SEBSERV-8 #added java doc and finished model

src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserFilter.java

@@ -8,49 +8,70 @@
 
 package ch.ethz.seb.sebserver.gbl.model.user;
 
-import java.util.Set;
+import com.fasterxml.jackson.annotation.JsonProperty;
 
-import org.joda.time.DateTime;
+import ch.ethz.seb.sebserver.gbl.model.Domain.USER;
 
-/** TODO what filter criteria do we need? */
 public final class UserFilter {
 
-    public final Set<Long> institutionIds;
+    @JsonProperty(USER.ATTR_ACTIVE)
-    public final String name;
-    public final String username;
-    public final String email;
-    public final DateTime creationDateFrom;
-    public final DateTime creationDateTo;
-    public final Set<Long> createdById;
     public final Boolean active;
-    public final Set<String> locales;
+    @JsonProperty(USER.ATTR_INSTITUTION_ID)
-    public final Set<String> timeZones;
+    public final Long institutionId;
-    public final Set<String> roles;
+    @JsonProperty(USER.ATTR_NAME)
+    public final String name;
+    @JsonProperty(USER.ATTR_USER_NAME)
+    public final String userName;
+    @JsonProperty(USER.ATTR_EMAIL)
+    public final String email;
+    @JsonProperty(USER.ATTR_LOCALE)
+    public final String locale;
 
     public UserFilter(
-            final Set<Long> institutionIds,
+            @JsonProperty(USER.ATTR_INSTITUTION_ID) final Long institutionId,
-            final String name,
+            @JsonProperty(USER.ATTR_NAME) final String name,
-            final String username,
+            @JsonProperty(USER.ATTR_USER_NAME) final String userName,
-            final String email,
+            @JsonProperty(USER.ATTR_EMAIL) final String email,
-            final DateTime creationDateFrom,
+            @JsonProperty(USER.ATTR_ACTIVE) final Boolean active,
-            final DateTime creationDateTo,
+            @JsonProperty(USER.ATTR_LOCALE) final String locale) {
-            final Set<Long> createdById,
-            final Boolean active,
-            final Set<String> locales,
-            final Set<String> timeZones,
-            final Set<String> roles) {
 
-        this.institutionIds = institutionIds;
+        this.institutionId = institutionId;
         this.name = name;
-        this.username = username;
+        this.userName = userName;
         this.email = email;
-        this.creationDateFrom = creationDateFrom;
-        this.creationDateTo = creationDateTo;
-        this.createdById = createdById;
         this.active = active;
-        this.locales = locales;
+        this.locale = locale;
-        this.timeZones = timeZones;
+    }
-        this.roles = roles;
+
+    public Long getInstitutionId() {
+        return this.institutionId;
+    }
+
+    public String getName() {
+        return this.name;
+    }
+
+    public String getUserName() {
+        return this.userName;
+    }
+
+    public String getEmail() {
+        return this.email;
+    }
+
+    public Boolean getActive() {
+        return this.active;
+    }
+
+    public String getLocale() {
+        return this.locale;
+    }
+
+    @Override
+    public String toString() {
+        return "UserFilter [institutionId=" + this.institutionId + ", name=" + this.name + ", userName=" + this.userName
+                + ", email="
+                + this.email + ", active=" + this.active + ", locale=" + this.locale + "]";
     }
 
 }

src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java

@@ -61,7 +61,7 @@ public final class UserInfo implements Entity, Serializable {
     @NotNull
     @Size(min = 3, max = 255, message = "userInfo:username:size:{min}:{max}:${validatedValue}")
     @JsonProperty(USER.ATTR_USER_NAME)
-    public final String username;
+    public final String userName;
 
