Context Navigation

← Previous Change
Next Change →

Changeset 1080 for branches/omero_ds_fix

Timestamp:

11/15/06 09:36:27 (2 years ago)

Author:

jmoore

Message:

#404 Adds groupName argument to IAdmin.createUser() and propagates.

Location:

branches/omero_ds_fix/components

Files:

: 24 modified

client/build.xml (modified) (3 diffs)
client/test/ome/client/itests/ConfigTest.java (modified) (2 diffs)
client/test/ome/client/itests/TicketsUpTo500Test.java (modified) (1 diff)
client/test/ome/client/itests/sec/AbstractAccountTest.java (modified) (2 diffs)
client/test/ome/client/itests/sec/AbstractChangeDetailClientTest.java (modified) (6 diffs)
client/test/ome/client/itests/sec/AbstractPermissionsTest.java (modified) (7 diffs)
client/test/ome/client/itests/sec/AccountCreationTest.java (modified) (1 diff)
common/src/ome/api/IAdmin.java (modified) (2 diffs)
common/src/ome/testing/CreatePojosFixture.java (modified) (1 diff)
common/src/ome/util/tasks/Task.java (modified) (1 diff)
common/src/ome/util/tasks/admin/AddGroupTask.java (modified) (1 diff)
common/src/ome/util/tasks/admin/AddUserTask.java (modified) (5 diffs)
server/src/ome/logic/AdminImpl.java (modified) (2 diffs)
server/src/ome/security/basic/BasicSecuritySystem.java (modified) (3 diffs)
server/src/ome/tools/hibernate/HibernateUtils.java (modified) (2 diffs)
server/test/ome/server/itests/AbstractManagedContextTest.java (modified) (3 diffs)
server/test/ome/server/itests/EventStateChangeTest.java (modified) (1 diff)
server/test/ome/server/itests/query/GetImagesQueryTest.java (modified) (2 diffs)
server/test/ome/server/itests/sec/AdminTest.java (modified) (20 diffs)
server/test/ome/server/itests/sec/EnumTest.java (modified) (2 diffs)
server/test/ome/server/itests/sec/GroupLeaderTest.java (modified) (3 diffs)
server/test/ome/server/itests/sec/LockingTest.java (modified) (3 diffs)
server/test/ome/server/itests/sec/SecurityFilterTest.java (modified) (2 diffs)
server/test/ome/server/itests/sec/SystemTypesTest.java (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

branches/omero_ds_fix/components/client/build.xml

r1057	r1080
29	29	<target name="addgroup" depends="prepare,load-groovy">
30	30	<fail unless="omero.rootpass">No root password defined. See etc/local.properties</fail>
31		<input message="Please enter group name:" addproperty="newgroup.name"/>
	31	<input message="Please enter group name:" addproperty="newgroup.name"
	32	defaultvalue=""/>
32	33	<fail-if-empty property="newgroup.name"/>
33		<input message="Please enter group description: (optional)" addproperty="newgroup.description"/>
	34	<input message="Please enter group description: (optional)" addproperty="newgroup.description"
	35	defaultvalue=""/>
34	36	<input message="Please enter name of the group owner: (optional)" addproperty="newgroup.owner"
35	37	defaultvalue="root"/>
…	…
68	70	<input message="Please enter login name: [${user.name}]" addproperty="newuser.omename"
69	71	defaultvalue="${user.name}"/>
70		<input message="Please enter user's first name:" addproperty="newuser.firstname"/>
	72	<input message="Please enter user's default group:" addproperty="newuser.group"
	73	defaultvalue=""/>
	74	<fail-if-empty property="newuser.group"/>
	75	<input message="Please enter user's first name:" addproperty="newuser.firstname"
	76	defaultvalue=""/>
71	77	<fail-if-empty property="newuser.firstname"/>
72		<input message="Please enter user's middle name: (optional)" addproperty="newuser.middlename"/>
73		<input message="Please enter user's last name:" addproperty="newuser.lastname"/>
	78	<input message="Please enter user's middle name: (optional)" addproperty="newuser.middlename"
	79	defaultvalue=""/>
	80	<input message="Please enter user's last name:" addproperty="newuser.lastname"
	81	defaultvalue=""/>
74	82	<fail-if-empty property="newuser.lastname"/>
75		<input message="Please enter user's email: (optional)" addproperty="newuser.email"/>
76		<input message="Please enter user's institution: (optional)" addproperty="newuser.institution"/>
	83	<input message="Please enter user's email: (optional)" addproperty="newuser.email"
	84	defaultvalue=""/>
	85	<input message="Please enter user's institution: (optional)" addproperty="newuser.institution"
	86	defaultvalue=""/>
77	87	<java classpathref="omero.classpath" classname="ome.util.tasks.Run" fork="yes">
78	88	<arg value="task=admin.AddUserTask"/>
…	…
86	96	<arg value="firstname=${newuser.firstname}"/>
87	97	<arg value="middlename=${newuser.middlename}"/>
88		<arg value="lastname=${newuser.lastename}"/>
	98	<arg value="lastname=${newuser.lastname}"/>
89	99	<arg value="email=${newuser.email}"/>
90		<arg value="institute=${newuser.institue}"/>
	100	<arg value="institution=${newuser.institution}"/>
	101	<arg value="group=${newuser.group}"/>
91	102	</java>
92	103	</target>

