From 5051c56f7a13a5f95b23a473f6cfb3f9de29d483 Mon Sep 17 00:00:00 2001 From: j2blake Date: Fri, 23 Dec 2011 17:33:48 +0000 Subject: [PATCH] NIHVIVO-3523 Break up the CommonIdentifierBundleFactory into several pieces: one for each type of Identifier. Add some unit tests. --- .../common/CommonIdentifierBundleFactory.java | 243 --------------- .../factory/BaseIdentifierBundleFactory.java | 66 +++++ .../factory/HasPermissionFactory.java | 93 ++++++ .../HasProfileOrIsBlacklistedFactory.java | 72 +++++ .../factory/HasProxyEditingRightsFactory.java | 37 +++ .../factory/HasRoleLevelFactory.java | 29 ++ .../identifier/factory/IsRootUserFactory.java | 34 +++ .../identifier/factory/IsUserFactory.java | 32 ++ .../policy/setup/CommonPolicyFamilySetup.java | 45 +-- .../factory/HasPermissionFactoryTest.java | 277 ++++++++++++++++++ .../factory/IsRootUserFactoryTest.java | 99 +++++++ .../identifier/factory/IsUserFactoryTest.java | 72 +++++ .../controller/edit/AuthenticateTest.java | 4 +- 13 files changed, 841 insertions(+), 262 deletions(-) delete mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/BaseIdentifierBundleFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProfileOrIsBlacklistedFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProxyEditingRightsFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactory.java create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactory.java create mode 100644 webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactoryTest.java create mode 100644 webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactoryTest.java create mode 100644 webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactoryTest.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java deleted file mode 100644 index e19567403..000000000 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java +++ /dev/null @@ -1,243 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.identifier.common; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import javax.servlet.ServletContext; -import javax.servlet.ServletRequest; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import edu.cornell.mannlib.vedit.beans.LoginStatusBean; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory; -import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; -import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; -import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; -import edu.cornell.mannlib.vitro.webapp.beans.Individual; -import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; -import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; -import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; -import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; -import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao; -import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; - -/** - * Create Identifiers that are recognized by the common policy family. - */ -public class CommonIdentifierBundleFactory implements IdentifierBundleFactory { - private static final Log log = LogFactory - .getLog(CommonIdentifierBundleFactory.class); - - private final ServletContext context; - - public CommonIdentifierBundleFactory(ServletContext context) { - this.context = context; - } - - @Override - public IdentifierBundle getIdentifierBundle(ServletRequest request, - HttpSession session, ServletContext unusedContext) { - - // If this is not an HttpServletRequest, we might as well fail now. - HttpServletRequest req = (HttpServletRequest) request; - - ArrayIdentifierBundle bundle = new ArrayIdentifierBundle(); - - bundle.addAll(createUserIdentifiers(req)); - bundle.addAll(createRootUserIdentifiers(req)); - bundle.addAll(createRoleLevelIdentifiers(req)); - bundle.addAll(createBlacklistOrAssociatedIndividualIdentifiers(req)); - bundle.addAll(createExplicitProxyEditingIdentifiers(req)); - bundle.addAll(createPermissionIdentifiers(req)); - - return bundle; - } - - /** - * If the user is logged in, create an identifier that shows his URI. - */ - private Collection createUserIdentifiers( - HttpServletRequest req) { - LoginStatusBean bean = LoginStatusBean.getBean(req); - if (bean.isLoggedIn()) { - return Collections.singleton(new IsUser(bean.getUserURI())); - } else { - return Collections.emptySet(); - } - } - - private Collection createRootUserIdentifiers( - HttpServletRequest req) { - UserAccount