     /** E-mail address of the user */
     @Email(message = "userInfo:email:email:_:_:${validatedValue}")
@@ -93,7 +93,7 @@ public final class UserInfo implements Entity, Serializable {
             @JsonProperty(USER.ATTR_UUID) final String uuid,
             @JsonProperty(USER.ATTR_INSTITUTION_ID) final Long institutionId,
             @JsonProperty(USER.ATTR_NAME) final String name,
-            @JsonProperty(USER.ATTR_USER_NAME) final String username,
+            @JsonProperty(USER.ATTR_USER_NAME) final String userName,
             @JsonProperty(USER.ATTR_EMAIL) final String email,
             @JsonProperty(USER.ATTR_ACTIVE) final Boolean active,
             @JsonProperty(USER.ATTR_LOCALE) final Locale locale,
@@ -103,7 +103,7 @@ public final class UserInfo implements Entity, Serializable {
         this.uuid = uuid;
         this.institutionId = institutionId;
         this.name = name;
-        this.username = username;
+        this.userName = userName;
         this.email = email;
         this.active = BooleanUtils.isTrue(active);
         this.locale = locale;
@@ -130,8 +130,8 @@ public final class UserInfo implements Entity, Serializable {
         return this.name;
     }
 
-    public String getUsername() {
+    public String getUserName() {
-        return this.username;
+        return this.userName;
     }
 
     public String getEmail() {
@@ -187,8 +187,8 @@ public final class UserInfo implements Entity, Serializable {
     @Override
     public String toString() {
         return "UserInfo [uuid=" + this.uuid + ", institutionId=" + this.institutionId + ", name=" + this.name
-                + ", username="
+                + ", userName="
-                + this.username + ", email=" + this.email + ", active=" + this.active + ", locale=" + this.locale
+                + this.userName + ", email=" + this.email + ", active=" + this.active + ", locale=" + this.locale
                 + ", timeZone=" + this.timeZone
                 + ", roles=" + this.roles + "]";
     }
@@ -202,7 +202,7 @@ public final class UserInfo implements Entity, Serializable {
                 userInfo.getUuid(),
                 userInfo.getInstitutionId(),
                 userInfo.getName(),
-                userInfo.getUsername(),
+                userInfo.getUserName(),
                 userInfo.getEmail(),
                 userInfo.getActive(),
                 userInfo.getLocale(),

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationGrantRule.java

@@ -10,16 +10,26 @@ package ch.ethz.seb.sebserver.webservice.servicelayer.authorization;
 
 import ch.ethz.seb.sebserver.gbl.model.EntityType;
 
+/** Defines a authorization grant rule for a specified EntityType.
+ *
+ * If there is the need for a specialized authorization grant rule for a specified EntityType, just
+ * create an implementation of this interface for a specified EntityType as a normal Spring Component
+ * and the AuthorizationGrantService will automatically collect it on initialization and use it for
+ * the specified EntityType instead of the default implementation. */
 public interface AuthorizationGrantRule {
 
+    /** The EntityType of the authorization grant rule implementation.
+     * This is used by the AuthorizationGrantService on initialization.
+     *
+     * @return the authorization grant rule implementation */
     EntityType entityType();
 
+    /** Implements a authorization grant rule check for a given entity, user and grant type.
+     *
+     * @param entity the GrantEntity instance to check the grant rule on
+     * @param user the SEBServerUser instance to check the grant rule on
+     * @param grantType the GrantType to check
+     * @return true if a given user has a given grant-type on a given entity, false otherwise */
     boolean hasGrant(GrantEntity entity, SEBServerUser user, GrantType grantType);
 
-//    boolean hasReadGrant(GrantEntity entity, SEBServerUser user);
-//
-//    boolean hasModifyGrant(GrantEntity entity, SEBServerUser user);
-//
-//    boolean hasWriteGrant(GrantEntity entity, SEBServerUser user);
-
 }

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationGrantService.java

@@ -25,12 +25,19 @@ import ch.ethz.seb.sebserver.gbl.model.user.UserRole;
 import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
 import ch.ethz.seb.sebserver.webservice.servicelayer.authorization.RoleTypeGrant.RoleTypeKey;
 
+/** A service to check authorization grants for a given user for entity-types and -instances
+ *
+ * If there is one or more GrantEntity objects within an authenticated user-request, this service
+ * can be used check the authenticated user access grant within the object. Check if a given user
+ * has write, modify or even read-only rights on an entity instance or on an entity type. */
 @Lazy
 @Service
 @WebServiceProfile
 public class AuthorizationGrantService {
 
+    /** Map of role based grants for specified entity types. */
     private final Map<RoleTypeGrant.RoleTypeKey, RoleTypeGrant> grants = new HashMap<>();
+    /** Map of collected AuthorizationGrantRule exceptions */
     private final Map<EntityType, AuthorizationGrantRule> exceptionalRules =
             new EnumMap<>(EntityType.class);
 
@@ -48,6 +55,7 @@ public class AuthorizationGrantService {
         }
     }
 
+    /** Initialize the (hard-coded) grants */
     @PostConstruct
     public void init() {
         // grants for institution
@@ -100,6 +108,16 @@ public class AuthorizationGrantService {
         // TODO other entities
     }
 
+    /** Checks if a given user has a specified grant for a given entity-type
+     *
+     * NOTE: within this method only base-privileges for a given entity-type are checked
+     * there is no institutional or ownership grant check because this information lays on an entity-instance
+     * rather then the entity-type.
+     *
+     * @param entityType the entity type
+     * @param grantType the grant type to check
+     * @param principal an authorization Principal instance to extract the user from
+     * @return true if a given user has a specified grant for a given entity-type. False otherwise */
     public boolean hasTypeGrant(final EntityType entityType, final GrantType grantType, final Principal principal) {
         final SEBServerUser user = this.currentUserService.extractFromPrincipal(principal);
         for (final UserRole role : user.getUserRoles()) {
@@ -112,10 +130,22 @@ public class AuthorizationGrantService {
         return false;
     }
 
-    public boolean hasGrant(final GrantEntity entity, final GrantType type, final Principal principal) {
+    /** Checks if a given user has specified grant for a given entity-instance
-        return hasGrant(entity, type, this.currentUserService.extractFromPrincipal(principal));
+     *
+     * @param entity the entity-instance
+     * @param grantType the grant type to check
+     * @param principal an authorization Principal instance to extract the user from
+     * @return true if a given user has a specified grant for a given entity-instance. False otherwise */
+    public boolean hasGrant(final GrantEntity entity, final GrantType grantType, final Principal principal) {
+        return hasGrant(entity, grantType, this.currentUserService.extractFromPrincipal(principal));
     }
 
+    /** Checks if a given user has specified grant for a given entity-instance
+     *
+     * @param entity the entity-instance
+     * @param grantType the grant type to check
+     * @param user a SEBServerUser instance to check grant for
+     * @return true if a given user has a specified grant for a given entity-instance. False otherwise */
     public boolean hasGrant(final GrantEntity entity, final GrantType grantType, final SEBServerUser user) {
         final AuthorizationGrantRule authorizationGrantRule = getGrantRule(entity.entityType());
         if (authorizationGrantRule == null) {
@@ -125,14 +155,26 @@ public class AuthorizationGrantService {
         return authorizationGrantRule.hasGrant(entity, user, grantType);
     }
 
+    /** Closure to get a grant check predicate to filter a several entity-instances within the same grant
+     *
+     * @param entityType the EntityType for the grant check filter
+     * @param grantType the GrantType for the grant check filter
+     * @param principal an authorization Principal instance to extract the user from
+     * @return A filter predicate working on the given attributes to check user grants */
     public <T extends GrantEntity> Predicate<T> getGrantFilter(
             final EntityType entityType,
-            final GrantType type,
+            final GrantType grantType,
             final Principal principal) {
 
-        return getGrantFilter(entityType, type, this.currentUserService.extractFromPrincipal(principal));
+        return getGrantFilter(entityType, grantType, this.currentUserService.extractFromPrincipal(principal));
     }
 
+    /** Closure to get a grant check predicate to filter a several entity-instances within the same grant
+     *
+     * @param entityType the EntityType for the grant check filter
+     * @param grantType the GrantType for the grant check filter
+     * @param user a SEBServerUser instance to check grant for
+     * @return A filter predicate working on the given attributes to check user grants */
     public <T extends GrantEntity> Predicate<T> getGrantFilter(
             final EntityType entityType,
             final GrantType grantType,
@@ -153,6 +195,52 @@ public class AuthorizationGrantService {
         return new GrantRuleBuilder(entityType);
     }
 
