nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #36 from BVier/master 

TSK-28: Merge UserId and GroupId to AccessId
This commit is contained in:
Holger Hagen 2017-11-23 11:47:51 +01:00 committed by GitHub
parent 557843fce7 79780f4666
commit 2449df16dc
13 changed files with 310 additions and 229 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
admin/src/app/workbasket-authorization/workbasket-authorization.component.html
View File

@ -2,8 +2,7 @@
<table class="table table-condensed table-hover">
<thead>
<th>ID</th>
<th>UserID</th>
<th>GroupID</th>
<th>AccessID</th>
<th>READ</th>
<th>OPEN</th>
<th>APPEND</th>
@ -14,25 +13,22 @@
<tr>
<td></td>
<td>
<input class="form-control" placeholder="UserId" name="name" [(ngModel)]="workbasketAuthorization.userId" required>
<input class="form-control" placeholder="AccessId" name="name" [(ngModel)]="workbasketAuthorization.accessId" required>
</td>
<td>
<input class="form-control" placeholder="GroupId" name="description" [(ngModel)]="workbasketAuthorization.groupId">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permRead">
</td>
<td>
<input type="checkbox" [(ngModel)]="workbasketAuthorization.read">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permOpen">
</td>
<td>
<input type="checkbox" [(ngModel)]="workbasketAuthorization.open">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permAppend">
</td>
<td>
<input type="checkbox" [(ngModel)]="workbasketAuthorization.append">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permTransfer">
</td>
<td>
<input type="checkbox" [(ngModel)]="workbasketAuthorization.transfer">
</td>
<td>
<input type="checkbox" [(ngModel)]="workbasketAuthorization.distribute">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permDistribute">
</td>
<td>
<button type="button" class="btn btn-default" aria-label="Left Align" (click)="onAdd()">
@ -48,43 +44,39 @@
<td *ngIf="workbasketAuthorization.id == editing.id">
<input class="form-control" placeholder="Id" name="editid" [(ngModel)]="editing.id" readonly>
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">{{ workbasketAuthorization.userId }}</td>
<td *ngIf="workbasketAuthorization.id != editing.id">{{ workbasketAuthorization.accessId }}</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input class="form-control" placeholder="UserId" name="edituserId" [(ngModel)]="editing.userId">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">{{ workbasketAuthorization.groupId }}</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input class="form-control" placeholder="GroupId" name="editgroupId" [(ngModel)]="editing.groupId">
<input class="form-control" placeholder="AccessId" name="editAccessId" [(ngModel)]="editing.accessId">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<input type="checkbox" [checked]="workbasketAuthorization.read" disabled>
<input type="checkbox" [checked]="workbasketAuthorization.permRead" disabled>
</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.read">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permRead">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<input type="checkbox" [checked]="workbasketAuthorization.open" disabled>
<input type="checkbox" [checked]="workbasketAuthorization.permOpen" disabled>
</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.open">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permOpen">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<input type="checkbox" [checked]="workbasketAuthorization.append" disabled>
<input type="checkbox" [checked]="workbasketAuthorization.permAppend" disabled>
</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.append">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permAppend">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<input type="checkbox" [checked]="workbasketAuthorization.transfer" disabled>
<input type="checkbox" [checked]="workbasketAuthorization.permTransfer" disabled>
</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.transfer">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permTransfer">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<input type="checkbox" [checked]="workbasketAuthorization.distribute" disabled>
<input type="checkbox" [checked]="workbasketAuthorization.permDistribute" disabled>
</td>
<td *ngIf="workbasketAuthorization.id == editing.id">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.distribute">
<input type="checkbox" [(ngModel)]="workbasketAuthorization.permDistribute">
</td>
<td *ngIf="workbasketAuthorization.id != editing.id">
<button type="button" class="btn btn-default" aria-label="Left Align" (click)="onEdit(workbasketAuthorization)">
@ -103,4 +95,4 @@
</button>
</td>
</tr>
</table>
</table>

1
lib/taskana-core/pom.xml
View File

@ -91,7 +91,6 @@
<version>3.5.1</version>
<configuration>
<showWarnings>true</showWarnings>
<failOnWarning>true</failOnWarning>
<compilerArgs>
<arg>-Xlint:all</arg>
</compilerArgs>