user = LoginStatusBean.getCurrentUser(req); - if ((user != null) && user.isRootUser()) { - return Collections.singleton(new IsRootUser()); - } else { - return Collections.emptySet(); - } - } - - /** - * Create an identifier that shows the role level of the current user, or - * PUBLIC if the user is not logged in. - */ - private Collection createRoleLevelIdentifiers( - HttpServletRequest req) { - RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req); - return Collections.singleton(new HasRoleLevel(roleLevel)); - } - - /** - * Find all of the individuals that are associated with the current user, - * and create either an IsBlacklisted or HasAssociatedIndividual for each - * one. - */ - private Collection createBlacklistOrAssociatedIndividualIdentifiers( - HttpServletRequest req) { - Collection ids = new ArrayList(); - - for (Individual ind : getAssociatedIndividuals(req)) { - // If they are blacklisted, this factory will return an identifier - Identifier id = IsBlacklisted.getInstance(ind, context); - if (id != null) { - ids.add(id); - } else { - ids.add(new HasProfile(ind.getURI())); - } - } - - return ids; - } - - /** - * Get all Individuals associated with the current user as SELF. - */ - private Collection getAssociatedIndividuals( - HttpServletRequest req) { - Collection individuals = new ArrayList(); - - UserAccount user = LoginStatusBean.getCurrentUser(req); - if (user == null) { - log.debug("No Associated Individuals: not logged in."); - return individuals; - } - - WebappDaoFactory wdf = (WebappDaoFactory) context - .getAttribute("webappDaoFactory"); - if (wdf == null) { - log.error("Could not get a WebappDaoFactory from the ServletContext"); - return individuals; - } - - IndividualDao indDao = wdf.getIndividualDao(); - - SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req); - individuals.addAll(sec.getAssociatedIndividuals(indDao, user)); - - return individuals; - } - - /** - * Get all Individuals associated with the current user by explicit proxy - * relationship. - */ - private Collection createExplicitProxyEditingIdentifiers( - HttpServletRequest req) { - Collection ids = new ArrayList(); - - UserAccount user = LoginStatusBean.getCurrentUser(req); - if (user != null) { - for (String proxiedUri : user.getProxiedIndividualUris()) { - ids.add(new HasProxyEditingRights(proxiedUri)); - } - } - - return ids; - } - - /** - * Create an identifier for each Permission that the User has. - */ - private Collection createPermissionIdentifiers( - HttpServletRequest req) { - UserAccount user = LoginStatusBean.getCurrentUser(req); - if (user == null) { - return createPublicPermissions(); - } else { - return createUserPermissions(user); - } - } - - private Collection createPublicPermissions() { - Collection ids = new ArrayList(); - - WebappDaoFactory wdf = (WebappDaoFactory) context - .getAttribute("webappDaoFactory"); - if (wdf == null) { - log.error("Could not get a WebappDaoFactory from the ServletContext"); - return ids; - } - - UserAccountsDao uaDao = wdf.getUserAccountsDao(); - - Set permissionUris = new HashSet(); - for (PermissionSet ps : uaDao.getAllPermissionSets()) { - if (ps.isForPublic()) { - permissionUris.addAll(ps.getPermissionUris()); - } - } - - PermissionRegistry registry = PermissionRegistry.getRegistry(context); - for (String permissionUri : permissionUris) { - Permission permission = registry.getPermission(permissionUri); - ids.add(new HasPermission(permission)); - } - - return ids; - } - - private Collection createUserPermissions(UserAccount user) { - Collection ids = new ArrayList(); - - WebappDaoFactory wdf = (WebappDaoFactory) context - .getAttribute("webappDaoFactory"); - if (wdf == null) { - log.error("Could not get a WebappDaoFactory from the ServletContext"); - return ids; - } - - UserAccountsDao uaDao = wdf.getUserAccountsDao(); - - Set permissionUris = new HashSet(); - for (String psUri : user.getPermissionSetUris()) { - PermissionSet ps = uaDao.getPermissionSetByUri(psUri); - if (ps != null) { - permissionUris.addAll(ps.getPermissionUris()); - } - } - - PermissionRegistry registry = PermissionRegistry.getRegistry(context); - for (String permissionUri : permissionUris) { - Permission permission = registry.getPermission(permissionUri); - ids.add(new HasPermission(permission)); - } - - return ids; - } - - @Override - public String toString() { - return this.getClass().getSimpleName() + " - " + hashCode(); - } - -} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/BaseIdentifierBundleFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/BaseIdentifierBundleFactory.java new file mode 100644 index 000000000..592242f3f --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/BaseIdentifierBundleFactory.java @@ -0,0 +1,66 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import javax.servlet.ServletContext; +import javax.servlet.ServletRequest; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; +import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao; +import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; + +/** + * Some fields and methods that are helpful to IdentifierBundleFactory classes. + */ +public abstract class BaseIdentifierBundleFactory implements + IdentifierBundleFactory { + protected final ServletContext ctx; + protected final WebappDaoFactory wdf; + protected final UserAccountsDao uaDao; + protected final IndividualDao indDao; + + public BaseIdentifierBundleFactory(ServletContext ctx) { + if (ctx == null) { + throw new NullPointerException("ctx may not be null."); + } + this.ctx = ctx; + + Object wdfObject = ctx.getAttribute("webappDaoFactory"); + if (wdfObject instanceof WebappDaoFactory) { + this.wdf = (WebappDaoFactory) wdfObject; + } else { + throw new IllegalStateException( + "Didn't find a WebappDaoFactory in the context. Found '" + + wdfObject + "' instead."); + } + + this.uaDao = wdf.getUserAccountsDao(); + this.indDao = wdf.getIndividualDao(); + } + + /** + * This method should go away. Why are we passing anything other than the + * request? + */ + @Override + public final IdentifierBundle getIdentifierBundle(ServletRequest request, + HttpSession session, ServletContext context) { + return getIdentifierBundle((HttpServletRequest) request); + } + + @Override + public String toString() { + return this.getClass().getSimpleName() + " - " + hashCode(); + } + + /** + * Return the IdentifierBundle from this factory. May return an empty + * bundle, but never returns null. + */ + public abstract IdentifierBundle getIdentifierBundle(HttpServletRequest req); + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactory.java new file mode 100644 index 000000000..913132d44 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactory.java @@ -0,0 +1,93 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; +import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * Figure out what Permissions the user is entitled to have. + */ +public class HasPermissionFactory extends BaseIdentifierBundleFactory { + private static final Log log = LogFactory + .getLog(HasPermissionFactory.class); + + public HasPermissionFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + UserAccount user = LoginStatusBean.getCurrentUser(req); + if (user == null) { + return createPublicPermissions(); + } else { + return createUserPermissions(user); + } + } + + private IdentifierBundle createPublicPermissions() { + Set permissionUris = new HashSet(); + for (PermissionSet ps : uaDao.getAllPermissionSets()) { + if (ps.isForPublic()) { + permissionUris.addAll(ps.getPermissionUris()); + } + } + log.debug("Permission URIs: " + permissionUris); + + return new ArrayIdentifierBundle( + getIdentifiersFromPermissions(getPermissionsForUris(permissionUris))); + } + + private IdentifierBundle createUserPermissions(UserAccount user) { + Set permissionUris = new HashSet(); + for (String psUri : user.getPermissionSetUris()) { + PermissionSet ps = uaDao.getPermissionSetByUri(psUri); + if (ps != null) { + permissionUris.addAll(ps.getPermissionUris()); + } + } + log.debug("user permission sets: " + user.getPermissionSetUris()); + log.debug("Permission URIs: " + permissionUris); + + return new ArrayIdentifierBundle( + getIdentifiersFromPermissions(getPermissionsForUris(permissionUris))); + } + + private Collection getPermissionsForUris( + Collection permissionUris) { + List permissions = new ArrayList(); + PermissionRegistry registry = PermissionRegistry.getRegistry(ctx); + for (String uri : permissionUris) { + permissions.add(registry.getPermission(uri)); + } + return permissions; + } + + private List getIdentifiersFromPermissions( + Collection permissions) { + List ids = new ArrayList(); + for (Permission permission : permissions) { + ids.add(new HasPermission(permission)); + } + return