+    /** This is the default (or base) implementation of a AuthorizationGrantRule.
+     *
+     * The rule is: go over all user-roles of the given user and for each user-role check
+     * if there is base-privilege on the given entity-type for the given grant type.
+     * if true return true
+     * if false; check if there is a given institutional-privilege on the given
+     * entity-instance for the given grant type.
+     * if true return true
+     * if false; check if there is a given ownership-privilege on the given
+     * entity-instance for the given grant type.
+     * if true return true
+     * if false return false */
+    private final class BaseTypeGrantRule implements AuthorizationGrantRule {
+
+        private final EntityType type;
+        private final Map<UserRole, RoleTypeGrant> grants;
+
+        public BaseTypeGrantRule(final EntityType type) {
+            this.type = type;
+            this.grants = new EnumMap<>(UserRole.class);
+            for (final UserRole role : UserRole.values()) {
+                this.grants.put(role,
+                        AuthorizationGrantService.this.grants.get(new RoleTypeKey(type, role)));
+            }
+        }
+
+        @Override
+        public EntityType entityType() {
+            return this.type;
+        }
+
+        @Override
+        public boolean hasGrant(final GrantEntity entity, final SEBServerUser user, final GrantType grantType) {
+            for (final UserRole role : user.getUserRoles()) {
+                final RoleTypeGrant roleTypeGrant = this.grants.get(role);
+                if (roleTypeGrant != null && roleTypeGrant.hasPrivilege(user, entity, grantType)) {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+    }
+
+    /** Implements a GrantRuleBuilder for internal use and to make the code more readable.
+     * See init (PostConstruct) */
     private final class GrantRuleBuilder {
         private final EntityType entityType;
         private UserRole userRole;
@@ -203,38 +291,4 @@ public class AuthorizationGrantService {
         }
     }
 
-    private final class BaseTypeGrantRule implements AuthorizationGrantRule {
-
-        private final EntityType type;
-        private final Map<UserRole, RoleTypeGrant> grants;
-
-        public BaseTypeGrantRule(final EntityType type) {
-            this.type = type;
-            this.grants = new EnumMap<>(UserRole.class);
-            for (final UserRole role : UserRole.values()) {
-                this.grants.put(role,
-                        AuthorizationGrantService.this.grants.get(new RoleTypeKey(type, role)));
-            }
-        }
-
-        @Override
-        public EntityType entityType() {
-            return this.type;
-        }
-
-        @Override
-        public boolean hasGrant(final GrantEntity entity, final SEBServerUser user, final GrantType grantType) {
-            for (final UserRole role : user.getUserRoles()) {
-                final RoleTypeGrant roleTypeGrant = this.grants.get(role);
-                if (roleTypeGrant != null) {
-                    if (roleTypeGrant.hasPrivilege(user, entity, grantType)) {
-                        return true;
-                    }
-                }
-            }
-
-            return false;
-        }
-    }
-
 }

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/CurrentUserService.java

@@ -23,6 +23,7 @@ import org.springframework.stereotype.Service;
 
 import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
 
+/** A service to get the authenticated user from current request */
 @Lazy
 @Service
 @WebServiceProfile