branches/omero_ds_fix/components/client/test/ome/client/itests/ConfigTest.java

r912	r1080
8	8	import ome.api.IConfig;
9	9	import ome.model.meta.Experimenter;
	10	import ome.model.meta.ExperimenterGroup;
10	11	import ome.system.Login;
11	12	import ome.system.ServiceFactory;
…	…
123	124
124	125	// Now let's create another user.
	126	final IAdmin rootAdmin = rootSf.getAdminService();
	127	ExperimenterGroup g = new ExperimenterGroup();
	128	g.setName(UUID.randomUUID().toString());
	129	rootAdmin.createGroup(g);
125	130	Experimenter e = new Experimenter();
126	131	e.setOmeName(UUID.randomUUID().toString());
127	132	e.setFirstName("Config");
128	133	e.setLastName("Test");
129		IAdmin rootAdmin = rootSf.getAdminService();
130		rootAdmin.createUser(e); // Not an admin or system user
	134	rootAdmin.createUser(e, g.getName()); // Not an admin or system user
131	135	rootAdmin.changeUserPassword(e.getOmeName(), "bar");
132	136

branches/omero_ds_fix/components/client/test/ome/client/itests/TicketsUpTo500Test.java

r1044	r1080
345	345
346	346	Long gid = rootAdmin.createGroup(group);
347		Long uid = rootAdmin.createUser(user1);
	347	Long uid = rootAdmin.createUser(user1,guid);
348	348	user1 = new Experimenter( uid, false );
349		uid = rootAdmin.createUser(user2);
	349	uid = rootAdmin.createUser(user2,guid);
350	350	user2 = new Experimenter( uid, false );
351	351	group = new ExperimenterGroup( gid, false );

branches/omero_ds_fix/components/client/test/ome/client/itests/sec/AbstractAccountTest.java

r832	r1080
70	70
71	71	protected Experimenter createNewUser(IAdmin iAdmin ) {
72
	72	ExperimenterGroup g = new ExperimenterGroup();
	73	g.setName(GUID.asString());
	74	iAdmin.createGroup(g);
73	75	Experimenter e = new Experimenter();
74		e.setOmeName(~~new GUID()~~.asString());
	76	e.setOmeName(GUID.asString());
75	77	e.setFirstName("ticket:181");
76	78	e.setLastName("ticket:181");
77		long id = iAdmin.createUser(e);
	79	long id = iAdmin.createUser(e,g.getName());
78	80	return iAdmin.getExperimenter(id);
79	81	}
…	…
82	84
83	85	Experimenter e = new Experimenter();
84		e.setOmeName(~~new GUID()~~.asString());
	86	e.setOmeName(GUID.asString());
85	87	e.setFirstName("ticket:181");
86	88	e.setLastName("ticket:181");

branches/omero_ds_fix/components/client/test/ome/client/itests/sec/AbstractChangeDetailClientTest.java