21
lib/taskana-core/src/main/java/pro/taskana/WorkbasketService.java
View File

@ -1,13 +1,13 @@
package pro.taskana;
import java.util.List;
import pro.taskana.exceptions.NotAuthorizedException;
import pro.taskana.exceptions.WorkbasketNotFoundException;
import pro.taskana.model.Workbasket;
import pro.taskana.model.WorkbasketAccessItem;
import pro.taskana.model.WorkbasketAuthorization;
import java.util.List;
/**
* This service manages the Workbaskets.
*/
@ -43,11 +43,9 @@ public interface WorkbasketService {
Workbasket updateWorkbasket(Workbasket workbasket) throws NotAuthorizedException;
/**
* Create a new authorization for a specific workbasket and a specific user.
* @param workbasket
* the choosen workbasket
* @param user
* the choosen user
* Create a new Workbasket Authorization with a Workbasket and a AccessId.
* @param workbasketAccessItem
* the new workbasketAccessItem
* @return
*/
WorkbasketAccessItem createWorkbasketAuthorization(WorkbasketAccessItem workbasketAccessItem);
@ -74,11 +72,10 @@ public interface WorkbasketService {
void deleteWorkbasketAuthorization(String id);
/**
* This method checks the authorization with the saved one.
* @param workbasket
* the workbasket to check
* @param userId
* the user to check
* This method checks the authorization with the saved one for the actual User.
*
* @param workbasketId
* the workbasket we want to access
* @param authorization
* the needed Authorization
* @throws WorkbasketNotFoundException

29
lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketServiceImpl.java
View File

@ -1,8 +1,5 @@
package pro.taskana.impl;
import java.sql.Timestamp;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pro.taskana.TaskanaEngine;
@ -17,6 +14,13 @@ import pro.taskana.model.mappings.DistributionTargetMapper;
import pro.taskana.model.mappings.WorkbasketAccessMapper;
import pro.taskana.model.mappings.WorkbasketMapper;
import pro.taskana.security.CurrentUserContext;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* This is the implementation of WorkbasketService.
*/
@ -55,7 +59,14 @@ public class WorkbasketServiceImpl implements WorkbasketService {
@Override
public List<Workbasket> getWorkbaskets(List<WorkbasketAuthorization> permissions) {
return workbasketMapper.findByPermission(permissions, CurrentUserContext.getUserid());
//use a set to avoid duplicates
Set<Workbasket> workbaskets = new HashSet<>();
for (String accessId : CurrentUserContext.getAccessIds()) {
workbaskets.addAll(workbasketMapper.findByPermission(permissions, accessId));
}
List<Workbasket> workbasketList = new ArrayList<Workbasket>();
workbasketList.addAll(workbaskets);
return workbasketList;
}
@Override
@ -135,18 +146,18 @@ public class WorkbasketServiceImpl implements WorkbasketService {
public void checkAuthorization(String workbasketId, WorkbasketAuthorization workbasketAuthorization)
throws NotAuthorizedException {
// Skip permission check is security is not enabled
// Skip permission check if security is not enabled
if (!taskanaEngine.getConfiguration().isSecurityEnabled()) {
LOGGER.debug("Skipping permissions check since security is disabled.");
return;
}
String userId = CurrentUserContext.getUserid();
LOGGER.debug("Verifying that {} has the permission {} on workbasket {}", userId, workbasketAuthorization.name(),
workbasketId);
List<String> accessIds = CurrentUserContext.getAccessIds();
LOGGER.debug("Verifying that {} has the permission {} on workbasket {}",
CurrentUserContext.getUserid(), workbasketAuthorization.name(), workbasketId);
List<WorkbasketAccessItem> accessItems = workbasketAccessMapper
.findByWorkbasketAndUserAndAuthorization(workbasketId, userId, workbasketAuthorization.name());
.findByWorkbasketAndAccessIdAndAuthorizations(workbasketId, accessIds, workbasketAuthorization.name());
if (accessItems.size() <= 0) {
throw new NotAuthorizedException("Not authorized. Authorization '" + workbasketAuthorization.name()

134
lib/taskana-core/src/main/java/pro/taskana/model/WorkbasketAccessItem.java
View File