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/Privilege.java

@@ -1,76 +0,0 @@
-/*
- * Copyright (c) 2018 ETH Zürich, Educational Development and Technology (LET)
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- */
-
-package ch.ethz.seb.sebserver.webservice.servicelayer.authorization;
-
-/** A privilege consisting of a overall grant type, a institutional grant type and a owner grant type.
- *
- * The overallGrantType defines the grant type independent of an institutional relation as well as an owner
- * relation. The institutionalGrantType defines the grant type specific to the institutional relation of an entity.
- * And the ownerGrantType defines the grant type specific to the ownership of an entity
- *
- * For example with a privilege of:
- * overallGrantType = READ_ONLY
- * institutionalGrantType = MODIFY
- * ownerGrantType = WRITE
- *
- * A user with such a privilege is granted to see all type of specified entities independent of institutional relation
- * or ownership, is able to modify all type of specified entities within its own institution and is able to create or
- * delete owned entities. */
-public final class Privilege {
-
-    public final GrantType overallGrantType;
-    public final GrantType institutionalGrantType;
-    public final GrantType ownerGrantType;
-
-    public Privilege(
-            final GrantType overallGrantType,
-            final GrantType institutionalGrantType,
-            final GrantType ownerGrantType) {
-
-        this.overallGrantType = overallGrantType;
-        this.institutionalGrantType = institutionalGrantType;
-        this.ownerGrantType = ownerGrantType;
-    }
-
-    @Override
-    public int hashCode() {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((this.institutionalGrantType == null) ? 0 : this.institutionalGrantType.hashCode());
-        result = prime * result + ((this.overallGrantType == null) ? 0 : this.overallGrantType.hashCode());
-        result = prime * result + ((this.ownerGrantType == null) ? 0 : this.ownerGrantType.hashCode());
-        return result;
-    }
-
-    @Override
-    public boolean equals(final Object obj) {
-        if (this == obj)
-            return true;
-        if (obj == null)
-            return false;
-        if (getClass() != obj.getClass())
-            return false;
-        final Privilege other = (Privilege) obj;
-        if (this.institutionalGrantType != other.institutionalGrantType)
-            return false;
-        if (this.overallGrantType != other.overallGrantType)
-            return false;
-        if (this.ownerGrantType != other.ownerGrantType)
-            return false;
-        return true;
-    }
-
-    @Override
-    public String toString() {
-        return "Privilege [overallGrantType=" + this.overallGrantType + ", institutionalGrantType="
-                + this.institutionalGrantType
-                + ", ownerGrantType=" + this.ownerGrantType + "]";
-    }
-
-}

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/RoleTypeGrant.java

@@ -11,26 +11,42 @@ package ch.ethz.seb.sebserver.webservice.servicelayer.authorization;
 import ch.ethz.seb.sebserver.gbl.model.EntityType;
 import ch.ethz.seb.sebserver.gbl.model.user.UserRole;
 
+/** Defines a grant for a specified role and entity-type. */
 public final class RoleTypeGrant {
 
+    /** Defines a RoleTypeKey that is the combined identity of
+     * a UserRole and a EntityType the RoleTypeGrant is applying for */
     public final RoleTypeKey roleTypeKey;
+    /** Defines a base-privilege grant type that defines the overall access for entity-type */
     public final GrantType basePrivilege;
+    /** Defines an institutional grant type that defines the institutional restricted access for a
+     * entity-instance */
     public final GrantType institutionalPrivilege;
-    public final GrantType ownerPrivilege;
+    /** Defines an ownership grant type that defines the ownership restricted access for a entity-instance */
+    public final GrantType ownershipPrivilege;
 
     public RoleTypeGrant(
             final GrantType basePrivilege,
             final GrantType institutionalPrivilege,
-            final GrantType ownerPrivilege,
+            final GrantType ownershipPrivilege,
             final EntityType type,
             final UserRole role) {
 
         this.roleTypeKey = new RoleTypeKey(type, role);
         this.basePrivilege = basePrivilege;
         this.institutionalPrivilege = institutionalPrivilege;
-        this.ownerPrivilege = ownerPrivilege;
+        this.ownershipPrivilege = ownershipPrivilege;
     }
 
+    /** Checks if a given user has specified grant type for a given entity-instance.
+     * Checks all privileges in the order of: basePrivilege, institutionalPrivilege and ownershipPrivilege
+     *
+     *
+     * @param user SEBServerUser instance to check institutional grant
+     * @param entity entity-instance to check institutional grant
+     * @param grantType the GrantType to check on all privileges if one matches
+     * @return true if one privilege of this RoleTypeGrant matches the implicit grant type check for a given user and
+     *         entity instance */
     public boolean hasPrivilege(
             final SEBServerUser user,
             final GrantEntity entity,
@@ -38,13 +54,35 @@ public final class RoleTypeGrant {
 
         return hasBasePrivilege(grantType) ||
                 hasInstitutionalPrivilege(user, entity, grantType) ||
-                hasOwnerPrivilege(user, entity, grantType);
+                hasOwnershipPrivilege(user, entity, grantType);
     }
 
