From 098b8516c1dc3765f1c6ad6abe28a5b7c0d41bfc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 18:04:47 +0100 Subject: [PATCH 01/16] Extract ObjectAccessPermission to admin slice --- .../PermissionsMessagesADMSpec.scala | 20 +++-- .../admin/PermissionsResponderADMSpec.scala | 22 +++--- .../webapi/messages/OntologyConstants.scala | 15 ---- .../PermissionsMessagesADM.scala | 34 +++----- .../PermissionsMessagesUtilADM.scala | 9 --- .../messages/util/PermissionUtilADM.scala | 78 ++++++------------- .../admin/AssetPermissionsResponder.scala | 2 +- .../admin/PermissionsResponderADM.scala | 32 ++++---- .../model/ObjectAccessPermissions.scala | 64 +++++++++++++++ 9 files changed, 134 insertions(+), 142 deletions(-) create mode 100644 webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala diff --git a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala index 711b3c89a4..c1730e0947 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala @@ -14,14 +14,14 @@ import dsp.errors.ForbiddenException import org.knora.webapi.CoreSpec import org.knora.webapi.messages.OntologyConstants import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations -import org.knora.webapi.messages.OntologyConstants.KnoraBase.EntityPermissionAbbreviations -import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsMessagesUtilADM.PermissionTypeAndCodes import org.knora.webapi.responders.admin.PermissionsResponderADM import org.knora.webapi.routing.UnsafeZioRun import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ import org.knora.webapi.sharedtestdata._ import org.knora.webapi.slice.admin.api.service.PermissionsRestService +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA /** @@ -488,7 +488,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, "Invalid value for name parameter of hasPermissions: invalid, it should be one of " + - s"${EntityPermissionAbbreviations.toString}", + s"${ObjectAccessPermissions.allTokens.mkString(", ")}", ) } @@ -496,7 +496,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { val invalidCode = 10 val hasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.ChangeRightsPermission, + name = ObjectAccessPermission.ChangeRights.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator), permissionCode = Some(invalidCode), ), @@ -507,18 +507,16 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, s"Invalid value for permissionCode parameter of hasPermissions: $invalidCode, it should be one of " + - s"${PermissionTypeAndCodes.values.toString}", + s"${ObjectAccessPermissions.allCodes.mkString(", ")}", ) } "not create a DefaultObjectAccessPermission for project and property if hasPermissions set contained permission with inconsistent code and name" in { - val code = 2 - val name = OntologyConstants.KnoraBase.ChangeRightsPermission val hasPermissions = Set( PermissionADM( - name = name, + name = ObjectAccessPermission.ChangeRights.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator), - permissionCode = Some(code), + permissionCode = Some(ObjectAccessPermission.View.code), ), ) @@ -526,7 +524,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { UnsafeZioRun.run(ZIO.serviceWithZIO[PermissionsResponderADM](_.verifyHasPermissionsDOAP(hasPermissions))) assertFailsWithA[BadRequestException]( exit, - s"Given permission code $code and permission name $name are not consistent.", + s"Given permission code 2 and permission name CR are not consistent.", ) } @@ -552,7 +550,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { val hasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.ChangeRightsPermission, + name = ObjectAccessPermission.ChangeRights.token, additionalInformation = None, permissionCode = Some(8), ), diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala index 8b93a7e78d..79dee0bcbc 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala @@ -19,8 +19,6 @@ import dsp.errors.ForbiddenException import dsp.errors.NotFoundException import org.knora.webapi._ import org.knora.webapi.messages.OntologyConstants -import org.knora.webapi.messages.OntologyConstants.KnoraBase.EntityPermissionAbbreviations -import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsMessagesUtilADM.PermissionTypeAndCodes import org.knora.webapi.messages.admin.responder.permissionsmessages._ import org.knora.webapi.messages.store.triplestoremessages.RdfDataObject import org.knora.webapi.messages.util.KnoraSystemInstances @@ -36,6 +34,8 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM.normalUser import org.knora.webapi.sharedtestdata.SharedTestDataADM2 import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA @@ -671,14 +671,14 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "create a DefaultObjectAccessPermission for project and property even if permissionCode of a permission was missing" in { val hasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, + name = ObjectAccessPermission.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = None, ), ) val expectedPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, + name = ObjectAccessPermission.Delete.token, additionalInformation = Some(projectAdmin), permissionCode = Some(7), ), @@ -1094,7 +1094,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val expectedHasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.ChangeRightsPermission, + name = ObjectAccessPermission.ChangeRights.token, additionalInformation = Some(creator), permissionCode = Some(8), ), @@ -1119,7 +1119,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val hasPermissions = NonEmptyChunk( PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, + name = ObjectAccessPermission.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = None, ), @@ -1127,7 +1127,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val expectedHasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, + name = ObjectAccessPermission.Delete.token, additionalInformation = Some(projectAdmin), permissionCode = Some(7), ), @@ -1150,7 +1150,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "not update hasPermissions of a default object access permission, if both name and project code of a permission were missing" in { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val code = 1 - val name = OntologyConstants.KnoraBase.DeletePermission + val name = ObjectAccessPermission.Delete.token val hasPermissions = NonEmptyChunk( PermissionADM( name = name, @@ -1198,7 +1198,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assertFailsWithA[BadRequestException]( exit, s"Invalid value for name parameter of hasPermissions: $name, it should be one of " + - s"${EntityPermissionAbbreviations.toString}", + s"${ObjectAccessPermissions.allTokens.mkString(", ")}", ) } @@ -1207,7 +1207,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val code = 10 val hasPermissions = NonEmptyChunk( PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, + name = ObjectAccessPermission.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = Some(code), ), @@ -1226,7 +1226,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assertFailsWithA[BadRequestException]( exit, s"Invalid value for permissionCode parameter of hasPermissions: $code, it should be one of " + - s"${PermissionTypeAndCodes.values.toString}", + s"${ObjectAccessPermissions.allCodes.mkString(", ")}", ) } diff --git a/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala b/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala index e43e01a4a7..641c3e420a 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala @@ -366,21 +366,6 @@ object OntologyConstants { val PermissionListDelimiter: Char = '|' val GroupListDelimiter: Char = ',' - val RestrictedViewPermission: String = "RV" - val ViewPermission: String = "V" - val ModifyPermission: String = "M" - val DeletePermission: String = "D" - val ChangeRightsPermission: String = "CR" - val MaxPermission: String = ChangeRightsPermission - - val EntityPermissionAbbreviations: Seq[String] = Seq( - RestrictedViewPermission, - ViewPermission, - ModifyPermission, - DeletePermission, - ChangeRightsPermission, - ) - /* Standoff */ val StandoffTag: IRI = KnoraBasePrefixExpansion + "StandoffTag" diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index d1b856e791..af8a7682e3 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -23,6 +23,7 @@ import org.knora.webapi.messages.admin.responder.projectsmessages.ProjectsADMJso import org.knora.webapi.messages.store.triplestoremessages.TriplestoreJsonProtocol import org.knora.webapi.messages.traits.Jsonable import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.slice.admin.domain.model.User @@ -720,6 +721,9 @@ case class PermissionADM(name: String, additionalInformation: Option[IRI] = None */ object PermissionADM { + def from(permission: ObjectAccessPermission, restriction: IRI): PermissionADM = + PermissionADM(permission.token, Some(restriction), Some(permission.code)) + /////////////////////////////////////////////////////////////////////////// // Administrative Permissions /////////////////////////////////////////////////////////////////////////// @@ -771,39 +775,19 @@ object PermissionADM { /////////////////////////////////////////////////////////////////////////// def changeRightsPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraBase.ChangeRightsPermission, - additionalInformation = Some(restriction), - permissionCode = Some(8), - ) + PermissionADM.from(ObjectAccessPermission.ChangeRights, restriction) def deletePermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraBase.DeletePermission, - additionalInformation = Some(restriction), - permissionCode = Some(7), - ) + PermissionADM.from(ObjectAccessPermission.Delete, restriction) def modifyPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraBase.ModifyPermission, - additionalInformation = Some(restriction), - permissionCode = Some(6), - ) + PermissionADM.from(ObjectAccessPermission.Modify, restriction) def viewPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraBase.ViewPermission, - additionalInformation = Some(restriction), - permissionCode = Some(2), - ) + PermissionADM.from(ObjectAccessPermission.View, restriction) def restrictedViewPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraBase.RestrictedViewPermission, - additionalInformation = Some(restriction), - permissionCode = Some(1), - ) + PermissionADM.from(ObjectAccessPermission.RestrictedView, restriction) } diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala index c1cb0af090..28e2b191c3 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala @@ -8,7 +8,6 @@ package org.knora.webapi.messages.admin.responder.permissionsmessages import dsp.errors.BadRequestException import org.knora.webapi.IRI import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations -import org.knora.webapi.messages.OntologyConstants.KnoraBase._ import org.knora.webapi.slice.admin.domain.model.PermissionIri /** @@ -16,14 +15,6 @@ import org.knora.webapi.slice.admin.domain.model.PermissionIri */ object PermissionsMessagesUtilADM { - val PermissionTypeAndCodes: Map[String, Int] = Map( - RestrictedViewPermission -> 1, - ViewPermission -> 2, - ModifyPermission -> 6, - DeletePermission -> 7, - ChangeRightsPermission -> 8, - ) - //////////////////// // Helper Methods // //////////////////// diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index 826a6f8e0c..8ca69abf27 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -27,6 +27,8 @@ import org.knora.webapi.messages.store.triplestoremessages.LiteralV2 import org.knora.webapi.messages.store.triplestoremessages.SparqlExtendedConstructResponse.ConstructPredicateObjects import org.knora.webapi.messages.util.PermissionUtilADM.formatPermissionADMs import org.knora.webapi.messages.util.PermissionUtilADM.parsePermissions +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.slice.admin.domain.model.User /** @@ -42,86 +44,53 @@ object PermissionUtilADM extends LazyLogging { */ sealed trait EntityPermission extends Ordered[EntityPermission] { + def permission: ObjectAccessPermission + /** * Represents this [[EntityPermission]] as an integer, as required by Knora API v1. */ - def toInt: Int - - override def compare(that: EntityPermission): Int = this.toInt - that.toInt + final def toInt: Int = permission.code - def getName: String + override def compare(that: EntityPermission): Int = this.permission.code - that.permission.code - def toPermissionADM(groupIri: IRI): PermissionADM + final override def toString: String = permission.token + final def getName: String = permission.token + final def toPermissionADM(groupIri: IRI): PermissionADM = PermissionADM.from(permission, groupIri) } /** * Represents restricted view permission on an entity. */ case object RestrictedViewPermission extends EntityPermission { - override def toInt: Int = 1 - - override def toString: String = OntologyConstants.KnoraBase.RestrictedViewPermission - - override val getName: String = "restricted view permission" - - override def toPermissionADM(groupIri: IRI): PermissionADM = - PermissionADM.restrictedViewPermission(groupIri) + override def permission: ObjectAccessPermission = ObjectAccessPermission.RestrictedView } /** * Represents unrestricted view permission on an entity. */ case object ViewPermission extends EntityPermission { - override def toInt: Int = 2 - - override def toString: String = OntologyConstants.KnoraBase.ViewPermission - - override val getName: String = "view permission" - - override def toPermissionADM(groupIri: IRI): PermissionADM = - PermissionADM.viewPermission(groupIri) + override def permission: ObjectAccessPermission = ObjectAccessPermission.View } /** * Represents modify permission on an entity. */ case object ModifyPermission extends EntityPermission { - override def toInt: Int = 6 - - override def toString: String = OntologyConstants.KnoraBase.ModifyPermission - - override val getName: String = "modify permission" - - override def toPermissionADM(groupIri: IRI): PermissionADM = - PermissionADM.modifyPermission(groupIri) + override def permission: ObjectAccessPermission = ObjectAccessPermission.Modify } /** * Represents delete permission on an entity. */ case object DeletePermission extends EntityPermission { - override def toInt: Int = 7 - - override def toString: String = OntologyConstants.KnoraBase.DeletePermission - - override val getName: String = "delete permission" - - override def toPermissionADM(groupIri: IRI): PermissionADM = - PermissionADM.deletePermission(groupIri) + override def permission: ObjectAccessPermission = ObjectAccessPermission.Delete } /** * Represents permission to change the permissions on an entity. */ case object ChangeRightsPermission extends EntityPermission { - override def toInt: Int = 8 - - override def toString: String = OntologyConstants.KnoraBase.ChangeRightsPermission - - override val getName: String = "change rights permission" - - override def toPermissionADM(groupIri: IRI): PermissionADM = - PermissionADM.changeRightsPermission(groupIri) + override def permission: ObjectAccessPermission = ObjectAccessPermission.ChangeRights } /** @@ -429,7 +398,7 @@ object PermissionUtilADM extends LazyLogging { val abbreviation: String = splitPermission(0) - if (!OntologyConstants.KnoraBase.EntityPermissionAbbreviations.contains(abbreviation)) { + if (!ObjectAccessPermissions.allTokens.contains(abbreviation)) { errorFun(permissionLiteral) } @@ -487,7 +456,7 @@ object PermissionUtilADM extends LazyLogging { } case PermissionType.OAP => - if (!OntologyConstants.KnoraBase.EntityPermissionAbbreviations.contains(abbreviation)) { + if (!ObjectAccessPermissions.allTokens.contains(abbreviation)) { throw InconsistentRepositoryDataException(s"Unrecognized permission abbreviation '$abbreviation'") } val shortGroups: Array[String] = @@ -543,35 +512,35 @@ object PermissionUtilADM extends LazyLogging { case OntologyConstants.KnoraAdmin.ProjectAdminRightsAllPermission => Set(PermissionADM.ProjectAdminRightsAllPermission) - case OntologyConstants.KnoraBase.ChangeRightsPermission => + case ObjectAccessPermission.ChangeRights.token => if (iris.nonEmpty) { iris.map(iri => PermissionADM.changeRightsPermission(iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraBase.DeletePermission => + case ObjectAccessPermission.Delete.token => if (iris.nonEmpty) { iris.map(iri => PermissionADM.deletePermission(iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraBase.ModifyPermission => + case ObjectAccessPermission.Modify.token => if (iris.nonEmpty) { iris.map(iri => PermissionADM.modifyPermission(iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraBase.ViewPermission => + case ObjectAccessPermission.View.token => if (iris.nonEmpty) { iris.map(iri => PermissionADM.viewPermission(iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraBase.RestrictedViewPermission => + case ObjectAccessPermission.RestrictedView.token => if (iris.nonEmpty) { iris.map(iri => PermissionADM.restrictedViewPermission(iri)) } else { @@ -702,8 +671,9 @@ object PermissionUtilADM extends LazyLogging { */ def impliesPermissionCodeV1(userHasPermissionCode: Option[Int], userNeedsPermission: String): Boolean = userHasPermissionCode match { - case Some(permissionCode) => permissionCode >= permissionStringsToPermissionLevels(userNeedsPermission).toInt - case None => false + case Some(permissionCode) => + permissionCode >= permissionStringsToPermissionLevels(userNeedsPermission).permission.code + case None => false } } diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala index 04f77e7623..08be54af4d 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala @@ -73,7 +73,7 @@ final case class AssetPermissionsResponder( PermissionUtilADM .getUserPermissionFromAssertionsADM(fileValueIriSubject.toString, assertions, requestingUser) - .map(_.toInt) + .map(_.permission.code) .getOrElse(0) } diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index e79188faa0..da2614cb57 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -20,13 +20,11 @@ import org.knora.webapi.core.MessageHandler import org.knora.webapi.core.MessageRelay import org.knora.webapi.messages.IriConversions._ import org.knora.webapi.messages.OntologyConstants -import org.knora.webapi.messages.OntologyConstants.KnoraBase.EntityPermissionAbbreviations import org.knora.webapi.messages.ResponderRequest import org.knora.webapi.messages.SmartIri import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.admin.responder.groupsmessages.GroupGetADM import org.knora.webapi.messages.admin.responder.permissionsmessages -import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsMessagesUtilADM.PermissionTypeAndCodes import org.knora.webapi.messages.admin.responder.permissionsmessages._ import org.knora.webapi.messages.twirl.queries.sparql import org.knora.webapi.messages.util.KnoraSystemInstances.Users.SystemUser @@ -40,6 +38,8 @@ import org.knora.webapi.slice.admin.AdminConstants import org.knora.webapi.slice.admin.domain.model.Group import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.KnoraProjectService @@ -103,7 +103,7 @@ trait PermissionsResponderADM { * Delete a permission. * * @param permissionIri the IRI of the permission. - * @param requestingUser the [[UserADM]] of the requesting user. + * @param requestingUser the [[User]] of the requesting user. * @param apiRequestID the API request ID. * @return [[PermissionDeleteResponseADM]]. * fails with an UpdateNotPerformedException if permission was in use and could not be deleted or something else went wrong. @@ -1624,16 +1624,16 @@ final case class PermissionsResponderADMLive( validateDOAPHasPermissions(hasPermissions) hasPermissions.map { permission => val code: Int = permission.permissionCode match { - case None => PermissionTypeAndCodes(permission.name) + case None => ObjectAccessPermissions.byToken(permission.name) case Some(code) => code } - val name = permission.name.isEmpty match { - case true => - val nameCodeSet: Option[(String, Int)] = PermissionTypeAndCodes.find { case (_, code) => - code == permission.permissionCode.get - } - nameCodeSet.get._1 - case false => permission.name + val name = if (permission.name.isEmpty) { + val nameCodeSet: Option[(String, Int)] = ObjectAccessPermissions.byToken.find { case (_, code) => + code == permission.permissionCode.get + } + nameCodeSet.get._1 + } else { + permission.name } PermissionADM( name = name, @@ -1653,17 +1653,17 @@ final case class PermissionsResponderADMLive( if (permission.additionalInformation.isEmpty) { throw BadRequestException(s"additionalInformation of a default object access permission type cannot be empty.") } - if (permission.name.nonEmpty && !EntityPermissionAbbreviations.contains(permission.name)) + if (permission.name.nonEmpty && !ObjectAccessPermissions.allTokens(permission.name)) throw BadRequestException( s"Invalid value for name parameter of hasPermissions: ${permission.name}, it should be one of " + - s"${EntityPermissionAbbreviations.toString}", + s"${ObjectAccessPermissions.allTokens.mkString(", ")}", ) if (permission.permissionCode.nonEmpty) { val code = permission.permissionCode.get - if (!PermissionTypeAndCodes.values.toSet.contains(code)) { + if (ObjectAccessPermission.from(code).isEmpty) { throw BadRequestException( s"Invalid value for permissionCode parameter of hasPermissions: $code, it should be one of " + - s"${PermissionTypeAndCodes.values.toString}", + s"${ObjectAccessPermissions.allCodes.mkString(", ")}", ) } } @@ -1674,7 +1674,7 @@ final case class PermissionsResponderADMLive( } if (permission.permissionCode.nonEmpty && permission.name.nonEmpty) { val code = permission.permissionCode.get - if (PermissionTypeAndCodes(permission.name) != code) { + if (!ObjectAccessPermission.from(permission.name).map(_.code).contains(code)) { throw BadRequestException( s"Given permission code $code and permission name ${permission.name} are not consistent.", ) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala new file mode 100644 index 0000000000..6c21444f56 --- /dev/null +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala @@ -0,0 +1,64 @@ +package org.knora.webapi.slice.admin.domain.model + +import org.knora.webapi.IRI +import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM + +sealed trait ObjectAccessPermission extends Ordered[ObjectAccessPermission] { + self => + def name: String + def token: String + def code: Int + final def toPermissionADM(groupIri: IRI): PermissionADM = PermissionADM.from(self, groupIri) + final override def compare(that: ObjectAccessPermission): Int = self.code - that.code + final override def toString: String = token +} + +object ObjectAccessPermission { + case object RestrictedView extends ObjectAccessPermission { + override val name: String = "restricted view permission" + override val token: String = "RV" + override val code: Int = 1 + } + + case object View extends ObjectAccessPermission { + override val name: String = "view permission" + override val token: String = "V" + override val code: Int = 2 + } + + case object Modify extends ObjectAccessPermission { + override val name: String = "modify permission" + override val token: String = "M" + override val code: Int = 6 + } + + case object Delete extends ObjectAccessPermission { + override val name: String = "delete permission" + override val token: String = "D" + override val code: Int = 7 + } + + case object ChangeRights extends ObjectAccessPermission { + override val name: String = "change rights permission" + override val token: String = "CR" + override val code: Int = 8 + } + + val maxPermission: ObjectAccessPermission = ChangeRights + def from(code: Int): Option[ObjectAccessPermission] = ObjectAccessPermissions.all.find(_.code == code) + def from(shortString: String): Option[ObjectAccessPermission] = + ObjectAccessPermissions.all.find(_.token == shortString) +} + +object ObjectAccessPermissions { + val all: Set[ObjectAccessPermission] = Set( + ObjectAccessPermission.ChangeRights, + ObjectAccessPermission.Delete, + ObjectAccessPermission.Modify, + ObjectAccessPermission.RestrictedView, + ObjectAccessPermission.View, + ) + val allCodes: Set[Int] = all.map(_.code) + val allTokens: Set[String] = all.map(_.token) + val byToken: Map[String, Int] = all.map(p => p.token -> p.code).toMap +} From 0aef9825938e35f5d66b68bff08c4db4ad22087c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 18:31:04 +0100 Subject: [PATCH 02/16] Replace EntityPermission with ObjectAccessPermission --- .../ConstructResponseUtilV2SpecFullData.scala | 77 ++++++----- .../messages/util/PermissionUtilADMSpec.scala | 40 +++--- .../v2/ResourcesResponderV2SpecFullData.scala | 98 +++++++------- ...sourcesResponseCheckerV2SpecFullData.scala | 52 ++++---- .../v2/SearchResponderV2SpecFullData.scala | 14 +- .../responders/v2/ValuesResponderV2Spec.scala | 4 +- .../util/ConstructResponseUtilV2.scala | 13 +- .../messages/util/PermissionUtilADM.scala | 126 ++++-------------- .../resourcemessages/ResourceMessagesV2.scala | 4 +- .../valuemessages/ValueMessagesV2.scala | 10 +- .../admin/AssetPermissionsResponder.scala | 2 +- .../admin/PermissionsResponderADM.scala | 2 +- .../webapi/responders/v2/ResourceUtilV2.scala | 34 ++--- .../responders/v2/ResourcesResponderV2.scala | 11 +- .../responders/v2/ValuesResponderV2.scala | 17 +-- .../model/ObjectAccessPermissions.scala | 4 +- 16 files changed, 220 insertions(+), 288 deletions(-) diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala index 38c338219f..43b03dba47 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala @@ -11,8 +11,6 @@ import dsp.valueobjects.UuidUtil import org.knora.webapi.InternalSchema import org.knora.webapi.messages.IriConversions._ import org.knora.webapi.messages.StringFormatter -import org.knora.webapi.messages.util.PermissionUtilADM.ChangeRightsPermission -import org.knora.webapi.messages.util.PermissionUtilADM.ViewPermission import org.knora.webapi.messages.v2.responder.resourcemessages.ReadResourceV2 import org.knora.webapi.messages.v2.responder.resourcemessages.ReadResourcesSequenceV2 import org.knora.webapi.messages.v2.responder.standoffmessages.StandoffDataTypeClasses @@ -20,6 +18,7 @@ import org.knora.webapi.messages.v2.responder.standoffmessages.StandoffTagIriAtt import org.knora.webapi.messages.v2.responder.standoffmessages.StandoffTagV2 import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -33,7 +32,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-11-29T10:00:00.673298Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -48,7 +47,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("F2xCr0S2QfWRQxJDWY9L0g"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ReadOtherValueV2( @@ -63,7 +62,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("yVTqO37cRkCSvXbFc3vTyw"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -87,7 +86,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-11-29T10:00:00.673298Z"), - userPermission = ViewPermission, + userPermission = ObjectAccessPermission.View, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -108,7 +107,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasOtherThingValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -127,7 +126,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -142,7 +141,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("UgSp5mXTTSKdI02ZU1KIAA"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -159,7 +158,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("U1PwfNaVRQebbOSFWNdMqQ"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -183,7 +182,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ViewPermission, + userPermission = ObjectAccessPermission.View, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -198,7 +197,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("U1PwfNaVRQebbOSFWNdMqQ"), - userPermission = ViewPermission, + userPermission = ObjectAccessPermission.View, deletionInfo = None, ), ), @@ -222,7 +221,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasText".toSmartIri -> Vector( ReadTextValueV2( @@ -276,7 +275,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("1"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ReadTextValueV2( @@ -330,7 +329,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("2"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -351,7 +350,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -366,7 +365,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://www.knora.org/ontology/knora-admin#SystemUser", previousValueIri = None, valueHasUUID = UuidUtil.decode("0"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -391,7 +390,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -411,7 +410,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -429,7 +428,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("d9a522845006"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -448,7 +447,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -466,7 +465,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("fae17f4f6106"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -484,7 +483,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -504,7 +503,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -522,7 +521,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("c3295339"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -541,7 +540,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -559,7 +558,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("53feeaf80a"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -584,7 +583,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -602,7 +601,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("c3295339"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -624,7 +623,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -644,7 +643,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -662,7 +661,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("53feeaf80a"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -681,7 +680,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -699,7 +698,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -717,7 +716,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("d9a522845006"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -739,7 +738,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -759,7 +758,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -777,7 +776,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("fae17f4f6106"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), @@ -796,7 +795,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, deletionInfo = None, ), ), diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala index c6f2de9b2f..03e3482866 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala @@ -14,9 +14,9 @@ import org.knora.webapi.messages.OntologyConstants import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionType import org.knora.webapi.messages.util.PermissionUtilADM -import org.knora.webapi.messages.util.PermissionUtilADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM import org.knora.webapi.sharedtestdata.SharedTestDataADM2 +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import pekko.testkit.ImplicitSender @@ -25,11 +25,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { val permissionLiteral = "RV knora-admin:UnknownUser|V knora-admin:KnownUser|M knora-admin:ProjectMember|CR knora-admin:Creator" - val parsedPermissionLiteral: Map[EntityPermission, Set[IRI]] = Map( - RestrictedViewPermission -> Set(OntologyConstants.KnoraAdmin.UnknownUser), - ViewPermission -> Set(OntologyConstants.KnoraAdmin.KnownUser), - ModifyPermission -> Set(OntologyConstants.KnoraAdmin.ProjectMember), - ChangeRightsPermission -> Set(OntologyConstants.KnoraAdmin.Creator), + val parsedPermissionLiteral: Map[ObjectAccessPermission, Set[IRI]] = Map( + ObjectAccessPermission.RestrictedView -> Set(OntologyConstants.KnoraAdmin.UnknownUser), + ObjectAccessPermission.View -> Set(OntologyConstants.KnoraAdmin.KnownUser), + ObjectAccessPermission.Modify -> Set(OntologyConstants.KnoraAdmin.ProjectMember), + ObjectAccessPermission.ChangeRights -> Set(OntologyConstants.KnoraAdmin.Creator), ) "PermissionUtil" should { @@ -40,7 +40,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaMemberUser, - ) should equal(Some(ModifyPermission)) // modify permission + ) should equal(Some(ObjectAccessPermission.Modify)) // modify permission } "return user's max permission for a specific resource (incunabula project admin user)" in { @@ -49,7 +49,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaProjectAdminUser, - ) should equal(Some(ChangeRightsPermission)) // change rights permission + ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (incunabula creator user)" in { @@ -58,7 +58,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaCreatorUser, - ) should equal(Some(ChangeRightsPermission)) // change rights permission + ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (root user)" in { @@ -67,7 +67,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.rootUser, - ) should equal(Some(ChangeRightsPermission)) // change rights permission + ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (normal user)" in { @@ -76,7 +76,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.normalUser, - ) should equal(Some(ViewPermission)) // view permission + ) should equal(Some(ObjectAccessPermission.View)) // view permission } "return user's max permission for a specific resource (anonymous user)" in { @@ -85,7 +85,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.anonymousUser, - ) should equal(Some(RestrictedViewPermission)) // restricted view permission + ) should equal(Some(ObjectAccessPermission.RestrictedView)) // restricted view permission } "return user's max permission from assertions for a specific resource" in { @@ -99,7 +99,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityIri = "http://rdfh.ch/00014b43f902", assertions = assertions, requestingUser = SharedTestDataADM.incunabulaMemberUser, - ) should equal(Some(ModifyPermission)) // modify permissions + ) should equal(Some(ObjectAccessPermission.Modify)) // modify permissions } "return user's max permission on link value" ignore { @@ -119,7 +119,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), PermissionADM.viewPermission("http://rdfh.ch/groups/customgroup"), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + ObjectAccessPermission.View.toPermissionADM(OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.parsePermissionsWithType( @@ -161,17 +161,17 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "remove duplicate permissions" in { val duplicatedPermissions = Seq( - PermissionADM.restrictedViewPermission("1"), - PermissionADM.restrictedViewPermission("1"), - PermissionADM.restrictedViewPermission("2"), + ObjectAccessPermission.View.toPermissionADM("1"), + ObjectAccessPermission.View.toPermissionADM("1"), + ObjectAccessPermission.View.toPermissionADM("2"), PermissionADM.changeRightsPermission("2"), PermissionADM.changeRightsPermission("3"), PermissionADM.changeRightsPermission("3"), ) val deduplicatedPermissions = Set( - PermissionADM.restrictedViewPermission("1"), - PermissionADM.restrictedViewPermission("2"), + ObjectAccessPermission.View.toPermissionADM("1"), + ObjectAccessPermission.View.toPermissionADM("2"), PermissionADM.changeRightsPermission("2"), PermissionADM.changeRightsPermission("3"), ) @@ -184,7 +184,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "remove lesser permissions" in { val withLesserPermissions = Set( - PermissionADM.restrictedViewPermission("1"), + ObjectAccessPermission.View.toPermissionADM("1"), PermissionADM.viewPermission("1"), PermissionADM.modifyPermission("2"), PermissionADM.changeRightsPermission("1"), diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala index 1234422068..f4e9005f89 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala @@ -13,10 +13,10 @@ import org.knora.webapi.messages.IriConversions._ import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.util.CalendarNameJulian import org.knora.webapi.messages.util.DatePrecisionYear -import org.knora.webapi.messages.util.PermissionUtilADM._ import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission // FIXME: Rename to something more generic and without spec in the name since it is not a spec and is used in more then one spec class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -26,7 +26,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -46,7 +46,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("5524469101"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -66,7 +66,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("184e99ca01"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -84,7 +84,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("db77ec0302"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -102,7 +102,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("9ea13f3d02"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -122,7 +122,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("497df9ab"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -141,7 +141,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0803/c5058f3a/values/8653a672", valueHasUUID = UuidUtil.decode("8653a672"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -162,7 +162,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("10e00c7acc2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -182,7 +182,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("92faf25701"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -202,7 +202,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("0ca74ce5"), permissions = "CR knora-admin:Creator|V knora-admin:UnknownUser,knora-admin:KnownUser,knora-admin:ProjectMember", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -224,7 +224,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("cfd09f1e01"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -244,7 +244,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("c3295339"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -261,7 +261,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -277,7 +277,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -297,7 +297,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("e94fa8a09205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -317,7 +317,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("7b4a9bf89305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -335,7 +335,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("3e74ee319405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -353,7 +353,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("019e416b9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -371,7 +371,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("c4c794a49405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -389,7 +389,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("87f1e7dd9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -407,7 +407,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("4a1b3b179505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -425,7 +425,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("0d458e509505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -443,7 +443,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("d06ee1899505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -461,7 +461,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("939834c39505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -481,7 +481,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("dda85bbb9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -500,7 +500,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0803/2a6221216701/values/1a7f08829105", valueHasUUID = UuidUtil.decode("1a7f08829105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -520,7 +520,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("56c287fc9505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -541,7 +541,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("f89173afca2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -561,7 +561,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("ac79fbd99205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -579,7 +579,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("6fa34e139305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -597,7 +597,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("32cda14c9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -615,7 +615,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("f5f6f4859305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -635,7 +635,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("b82048bf9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -655,7 +655,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("262655679205"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -675,7 +675,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("a0d2aef49105"), permissions = "CR knora-admin:Creator|V knora-admin:ProjectMember,knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -697,7 +697,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("63fc012e9205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -717,7 +717,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("d1010fd69005"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -735,7 +735,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("942b620f9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -753,7 +753,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("5755b5489105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -772,7 +772,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", projectADM = SharedTestDataADM.incunabulaProject, values = Map(), @@ -800,7 +800,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter label = "A thing with version history", resourceIri = "http://rdfh.ch/0001/thing-with-history", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ModifyPermission, + userPermission = ObjectAccessPermission.Modify, attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), @@ -817,7 +817,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/2b", valueHasUUID = UuidUtil.decode("W5fm67e0QDWxRZumcXcs6g"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2019-02-11T10:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/2a"), @@ -836,7 +836,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/3a", valueHasUUID = UuidUtil.decode("IZGOjVqxTfSNO4ieKyp0SA"), permissions = "V knora-admin:UnknownUser|M knora-admin:ProjectMember", - userPermission = ModifyPermission, + userPermission = ObjectAccessPermission.Modify, valueCreationDate = Instant.parse("2019-02-10T10:30:10Z"), attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, @@ -853,7 +853,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/1a", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2019-02-11T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", previousValueIri = None, @@ -966,7 +966,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), - userPermission = ModifyPermission, + userPermission = ObjectAccessPermission.Modify, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -980,7 +980,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueCreationDate = Instant.parse("2019-02-13T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/1b"), deletionInfo = None, ), @@ -1004,7 +1004,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), - userPermission = ModifyPermission, + userPermission = ObjectAccessPermission.Modify, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -1018,7 +1018,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueCreationDate = Instant.parse("2019-02-12T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/1a"), deletionInfo = None, ), diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala index 7a1dd4c6c5..e0d08e4ba3 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala @@ -13,10 +13,10 @@ import org.knora.webapi.messages.IriConversions._ import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.util.CalendarNameJulian import org.knora.webapi.messages.util.DatePrecisionYear -import org.knora.webapi.messages.util.PermissionUtilADM._ import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission // FIXME: Rename to something without spec in the name since it is not a spec class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -27,7 +27,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor resourceIri = "http://rdfh.ch/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -46,7 +46,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("e94fa8a09205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -66,7 +66,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("7b4a9bf89305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -84,7 +84,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("3e74ee319405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -102,7 +102,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("019e416b9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -120,7 +120,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("c4c794a49405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -138,7 +138,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("87f1e7dd9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -156,7 +156,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("4a1b3b179505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -174,7 +174,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("0d458e509505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -192,7 +192,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("d06ee1899505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -210,7 +210,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("939834c39505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -230,7 +230,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("dda85bbb9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -249,7 +249,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueIri = "http://rdfh.ch/2a6221216701/values/1a7f08829105", valueHasUUID = UuidUtil.decode("1a7f08829105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -269,7 +269,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("56c287fc9505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -290,7 +290,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("f89173afca2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -310,7 +310,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("ac79fbd99205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -328,7 +328,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("6fa34e139305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -346,7 +346,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("32cda14c9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -364,7 +364,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("f5f6f4859305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -384,7 +384,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("b82048bf9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -404,7 +404,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("262655679205"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -424,7 +424,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("a0d2aef49105"), permissions = "CR knora-admin:Creator|V knora-admin:ProjectMember,knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -446,7 +446,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("63fc012e9205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -466,7 +466,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("d1010fd69005"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -484,7 +484,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("942b620f9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala index 156361f54e..38d885b7d3 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala @@ -13,11 +13,11 @@ import dsp.valueobjects.UuidUtil import org.knora.webapi._ import org.knora.webapi.messages.IriConversions._ import org.knora.webapi.messages.StringFormatter -import org.knora.webapi.messages.util.PermissionUtilADM._ import org.knora.webapi.messages.util.search._ import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import pekko.actor.ActorSystem @@ -34,7 +34,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ChangeRightsPermission, + userPermission = ObjectAccessPermission.ChangeRights, attachedToUser = testUser1, resourceClassIri = booksBookIri.toSmartIri, projectADM = SharedTestDataADM.anythingProject, @@ -53,7 +53,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("d34d34d3-4d34-d34d-3496-2b2dfef6a5b9"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ModifyPermission, + userPermission = ObjectAccessPermission.Modify, previousValueIri = None, valueCreationDate = Instant.parse("2018-05-29T16:42:04.381Z"), attachedToUser = testUser2, @@ -137,7 +137,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = RestrictedViewPermission, + userPermission = ObjectAccessPermission.RestrictedView, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -156,7 +156,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("c3295339"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ViewPermission, + userPermission = ObjectAccessPermission.View, previousValueIri = None, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", @@ -173,7 +173,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "http://rdfh.ch/0803/ff17e5ef9601", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = RestrictedViewPermission, + userPermission = ObjectAccessPermission.RestrictedView, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -192,7 +192,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("d9a522845006"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ViewPermission, + userPermission = ObjectAccessPermission.View, previousValueIri = None, valueCreationDate = Instant.parse("2016-03-02T15:05:23Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala index 4ca04a641a..32b43f0ad8 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala @@ -2607,7 +2607,7 @@ class ValuesResponderV2Spec extends CoreSpec with ImplicitSender { } } - "not update a value with custom permissions if the requesting user does not have ChangeRightsPermission on the value" in { + "not update a value with custom permissions if the requesting user does not have ObjectAccessPermission.ChangeRights on the value" in { val resourceIri: IRI = aThingIri val propertyIri: SmartIri = "http://0.0.0.0:3333/ontology/0001/anything/v2#hasInteger".toSmartIri val permissions = "CR knora-admin:Creator" @@ -2733,7 +2733,7 @@ class ValuesResponderV2Spec extends CoreSpec with ImplicitSender { updatedValueFromTriplestore.permissions should ===(permissions) } - "not update a value, changing only its permissions, if the requesting user does not have ChangeRightsPermission on the value" in { + "not update a value, changing only its permissions, if the requesting user does not have ObjectAccessPermission.ChangeRights on the value" in { val resourceIri: IRI = aThingIri val propertyIri: SmartIri = "http://0.0.0.0:3333/ontology/0001/anything/v2#hasInteger".toSmartIri val permissions = "CR knora-admin:Creator" diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala index fa7e17eb5e..1de84f7dcd 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala @@ -38,7 +38,6 @@ import org.knora.webapi.messages.util.ConstructResponseUtilV2.ValueRdfData import org.knora.webapi.messages.util.ConstructResponseUtilV2.emptyFlatStatements import org.knora.webapi.messages.util.ConstructResponseUtilV2.emptyRdfPropertyValues import org.knora.webapi.messages.util.ConstructResponseUtilV2.emptyRdfResources -import org.knora.webapi.messages.util.PermissionUtilADM.EntityPermission import org.knora.webapi.messages.util.standoff.StandoffTagUtilV2 import org.knora.webapi.messages.v2.responder.listsmessages.NodeGetRequestV2 import org.knora.webapi.messages.v2.responder.listsmessages.NodeGetResponseV2 @@ -52,6 +51,7 @@ import org.knora.webapi.messages.v2.responder.standoffmessages.GetXSLTransformat import org.knora.webapi.messages.v2.responder.standoffmessages.MappingXMLtoStandoff import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.resources.IiifImageRequestUrl @@ -360,7 +360,7 @@ object ConstructResponseUtilV2 { valueObjectClass: SmartIri, nestedResource: Option[ResourceWithValueRdfData] = None, isIncomingLink: Boolean = false, - userPermission: EntityPermission, + userPermission: ObjectAccessPermission, assertions: FlatPredicateObjects, standoff: FlatStatements, ) extends RdfData @@ -378,7 +378,7 @@ object ConstructResponseUtilV2 { subjectIri: IRI, assertions: FlatPredicateObjects, isMainResource: Boolean, - userPermission: Option[EntityPermission], + userPermission: Option[ObjectAccessPermission], valuePropertyAssertions: RdfPropertyValues, ) extends RdfData @@ -412,7 +412,10 @@ object ConstructResponseUtilV2 { * @param assertions RDF assertions about the entity. * @param maybeUserPermission the user's permission on the entity, if any. */ - case class RdfWithUserPermission(assertions: ConstructPredicateObjects, maybeUserPermission: Option[EntityPermission]) + case class RdfWithUserPermission( + assertions: ConstructPredicateObjects, + maybeUserPermission: Option[ObjectAccessPermission], + ) } @@ -517,7 +520,7 @@ final case class ConstructResponseUtilV2Live( case (pred: SmartIri, objs: Seq[LiteralV2]) => pred -> objs.head } - val userPermission: Option[EntityPermission] = + val userPermission: Option[ObjectAccessPermission] = PermissionUtilADM.getUserPermissionFromConstructAssertionsADM(resourceIri, assertions, requestingUser) // Make a ResourceWithValueRdfData for each resource IRI. diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index 8ca69abf27..c0f7f4875b 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -36,77 +36,7 @@ import org.knora.webapi.slice.admin.domain.model.User */ object PermissionUtilADM extends LazyLogging { - // TODO: unify EntityPermission with PermissionADM. - - /** - * Represents a permission granted to a group on an entity. The `toString` method of an `EntityPermission` - * returns one of the codes in [[OntologyConstants.KnoraBase.EntityPermissionAbbreviations]]. - */ - sealed trait EntityPermission extends Ordered[EntityPermission] { - - def permission: ObjectAccessPermission - - /** - * Represents this [[EntityPermission]] as an integer, as required by Knora API v1. - */ - final def toInt: Int = permission.code - - override def compare(that: EntityPermission): Int = this.permission.code - that.permission.code - - final override def toString: String = permission.token - final def getName: String = permission.token - final def toPermissionADM(groupIri: IRI): PermissionADM = PermissionADM.from(permission, groupIri) - } - - /** - * Represents restricted view permission on an entity. - */ - case object RestrictedViewPermission extends EntityPermission { - override def permission: ObjectAccessPermission = ObjectAccessPermission.RestrictedView - } - - /** - * Represents unrestricted view permission on an entity. - */ - case object ViewPermission extends EntityPermission { - override def permission: ObjectAccessPermission = ObjectAccessPermission.View - } - - /** - * Represents modify permission on an entity. - */ - case object ModifyPermission extends EntityPermission { - override def permission: ObjectAccessPermission = ObjectAccessPermission.Modify - } - - /** - * Represents delete permission on an entity. - */ - case object DeletePermission extends EntityPermission { - override def permission: ObjectAccessPermission = ObjectAccessPermission.Delete - } - - /** - * Represents permission to change the permissions on an entity. - */ - case object ChangeRightsPermission extends EntityPermission { - override def permission: ObjectAccessPermission = ObjectAccessPermission.ChangeRights - } - - /** - * The highest permission, i.e. the one that is least restrictive. - */ - private val MaxPermissionLevel: EntityPermission = ChangeRightsPermission - - private val permissionStringsToPermissionLevels: Map[String, EntityPermission] = Set( - RestrictedViewPermission, - ViewPermission, - ModifyPermission, - DeletePermission, - ChangeRightsPermission, - ).map { level => - level.toString -> level - }.toMap + private val levelsByToken = ObjectAccessPermissions.all.map(level => level.token -> level).toMap /** * A set of assertions that are relevant for calculating permissions. @@ -137,11 +67,11 @@ object PermissionUtilADM extends LazyLogging { * on the entity. */ private def calculateHighestGrantedPermissionLevel( - entityPermissions: Map[EntityPermission, Set[IRI]], + entityPermissions: Map[ObjectAccessPermission, Set[IRI]], userGroups: Set[IRI], - ): Option[EntityPermission] = { + ): Option[ObjectAccessPermission] = { // Make a set of all the permissions the user can obtain for this entity. - val permissionLevels: Set[EntityPermission] = entityPermissions.foldLeft(Set.empty[EntityPermission]) { + val permissionLevels: Set[ObjectAccessPermission] = entityPermissions.foldLeft(Set.empty[ObjectAccessPermission]) { case (acc, (permissionLevel, grantedToGroups)) => if (grantedToGroups.intersect(userGroups).nonEmpty) { acc + permissionLevel @@ -160,13 +90,13 @@ object PermissionUtilADM extends LazyLogging { } /** - * Determines the permissions that a user has on a entity, and returns an [[EntityPermission]]. + * Determines the permissions that a user has on a entity, and returns an [[ObjectAccessPermission]]. * * @param entityCreator the IRI of the user that created the entity. * @param entityProject the IRI of the entity's project. * @param entityPermissionLiteral the literal that is the object of the entity's `knora-base:hasPermissions` predicate. * @param requestingUser the user making the request. - * @return an [[EntityPermission]] representing the user's permission level for the entity, or `None` if the user + * @return an [[ObjectAccessPermission]] representing the user's permission level for the entity, or `None` if the user * has no permissions on the entity. */ def getUserPermissionADM( @@ -174,16 +104,16 @@ object PermissionUtilADM extends LazyLogging { entityProject: IRI, entityPermissionLiteral: String, requestingUser: User, - ): Option[EntityPermission] = { + ): Option[ObjectAccessPermission] = { val maybePermissionLevel = if ( requestingUser.isSystemUser || requestingUser.isSystemAdmin || requestingUser.permissions .hasProjectAdminAllPermissionFor(entityProject) ) { // If the user is the system user, is in the SystemAdmin group, or has ProjectAdminAllPermission, just give them the maximum permission. - Some(MaxPermissionLevel) + Some(ObjectAccessPermission.maxPermission) } else { - val entityPermissions: Map[EntityPermission, Set[IRI]] = parsePermissions(entityPermissionLiteral) + val entityPermissions: Map[ObjectAccessPermission, Set[IRI]] = parsePermissions(entityPermissionLiteral) // Make a list of all the groups (both built-in and custom) that the user belongs to in relation // to the entity. @@ -264,14 +194,14 @@ object PermissionUtilADM extends LazyLogging { permissionLiteralB: String, requestingUser: User, ): PermissionComparisonResult = { - val maybePermissionA: Option[EntityPermission] = getUserPermissionADM( + val maybePermissionA: Option[ObjectAccessPermission] = getUserPermissionADM( entityCreator = requestingUser.id, entityProject = entityProject, entityPermissionLiteral = permissionLiteralA, requestingUser = requestingUser, ) - val maybePermissionB: Option[EntityPermission] = getUserPermissionADM( + val maybePermissionB: Option[ObjectAccessPermission] = getUserPermissionADM( entityCreator = requestingUser.id, entityProject = entityProject, entityPermissionLiteral = permissionLiteralB, @@ -283,7 +213,7 @@ object PermissionUtilADM extends LazyLogging { case (None, Some(_)) => ALessThanB case (Some(_), None) => AGreaterThanB - case (Some(permissionA: EntityPermission), Some(permissionB: EntityPermission)) => + case (Some(permissionA: ObjectAccessPermission), Some(permissionB: ObjectAccessPermission)) => if (permissionA == permissionB) { AEqualToB } else if (permissionA < permissionB) { @@ -296,7 +226,7 @@ object PermissionUtilADM extends LazyLogging { /** * Given data from a [[org.knora.webapi.messages.store.triplestoremessages.SparqlExtendedConstructResponse]], determines the permissions that a user has on a entity, - * and returns an [[EntityPermission]]. + * and returns an [[ObjectAccessPermission]]. * * @param entityIri the IRI of the entity. * @param assertions a [[Seq]] containing all the permission-relevant predicates and objects @@ -313,7 +243,7 @@ object PermissionUtilADM extends LazyLogging { entityIri: IRI, assertions: ConstructPredicateObjects, requestingUser: User, - ): Option[EntityPermission] = { + ): Option[ObjectAccessPermission] = { val assertionsAsStrings: Seq[(IRI, String)] = assertions.toSeq.flatMap { case (pred: SmartIri, objs: Seq[LiteralV2]) => objs.map { obj => @@ -329,7 +259,7 @@ object PermissionUtilADM extends LazyLogging { } /** - * Determines the permissions that a user has on a entity, and returns an [[EntityPermission]]. + * Determines the permissions that a user has on a entity, and returns an [[ObjectAccessPermission]]. * * @param entityIri the IRI of the entity. * @param assertions a [[Seq]] containing all the permission-relevant predicates and objects @@ -346,7 +276,7 @@ object PermissionUtilADM extends LazyLogging { entityIri: IRI, assertions: Seq[(IRI, String)], requestingUser: User, - ): Option[EntityPermission] = { + ): Option[ObjectAccessPermission] = { // Get the entity's creator, project, and permissions. val assertionMap: Map[IRI, String] = assertions.toMap @@ -376,16 +306,14 @@ object PermissionUtilADM extends LazyLogging { * Parses the literal object of the predicate `knora-base:hasPermissions`. * * @param permissionLiteral the literal to parse. - * @return a [[Map]] in which the keys are permission abbreviations in - * [[OntologyConstants.KnoraBase.EntityPermissionAbbreviations]], and the values are sets of - * user group IRIs. + * @return a [[Map]] in which the keys are permission tokens, and the values are sets of user group IRIs. */ def parsePermissions( permissionLiteral: String, errorFun: String => Nothing = { (permissionLiteral: String) => throw InconsistentRepositoryDataException(s"invalid permission literal: $permissionLiteral") }, - ): Map[EntityPermission, Set[IRI]] = { + ): Map[ObjectAccessPermission, Set[IRI]] = { val permissions: Seq[String] = permissionLiteral.split(OntologyConstants.KnoraBase.PermissionListDelimiter).toIndexedSeq @@ -397,16 +325,15 @@ object PermissionUtilADM extends LazyLogging { } val abbreviation: String = splitPermission(0) - - if (!ObjectAccessPermissions.allTokens.contains(abbreviation)) { - errorFun(permissionLiteral) - } + val perm = ObjectAccessPermission + .fromToken(abbreviation) + .getOrElse(errorFun(permissionLiteral)) val shortGroups: Set[String] = splitPermission(1).split(OntologyConstants.KnoraBase.GroupListDelimiter).toSet val groups = shortGroups.map( _.replace(OntologyConstants.KnoraAdmin.KnoraAdminPrefix, OntologyConstants.KnoraAdmin.KnoraAdminPrefixExpansion), ) - (permissionStringsToPermissionLevels(abbreviation), groups) + (perm, groups) }.toMap } @@ -414,8 +341,7 @@ object PermissionUtilADM extends LazyLogging { * Parses the literal object of the predicate `knora-base:hasPermissions`. * * @param maybePermissionListStr the literal to parse. - * @return a [[Map]] in which the keys are permission abbreviations in - * [[OntologyConstants.KnoraBase.EntityPermissionAbbreviations]], and the values are sets of + * @return a [[Map]] in which the keys are permission tokens, and the values are sets of * user group IRIs. */ def parsePermissionsWithType( @@ -602,7 +528,7 @@ object PermissionUtilADM extends LazyLogging { case PermissionType.OAP => if (permissions.nonEmpty) { - /* a map with permission names, shortened groups, and full group names. */ + /* a levelsByToken with permission names, shortened groups, and full group names. */ val groupedPermissions: Map[String, String] = permissions.groupBy(_.name).map { case (name: String, perms: Set[PermissionADM]) => val shortGroupsString = perms.toVector.sortBy(_.additionalInformation.get).foldLeft("") { @@ -624,7 +550,7 @@ object PermissionUtilADM extends LazyLogging { /* Sort permissions in descending order */ val sortedPermissions: Array[(String, String)] = groupedPermissions.toArray.sortWith { (left, right) => - permissionStringsToPermissionLevels(left._1) > permissionStringsToPermissionLevels(right._1) + levelsByToken(left._1) > levelsByToken(right._1) } /* create the permissions string */ @@ -672,7 +598,7 @@ object PermissionUtilADM extends LazyLogging { def impliesPermissionCodeV1(userHasPermissionCode: Option[Int], userNeedsPermission: String): Boolean = userHasPermissionCode match { case Some(permissionCode) => - permissionCode >= permissionStringsToPermissionLevels(userNeedsPermission).permission.code + permissionCode >= levelsByToken(userNeedsPermission).code case None => false } } diff --git a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala index c8b841ec88..9dc191e567 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala @@ -24,7 +24,6 @@ import org.knora.webapi.messages.SmartIri import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.ValuesValidator.xsdDateTimeStampToInstant import org.knora.webapi.messages.admin.responder.projectsmessages.Project -import org.knora.webapi.messages.util.PermissionUtilADM.EntityPermission import org.knora.webapi.messages.util._ import org.knora.webapi.messages.util.rdf._ import org.knora.webapi.messages.util.standoff.StandoffTagUtilV2 @@ -35,6 +34,7 @@ import org.knora.webapi.messages.v2.responder.resourcemessages.CreateResourceReq import org.knora.webapi.messages.v2.responder.standoffmessages.MappingXMLtoStandoff import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.admin.domain.service.UserService @@ -383,7 +383,7 @@ case class ReadResourceV2( attachedToUser: IRI, projectADM: Project, permissions: String, - userPermission: EntityPermission, + userPermission: ObjectAccessPermission, values: Map[SmartIri, Seq[ReadValueV2]], creationDate: Instant, lastModificationDate: Option[Instant], diff --git a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala index e144a3a181..2fc4a0e4a2 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala @@ -31,7 +31,6 @@ import org.knora.webapi.messages.SmartIri import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.ValuesValidator import org.knora.webapi.messages.admin.responder.projectsmessages.Project -import org.knora.webapi.messages.util.PermissionUtilADM.EntityPermission import org.knora.webapi.messages.util._ import org.knora.webapi.messages.util.rdf._ import org.knora.webapi.messages.util.standoff.StandoffStringUtil @@ -46,6 +45,7 @@ import org.knora.webapi.routing.RouteUtilV2 import org.knora.webapi.routing.RouteUtilZ import org.knora.webapi.slice.admin.api.model.MaintenanceRequests.AssetId import org.knora.webapi.slice.admin.domain.model.KnoraProject.Shortcode +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.resourceinfo.domain.IriConverter import org.knora.webapi.slice.resources.IiifImageRequestUrl @@ -342,7 +342,7 @@ sealed trait ReadValueV2 extends IOValueV2 { /** * The permission that the requesting user has on the value. */ - def userPermission: EntityPermission + def userPermission: ObjectAccessPermission /** * The date when the value was created. @@ -493,7 +493,7 @@ case class ReadTextValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: EntityPermission, + userPermission: ObjectAccessPermission, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: TextValueContentV2, @@ -532,7 +532,7 @@ case class ReadLinkValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: EntityPermission, + userPermission: ObjectAccessPermission, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: LinkValueContentV2, @@ -569,7 +569,7 @@ case class ReadOtherValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: EntityPermission, + userPermission: ObjectAccessPermission, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: ValueContentV2, diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala index 08be54af4d..bc03b7b1b1 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/AssetPermissionsResponder.scala @@ -73,7 +73,7 @@ final case class AssetPermissionsResponder( PermissionUtilADM .getUserPermissionFromAssertionsADM(fileValueIriSubject.toString, assertions, requestingUser) - .map(_.permission.code) + .map(_.code) .getOrElse(0) } diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index da2614cb57..f519fccbc3 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -1674,7 +1674,7 @@ final case class PermissionsResponderADMLive( } if (permission.permissionCode.nonEmpty && permission.name.nonEmpty) { val code = permission.permissionCode.get - if (!ObjectAccessPermission.from(permission.name).map(_.code).contains(code)) { + if (!ObjectAccessPermission.fromToken(permission.name).map(_.code).contains(code)) { throw BadRequestException( s"Given permission code $code and permission name ${permission.name} are not consistent.", ) diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala index f3a51fe164..c7d25fe4f0 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala @@ -22,13 +22,13 @@ import org.knora.webapi.messages.store.sipimessages.MoveTemporaryFileToPermanent import org.knora.webapi.messages.twirl.queries.sparql import org.knora.webapi.messages.util.KnoraSystemInstances import org.knora.webapi.messages.util.PermissionUtilADM -import org.knora.webapi.messages.util.PermissionUtilADM.EntityPermission import org.knora.webapi.messages.v2.responder.SuccessResponseV2 import org.knora.webapi.messages.v2.responder.UpdateResultInProject import org.knora.webapi.messages.v2.responder.resourcemessages.ReadResourceV2 import org.knora.webapi.messages.v2.responder.valuemessages.FileValueContentV2 import org.knora.webapi.messages.v2.responder.valuemessages.ReadValueV2 import org.knora.webapi.messages.v2.responder.valuemessages.StillImageExternalFileValueContentV2 +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.store.triplestore.api.TriplestoreService import org.knora.webapi.store.triplestore.api.TriplestoreService.Queries.Construct @@ -42,13 +42,13 @@ trait ResourceUtilV2 { * Checks that a user has the specified permission on a resource. * * @param resourceInfo the resource to be updated. - * @param permissionNeeded the necessary EntityPermission, + * @param permissionNeeded the necessary ObjectAccessPermission, * @param requestingUser the requesting user. * @return [[ForbiddenException]] if user does not have permission needed on the resource. */ def checkResourcePermission( resourceInfo: ReadResourceV2, - permissionNeeded: EntityPermission, + permissionNeeded: ObjectAccessPermission, requestingUser: User, ): IO[ForbiddenException, Unit] @@ -57,14 +57,14 @@ trait ResourceUtilV2 { * * @param resourceInfo the resource containing the value. * @param valueInfo the value to be updated. - * @param permissionNeeded the necessary EntityPermission, + * @param permissionNeeded the necessary ObjectAccessPermission, * @param requestingUser the requesting user. * @return [[ForbiddenException]] if user does not have permissions on the value. */ def checkValuePermission( resourceInfo: ReadResourceV2, valueInfo: ReadValueV2, - permissionNeeded: EntityPermission, + permissionNeeded: ObjectAccessPermission, requestingUser: User, ): IO[ForbiddenException, Unit] @@ -124,15 +124,15 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela * Checks that a user has the specified permission on a resource. * * @param resourceInfo the resource to be updated. - * @param permissionNeeded the necessary EntityPermission, + * @param permissionNeeded the necessary ObjectAccessPermission, * @param requestingUser the requesting user. */ override def checkResourcePermission( resourceInfo: ReadResourceV2, - permissionNeeded: EntityPermission, + permissionNeeded: ObjectAccessPermission, requestingUser: User, ): IO[ForbiddenException, Unit] = { - val maybeUserPermission: Option[EntityPermission] = PermissionUtilADM.getUserPermissionADM( + val maybeUserPermission: Option[ObjectAccessPermission] = PermissionUtilADM.getUserPermissionADM( entityCreator = resourceInfo.attachedToUser, entityProject = resourceInfo.projectADM.id, entityPermissionLiteral = resourceInfo.permissions, @@ -140,14 +140,14 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela ) val hasRequiredPermission: Boolean = maybeUserPermission match { - case Some(userPermission: EntityPermission) => userPermission >= permissionNeeded - case None => false + case Some(userPermission: ObjectAccessPermission) => userPermission >= permissionNeeded + case None => false } ZIO .fail( ForbiddenException( - s"User ${requestingUser.email} does not have ${permissionNeeded.getName} on resource <${resourceInfo.resourceIri}>", + s"User ${requestingUser.email} does not have ${permissionNeeded.token} on resource <${resourceInfo.resourceIri}>", ), ) .when(!hasRequiredPermission) @@ -159,16 +159,16 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela * * @param resourceInfo the resource containing the value. * @param valueInfo the value to be updated. - * @param permissionNeeded the necessary EntityPermission, + * @param permissionNeeded the necessary ObjectAccessPermission, * @param requestingUser the requesting user. */ override def checkValuePermission( resourceInfo: ReadResourceV2, valueInfo: ReadValueV2, - permissionNeeded: EntityPermission, + permissionNeeded: ObjectAccessPermission, requestingUser: User, ): IO[ForbiddenException, Unit] = { - val maybeUserPermission: Option[EntityPermission] = PermissionUtilADM.getUserPermissionADM( + val maybeUserPermission: Option[ObjectAccessPermission] = PermissionUtilADM.getUserPermissionADM( entityCreator = valueInfo.attachedToUser, entityProject = resourceInfo.projectADM.id, entityPermissionLiteral = valueInfo.permissions, @@ -176,14 +176,14 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela ) val hasRequiredPermission: Boolean = maybeUserPermission match { - case Some(userPermission: EntityPermission) => userPermission >= permissionNeeded - case None => false + case Some(userPermission: ObjectAccessPermission) => userPermission >= permissionNeeded + case None => false } ZIO .fail( ForbiddenException( - s"User ${requestingUser.email} does not have ${permissionNeeded.getName} on value <${valueInfo.valueIri}>", + s"User ${requestingUser.email} does not have ${permissionNeeded.token} on value <${valueInfo.valueIri}>", ), ) .when(!hasRequiredPermission) diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala index 5b59bbe739..81aaa40236 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala @@ -27,8 +27,6 @@ import org.knora.webapi.messages.store.sipimessages.SipiGetTextFileRequest import org.knora.webapi.messages.store.sipimessages.SipiGetTextFileResponse import org.knora.webapi.messages.twirl.queries.sparql import org.knora.webapi.messages.util.ConstructResponseUtilV2.MappingAndXSLTransformation -import org.knora.webapi.messages.util.PermissionUtilADM.DeletePermission -import org.knora.webapi.messages.util.PermissionUtilADM.ModifyPermission import org.knora.webapi.messages.util._ import org.knora.webapi.messages.util.rdf._ import org.knora.webapi.messages.util.search.gravsearch.GravsearchParser @@ -45,6 +43,7 @@ import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder import org.knora.webapi.responders.v2.resources.CreateResourceV2Handler import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.KnoraProjectService import org.knora.webapi.slice.admin.domain.service.ProjectService @@ -238,7 +237,7 @@ final case class ResourcesResponderV2( // Check that the user has permission to modify the resource. _ <- resourceUtilV2.checkResourcePermission( resource, - ModifyPermission, + ObjectAccessPermission.Modify, updateResourceMetadataRequestV2.requestingUser, ) @@ -383,7 +382,11 @@ final case class ResourcesResponderV2( } // Check that the user has permission to mark the resource as deleted. - _ <- resourceUtilV2.checkResourcePermission(resource, DeletePermission, deleteResourceV2.requestingUser) + _ <- resourceUtilV2.checkResourcePermission( + resource, + ObjectAccessPermission.Delete, + deleteResourceV2.requestingUser, + ) // Get the IRI of the named graph in which the resource is stored. dataNamedGraph = ProjectService.projectDataNamedGraphV2(resource.projectADM).value diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala index aa660efed1..15089c6e1d 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala @@ -38,6 +38,7 @@ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.responders.IriLocker import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.ontology.domain.model.Cardinality.AtLeastOne @@ -177,7 +178,7 @@ final case class ValuesResponderV2Live( // Check that the user has permission to modify the resource. _ <- resourceUtilV2.checkResourcePermission( resourceInfo = resourceInfo, - permissionNeeded = ModifyPermission, + permissionNeeded = ObjectAccessPermission.Modify, requestingUser = requestingUser, ) @@ -1014,7 +1015,7 @@ final case class ValuesResponderV2Live( // Validate and reformat the submitted permissions. newValuePermissionLiteral <- permissionUtilADM.validatePermissions(updateValuePermissionsV2.permissions) - // Check that the user has ChangeRightsPermission on the value, and that the new permissions are + // Check that the user has ObjectAccessPermission.ChangeRights on the value, and that the new permissions are // different from the current ones. currentPermissionsParsed <- ZIO.attempt(PermissionUtilADM.parsePermissions(currentValue.permissions)) newPermissionsParsed <- @@ -1032,7 +1033,7 @@ final case class ValuesResponderV2Live( _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, valueInfo = currentValue, - permissionNeeded = ChangeRightsPermission, + permissionNeeded = ObjectAccessPermission.ChangeRights, requestingUser = requestingUser, ) @@ -1102,7 +1103,7 @@ final case class ValuesResponderV2Live( } // Check that the user has permission to do the update. If they want to change the permissions - // on the value, they need ChangeRightsPermission, otherwise they need ModifyPermission. + // on the value, they need ObjectAccessPermission.ChangeRights, otherwise they need ObjectAccessPermission.Modify. currentPermissionsParsed <- ZIO.attempt(PermissionUtilADM.parsePermissions(currentValue.permissions)) newPermissionsParsed <- ZIO.attempt( @@ -1113,8 +1114,8 @@ final case class ValuesResponderV2Live( ) permissionNeeded = - if (newPermissionsParsed != currentPermissionsParsed) { ChangeRightsPermission } - else { ModifyPermission } + if (newPermissionsParsed != currentPermissionsParsed) { ObjectAccessPermission.ChangeRights } + else { ObjectAccessPermission.Modify } _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, @@ -1172,7 +1173,7 @@ final case class ValuesResponderV2Live( // check that the user has permission to modify the resource. resourceUtilV2.checkResourcePermission( resourceInfo = resourceInfo, - permissionNeeded = ModifyPermission, + permissionNeeded = ObjectAccessPermission.Modify, requestingUser = requestingUser, ) @@ -1596,7 +1597,7 @@ final case class ValuesResponderV2Live( _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, valueInfo = currentValue, - permissionNeeded = DeletePermission, + permissionNeeded = ObjectAccessPermission.Delete, requestingUser, ) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala index 6c21444f56..9bdc36c7a3 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala @@ -46,8 +46,8 @@ object ObjectAccessPermission { val maxPermission: ObjectAccessPermission = ChangeRights def from(code: Int): Option[ObjectAccessPermission] = ObjectAccessPermissions.all.find(_.code == code) - def from(shortString: String): Option[ObjectAccessPermission] = - ObjectAccessPermissions.all.find(_.token == shortString) + def fromToken(token: String): Option[ObjectAccessPermission] = + ObjectAccessPermissions.all.find(_.token == token) } object ObjectAccessPermissions { From 5e89dec2bfbc9064dc3c4e26136af5eab266b621 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 18:35:06 +0100 Subject: [PATCH 03/16] header fmt --- .../slice/admin/domain/model/ObjectAccessPermissions.scala | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala index 9bdc36c7a3..aab42f19c4 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala @@ -1,3 +1,8 @@ +/* + * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. + * SPDX-License-Identifier: Apache-2.0 + */ + package org.knora.webapi.slice.admin.domain.model import org.knora.webapi.IRI From 4c340b3cb6b05184de193b8c861f6e53ac59182f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 18:44:58 +0100 Subject: [PATCH 04/16] Inline methods for specific PermissionADM from ObjectAccessPermissions --- .../PermissionsMessagesADMSpec.scala | 27 ++++-- .../messages/util/PermissionUtilADMSpec.scala | 55 ++++++------ .../admin/PermissionsResponderADMSpec.scala | 42 +++++---- .../admin/ProjectRestServiceSpec.scala | 9 +- .../SharedPermissionsTestData.scala | 87 ++++++++++--------- .../PermissionsMessagesADM.scala | 20 ----- .../messages/util/PermissionUtilADM.scala | 22 ++--- .../admin/PermissionsResponderADM.scala | 10 +-- .../responders/v2/ValuesResponderV2.scala | 4 +- 9 files changed, 134 insertions(+), 142 deletions(-) diff --git a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala index c1730e0947..252d036104 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala @@ -422,7 +422,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = forProject, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -437,7 +438,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = SharedTestDataADM.imagesProjectIri, forGroup = Some(groupIri), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -453,7 +455,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { id = Some(permissionIri), forProject = SharedTestDataADM.imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -569,7 +572,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(SharedTestDataADM.thingSearcherGroup.id), - hasPermissions = Set(PermissionADM.restrictedViewPermission(SharedTestDataADM.thingSearcherGroup.id)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id)), ), SharedTestDataADM.anythingUser2, ), @@ -587,7 +591,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -602,7 +607,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), forProperty = Some(ANYTHING_HasDate_PROPERTY_LocalHost), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -616,7 +622,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = anythingProjectIri, forProperty = Some(SharedTestDataADM.customValueIRI), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -630,7 +637,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = anythingProjectIri, forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -646,7 +654,8 @@ class PermissionsMessagesADMSpec extends CoreSpec { PermissionsRestService.createDefaultObjectAccessPermission( CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = anythingProjectIri, - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala index 03e3482866..078f4bf7a0 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala @@ -115,11 +115,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "M knora-admin:Creator,knora-admin:ProjectMember|V knora-admin:KnownUser,http://rdfh.ch/groups/customgroup|RV knora-admin:UnknownUser" val permissionsSet = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.viewPermission("http://rdfh.ch/groups/customgroup"), - ObjectAccessPermission.View.toPermissionADM(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.View, "http://rdfh.ch/groups/customgroup"), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.parsePermissionsWithType( @@ -161,39 +161,38 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "remove duplicate permissions" in { val duplicatedPermissions = Seq( - ObjectAccessPermission.View.toPermissionADM("1"), - ObjectAccessPermission.View.toPermissionADM("1"), - ObjectAccessPermission.View.toPermissionADM("2"), - PermissionADM.changeRightsPermission("2"), - PermissionADM.changeRightsPermission("3"), - PermissionADM.changeRightsPermission("3"), + PermissionADM.from(ObjectAccessPermission.View, "1"), + PermissionADM.from(ObjectAccessPermission.View, "1"), + PermissionADM.from(ObjectAccessPermission.View, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), ) val deduplicatedPermissions = Set( - ObjectAccessPermission.View.toPermissionADM("1"), - ObjectAccessPermission.View.toPermissionADM("2"), - PermissionADM.changeRightsPermission("2"), - PermissionADM.changeRightsPermission("3"), + PermissionADM.from(ObjectAccessPermission.View, "1"), + PermissionADM.from(ObjectAccessPermission.View, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), ) val result = PermissionUtilADM.removeDuplicatePermissions(duplicatedPermissions) result.size should equal(deduplicatedPermissions.size) result should contain allElementsOf deduplicatedPermissions - } "remove lesser permissions" in { val withLesserPermissions = Set( - ObjectAccessPermission.View.toPermissionADM("1"), - PermissionADM.viewPermission("1"), - PermissionADM.modifyPermission("2"), - PermissionADM.changeRightsPermission("1"), - PermissionADM.deletePermission("2"), + PermissionADM.from(ObjectAccessPermission.View, "1"), + PermissionADM.from(ObjectAccessPermission.View, "1"), + PermissionADM.from(ObjectAccessPermission.Modify, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), + PermissionADM.from(ObjectAccessPermission.Delete, "2"), ) val withoutLesserPermissions = Set( - PermissionADM.changeRightsPermission("1"), - PermissionADM.deletePermission("2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), + PermissionADM.from(ObjectAccessPermission.Delete, "2"), ) val result = PermissionUtilADM.removeLesserPermissions(withLesserPermissions, PermissionType.OAP) @@ -203,11 +202,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "create permissions string" in { val permissions = Set( - PermissionADM.changeRightsPermission("1"), - PermissionADM.deletePermission("2"), - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), + PermissionADM.from(ObjectAccessPermission.Delete, "2"), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), ) val permissionsString = "CR 1,knora-admin:Creator|D 2|M knora-admin:ProjectMember|V knora-admin:KnownUser" diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala index 79dee0bcbc..65b847d00b 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala @@ -440,7 +440,9 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(SharedTestDataADM.thingSearcherGroup.id), - hasPermissions = Set(PermissionADM.restrictedViewPermission(SharedTestDataADM.thingSearcherGroup.id)), + hasPermissions = Set( + PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), + ), ), rootUser, UUID.randomUUID(), @@ -452,7 +454,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(actual.defaultObjectAccessPermission.forGroup.contains(SharedTestDataADM.thingSearcherGroup.id)) assert( actual.defaultObjectAccessPermission.hasPermissions.contains( - PermissionADM.restrictedViewPermission(SharedTestDataADM.thingSearcherGroup.id), + PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), ), ) } @@ -466,7 +468,9 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { id = Some(customIri), forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.UnknownUser), - hasPermissions = Set(PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser)), + hasPermissions = Set( + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + ), ), rootUser, UUID.randomUUID(), @@ -478,7 +482,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(received.defaultObjectAccessPermission.forProject == SharedTestDataADM.anythingProjectIri) assert( received.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.restrictedViewPermission(unknownUser)), + .contains(PermissionADM.from(ObjectAccessPermission.RestrictedView, unknownUser)), ) } @@ -489,7 +493,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = imagesProjectIri, forResourceClass = Some(SharedOntologyTestDataADM.IMAGES_BILD_RESOURCE_CLASS), - hasPermissions = Set(PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.KnownUser)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.KnownUser)), ), rootUser, UUID.randomUUID(), @@ -503,7 +508,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { ) assert( actual.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.modifyPermission(knownUser)), + .contains(PermissionADM.from(ObjectAccessPermission.Modify, knownUser)), ) } @@ -514,7 +519,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = imagesProjectIri, forProperty = Some(SharedOntologyTestDataADM.IMAGES_TITEL_PROPERTY), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator)), + hasPermissions = + Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator)), ), rootUser, UUID.randomUUID(), @@ -528,7 +534,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { ) assert( actual.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.changeRightsPermission(creator)), + .contains(PermissionADM.from(ObjectAccessPermission.ChangeRights, creator)), ) } @@ -539,7 +545,9 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), - hasPermissions = Set(PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectMember)), + hasPermissions = Set( + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember), + ), ), rootUser, UUID.randomUUID(), @@ -564,8 +572,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(SharedOntologyTestDataADM.INCUNABULA_BOOK_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), rootUser, @@ -591,7 +599,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM2.incunabulaProjectIri, forProperty = Some(SharedOntologyTestDataADM.INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.KnownUser), ), ), rootUser, @@ -618,8 +626,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forResourceClass = Some(SharedOntologyTestDataADM.INCUNABULA_PAGE_RESOURCE_CLASS), forProperty = Some(SharedOntologyTestDataADM.INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), rootUser, @@ -663,7 +671,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(actual.defaultObjectAccessPermission.forGroup.contains(unknownUser)) assert( actual.defaultObjectAccessPermission.hasPermissions.contains( - PermissionADM.restrictedViewPermission(unknownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, unknownUser), ), ) } @@ -1061,8 +1069,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "update hasPermissions of a default object access permission" in { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val hasPermissions = NonEmptyChunk( - PermissionADM.changeRightsPermission(creator), - PermissionADM.modifyPermission(projectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, creator), + PermissionADM.from(ObjectAccessPermission.Modify, projectMember), ) val actual = UnsafeZioRun.runOrThrow( diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala index 6c22901ab5..6da7f44a73 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala @@ -29,6 +29,7 @@ import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndRespon import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndResponses.ProjectUpdateRequest import org.knora.webapi.slice.admin.api.service.ProjectRestService import org.knora.webapi.slice.admin.domain.model.KnoraProject._ +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.RestrictedView import org.knora.webapi.util.MutableTestIri import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA @@ -233,8 +234,8 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { ) && doap.hasPermissions.equals( Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ) } @@ -248,8 +249,8 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { ) && doap.hasPermissions.equals( Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ) } diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala index 3509234852..0c754d133f 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala @@ -12,6 +12,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.ObjectAcces import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ +import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission /* Helper case classes */ case class ap(iri: String, p: AdministrativePermissionADM) @@ -38,9 +39,9 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forResourceClass = Some(OntologyConstants.KnoraBase.LinkObj), hasPermissions = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -53,9 +54,9 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forResourceClass = Some(OntologyConstants.KnoraBase.Region), hasPermissions = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -68,10 +69,10 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forProperty = Some(OntologyConstants.KnoraBase.HasStillImageFileValue), hasPermissions = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -130,7 +131,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/00FF/PNTn7ZvsS_OabbexCxr_Eg", forProject = imagesProjectIri, forGroup = Some("http://rdfh.ch/groups/00FF/images-reviewer"), - hasPermissions = Set(PermissionADM.deletePermission(OntologyConstants.KnoraAdmin.Creator)), + hasPermissions = Set(PermissionADM.from(ObjectAccessPermission.Delete, OntologyConstants.KnoraAdmin.Creator)), ), ) @@ -142,9 +143,9 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -157,9 +158,9 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.KnownUser), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -202,10 +203,10 @@ object SharedPermissionsTestData { p = ObjectAccessPermissionADM( forResource = Some("http://rdfh.ch/0803/00014b43f902"), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -216,10 +217,10 @@ object SharedPermissionsTestData { p = ObjectAccessPermissionADM( forValue = Some("http://rdfh.ch/0803/00014b43f902/values/1ad3999ad60b"), hasPermissions = Set( - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.UnknownUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), ), ), ) @@ -232,10 +233,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -248,10 +249,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(INCUNABULA_BOOK_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -264,9 +265,9 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(INCUNABULA_PAGE_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -279,8 +280,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forProperty = Some(INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -294,7 +295,7 @@ object SharedPermissionsTestData { forResourceClass = Some(INCUNABULA_PAGE_RESOURCE_CLASS), forProperty = Some(INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), ) @@ -339,10 +340,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.restrictedViewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index af8a7682e3..b98faede8c 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -769,26 +769,6 @@ object PermissionADM { additionalInformation = None, permissionCode = None, ) - - /////////////////////////////////////////////////////////////////////////// - // Object Access Permissions - /////////////////////////////////////////////////////////////////////////// - - def changeRightsPermission(restriction: IRI): PermissionADM = - PermissionADM.from(ObjectAccessPermission.ChangeRights, restriction) - - def deletePermission(restriction: IRI): PermissionADM = - PermissionADM.from(ObjectAccessPermission.Delete, restriction) - - def modifyPermission(restriction: IRI): PermissionADM = - PermissionADM.from(ObjectAccessPermission.Modify, restriction) - - def viewPermission(restriction: IRI): PermissionADM = - PermissionADM.from(ObjectAccessPermission.View, restriction) - - def restrictedViewPermission(restriction: IRI): PermissionADM = - PermissionADM.from(ObjectAccessPermission.RestrictedView, restriction) - } /** diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index c0f7f4875b..54075bed8e 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -440,35 +440,35 @@ object PermissionUtilADM extends LazyLogging { case ObjectAccessPermission.ChangeRights.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.changeRightsPermission(iri)) + iris.map(iri => PermissionADM.from(ObjectAccessPermission.ChangeRights, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } case ObjectAccessPermission.Delete.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.deletePermission(iri)) + iris.map(iri => PermissionADM.from(ObjectAccessPermission.Delete, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } case ObjectAccessPermission.Modify.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.modifyPermission(iri)) + iris.map(iri => PermissionADM.from(ObjectAccessPermission.Modify, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } case ObjectAccessPermission.View.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.viewPermission(iri)) + iris.map(iri => PermissionADM.from(ObjectAccessPermission.View, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } case ObjectAccessPermission.RestrictedView.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.restrictedViewPermission(iri)) + iris.map(iri => PermissionADM.from(ObjectAccessPermission.RestrictedView, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } @@ -480,12 +480,8 @@ object PermissionUtilADM extends LazyLogging { * @param permissions the sequence of permissions with possible duplicates. * @return a set containing only unique permission. */ - def removeDuplicatePermissions(permissions: Seq[PermissionADM]): Set[PermissionADM] = { - - val result = permissions.groupBy(perm => perm.name + perm.additionalInformation).map { case (_, v) => v.head }.toSet - // log.debug(s"removeDuplicatePermissions - result: $result") - result - } + def removeDuplicatePermissions(permissions: Seq[PermissionADM]): Set[PermissionADM] = + permissions.groupBy(perm => perm.name + perm.additionalInformation).map { case (_, v) => v.head }.toSet /** * Helper method used to remove lesser permissions, i.e. permissions which are already given by @@ -652,9 +648,7 @@ final case class PermissionUtilADMLive(messageRelay: MessageRelay, stringFormatt // Reformat the permission literal. permissionADMs: Set[PermissionADM] = parsedPermissions.flatMap { case (entityPermission, groupIris) => - groupIris.map { groupIri => - entityPermission.toPermissionADM(groupIri) - } + groupIris.map(PermissionADM.from(entityPermission, _)) }.toSet } yield formatPermissionADMs(permissions = permissionADMs, permissionType = PermissionType.OAP) } diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index f519fccbc3..404f0f5ba1 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -1419,7 +1419,7 @@ final case class PermissionsResponderADMLive( _ = if (permissionsListBuffer.isEmpty) { val defaultFallbackPermission = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), ) permissionsListBuffer += (("Fallback", defaultFallbackPermission)) } else { @@ -2242,8 +2242,8 @@ final case class PermissionsResponderADMLive( forProject = projectIri.value, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), SystemUser, @@ -2257,8 +2257,8 @@ final case class PermissionsResponderADMLive( forProject = projectIri.value, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.modifyPermission(OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), SystemUser, diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala index 15089c6e1d..5511bd01d8 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala @@ -2380,8 +2380,8 @@ final case class ValuesResponderV2Live( */ private lazy val standoffLinkValuePermissions: String = { val permissions: Set[PermissionADM] = Set( - PermissionADM.changeRightsPermission(OntologyConstants.KnoraAdmin.SystemUser), - PermissionADM.viewPermission(OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.SystemUser), + PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.formatPermissionADMs(permissions, PermissionType.OAP) From 10f0b45f019a2ac5b3775eaf8a7adf041bebe4cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 23:00:43 +0100 Subject: [PATCH 05/16] fix assertion --- .../org/knora/webapi/messages/util/PermissionUtilADMSpec.