ids; + } +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProfileOrIsBlacklistedFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProfileOrIsBlacklistedFactory.java new file mode 100644 index 000000000..b4280960b --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProfileOrIsBlacklistedFactory.java @@ -0,0 +1,72 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import java.util.ArrayList; +import java.util.Collection; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsBlacklisted; +import edu.cornell.mannlib.vitro.webapp.beans.Individual; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * Find all of the individuals that are associated with the current user, and + * create either an IsBlacklisted or HasAssociatedIndividual for each one. + */ +public class HasProfileOrIsBlacklistedFactory extends + BaseIdentifierBundleFactory { + private static final Log log = LogFactory + .getLog(HasProfileOrIsBlacklistedFactory.class); + + public HasProfileOrIsBlacklistedFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + ArrayIdentifierBundle ids = new ArrayIdentifierBundle(); + + for (Individual ind : getAssociatedIndividuals(req)) { + // If they are blacklisted, this factory will return an identifier + Identifier id = IsBlacklisted.getInstance(ind, ctx); + if (id != null) { + ids.add(id); + } else { + ids.add(new HasProfile(ind.getURI())); + } + } + + return ids; + } + + /** + * Get all Individuals associated with the current user as SELF. + */ + private Collection getAssociatedIndividuals( + HttpServletRequest req) { + Collection individuals = new ArrayList(); + + UserAccount user = LoginStatusBean.getCurrentUser(req); + if (user == null) { + log.debug("No Associated Individuals: not logged in."); + return individuals; + } + + SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req); + individuals.addAll(sec.getAssociatedIndividuals(indDao, user)); + + return individuals; + } +} \ No newline at end of file diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProxyEditingRightsFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProxyEditingRightsFactory.java new file mode 100644 index 000000000..905dfccac --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProxyEditingRightsFactory.java @@ -0,0 +1,37 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProxyEditingRights; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * Find out what Profiles the User can edit through proxy. + */ +public class HasProxyEditingRightsFactory extends BaseIdentifierBundleFactory { + + public HasProxyEditingRightsFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + ArrayIdentifierBundle ids = new ArrayIdentifierBundle(); + + UserAccount user = LoginStatusBean.getCurrentUser(req); + if (user != null) { + for (String proxiedUri : user.getProxiedIndividualUris()) { + ids.add(new HasProxyEditingRights(proxiedUri)); + } + } + + return ids; + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java new file mode 100644 index 000000000..bf118184d --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java @@ -0,0 +1,29 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel; +import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; + +/** + * Create an identifier that shows the role level of the current user, or + * PUBLIC if the user is not logged in. + */ +public class HasRoleLevelFactory extends BaseIdentifierBundleFactory { + + public HasRoleLevelFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req); + return new ArrayIdentifierBundle(new HasRoleLevel(roleLevel)); + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactory.java new file mode 100644 index 000000000..2b0dfa455 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactory.java @@ -0,0 +1,34 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * If the user is logged in as a Root User, create an identifier. + */ +public class IsRootUserFactory extends BaseIdentifierBundleFactory { + + public IsRootUserFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + UserAccount user = LoginStatusBean.getCurrentUser(req); + if ((user != null) && user.isRootUser()) { + return new ArrayIdentifierBundle(IsRootUser.INSTANCE); + } else { + return new ArrayIdentifierBundle(); + } + } + +} + diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactory.java new file mode 100644 index 000000000..825021eab --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactory.java @@ -0,0 +1,32 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser; + +/** + * If the user is logged in, create an Identifier. + */ +public class IsUserFactory extends BaseIdentifierBundleFactory { + + public IsUserFactory(ServletContext ctx) { + super(ctx); + } + + @Override + public IdentifierBundle getIdentifierBundle(HttpServletRequest req) { + LoginStatusBean bean = LoginStatusBean.getBean(req); + if (bean.isLoggedIn()) { + return new ArrayIdentifierBundle(new IsUser(bean.getUserURI())); + } else { + return new ArrayIdentifierBundle(); + } + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java index 343e31a5d..850f6e586 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java @@ -7,17 +7,24 @@ import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProfileOrIsBlacklistedFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProxyEditingRightsFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsRootUserFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsUserFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataByRoleLevelPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataToSelfPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.EditRestrictedDataByRoleLevelPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.PermissionsPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.SelfEditingPolicy; import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus; /** - * Set up the common policy family, with Identifier factory. + * Set up the common policy family, with Identifier factories. */ public class CommonPolicyFamilySetup implements ServletContextListener { @@ -27,27 +34,31 @@ public class CommonPolicyFamilySetup implements ServletContextListener { StartupStatus ss = StartupStatus.getBean(ctx); try { - ServletPolicyList.addPolicy(ctx, new PermissionsPolicy()); + policy(ctx, new PermissionsPolicy()); + policy(ctx, new DisplayRestrictedDataByRoleLevelPolicy(ctx)); + policy(ctx, new DisplayRestrictedDataToSelfPolicy(ctx)); + policy(ctx, new EditRestrictedDataByRoleLevelPolicy(ctx)); + policy(ctx, new SelfEditingPolicy(ctx)); - ServletPolicyList.addPolicy(ctx, - new DisplayRestrictedDataByRoleLevelPolicy(ctx)); - ServletPolicyList.addPolicy(ctx, - new DisplayRestrictedDataToSelfPolicy(ctx)); - ServletPolicyList.addPolicy(ctx, - new EditRestrictedDataByRoleLevelPolicy(ctx)); - - ServletPolicyList.addPolicy(ctx, new SelfEditingPolicy(ctx)); - - // This factory creates Identifiers for all of the above policies. - CommonIdentifierBundleFactory factory = new CommonIdentifierBundleFactory( - ctx); - - ActiveIdentifierBundleFactories.addFactory(sce, factory); + factory(ctx, new IsUserFactory(ctx)); + factory(ctx, new IsRootUserFactory(ctx)); + factory(ctx, new HasRoleLevelFactory(ctx)); + factory(ctx, new HasProfileOrIsBlacklistedFactory(ctx)); + factory(ctx, new HasPermissionFactory(ctx)); + factory(ctx, new HasProxyEditingRightsFactory(ctx)); } catch (Exception e) { ss.fatal(this, "could not run CommonPolicyFamilySetup", e); } } + private void policy(ServletContext ctx, PolicyIface policy) { + ServletPolicyList.addPolicy(ctx, policy); + } + + private void factory(ServletContext ctx, IdentifierBundleFactory factory) { + ActiveIdentifierBundleFactories.addFactory(ctx, factory); + } + @Override public void contextDestroyed(ServletContextEvent sce) { /* nothing */ } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactoryTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactoryTest.java new file mode 100644 index 000000000..fb32a9728 --- /dev/null +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactoryTest.java @@ -0,0 +1,277 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import static org.junit.Assert.assertEquals; + +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.junit.Before; +import org.junit.Test; + +import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub; +import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub; +import stubs.javax.servlet.ServletContextStub; +import stubs.javax.servlet.http.HttpServletRequestStub; +import stubs.javax.servlet.http.HttpSessionStub; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; +import edu.cornell.mannlib.vitro.testing.AbstractTestClass; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * Can we tell whether a user is logged in as root? + */ +public class HasPermissionFactoryTest