tests/org.eclipse.emf.emfstore.server.test/src/org/eclipse/emf/emfstore/server/accesscontrol/test/ProjectAdminTest.java

/*******************************************************************************
 * Copyright (c) 2011-2014 EclipseSource Muenchen GmbH and others.
 *
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 * Edgar - initial API and implementation
 ******************************************************************************/
package org.eclipse.emf.emfstore.server.accesscontrol.test;

import static org.junit.Assert.fail;

import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.eclipse.emf.ecore.EClass;
import org.eclipse.emf.emfstore.client.test.common.cases.ESTestWithLoggedInUserMock;
import org.eclipse.emf.emfstore.client.test.common.dsl.Roles;
import org.eclipse.emf.emfstore.client.test.common.util.ServerUtil;
import org.eclipse.emf.emfstore.internal.client.model.AdminBroker;
import org.eclipse.emf.emfstore.internal.client.model.ESWorkspaceProviderImpl;
import org.eclipse.emf.emfstore.internal.client.model.impl.AdminBrokerImpl;
import org.eclipse.emf.emfstore.internal.client.model.impl.api.ESServerImpl;
import org.eclipse.emf.emfstore.internal.client.model.impl.api.ESUsersessionImpl;
import org.eclipse.emf.emfstore.internal.server.ServerConfiguration;
import org.eclipse.emf.emfstore.internal.server.exceptions.ConnectionException;
import org.eclipse.emf.emfstore.internal.server.model.ProjectId;
import org.eclipse.emf.emfstore.internal.server.model.SessionId;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACOrgUnit;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACOrgUnitId;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACUser;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.ProjectAdminRole;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.Role;
import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.RolesPackage;
import org.eclipse.emf.emfstore.server.auth.ESProjectAdminPrivileges;
import org.eclipse.emf.emfstore.server.exceptions.ESException;
import org.junit.After;
import org.junit.Before;

/**
 *
 * <b>NOTE</b>: Remember to start the server by calling {@code startEMFStore(Map)} within an {@code @BeforeClass} block.
 *
 * @author emueller
 *
 */
public class ProjectAdminTest extends ESTestWithLoggedInUserMock {

	private static final String USERNAME = "Hans"; //$NON-NLS-1$
	private static final String GROUP = "Group"; //$NON-NLS-1$
	private static final String OTHER_GROUP = "OtherGroup"; //$NON-NLS-1$

	private static final String PASSWORD = "secret"; //$NON-NLS-1$

	private static final String NEW_USER_NAME = "quux"; //$NON-NLS-1$

	private static AdminBroker adminBroker;
	private static AdminBroker superAdminBroker;

	public static void startEMFStoreWithPAProperties(ESProjectAdminPrivileges... projectAdminPrivileges) {
		final Map<String, String> properties = new LinkedHashMap<String, String>();
		properties.put(ServerConfiguration.PROJECT_ADMIN_PRIVILEGES_KEY,
			StringUtils.join(projectAdminPrivileges, ServerConfiguration.MULTI_PROPERTY_SEPERATOR));
		startEMFStore(properties);
	}

	/**
	 * Returns the admin broker that is bound to the {@link #getUsersession()}.
	 *
	 * @return the admin broker that is bound to the {@link #getUsersession()}
	 */
	public static AdminBroker getAdminBroker() {
		return adminBroker;
	}

	/**
	 * @return the superAdminBroker
	 */
	public static AdminBroker getSuperAdminBroker() {
		return superAdminBroker;
	}

	/**
	 * {@inheritDoc}
	 *
	 * @see org.eclipse.emf.emfstore.client.test.common.cases.ESTestWithLoggedInUserMock#getUser()
	 */
	@Override
	public String getUser() {
		return USERNAME;
	}

	public static String getNewUsername() {
		return NEW_USER_NAME;
	}

	public static String getNewGroupName() {
		return GROUP;
	}

	public static String getNewOtherGroupName() {
		return OTHER_GROUP;
	}

	/**
	 * {@inheritDoc}
	 *
	 * @see org.eclipse.emf.emfstore.client.test.common.cases.ESTestWithLoggedInUserMock#getPassword()
	 */
	@Override
	public String getPassword() {
		return PASSWORD;
	}

