diff --git a/src/main/java/caosdb/server/CaosAuthenticator.java b/src/main/java/caosdb/server/CaosAuthenticator.java
index d07c047d1ec3c66da1064a331778c618a186d26a..f2297c56ab843cd16d3997fc6ac8985d5c5ac33c 100644
--- a/src/main/java/caosdb/server/CaosAuthenticator.java
+++ b/src/main/java/caosdb/server/CaosAuthenticator.java
@@ -22,6 +22,10 @@
*/
package caosdb.server;
+import caosdb.server.accessControl.AnonymousAuthenticationToken;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.resource.DefaultResource;
+import caosdb.server.utils.ServerMessages;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
@@ -32,10 +36,6 @@ import org.restlet.Response;
import org.restlet.security.Authenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import caosdb.server.accessControl.AnonymousAuthenticationToken;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.resource.DefaultResource;
-import caosdb.server.utils.ServerMessages;
public class CaosAuthenticator extends Authenticator {
diff --git a/src/main/java/caosdb/server/CaosDBServer.java b/src/main/java/caosdb/server/CaosDBServer.java
index f5495256640edf4e97169ed089a9cfb3b57dc849..eb4f7df164b7362641d0c963332b4905291f2642 100644
--- a/src/main/java/caosdb/server/CaosDBServer.java
+++ b/src/main/java/caosdb/server/CaosDBServer.java
@@ -19,6 +19,51 @@
*/
package caosdb.server;
+import caosdb.server.accessControl.AnonymousAuthenticationToken;
+import caosdb.server.accessControl.AnonymousRealm;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.CaosDBAuthorizingRealm;
+import caosdb.server.accessControl.CaosDBDefaultRealm;
+import caosdb.server.accessControl.OneTimeAuthenticationToken;
+import caosdb.server.accessControl.SessionToken;
+import caosdb.server.accessControl.SessionTokenRealm;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.transaction.RetrieveDatatypes;
+import caosdb.server.database.misc.TransactionBenchmark;
+import caosdb.server.datatype.AbstractDatatype;
+import caosdb.server.entity.EntityInterface;
+import caosdb.server.entity.Role;
+import caosdb.server.entity.container.Container;
+import caosdb.server.logging.RequestErrorLogMessage;
+import caosdb.server.resource.AuthenticationResource;
+import caosdb.server.resource.DefaultResource;
+import caosdb.server.resource.EntityOwnerResource;
+import caosdb.server.resource.EntityPermissionsResource;
+import caosdb.server.resource.FileSystemResource;
+import caosdb.server.resource.InfoResource;
+import caosdb.server.resource.LogoutResource;
+import caosdb.server.resource.PermissionRulesResource;
+import caosdb.server.resource.RolesResource;
+import caosdb.server.resource.ScriptingResource;
+import caosdb.server.resource.ServerLogsResource;
+import caosdb.server.resource.ServerPropertiesResource;
+import caosdb.server.resource.SharedFileResource;
+import caosdb.server.resource.ThumbnailsResource;
+import caosdb.server.resource.UserResource;
+import caosdb.server.resource.UserRolesResource;
+import caosdb.server.resource.Webinterface;
+import caosdb.server.resource.WebinterfaceBuildNumber;
+import caosdb.server.resource.transaction.EntityNamesResource;
+import caosdb.server.resource.transaction.EntityResource;
+import caosdb.server.terminal.CaosDBTerminal;
+import caosdb.server.terminal.StatsPanel;
+import caosdb.server.terminal.SystemErrPanel;
+import caosdb.server.transaction.ChecksumUpdater;
+import caosdb.server.utils.FileUtils;
+import caosdb.server.utils.Initialization;
+import caosdb.server.utils.NullPrintStream;
+import caosdb.server.utils.Utils;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -66,51 +111,6 @@ import org.restlet.routing.Variable;
import org.restlet.util.Series;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import caosdb.server.accessControl.AnonymousAuthenticationToken;
-import caosdb.server.accessControl.AnonymousRealm;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.accessControl.CaosDBAuthorizingRealm;
-import caosdb.server.accessControl.CaosDBDefaultRealm;
-import caosdb.server.accessControl.OneTimeAuthenticationToken;
-import caosdb.server.accessControl.SessionToken;
-import caosdb.server.accessControl.SessionTokenRealm;
-import caosdb.server.database.BackendTransaction;
-import caosdb.server.database.access.Access;
-import caosdb.server.database.backend.transaction.RetrieveDatatypes;
-import caosdb.server.database.misc.TransactionBenchmark;
-import caosdb.server.datatype.AbstractDatatype;
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.entity.Role;
-import caosdb.server.entity.container.Container;
-import caosdb.server.logging.RequestErrorLogMessage;
-import caosdb.server.resource.AuthenticationResource;
-import caosdb.server.resource.DefaultResource;
-import caosdb.server.resource.EntityOwnerResource;
-import caosdb.server.resource.EntityPermissionsResource;
-import caosdb.server.resource.FileSystemResource;
-import caosdb.server.resource.InfoResource;
-import caosdb.server.resource.LogoutResource;
-import caosdb.server.resource.PermissionRulesResource;
-import caosdb.server.resource.RolesResource;
-import caosdb.server.resource.ScriptingResource;
-import caosdb.server.resource.ServerLogsResource;
-import caosdb.server.resource.ServerPropertiesResource;
-import caosdb.server.resource.SharedFileResource;
-import caosdb.server.resource.ThumbnailsResource;
-import caosdb.server.resource.UserResource;
-import caosdb.server.resource.UserRolesResource;
-import caosdb.server.resource.Webinterface;
-import caosdb.server.resource.WebinterfaceBuildNumber;
-import caosdb.server.resource.transaction.EntityNamesResource;
-import caosdb.server.resource.transaction.EntityResource;
-import caosdb.server.terminal.CaosDBTerminal;
-import caosdb.server.terminal.StatsPanel;
-import caosdb.server.terminal.SystemErrPanel;
-import caosdb.server.transaction.ChecksumUpdater;
-import caosdb.server.utils.FileUtils;
-import caosdb.server.utils.Initialization;
-import caosdb.server.utils.NullPrintStream;
-import caosdb.server.utils.Utils;
public class CaosDBServer extends Application {
diff --git a/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java b/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
index 252218bd99abce5dd0ef90a1b8ba19a548448e21..9dd660e54fc6c91d97470467dcddef01fd7e4d05 100644
--- a/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
+++ b/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
@@ -23,17 +23,18 @@
package caosdb.server.accessControl;
import static caosdb.server.utils.Utils.URLDecodeWithUTF8;
+
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
+import caosdb.server.permissions.ResponsibleAgent;
+import caosdb.server.permissions.Role;
+import caosdb.server.utils.Utils;
import java.sql.Timestamp;
import java.util.Collection;
import java.util.LinkedList;
import org.apache.shiro.subject.Subject;
import org.restlet.data.Cookie;
import org.restlet.data.CookieSetting;
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
-import caosdb.server.permissions.ResponsibleAgent;
-import caosdb.server.permissions.Role;
-import caosdb.server.utils.Utils;
/**
* Useful static methods, mainly for parsing and serializing SessionTokens by the means of web
@@ -50,7 +51,7 @@ public class AuthenticationUtils {
public static boolean isAnonymous(Subject user) {
return AnonymousAuthenticationToken.PRINCIPAL.equals(user.getPrincipal());
}
-
+
public static boolean isAnonymous(Principal principal) {
return AnonymousAuthenticationToken.PRINCIPAL.equals(principal);
}
@@ -143,7 +144,7 @@ public class AuthenticationUtils {
}
// TODO move
- public static boolean isResponsibleAgentExistent(final ResponsibleAgent agent) {
+ public static boolean isResponsibleAgentExistent(final ResponsibleAgent agent) {