extends AbstractTestClass { + private static final String USER_URI = "http://userUri"; + private UserAccount user; + + private LoginStatusBean lsb; + + private PermissionSet emptyPublicPermissionSet; + private PermissionSet publicPermissionSet1; + private PermissionSet publicPermissionSet2; + private PermissionSet emptyLoggedInPermissionSet; + private PermissionSet loggedInPermissionSet1; + private PermissionSet loggedInPermissionSet2; + + private Permission permissionP1a; + private Permission permissionP1b; + private Permission permissionP2; + private Permission permissionLI1; + private Permission permissionLI2a; + private Permission permissionLI2b; + + private WebappDaoFactoryStub wdf; + private UserAccountsDaoStub uaDao; + + private ServletContextStub ctx; + private HttpSessionStub session; + private HttpServletRequestStub req; + + private HasPermissionFactory factory; + + private IdentifierBundle actualIds; + private IdentifierBundle expectedIds; + + @Before + public void setup() { + user = new UserAccount(); + user.setUri(USER_URI); + + lsb = new LoginStatusBean(USER_URI, AuthenticationSource.INTERNAL); + + uaDao = new UserAccountsDaoStub(); + uaDao.addUser(user); + + wdf = new WebappDaoFactoryStub(); + wdf.setUserAccountsDao(uaDao); + + ctx = new ServletContextStub(); + ctx.setAttribute("webappDaoFactory", wdf); + + session = new HttpSessionStub(); + session.setServletContext(ctx); + + req = new HttpServletRequestStub(); + req.setSession(session); + + factory = new HasPermissionFactory(ctx); + + preparePermissions(); + preparePermissionSets(); + } + + private void preparePermissions() { + permissionP1a = new MyPermission("permissionP1a"); + permissionP1b = new MyPermission("permissionP1b"); + permissionP2 = new MyPermission("permissionP2"); + permissionLI1 = new MyPermission("permissionLI1"); + permissionLI2a = new MyPermission("permissionLI2a"); + permissionLI2b = new MyPermission("permissionLI2b"); + PermissionRegistry.createRegistry( + ctx, + list(permissionP1a, permissionP1b, permissionP2, permissionLI1, + permissionLI2a, permissionLI2b)); + } + + private void preparePermissionSets() { + emptyPublicPermissionSet = new PermissionSet(); + emptyPublicPermissionSet.setUri("java:emptyPS"); + emptyPublicPermissionSet.setLabel("emptyPublicPermissionSet"); + emptyPublicPermissionSet.setForPublic(true); + + publicPermissionSet1 = new PermissionSet(); + publicPermissionSet1.setUri("java:publicPS1"); + publicPermissionSet1.setLabel("publicPermissionSet1"); + publicPermissionSet1.setForPublic(true); + setPermissions(publicPermissionSet1, permissionP1a, permissionP1b); + + publicPermissionSet2 = new PermissionSet(); + publicPermissionSet2.setUri("java:publicPS2"); + publicPermissionSet2.setLabel("publicPermissionSet2"); + publicPermissionSet2.setForPublic(true); + setPermissions(publicPermissionSet2, permissionP2); + + emptyLoggedInPermissionSet = new PermissionSet(); + emptyLoggedInPermissionSet.setUri("java:emptyPS"); + emptyLoggedInPermissionSet.setLabel("emptyLoggedInPermissionSet"); + + loggedInPermissionSet1 = new PermissionSet(); + loggedInPermissionSet1.setUri("java:loggedInPS1"); + loggedInPermissionSet1.setLabel("loggedInPermissionSet1"); + setPermissions(loggedInPermissionSet1, permissionLI1); + + loggedInPermissionSet2 = new PermissionSet(); + loggedInPermissionSet2.setUri("java:loggedInPS2"); + loggedInPermissionSet2.setLabel("loggedInPermissionSet2"); + setPermissions(loggedInPermissionSet2, permissionLI2a, permissionLI2b); + + uaDao.addPermissionSet(emptyLoggedInPermissionSet); + uaDao.addPermissionSet(loggedInPermissionSet1); + uaDao.addPermissionSet(loggedInPermissionSet2); + // "public" permission sets are added for specific tests. + } + + // ---------------------------------------------------------------------- + // the tests + // ---------------------------------------------------------------------- + + @Test + public void notLoggedInNoPublicSets() { + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("no public sets", expectedIds, actualIds); + } + + @Test + public void notLoggedInEmptyPublicSet() { + uaDao.addPermissionSet(emptyPublicPermissionSet); + + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("empty public set", expectedIds, actualIds); + } + + @Test + public void notLoggedInOnePublicSet() { + uaDao.addPermissionSet(publicPermissionSet1); + + expectedIds = new ArrayIdentifierBundle(id(permissionP1a), + id(permissionP1b)); + actualIds = factory.getIdentifierBundle(req); + assertEqualIds("one public set", expectedIds, actualIds); + } + + @Test + public void notLoggedInTwoPublicSets() { + uaDao.addPermissionSet(publicPermissionSet1); + uaDao.addPermissionSet(publicPermissionSet2); + + expectedIds = new ArrayIdentifierBundle(id(permissionP1a), + id(permissionP1b), id(permissionP2)); + actualIds = factory.getIdentifierBundle(req); + assertEqualIds("two public sets", expectedIds, actualIds); + } + + @Test + public void loggedInNoSets() { + LoginStatusBean.setBean(session, lsb); + + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("no logged in sets", expectedIds, actualIds); + } + + @Test + public void loggedInEmptySet() { + LoginStatusBean.setBean(session, lsb); + user.setPermissionSetUris(list(emptyLoggedInPermissionSet.getUri())); + + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("empty logged in set", expectedIds, actualIds); + } + + @Test + public void loggedInOneSet() { + LoginStatusBean.setBean(session, lsb); + user.setPermissionSetUris(list(loggedInPermissionSet1.getUri())); + + expectedIds = new ArrayIdentifierBundle(id(permissionLI1)); + actualIds = factory.getIdentifierBundle(req); + assertEqualIds("one logged in set", expectedIds, actualIds); + } + + @Test + public void loggedInTwoSets() { + LoginStatusBean.setBean(session, lsb); + user.setPermissionSetUris(list(loggedInPermissionSet1.getUri(), + loggedInPermissionSet2.getUri())); + + expectedIds = new ArrayIdentifierBundle(id(permissionLI1), + id(permissionLI2a), id(permissionLI2b)); + actualIds = factory.getIdentifierBundle(req); + assertEqualIds("two logged in sets", expectedIds, actualIds); + } + + // ---------------------------------------------------------------------- + // helper methods + // ---------------------------------------------------------------------- + + private void setPermissions(PermissionSet ps, Permission... permissions) { + List uris = new ArrayList(); + for (Permission p : permissions) { + uris.add(p.getUri()); + } + ps.setPermissionUris(uris); + } + + private HasPermission id(Permission p) { + return new HasPermission(p); + } + + private List list(T... elements) { + List l = new ArrayList(); + for (T element : elements) { + l.add(element); + } + return l; + } + + private void assertEqualIds(String message, IdentifierBundle expected, + IdentifierBundle actual) { + Set expectedSet = new HashSet(); + for (Identifier id : expected) { + expectedSet.add((HasPermission) id); + } + Set actualSet = new HashSet(); + for (Identifier id : actual) { + actualSet.add((HasPermission) id); + } + assertEqualSets(message, expectedSet, actualSet); + } + + private static class MyPermission extends Permission { + public MyPermission(String uri) { + super(uri); + } + + @Override + public boolean isAuthorized(RequestedAction whatToAuth) { + return false; + } + + } +} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactoryTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactoryTest.java new file mode 100644 index 000000000..2c08c0e16 --- /dev/null +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactoryTest.java @@ -0,0 +1,99 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import static org.junit.Assert.assertEquals; + +import org.junit.Before; +import org.junit.Test; + +import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub; +import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub; +import stubs.javax.servlet.ServletContextStub; +import stubs.javax.servlet.http.HttpServletRequestStub; +import stubs.javax.servlet.http.HttpSessionStub; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; +import edu.cornell.mannlib.vitro.testing.AbstractTestClass; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser; +import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; + +/** + * Can we tell whether a user is logged in as root? + */ +public class IsRootUserFactoryTest extends AbstractTestClass { + private static final String PLAIN_USER_URI = "http://userUri"; + private static final String ROOT_USER_URI = "http://rootUri"; + + private WebappDaoFactoryStub wdf; + private UserAccountsDaoStub uaDao; + + private ServletContextStub ctx; + private HttpSessionStub session; + private HttpServletRequestStub req; + + private IsRootUserFactory factory; + + private