@ -7,13 +7,21 @@ public class WorkbasketAccessItem {
private String id;
private String workbasketId;
private String userId;
private String groupId;
private boolean read;
private boolean open;
private boolean append;
private boolean transfer;
private boolean distribute;
private String accessId;
private boolean permRead;
private boolean permOpen;
private boolean permAppend;
private boolean permTransfer;
private boolean permDistribute;
private boolean permCustom1;
private boolean permCustom2;
private boolean permCustom3;
private boolean permCustom4;
private boolean permCustom5;
private boolean permCustom6;
private boolean permCustom7;
private boolean permCustom8;
public String getId() {
return id;
@ -31,59 +39,115 @@ public class WorkbasketAccessItem {
this.workbasketId = workbasketId;
}
public String getUserId() {
return userId;
public String getAccessId() {
return accessId;
}
public void setUserId(String userId) {
this.userId = userId;
public void setAccessId(String accessId) {
this.accessId = accessId;
}
public String getGroupId() {
return groupId;
public boolean isPermRead() {
return permRead;
}
public void setGroupId(String groupId) {
this.groupId = groupId;
public void setPermRead(boolean permRead) {
this.permRead = permRead;
}
public boolean isRead() {
return read;
public boolean isPermOpen() {
return permOpen;
}
public void setRead(boolean read) {
this.read = read;
public void setPermOpen(boolean permOpen) {
this.permOpen = permOpen;
}
public boolean isOpen() {
return open;
public boolean isPermAppend() {
return permAppend;
}
public void setOpen(boolean open) {
this.open = open;
public void setPermAppend(boolean permAppend) {
this.permAppend = permAppend;
}
public boolean isAppend() {
return append;
public boolean isPermTransfer() {
return permTransfer;
}
public void setAppend(boolean append) {
this.append = append;
public void setPermTransfer(boolean permTransfer) {
this.permTransfer = permTransfer;
}
public boolean isTransfer() {
return transfer;
public boolean isPermDistribute() {
return permDistribute;
}
public void setTransfer(boolean transfer) {
this.transfer = transfer;
public void setPermDistribute(boolean permDistribute) {
this.permDistribute = permDistribute;
}
public boolean isDistribute() {
return distribute;
public boolean isPermCustom1() {
return permCustom1;
}
public void setDistribute(boolean distribute) {
this.distribute = distribute;
public void setPermCustom1(boolean permCustom1) {
this.permCustom1 = permCustom1;
}
public boolean isPermCustom2() {
return permCustom2;
}
public void setPermCustom2(boolean permCustom2) {
this.permCustom2 = permCustom2;
}
public boolean isPermCustom3() {
return permCustom3;
}
public void setPermCustom3(boolean permCustom3) {
this.permCustom3 = permCustom3;
}
public boolean isPermCustom4() {
return permCustom4;
}
public void setPermCustom4(boolean permCustom4) {
this.permCustom4 = permCustom4;
}
public boolean isPermCustom5() {
return permCustom5;
}
public void setPermCustom5(boolean permCustom5) {
this.permCustom5 = permCustom5;
}
public boolean isPermCustom6() {
return permCustom6;
}
public void setPermCustom6(boolean permCustom6) {
this.permCustom6 = permCustom6;
}
public boolean isPermCustom7() {
return permCustom7;
}
public void setPermCustom7(boolean permCustom7) {
this.permCustom7 = permCustom7;
}
public boolean isPermCustom8() {
return permCustom8;
}
public void setPermCustom8(boolean permCustom8) {
this.permCustom8 = permCustom8;
}
}

2
lib/taskana-core/src/main/java/pro/taskana/model/mappings/QueryMapper.java
View File

@ -90,7 +90,7 @@ public interface QueryMapper {
@Result(property = "custom10", column = "CUSTOM_10") })
List<Task> queryTasks(TaskQueryImpl taskQuery);
@Select("<script>SELECT ID, PARENT_CLASSIFICATION_ID, CATEGORY, TYPE, CREATED, NAME, DESCRIPTION, PRIORITY, SERVICE_LEVEL "
@Select("<script>SELECT ID, PARENT_CLASSIFICATION_ID, CATEGORY, TYPE, DOMAIN, VALID_IN_DOMAIN, CREATED, NAME, DESCRIPTION, PRIORITY, SERVICE_LEVEL, CUSTOM_1, CUSTOM_2, CUSTOM_3, CUSTOM_4, CUSTOM_5, CUSTOM_6, CUSTOM_7, CUSTOM_8, VALID_FROM, VALID_UNTIL "
+ "FROM CLASSIFICATION "
+ "<where>"
+ "<if test='parentClassificationId != null'>AND PARENT_CLASSIFICATION_ID IN(<foreach item='item' collection='parentClassificationId' separator=',' >#{item}</foreach>)</if> "

162
lib/taskana-core/src/main/java/pro/taskana/model/mappings/WorkbasketAccessMapper.java
View File

@ -1,116 +1,132 @@
package pro.taskana.model.mappings;
import java.util.List;
import org.apache.ibatis.annotations.Delete;
import org.apache.ibatis.annotations.Insert;
import org.apache.ibatis.annotations.Options;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Result;
import org.apache.ibatis.annotations.Results;
import org.apache.ibatis.annotations.Select;
import org.apache.ibatis.annotations.Update;
import org.apache.ibatis.annotations.*;
import pro.taskana.model.WorkbasketAccessItem;
import java.util.List;
/**
* This class is the mybatis mapping of workbasket access items.
*/
public interface WorkbasketAccessMapper {
@Select("SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE FROM WORKBASKET_ACCESS_LIST WHERE ID = #{id}")
@Select("SELECT ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8 FROM WORKBASKET_ACCESS_LIST WHERE ID = #{id}")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
@Result(property = "accessId", column = "ACCESS_ID"),
@Result(property = "permRead", column = "PERM_READ"),
@Result(property = "permOpen", column = "PERM_OPEN"),
@Result(property = "permAppend", column = "PERM_APPEND"),
@Result(property = "permTransfer", column = "PERM_TRANSFER"),
@Result(property = "permDistribute", column = "PERM_DISTRIBUTE"),
@Result(property = "permCustom1", column = "PERM_CUSTOM_1"),
@Result(property = "permCustom2", column = "PERM_CUSTOM_2"),
@Result(property = "permCustom3", column = "PERM_CUSTOM_3"),
@Result(property = "permCustom4", column = "PERM_CUSTOM_4"),
@Result(property = "permCustom5", column = "PERM_CUSTOM_5"),
@Result(property = "permCustom6", column = "PERM_CUSTOM_6"),
@Result(property = "permCustom7", column = "PERM_CUSTOM_7"),
@Result(property = "permCustom8", column = "PERM_CUSTOM_8")})
WorkbasketAccessItem findById(@Param("id") String id);
@Select("SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE FROM WORKBASKET_ACCESS_LIST WHERE USER_ID = #{userId}")
@Select("SELECT ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8 FROM WORKBASKET_ACCESS_LIST WHERE ACCESS_ID = #{accessId}")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
List<WorkbasketAccessItem> findByUserId(@Param("userId") String userId);
@Result(property = "accessId", column = "ACCESS_ID"),
@Result(property = "permRead", column = "PERM_READ"),
@Result(property = "permOpen", column = "PERM_OPEN"),
@Result(property = "permAppend", column = "PERM_APPEND"),
@Result(property = "permTransfer", column = "PERM_TRANSFER"),
@Result(property = "permDistribute", column = "PERM_DISTRIBUTE"),
@Result(property = "permCustom1", column = "PERM_CUSTOM_1"),
@Result(property = "permCustom2", column = "PERM_CUSTOM_2"),
@Result(property = "permCustom3", column = "PERM_CUSTOM_3"),
@Result(property = "permCustom4", column = "PERM_CUSTOM_4"),
@Result(property = "permCustom5", column = "PERM_CUSTOM_5"),
@Result(property = "permCustom6", column = "PERM_CUSTOM_6"),
@Result(property = "permCustom7", column = "PERM_CUSTOM_7"),
@Result(property = "permCustom8", column = "PERM_CUSTOM_8")})
List<WorkbasketAccessItem> findByAccessId(@Param("accessId") String accessId);
@Select("SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE FROM WORKBASKET_ACCESS_LIST WHERE WORKBASKET_ID = #{id}")
@Select("SELECT ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8 FROM WORKBASKET_ACCESS_LIST WHERE WORKBASKET_ID = #{id}")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
@Result(property = "accessId", column = "ACCESS_ID"),
@Result(property = "permRead", column = "PERM_READ"),
@Result(property = "permOpen", column = "PERM_OPEN"),
@Result(property = "permAppend", column = "PERM_APPEND"),
@Result(property = "permTransfer", column = "PERM_TRANSFER"),
@Result(property = "permDistribute", column = "PERM_DISTRIBUTE"),
@Result(property = "permCustom1", column = "PERM_CUSTOM_1"),
@Result(property = "permCustom2", column = "PERM_CUSTOM_2"),
@Result(property = "permCustom3", column = "PERM_CUSTOM_3"),
@Result(property = "permCustom4", column = "PERM_CUSTOM_4"),
@Result(property = "permCustom5", column = "PERM_CUSTOM_5"),
@Result(property = "permCustom6", column = "PERM_CUSTOM_6"),
@Result(property = "permCustom7", column = "PERM_CUSTOM_7"),
@Result(property = "permCustom8", column = "PERM_CUSTOM_8")})
List<WorkbasketAccessItem> findByWorkbasketId(@Param("id") String id);
@Select("SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE FROM WORKBASKET_ACCESS_LIST ORDER BY ID")
@Select("SELECT ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8 FROM WORKBASKET_ACCESS_LIST ORDER BY ID")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
@Result(property = "accessId", column = "ACCESS_ID"),
@Result(property = "permRead", column = "PERM_READ"),
@Result(property = "permOpen", column = "PERM_OPEN"),
@Result(property = "permAppend", column = "PERM_APPEND"),
@Result(property = "permTransfer", column = "PERM_TRANSFER"),
@Result(property = "permDistribute", column = "PERM_DISTRIBUTE"),
@Result(property = "permCustom1", column = "PERM_CUSTOM_1"),
@Result(property = "permCustom2", column = "PERM_CUSTOM_2"),
@Result(property = "permCustom3", column = "PERM_CUSTOM_3"),
@Result(property = "permCustom4", column = "PERM_CUSTOM_4"),
@Result(property = "permCustom5", column = "PERM_CUSTOM_5"),
@Result(property = "permCustom6", column = "PERM_CUSTOM_6"),
@Result(property = "permCustom7", column = "PERM_CUSTOM_7"),
@Result(property = "permCustom8", column = "PERM_CUSTOM_8")})
List<WorkbasketAccessItem> findAll();
@Insert("INSERT INTO WORKBASKET_ACCESS_LIST (ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE) "