r1001	r1080
15	15	import ome.model.meta.ExperimenterGroup;
16	16	import ome.system.Login;
	17	import ome.system.Roles;
17	18	import ome.system.ServiceFactory;
18	19
…	…
28	29	private String pi_name = "PI:"+UUID.randomUUID().toString();
29	30	private String pi_group = "PIGRP:"+UUID.randomUUID().toString();
	31	private String other_grp = "OTHERGRP:"+UUID.randomUUID().toString();
30	32
31	33	protected Login asRoot, asUser, asOther, asWorld, asPI;
…	…
42	44	init();
43	45
44		~~// TODO USE ROLES HERE~~
45		toRoot = new Experimenter( 0L, false );
46		toSystem = new ExperimenterGroup( 0L, false );
47		toUserGroup = new ExperimenterGroup( 1L, false );
	46	Roles roles = new ServiceFactory().getAdminService().getSecurityRoles();
	47	toRoot = new Experimenter( roles.getRootId(), false );
	48	toSystem = new ExperimenterGroup( roles.getSystemGroupId(), false );
	49	toUserGroup = new ExperimenterGroup( roles.getUserGroupId(), false );
48	50
	51	toOtherGroup = new ExperimenterGroup();
	52	toOtherGroup.setName(other_grp);
	53	toOtherGroup = new ExperimenterGroup( rootAdmin.createGroup( toOtherGroup ), false );
	54
	55	toPIGroup = new ExperimenterGroup();
	56	toPIGroup.setName(pi_group);
	57	toPIGroup = new ExperimenterGroup( rootAdmin.createGroup( toPIGroup ), false );
	58
49	59	toUser = new Experimenter();
50	60	toUser.setFirstName("test");
51	61	toUser.setLastName("test");
52	62	toUser.setOmeName(user_name);
53		toUser = new Experimenter( rootAdmin.createUser( toUser ), false );
	63	toUser = new Experimenter( rootAdmin.createUser( toUser, pi_group ), false );
54	64
55	65	toOther = new Experimenter();
…	…
57	67	toOther.setLastName("test");
58	68	toOther.setOmeName(other_name);
59		toOther = new Experimenter( rootAdmin.createUser(toOther), false );
	69	toOther = new Experimenter( rootAdmin.createUser(toOther, pi_group), false );
60	70
61	71	toWorld = new Experimenter();
…	…
63	73	toWorld.setLastName("test");
64	74	toWorld.setOmeName(world_name);
65		toWorld = new Experimenter( rootAdmin.createUser(toWorld), false );
	75	toWorld = new Experimenter( rootAdmin.createUser(toWorld, other_grp), false );
66	76
67	77	toPI = new Experimenter();
…	…
69	79	toPI.setLastName("test");
70	80	toPI.setOmeName(pi_name);
71		toPI = new Experimenter( rootAdmin.createUser(toPI), false );
	81	toPI = new Experimenter( rootAdmin.createUser(toPI, pi_group), false );
72	82
73		~~toOtherGroup = new ExperimenterGroup();~~
74		~~toOtherGroup.setName(UUID.randomUUID().toString());~~
75		~~toOtherGroup = new ExperimenterGroup( rootAdmin.createGroup( toOtherGroup ), false );~~
76
77		~~toPIGroup = new ExperimenterGroup();~~
78		~~toPIGroup.setName(pi_group);~~
79		~~toPIGroup = new ExperimenterGroup( rootAdmin.createGroup( toPIGroup ), false );~~
80
81		~~rootAdmin.addGroups(toUser, toPIGroup);~~
82		~~rootAdmin.addGroups(toOther, toPIGroup);~~
83		~~rootAdmin.addGroups(toPI, toPIGroup);~~
84	83	rootAdmin.setGroupOwner(toPIGroup, toPI);
85	84

branches/omero_ds_fix/components/client/test/ome/client/itests/sec/AbstractPermissionsTest.java