IdentifierBundle actualIds; + private IdentifierBundle expectedIds; + + @Before + public void setup() { + UserAccount plainUser = new UserAccount(); + plainUser.setUri(PLAIN_USER_URI); + + UserAccount rootUser = new UserAccount(); + rootUser.setUri(ROOT_USER_URI); + rootUser.setRootUser(true); + + uaDao = new UserAccountsDaoStub(); + uaDao.addUser(plainUser); + uaDao.addUser(rootUser); + + wdf = new WebappDaoFactoryStub(); + wdf.setUserAccountsDao(uaDao); + + ctx = new ServletContextStub(); + ctx.setAttribute("webappDaoFactory", wdf); + + session = new HttpSessionStub(); + session.setServletContext(ctx); + + req = new HttpServletRequestStub(); + req.setSession(session); + + factory = new IsRootUserFactory(ctx); + } + + @Test + public void notLoggedIn() { + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("empty bundle", expectedIds, actualIds); + } + + @Test + public void loggedInNotRoot() { + LoginStatusBean lsb = new LoginStatusBean(PLAIN_USER_URI, + AuthenticationSource.EXTERNAL); + LoginStatusBean.setBean(session, lsb); + + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("not root", expectedIds, actualIds); + } + + @Test + public void loggedInAsRoot() { + LoginStatusBean lsb = new LoginStatusBean(ROOT_USER_URI, + AuthenticationSource.EXTERNAL); + LoginStatusBean.setBean(session, lsb); + + expectedIds = new ArrayIdentifierBundle(IsRootUser.INSTANCE); + actualIds = factory.getIdentifierBundle(req); + assertEquals("root", expectedIds, actualIds); + } + +} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactoryTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactoryTest.java new file mode 100644 index 000000000..9d20003dd --- /dev/null +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactoryTest.java @@ -0,0 +1,72 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory; + +import static org.junit.Assert.assertEquals; + +import org.junit.Before; +import org.junit.Test; + +import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub; +import stubs.javax.servlet.ServletContextStub; +import stubs.javax.servlet.http.HttpServletRequestStub; +import stubs.javax.servlet.http.HttpSessionStub; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; +import edu.cornell.mannlib.vitro.testing.AbstractTestClass; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser; + +/** + * The simplest of the IdentifierBundleFactory classes. + */ +public class IsUserFactoryTest extends AbstractTestClass { + private static final String USER_URI = "http://userUri"; + + private WebappDaoFactoryStub wdf; + + private ServletContextStub ctx; + private HttpSessionStub session; + private HttpServletRequestStub req; + + private IsUserFactory factory; + + private IdentifierBundle actualIds; + private IdentifierBundle expectedIds; + + @Before + public void setup() { + wdf = new WebappDaoFactoryStub(); + + ctx = new ServletContextStub(); + ctx.setAttribute("webappDaoFactory", wdf); + + session = new HttpSessionStub(); + session.setServletContext(ctx); + + req = new HttpServletRequestStub(); + req.setSession(session); + + factory = new IsUserFactory(ctx); + } + + @Test + public void notLoggedIn() { + expectedIds = new ArrayIdentifierBundle(); + actualIds = factory.getIdentifierBundle(req); + assertEquals("empty bundle", expectedIds, actualIds); + } + + @Test + public void loggedIn() { + LoginStatusBean lsb = new LoginStatusBean(USER_URI, + AuthenticationSource.EXTERNAL); + LoginStatusBean.setBean(session, lsb); + + expectedIds = new ArrayIdentifierBundle(new IsUser(USER_URI)); + actualIds = factory.getIdentifierBundle(req); + assertEquals("user id", expectedIds, actualIds); + } + +} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java index b9518c3e2..d62993f30 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java @@ -36,7 +36,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; import edu.cornell.mannlib.vitro.testing.AbstractTestClass; import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory; import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; @@ -163,7 +163,7 @@ public class AuthenticateTest extends AbstractTestClass { new ConfigurationPropertiesStub().setBean(servletContext); ActiveIdentifierBundleFactories.addFactory(servletContext, - new CommonIdentifierBundleFactory(servletContext)); + new HasRoleLevelFactory(servletContext)); } private UserAccount createUserFromUserInfo(UserInfo userInfo) {