LibreCCM
/
libreccm-legacy
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed Problem with grantee when exporting permissions. 

git-svn-id: https://svn.libreccm.org/ccm/trunk@4669 8810af33-2d31-482b-a856-94f89814c4df
master
jensp 2017-04-11 18:14:12 +00:00
parent 3bf7248780
commit 5e12ad6b20
6 changed files with 145 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ccm-core/src/com/arsdigita/portation/cmd/ExportHelper.java
View File

@ -45,8 +45,7 @@ import java.util.ArrayList;
class ExportHelper { class ExportHelper {
private static String pathName = private static String pathName =
"/home/tosmers/Svn/libreccm/ccm_ng/ccm-core/src/test/resources/" + "/home/jensp/Downloads/tmp/iaw-exports";
"portation/trunk-iaw-exports";
private static boolean indentation = false; private static boolean indentation = false;
static void exportCategories() { static void exportCategories() {

10
ccm-core/src/com/arsdigita/portation/conversion/MainConverter.java
View File

@ -25,6 +25,8 @@ import com.arsdigita.portation.conversion.core.security.RoleConversion;
import com.arsdigita.portation.conversion.core.security.UserConversion; import com.arsdigita.portation.conversion.core.security.UserConversion;
import com.arsdigita.portation.conversion.core.workflow.AssignableTaskConversion; import com.arsdigita.portation.conversion.core.workflow.AssignableTaskConversion;
import com.arsdigita.portation.conversion.core.workflow.WorkflowConversion; import com.arsdigita.portation.conversion.core.workflow.WorkflowConversion;
import com.arsdigita.portation.modules.core.security.Permission;
/** /**
* This main converter class calls all the conversions from trunk-objects * This main converter class calls all the conversions from trunk-objects
@ -50,5 +52,13 @@ public class MainConverter {
WorkflowConversion.convertAll(); WorkflowConversion.convertAll();
AssignableTaskConversion.convertAll(); AssignableTaskConversion.convertAll();
PermissionConversion.convertAll(); PermissionConversion.convertAll();
//Verify permissions
for(Permission permission : NgCollection.permissions.values()) {
if (permission.getGrantee() == null) {
System.err.printf("MainConverter: Grantee for permission %d is null.%n", permission.getPermissionId());
System.exit(-1);
}
}
} }
} }

142
ccm-core/src/com/arsdigita/portation/conversion/core/security/PermissionConversion.java
View File

@ -57,9 +57,17 @@ public class PermissionConversion {
com.arsdigita.kernel.permissions.Permission com.arsdigita.kernel.permissions.Permission
.getAllObjectPermissions(); .getAllObjectPermissions();
System.err.println("Converting permissions...");
createPermissionsAndSetAssociations(trunkPermissions); createPermissionsAndSetAssociations(trunkPermissions);
System.err.println("Setting grantee on permissions...");
try {
setGranteeDependency(trunkPermissions); setGranteeDependency(trunkPermissions);
} catch(Throwable ex) {
System.err.println("Fatal error:");
System.err.println(ex.getMessage());
ex.printStackTrace(System.err);
System.exit(-1);
}
} }
/** /**
@ -70,11 +78,23 @@ public class PermissionConversion {
* {@link com.arsdigita.kernel.permissions.Permission}s * {@link com.arsdigita.kernel.permissions.Permission}s
* from the old trunk-system * from the old trunk-system
*/ */
private static void createPermissionsAndSetAssociations(List<com private static void createPermissionsAndSetAssociations(List<com.arsdigita.kernel.permissions.Permission> trunkPermissions) {
.arsdigita.kernel.permissions.Permission> trunkPermissions) {
long processed = 0;
for (com.arsdigita.kernel.permissions.Permission trunkPermission : for (com.arsdigita.kernel.permissions.Permission trunkPermission :
trunkPermissions) { trunkPermissions) {
//Skip permissions generated by SQL install script. These are system internal permissions which are not
// needed in the export because they also exist in every other installation,
// including LibreCCM 8 (LibreCCM NG).
if (-204 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()
|| -300 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()
|| -200 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()) {
System.err.println("Skiping because it is a internal permission");
continue;
}
// create Permissions // create Permissions
Permission permission = new Permission(trunkPermission); Permission permission = new Permission(trunkPermission);
@ -96,7 +116,11 @@ public class PermissionConversion {
if (creationUser != null) if (creationUser != null)
permission.setCreationUser(creationUser); permission.setCreationUser(creationUser);
} }
processed++;
} }
System.err.printf("Created %d permissions%n", processed);
} }
/** /**
@ -118,61 +142,100 @@ public class PermissionConversion {
* {@link com.arsdigita.kernel.permissions.Permission}s * {@link com.arsdigita.kernel.permissions.Permission}s
* from the old trunk-system * from the old trunk-system
*/ */
private static void setGranteeDependency(List<com.arsdigita.kernel private static void setGranteeDependency(final List<com.arsdigita.kernel.permissions.Permission> trunkPermissions) {
.permissions.Permission> trunkPermissions) {
for (com.arsdigita.kernel.permissions.Permission long processed = 0;
trunkPermission : trunkPermissions) {
long permissionId = PermissionIdMapper.map.get( for (com.arsdigita.kernel.permissions.Permission trunkPermission : trunkPermissions) {
((BigDecimal) trunkPermission.getACSObject().get("id")).
longValue() // Skip permissions generated by SQL install script. These are system internal permissions which are not
+ ((BigDecimal) trunkPermission.getPartyOID().get("id")). // needed in the export because they also exist in every other installation,
longValue() // including LibreCCM 8 (LibreCCM NG).
); if (-204 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()
Permission permission = NgCollection.permissions.get(permissionId); || -300 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()
|| -200 == ((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue()) {
System.err.println("Skiping because it is a internal permission");
continue;
}
final String oldId = Permission.genOldId(trunkPermission);
final long permissionId = PermissionIdMapper.map.get(oldId);
final Permission permission = NgCollection.permissions.get(permissionId);
// get all parties serving as the grantee of this permission // get all parties serving as the grantee of this permission
BigDecimal trunkGranteeId = (BigDecimal) trunkPermission final BigDecimal trunkGranteeId = (BigDecimal) trunkPermission
.getPartyOID().get("id"); .getPartyOID()
List<com.arsdigita.kernel.Party> trunkParties = .get("id");
com.arsdigita.kernel.Party.getAllObjectParties(); System.err.printf("Trying to set grantee for permission with oldId = \"%s\" | objectId = %d | granteeId = %d | privilege = \"%s\" -> %d%n",
trunkParties.stream().filter(p -> Objects.equals(p.getID(), oldId,
trunkGranteeId)).collect(Collectors.toList()); ((BigDecimal) trunkPermission.getACSObject().get("id")).longValue(),
trunkGranteeId.longValue(),
trunkPermission.getPrivilege().getName(),
permissionId);
final List<com.arsdigita.kernel.Party> availableParties = com.arsdigita.kernel.Party.getAllObjectParties();
System.err.println("Got available parties...");
System.err.printf("Available parties:%d%n", availableParties.size());
for(com.arsdigita.kernel.Party party : availableParties) {
System.err.printf("\t%s%n", Objects.toString(party.getID()));
}
final List<com.arsdigita.kernel.Party> trunkParties = availableParties
.stream()
.filter(p -> {
/*System.err.printf("p = %s; trunkGranteeId = %s%n",
Objects.toString(p.getID(),
Objects.toString(trunkGranteeId)));*/
return Objects.equals(p.getID(), trunkGranteeId);
})
.collect(Collectors.toList());
System.err.printf("Found %d parties associated with the permission%n",
trunkParties.size());
for (com.arsdigita.kernel.Party trunkGranteeParty : trunkParties) { for (com.arsdigita.kernel.Party trunkGranteeParty : trunkParties) {
System.err.printf("Trying to set grantee for permission %d to party %s%n",
permission.getPermissionId(),
trunkGranteeParty.getName());
// grantee instance of Group, possibly multiple roles or none // grantee instance of Group, possibly multiple roles or none
if (trunkGranteeParty instanceof com.arsdigita.kernel.Group) { if (trunkGranteeParty instanceof com.arsdigita.kernel.Group) {
com.arsdigita.kernel.Group trunkGranteeGroup = final com.arsdigita.kernel.Group trunkGranteeGroup =
(com.arsdigita.kernel.Group) trunkGranteeParty; (com.arsdigita.kernel.Group) trunkGranteeParty;
RoleCollection roleCollection = trunkGranteeGroup.getRoles(); final RoleCollection roleCollection = trunkGranteeGroup.getRoles();
// if group contains 1 or more roles // if group contains 1 or more roles
if (!roleCollection.isEmpty()) { if (!roleCollection.isEmpty()) {
while (roleCollection.next()) { while (roleCollection.next()) {
Role grantee = NgCollection.roles.get(roleCollection final Role grantee = NgCollection.roles.get(roleCollection
.getRole().getID().longValue()); .getRole().getID().longValue());
Permission duplicatePermission = new Permission final Permission duplicatePermission = new Permission
(permission); (permission);
duplicatePermission.setGrantee(grantee); duplicatePermission.setGrantee(grantee);
grantee.addPermission(duplicatePermission); grantee.addPermission(duplicatePermission);
CcmObject object = duplicatePermission.getObject(); final CcmObject object = duplicatePermission.getObject();
long objectId = 0; long objectId = 0;
if (object != null) { if (object != null) {
objectId = object.getObjectId(); objectId = object.getObjectId();
} }
long oldId = objectId + grantee.getRoleId(); //final String duplicateOldId = Long.toString(objectId) + "_" + Long.toString(grantee.getRoleId() + "_" + permission.getGrantedPrivilege());
PermissionIdMapper.map.put(oldId, final String duplicateOldId = String.format("%d_%d_%s",
objectId,
grantee.getRoleId(),
permission.getGrantedPrivilege());
PermissionIdMapper.map.put(duplicateOldId,
duplicatePermission.getPermissionId()); duplicatePermission.getPermissionId());
} }
} }
// new Role for this group // new Role for this group
Group member = NgCollection.groups.get final Group member = NgCollection.groups.get
(trunkGranteeGroup.getID().longValue()); (trunkGranteeGroup.getID().longValue());
Role granteeRole = createNewRole(member); final Role granteeRole = createNewRole(member);
// set grantee and opposed association // set grantee and opposed association
permission.setGrantee(granteeRole); permission.setGrantee(granteeRole);
@ -180,15 +243,14 @@ public class PermissionConversion {
// grantee instance of User, new Role necessary // grantee instance of User, new Role necessary
} else if (trunkGranteeParty instanceof com.arsdigita.kernel } else if (trunkGranteeParty instanceof com.arsdigita.kernel.User) {
.User) { final com.arsdigita.kernel.User trunkGranteeUser = (com
com.arsdigita.kernel.User trunkGranteeUser = (com
.arsdigita.kernel.User) trunkGranteeParty; .arsdigita.kernel.User) trunkGranteeParty;
User member = NgCollection.users.get final User member = NgCollection.users.get
(trunkGranteeUser.getID().longValue()); (trunkGranteeUser.getID().longValue());
Role granteeRole = createNewRole(member); final Role granteeRole = createNewRole(member);
// set grantee and opposed association // set grantee and opposed association
permission.setGrantee(granteeRole); permission.setGrantee(granteeRole);
@ -198,7 +260,19 @@ public class PermissionConversion {
trunkPermission.getOID().toString()); trunkPermission.getOID().toString());
} }
} }
if(permission.getGrantee() == null) {
System.err.printf("PermissionConversation: No Grantee for permission with database id %d%n", ((BigDecimal) trunkPermission.getACSObject().get("id")).
longValue());
//System.exit(-1);
} else {
System.out.printf("Set grantee for permission %d%n%n", permission.getPermissionId());
} }
processed++;
}
System.err.printf("Set grantee for %d permissions.%n", processed);
} }
/** /**

27
ccm-core/src/com/arsdigita/portation/modules/core/security/Permission.java
View File

@ -49,12 +49,18 @@ public class Permission implements Portable {
private Date creationDate; private Date creationDate;
private String creationIp; private String creationIp;
public Permission(final com.arsdigita.kernel.permissions.Permission public static String genOldId(com.arsdigita.kernel.permissions.Permission permission) {
trunkPermission) { return String.join("_",
long oldId = ((BigDecimal) trunkPermission.getACSObject().get("id")) permission.getACSObject().get("id").toString(),
.longValue() permission.getPartyOID().get("id").toString(),
+ ((BigDecimal) trunkPermission.getPartyOID().get("id")) permission.getPrivilege().getName());
.longValue(); }
public Permission(final com.arsdigita.kernel.permissions.Permission trunkPermission) {
final String oldId = genOldId(trunkPermission);
//((BigDecimal) trunkPermission.getACSObject().get("id")).toString()
//+ "_" +
//((BigDecimal) trunkPermission.getPartyOID().get("id")).toString();
this.permissionId = ACSObject.generateID().longValue(); this.permissionId = ACSObject.generateID().longValue();
PermissionIdMapper.map.put(oldId, this.permissionId); PermissionIdMapper.map.put(oldId, this.permissionId);
@ -67,6 +73,12 @@ public class Permission implements Portable {
this.creationDate = trunkPermission.getCreationDate(); this.creationDate = trunkPermission.getCreationDate();
this.creationIp = trunkPermission.getCreationIP(); this.creationIp = trunkPermission.getCreationIP();
System.out.printf("Permission oldId = \"%s\" | objectId = %d | granteeId = %d | privilege = \"%s\" -> permissionId = %d%n",
oldId,
((BigDecimal) trunkPermission.getACSObject().get("id")).longValue(),
((BigDecimal) trunkPermission.getPartyOID().get("id")).longValue(),
this.grantedPrivilege,
permissionId);
NgCollection.permissions.put(this.permissionId, this); NgCollection.permissions.put(this.permissionId, this);
} }
@ -125,6 +137,9 @@ public class Permission implements Portable {
} }
public void setGrantee(final Role grantee) { public void setGrantee(final Role grantee) {
if (grantee == null) {
throw new IllegalArgumentException("Grantee can't be null.");
}
this.grantee = grantee; this.grantee = grantee;
} }

2
ccm-core/src/com/arsdigita/portation/modules/core/security/PermissionIdGenerator.java
View File

@ -55,6 +55,8 @@ public class PermissionIdGenerator extends ObjectIdGenerator<String> {
@Override @Override
public String generateId(final Object forPojo) { public String generateId(final Object forPojo) {
//System.err.println("Generating ID for permission...");
if (!(forPojo instanceof Permission)) { if (!(forPojo instanceof Permission)) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"Only Permission instances are supported."); "Only Permission instances are supported.");

2
ccm-core/src/com/arsdigita/portation/modules/core/security/util/PermissionIdMapper.java
View File

@ -27,7 +27,7 @@ import java.util.Map;
*/ */
public class PermissionIdMapper { public class PermissionIdMapper {
public static Map<Long, Long> map = new HashMap<>(); public static Map<String, Long> map = new HashMap<>();
/** /**
* Private constructor to prevent the instantiation of this class. * Private constructor to prevent the instantiation of this class.