+ "VALUES (#{workbasketAccessItem.id}, #{workbasketAccessItem.workbasketId}, #{workbasketAccessItem.userId}, #{workbasketAccessItem.groupId}, #{workbasketAccessItem.read}, #{workbasketAccessItem.open}, #{workbasketAccessItem.append}, #{workbasketAccessItem.transfer}, #{workbasketAccessItem.distribute})")
@Insert("INSERT INTO WORKBASKET_ACCESS_LIST (ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8) "
+ "VALUES (#{workbasketAccessItem.id}, #{workbasketAccessItem.workbasketId}, #{workbasketAccessItem.accessId}, #{workbasketAccessItem.permRead}, #{workbasketAccessItem.permOpen}, #{workbasketAccessItem.permAppend}, #{workbasketAccessItem.permTransfer}, #{workbasketAccessItem.permDistribute}, #{workbasketAccessItem.permCustom1}, #{workbasketAccessItem.permCustom2}, #{workbasketAccessItem.permCustom3}, #{workbasketAccessItem.permCustom4}, #{workbasketAccessItem.permCustom5}, #{workbasketAccessItem.permCustom6}, #{workbasketAccessItem.permCustom7}, #{workbasketAccessItem.permCustom8})")
@Options(keyProperty = "id", keyColumn = "ID")
void insert(@Param("workbasketAccessItem") WorkbasketAccessItem workbasketAccessItem);
@Update("UPDATE WORKBASKET_ACCESS_LIST SET WORKBASKET_ID = #{workbasketAccessItem.workbasketId}, USER_ID = #{workbasketAccessItem.userId}, GROUP_ID = #{workbasketAccessItem.groupId}, READ = #{workbasketAccessItem.read}, OPEN = #{workbasketAccessItem.open}, APPEND = #{workbasketAccessItem.append}, TRANSFER = #{workbasketAccessItem.transfer}, DISTRIBUTE = #{workbasketAccessItem.distribute} "
@Update("UPDATE WORKBASKET_ACCESS_LIST SET WORKBASKET_ID = #{workbasketAccessItem.workbasketId}, ACCESS_ID = #{workbasketAccessItem.accessId}, PERM_READ = #{workbasketAccessItem.permRead}, PERM_OPEN = #{workbasketAccessItem.permOpen}, PERM_APPEND = #{workbasketAccessItem.permAppend}, PERM_TRANSFER = #{workbasketAccessItem.permTransfer}, PERM_DISTRIBUTE = #{workbasketAccessItem.permDistribute}, PERM_CUSTOM_1 = #{workbasketAccessItem.permCustom1}, PERM_CUSTOM_2 = #{workbasketAccessItem.permCustom2}, PERM_CUSTOM_3 = #{workbasketAccessItem.permCustom3}, PERM_CUSTOM_4 = #{workbasketAccessItem.permCustom4}, PERM_CUSTOM_5 = #{workbasketAccessItem.permCustom5}, PERM_CUSTOM_6 = #{workbasketAccessItem.permCustom6}, PERM_CUSTOM_7 = #{workbasketAccessItem.permCustom7}, PERM_CUSTOM_8 = #{workbasketAccessItem.permCustom8} "
+ "WHERE id = #{workbasketAccessItem.id}")
void update(@Param("workbasketAccessItem") WorkbasketAccessItem workbasketAccessItem);
@Delete("DELETE FROM WORKBASKET_ACCESS_LIST where id = #{id}")
void delete(@Param("id") String id);
@Select("<script>SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE "
@Select("<script>SELECT ID, WORKBASKET_ID, ACCESS_ID, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8 "
+ "FROM WORKBASKET_ACCESS_LIST "
+ "WHERE WORKBASKET_ID = #{workbasketId} "
+ "AND USER_ID = #{userId} "
+ "AND <if test=\"authorization == 'OPEN'\">OPEN</if>"
+ "<if test=\"authorization == 'READ'\">READ</if>"
+ "<if test=\"authorization == 'APPEND'\">APPEND</if>"
+ "<if test=\"authorization == 'TRANSFER'\">TRANSFER</if>"
+ "<if test=\"authorization == 'DISTRIBUTE'\">DISTRIBUTE</if> = 1</script>")
+ "AND ACCESS_ID IN(<foreach item='item' collection='accessIds' separator=',' >#{item}</foreach>)"
+ "AND <if test=\"authorization == 'OPEN'\">PERM_OPEN</if>"
+ "<if test=\"authorization == 'READ'\">PERM_READ</if>"
+ "<if test=\"authorization == 'APPEND'\">PERM_APPEND</if>"
+ "<if test=\"authorization == 'TRANSFER'\">PERM_TRANSFER</if>"
+ "<if test=\"authorization == 'DISTRIBUTE'\">PERM_DISTRIBUTE</if> = 1</script>")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
List<WorkbasketAccessItem> findByWorkbasketAndUserAndAuthorization(@Param("workbasketId") String workbasketId, @Param("userId") String userId, @Param("authorization") String authorization);
@Result(property = "accessId", column = "ACCESS_ID"),
@Result(property = "permRead", column = "PERM_READ"),
@Result(property = "permOpen", column = "PERM_OPEN"),
@Result(property = "permAppend", column = "PERM_APPEND"),
@Result(property = "permTransfer", column = "PERM_TRANSFER"),
@Result(property = "permDistribute", column = "PERM_DISTRIBUTE"),
@Result(property = "permCustom1", column = "PERM_CUSTOM_1"),
@Result(property = "permCustom2", column = "PERM_CUSTOM_2"),
@Result(property = "permCustom3", column = "PERM_CUSTOM_3"),
@Result(property = "permCustom4", column = "PERM_CUSTOM_4"),
@Result(property = "permCustom5", column = "PERM_CUSTOM_5"),
@Result(property = "permCustom6", column = "PERM_CUSTOM_6"),
@Result(property = "permCustom7", column = "PERM_CUSTOM_7"),
@Result(property = "permCustom8", column = "PERM_CUSTOM_8")})
List<WorkbasketAccessItem> findByWorkbasketAndAccessIdAndAuthorizations(@Param("workbasketId") String workbasketId, @Param("accessIds") List<String> accessIds, @Param("authorization") String authorization);
@Select("SELECT ID, WORKBASKET_ID, USER_ID, GROUP_ID, READ, OPEN, APPEND, TRANSFER, DISTRIBUTE FROM WORKBASKET_ACCESS_LIST WHERE WORKBASKET_ID = #{workbasketId} AND GROUP_ID = #{groupId}")
@Results(value = {
@Result(property = "id", column = "ID"),
@Result(property = "workbasketId", column = "WORKBASKET_ID"),
@Result(property = "userId", column = "USER_ID"),
@Result(property = "groupId", column = "GROUP_ID"),
@Result(property = "read", column = "READ"),
@Result(property = "open", column = "OPEN"),
@Result(property = "append", column = "APPEND"),
@Result(property = "transfer", column = "TRANSFER"),
@Result(property = "distribute", column = "DISTRIBUTE") })
List<WorkbasketAccessItem> findByWorkbasketAndGroup(@Param("workbasketId") String workbasketId, @Param("groupId") String groupId);
}

