@SuppressWarnings("unchecked") private Collection<? extends MemberGroup> filterMemberGroups(final Predicate predicate, Collection<? extends Group> groups) { Predicate predicateToApply = predicate; if (groups == null) { // search for not removed member and broker groups final GroupQuery query = new GroupQuery(); query.setStatus(Group.Status.NORMAL); query.setNatures(Group.Nature.MEMBER, Group.Nature.BROKER); groups = groupService.search(query); } else if (groups.isEmpty()) { // if the group list is empty then return the same (empty) list return (Collection<? extends MemberGroup>) groups; } else { // it creates a predicate to filter not removed member and broker groups final Predicate memberGroupPredicate = new Predicate() { @Override public boolean evaluate(final Object object) { final Group grp = (Group) object; return Group.Status.NORMAL == grp.getStatus() && (Group.Nature.MEMBER == grp.getNature() || Group.Nature.BROKER == grp.getNature()); } }; predicateToApply = predicate == null ? memberGroupPredicate : new AndPredicate(memberGroupPredicate, predicate); } CollectionUtils.filter(groups, predicateToApply); return (Collection<? extends MemberGroup>) groups; }
/** * Checks that historic criteria are added to search */ @Test public void modifySearchBean() { Map<String, Object> params = new HashMap<String, Object>(); params.put(PersistableEntity.APPLICATION_TYPE, Foo.TYPE); SearchBean bean = modifier.doModify(searchbean, params); Collection<SearchCriterion> searchCriteria = bean.getCriteria(); assertEquals(3, searchCriteria.size()); // Expect three criterion added implicitly assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new InstanceofPredicate(InSearchCriterion.class), new AndPredicate(new BeanPropertyValueEqualsPredicate("name", "token.domainObjectType"), new AndPredicate(new BeanPropertyValueEqualsPredicate("value", Collections.singleton(Foo.TYPE)), new BeanPropertyValueEqualsPredicate("rootAlias", SearchCriterionMarshaller.HISTORY_ALIAS)))))); assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new InstanceofPredicate(JoinCriterion.class), new AndPredicate(new BeanPropertyValueEqualsPredicate("lhs", "id"), new BeanPropertyValueEqualsPredicate("rhs", "token.domainObjectId"))))); assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new BeanPropertyValueEqualsPredicate("rootAlias", SearchCriterionMarshaller.HISTORY_ALIAS), new AndPredicate(new BeanPropertyValueEqualsPredicate(NAME_ALIAS, ID_PROPERTY), new BeanPropertyValueEqualsPredicate("subSelect", "select max(hr.id) from HistoryRecord hr where hr.token.domainObjectId = foo.id and hr.token.domainObjectType = 'Foo'"))))); }
/** * Checks that historic criteria are added to search */ @Test public void modifySearchBean() { Map<String, Object> params = new HashMap<String, Object>(); params.put(PersistableEntity.APPLICATION_TYPE, EntityDescriptor.class.getSimpleName()); SearchBean bean = modifier.doModify(searchbean, params); Collection<SearchCriterion> searchCriteria = bean.getCriteria(); assertEquals(3, searchCriteria.size()); // Expect three criterion added implicitly, subjectAlias assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new InstanceofPredicate(JoinCriterion.class), new AndPredicate(new BeanPropertyValueEqualsPredicate("lhs", EntityDescriptor.APPLICATION_TYPE_PROP), new BeanPropertyValueEqualsPredicate("rhs", "token.domainObjectType"))))); assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new InstanceofPredicate(JoinCriterion.class), new AndPredicate(new BeanPropertyValueEqualsPredicate("lhs", "id"), new BeanPropertyValueEqualsPredicate("rhs", "token.domainObjectId"))))); assertNotNull(CollectionUtils.find(searchCriteria, new AndPredicate(new BeanPropertyValueEqualsPredicate("rootAlias", SearchCriterionMarshaller.HISTORY_ALIAS), new AndPredicate(new BeanPropertyValueEqualsPredicate(NAME_ALIAS, ID_PROPERTY), new BeanPropertyValueEqualsPredicate("subSelect", "select max(hr.id) from HistoryRecord hr where hr.token.domainObjectId = foo.id and hr.token.domainObjectType = " + NameUtils.concat(ALIAS, EntityDescriptor.APPLICATION_TYPE_PROP)))))); }
@Test public void testOwnerPermissions() throws Exception { CaArrayUsernameHolder.setUser(STANDARD_USER); Transaction tx = this.hibernateHelper.beginTransaction(); saveSupportingObjects(); daoObject.save(DUMMY_PROJECT_1); tx.commit(); tx = this.hibernateHelper.beginTransaction(); Project p = searchDao.retrieve(Project.class, DUMMY_PROJECT_1.getId()); assertTrue(SecurityUtils.isOwner(p, CaArrayUsernameHolder.getCsmUser())); assertTrue(SecurityUtils.canWrite(DUMMY_SOURCE, CaArrayUsernameHolder.getCsmUser())); assertNotNull(p.getPublicProfile()); assertEquals(2, p.getFiles().size()); assertNotNull(searchDao.retrieve(CaArrayFile.class, DUMMY_FILE_1.getId())); assertNotNull(searchDao.retrieve(CaArrayFile.class, DUMMY_FILE_2.getId())); assertNotNull(searchDao.retrieve(CaArrayFile.class, DUMMY_DATA_FILE.getId())); List<UserGroupRoleProtectionGroup> list = SecurityUtils.getUserGroupRoleProtectionGroups(p); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.READ_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.WRITE_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.PERMISSIONS_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.BROWSE_ROLE)))); assertTrue(SecurityUtils.canRead(p, CaArrayUsernameHolder.getCsmUser())); assertTrue(SecurityUtils.canWrite(p, CaArrayUsernameHolder.getCsmUser())); assertTrue(SecurityUtils.canFullRead(p, CaArrayUsernameHolder.getCsmUser())); assertTrue(SecurityUtils.canFullWrite(p, CaArrayUsernameHolder.getCsmUser())); assertTrue(SecurityUtils.canModifyPermissions(p, CaArrayUsernameHolder.getCsmUser())); }
@Test public void testInitialProjectPermissions() { // create project Transaction tx = this.hibernateHelper.beginTransaction(); saveSupportingObjects(); this.hibernateHelper.getCurrentSession().save(DUMMY_PROJECT_1); this.hibernateHelper.getCurrentSession().save(DUMMY_ASSAYTYPE_1); this.hibernateHelper.getCurrentSession().save(DUMMY_ASSAYTYPE_2); tx.commit(); // check initial settings.. drafts should be not visible tx = this.hibernateHelper.beginTransaction(); final Project p = searchDao.retrieve(Project.class, DUMMY_PROJECT_1.getId()); List<UserGroupRoleProtectionGroup> list = SecurityUtils.getUserGroupRoleProtectionGroups(p); assertEquals(8, list.size()); // expect the user-only ones only assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.READ_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.WRITE_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.PERMISSIONS_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.BROWSE_ROLE)))); p.getPublicProfile().setSecurityLevel(SecurityLevel.VISIBLE); tx.commit(); // check that after changing to visible, the role is reflected. tx = this.hibernateHelper.beginTransaction(); list = SecurityUtils.getUserGroupRoleProtectionGroups(p); assertEquals(9, list.size()); // expect the user-only ones and the anonymous access one assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.READ_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.WRITE_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.PERMISSIONS_ROLE)))); assertTrue(CollectionUtils.exists(list, new AndPredicate(new IsGroupPredicate(), new HasRolePredicate( SecurityUtils.BROWSE_ROLE)))); tx.commit(); }
void visit(AndPredicate p) { for (int i = 0; i < p.getPredicates().length; i++) { doVisit(p.getPredicates()[i]); } }