// 1) check OWNER, OTHER
if (Role.OTHER_ROLE.equals(agent) || Role.OWNER_ROLE.equals(agent)) {
return true;
diff --git a/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java b/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
index f0f57a1d4a82056155c683721b5f162bde177d42..72edefb303b4391321f30b807e951fd407962a43 100644
--- a/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
+++ b/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
@@ -22,6 +22,11 @@
*/
package caosdb.server.accessControl;
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.ObjectReader;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -45,11 +50,6 @@ import org.quartz.JobExecutionException;
import org.quartz.SchedulerException;
import org.quartz.Trigger;
import org.quartz.TriggerBuilder;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.ObjectReader;
-import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
class ConsumedInfo {
diff --git a/src/main/java/caosdb/server/accessControl/UserSources.java b/src/main/java/caosdb/server/accessControl/UserSources.java
index 55c36d44bfe87c3d3866d06192e5daa0cddd132b..2b3019f9655a972267668ba1dc2166bfc8f23a06 100644
--- a/src/main/java/caosdb/server/accessControl/UserSources.java
+++ b/src/main/java/caosdb/server/accessControl/UserSources.java
@@ -22,6 +22,12 @@
*/
package caosdb.server.accessControl;
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
+import caosdb.server.entity.Message;
+import caosdb.server.transaction.RetrieveRoleTransaction;
+import caosdb.server.transaction.RetrieveUserTransaction;
+import caosdb.server.utils.ServerMessages;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -33,12 +39,6 @@ import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.config.Ini;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
-import caosdb.server.entity.Message;
-import caosdb.server.transaction.RetrieveRoleTransaction;
-import caosdb.server.transaction.RetrieveUserTransaction;
-import caosdb.server.utils.ServerMessages;
public class UserSources extends HashMap<String, UserSource> {
diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java
deleted file mode 100644
index 30dd77e0c0fc7f97f85db7d45c00cf762badc695..0000000000000000000000000000000000000000
--- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java
+++ /dev/null
@@ -1,562 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import static caosdb.server.permissions.Role.ANONYMOUS_ROLE;
-
-import caosdb.server.accessControl.UserSources;
-import caosdb.server.database.exceptions.EntityDoesNotExistException;
-import caosdb.server.datatype.SingleValue;
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.entity.Message;
-import caosdb.server.entity.Message.MessageType;
-import caosdb.server.entity.wrapper.Property;
-import caosdb.server.jobs.JobAnnotation;
-import caosdb.server.jobs.core.CheckPropValid;
-import caosdb.server.permissions.EntityACL;
-import caosdb.server.permissions.EntityACLFactory;
-import caosdb.server.permissions.EntityPermission;
-import caosdb.server.query.Query;
-import caosdb.server.transaction.Delete;
-import caosdb.server.transaction.Insert;
-import caosdb.server.transaction.Update;
-import caosdb.server.utils.EntityStatus;
-import caosdb.server.utils.ServerMessages;
-import caosdb.server.utils.Utils;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Objects;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@JobAnnotation(transaction = caosdb.server.transaction.WriteTransaction.class, loadAlways = true)
-public class AWIBoxLoan extends AWIBoxLoanModel {
-
- public Logger logger = LoggerFactory.getLogger(getClass());
- private static final Message UNIQUE_USER =
- new Message("The user must have a unique combination of first name and last name!");
- private static final Message BOX_HAS_LOAN =
- new Message(
- "This box cannot be be requested right now because it appears to have a Loan property attached to it. This usually means, that the box is already requested or borrowed by someone.");
-
- @Override
- protected void run() {
- try {
- if (isAnonymous()
- && (getTransaction() instanceof Delete
- || isAcceptBorrowUpdateLoan()
- || isConfirmLoanUpdateLoan()
- || isRejectReturnUpdateLoan()
- || isAcceptReturnUpdateLoan()
- || isManualReturnUpdateBox()
- || isManualReturnUpdateLoan()
- || !(isRequestLoanSetUser()
- || isRequestLoanInsertLoan()
- || isRequestLoanUpdateBox()
- || isRequestReturnSetUser()
- || isRequestReturnUpdateLoan()))) {
- addError(ServerMessages.AUTHORIZATION_ERROR);
- getContainer()
- .addMessage(
- new Message(MessageType.Info, 0, "Anonymous users have restricted permissions."));
- return;
- }
- } catch (EntityDoesNotExistException exc) {
- addError(ServerMessages.AUTHORIZATION_ERROR);
- getContainer()
- .addMessage(
- new Message(MessageType.Info, 0, "Anonymous users have restricted permissions."));
- return;
- }
-
- try {
- if (!(getTransaction() instanceof Delete
- || isRequestLoanSetUser()
- || isRequestLoanInsertLoan()
- || isManualReturnUpdateLoan()
- || isManualReturnUpdateBox()
- || isRequestLoanUpdateBox()
- || isAcceptBorrowUpdateLoan()
- || isConfirmLoanUpdateLoan()
- || isRequestReturnSetUser()
- || isRequestReturnUpdateLoan()
- || isRejectReturnUpdateLoan())) {
- isAcceptReturnUpdateLoan();
- }
- } catch (EntityDoesNotExistException exc) {
- // ignore
- }
-
- // special ACL for boxes, loans and persons
- try {
- if (getTransaction() instanceof Insert) {
- for (EntityInterface e : getContainer()) {
- if (isBoxRecord(e)) {
- e.setEntityACL(EntityACL.combine(e.getEntityACL(), getBoxACL()));
- } else if (isLoanRecord(e)) {
- e.setEntityACL(EntityACL.combine(e.getEntityACL(), getLoanACL()));
- } else if (isPersonRecord(e)) {
- e.setEntityACL(EntityACL.combine(e.getEntityACL(), getPersonACL()));
- }
- }
- }
- } catch (EntityDoesNotExistException e) {
- }
- }
-
- boolean isManualReturnUpdateLoan() {
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasManualReturnLoanProperties(e)) {
- logger.trace("isManualReturnUpdateLoan: false");
- return false;
- }
- }
- for (EntityInterface e : getContainer()) {
- removeAnonymousPermissions(e);
- }
- logger.trace("isManualReturnUpdateLoan: true");
- return true;
- }
-
- boolean hasManualReturnLoanProperties(EntityInterface e) {
- for (Property p : e.getProperties()) {
- if (isReturnedProperty(p)) {
- return true;
- }
- }
- return false;
- }
-
- boolean isReturnedProperty(Property p) {
- return Objects.equals(p.getId(), getReturnedId());
- }
-
- void removeAnonymousPermissions(EntityInterface e) {
- EntityACLFactory f = new EntityACLFactory();
- f.deny(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_ADD_PROPERTY);
- f.deny(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_REMOVE_PROPERTY);
- e.setEntityACL(EntityACL.combine(e.getEntityACL(), f.create()));
- }
-
- boolean isManualReturnUpdateBox() {
- for (EntityInterface e : getContainer()) {
- if (!isBoxRecord(e) || !hasManualReturnBoxProperties(e)) {
- logger.trace("isManualReturnUpdateBox: false");
- return false;
- }
- }
- logger.trace("isManualReturnUpdateBox: true");
- return true;
- }
-
- boolean hasManualReturnBoxProperties(EntityInterface e) {
- return validBoxHasLoanProperty(e) && boxLoanHasReturnedProperty(e);
- }
-
- boolean boxLoanHasReturnedProperty(EntityInterface e) {
- try {
- EntityInterface validBox = retrieveValidEntity(e.getId());
-
- for (Property p : validBox.getProperties()) {
- if (isLoanProperty(p)) {
- return validLoanHasReturnedProperty(p.getId());
- }
- }
- } catch (EntityDoesNotExistException exc) {
- return false;
- }
- return false;
- }
-
- boolean validLoanHasReturnedProperty(Integer id) {
- try {
