Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: Extract ObjectAccess and Administrative permissions into Permission model in admin slice #3152

Merged
merged 18 commits into from
Apr 2, 2024
Merged

refactor: Extract ObjectAccess and Administrative permissions into Permission model in admin slice #3152

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
098b851
Extract ObjectAccessPermission to admin slice
seakayone Mar 27, 2024
0aef982
Replace EntityPermission with ObjectAccessPermission
seakayone Mar 27, 2024
5e89dec
header fmt
seakayone Mar 27, 2024
4c340b3
Inline methods for specific PermissionADM from ObjectAccessPermissions
seakayone Mar 27, 2024
10f0b45
fix assertion
seakayone Mar 27, 2024
062b369
remove unused code
seakayone Mar 27, 2024
965651f
Extract AdministrativePermission to admin slice
seakayone Mar 28, 2024
02c1747
Remove unused code
seakayone Mar 28, 2024
172bd67
filename
seakayone Mar 28, 2024
5b60947
Make ObjectAccess and Administrative permissions extend common trait
seakayone Mar 28, 2024
281dbac
Inline PermissionsMessagesUtilADM.scala
seakayone Mar 28, 2024
8f96c2a
Make PermissionIri extend StringValue
seakayone Mar 28, 2024
9b6ecbd
revert toString values for PermissionType
seakayone Mar 28, 2024
5e04b82
revert scaladoc values for AdministrativePermission
seakayone Mar 28, 2024
2d08e9b
fmt
seakayone Mar 28, 2024
b6c4013
Update webapi/src/main/scala/org/knora/webapi/responders/admin/Permis…
seakayone Mar 28, 2024
c1abc87
Merge branch 'main' into refactor/permissions
seakayone Apr 2, 2024
6454b6d
Merge branch 'main' into refactor/permissions
seakayone Apr 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
57 changes: 31 additions & 26 deletions ...nora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala
View file
Open in desktop
Expand Up @@ -13,15 +13,13 @@ import dsp.errors.BadRequestException
import dsp.errors.ForbiddenException
import org.knora.webapi.CoreSpec
import org.knora.webapi.messages.OntologyConstants
import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations
import org.knora.webapi.messages.OntologyConstants.KnoraBase.EntityPermissionAbbreviations
import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsMessagesUtilADM.PermissionTypeAndCodes
import org.knora.webapi.responders.admin.PermissionsResponderADM
import org.knora.webapi.routing.UnsafeZioRun
import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._
import org.knora.webapi.sharedtestdata.SharedTestDataADM2._
import org.knora.webapi.sharedtestdata._
import org.knora.webapi.slice.admin.api.service.PermissionsRestService
import org.knora.webapi.slice.admin.domain.model.Permission
import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA

/**
Expand Down Expand Up @@ -74,7 +72,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateAdministrativePermissionAPIRequestADM(
forProject = "invalid-project-IRI",
forGroup = OntologyConstants.KnoraAdmin.ProjectMember,
hasPermissions = Set(PermissionADM.ProjectAdminAllPermission),
hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)),
),
SharedTestDataADM.imagesUser01,
),
Expand All @@ -89,7 +87,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateAdministrativePermissionAPIRequestADM(
forProject = SharedTestDataADM.imagesProjectIri,
forGroup = groupIri,
hasPermissions = Set(PermissionADM.ProjectAdminAllPermission),
hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)),
),
SharedTestDataADM.imagesUser01,
),
Expand All @@ -105,7 +103,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
id = Some(permissionIri),
forProject = SharedTestDataADM.imagesProjectIri,
forGroup = OntologyConstants.KnoraAdmin.ProjectMember,
hasPermissions = Set(PermissionADM.ProjectAdminAllPermission),
hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)),
),
SharedTestDataADM.imagesUser01,
),
Expand Down Expand Up @@ -135,7 +133,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
assertFailsWithA[BadRequestException](
exit,
s"Invalid value for name parameter of hasPermissions: $invalidName, it should be one of " +
s"${AdministrativePermissionAbbreviations.toString}",
s"${Permission.Administrative.allTokens.mkString(", ")}",
)
}

Expand All @@ -159,7 +157,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateAdministrativePermissionAPIRequestADM(
forProject = SharedTestDataADM.imagesProjectIri,
forGroup = OntologyConstants.KnoraAdmin.ProjectMember,
hasPermissions = Set(PermissionADM.ProjectAdminAllPermission),
hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)),
),
SharedTestDataADM.imagesReviewerUser,
),
Expand Down Expand Up @@ -422,7 +420,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = forProject,
forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.imagesUser01,
),
Expand All @@ -437,7 +436,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = SharedTestDataADM.imagesProjectIri,
forGroup = Some(groupIri),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.imagesUser01,
),
Expand All @@ -453,7 +453,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
id = Some(permissionIri),
forProject = SharedTestDataADM.imagesProjectIri,
forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.imagesUser01,
),
Expand Down Expand Up @@ -488,15 +489,15 @@ class PermissionsMessagesADMSpec extends CoreSpec {
assertFailsWithA[BadRequestException](
exit,
"Invalid value for name parameter of hasPermissions: invalid, it should be one of " +
s"${EntityPermissionAbbreviations.toString}",
s"${Permission.ObjectAccess.allTokens.mkString(", ")}",
)
}

"not create a DefaultObjectAccessPermission for project and property if hasPermissions set contained permission with invalid code" in {
val invalidCode = 10
val hasPermissions = Set(
PermissionADM(
name = OntologyConstants.KnoraBase.ChangeRightsPermission,
name = Permission.ObjectAccess.ChangeRights.token,
additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator),
permissionCode = Some(invalidCode),
),
Expand All @@ -507,26 +508,24 @@ class PermissionsMessagesADMSpec extends CoreSpec {
assertFailsWithA[BadRequestException](
exit,
s"Invalid value for permissionCode parameter of hasPermissions: $invalidCode, it should be one of " +
s"${PermissionTypeAndCodes.values.toString}",
s"${Permission.ObjectAccess.allCodes.mkString(", ")}",
)
}

"not create a DefaultObjectAccessPermission for project and property if hasPermissions set contained permission with inconsistent code and name" in {
val code = 2
val name = OntologyConstants.KnoraBase.ChangeRightsPermission
val hasPermissions = Set(
PermissionADM(
name = name,
name = Permission.ObjectAccess.ChangeRights.token,
additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator),
permissionCode = Some(code),
permissionCode = Some(Permission.ObjectAccess.View.code),
),
)

val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
s"Given permission code $code and permission name $name are not consistent.",
s"Given permission code 2 and permission name CR are not consistent.",
)
}

Expand All @@ -552,7 +551,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {

val hasPermissions = Set(
PermissionADM(
name = OntologyConstants.KnoraBase.ChangeRightsPermission,
name = Permission.ObjectAccess.ChangeRights.token,
additionalInformation = None,
permissionCode = Some(8),
),
Expand All @@ -571,7 +570,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = SharedTestDataADM.anythingProjectIri,
forGroup = Some(SharedTestDataADM.thingSearcherGroup.id),
hasPermissions = Set(PermissionADM.restrictedViewPermission(SharedTestDataADM.thingSearcherGroup.id)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.RestrictedView, SharedTestDataADM.thingSearcherGroup.id)),
),
SharedTestDataADM.anythingUser2,
),
Expand All @@ -589,7 +589,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
forProject = anythingProjectIri,
forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember),
forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.rootUser,
),
Expand All @@ -604,7 +605,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
forProject = anythingProjectIri,
forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember),
forProperty = Some(ANYTHING_HasDate_PROPERTY_LocalHost),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.rootUser,
),
Expand All @@ -618,7 +620,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = anythingProjectIri,
forProperty = Some(SharedTestDataADM.customValueIRI),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.rootUser,
),
Expand All @@ -632,7 +635,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = anythingProjectIri,
forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost),
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.rootUser,
),
Expand All @@ -648,7 +652,8 @@ class PermissionsMessagesADMSpec extends CoreSpec {
PermissionsRestService.createDefaultObjectAccessPermission(
CreateDefaultObjectAccessPermissionAPIRequestADM(
forProject = anythingProjectIri,
hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)),
hasPermissions =
Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)),
),
SharedTestDataADM.rootUser,
),
Expand Down