+    /** Checks the base privilege on given grantType by using the hasImplicit
+     * function of this basePrivilege.
+     *
+     * Implicit in this case means: if the basePrivilege is of type GrantType.WRITE,
+     * GrantType.MODIFY and GrantType.READ_ONLY are implicitly included.
+     * If the basePrivilege is of type GrantType.MODIFY, the GrantType.READ_ONLY are implicitly included
+     * and so on.
+     *
+     * @param grantType the GrantType to check on basePrivilege
+     * @return true if the basePrivilege includes the given grantType */
     public boolean hasBasePrivilege(final GrantType grantType) {
         return this.basePrivilege.hasImplicit(grantType);
     }
 
+    /** Checks the institutional privilege on given grantType by using the hasImplicit
+     * function of this institutionalPrivilege.
+     *
+     * Implicit in this case means: if the institutionalPrivilege is of type GrantType.WRITE,
+     * GrantType.MODIFY and GrantType.READ_ONLY are implicitly included.
+     * If the institutionalPrivilege is of type GrantType.MODIFY, the GrantType.READ_ONLY are implicitly included
+     * and so on.
+     *
+     * @param grantType the GrantType to check on institutionalPrivilege
+     * @param user SEBServerUser instance to check institutional grant
+     * @param entity entity-instance to check institutional grant
+     * @return true if the institutionalPrivilege includes the given grantType */
     public boolean hasInstitutionalPrivilege(
             final SEBServerUser user,
             final GrantEntity entity,
@@ -54,15 +92,61 @@ public final class RoleTypeGrant {
                 user.institutionId().longValue() == entity.institutionId().longValue();
     }
 
-    public boolean hasOwnerPrivilege(
+    /** Checks the ownership privilege on given grantType by using the hasImplicit
+     * function of this ownershipPrivilege.
+     *
+     * Implicit in this case means: if the ownershipPrivilege is of type GrantType.WRITE,
+     * GrantType.MODIFY and GrantType.READ_ONLY are implicitly included.
+     * If the ownershipPrivilege is of type GrantType.MODIFY, the GrantType.READ_ONLY are implicitly included
+     * and so on.
+     *
+     * @param grantType the GrantType to check on ownershipPrivilege
+     * @param user SEBServerUser instance to check ownership grant
+     * @param entity entity-instance to check ownership grant
+     * @return true if the ownershipPrivilege includes the given grantType */
+    public boolean hasOwnershipPrivilege(
             final SEBServerUser user,
             final GrantEntity entity,
             final GrantType grantType) {
 
-        return this.ownerPrivilege.hasImplicit(grantType) &&
+        return this.ownershipPrivilege.hasImplicit(grantType) &&
                 user.uuid().equals(entity.ownerUUID());
     }
 
+    @Override
+    public int hashCode() {
+        final int prime = 31;
+        int result = 1;
+        result = prime * result + ((this.roleTypeKey == null) ? 0 : this.roleTypeKey.hashCode());
+        return result;
+    }
+
+    @Override
+    public boolean equals(final Object obj) {
+        if (this == obj)
+            return true;
+        if (obj == null)
+            return false;
+        if (getClass() != obj.getClass())
+            return false;
+        final RoleTypeGrant other = (RoleTypeGrant) obj;
+        if (this.roleTypeKey == null) {
+            if (other.roleTypeKey != null)
+                return false;
+        } else if (!this.roleTypeKey.equals(other.roleTypeKey))
+            return false;
+        return true;
+    }
+
+    @Override
+    public String toString() {
+        return "RoleTypeGrant [roleTypeKey=" + this.roleTypeKey + ", basePrivilege=" + this.basePrivilege
+                + ", institutionalPrivilege=" + this.institutionalPrivilege + ", ownershipPrivilege="
+                + this.ownershipPrivilege
+                + "]";
+    }
+
+    /** A key that combines UserRole EntityType identity */
     static final class RoleTypeKey {
 
         public final EntityType entityType;
@@ -97,6 +181,11 @@ public final class RoleTypeGrant {
                 return false;
             return true;
         }
+
+        @Override
+        public String toString() {
+            return "RoleTypeKey [entityType=" + this.entityType + ", userRole=" + this.userRole + "]";
+        }
     }
 
 }

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/SEBServerUser.java

@@ -66,7 +66,7 @@ public final class SEBServerUser implements UserDetails, CredentialsContainer {
 