- EntityInterface validLoan = retrieveValidEntity(id);
- for (Property p : validLoan.getProperties()) {
- if (isReturnedProperty(p)) {
- return true;
- }
- }
- } catch (EntityDoesNotExistException exc) {
- return false;
- }
- return false;
- }
-
- boolean isLoanProperty(Property p) {
- return Objects.equals(p.getId(), getLoanId());
- }
-
- private boolean isRejectReturnUpdateLoan() {
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasRejectReturnProperties(e)) {
- logger.trace("isRejectReturnUpdateLoan: false");
- return false;
- }
- }
- for (EntityInterface e : getContainer()) {
- removeDestinationProperty(e);
- }
- logger.trace("isRejectReturnUpdateLoan: true");
- return true;
- }
-
- void removeDestinationProperty(EntityInterface e) {
- Iterator<Property> iterator = e.getProperties().iterator();
- while (iterator.hasNext()) {
- Property p = iterator.next();
- if (isDestinationProperty(p)) {
- iterator.remove();
- }
- }
- }
-
- boolean hasRejectReturnProperties(EntityInterface e) {
- boolean found = false;
- for (Property p : e.getProperties()) {
- if (isDestinationProperty(p)) {
- found = true;
- } else if (isReturnAcceptedProperty(p) || isReturnRequestProperty(p)) {
- logger.trace("hasRejectReturnProperties: false");
- return false;
- }
- }
- logger.trace("hasRejectReturnProperties found: {}", found);
- return found;
- }
-
- boolean isDestinationProperty(Property p) {
- return Objects.equals(p.getId(), getDestinationId());
- }
-
- boolean isAcceptReturnUpdateLoan() {
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasAcceptReturnProperties(e)) {
- logger.trace("isAcceptReturnUpdateLoan: false");
- return false;
- }
- }
- logger.trace("isAcceptReturnUpdateLoan: true");
- return true;
- }
-
- boolean hasAcceptReturnProperties(EntityInterface e) {
- boolean found = false;
- for (Property p : e.getProperties()) {
- if (isReturnAcceptedProperty(p)) {
- found = true;
- }
- }
- return found;
- }
-
- boolean isConfirmLoanUpdateLoan() {
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasConfirmLoanProperties(e)) {
- logger.trace("isConfirmLoanUpdateLoan: false");
- return false;
- }
- }
- // switch from destination to location
- for (EntityInterface e : getContainer()) {
- switchDestinationToLocation(e);
- }
- logger.trace("isConfirmLoanUpdateLoan: true");
- return true;
- }
-
- void switchDestinationToLocation(EntityInterface e) {
- Iterator<Property> iterator = e.getProperties().iterator();
- EntityInterface p = retrieveValidEntity(getLocationId());
- while (iterator.hasNext()) {
- Property next = iterator.next();
- if (isDestinationProperty(next)) {
- iterator.remove();
- p.setValue(next.getValue());
- e.addProperty(new Property(p));
- break;
- }
- }
- }
-
- boolean hasConfirmLoanProperties(EntityInterface e) {
- boolean found = false;
- for (Property p : e.getProperties()) {
- if (isLentProperty(p)) {
- found = true;
- } else if (isReturnAcceptedProperty(p) || isDestinationProperty(p)) {
- logger.trace("hasConfirmLoanProperties: false");
- return false;
- }
- }
- logger.trace("hasConfirmLoanProperties found: {}", found);
- return found;
- }
-
- boolean isAcceptBorrowUpdateLoan() {
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasLoanAcceptProperties(e)) {
- logger.trace("isAcceptBorrowUpdateLoan: false");
- return false;
- }
- }
- logger.trace("isAcceptBorrowUpdateLoan: true");
- return true;
- }
-
- boolean hasLoanAcceptProperties(EntityInterface e) {
- boolean found = false;
- for (Property p : e.getProperties()) {
- if (isLoanAcceptProperty(p)) {
- found = true;
- } else if (isLentProperty(p) || isReturnAcceptedProperty(p)) {
- logger.trace("hasLoanAcceptProperties: false");
- return false;
- }
- }
- logger.trace("hasLoanAcceptProperties found: {}", found);
- return found;
- }
-
- boolean isReturnAcceptedProperty(Property p) {
- return Objects.equals(p.getId(), getReturnAcceptedId());
- }
-
- boolean isLentProperty(Property p) {
- return Objects.equals(p.getId(), getLentId());
- }
-
- boolean isLoanAcceptProperty(Property p) {
- return Objects.equals(p.getId(), getLoanAcceptedId());
- }
-
- EntityACL getPersonACL() {
- // same as loan acl - property updates are allowed for anonymous.
- return getLoanACL();
- }
-
- EntityACL getLoanACL() {
- EntityACLFactory f = new EntityACLFactory();
- f.grant(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_ADD_PROPERTY);
- f.grant(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_REMOVE_PROPERTY);
- return f.create();
- }
-
- EntityACL getBoxACL() {
- EntityACLFactory f = new EntityACLFactory();
- f.grant(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_ADD_PROPERTY);
- f.grant(ANONYMOUS_ROLE, false, EntityPermission.UPDATE_REMOVE_PROPERTY);
- return f.create();
- }
-
- boolean isAnonymous() {
- boolean ret = getUser().hasRole(UserSources.ANONYMOUS_ROLE);
- logger.trace("is Anonymous: {}", ret);
- return ret;
- }
-
- boolean isRequestReturnUpdateLoan() {
- // is UPDATE transaction
- if (getTransaction() instanceof Update) {
- // Container has only loan elements with special properties
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e) || !hasOnlyAllowedLoanProperties4RequestReturn(e)) {
- logger.trace("isRequestReturnUpdateLoan: false");
- return false;
- }
- setReturnRequestedDate(e);
- }
- appendJob(AWIBoxLoanRequestReturnCuratorEmail.class);
- logger.trace("isRequestReturnUpdateLoan: true");
- return true;
- }
- logger.trace("isRequestReturnUpdateLoan: false");
- return false;
- }
-
- boolean isRequestReturnSetUser() {
- // same as request_loan.set_user
- logger.trace("isRequestReturnSetUser: ->");
- return isRequestLoanSetUser();
- }
-
- boolean isRequestLoanUpdateBox() {
- // is UPDATE transaction
- if (getTransaction() instanceof Update) {
- // Container has only box elements
- for (EntityInterface e : getContainer()) {
- if (validBoxHasLoanProperty(e)) {
- e.addError(BOX_HAS_LOAN);
- return false;
- }
- if (!isBoxRecord(e) || !hasOnlyAllowedBoxProperties4RequestLoan(e)) {
- return false;
- }
- // TODO this breaks the box loan functionality if any other prior changes have been made to
- // the box
- // appendJob(e, CheckNoAdditionalPropertiesPresent.class);
- }
- return true;
- }
- return false;
- }
-
- boolean validBoxHasLoanProperty(EntityInterface e) {
- try {
- EntityInterface validBox = retrieveValidEntity(e.getId());
- for (Property p : validBox.getProperties()) {
- if (isLoanProperty(p)) {
- return true;
- }
- }
- } catch (EntityDoesNotExistException exc) {
- return false;
- }
- return false;
- }
-
- /** Has only one new property -> Loan. */
- boolean hasOnlyAllowedBoxProperties4RequestLoan(EntityInterface e) {
- int count = 0;
- for (Property p : e.getProperties()) {
- if (p.getEntityStatus() == EntityStatus.QUALIFIED && Objects.equals(p.getId(), getLoanId())) {
- count++;
- }
- }
-
- // Box has only one update, a loan property
- return count == 1;
- }
-
- boolean isRequestLoanInsertLoan() {
- // is INSERT transaction
- if (getTransaction() instanceof Insert) {
- // Container has only loan elements
- for (EntityInterface e : getContainer()) {
- if (!isLoanRecord(e)) {
- return false;
- }
- }
- for (EntityInterface e : getContainer()) {
- if (isAnonymous()) {
- setCuratorAsOwner(e);
- }
- setLoanRequestDate(e);
- // TODO this check breaks the box loan functionality if any other changes have been made to
- // the box entity
- // appendJob(e, CheckNoAdditionalPropertiesPresent.class);
- // appendJob(e, CheckNoOverridesPresent.class);
- }
- appendJob(AWIBoxLoanRequestLoanCuratorEmail.class);
- return true;
- }
- return false;
- }
-
- void setCuratorAsOwner(EntityInterface e) {
- e.setEntityACL(EntityACL.getOwnerACLFor(caosdb.server.permissions.Role.create("curator")));
- }
-
- void setReturnRequestedDate(EntityInterface e) {
- // TODO setDateProperty(e, getReturnRequestedId());
- }
-
- private void setDateProperty(EntityInterface e, Integer propertyId) {
- // TODO
- EntityInterface p = retrieveValidEntity(propertyId);
- p.setValue(getTransaction().getTimestamp());
- e.addProperty(new Property(p));
- }
-
- void setLoanRequestDate(EntityInterface e) {
- // TODO setDateProperty(e, getLoanRequestedId());
- }
-
- boolean isRequestLoanSetUser() {
- // is INSERT/UPDATE transaction
- // Container has only one element, user
- if ((getTransaction() instanceof Update || getTransaction() instanceof Insert)
- && getContainer().size() == 1
- && isPersonRecord(getContainer().get(0))
- && checkUniqueName(getContainer().get(0))
- && checkEmail(getContainer().get(0))) {
- // TODO this check breaks the box loan functionality if any other changes have been made to
- // the box entity
- // appendJob(getContainer().get(0), CheckNoAdditionalPropertiesPresent.class);
- // appendJob(getContainer().get(0), CheckNoOverridesPresent.class);
- logger.trace("isRequestReturnSetUser: true");
- return true;
- }
- logger.trace("isRequestReturnSetUser: false");
- return false;
- }
-
- boolean checkEmail(EntityInterface entity) {
- runJobFromSchedule(entity, CheckPropValid.class);
- for (Property p : entity.getProperties()) {
- if (Objects.equals(p.getId(), getEmailID()) && p.getValue() instanceof SingleValue) {
- if (!Utils.isRFC822Compliant(((SingleValue) p.getValue()).toDatabaseString())) {
- p.addError(ServerMessages.EMAIL_NOT_WELL_FORMED);
- } else {
- p.setName("email"); // TODO fix webinterface to use lower-case email
- p.setNameOverride(false);
- }
- return true;
- }
- }
- return false;
- }
-
- private boolean checkUniqueName(EntityInterface entity) {
- String firstName = null;
- String lastName = null;
- Query q =
- new Query(
- "FIND "
- + getPersonID().toString()
- + " WITH "
- + getFirstNameId().toString()
- + "='"
- + firstName
- + "' AND "
- + getLastNameId().toString()
- + "='"
- + lastName
- + "'",
- getUser())
- .execute(getTransaction().getAccess());
- List<Integer> resultSet = q.getResultSet();
- if (resultSet.isEmpty()
- || (resultSet.size() == 1 && Objects.equals(resultSet.get(0), entity.getId()))) {
- return true;
- }
- entity.addError(UNIQUE_USER);
- return false;
- }
-
- /**
- * Has only 5/6 new/updated properties: content, returnRequested, destination, Borrower, comment
- * (optional), location
- *
- * @throws Message
- */
- boolean hasOnlyAllowedLoanProperties4RequestReturn(EntityInterface e) {
- runJobFromSchedule(e, CheckPropValid.class);
- // appendJob(e, CheckNoOverridesPresent.class);
-
- boolean foundReturnRequested = false;
- for (Property p : e.getProperties()) {
- if (p.getEntityStatus() == EntityStatus.QUALIFIED) { // this means update
- if (isReturnRequestProperty(p)) {
- foundReturnRequested = true;
- } else if (isReturnAcceptedProperty(p) || isReturnedProperty(p)) {
- logger.trace("hasOnlyAllowedLoanProperties4RequestReturn: false");
- return false; // this is not a returnRequest, return has already been accepted
- }
- }
- }
- logger.trace("hasOnlyAllowedLoanProperties4RequestReturn found: {}", foundReturnRequested);
- return foundReturnRequested;
- }
-
- boolean isReturnRequestProperty(Property p) {
- return Objects.equals(p.getId(), getReturnRequestedId());
- }
-}
diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanCuratorEmail.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanCuratorEmail.java
deleted file mode 100644
index 2bf51e76e7357839ee0c52d28caa18017691849f..0000000000000000000000000000000000000000
--- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanCuratorEmail.java
+++ /dev/null
@@ -1,92 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import caosdb.datetime.DateTimeInterface;
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
-import caosdb.server.datatype.ReferenceValue;
-import caosdb.server.datatype.SingleValue;
-import caosdb.server.datatype.Value;
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.entity.wrapper.Property;
-import caosdb.server.utils.mail.Mail;
-import java.util.TimeZone;
-
-public abstract class AWIBoxLoanCuratorEmail extends AWIBoxLoanModel {
-
- public static final String KEY_EXT_AWI_CURATOR_EMAIL = "EXT_AWI_BOX_CURATOR_EMAIL";
- protected static final String FROM_EMAIL =
- CaosDBServer.getServerProperty(ServerProperties.KEY_NO_REPLY_EMAIL);
- protected static final String FROM_NAME =
- CaosDBServer.getServerProperty(ServerProperties.KEY_NO_REPLY_NAME);
- protected static final String CURATOR_EMAIL =
- CaosDBServer.getServerProperty(KEY_EXT_AWI_CURATOR_EMAIL);
-
- protected String loanToString(EntityInterface e) {
- StringBuilder s = new StringBuilder();
- for (Property p : e.getProperties()) {
- s.append("\n");
- s.append(p.getName());
- s.append(": ");
- if (p.getValue() instanceof ReferenceValue) {
- Integer id = ((ReferenceValue) p.getValue()).getId();
- if (isBorrowerProperty(p)) {
- s.append(borrowerToString(id));
- } else if (isBoxProperty(p)) {
- s.append(boxToString(id));
- } else {
- s.append(valueToString(p.getValue()));
- }
- } else {
- s.append(valueToString(p.getValue()));
- }
- }
- return s.toString();
- }
-
- private String valueToString(Value value) {
- if (value == null) {
- return "";
- }
- if (value instanceof DateTimeInterface) {
- return ((DateTimeInterface) value).toDateTimeString(TimeZone.getDefault());
- }
- if (value instanceof SingleValue) {
- return ((SingleValue) value).toDatabaseString();
- } else {
- return value.toString();
- }
- }
-
- private String boxToString(Integer id) {
- StringBuilder s = new StringBuilder();
- EntityInterface box = retrieveValidEntity(id);
- for (Property sp : box.getProperties()) {
- if (isNumberProperty(sp) || isContentProperty(sp) || isLocationProperty(sp)) {
- s.append("\n ");
- s.append(sp.getName());
- s.append(": ");
- s.append(valueToString(sp.getValue()));
- }
- }
- return s.toString();
- }
-
- private String borrowerToString(Integer id) {
- StringBuilder s = new StringBuilder();
- EntityInterface borrower = retrieveValidEntity(id);
- for (Property sp : borrower.getProperties()) {
- s.append("\n ");
- s.append(sp.getName());
- s.append(": ");
- s.append(valueToString(sp.getValue()));
- }
- return s.toString();
- }
-
- protected void sendCuratorEmail(String body, String subject) {
- for (String addr : CURATOR_EMAIL.split(" ")) {
- Mail m = new Mail(FROM_NAME, FROM_EMAIL, null, addr, subject, body);
- m.send();
- }
- }
-}
diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanModel.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanModel.java
deleted file mode 100644
index 92a8a240363cf8659e0d3526dec1c5fcac8ddd11..0000000000000000000000000000000000000000
--- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanModel.java
+++ /dev/null
@@ -1,154 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import caosdb.server.CaosDBServer;
-import caosdb.server.database.exceptions.EntityDoesNotExistException;
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.entity.Role;
-import caosdb.server.entity.wrapper.Property;
-import caosdb.server.jobs.ContainerJob;
-import caosdb.server.utils.Utils;
-import java.util.Objects;
-
-public abstract class AWIBoxLoanModel extends ContainerJob {
-
- /** Is Record and has single user parent. */
- boolean isPersonRecord(EntityInterface entity) {
- try {
- return entity.getParents().size() == 1
- && Objects.equals(
- retrieveValidIDByName(entity.getParents().get(0).getName()), getPersonID());
- } catch (EntityDoesNotExistException exc) {
- return false;
- }
- }
-
- /** Is Record an has single box parent. */
- boolean isBoxRecord(EntityInterface e) {
- return e.getRole() == Role.Record
- && e.getParents().size() == 1
- && Objects.equals(e.getParents().get(0).getId(), getBoxId());
- }
-
- /** Is Record and has single loan parent */
- boolean isLoanRecord(EntityInterface e) {
- try {
- return e.getRole() == Role.Record
- && e.getParents().size() == 1
- && Objects.equals(retrieveValidIDByName(e.getParents().get(0).getName()), getLoanId());
- } catch (EntityDoesNotExistException exc) {
- return false;
- }
- }
-
- boolean isBoxProperty(Property p) {
- return Objects.equals(p.getId(), getBoxId());
- }
-
- boolean isBorrowerProperty(Property p) {
- return Objects.equals(p.getId(), getBorrowerId());
- }
-
- boolean isLocationProperty(Property p) {
- return Objects.equals(p.getId(), getLocationId());
- }
-
- boolean isContentProperty(Property p) {
- return Objects.equals(p.getId(), getContentId());
- }
-
- boolean isNumberProperty(Property p) {
- return Objects.equals(p.getId(), getNumberId());
- }
-
- Integer getIdOf(String string) {
- String id = CaosDBServer.getServerProperty("EXT_AWI_" + string.toUpperCase() + "_ID");
- if (id != null && Utils.isNonNullInteger(id)) {
- return Integer.parseInt(id);
- }
- String name = CaosDBServer.getServerProperty("EXT_AWI_" + string.toUpperCase() + "_NAME");
- if (name == null || name.isEmpty()) {
- name = string;
- }
- return retrieveValidIDByName(name);
- }
-
- Integer getBorrowerId() {
- return getIdOf("Borrower");
- }
-
- Integer getCommentId() {
- return getIdOf("comment");
- }
-
- Integer getLocationId() {
- return getIdOf("Location");
- }
-
- Integer getDestinationId() {
- return getIdOf("destination");
- }
-
- Integer getContentId() {
- return getIdOf("Content");
- }
-
- Integer getBoxId() {
- return getIdOf("Box");
- }
-
- Integer getLoanId() {
- return getIdOf("Loan");
- }
-
- Integer getPersonID() {
- return getIdOf("Person");
- }
-
- Integer getEmailID() {
- return getIdOf("email");
- }
-
- Integer getLoanAcceptedId() {
- return getIdOf("loanAccepted");
- }
-
- Integer getReturnAcceptedId() {
- return getIdOf("returnAccepted");
- }
-
- Integer getLentId() {
- return getIdOf("lent");
- }
-
- Integer getLoanRequestedId() {
- return getIdOf("loanRequested");
- }
-
- Integer getExhaustContentsId() {
- return getIdOf("exhaustContents");
- }
-
- Integer getExpectedReturnId() {
- return getIdOf("expectedReturn");
- }
-
- Integer getReturnRequestedId() {
- return getIdOf("returnRequested");
- }
-
- Integer getLastNameId() {
- return getIdOf("lastName");
- }
-
- Integer getFirstNameId() {
- return getIdOf("firstName");
- }
-
- Integer getNumberId() {
- return getIdOf("Number");
- }
-
- Integer getReturnedId() {
- return getIdOf("returned");
- }
-}
diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestLoanCuratorEmail.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestLoanCuratorEmail.java
deleted file mode 100644
index ff490e99a72e93b03b04a0134c81790b1a2a1bec..0000000000000000000000000000000000000000
--- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestLoanCuratorEmail.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.jobs.JobAnnotation;
-import caosdb.server.jobs.JobExecutionTime;
-
-@JobAnnotation(time = JobExecutionTime.POST_TRANSACTION)
-public class AWIBoxLoanRequestLoanCuratorEmail extends AWIBoxLoanCuratorEmail {
-
- private static final String SUBJECT = "Box Loan Requests";
-
- @Override
- protected void run() {
- StringBuilder body = new StringBuilder("LOAN REQUEST(S):");
-
- if (!getContainer().isEmpty()) {
- for (EntityInterface e : getContainer()) {
- body.append("\n");
- body.append(loanToString(e));
- }
- this.sendCuratorEmail(body.toString(), SUBJECT);
- }
- }
-}
diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestReturnCuratorEmail.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestReturnCuratorEmail.java
deleted file mode 100644
index 373ce0b8d10ef6db560decb6afcc3e7ab5aa71b3..0000000000000000000000000000000000000000
--- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoanRequestReturnCuratorEmail.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.jobs.JobAnnotation;
-import caosdb.server.jobs.JobExecutionTime;
-
-@JobAnnotation(time = JobExecutionTime.POST_TRANSACTION)
-public class AWIBoxLoanRequestReturnCuratorEmail extends AWIBoxLoanCuratorEmail {
- private static final String SUBJECT = "Box Return Requests";
-
- @Override
- protected void run() {
- if (!getContainer().isEmpty()) {
- StringBuilder body = new StringBuilder("RETURN REQUEST(S):");
- for (EntityInterface e : getContainer()) {
- body.append("\n");
- body.append(loanToString(e));
- }
- this.sendCuratorEmail(body.toString(), SUBJECT);
- }
- }
-}
diff --git a/src/main/java/caosdb/server/permissions/EntityACL.java b/src/main/java/caosdb/server/permissions/EntityACL.java
index 208099c5c38003499d626bc1489e117ef56df8bf..426edaba7ca9ab49cbefedcd58d2c9a265b85ed0 100644
--- a/src/main/java/caosdb/server/permissions/EntityACL.java
+++ b/src/main/java/caosdb/server/permissions/EntityACL.java
@@ -24,6 +24,12 @@ package caosdb.server.permissions;
import static caosdb.server.permissions.Role.OTHER_ROLE;
import static caosdb.server.permissions.Role.OWNER_ROLE;
+
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.Principal;
+import caosdb.server.database.exceptions.TransactionException;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
@@ -41,11 +47,6 @@ import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.JDOMException;
import org.jdom2.input.SAXBuilder;
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.accessControl.Principal;
-import caosdb.server.database.exceptions.TransactionException;
public class EntityACL {
diff --git a/src/main/java/caosdb/server/transaction/Transaction.java b/src/main/java/caosdb/server/transaction/Transaction.java
index a8f481efc87b7c47bfd492d893600b95f087e387..99161894234214bff84d67fe6ded0af1d2ae4767 100644
--- a/src/main/java/caosdb/server/transaction/Transaction.java
+++ b/src/main/java/caosdb/server/transaction/Transaction.java
@@ -22,9 +22,6 @@
*/
package caosdb.server.transaction;
-import java.util.HashMap;
-import java.util.List;
-import org.apache.shiro.subject.Subject;
import caosdb.datetime.UTCDateTime;
import caosdb.server.accessControl.Principal;
import caosdb.server.database.DatabaseMonitor;
@@ -47,6 +44,9 @@ import caosdb.server.jobs.core.PickUp;
import caosdb.server.utils.AbstractObservable;
import caosdb.server.utils.Info;
import caosdb.server.utils.Observer;
+import java.util.HashMap;
+import java.util.List;
+import org.apache.shiro.subject.Subject;
public abstract class Transaction<C extends TransactionContainer> extends AbstractObservable
implements TransactionInterface {
diff --git a/src/test/java/caosdb/server/jobs/extension/TestAWIBoxLoan.java b/src/test/java/caosdb/server/jobs/extension/TestAWIBoxLoan.java
deleted file mode 100644
index 08a0e412d8562779cb54574f94ddca932ff54777..0000000000000000000000000000000000000000
--- a/src/test/java/caosdb/server/jobs/extension/TestAWIBoxLoan.java
+++ /dev/null
@@ -1,277 +0,0 @@
-package caosdb.server.jobs.extension;
-
-import static org.junit.Assert.assertEquals;
-
-import caosdb.server.entity.container.TransactionContainer;
-import caosdb.server.jobs.core.Mode;
-import caosdb.server.transaction.Transaction;
-import caosdb.server.utils.EntityStatus;
-import java.util.Collection;
-import java.util.List;
-import java.util.concurrent.Callable;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.authz.Permission;
-import org.apache.shiro.session.Session;
-import org.apache.shiro.subject.ExecutionException;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.apache.shiro.subject.Subject;
-import org.junit.Test;