18
lib/taskana-core/src/main/java/pro/taskana/model/mappings/WorkbasketMapper.java
View File

@ -1,19 +1,11 @@
package pro.taskana.model.mappings;
import java.util.List;
import org.apache.ibatis.annotations.Delete;
import org.apache.ibatis.annotations.Insert;
import org.apache.ibatis.annotations.Many;
import org.apache.ibatis.annotations.Options;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Result;
import org.apache.ibatis.annotations.Results;
import org.apache.ibatis.annotations.Select;
import org.apache.ibatis.annotations.Update;
import org.apache.ibatis.annotations.*;
import org.apache.ibatis.mapping.FetchType;
import pro.taskana.model.Workbasket;
import pro.taskana.model.WorkbasketAuthorization;
import java.util.List;
/**
* This class is the mybatis mapping of workbaskets.
*/
@ -52,7 +44,7 @@ public interface WorkbasketMapper {
List<Workbasket> findAll();
@Select("<script>SELECT W.ID, W.CREATED, W.MODIFIED, W.NAME, W.DESCRIPTION, W.OWNER FROM WORKBASKET AS W "
+ "INNER JOIN WORKBASKET_ACCESS_LIST AS ACL " + "ON (W.ID = ACL.WORKBASKET_ID AND USER_ID = #{userId}) "
+ "INNER JOIN WORKBASKET_ACCESS_LIST AS ACL " + "ON (W.ID = ACL.WORKBASKET_ID AND ACL.ACCESS_ID = #{accessId}) "
+ "WHERE <foreach collection='authorizations' item='authorization' separator=' AND '>"
+ "<if test=\"authorization.name() == 'OPEN'\">OPEN</if>"
+ "<if test=\"authorization.name() == 'READ'\">READ</if>"
@ -68,7 +60,7 @@ public interface WorkbasketMapper {
@Result(property = "description", column = "DESCRIPTION"),
@Result(property = "owner", column = "OWNER"),
@Result(property = "distributionTargets", column = "ID", javaType = List.class, many = @Many(fetchType = FetchType.DEFAULT, select = "findByDistributionTargets")) })
List<Workbasket> findByPermission(@Param("authorizations") List<WorkbasketAuthorization> authorizations, @Param("userId") String userId);
List<Workbasket> findByPermission(@Param("authorizations") List<WorkbasketAuthorization> authorizations, @Param("accessId") String accessId);
@Insert("INSERT INTO WORKBASKET (ID, CREATED, MODIFIED, NAME, DESCRIPTION, OWNER) VALUES (#{workbasket.id}, #{workbasket.created}, #{workbasket.modified}, #{workbasket.name}, #{workbasket.description}, #{workbasket.owner})")
@Options(keyProperty = "id", keyColumn = "ID")

25
lib/taskana-core/src/main/java/pro/taskana/security/CurrentUserContext.java
View File

@ -1,15 +1,15 @@
package pro.taskana.security;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.security.auth.Subject;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
/**
* Provides the context information about the current (calling) user. The
* context is gathered from the JAAS subject.
@ -105,4 +105,15 @@ public final class CurrentUserContext {
return null;
}
public static List<String> getAccessIds() {
List<String> accessIds = new ArrayList<>();
accessIds.add(getUserid());
if (getGroupIds() != null) {
accessIds.addAll(getGroupIds());
}
if (accessIds.isEmpty()) {
return null;
}
return accessIds;
}
}

21
lib/taskana-core/src/main/resources/sql/taskana-schema.sql
View File

@ -81,13 +81,20 @@ CREATE TABLE CLASSIFICATION(
CREATE TABLE WORKBASKET_ACCESS_LIST(
ID CHAR(40) NOT NULL,
WORKBASKET_ID CHAR(40) NOT NULL,
USER_ID VARCHAR(255) NULL,
GROUP_ID VARCHAR(255) NULL,
READ BOOLEAN NOT NULL,
OPEN BOOLEAN NOT NULL,
APPEND BOOLEAN NOT NULL,
TRANSFER BOOLEAN NOT NULL,
DISTRIBUTE BOOLEAN NOT NULL,
ACCESS_ID VARCHAR(255) NULL,
PERM_READ BOOLEAN NOT NULL,
PERM_OPEN BOOLEAN NOT NULL,
PERM_APPEND BOOLEAN NOT NULL,
PERM_TRANSFER BOOLEAN NOT NULL,
PERM_DISTRIBUTE BOOLEAN NOT NULL,
PERM_CUSTOM_1 BOOLEAN NOT NULL,
PERM_CUSTOM_2 BOOLEAN NOT NULL,
PERM_CUSTOM_3 BOOLEAN NOT NULL,
PERM_CUSTOM_4 BOOLEAN NOT NULL,
PERM_CUSTOM_5 BOOLEAN NOT NULL,
PERM_CUSTOM_6 BOOLEAN NOT NULL,
PERM_CUSTOM_7 BOOLEAN NOT NULL,
PERM_CUSTOM_8 BOOLEAN NOT NULL,
PRIMARY KEY (ID)
);

35
lib/taskana-core/src/test/java/pro/taskana/impl/WorkbasketServiceImplTest.java
View File