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala index 078f4bf7a0..990576ae4d 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala @@ -119,7 +119,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), PermissionADM.from(ObjectAccessPermission.View, "http://rdfh.ch/groups/customgroup"), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.parsePermissionsWithType( From 062b3696b9fc4a5bb5bdf0f6f71a047a7af63c7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Wed, 27 Mar 2024 23:13:49 +0100 Subject: [PATCH 06/16] remove unused code --- .../messages/util/PermissionUtilADM.scala | 47 +------------------ .../admin/PermissionsResponderADM.scala | 4 +- .../model/ObjectAccessPermissions.scala | 6 +-- 3 files changed, 7 insertions(+), 50 deletions(-) diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index 54075bed8e..fc1207140e 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -7,7 +7,6 @@ package org.knora.webapi.messages.util import com.typesafe.scalalogging.LazyLogging import zio.Task -import zio.URLayer import zio.ZIO import zio.ZLayer @@ -36,28 +35,6 @@ import org.knora.webapi.slice.admin.domain.model.User */ object PermissionUtilADM extends LazyLogging { - private val levelsByToken = ObjectAccessPermissions.all.map(level => level.token -> level).toMap - - /** - * A set of assertions that are relevant for calculating permissions. - */ - private val permissionRelevantAssertions = Set( - OntologyConstants.KnoraBase.AttachedToUser, - OntologyConstants.KnoraBase.AttachedToProject, - OntologyConstants.KnoraBase.HasPermissions, - ) - - /** - * Given the IRI of an RDF property, returns `true` if the property is relevant to calculating permissions. This - * is the case if the property is [[OntologyConstants.KnoraBase.AttachedToUser]], - * [[OntologyConstants.KnoraBase.AttachedToProject]], or - * or [[OntologyConstants.KnoraBase.HasPermissions]]. - * - * @param p the IRI of the property. - * @return `true` if the property is relevant to calculating permissions. - */ - def isPermissionRelevant(p: IRI): Boolean = permissionRelevantAssertions.contains(p) - /** * Calculates the highest permission level a user can be granted on a entity. * @@ -181,7 +158,6 @@ object PermissionUtilADM extends LazyLogging { * - [[AEqualToB]] if `permissionLiteralA` and `permissionLiteralB` would give the user the same permission. * - [[AGreaterThanB]] if the user would have a higher permission with `permissionLiteralA`. * - * @param entityCreator the IRI of the user that created the entity. * @param entityProject the IRI of the entity's project. * @param permissionLiteralA the first permission string. * @param permissionLiteralB the second permission string. @@ -546,7 +522,7 @@ object PermissionUtilADM extends LazyLogging { /* Sort permissions in descending order */ val sortedPermissions: Array[(String, String)] = groupedPermissions.toArray.sortWith { (left, right) => - levelsByToken(left._1) > levelsByToken(right._1) + ObjectAccessPermissions.codeByToken(left._1) > ObjectAccessPermissions.codeByToken(right._1) } /* create the permissions string */ @@ -579,24 +555,6 @@ object PermissionUtilADM extends LazyLogging { } case PermissionType.DOAP => ??? } - - ///////////////////////////////////////// - // API v1 methods - - /** - * Checks whether an integer permission code implies a particular permission property. - * - * @param userHasPermissionCode the integer permission code that the user has, or [[None]] if the user has no permissions - * (in which case this method returns `false`). - * @param userNeedsPermission the abbreviation of the permission that the user needs. - * @return `true` if the user has the needed permission. - */ - def impliesPermissionCodeV1(userHasPermissionCode: Option[Int], userNeedsPermission: String): Boolean = - userHasPermissionCode match { - case Some(permissionCode) => - permissionCode >= levelsByToken(userNeedsPermission).code - case None => false - } } trait PermissionUtilADM { @@ -654,6 +612,5 @@ final case class PermissionUtilADMLive(messageRelay: MessageRelay, stringFormatt } object PermissionUtilADMLive { - val layer: URLayer[StringFormatter & MessageRelay, PermissionUtilADMLive] = - ZLayer.fromFunction(PermissionUtilADMLive.apply _) + val layer = ZLayer.derive[PermissionUtilADMLive] } diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index 404f0f5ba1..1fc3461805 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -1624,11 +1624,11 @@ final case class PermissionsResponderADMLive( validateDOAPHasPermissions(hasPermissions) hasPermissions.map { permission => val code: Int = permission.permissionCode match { - case None => ObjectAccessPermissions.byToken(permission.name) + case None => ObjectAccessPermissions.codeByToken(permission.name) case Some(code) => code } val name = if (permission.name.isEmpty) { - val nameCodeSet: Option[(String, Int)] = ObjectAccessPermissions.byToken.find { case (_, code) => + val nameCodeSet: Option[(String, Int)] = ObjectAccessPermissions.codeByToken.find { case (_, code) => code == permission.permissionCode.get } nameCodeSet.get._1 diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala index aab42f19c4..f549461e33 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala @@ -63,7 +63,7 @@ object ObjectAccessPermissions { ObjectAccessPermission.RestrictedView, ObjectAccessPermission.View, ) - val allCodes: Set[Int] = all.map(_.code) - val allTokens: Set[String] = all.map(_.token) - val byToken: Map[String, Int] = all.map(p => p.token -> p.code).toMap + val allCodes: Set[Int] = all.map(_.code) + val allTokens: Set[String] = all.map(_.token) + val codeByToken: Map[String, Int] = all.map(p => p.token -> p.code).toMap } From 965651f6d6e2b566acb9b77ac34c638fed046d91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 08:38:24 +0100 Subject: [PATCH 07/16] Extract AdministrativePermission to admin slice --- .../PermissionsMessagesADMSpec.scala | 13 +++-- .../messages/util/PermissionUtilADMSpec.scala | 42 +++++--------- .../admin/PermissionsResponderADMSpec.scala | 23 +++----- .../admin/ProjectRestServiceSpec.scala | 8 ++- .../SharedPermissionsTestData.scala | 26 +++++---- .../sharedtestdata/SharedTestDataADM.scala | 39 +++++++------ .../sharedtestdata/SharedTestDataADM2.scala | 38 ++++++------ .../webapi/messages/OntologyConstants.scala | 16 ----- .../PermissionsMessagesADM.scala | 58 ++++--------------- .../PermissionsMessagesUtilADM.scala | 7 ++- .../messages/util/PermissionUtilADM.scala | 54 +++++------------ .../admin/PermissionsResponderADM.scala | 9 ++- .../model/AdministrativePermission.scala | 46 +++++++++++++++ 13 files changed, 174 insertions(+), 205 deletions(-) create mode 100644 webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala diff --git a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala index 252d036104..6701ea0ca9 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala @@ -13,13 +13,14 @@ import dsp.errors.BadRequestException import dsp.errors.ForbiddenException import org.knora.webapi.CoreSpec import org.knora.webapi.messages.OntologyConstants -import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations import org.knora.webapi.responders.admin.PermissionsResponderADM import org.knora.webapi.routing.UnsafeZioRun import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ import org.knora.webapi.sharedtestdata._ import org.knora.webapi.slice.admin.api.service.PermissionsRestService +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission +import org.knora.webapi.slice.admin.domain.model.AdministrativePermissions import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA @@ -74,7 +75,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = "invalid-project-IRI", forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectAdminAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -89,7 +90,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = SharedTestDataADM.imagesProjectIri, forGroup = groupIri, - hasPermissions = Set(PermissionADM.ProjectAdminAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -105,7 +106,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { id = Some(permissionIri), forProject = SharedTestDataADM.imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectAdminAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -135,7 +136,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, s"Invalid value for name parameter of hasPermissions: $invalidName, it should be one of " + - s"${AdministrativePermissionAbbreviations.toString}", + s"${AdministrativePermissions.allTokens.mkString(", ")}", ) } @@ -159,7 +160,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = SharedTestDataADM.imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectAdminAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), ), SharedTestDataADM.imagesReviewerUser, ), diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala index 990576ae4d..33393334c2 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala @@ -16,6 +16,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionT import org.knora.webapi.messages.util.PermissionUtilADM import org.knora.webapi.sharedtestdata.SharedTestDataADM import org.knora.webapi.sharedtestdata.SharedTestDataADM2 +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import pekko.testkit.ImplicitSender @@ -133,10 +134,16 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "ProjectResourceCreateAllPermission|ProjectAdminAllPermission|ProjectResourceCreateRestrictedPermission ," val permissionsSet = Set( - PermissionADM.ProjectResourceCreateAllPermission, - PermissionADM.ProjectAdminAllPermission, - PermissionADM.projectResourceCreateRestrictedPermission("http://www.knora.org/ontology/00FF/images#bild"), - PermissionADM.projectResourceCreateRestrictedPermission("http://www.knora.org/ontology/00FF/images#bildformat"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, + "http://www.knora.org/ontology/00FF/images#bild", + ), + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, + "http://www.knora.org/ontology/00FF/images#bildformat", + ), ) PermissionUtilADM.parsePermissionsWithType( @@ -147,13 +154,13 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "build a 'PermissionADM' object" in { PermissionUtilADM.buildPermissionObject( - name = OntologyConstants.KnoraAdmin.ProjectResourceCreateRestrictedPermission, + name = AdministrativePermission.ProjectResourceCreateRestricted.token, iris = Set("1", "2", "3"), ) should equal( Set( - PermissionADM.projectResourceCreateRestrictedPermission("1"), - PermissionADM.projectResourceCreateRestrictedPermission("2"), - PermissionADM.projectResourceCreateRestrictedPermission("3"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "1"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "2"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "3"), ), ) } @@ -181,25 +188,6 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { result should contain allElementsOf deduplicatedPermissions } - "remove lesser permissions" in { - val withLesserPermissions = Set( - PermissionADM.from(ObjectAccessPermission.View, "1"), - PermissionADM.from(ObjectAccessPermission.View, "1"), - PermissionADM.from(ObjectAccessPermission.Modify, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), - PermissionADM.from(ObjectAccessPermission.Delete, "2"), - ) - - val withoutLesserPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), - PermissionADM.from(ObjectAccessPermission.Delete, "2"), - ) - - val result = PermissionUtilADM.removeLesserPermissions(withLesserPermissions, PermissionType.OAP) - result.size should equal(withoutLesserPermissions.size) - result should contain allElementsOf withoutLesserPermissions - } - "create permissions string" in { val permissions = Set( PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala index 65b847d00b..42dcf580c5 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala @@ -32,6 +32,7 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM.imagesUser02 import org.knora.webapi.sharedtestdata.SharedTestDataADM.incunabulaMemberUser import org.knora.webapi.sharedtestdata.SharedTestDataADM.normalUser import org.knora.webapi.sharedtestdata.SharedTestDataADM2 +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission @@ -226,7 +227,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateAdministrativePermissionAPIRequestADM( forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), ), rootUser, UUID.randomUUID(), @@ -251,7 +252,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { id = Some(customIri), forProject = SharedTestDataADM.anythingProjectIri, forGroup = SharedTestDataADM.thingSearcherGroup.id, - hasPermissions = Set(PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), ), rootUser, UUID.randomUUID(), @@ -267,18 +268,12 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val customIri = "http://rdfh.ch/permissions/0001/0pd-VUDeShWNJ2Nq3fGGGQ" val hasPermissions = Set( PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectResourceCreateAllPermission, + name = AdministrativePermission.ProjectResourceCreateAll.token, additionalInformation = Some("blabla"), permissionCode = Some(8), ), ) - val expectedHasPermissions = Set( - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectResourceCreateAllPermission, - additionalInformation = None, - permissionCode = None, - ), - ) + val expectedHasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) val actual = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM]( _.createAdministrativePermission( @@ -1001,7 +996,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "ask to update hasPermissions of a permission" should { "throw ForbiddenException for PermissionChangeHasPermissionsRequestADM if requesting user is not system or project Admin" in { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" - val hasPermissions = NonEmptyChunk(PermissionADM.ProjectResourceCreateAllPermission) + val hasPermissions = NonEmptyChunk(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) val exit = UnsafeZioRun.run( ZIO.serviceWithZIO[PermissionsResponderADM]( @@ -1022,7 +1017,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "update hasPermissions of an administrative permission" in { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" - val hasPermissions = NonEmptyChunk(PermissionADM.ProjectResourceCreateAllPermission) + val hasPermissions = NonEmptyChunk(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) val actual = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM]( _.updatePermissionHasPermissions( @@ -1044,7 +1039,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" val hasPermissions = NonEmptyChunk( PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectAdminAllPermission, + name = AdministrativePermission.ProjectAdminAll.token, additionalInformation = Some("aIRI"), permissionCode = Some(1), ), @@ -1062,7 +1057,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val ap = actual.asInstanceOf[AdministrativePermissionGetResponseADM].administrativePermission assert(ap.iri == permissionIri) ap.hasPermissions.size should be(1) - val expectedSetOfPermissions = Set(PermissionADM.ProjectAdminAllPermission) + val expectedSetOfPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) assert(ap.hasPermissions.equals(expectedSetOfPermissions)) } diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala index 6da7f44a73..d2c799bc05 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala @@ -28,6 +28,7 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndResponses.ProjectCreateRequest import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndResponses.ProjectUpdateRequest import org.knora.webapi.slice.admin.api.service.ProjectRestService +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.KnoraProject._ import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.RestrictedView @@ -205,7 +206,10 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { (ap: AdministrativePermissionADM) => ap.forProject == received.project.id && ap.forGroup == OntologyConstants.KnoraAdmin.ProjectAdmin && ap.hasPermissions.equals( - Set(PermissionADM.ProjectAdminAllPermission, PermissionADM.ProjectResourceCreateAllPermission), + Set( + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + ), ) } @@ -215,7 +219,7 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { val hasAPForProjectMember = receivedApAdmin.administrativePermissions.filter { (ap: AdministrativePermissionADM) => ap.forProject == received.project.id && ap.forGroup == OntologyConstants.KnoraAdmin.ProjectMember && - ap.hasPermissions.equals(Set(PermissionADM.ProjectResourceCreateAllPermission)) + ap.hasPermissions.equals(Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll))) } hasAPForProjectMember.size shouldBe 1 diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala index 0c754d133f..2ec5ae48d7 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala @@ -12,6 +12,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.ObjectAcces import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission /* Helper case classes */ @@ -92,7 +93,7 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, hasPermissions = Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ) @@ -105,8 +106,8 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.ProjectResourceCreateAllPermission, - PermissionADM.ProjectAdminAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(AdministrativePermission.ProjectAdminAll), ), ), ) @@ -119,8 +120,11 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = "http://rdfh.ch/groups/00FF/images-reviewer", hasPermissions = Set( - PermissionADM.projectResourceCreateRestrictedPermission(s"$IMAGES_ONTOLOGY_IRI#bild"), - PermissionADM.projectResourceCreateRestrictedPermission(s"$IMAGES_ONTOLOGY_IRI#bildformat"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, + s"$IMAGES_ONTOLOGY_IRI#bildformat", + ), ), ), ) @@ -179,7 +183,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/003-a1", forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), ), ) @@ -191,8 +195,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.ProjectResourceCreateAllPermission, - PermissionADM.ProjectAdminAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(AdministrativePermission.ProjectAdminAll), ), ), ) @@ -314,7 +318,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/00FF/XFozeICsTE2gHSOsm4ZMIw", forProject = SharedTestDataADM2.anythingProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), ), ) @@ -326,8 +330,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.anythingProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.ProjectResourceCreateAllPermission, - PermissionADM.ProjectAdminAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(AdministrativePermission.ProjectAdminAll), ), ), ) diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala index 592e727475..957f826449 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala @@ -15,6 +15,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.Permissions import org.knora.webapi.messages.admin.responder.projectsmessages.Project import org.knora.webapi.messages.store.triplestoremessages.StringLiteralV2 import org.knora.webapi.messages.util.KnoraSystemInstances +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.Group import org.knora.webapi.slice.admin.domain.model.User @@ -138,12 +139,12 