-
-public class TestAWIBoxLoan {
-
- @Test
- public void testNonAnonymousUser() {
- TransactionContainer container = new TransactionContainer();
- AWIBoxLoan j =
- new AWIBoxLoan() {
-
- @Override
- protected Subject getUser() {
- return new Subject() {
-
- @Override
- public void runAs(PrincipalCollection principals)
- throws NullPointerException, IllegalStateException {}
-
- @Override
- public PrincipalCollection releaseRunAs() {
- return null;
- }
-
- @Override
- public void logout() {}
-
- @Override
- public void login(AuthenticationToken token) throws AuthenticationException {}
-
- @Override
- public boolean isRunAs() {
- return false;
- }
-
- @Override
- public boolean isRemembered() {
- return false;
- }
-
- @Override
- public boolean isPermittedAll(Collection<Permission> permissions) {
- return false;
- }
-
- @Override
- public boolean isPermittedAll(String... permissions) {
- return false;
- }
-
- @Override
- public boolean[] isPermitted(List<Permission> permissions) {
- return null;
- }
-
- @Override
- public boolean[] isPermitted(String... permissions) {
- return null;
- }
-
- @Override
- public boolean isPermitted(Permission permission) {
-
- return false;
- }
-
- @Override
- public boolean isPermitted(String permission) {
-
- return false;
- }
-
- @Override
- public boolean isAuthenticated() {
-
- return false;
- }
-
- @Override
- public boolean[] hasRoles(List<String> roleIdentifiers) {
-
- return null;
- }
-
- @Override
- public boolean hasRole(String roleIdentifier) {
-
- return false;
- }
-
- @Override
- public boolean hasAllRoles(Collection<String> roleIdentifiers) {
-
- return false;
- }
-
- @Override
- public Session getSession(boolean create) {
- return null;
- }
-
- @Override
- public Session getSession() {
- return null;
- }
-
- @Override
- public PrincipalCollection getPrincipals() {
- return null;
- }
-
- @Override
- public Object getPrincipal() {
- return null;
- }
-
- @Override
- public PrincipalCollection getPreviousPrincipals() {
- return null;
- }
-
- @Override
- public void execute(Runnable runnable) {}
-
- @Override
- public <V> V execute(Callable<V> callable) throws ExecutionException {
- return null;
- }
-
- @Override
- public void checkRoles(String... roleIdentifiers) throws AuthorizationException {}
-
- @Override
- public void checkRoles(Collection<String> roleIdentifiers)
- throws AuthorizationException {}
-
- @Override
- public void checkRole(String roleIdentifier) throws AuthorizationException {}
-
- @Override
- public void checkPermissions(Collection<Permission> permissions)
- throws AuthorizationException {}
-
- @Override
- public void checkPermissions(String... permissions) throws AuthorizationException {}
-
- @Override
- public void checkPermission(Permission permission) throws AuthorizationException {}
-
- @Override
- public void checkPermission(String permission) throws AuthorizationException {}
-
- @Override
- public Runnable associateWith(Runnable runnable) {
- return null;
- }
-
- @Override
- public <V> Callable<V> associateWith(Callable<V> callable) {
- return null;
- }
- };
- }
- };
- Transaction<TransactionContainer> t =
- new Transaction<TransactionContainer>(container, null) {
-
- @Override
- protected void transaction() throws Exception {}
-
- @Override
- protected void preTransaction() throws InterruptedException {}
-
- @Override
- protected void preCheck() throws InterruptedException, Exception {}
-
- @Override
- protected void postTransaction() throws Exception {}
-
- @Override
- protected void postCheck() {}
-
- @Override
- public boolean logHistory() {
- return false;
- }
-
- @Override
- protected void init() throws Exception {}
-
- @Override
- protected void cleanUp() {}
- };
-
- j.init(Mode.MUST, null, t);
- assertEquals(0, j.getContainer().getMessages().size());
- assertEquals(EntityStatus.QUALIFIED, j.getContainer().getStatus());
-
- // non-anonymous user
- j.run();
- assertEquals(0, j.getContainer().getMessages().size());
- assertEquals(EntityStatus.QUALIFIED, j.getContainer().getStatus());
- }
-
- @Test
- public void testAnonymousUserUnqualified() {
- TransactionContainer container = new TransactionContainer();
- AWIBoxLoan j =
- new AWIBoxLoan() {
-
- @Override
- protected Subject getUser() {
- return null;
- }
-
- @Override
- boolean isAnonymous() {
- return true;
- }
- };
- Transaction<TransactionContainer> t =
- new Transaction<TransactionContainer>(container, null) {
-
- @Override
- protected void transaction() throws Exception {}
-
- @Override
- protected void preTransaction() throws InterruptedException {}
-
- @Override
- protected void preCheck() throws InterruptedException, Exception {}
-
- @Override
- protected void postTransaction() throws Exception {}
-
- @Override
- protected void postCheck() {}
-
- @Override
- public boolean logHistory() {
- return false;
- }
-
- @Override
- protected void init() throws Exception {}
-
- @Override
- protected void cleanUp() {}
- };
-
- j.init(Mode.MUST, null, t);
- assertEquals(0, j.getContainer().getMessages().size());
- assertEquals(EntityStatus.QUALIFIED, j.getContainer().getStatus());
-
- j.run();
- assertEquals(2, j.getContainer().getMessages().size());
- assertEquals(EntityStatus.UNQUALIFIED, j.getContainer().getStatus());
- }
-}
diff --git a/src/test/java/caosdb/server/permissions/EntityACLTest.java b/src/test/java/caosdb/server/permissions/EntityACLTest.java
index a088a43a6a97a400703fcfdd59b1d10fbd6c8d1a..d62cb625c8319e676614bf6770eea2f9794daaee 100644
--- a/src/test/java/caosdb/server/permissions/EntityACLTest.java
+++ b/src/test/java/caosdb/server/permissions/EntityACLTest.java
@@ -24,6 +24,15 @@ package caosdb.server.permissions;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
+
+import caosdb.server.CaosDBServer;
+import caosdb.server.accessControl.AnonymousAuthenticationToken;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.OneTimeAuthenticationToken;
+import caosdb.server.accessControl.OneTimeAuthenticationToken.Config;
+import caosdb.server.resource.AbstractCaosDBServerResource;
+import caosdb.server.resource.AbstractCaosDBServerResource.XMLParser;
+import caosdb.server.utils.Utils;
import java.io.IOException;
import java.util.BitSet;
import java.util.LinkedList;
@@ -34,14 +43,6 @@ import org.jdom2.JDOMException;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
-import caosdb.server.CaosDBServer;
-import caosdb.server.accessControl.AnonymousAuthenticationToken;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.accessControl.OneTimeAuthenticationToken;
-import caosdb.server.accessControl.OneTimeAuthenticationToken.Config;
-import caosdb.server.resource.AbstractCaosDBServerResource;
-import caosdb.server.resource.AbstractCaosDBServerResource.XMLParser;
-import caosdb.server.utils.Utils;
public class EntityACLTest {
@@ -179,30 +180,26 @@ public class EntityACLTest {
Assert.assertEquals(convert(EntityACL.convert(EntityACL.OWNER_BITSET).get(1, 32)), 0);
}
- @Test
- public void testDeserialize() {
- Assert.assertTrue(EntityACL.deserialize("{}") instanceof EntityACL);
- Assert.assertTrue(EntityACL.deserialize("{\"tf\":134}") instanceof
- EntityACL);
- Assert.assertTrue(EntityACL.deserialize("{\"tf\":6343,\"bla\":884}") instanceof
- EntityACL);
- Assert.assertTrue(EntityACL.deserialize("{\"tf\":-2835,\"bla\":884}") instanceof
- EntityACL);
- Assert.assertTrue(EntityACL.deserialize("{\"?OWNER?\":526,\"tahsdh \": -235}")
- instanceof EntityACL);
- Assert.assertTrue(EntityACL.deserialize("{\"asdf\":2345}") instanceof
- EntityACL);
- Assert.assertTrue(raisesIllegalStateException("{"));
- Assert.assertTrue(raisesIllegalStateException("}"));
- Assert.assertTrue(raisesIllegalStateException("{tf:}"));
