Add a convenient way of constructing the operation and retrieving it.

README.adoc

@@ -129,24 +129,33 @@ can be used as a `@Singleton @Startup` EJB, with the setup on a `@PostConstruct`
 operationService
         .setup("organization-create")
         .add("Monitor") // means: all roles
-        .commit()
+        .persist()
 
         .setup("organization-read")
         .add("Maintainer")
-        .commit()
+        .persist()
 
         .setup("organization-delete")
         .add("SuperUser")
-        .commit()
+        .persist()
 
         .setup("organization-update")
         .add("Maintainer")
-        .commit();
+        .persist();
 ----
 
-Hawkular Accounts ships with the same roles as Wildfly and with the same rules (ie: SuperUser will be given permission
-to perform operations marked as allowed for "user with at least Monitor role"). So, adding the role "Monitor" during
-the setup will automatically add all other roles to it.
+Or, if you need to hold on to the operations that have been created in @PostConstruct, you can replace `persist()` with
+`make()`. E.g.:
+
+[source,java]
+----
+   createOperation = operationService.setup("organization-create").add("Monitor").make();
+   updateOperation = operationService.setup("organization-update").add("Administrator").make();
+----
+
+Hawkular Accounts ships with the https://docs.jboss.org/author/display/WFLY9/RBAC[same roles] as Wildfly and with the
+same rules (ie: SuperUser will be given permission to perform operations marked as allowed for "user with at least
+Monitor role"). So, adding the role "Monitor" during the setup will automatically add all other roles to it.
 
 Note as well that if the set of roles for a given operation has not changed from what we currently have in the
 database, nothing is performed.

accounts/src/main/java/org/hawkular/accounts/backend/control/SetupHawkularAccountsImpl.java

@@ -92,19 +92,19 @@ public void setup() {
         operationService
                 .setup("organization-create")
                 .add("Monitor") // means: all roles
-                .commit()
+                .persist()
 
                 .setup("organization-read")
                 .add("Maintainer")
-                .commit()
+                .persist()
 
                 .setup("organization-delete")
                 .add("SuperUser")
-                .commit()
+                .persist()
 
                 .setup("organization-update")
                 .add("Maintainer")
-                .commit();
+                .persist();
 
         logger.infoFinishedSetupAccounts();
     }

api/src/main/java/org/hawkular/accounts/api/OperationService.java

@@ -63,7 +63,7 @@ public interface OperationService {
      * Convenience builder-style interface for setting up operations with the required roles. When adding roles, all
      * implicit roles are also included. For instance, if a system has two roles, "SuperUser" and "Monitor", and
      * "SuperUser" includes all permissions from "Monitor", then adding "SuperUser" will also add "Monitor".
-     * Note that changes are effective only when the {@link #commit()} is called.
+     * Note that changes are effective only when the {@link #persist()} is called.
      * <p>
      * The following example could be used for setting up four operations:
      *     <pre>
@@ -151,7 +151,15 @@ interface Setup {
          *
          * @return the Operation related to this setup
          */
-        OperationService commit();
+        OperationService persist();
+
+        /**
+         * Instructs the builder that the setup has finished. The changes are applied and the resulting operation is
+         * returned.
+         *
+         * @return either the provided operation or a newly created one.
+         */
+        Operation make();
     }
 
     /**

api/src/main/java/org/hawkular/accounts/api/internal/impl/OperationServiceImpl.java

@@ -162,7 +162,18 @@ public OperationService.Setup clear() {
         }
 
         @Override
-        public OperationService commit() {
+        public OperationService persist() {
+            doPersist();
+            return OperationServiceImpl.this;
+        }
+
+        @Override
+        public Operation make() {
+            doPersist();
+            return operation;
+        }
+
+        private void doPersist() {
             if (rolesHaveChanged) {
                 // here, we have two options: first is to do a bulk delete, based on the operation
                 // something like: DELETE FROM Permission p where p.operation = operation
@@ -174,7 +185,6 @@ public OperationService commit() {
                 permissions.forEach(em::remove);
                 roles.forEach(role -> em.persist(new Permission(operation, role)));
             }
-            return OperationServiceImpl.this;
         }
     }
 }

api/src/test/java/org/hawkular/accounts/api/internal/impl/OperationServiceImplTest.java

@@ -84,7 +84,7 @@ public void testBasicSetupWithImplicitRoles() {
         operationService
                 .setup(operation)
                 .add(monitor)
-                .commit();
+                .persist();
         entityManager.getTransaction().commit();
 
         Set<Role> roles = permissionService.getPermittedRoles(operation);
@@ -108,13 +108,26 @@ public void testBasicSetupWithBasicRole() {
         operationService
                 .setup(operation)
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.getTransaction().commit();
 
         Set<Role> roles = permissionService.getPermittedRoles(operation);
         assertEquals("Operation should be permitted only for super persona", 1, roles.size());
     }
 
+    @Test
+    public void testSetupAndRetrieveWithBasicRoles() {
+        entityManager.getTransaction().begin();
+        Operation operation = operationService
+                .setup("foo-create")
+                .add("SuperUser")
+                .make();
+        entityManager.getTransaction().commit();
+
+        Set<Role> roles = permissionService.getPermittedRoles(operation);
+        assertEquals("Operation should be permitted only for super user", 1, roles.size());
+    }
+
     @Test
     public void clearShouldClearPreviousAdds() {
         Operation operation = new Operation("foo-create");
@@ -135,7 +148,7 @@ public void clearShouldClearPreviousAdds() {
                 .add(auditor)
                 .clear()
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.getTransaction().commit();
 
         Set<Role> roles = permissionService.getPermittedRoles(operation);
@@ -157,7 +170,7 @@ public void ensureNoopWhenRolesDontChange() {
         operationService
                 .setup(operation)
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.getTransaction().commit();
 
         Set<Permission> permissions = permissionService.getPermissionsForOperation(operation);
@@ -168,7 +181,7 @@ public void ensureNoopWhenRolesDontChange() {
         operationService
                 .setup(operation)
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.getTransaction().commit();
 
         Set<Permission> permissionsAfter = permissionService.getPermissionsForOperation(operation);
@@ -193,7 +206,7 @@ public void ensureClearingResetsStateOfRoles() {
         operationService
                 .setup(operation)
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.flush();
         entityManager.getTransaction().commit();
 
@@ -206,7 +219,7 @@ public void ensureClearingResetsStateOfRoles() {
                 .setup(operation)
                 .clear()
                 .add(superUser)
-                .commit();
+                .persist();
         entityManager.flush();
         entityManager.getTransaction().commit();