r941	r1080
98	98	protected ExperimenterGroup
99	99	system_group = new ExperimenterGroup(0L,false),
100		common_group = new ExperimenterGroup(~~1L,false~~),
	100	common_group = new ExperimenterGroup(),
101	101	user_other_group = new ExperimenterGroup();
102	102
…	…
108	108	world = new Experimenter();
109	109
110		protected String gname;
	110	protected String gname, cname;
111	111
112	112	protected ServiceFactory u, o, w, p, r;
…	…
138	138	init();
139	139
	140	cname = UUID.randomUUID().toString();
140	141	gname = UUID.randomUUID().toString();
141	142
142	143	// shortcut for root service factory, created in super class
143	144	r = rootServices;
	145
	146	// create the common group
	147	common_group.setName(cname);
	148	common_group = new ExperimenterGroup(rootAdmin
	149	.createGroup(common_group),false);
	150
	151	// create the new group with the PI as leader
	152	user_other_group.setName(gname);
	153	user_other_group.getDetails().setOwner(pi);
	154	user_other_group = new ExperimenterGroup(rootAdmin
	155	.createGroup(user_other_group), false);
144	156
145	157	// create the PI for a new group
…	…
149	161	pi.setFirstName("read");
150	162	pi.setLastName("security -- leader of user_other_group");
151		pi = new Experimenter(rootAdmin.createUser(pi), false);
152
153		// create the new group with the PI as leader
154		user_other_group.setName(gname);
155		user_other_group.getDetails().setOwner(pi);
156		user_other_group = new ExperimenterGroup(rootAdmin
157		.createGroup(user_other_group), false);
158
159		// also add the PI to that group
160		rootAdmin.addGroups(pi, user_other_group);
161
	163	pi = new Experimenter(rootAdmin.createUser(pi,gname), false);
	164
162	165	// create a new user in that group
163	166	Login userLogin = new Login(UUID.randomUUID().toString(), "empty",gname,"Test");
…	…
166	169	user.setFirstName("read");
167	170	user.setLastName("security");
168		user = new Experimenter(rootAdmin.createUser(user), false);
	171	user = new Experimenter(rootAdmin.createUser(user,gname), false);
169	172	rootAdmin.addGroups(user, user_other_group);
170	173
…	…
175	178	other.setFirstName("read");
176	179	other.setLastName("security2");
177		other = new Experimenter(rootAdmin.createUser(other), false);
	180	other = new Experimenter(rootAdmin.createUser(other,gname), false);
178	181	rootAdmin.addGroups(other, user_other_group);
179	182
…	…
184	187	world.setFirstName("read");
185	188	world.setLastName("Security -- not in their group");
186		world = new Experimenter(rootAdmin.createUser(world), false);
	189	world = new Experimenter(rootAdmin.createUser(world,cname), false);
187	190	// not in same group
188	191

branches/omero_ds_fix/components/client/test/ome/client/itests/sec/AccountCreationTest.java

r824	r1080
32	32	@Test
33	33	public void testSudoCreatesUserAccountThroughIAdmin() throws Exception {
	34	ExperimenterGroup g = new ExperimenterGroup();
	35	g.setName(GUID.asString());
	36	getSudoAdmin("ome").createGroup(g);
34	37	Experimenter e = new Experimenter();
35		e.setOmeName(~~new GUID()~~.asString());
	38	e.setOmeName(GUID.asString());
36	39	e.setFirstName("ticket:181");
37	40	e.setLastName("ticket:199");
38	41	e = getSudoAdmin("ome").getExperimenter(
39		getSudoAdmin("ome").createUser(e));
	42	getSudoAdmin("ome").createUser(e,g.getName()));
40	43	assertCanLogin(e.getOmeName(),"");
41	44	assertCanLogin(e.getOmeName(),"ome");

branches/omero_ds_fix/components/common/src/ome/api/IAdmin.java

r987	r1080
128	128
129	129	/** create and return a new user. This user will be created with the default
130		* "User" group.
	130	* group specified.
	131	*
131	132	* @param newUser a new {@link Experimenter} instance
	133	* @parm group group name of the default group for this user
132	134	* @return id of the newly created {@link Experimenter}
133	135	*/
134		long createUser( @NotNull Experimenter newUser );
	136	long createUser( @NotNull Experimenter newUser, @NotNull String group );
135	137
136	138	/** create and return a new system user. This user will be created with the
137		* "System" (administration) group and will also be in the "user" group.
	139	* "System" (administration) group as default and will also be in the "user"
	140	* group.
	141	*
138	142	* @param newUser a new {@link Experimenter} instance
139	143	* @return id of the newly created {@link Experimenter}
…	…
151	155	@NotNull Experimenter experimenter,
152	156	@NotNull ExperimenterGroup defaultGroup,
153		ExperimenterGroup[] otherGroups );
	157	ExperimenterGroup...otherGroups );
154	158
155	159	/** create and return a new group.

branches/omero_ds_fix/components/common/src/ome/testing/CreatePojosFixture.java

r957	r1080
53	53	fixture.e.setFirstName("Mr.");
54	54	fixture.e.setLastName("Allen");
55		fixture.e = new Experimenter( rootAdmin.createUser(fixture.e), false );
56		rootAdmin.addGroups(fixture.e, fixture.g);
57		rootAdmin.setDefaultGroup(fixture.e, fixture.g);
	55	fixture.e = new Experimenter( rootAdmin.createUser(fixture.e, G_NAME), false );
58	56
59	57	Login testLogin = new Login(fixture.TESTER,"ome",G_NAME,"Test");

branches/omero_ds_fix/components/common/src/ome/util/tasks/Task.java

r1054	r1080
88	88	"ServiceFactory cannot be null.");
89	89	this.sf = serviceFactory;
90		this.props = properties == null ? new Properties() :
91		System.getProperties();
	90	this.props = properties == null ? System.getProperties() : properties;
92	91	}
93	92