- Assert.assertTrue(raisesIllegalStateException("{tf:;}"));
- Assert.assertTrue(raisesIllegalStateException("{:234}"));
- Assert.assertTrue(raisesIllegalStateException("{:234;}"));
- Assert.assertTrue(raisesIllegalStateException("{tf:tf;}"));
- Assert.assertTrue(raisesIllegalStateException("{tf: +5259;}"));
- Assert.assertTrue(raisesIllegalStateException("{tf;}"));
- Assert.assertTrue(raisesIllegalStateException("{tf:123223727356235782735235;}"));
- }
+ @Test
+ public void testDeserialize() {
+ Assert.assertTrue(EntityACL.deserialize("{}") instanceof EntityACL);
+ Assert.assertTrue(EntityACL.deserialize("{\"tf\":134}") instanceof EntityACL);
+ Assert.assertTrue(EntityACL.deserialize("{\"tf\":6343,\"bla\":884}") instanceof EntityACL);
+ Assert.assertTrue(EntityACL.deserialize("{\"tf\":-2835,\"bla\":884}") instanceof EntityACL);
+ Assert.assertTrue(
+ EntityACL.deserialize("{\"?OWNER?\":526,\"tahsdh \": -235}") instanceof EntityACL);
+ Assert.assertTrue(EntityACL.deserialize("{\"asdf\":2345}") instanceof EntityACL);
+ Assert.assertTrue(raisesIllegalStateException("{"));
+ Assert.assertTrue(raisesIllegalStateException("}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf:}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf:;}"));
+ Assert.assertTrue(raisesIllegalStateException("{:234}"));
+ Assert.assertTrue(raisesIllegalStateException("{:234;}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf:tf;}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf: +5259;}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf;}"));
+ Assert.assertTrue(raisesIllegalStateException("{tf:123223727356235782735235;}"));
+ }
public boolean raisesIllegalStateException(final String input) {
try {
@@ -218,158 +215,144 @@ public class EntityACLTest {
public Element stringToJdom(final String s) throws JDOMException, IOException {
return parser.parse(Utils.String2InputStream(s)).getRootElement();
}
-
+
@Test
public void testEntityACLForAnonymous() {
Subject anonymous = SecurityUtils.getSubject();
anonymous.login(AnonymousAuthenticationToken.getInstance());
assertTrue(AuthenticationUtils.isAnonymous(anonymous));
- EntityACL acl =
- EntityACL.getOwnerACLFor(anonymous);
+ EntityACL acl = EntityACL.getOwnerACLFor(anonymous);
assertNotNull(acl);
assertTrue(acl.getOwners().isEmpty());
+ }
+ // @Test
+ // public void testParseFromElement() throws JDOMException, IOException {
+ // Assert.assertEquals("[]",
+ // EntityACL.serialize(EntityACL.parseFromElement(stringToJdom("<ACL></ACL>"))));
+ // Assert.assertEquals("[]", EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Grant></Grant></ACL>"))));
+ // Assert.assertEquals("[]", EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Deny></Deny></ACL>"))));
+ // Assert.assertEquals("[]", EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Grant role='bla'></Grant></ACL>"))));
+ // Assert.assertEquals("[]", EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Deny role='bla'></Deny></ACL>"))));
+ // Assert.assertEquals(
+ // "{bla:2;}",
+ // EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Grant role='bla'><Permission
+ // name='DELETE'/></Grant></ACL>"))));
+ // Assert.assertEquals(
+ // "{bla:" + (Long.MIN_VALUE + 2) + ";}",
+ // EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Deny role='bla'><Permission name='DELETE'
+ // /></Deny></ACL>"))));
+ // Assert.assertEquals(
+ // "{bla:32;}",
+ // EntityACL.serialize(EntityACL
+ // .parseFromElement(stringToJdom("<ACL><Grant role='bla'><Permission name='RETRIEVE:ACL'
+ // /></Grant></ACL>"))));
+ // }
+
+ @Test
+ public void testFactory() {
+ final EntityACLFactory f = new EntityACLFactory();
+
+ caosdb.server.permissions.Role role1 = caosdb.server.permissions.Role.create("role1");
+ Config config1 = new Config();
+ config1.setRoles(new String[] {role1.toString()});
+ OneTimeAuthenticationToken token1 = OneTimeAuthenticationToken.generate(config1);
+ Subject user1 = SecurityUtils.getSecurityManager().createSubject(null);
+ user1.login(token1);
+
+ caosdb.server.permissions.Role role2 = caosdb.server.permissions.Role.create("role2");
+ Config config2 = new Config();
+ config2.setRoles(new String[] {role2.toString()});
+ OneTimeAuthenticationToken token2 = OneTimeAuthenticationToken.generate(config2);
+ Subject user2 = SecurityUtils.getSecurityManager().createSubject(null);
+ user2.login(token2);
+
+ f.grant(role1, "UPDATE:NAME");
+ Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.UPDATE_NAME)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.UPDATE_NAME)));
+ f.grant(role2, "DELETE");
+ Assert.assertFalse((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertTrue((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ f.deny(role2, 1);
+ f.deny(role1, 1);
+ Assert.assertFalse((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ f.grant(role1, true, 1);
+ Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ f.deny(role2, true, 1);
+ Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ f.grant(role2, true, 1);
+ Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ f.deny(role1, true, 1);
+ Assert.assertFalse((f.create().isPermitted(user1, EntityPermission.DELETE)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.DELETE)));
+ Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.UPDATE_NAME)));
+ Assert.assertFalse((f.create().isPermitted(user2, EntityPermission.UPDATE_NAME)));
}
-// @Test
-// public void testParseFromElement() throws JDOMException, IOException {
-// Assert.assertEquals("[]",
-// EntityACL.serialize(EntityACL.parseFromElement(stringToJdom("<ACL></ACL>"))));
-// Assert.assertEquals("[]", EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Grant></Grant></ACL>"))));
-// Assert.assertEquals("[]", EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Deny></Deny></ACL>"))));
-// Assert.assertEquals("[]", EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Grant role='bla'></Grant></ACL>"))));
-// Assert.assertEquals("[]", EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Deny role='bla'></Deny></ACL>"))));
-// Assert.assertEquals(
-// "{bla:2;}",
-// EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Grant role='bla'><Permission name='DELETE'/></Grant></ACL>"))));
-// Assert.assertEquals(
-// "{bla:" + (Long.MIN_VALUE + 2) + ";}",
-// EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Deny role='bla'><Permission name='DELETE' /></Deny></ACL>"))));
-// Assert.assertEquals(
-// "{bla:32;}",
-// EntityACL.serialize(EntityACL
-// .parseFromElement(stringToJdom("<ACL><Grant role='bla'><Permission name='RETRIEVE:ACL' /></Grant></ACL>"))));
-// }
-
- @Test
- public void testFactory() {
- final EntityACLFactory f = new EntityACLFactory();
-
- caosdb.server.permissions.Role role1 = caosdb.server.permissions.Role.create("role1");
- Config config1 = new Config();
- config1.setRoles(new String[] {role1.toString()});
- OneTimeAuthenticationToken token1 = OneTimeAuthenticationToken.generate(config1);
- Subject user1 = SecurityUtils.getSecurityManager().createSubject(null);
- user1.login(token1);
-
- caosdb.server.permissions.Role role2 = caosdb.server.permissions.Role.create("role2");
- Config config2 = new Config();
- config2.setRoles(new String[] {role2.toString()});
- OneTimeAuthenticationToken token2 = OneTimeAuthenticationToken.generate(config2);
- Subject user2 = SecurityUtils.getSecurityManager().createSubject(null);
- user2.login(token2);
-
- f.grant(role1, "UPDATE:NAME");
- Assert.assertTrue((f.create().isPermitted(user1, EntityPermission.UPDATE_NAME)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.UPDATE_NAME)));
- f.grant(role2, "DELETE");