	@Override
	@After
	public void after() {
		ACUser user;
		try {
			user = ServerUtil.getUser(getSuperUsersession(), NEW_USER_NAME);
			if (user != null) {
				ESWorkspaceProviderImpl.getInstance().getAdminConnectionManager().deleteUser(
					((ESUsersessionImpl) getSuperUsersession()).toInternalAPI().getSessionId(),
					user.getId());
			}
		} catch (final ESException ex) {
			fail(ex.getMessage());
		}
		super.after();
	}

	@Override
	@Before
	public void before() {
		super.before();
		try {
			adminBroker = new AdminBrokerImpl(
				((ESServerImpl) getServer()).toInternalAPI(),
				((ESUsersessionImpl) getUsersession()).toInternalAPI().getSessionId());
			superAdminBroker = new AdminBrokerImpl(
				((ESServerImpl) getServer()).toInternalAPI(),
				((ESUsersessionImpl) getSuperUsersession()).toInternalAPI().getSessionId());
		} catch (final ConnectionException ex) {
			fail(ex.getMessage());
		}
	}

	public SessionId getSessionId() {
		return ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI().getSessionId();
	}

	/**
	 * Uses the {@link #getSuperUsersession()} to assign the {@link #getUser()} a
	 * {@link org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.ProjectAdminRole
	 * ProjectAdminRole}.
	 *
	 * @throws ESException
	 */
	public void makeUserPA() throws ESException {
		final ACUser user = ServerUtil.getUser(getSuperUsersession(), getUser());
		final AdminBroker broker = new AdminBrokerImpl(
			((ESServerImpl) getServer()).toInternalAPI(),
			((ESUsersessionImpl) getSuperUsersession()).toInternalAPI().getSessionId());
		broker.assignRole(user.getId(), RolesPackage.eINSTANCE.getProjectAdminRole());
	}

	public void makeUserSA() throws ESException {
		final ACUser user = ServerUtil.getUser(getSuperUsersession(), getUser());
		final AdminBroker broker = new AdminBrokerImpl(
			((ESServerImpl) getServer()).toInternalAPI(),
			((ESUsersessionImpl) getSuperUsersession()).toInternalAPI().getSessionId());
		broker.assignRole(user.getId(), RolesPackage.eINSTANCE.getServerAdmin());
		// getUsersession().logout();
		// getUsersession().refresh();
	}

	public static boolean hasProjectAdminRole(ACOrgUnitId orgUnitId) throws ESException {
		return hasRole(orgUnitId, Roles.projectAdmin());
	}

	public static boolean hasProjectAdminRole(ACUser user, ProjectId projectId) throws ESException {
		final ACOrgUnit<?> orgUnit = getSuperAdminBroker().getOrgUnit(user.getId());

		final List<Role> roles = orgUnit.getRoles();
		for (final Role role : roles) {
			if (role.eClass().equals(RolesPackage.eINSTANCE.getProjectAdminRole())) {
				final ProjectAdminRole projectAdminRole = ProjectAdminRole.class.cast(role);
				return projectAdminRole.getProjects().contains(projectId);
			}
		}

		return false;

	}

	public static boolean hasReaderRole(ACOrgUnitId orgUnitId) throws ESException {
		return hasRole(orgUnitId, RolesPackage.eINSTANCE.getReaderRole());
	}

	public static boolean hasWriterRole(ACOrgUnitId orgUnitId) throws ESException {
		return hasRole(orgUnitId, RolesPackage.eINSTANCE.getWriterRole());
	}

	public static boolean hasRole(ACOrgUnitId orgUnitId, EClass expectedRole) throws ESException {

		final ACOrgUnit<?> orgUnit = getSuperAdminBroker().getOrgUnit(orgUnitId);

		final List<Role> roles = orgUnit.getRoles();
		for (final Role role : roles) {
			if (role.eClass().equals(expectedRole)) {
				return true;
			}
		}

		return false;
	}
}