ch.ethz.seb.sebserver.webservice.datalayer.batis.model.FeaturePrivilegeRecord;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
@@ -47,16 +52,8 @@ import ch.ethz.seb.sebserver.gbl.api.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Domain;
import ch.ethz.seb.sebserver.gbl.model.EntityDependency;
import ch.ethz.seb.sebserver.gbl.model.EntityKey;
-import ch.ethz.seb.sebserver.gbl.model.user.UserAccount;
-import ch.ethz.seb.sebserver.gbl.model.user.UserInfo;
-import ch.ethz.seb.sebserver.gbl.model.user.UserMod;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.gbl.util.Result;
-import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.InstitutionRecordDynamicSqlSupport;
-import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.RoleRecordDynamicSqlSupport;
-import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.RoleRecordMapper;
-import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordDynamicSqlSupport;
-import ch.ethz.seb.sebserver.webservice.datalayer.batis.mapper.UserRecordMapper;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.model.RoleRecord;
import ch.ethz.seb.sebserver.webservice.datalayer.batis.model.UserRecord;
import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.impl.SEBServerUser;
@@ -75,15 +72,21 @@ public class UserDAOImpl implements UserDAO {
private final UserRecordMapper userRecordMapper;
private final RoleRecordMapper roleRecordMapper;
+ private final EntityPrivilegeRecordMapper entityPrivilegeRecordMapper;
+ private final FeaturePrivilegeRecordMapper featurePrivilegeRecordMapper;
private final PasswordEncoder userPasswordEncoder;
public UserDAOImpl(
final UserRecordMapper userRecordMapper,
final RoleRecordMapper roleRecordMapper,
+ final EntityPrivilegeRecordMapper entityPrivilegeRecordMapper,
+ final FeaturePrivilegeRecordMapper featurePrivilegeRecordMapper,
@Qualifier(WebSecurityConfig.USER_PASSWORD_ENCODER_BEAN_NAME) final PasswordEncoder userPasswordEncoder) {
this.userRecordMapper = userRecordMapper;
this.roleRecordMapper = roleRecordMapper;
+ this.entityPrivilegeRecordMapper = entityPrivilegeRecordMapper;
+ this.featurePrivilegeRecordMapper = featurePrivilegeRecordMapper;
this.userPasswordEncoder = userPasswordEncoder;
}
@@ -442,7 +445,7 @@ public class UserDAOImpl implements UserDAO {
} else {
try {
- if (keys == null || keys.isEmpty()) {
+ if (keys.isEmpty()) {
return Collections.emptySet();
}
@@ -524,6 +527,7 @@ public class UserDAOImpl implements UserDAO {
return Result.tryCatch(() -> {
+ final String uuid = record.getUuid();
final List roles = getRoles(record);
Set userRoles = Collections.emptySet();
if (roles != null) {
@@ -534,7 +538,7 @@ public class UserDAOImpl implements UserDAO {
}
return new UserInfo(
- record.getUuid(),
+ uuid,
record.getInstitutionId(),
record.getCreationDate(),
record.getName(),
@@ -544,10 +548,66 @@ public class UserDAOImpl implements UserDAO {
BooleanUtils.toBooleanObject(record.getActive()),
Locale.forLanguageTag(record.getLanguage()),
DateTimeZone.forID(record.getTimezone()),
- userRoles);
+ userRoles,
+ getEntityPrivileges(uuid),
+ getFeaturePrivileges(uuid));
});
}
+ private Collection getFeaturePrivileges(final String uuid) {
+ try {
+
+ return this.featurePrivilegeRecordMapper
+ .selectByExample()
+ .where(FeaturePrivilegeRecordDynamicSqlSupport.userUuid, isEqualTo(uuid))
+ .build()
+ .execute()
+ .stream()
+ .map(this::toFeaturePrivilegeModel)
+ .collect(Collectors.toList());
+
+ } catch (final Exception e) {
+ log.error("Failed to load feature privileges for user: {}", uuid);
+ return Collections.emptyList();
+ }
+ }
+
+
+
+ private Collection getEntityPrivileges(final String uuid) {
+ try {
+
+ return this.entityPrivilegeRecordMapper
+ .selectByExample()
+ .where(EntityPrivilegeRecordDynamicSqlSupport.userUuid, isEqualTo(uuid))
+ .build()
+ .execute()
+ .stream()
+ .map(this::toEntityPrivilegeModel)
+ .collect(Collectors.toList());
+
+ } catch (final Exception e) {
+ log.error("Failed to load entity privileges for user: {}", uuid);
+ return Collections.emptyList();
+ }
+ }
+
+ private EntityPrivilege toEntityPrivilegeModel(final EntityPrivilegeRecord record) {
+ return new EntityPrivilege(
+ record.getId(),
+ EntityType.valueOf(record.getEntityType()),
+ record.getEntityId(),
+ record.getUserUuid(),
+ PrivilegeType.byKey(record.getPrivilegeType()));
+ }
+
+ private FeaturePrivilege toFeaturePrivilegeModel(final FeaturePrivilegeRecord record) {
+ return new FeaturePrivilege(
+ record.getId(),
+ record.getFeatureId(),
+ record.getUserUuid());
+ }
+
private Result sebServerUserFromRecord(final UserRecord record) {
return toDomainModel(record)