- Assert.assertFalse((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertTrue((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- f.deny(role2, 1);
- f.deny(role1, 1);
- Assert.assertFalse((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- f.grant(role1, true, 1);
- Assert.assertTrue((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- f.deny(role2, true, 1);
- Assert.assertTrue((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- f.grant(role2, true, 1);
- Assert.assertTrue((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- f.deny(role1, true, 1);
- Assert.assertFalse((f.create().isPermitted(user1,
- EntityPermission.DELETE)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.DELETE)));
- Assert.assertTrue((f.create().isPermitted(user1,
- EntityPermission.UPDATE_NAME)));
- Assert.assertFalse((f.create().isPermitted(user2,
- EntityPermission.UPDATE_NAME)));
- }
-
-// @Test
-// public void niceFactoryStuff() {
-// final EntityACLFactory f = new EntityACLFactory();
-// f.grant("user1", "*");
-// final EntityACL acl1 = f.create();
-// Assert.assertTrue(acl1.isPermitted("user1", EntityPermission.EDIT_ACL));
-// Assert.assertTrue(acl1.isPermitted("user1", EntityPermission.DELETE));
-// Assert.assertTrue(acl1.isPermitted("user1",
-// EntityPermission.RETRIEVE_ENTITY));
-// Assert.assertTrue(acl1.isPermitted("user1",
-// EntityPermission.UPDATE_DATA_TYPE));
-// Assert.assertTrue(acl1.isPermitted("user1",
-// EntityPermission.USE_AS_PROPERTY));
-//
-// f.grant("?OWNER?", "DELETE", "EDIT:ACL", "RETRIEVE:*", "UPDATE:*",
-// "USE:*");
-// f.grant("user2", "EDIT:ACL");
-// final EntityACL acl2 = f.create();
-// Assert.assertTrue(acl2.isPermitted("user2", EntityPermission.EDIT_ACL));
-// Assert.assertTrue(acl2.isPermitted("user2", EntityPermission.DELETE));
-// Assert.assertTrue(acl2.isPermitted("user2",
-// EntityPermission.RETRIEVE_ENTITY));
-// Assert.assertTrue(acl2.isPermitted("user2",
-// EntityPermission.UPDATE_DATA_TYPE));
-// Assert.assertTrue(acl2.isPermitted("user2",
-// EntityPermission.USE_AS_PROPERTY));
-//
-// }
-//
-// @Test
-// public void testDeny() {
-// EntityACLFactory f = new EntityACLFactory();
-// f.deny("test", "DELETE");
-// Assert.assertFalse(f.create().isPermitted("test",
-// EntityPermission.DELETE));
-//
-// System.out.println(Utils.element2String(f.create().toElement()));
-//
-// System.out.println(Utils.element2String(EntityACL.GLOBAL_PERMISSIONS.toElement()));
-//
-// f.grant("test", "USE:*");
-// Assert.assertFalse(f.create().isPermitted("test",
-// EntityPermission.DELETE));
-//
-// System.out.println(Utils.element2String(f.create().toElement()));
-//
-// f = new EntityACLFactory();
-// f.grant(EntityACL.OTHER_ROLE, "RETRIEVE:*");
-// f.deny(EntityACL.OTHER_ROLE, "DELETE");
-// final EntityACL a = f.create();
-//
-// System.out.println(Utils.element2String(a.toElement()));
-//
-// System.out.println(Utils.element2String(EntityACL.deserialize(a.serialize()).toElement()));
-// }
+ // @Test
+ // public void niceFactoryStuff() {
+ // final EntityACLFactory f = new EntityACLFactory();
+ // f.grant("user1", "*");
+ // final EntityACL acl1 = f.create();
+ // Assert.assertTrue(acl1.isPermitted("user1", EntityPermission.EDIT_ACL));
+ // Assert.assertTrue(acl1.isPermitted("user1", EntityPermission.DELETE));
+ // Assert.assertTrue(acl1.isPermitted("user1",
+ // EntityPermission.RETRIEVE_ENTITY));
+ // Assert.assertTrue(acl1.isPermitted("user1",
+ // EntityPermission.UPDATE_DATA_TYPE));
+ // Assert.assertTrue(acl1.isPermitted("user1",
+ // EntityPermission.USE_AS_PROPERTY));
+ //
+ // f.grant("?OWNER?", "DELETE", "EDIT:ACL", "RETRIEVE:*", "UPDATE:*",
+ // "USE:*");
+ // f.grant("user2", "EDIT:ACL");
+ // final EntityACL acl2 = f.create();
+ // Assert.assertTrue(acl2.isPermitted("user2", EntityPermission.EDIT_ACL));
+ // Assert.assertTrue(acl2.isPermitted("user2", EntityPermission.DELETE));
+ // Assert.assertTrue(acl2.isPermitted("user2",
+ // EntityPermission.RETRIEVE_ENTITY));
+ // Assert.assertTrue(acl2.isPermitted("user2",
+ // EntityPermission.UPDATE_DATA_TYPE));
+ // Assert.assertTrue(acl2.isPermitted("user2",
+ // EntityPermission.USE_AS_PROPERTY));
+ //
+ // }
+ //
+ // @Test
+ // public void testDeny() {
+ // EntityACLFactory f = new EntityACLFactory();
+ // f.deny("test", "DELETE");
+ // Assert.assertFalse(f.create().isPermitted("test",
+ // EntityPermission.DELETE));
+ //
+ // System.out.println(Utils.element2String(f.create().toElement()));
+ //
+ // System.out.println(Utils.element2String(EntityACL.GLOBAL_PERMISSIONS.toElement()));
+ //
+ // f.grant("test", "USE:*");
+ // Assert.assertFalse(f.create().isPermitted("test",
+ // EntityPermission.DELETE));
+ //
+ // System.out.println(Utils.element2String(f.create().toElement()));
+ //
+ // f = new EntityACLFactory();
+ // f.grant(EntityACL.OTHER_ROLE, "RETRIEVE:*");
+ // f.deny(EntityACL.OTHER_ROLE, "DELETE");
+ // final EntityACL a = f.create();
+ //
+ // System.out.println(Utils.element2String(a.toElement()));
+ //
+ // System.out.println(Utils.element2String(EntityACL.deserialize(a.serialize()).toElement()));
+ // }
}
diff --git a/src/test/java/caosdb/server/resource/TestScriptingResource.java b/src/test/java/caosdb/server/resource/TestScriptingResource.java
index 1a65947b06b5e3e8142ed79a23b336b5604a610d..649c764712ad381f8e4a7c181ee9935dcb79f7fa 100644
--- a/src/test/java/caosdb/server/resource/TestScriptingResource.java
+++ b/src/test/java/caosdb/server/resource/TestScriptingResource.java
@@ -23,6 +23,25 @@
package caosdb.server.resource;
import static org.junit.Assert.assertEquals;
+
+import caosdb.server.CaosDBServer;
+import caosdb.server.accessControl.AnonymousAuthenticationToken;
+import caosdb.server.accessControl.CredentialsValidator;
+import caosdb.server.accessControl.Principal;
+import caosdb.server.accessControl.Role;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
+import caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
+import caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
+import caosdb.server.database.backend.interfaces.RetrieveUserImpl;
+import caosdb.server.database.exceptions.TransactionException;
+import caosdb.server.database.misc.TransactionBenchmark;
+import caosdb.server.database.proto.ProtoUser;
+import caosdb.server.entity.Message;
+import caosdb.server.permissions.PermissionRule;
+import caosdb.server.scripting.ScriptingPermissions;
+import caosdb.server.scripting.ServerSideScriptingCaller;
import java.io.IOException;
import java.util.Date;
import java.util.HashSet;
@@ -42,24 +61,6 @@ import org.restlet.data.Reference;
import org.restlet.data.Status;
import org.restlet.representation.Representation;
import org.restlet.representation.StringRepresentation;
-import caosdb.server.CaosDBServer;
-import caosdb.server.accessControl.AnonymousAuthenticationToken;
-import caosdb.server.accessControl.CredentialsValidator;
-import caosdb.server.accessControl.Principal;
-import caosdb.server.accessControl.Role;
-import caosdb.server.database.BackendTransaction;
-import caosdb.server.database.access.Access;
-import caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
-import caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
-import caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
-import caosdb.server.database.backend.interfaces.RetrieveUserImpl;
-import caosdb.server.database.exceptions.TransactionException;
-import caosdb.server.database.misc.TransactionBenchmark;
-import caosdb.server.database.proto.ProtoUser;
-import caosdb.server.entity.Message;
-import caosdb.server.permissions.PermissionRule;
-import caosdb.server.scripting.ScriptingPermissions;
-import caosdb.server.scripting.ServerSideScriptingCaller;
public class TestScriptingResource {