Skip to content

Commit

Permalink
refactor: Introduce administrative permission service (#3172)
Browse files Browse the repository at this point in the history
  • Loading branch information
@seakayone
seakayone authored Apr 9, 2024
1 parent 752e350 commit 80ca581
Show file tree
Hide file tree
Showing 25 changed files with 507 additions and 930 deletions.
6 changes: 3 additions & 3 deletions integration/src/test/scala/org/knora/webapi/core/LayersTest.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,9 @@ object LayersTest {
ApiRoutes & AdminApiEndpoints & ApiV2Endpoints & AppRouter & AssetPermissionsResponder & Authenticator &
AuthorizationRestService & CacheServiceRequestMessageHandler & CardinalityHandler & ConstructResponseUtilV2 &
DspIngestClient & GravsearchTypeInspectionRunner & GroupsResponderADM & GroupsRestService & GroupService &
HttpServer & IIIFRequestMessageHandler & InferenceOptimizationService & IriConverter & ListsResponder &
HttpServer & IIIFRequestMessageHandler & InferenceOptimizationService & IriConverter & KnoraUserToUserConverter & ListsResponder &
ListsResponderV2 & MessageRelay & OntologyCache & OntologyHelpers & OntologyInferencer & OntologyRepo &
OntologyResponderV2 & PermissionUtilADM & PermissionsResponderADM & PermissionsRestService & ProjectExportService &
OntologyResponderV2 & PermissionUtilADM & PermissionsResponder & PermissionsRestService & ProjectExportService &
ProjectExportStorageService & ProjectImportService & ProjectService & ProjectRestService & QueryTraverser &
RepositoryUpdater & ResourceUtilV2 & ResourcesResponderV2 & RestCardinalityService & SearchApiRoutes &
SearchResponderV2 & StandoffResponderV2 & StandoffTagUtilV2 & State & TestClientService & TriplestoreService &
Expand Down Expand Up @@ -134,7 +134,7 @@ object LayersTest {
OntologyRepoLive.layer,
OntologyResponderV2Live.layer,
PermissionUtilADMLive.layer,
PermissionsResponderADMLive.layer,
PermissionsResponder.layer,
PredicateObjectMapper.layer,
PredicateRepositoryLive.layer,
ProjectExportServiceLive.layer,
Expand Down
35 changes: 6 additions & 29 deletions ...nora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import java.util.UUID
import dsp.errors.BadRequestException
import dsp.errors.ForbiddenException
import org.knora.webapi.CoreSpec
import org.knora.webapi.responders.admin.PermissionsResponderADM
import org.knora.webapi.responders.admin.PermissionsResponder
import org.knora.webapi.routing.UnsafeZioRun
import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._
import org.knora.webapi.sharedtestdata.SharedTestDataADM2._
Expand Down Expand Up @@ -40,29 +40,6 @@ class PermissionsMessagesADMSpec extends CoreSpec {
)
assert(caught.getMessage === s"Invalid permission IRI: $permissionIri.")
}

"return 'BadRequest' if the supplied project IRI for AdministrativePermissionForProjectGroupGetADM is not valid" in {
val projectIri = "invalid-project-IRI"
val caught = intercept[BadRequestException](
AdministrativePermissionForProjectGroupGetADM(
projectIri = projectIri,
groupIri = KnoraGroupRepo.builtIn.ProjectMember.id.value,
requestingUser = SharedTestDataADM.imagesUser01,
),
)
assert(caught.getMessage === s"Invalid project IRI $projectIri")
}

"return 'ForbiddenException' if the user requesting AdministrativePermissionForProjectGroupGetADM is not system or project Admin" in {
val caught = intercept[ForbiddenException](
AdministrativePermissionForProjectGroupGetADM(
projectIri = SharedTestDataADM.imagesProjectIri,
groupIri = KnoraGroupRepo.builtIn.ProjectMember.id.value,
requestingUser = SharedTestDataADM.imagesUser02,
),
)
assert(caught.getMessage === "Administrative permission can only be queried by system and project admin.")
}
}

"Administrative Permission Create Requests" should {
Expand Down Expand Up @@ -488,7 +465,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
),
)
val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponder](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
"Invalid value for name parameter of hasPermissions: invalid, it should be one of " +
Expand All @@ -507,7 +484,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
)

val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponder](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
s"Invalid value for permissionCode parameter of hasPermissions: $invalidCode, it should be one of " +
Expand All @@ -525,7 +502,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
)

val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponder](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
s"Given permission code 2 and permission name CR are not consistent.",
Expand All @@ -543,7 +520,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
)

val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponder](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
s"One of permission code or permission name must be provided for a default object access permission.",
Expand All @@ -560,7 +537,7 @@ class PermissionsMessagesADMSpec extends CoreSpec {
),
)
val exit =
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions)))
UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponder](_.verifyHasPermissionsDOAP(hasPermissions)))
assertFailsWithA[BadRequestException](
exit,
s"additionalInformation of a default object access permission type cannot be empty.",
Expand Down
Loading

0 comments on commit 80ca581

Please sign in to comment.