     @Override
     public String getUsername() {
-        return this.userInfo.username;
+        return this.userInfo.userName;
     }
 
     @Override

src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/UserDaoImpl.java

@@ -8,8 +8,7 @@
 
 package ch.ethz.seb.sebserver.webservice.servicelayer.dao.impl;
 
-import static org.mybatis.dynamic.sql.SqlBuilder.isEqualTo;
+import static org.mybatis.dynamic.sql.SqlBuilder.*;
-import static org.mybatis.dynamic.sql.SqlBuilder.isNotEqualTo;
 
 import java.util.Collection;
 import java.util.Collections;
@@ -106,13 +105,7 @@ public class UserDaoImpl implements UserDAO {
                     .build()
                     .execute();
 
-            if (records == null) {
+            return fromRecords(records);
-                return Result.of(Collections.emptyList());
-            }
-
-            return Result.of(records.stream()
-                    .map(record -> UserInfo.fromRecord(record, getRoles(record)))
-                    .collect(Collectors.toList()));
 
         } catch (final Exception e) {
             final String errorMessage = "Unexpected error while trying to get all active users: ";
@@ -150,8 +143,25 @@ public class UserDaoImpl implements UserDAO {
     @Override
     @Transactional(readOnly = true)
     public Result<Collection<UserInfo>> all(final UserFilter filter) {
-        // TODO Auto-generated method stub
+        try {
-        return null;
+
+            final List<UserRecord> records = this.userRecordMapper.selectByExample().where(
+                    UserRecordDynamicSqlSupport.active,
+                    isNotEqualTo(BooleanUtils.toInteger(filter.active)))
+                    .and(UserRecordDynamicSqlSupport.institutionId, isEqualToWhenPresent(filter.institutionId))
+                    .and(UserRecordDynamicSqlSupport.name, isLikeWhenPresent(filter.name))
+                    .and(UserRecordDynamicSqlSupport.userName, isLikeWhenPresent(filter.userName))
+                    .and(UserRecordDynamicSqlSupport.locale, isLikeWhenPresent(filter.locale))
+                    .build()
+                    .execute();
+
+            return fromRecords(records);
+
+        } catch (final Exception e) {
+            final String errorMessage = "Unexpected error while trying to get fitered users: ";
+            log.error(errorMessage + " filter: {}", filter, e);
+            return Result.ofRuntimeError(errorMessage);
+        }
     }
 
     @Override
@@ -184,6 +194,16 @@ public class UserDaoImpl implements UserDAO {
         return Result.ofError(new RuntimeException("TODO"));
     }
 
+    private Result<Collection<UserInfo>> fromRecords(final List<UserRecord> records) {
+        if (records == null) {
+            return Result.of(Collections.emptyList());
+        }
+
+        return Result.of(records.stream()
+                .map(record -> UserInfo.fromRecord(record, getRoles(record)))
+                .collect(Collectors.toList()));
+    }
+
     private Result<UserInfo> updateUser(final UserMod userMod) {
         final UserInfo userInfo = userMod.getUserInfo();
         return recordByUUID(userInfo.uuid)
@@ -202,7 +222,7 @@ public class UserDaoImpl implements UserDAO {
                             null,
                             null,
                             userInfo.name,
-                            userInfo.username,
+                            userInfo.userName,
                             (changePWD) ? userMod.getNewPassword() : null,
                             userInfo.email,
                             userInfo.locale.toLanguageTag(),
@@ -231,7 +251,7 @@ public class UserDaoImpl implements UserDAO {
                 userInfo.institutionId,
                 UUID.randomUUID().toString(),
                 userInfo.name,
-                userInfo.username,
+                userInfo.userName,
                 userMod.getNewPassword(),
                 userInfo.email,
                 userInfo.locale.toLanguageTag(),

src/test/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationGrantServiceTest.java

@@ -32,6 +32,7 @@ public class AuthorizationGrantServiceTest {
     private Principal principal;
 
     @Test
+    @SuppressWarnings("unused")
     public void testInit() {
         try {
             final AuthorizationGrantService service = getTestServiceWithUserWithRoles();