@ -1,14 +1,5 @@
package pro.taskana.impl;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.doNothing;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import java.util.ArrayList;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
@ -26,6 +17,12 @@ import pro.taskana.model.mappings.DistributionTargetMapper;
import pro.taskana.model.mappings.WorkbasketAccessMapper;
import pro.taskana.model.mappings.WorkbasketMapper;
import java.util.ArrayList;
import java.util.List;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.*;
/**
* Unit Test for workbasketServiceImpl.
* @author EH
@ -226,9 +223,9 @@ public class WorkbasketServiceImplTest {
WorkbasketAccessItem accessItem = new WorkbasketAccessItem();
accessItem.setWorkbasketId("1");
accessItem.setUserId("Arthur Dent");
accessItem.setOpen(true);
accessItem.setRead(true);
accessItem.setAccessId("Arthur Dent");
accessItem.setPermOpen(true);
accessItem.setPermRead(true);
accessItem = workbasketServiceImpl.createWorkbasketAuthorization(accessItem);
Assert.assertNotNull(accessItem.getId());
@ -241,18 +238,18 @@ public class WorkbasketServiceImplTest {
WorkbasketAccessItem accessItem = new WorkbasketAccessItem();
accessItem.setWorkbasketId("1");
accessItem.setUserId("Arthur Dent");
accessItem.setOpen(true);
accessItem.setRead(true);
accessItem.setAccessId("Arthur Dent");
accessItem.setPermOpen(true);
accessItem.setPermRead(true);
accessItem = workbasketServiceImpl.createWorkbasketAuthorization(accessItem);
Assert.assertNotNull(accessItem.getId());
doNothing().when(workbasketAccessMapper).update(any());
accessItem.setUserId("Zaphod Beeblebrox");
accessItem.setAccessId("Zaphod Beeblebrox");
workbasketServiceImpl.updateWorkbasketAuthorization(accessItem);
Assert.assertEquals("Zaphod Beeblebrox", accessItem.getUserId());
Assert.assertEquals("Zaphod Beeblebrox", accessItem.getAccessId());
}
@Test(expected = NotAuthorizedException.class)
@ -269,7 +266,7 @@ public class WorkbasketServiceImplTest {
when(taskanaEngine.getConfiguration()).thenReturn(taskanaEngineConfiguration);
when(taskanaEngine.getConfiguration().isSecurityEnabled()).thenReturn(true);
when(workbasketAccessMapper.findByWorkbasketAndUserAndAuthorization(any(), any(), any()))
when(workbasketAccessMapper.findByWorkbasketAndAccessIdAndAuthorizations(any(), any(), any()))
.thenReturn(new ArrayList<WorkbasketAccessItem>() {
{
add(new WorkbasketAccessItem());
@ -278,7 +275,7 @@ public class WorkbasketServiceImplTest {
workbasketServiceImpl.checkAuthorization("1", WorkbasketAuthorization.READ);
verify(workbasketAccessMapper, times(1)).findByWorkbasketAndUserAndAuthorization(any(), any(), any());
verify(workbasketAccessMapper, times(1)).findByWorkbasketAndAccessIdAndAuthorizations(any(), any(), any());
}
@Test

37
lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntTest.java
View File

@ -1,19 +1,7 @@
package pro.taskana.impl.integration;
import java.io.FileNotFoundException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import javax.security.auth.login.LoginException;
import javax.sql.DataSource;
import org.h2.store.fs.FileUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.*;
import pro.taskana.TaskanaEngine;
import pro.taskana.WorkbasketService;
import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -26,6 +14,13 @@ import pro.taskana.impl.util.IdGenerator;
import pro.taskana.model.Workbasket;
import pro.taskana.model.WorkbasketAccessItem;
import javax.security.auth.login.LoginException;
import javax.sql.DataSource;
import java.io.FileNotFoundException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* Integration Test for workbasketServiceImpl.
@ -181,9 +176,9 @@ public class WorkbasketServiceImplIntTest {
WorkbasketAccessItem accessItem = new WorkbasketAccessItem();
String id1 = IdGenerator.generateWithPrefix("TWB");
accessItem.setWorkbasketId(id1);
accessItem.setUserId("Arthur Dent");
accessItem.setOpen(true);
accessItem.setRead(true);
accessItem.setAccessId("Arthur Dent");
accessItem.setPermOpen(true);
accessItem.setPermRead(true);
workBasketService.createWorkbasketAuthorization(accessItem);
Assert.assertEquals(1, workBasketService.getAllAuthorizations().size());
@ -194,18 +189,18 @@ public class WorkbasketServiceImplIntTest {
WorkbasketAccessItem accessItem = new WorkbasketAccessItem();
String id1 = IdGenerator.generateWithPrefix("TWB");
accessItem.setWorkbasketId(id1);
accessItem.setUserId("Arthur Dent");
accessItem.setOpen(true);
accessItem.setRead(true);
accessItem.setAccessId("Arthur Dent");
accessItem.setPermOpen(true);
accessItem.setPermRead(true);
workBasketService.createWorkbasketAuthorization(accessItem);
Assert.assertEquals(1, workBasketService.getAllAuthorizations().size());
accessItem.setUserId("Zaphod Beeblebrox");
accessItem.setAccessId("Zaphod Beeblebrox");
workBasketService.updateWorkbasketAuthorization(accessItem);
Assert.assertEquals("Zaphod Beeblebrox",
workBasketService.getWorkbasketAuthorization(accessItem.getId()).getUserId());
workBasketService.getWorkbasketAuthorization(accessItem.getId()).getAccessId());
}
@After

6
rest/src/main/resources/sql/sample-data/workbasket-access-list.sql
View File

@ -1,3 +1,3 @@
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('1', '1', 'Elena', null, true, true, true, true, true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('2', '2', 'Max', null, true, true, true, true, true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('3', '3', 'Simone', null, true, true, true, true, true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('1', '1', 'Elena', true, true, true, true, true, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('2', '2', 'Max', true, true, true, true, true, true, true, true, true, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('3', '3', 'Simone', true, true, true, true, true, true, true, true, true, true, true, true, true);