Skip to content
Snippets Groups Projects
Verified Commit 0ba230c7 authored by Timm Fitschen's avatar Timm Fitschen
Browse files

Merge branch 'f-get-owner' into f-grpc-f-acm

parents 97e678bd 47917414
No related branches found
No related tags found
2 merge requests!58REL: prepare release 0.7.2,!45F grpc f acm
......@@ -193,7 +193,9 @@ public class EntityACL {
public static final List<ResponsibleAgent> getOwners(final Collection<EntityACI> acl) {
final List<ResponsibleAgent> owners = new ArrayList<>();
for (final EntityACI aci : acl) {
if (isOwnerBitSet(aci.getBitSet()) && !aci.getResponsibleAgent().equals(OWNER_ROLE)) {
if (aci.isGrant()
&& isOwnerBitSet(aci.getBitSet())
&& !aci.getResponsibleAgent().equals(OWNER_ROLE)) {
owners.add(aci.getResponsibleAgent());
}
}
......
......@@ -455,4 +455,37 @@ public class EntityACLTest {
assertTrue(EntityACL.isPriorityBitSet(aci.getBitSet()));
}
}
@Test
public void testOwnership() {
EntityACLFactory f = new EntityACLFactory();
f.grant(
org.caosdb.server.permissions.Role.create("the_owner"), false, EntityPermission.EDIT_ACL);
f.deny(
org.caosdb.server.permissions.Role.create("someone_else"),
false,
EntityPermission.EDIT_ACL);
EntityACL acl = f.create();
assertEquals(1, acl.getOwners().size());
assertEquals("the_owner", acl.getOwners().get(0).toString());
}
@Test
public void testPermissionsFor() {
EntityACLFactory f = new EntityACLFactory();
f.deny(org.caosdb.server.permissions.Role.ANONYMOUS_ROLE, false, EntityPermission.EDIT_ACL);
f.grant(org.caosdb.server.permissions.Role.OWNER_ROLE, false, "*");
EntityACL acl = f.create();
Subject anonymous = SecurityUtils.getSubject();
anonymous.login(AnonymousAuthenticationToken.getInstance());
assertTrue(AuthenticationUtils.isAnonymous(anonymous));
assertNotNull(acl);
assertTrue(acl.getOwners().isEmpty());
final Set<EntityPermission> permissionsFor =
EntityACL.getPermissionsFor(anonymous, acl.getRules());
assertFalse(permissionsFor.contains(EntityPermission.RETRIEVE_ENTITY));
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment