public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-17 11:41:41 +00:00
Code Issues Releases Wiki Activity

Closes #82: Add role to groups

Browse Source
This commit is contained in:
jendib
2016-03-20 22:18:58 +01:00
parent 6598b585a2
commit 5a41e9555e
9 changed files with 65 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs-web/src/main/java/com/sismics/docs/rest/resource/GroupResource.java
View File

@@ -310,7 +310,6 @@ public class GroupResource extends BaseResource {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
// Get the group
GroupDao groupDao = new GroupDao();

3
docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java
View File

@@ -25,6 +25,7 @@ import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
@@ -398,7 +399,7 @@ public class UserResource extends BaseResource {
// Ensure that the admin user is not deleted
RoleBaseFunctionDao userBaseFuction = new RoleBaseFunctionDao();
Set<String> baseFunctionSet = userBaseFuction.findByRoleId(user.getRoleId());
Set<String> baseFunctionSet = userBaseFuction.findByRoleId(Sets.newHashSet(user.getRoleId()));
if (baseFunctionSet.contains(BaseFunction.ADMIN.name())) {
throw new ClientException("ForbiddenError", "The admin user cannot be deleted");
}

12
docs-web/src/test/java/com/sismics/docs/rest/TestGroupResource.java
View File

@@ -41,6 +41,18 @@ public class TestGroupResource extends BaseJerseyTest {
clientUtil.createUser("group1", "g112", "g12");
String group1Token = clientUtil.login("group1");
// Login admin2
clientUtil.createUser("admin2", "administrators");
String admin2Token = clientUtil.login("admin2");
// Create trashme
clientUtil.createUser("trashme");
// Delete trashme with admin2
target().path("/user/trashme").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, admin2Token)
.delete(JsonObject.class);
// Get all groups
JsonObject json = target().path("/group")
.queryParam("sort_column", "1")