branches/omero_ds_fix/components/common/src/ome/util/tasks/admin/AddGroupTask.java

r1054	r1080
97	97	"Added group %s with id %d",g.getName(),gid));
98	98	final String leaderName = enumValue(leader);
99		if (leaderName!=null)
	99	if (leaderName!=null && leaderName.trim().length() > 0)
100	100	{
101	101	Experimenter e = admin.lookupExperimenter(leaderName); // TODO need id only

branches/omero_ds_fix/components/common/src/ome/util/tasks/admin/AddUserTask.java

r1054	r1080
38	38	import ome.annotations.RevisionDate;
39	39	import ome.annotations.RevisionNumber;
	40	import ome.api.IAdmin;
40	41	import ome.model.meta.Experimenter;
	42	import ome.model.meta.ExperimenterGroup;
41	43	import ome.system.ServiceFactory;
42	44	import ome.util.tasks.Configuration;
43	45	import ome.util.tasks.SimpleTask;
44	46
	47	import static ome.util.tasks.admin.AddGroupTask.Keys.leader;
45	48	import static ome.util.tasks.admin.AddUserTask.Keys.*;
46	49
…	…
58	61	* <li>institution</li>
59	62	* <li>email</li>
	63	* <li>group</li>
60	64	* </ul>
61	65	*
…	…
77	81	*/
78	82	public enum Keys {
79		omename, firstname, lastname, middlename, institution, email
	83	omename, firstname, lastname, middlename, institution, email, group
80	84	}
81	85
…	…
94	98	public void doTask() {
95	99	super.doTask(); // logs
	100	final IAdmin admin = getServiceFactory().getAdminService();
	101	final String groupName = enumValue(group);
96	102	Experimenter e = new Experimenter();
97	103	e.setOmeName(enumValue(omename));
…	…
101	107	e.setInstitution(enumValue(institution));
102	108	e.setEmail(enumValue(email));
103		long uid = ~~getServiceFactory().getAdminService().createUser(~~e);
	109	long uid = admin.createUser(e,groupName);
104	110	getLogger().info(String.format(
105	111	"Added user %s with id %d",e.getOmeName(),uid));

branches/omero_ds_fix/components/server/src/ome/logic/AdminImpl.java

r1038	r1080
356	356
357	357	@RolesAllowed("system")
358		public long createUser(Experimenter newUser) {
359		return createExperimenter(newUser, groupProxy("user"), null);
	358	public long createUser(Experimenter newUser, String defaultGroup) {
	359	return createExperimenter(newUser, groupProxy(defaultGroup),
	360	groupProxy("user"));
360	361	}
361	362
…	…
363	364	public long createSystemUser(Experimenter newSystemUser) {
364	365	return createExperimenter(newSystemUser, groupProxy("system"),
365		~~new ExperimenterGroup[] { groupProxy("user") }~~);
	366	groupProxy("user"));
366	367	}
367	368
368	369	@RolesAllowed("system")
369	370	public long createExperimenter(Experimenter experimenter,
370		ExperimenterGroup defaultGroup, ExperimenterGroup[] otherGroups) {
	371	ExperimenterGroup defaultGroup, ExperimenterGroup...otherGroups) {
371	372	// TODO check that no other group is default
372	373

branches/omero_ds_fix/components/server/src/ome/security/basic/BasicSecuritySystem.java

r1039	r1080
70	70	import ome.model.meta.ExternalInfo;
71	71	import ome.model.meta.GroupExperimenterMap;
	72	import ome.parameters.Parameters;
72	73	import ome.security.ACLVoter;
73	74	import ome.security.AdminAction;
…	…
1033	1034	}
1034	1035
1035		private Principal clearAndCheckPrincipal() {
	1036	private Principal clearAndCheckPrincipal()
	1037	{
1036	1038	// clear even if this fails. (make SecuritySystem unusable)
1037	1039	clearEventContext();
…	…
1054	1056	throw new InternalException(
1055	1057	"Principal.eventType is null in EventContext. Security system failure.");
	1058
	1059	// ticket:404 -- preventing users from logging into "user" group
	1060	if ( roles.getUserGroupName().equals( p.getGroup() ))
	1061	{
	1062	List<ExperimenterGroup> groups =
	1063	sf.getQueryService().findAllByQuery(
	1064	"select g from ExperimenterGroup g " +
	1065	"join g.groupExperimenterMap as m " +
	1066	"join m.child as u " +