.map(userInfo -> new SEBServerUser(
diff --git a/src/test/java/ch/ethz/seb/sebserver/gbl/model/ModelObjectJSONGenerator.java b/src/test/java/ch/ethz/seb/sebserver/gbl/model/ModelObjectJSONGenerator.java
index a4131008..3e0ab14d 100644
--- a/src/test/java/ch/ethz/seb/sebserver/gbl/model/ModelObjectJSONGenerator.java
+++ b/src/test/java/ch/ethz/seb/sebserver/gbl/model/ModelObjectJSONGenerator.java
@@ -85,7 +85,9 @@ public class ModelObjectJSONGenerator {
Object domainObject = new UserInfo("uuid", 1L, DateTime.now(), "name", "surname", "username", "email",
true, Locale.ENGLISH, DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name(), UserRole.EXAM_SUPPORTER.name())));
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name(), UserRole.EXAM_SUPPORTER.name())),
+ Collections.emptyList(),
+ Collections.emptyList());
System.out.println(domainObject.getClass().getSimpleName() + ":");
System.out.println(writerWithDefaultPrettyPrinter.writeValueAsString(domainObject));
diff --git a/src/test/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfoTest.java b/src/test/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfoTest.java
index a6b4d1ea..63fcd597 100644
--- a/src/test/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfoTest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfoTest.java
@@ -11,6 +11,7 @@ package ch.ethz.seb.sebserver.gbl.model.user;
import static org.junit.Assert.assertEquals;
import java.util.Arrays;
+import java.util.Collections;
import java.util.HashSet;
import java.util.Locale;
@@ -29,15 +30,21 @@ public class UserInfoTest {
new UserInfo("id1", 1L, new DateTime(0, DateTimeZone.UTC), "user1", "", "user1", "user1@inst2.none",
true, Locale.ENGLISH,
DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name()))),
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())),
+ Collections.emptyList(),
+ Collections.emptyList()),
new UserInfo("id2", 3L, new DateTime(0, DateTimeZone.UTC), "user2", "", "user2", "user2@inst2.none",
true, Locale.ENGLISH,
DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name()))),
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())),
+ Collections.emptyList(),
+ Collections.emptyList()),
new UserInfo("id3", 4L, new DateTime(0, DateTimeZone.UTC), "user3", "", "user3", "user3@inst2.none",
false, Locale.GERMAN,
DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())))));
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())),
+ Collections.emptyList(),
+ Collections.emptyList())));
final JSONMapper jsonMapper = new JSONMapper();
//final ObjectWriter writerWithDefaultPrettyPrinter = jsonMapper.writerWithDefaultPrettyPrinter();
diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/ConfigurationAttributeAPITest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/ConfigurationAttributeAPITest.java
index ce030701..cafe9e61 100644
--- a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/ConfigurationAttributeAPITest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/ConfigurationAttributeAPITest.java
@@ -10,10 +10,7 @@ package ch.ethz.seb.sebserver.webservice.integration.api.admin;
import static org.junit.jupiter.api.Assertions.*;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.EnumSet;
-import java.util.List;
+import java.util.*;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
@@ -59,7 +56,11 @@ public class ConfigurationAttributeAPITest extends AdministrationAPIIntegrationT
this.userServiceImpl.setAuthenticationIfAbsent(new SEBServerUser(
-1L,
new UserInfo("user1", 1L, null, "admin", null, null, null, true, null, null,
- EnumSet.allOf(UserRole.class).stream().map(r -> r.name()).collect(Collectors.toSet())),
+ EnumSet.allOf(UserRole.class).stream().map(r -> r.name()).collect(Collectors.toSet()),
+ Collections.emptyList(),
+ Collections.emptyList()
+
+ ),
null));
Mockito.when(this.mockRequest.getQueryString()).thenReturn("");
}
diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/OrientationAPITest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/OrientationAPITest.java
index e41fcffc..387cd86e 100644
--- a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/OrientationAPITest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/OrientationAPITest.java
@@ -10,6 +10,7 @@ package ch.ethz.seb.sebserver.webservice.integration.api.admin;
import static org.junit.jupiter.api.Assertions.*;
+import java.util.Collections;
import java.util.EnumSet;
import java.util.stream.Collectors;
@@ -55,7 +56,9 @@ public class OrientationAPITest extends AdministrationAPIIntegrationTester {
this.userServiceImpl.setAuthenticationIfAbsent(new SEBServerUser(
-1L,
new UserInfo("user1", 1L, null, "admin", null, null, null, true, null, null,
- EnumSet.allOf(UserRole.class).stream().map(r -> r.name()).collect(Collectors.toSet())),
+ EnumSet.allOf(UserRole.class).stream().map(r -> r.name()).collect(Collectors.toSet()),
+ Collections.emptyList(),
+ Collections.emptyList()),
null));
Mockito.when(this.mockRequest.getQueryString()).thenReturn("");
}
diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/UserAPITest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/UserAPITest.java
index 3bd00abd..9ece114a 100644
--- a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/UserAPITest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/admin/UserAPITest.java
@@ -12,12 +12,7 @@ import static org.junit.Assert.*;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Locale;
-import java.util.NoSuchElementException;
+import java.util.*;
import java.util.stream.Collectors;
import java.util.stream.Stream;
@@ -598,7 +593,9 @@ public class UserAPITest extends AdministrationAPIIntegrationTester {
user.getActive(),
user.getLanguage(),
user.getTimeZone(),
- Stream.of(UserRole.EXAM_ADMIN.name(), UserRole.EXAM_SUPPORTER.name()).collect(Collectors.toSet()));
+ Stream.of(UserRole.EXAM_ADMIN.name(), UserRole.EXAM_SUPPORTER.name()).collect(Collectors.toSet()),
+ Collections.emptyList(),
+ Collections.emptyList());
final String modifyUserJson = this.jsonMapper.writeValueAsString(modifyUser);
UserInfo modifiedUserResult = this.jsonMapper.readValue(
@@ -756,7 +753,9 @@ public class UserAPITest extends AdministrationAPIIntegrationTester {
final UserInfo userInfo = new UserInfo(
"NewTestUser", 2L, new DateTime(0, DateTimeZone.UTC), "NewTestUser", "", "NewTestUser",
"", true, Locale.CANADA, DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())));
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())),
+ Collections.emptyList(),
+ Collections.emptyList());
final String newUserJson = this.jsonMapper.writeValueAsString(userInfo);
this.mockMvc.perform(put(this.endpoint + API.USER_ACCOUNT_ENDPOINT)
.header("Authorization", "Bearer " + token)
@@ -783,7 +782,9 @@ public class UserAPITest extends AdministrationAPIIntegrationTester {
final UserInfo userInfo = new UserInfo(
"NewTestUser", 2L, new DateTime(0, DateTimeZone.UTC), "NewTestUser", "", "NewTestUser",
"", true, Locale.CANADA, DateTimeZone.UTC,
- new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())));
+ new HashSet<>(Arrays.asList(UserRole.EXAM_ADMIN.name())),
+ Collections.emptyList(),
+ Collections.emptyList());
//final UserMod newUser = new UserMod(userInfo, "12345678", "12345678");
final String newUserJson = this.jsonMapper.writeValueAsString(userInfo);
this.mockMvc.perform(put(this.endpoint + API.USER_ACCOUNT_ENDPOINT)
diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationServiceTest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationServiceTest.java
index 42eaba24..bcb6672e 100644
--- a/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationServiceTest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationServiceTest.java
@@ -75,7 +75,9 @@ public class AuthorizationServiceTest {
DateTimeZone.UTC,
roles != null
? new HashSet<>(Arrays.asList(roles).stream().map(r -> r.name()).collect(Collectors.toList()))
- : Collections.emptySet());
+ : Collections.emptySet(),
+ Collections.emptyList(),
+ Collections.emptyList());
return new SEBServerUser(0L, userInfo, "");
}
diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/proctoring/ExamJITSIProctoringServiceTest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/proctoring/ExamJITSIProctoringServiceTest.java
index 549c6464..e59b2a77 100644
--- a/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/proctoring/ExamJITSIProctoringServiceTest.java
+++ b/src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/proctoring/ExamJITSIProctoringServiceTest.java
@@ -12,6 +12,7 @@ import static org.junit.Assert.*;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
import org.junit.Test;
import org.mockito.Mockito;
@@ -145,7 +146,11 @@ public class ExamJITSIProctoringServiceTest {
private JitsiProctoringService getMockup() {
final UserService userService = Mockito.mock(UserService.class);
Mockito.when(userService.getCurrentUser()).thenReturn(new SEBServerUser(1L,
- new UserInfo("1", 1L, null, "proctor-user", null, null, null, null, null, null, null), ""));
+ new UserInfo("1", 1L, null, "proctor-user", null,
+ null, null, null, null, null, null,
+ Collections.emptyList(),
+ Collections.emptyList())
+ , ""));
final AuthorizationService authorizationService = Mockito.mock(AuthorizationService.class);
Mockito.when(authorizationService.getUserService()).thenReturn(userService);