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), imagesProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -213,8 +214,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -239,7 +240,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -267,10 +268,12 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.projectResourceCreateRestrictedPermission( + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, s"${SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI}#bild", ), - PermissionADM.projectResourceCreateRestrictedPermission( + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, s"${SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI}#bildformat", ), ), @@ -377,8 +380,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -403,7 +406,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -428,7 +431,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -545,8 +548,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -573,7 +576,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -597,7 +600,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -687,7 +690,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( beolProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), ), ), ), diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala index 46ee8afd08..78aae0a08f 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala @@ -11,6 +11,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionA import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsDataADM import org.knora.webapi.sharedtestdata import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission /** * This object holds the same user which are loaded with 'test_data/project_data/admin-data.ttl'. Using this object @@ -69,12 +70,12 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), imagesProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -112,8 +113,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -139,7 +140,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -168,8 +169,11 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.projectResourceCreateRestrictedPermission(s"$IMAGES_ONTOLOGY_IRI#bild"), - PermissionADM.projectResourceCreateRestrictedPermission(s"$IMAGES_ONTOLOGY_IRI#bildformat"), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), + PermissionADM.from( + AdministrativePermission.ProjectResourceCreateRestricted, + s"$IMAGES_ONTOLOGY_IRI#bildformat", + ), ), ), ), @@ -221,8 +225,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -248,7 +252,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -274,7 +278,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -329,8 +333,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectAdminAllPermission, - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -355,7 +359,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), @@ -380,7 +384,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.ProjectResourceCreateAllPermission, + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), ), ), ), diff --git a/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala b/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala index 641c3e420a..8484aad13f 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/OntologyConstants.scala @@ -499,22 +499,6 @@ object OntologyConstants { val ForResourceClass: IRI = KnoraAdminPrefixExpansion + "forResourceClass" val ForProperty: IRI = KnoraAdminPrefixExpansion + "forProperty" - val ProjectResourceCreateAllPermission: String = "ProjectResourceCreateAllPermission" - val ProjectResourceCreateRestrictedPermission: String = "ProjectResourceCreateRestrictedPermission" - val ProjectAdminAllPermission: String = "ProjectAdminAllPermission" - val ProjectAdminGroupAllPermission: String = "ProjectAdminGroupAllPermission" - val ProjectAdminGroupRestrictedPermission: String = "ProjectAdminGroupRestrictedPermission" - val ProjectAdminRightsAllPermission: String = "ProjectAdminRightsAllPermission" - - val AdministrativePermissionAbbreviations: Seq[String] = Seq( - ProjectResourceCreateAllPermission, - ProjectResourceCreateRestrictedPermission, - ProjectAdminAllPermission, - ProjectAdminGroupAllPermission, - ProjectAdminGroupRestrictedPermission, - ProjectAdminRightsAllPermission, - ) - val HasDefaultRestrictedViewPermission: IRI = KnoraAdminPrefixExpansion + "hasDefaultRestrictedViewPermission" val HasDefaultViewPermission: IRI = KnoraAdminPrefixExpansion + "hasDefaultViewPermission" val HasDefaultModifyPermission: IRI = KnoraAdminPrefixExpansion + "hasDefaultModifyPermission" diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index b98faede8c..a228fbefc1 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -19,9 +19,12 @@ import org.knora.webapi.messages.OntologyConstants import org.knora.webapi.messages.ResponderRequest.KnoraRequestADM import org.knora.webapi.messages.StringFormatter import org.knora.webapi.messages.admin.responder.AdminKnoraResponseADM +import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionProfileType.Full +import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionProfileType.Restricted import org.knora.webapi.messages.admin.responder.projectsmessages.ProjectsADMJsonProtocol import org.knora.webapi.messages.store.triplestoremessages.TriplestoreJsonProtocol import org.knora.webapi.messages.traits.Jsonable +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.PermissionIri @@ -561,7 +564,7 @@ case class PermissionsDataADM( /* Does the user have the 'ProjectAdminAllPermission' permission for the project */ def hasProjectAdminAllPermissionFor(projectIri: IRI): Boolean = administrativePermissionsPerProject.get(projectIri) match { - case Some(permissions) => permissions(PermissionADM.ProjectAdminAllPermission) + case Some(permissions) => permissions(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) case None => false } @@ -583,8 +586,8 @@ case class PermissionsDataADM( case ResourceCreateOperation(resourceClassIri) => this.administrativePermissionsPerProject.get(insideProject) match { case Some(set) => - set(PermissionADM.ProjectResourceCreateAllPermission) || set( - PermissionADM.projectResourceCreateRestrictedPermission(resourceClassIri), + set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) || set( + PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, resourceClassIri), ) case None => { // println("FALSE: No administrative permissions defined for this project.") @@ -724,51 +727,11 @@ object PermissionADM { def from(permission: ObjectAccessPermission, restriction: IRI): PermissionADM = PermissionADM(permission.token, Some(restriction), Some(permission.code)) - /////////////////////////////////////////////////////////////////////////// - // Administrative Permissions - /////////////////////////////////////////////////////////////////////////// + def from(permission: AdministrativePermission): PermissionADM = + PermissionADM(permission.token, None, None) - val ProjectResourceCreateAllPermission: PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectResourceCreateAllPermission, - additionalInformation = None, - permissionCode = None, - ) - - def projectResourceCreateRestrictedPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectResourceCreateRestrictedPermission, - additionalInformation = Some(restriction), - permissionCode = None, - ) - - val ProjectAdminAllPermission: PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectAdminAllPermission, - additionalInformation = None, - permissionCode = None, - ) - - val ProjectAdminGroupAllPermission: PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectAdminGroupAllPermission, - additionalInformation = None, - permissionCode = None, - ) - - def projectAdminGroupRestrictedPermission(restriction: IRI): PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectAdminGroupRestrictedPermission, - additionalInformation = Some(restriction), - permissionCode = None, - ) - - val ProjectAdminRightsAllPermission: PermissionADM = - PermissionADM( - name = OntologyConstants.KnoraAdmin.ProjectAdminRightsAllPermission, - additionalInformation = None, - permissionCode = None, - ) + def from(permission: AdministrativePermission, restriction: IRI): PermissionADM = + PermissionADM(permission.token, Some(restriction), None) } /** @@ -818,7 +781,6 @@ trait PermissionsADMJsonProtocol with TriplestoreJsonProtocol { implicit object PermissionProfileTypeFormat extends JsonFormat[PermissionProfileType] { - import PermissionProfileType.* /** * Not implemented. diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala index 28e2b191c3..d53101c6d0 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala @@ -7,7 +7,8 @@ package org.knora.webapi.messages.admin.responder.permissionsmessages import dsp.errors.BadRequestException import org.knora.webapi.IRI -import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission +import org.knora.webapi.slice.admin.domain.model.AdministrativePermissions import org.knora.webapi.slice.admin.domain.model.PermissionIri /** @@ -26,10 +27,10 @@ object PermissionsMessagesUtilADM { */ def verifyHasPermissionsAP(hasPermissions: Set[PermissionADM]): Set[PermissionADM] = { val updatedPermissions = hasPermissions.map { permission => - if (!AdministrativePermissionAbbreviations.contains(permission.name)) + if (AdministrativePermission.fromToken(permission.name).isEmpty) throw BadRequestException( s"Invalid value for name parameter of hasPermissions: ${permission.name}, it should be one of " + - s"${AdministrativePermissionAbbreviations.toString}", + s"${AdministrativePermissions.allTokens.mkString(", ")}", ) PermissionADM( name = permission.name, diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index fc1207140e..26f04d12bb 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -26,6 +26,7 @@ import org.knora.webapi.messages.store.triplestoremessages.LiteralV2 import org.knora.webapi.messages.store.triplestoremessages.SparqlExtendedConstructResponse.ConstructPredicateObjects import org.knora.webapi.messages.util.PermissionUtilADM.formatPermissionADMs import org.knora.webapi.messages.util.PermissionUtilADM.parsePermissions +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions import org.knora.webapi.slice.admin.domain.model.User @@ -337,7 +338,7 @@ object PermissionUtilADM extends LazyLogging { permissionType match { case PermissionType.AP => - if (!OntologyConstants.KnoraAdmin.AdministrativePermissionAbbreviations.contains(abbreviation)) { + if (AdministrativePermission.fromToken(abbreviation).isEmpty) { throw InconsistentRepositoryDataException(s"Unrecognized permission abbreviation '$abbreviation'") } @@ -388,31 +389,32 @@ object PermissionUtilADM extends LazyLogging { */ def buildPermissionObject(name: String, iris: Set[IRI]): Set[PermissionADM] = name match { - case OntologyConstants.KnoraAdmin.ProjectResourceCreateAllPermission => - Set(PermissionADM.ProjectResourceCreateAllPermission) + case AdministrativePermission.ProjectResourceCreateAll.token => + Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) - case OntologyConstants.KnoraAdmin.ProjectResourceCreateRestrictedPermission => + case AdministrativePermission.ProjectResourceCreateRestricted.token => if (iris.nonEmpty) { logger.debug(s"buildPermissionObject - ProjectResourceCreateRestrictedPermission - iris: $iris") - iris.map(iri => PermissionADM.projectResourceCreateRestrictedPermission(iri)) + iris.map(iri => PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraAdmin.ProjectAdminAllPermission => Set(PermissionADM.ProjectAdminAllPermission) + case AdministrativePermission.ProjectAdminAll.token => + Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) - case OntologyConstants.KnoraAdmin.ProjectAdminGroupAllPermission => - Set(PermissionADM.ProjectAdminGroupAllPermission) + case AdministrativePermission.ProjectAdminGroupAll.token => + Set(PermissionADM.from(AdministrativePermission.ProjectAdminGroupAll)) - case OntologyConstants.KnoraAdmin.ProjectAdminGroupRestrictedPermission => + case AdministrativePermission.ProjectAdminGroupRestricted.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.projectAdminGroupRestrictedPermission(iri)) + iris.map(PermissionADM.from(AdministrativePermission.ProjectAdminGroupRestricted, _)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case OntologyConstants.KnoraAdmin.ProjectAdminRightsAllPermission => - Set(PermissionADM.ProjectAdminRightsAllPermission) + case AdministrativePermission.ProjectAdminRightsAll.token => + Set(PermissionADM.from(AdministrativePermission.ProjectAdminRightsAll)) case ObjectAccessPermission.ChangeRights.token => if (iris.nonEmpty) { @@ -459,34 +461,6 @@ object PermissionUtilADM extends LazyLogging { def removeDuplicatePermissions(permissions: Seq[PermissionADM]): Set[PermissionADM] = permissions.groupBy(perm => perm.name + perm.additionalInformation).map { case (_, v) => v.head }.toSet - /** - * Helper method used to remove lesser permissions, i.e. permissions which are already given by - * the highest permission. - * - * @param permissions a set of permissions possibly containing lesser permissions. - * @param permissionType the type of permissions. - * @return a set of permissions without possible lesser permissions. - */ - def removeLesserPermissions(permissions: Set[PermissionADM], permissionType: PermissionType): Set[PermissionADM] = - permissionType match { - case PermissionType.OAP => - if (permissions.nonEmpty) { - /* Handling object access permissions which always have 'additionalInformation' and 'permissionCode' set */ - permissions - .groupBy(_.additionalInformation) - .map { case (_, perms) => - // sort in descending order and then take the first one (the highest permission) - perms.toArray.sortWith(_.permissionCode.get > _.permissionCode.get).head - } - .toSet - } else { - Set.empty[PermissionADM] - } - - case PermissionType.AP => ??? - case PermissionType.DOAP => ??? - } - /** * Helper method used to transform a set of permissions into a permissions string ready to be written into the * triplestore as the value for the 'knora-base:hasPermissions' property. diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index 1fc3461805..cfd9c3582e 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -35,6 +35,7 @@ import org.knora.webapi.responders.IriLocker import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder import org.knora.webapi.slice.admin.AdminConstants +import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.Group import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri @@ -2217,8 +2218,10 @@ final case class PermissionsResponderADMLive( CreateAdministrativePermissionAPIRequestADM( forProject = projectIri.value, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, - hasPermissions = - Set(PermissionADM.ProjectAdminAllPermission, PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set( + PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + ), ), SystemUser, UUID.randomUUID(), @@ -2229,7 +2232,7 @@ final case class PermissionsResponderADMLive( CreateAdministrativePermissionAPIRequestADM( forProject = projectIri.value, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.ProjectResourceCreateAllPermission), + hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), ), SystemUser, UUID.randomUUID(), diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala new file mode 100644 index 0000000000..951bacbef2 --- /dev/null +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala @@ -0,0 +1,46 @@ +/* + * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. + * SPDX-License-Identifier: Apache-2.0 + */ + +package org.knora.webapi.slice.admin.domain.model + +sealed trait AdministrativePermission { + def token: String +} + +object AdministrativePermission { + case object ProjectResourceCreateAll extends AdministrativePermission { + override val token: String = "ProjectResourceCreateAllPermission" + } + case object ProjectResourceCreateRestricted extends AdministrativePermission { + override val token: String = "ProjectResourceCreateRestrictedPermission" + } + case object ProjectAdminAll extends AdministrativePermission { + override val token: String = "ProjectAdminAllPermission" + } + case object ProjectAdminGroupAll extends AdministrativePermission { + override val token: String = "ProjectAdminGroupAllPermission" + } + case object ProjectAdminGroupRestricted extends AdministrativePermission { + override val token: String = "ProjectAdminGroupRestrictedPermission" + } + case object ProjectAdminRightsAll extends AdministrativePermission { + override val token: String = "ProjectAdminRightsAllPermission" + } + + def fromToken(token: String): Option[AdministrativePermission] = + AdministrativePermissions.all.find(_.token == token) +} + +object AdministrativePermissions { + val all: Set[AdministrativePermission] = Set( + AdministrativePermission.ProjectResourceCreateAll, + AdministrativePermission.ProjectResourceCreateRestricted, + AdministrativePermission.ProjectAdminAll, + AdministrativePermission.ProjectAdminGroupAll, + AdministrativePermission.ProjectAdminGroupRestricted, + AdministrativePermission.ProjectAdminRightsAll, + ) + val allTokens: Set[String] = all.map(_.token) +} From 02c1747bca463fa833b6494e6d5cbc1bc7602127 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 08:42:22 +0100 Subject: [PATCH 08/16] Remove unused code --- .../admin/domain/model/ObjectAccessPermissions.scala | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala index f549461e33..1bb250766a 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala @@ -5,46 +5,36 @@ package org.knora.webapi.slice.admin.domain.model -import org.knora.webapi.IRI -import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM - sealed trait ObjectAccessPermission extends Ordered[ObjectAccessPermission] { self => - def name: String def token: String def code: Int - final def toPermissionADM(groupIri: IRI): PermissionADM = PermissionADM.from(self, groupIri) final override def compare(that: ObjectAccessPermission): Int = self.code - that.code final override def toString: String = token } object ObjectAccessPermission { case object RestrictedView extends ObjectAccessPermission { - override val name: String = "restricted view permission" override val token: String = "RV" override val code: Int = 1 } case object View extends ObjectAccessPermission { - override val name: String = "view permission" override val token: String = "V" override val code: Int = 2 } case object Modify extends ObjectAccessPermission { - override val name: String = "modify permission" override val token: String = "M" override val code: Int = 6 } case object Delete extends ObjectAccessPermission { - override val name: String = "delete permission" override val token: String = "D" override val code: Int = 7 } case object ChangeRights extends ObjectAccessPermission { - override val name: String = "change rights permission" override val token: String = "CR" override val code: Int = 8 } From 172bd679daab4db04d1111929f6e831f452aae88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 08:44:24 +0100 Subject: [PATCH 09/16] filename --- ...nistrativePermission.scala => AdministrativePermissions.scala} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/{AdministrativePermission.scala => AdministrativePermissions.scala} (100%) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala similarity index 100% rename from webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermission.scala rename to webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala From 5b60947bbe2ab7a298bdcd2b6f53a595c47b2ce3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 11:20:22 +0100 Subject: [PATCH 10/16] Make ObjectAccess and Administrative permissions extend common trait --- .../PermissionsMessagesADMSpec.scala | 45 ++++--- .../ConstructResponseUtilV2SpecFullData.scala | 76 ++++++------ .../messages/util/PermissionUtilADMSpec.scala | 83 +++++++------ .../admin/PermissionsResponderADMSpec.scala | 78 ++++++------ .../admin/ProjectRestServiceSpec.scala | 17 ++- .../v2/ResourcesResponderV2SpecFullData.scala | 98 ++++++++-------- ...sourcesResponseCheckerV2SpecFullData.scala | 52 ++++---- .../v2/SearchResponderV2SpecFullData.scala | 14 +-- .../responders/v2/ValuesResponderV2Spec.scala | 4 +- .../SharedPermissionsTestData.scala | 111 +++++++++--------- .../sharedtestdata/SharedTestDataADM.scala | 38 +++--- .../sharedtestdata/SharedTestDataADM2.scala | 36 +++--- .../PermissionsMessagesADM.scala | 31 ++--- .../PermissionsMessagesUtilADM.scala | 7 +- .../util/ConstructResponseUtilV2.scala | 10 +- .../messages/util/PermissionUtilADM.scala | 92 +++++++-------- .../resourcemessages/ResourceMessagesV2.scala | 4 +- .../valuemessages/ValueMessagesV2.scala | 10 +- .../admin/PermissionsResponderADM.scala | 34 +++--- .../webapi/responders/v2/ResourceUtilV2.scala | 30 ++--- .../responders/v2/ResourcesResponderV2.scala | 6 +- .../responders/v2/ValuesResponderV2.scala | 22 ++-- .../model/AdministrativePermissions.scala | 46 -------- .../model/ObjectAccessPermissions.scala | 59 ---------- .../slice/admin/domain/model/Permission.scala | 104 ++++++++++++++++ 25 files changed, 547 insertions(+), 560 deletions(-) delete mode 100644 webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala delete mode 100644 webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala create mode 100644 webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/Permission.scala diff --git a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala index 6701ea0ca9..a78fc243ec 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADMSpec.scala @@ -19,10 +19,7 @@ import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ import org.knora.webapi.sharedtestdata._ import org.knora.webapi.slice.admin.api.service.PermissionsRestService -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission -import org.knora.webapi.slice.admin.domain.model.AdministrativePermissions -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA /** @@ -75,7 +72,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = "invalid-project-IRI", forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -90,7 +87,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = SharedTestDataADM.imagesProjectIri, forGroup = groupIri, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -106,7 +103,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { id = Some(permissionIri), forProject = SharedTestDataADM.imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)), ), SharedTestDataADM.imagesUser01, ), @@ -136,7 +133,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, s"Invalid value for name parameter of hasPermissions: $invalidName, it should be one of " + - s"${AdministrativePermissions.allTokens.mkString(", ")}", + s"${Permission.Administrative.allTokens.mkString(", ")}", ) } @@ -160,7 +157,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateAdministrativePermissionAPIRequestADM( forProject = SharedTestDataADM.imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)), ), SharedTestDataADM.imagesReviewerUser, ), @@ -424,7 +421,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = forProject, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -440,7 +437,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = SharedTestDataADM.imagesProjectIri, forGroup = Some(groupIri), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -457,7 +454,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = SharedTestDataADM.imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.imagesUser01, ), @@ -492,7 +489,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, "Invalid value for name parameter of hasPermissions: invalid, it should be one of " + - s"${ObjectAccessPermissions.allTokens.mkString(", ")}", + s"${Permission.ObjectAccess.allTokens.mkString(", ")}", ) } @@ -500,7 +497,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { val invalidCode = 10 val hasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.ChangeRights.token, + name = Permission.ObjectAccess.ChangeRights.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator), permissionCode = Some(invalidCode), ), @@ -511,16 +508,16 @@ class PermissionsMessagesADMSpec extends CoreSpec { assertFailsWithA[BadRequestException]( exit, s"Invalid value for permissionCode parameter of hasPermissions: $invalidCode, it should be one of " + - s"${ObjectAccessPermissions.allCodes.mkString(", ")}", + s"${Permission.ObjectAccess.allCodes.mkString(", ")}", ) } "not create a DefaultObjectAccessPermission for project and property if hasPermissions set contained permission with inconsistent code and name" in { val hasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.ChangeRights.token, + name = Permission.ObjectAccess.ChangeRights.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.Creator), - permissionCode = Some(ObjectAccessPermission.View.code), + permissionCode = Some(Permission.ObjectAccess.View.code), ), ) @@ -554,7 +551,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { val hasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.ChangeRights.token, + name = Permission.ObjectAccess.ChangeRights.token, additionalInformation = None, permissionCode = Some(8), ), @@ -574,7 +571,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(SharedTestDataADM.thingSearcherGroup.id), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id)), + Set(PermissionADM.from(Permission.ObjectAccess.RestrictedView, SharedTestDataADM.thingSearcherGroup.id)), ), SharedTestDataADM.anythingUser2, ), @@ -593,7 +590,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -609,7 +606,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), forProperty = Some(ANYTHING_HasDate_PROPERTY_LocalHost), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -624,7 +621,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = anythingProjectIri, forProperty = Some(SharedTestDataADM.customValueIRI), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -639,7 +636,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { forProject = anythingProjectIri, forResourceClass = Some(ANYTHING_THING_RESOURCE_CLASS_LocalHost), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), @@ -656,7 +653,7 @@ class PermissionsMessagesADMSpec extends CoreSpec { CreateDefaultObjectAccessPermissionAPIRequestADM( forProject = anythingProjectIri, hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember)), ), SharedTestDataADM.rootUser, ), diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala index 43b03dba47..7e0f3aa40c 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2SpecFullData.scala @@ -18,7 +18,7 @@ import org.knora.webapi.messages.v2.responder.standoffmessages.StandoffTagIriAtt import org.knora.webapi.messages.v2.responder.standoffmessages.StandoffTagV2 import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -32,7 +32,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-11-29T10:00:00.673298Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -47,7 +47,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("F2xCr0S2QfWRQxJDWY9L0g"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ReadOtherValueV2( @@ -62,7 +62,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("yVTqO37cRkCSvXbFc3vTyw"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -86,7 +86,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-11-29T10:00:00.673298Z"), - userPermission = ObjectAccessPermission.View, + userPermission = Permission.ObjectAccess.View, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -107,7 +107,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasOtherThingValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -126,7 +126,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -141,7 +141,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("UgSp5mXTTSKdI02ZU1KIAA"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -158,7 +158,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("U1PwfNaVRQebbOSFWNdMqQ"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -182,7 +182,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2020-04-07T09:12:56.710717Z"), - userPermission = ObjectAccessPermission.View, + userPermission = Permission.ObjectAccess.View, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -197,7 +197,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("U1PwfNaVRQebbOSFWNdMqQ"), - userPermission = ObjectAccessPermission.View, + userPermission = Permission.ObjectAccess.View, deletionInfo = None, ), ), @@ -221,7 +221,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0001/anything#hasText".toSmartIri -> Vector( ReadTextValueV2( @@ -275,7 +275,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("1"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ReadTextValueV2( @@ -329,7 +329,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, valueHasUUID = UuidUtil.decode("2"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -350,7 +350,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map(), projectADM = SharedTestDataADM.anythingProject, lastModificationDate = None, @@ -365,7 +365,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://www.knora.org/ontology/knora-admin#SystemUser", previousValueIri = None, valueHasUUID = UuidUtil.decode("0"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -390,7 +390,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -410,7 +410,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -428,7 +428,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("d9a522845006"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -447,7 +447,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -465,7 +465,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("fae17f4f6106"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -483,7 +483,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -503,7 +503,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -521,7 +521,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("c3295339"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -540,7 +540,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -558,7 +558,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("53feeaf80a"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -583,7 +583,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -601,7 +601,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("c3295339"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -623,7 +623,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:10Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -643,7 +643,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -661,7 +661,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("53feeaf80a"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -680,7 +680,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("25c5e9fd-2cb2-4350-88bb-882be3373745"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -698,7 +698,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#title".toSmartIri -> Vector( ReadTextValueV2( @@ -716,7 +716,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("d9a522845006"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -738,7 +738,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#page".toSmartIri, creationDate = Instant.parse("2016-03-02T15:05:23Z"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, values = Map( "http://www.knora.org/ontology/0803/incunabula#partOfValue".toSmartIri -> Vector( ReadLinkValueV2( @@ -758,7 +758,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -776,7 +776,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("fae17f4f6106"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), @@ -795,7 +795,7 @@ class ConstructResponseUtilV2SpecFullData(implicit stringFormatter: StringFormat attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, valueHasUUID = UuidUtil.decode("bbd4d6a9-8b73-4670-b0cd-e851cd0a7c5d"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, deletionInfo = None, ), ), diff --git a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala index 33393334c2..2b7cae977e 100644 --- a/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/messages/util/PermissionUtilADMSpec.scala @@ -16,8 +16,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionT import org.knora.webapi.messages.util.PermissionUtilADM import org.knora.webapi.sharedtestdata.SharedTestDataADM import org.knora.webapi.sharedtestdata.SharedTestDataADM2 -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import pekko.testkit.ImplicitSender @@ -26,11 +25,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { val permissionLiteral = "RV knora-admin:UnknownUser|V knora-admin:KnownUser|M knora-admin:ProjectMember|CR knora-admin:Creator" - val parsedPermissionLiteral: Map[ObjectAccessPermission, Set[IRI]] = Map( - ObjectAccessPermission.RestrictedView -> Set(OntologyConstants.KnoraAdmin.UnknownUser), - ObjectAccessPermission.View -> Set(OntologyConstants.KnoraAdmin.KnownUser), - ObjectAccessPermission.Modify -> Set(OntologyConstants.KnoraAdmin.ProjectMember), - ObjectAccessPermission.ChangeRights -> Set(OntologyConstants.KnoraAdmin.Creator), + val parsedPermissionLiteral: Map[Permission.ObjectAccess, Set[IRI]] = Map( + Permission.ObjectAccess.RestrictedView -> Set(OntologyConstants.KnoraAdmin.UnknownUser), + Permission.ObjectAccess.View -> Set(OntologyConstants.KnoraAdmin.KnownUser), + Permission.ObjectAccess.Modify -> Set(OntologyConstants.KnoraAdmin.ProjectMember), + Permission.ObjectAccess.ChangeRights -> Set(OntologyConstants.KnoraAdmin.Creator), ) "PermissionUtil" should { @@ -41,7 +40,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaMemberUser, - ) should equal(Some(ObjectAccessPermission.Modify)) // modify permission + ) should equal(Some(Permission.ObjectAccess.Modify)) // modify permission } "return user's max permission for a specific resource (incunabula project admin user)" in { @@ -50,7 +49,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaProjectAdminUser, - ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission + ) should equal(Some(Permission.ObjectAccess.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (incunabula creator user)" in { @@ -59,7 +58,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.incunabulaCreatorUser, - ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission + ) should equal(Some(Permission.ObjectAccess.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (root user)" in { @@ -68,7 +67,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.rootUser, - ) should equal(Some(ObjectAccessPermission.ChangeRights)) // change rights permission + ) should equal(Some(Permission.ObjectAccess.ChangeRights)) // change rights permission } "return user's max permission for a specific resource (normal user)" in { @@ -77,7 +76,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.normalUser, - ) should equal(Some(ObjectAccessPermission.View)) // view permission + ) should equal(Some(Permission.ObjectAccess.View)) // view permission } "return user's max permission for a specific resource (anonymous user)" in { @@ -86,7 +85,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityProject = SharedTestDataADM2.incunabulaProjectIri, entityPermissionLiteral = permissionLiteral, requestingUser = SharedTestDataADM.anonymousUser, - ) should equal(Some(ObjectAccessPermission.RestrictedView)) // restricted view permission + ) should equal(Some(Permission.ObjectAccess.RestrictedView)) // restricted view permission } "return user's max permission from assertions for a specific resource" in { @@ -100,7 +99,7 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { entityIri = "http://rdfh.ch/00014b43f902", assertions = assertions, requestingUser = SharedTestDataADM.incunabulaMemberUser, - ) should equal(Some(ObjectAccessPermission.Modify)) // modify permissions + ) should equal(Some(Permission.ObjectAccess.Modify)) // modify permissions } "return user's max permission on link value" ignore { @@ -116,11 +115,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "M knora-admin:Creator,knora-admin:ProjectMember|V knora-admin:KnownUser,http://rdfh.ch/groups/customgroup|RV knora-admin:UnknownUser" val permissionsSet = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.View, "http://rdfh.ch/groups/customgroup"), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.View, "http://rdfh.ch/groups/customgroup"), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.parsePermissionsWithType( @@ -134,14 +133,14 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "ProjectResourceCreateAllPermission|ProjectAdminAllPermission|ProjectResourceCreateRestrictedPermission ," val permissionsSet = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), - PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, "http://www.knora.org/ontology/00FF/images#bild", ), PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, "http://www.knora.org/ontology/00FF/images#bildformat", ), ) @@ -154,13 +153,13 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "build a 'PermissionADM' object" in { PermissionUtilADM.buildPermissionObject( - name = AdministrativePermission.ProjectResourceCreateRestricted.token, + name = Permission.Administrative.ProjectResourceCreateRestricted.token, iris = Set("1", "2", "3"), ) should equal( Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "1"), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "2"), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, "3"), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, "1"), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, "2"), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, "3"), ), ) } @@ -168,19 +167,19 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "remove duplicate permissions" in { val duplicatedPermissions = Seq( - PermissionADM.from(ObjectAccessPermission.View, "1"), - PermissionADM.from(ObjectAccessPermission.View, "1"), - PermissionADM.from(ObjectAccessPermission.View, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), + PermissionADM.from(Permission.ObjectAccess.View, "1"), + PermissionADM.from(Permission.ObjectAccess.View, "1"), + PermissionADM.from(Permission.ObjectAccess.View, "2"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "2"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "3"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "3"), ) val deduplicatedPermissions = Set( - PermissionADM.from(ObjectAccessPermission.View, "1"), - PermissionADM.from(ObjectAccessPermission.View, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, "3"), + PermissionADM.from(Permission.ObjectAccess.View, "1"), + PermissionADM.from(Permission.ObjectAccess.View, "2"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "2"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "3"), ) val result = PermissionUtilADM.removeDuplicatePermissions(duplicatedPermissions) @@ -190,11 +189,11 @@ class PermissionUtilADMSpec extends CoreSpec with ImplicitSender { "create permissions string" in { val permissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, "1"), - PermissionADM.from(ObjectAccessPermission.Delete, "2"), - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, "1"), + PermissionADM.from(Permission.ObjectAccess.Delete, "2"), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), ) val permissionsString = "CR 1,knora-admin:Creator|D 2|M knora-admin:ProjectMember|V knora-admin:KnownUser" diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala index 42dcf580c5..7912c62f8d 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/PermissionsResponderADMSpec.scala @@ -32,11 +32,9 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM.imagesUser02 import org.knora.webapi.sharedtestdata.SharedTestDataADM.incunabulaMemberUser import org.knora.webapi.sharedtestdata.SharedTestDataADM.normalUser import org.knora.webapi.sharedtestdata.SharedTestDataADM2 -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA @@ -173,7 +171,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "ask about administrative permissions " should { - "return all AdministrativePermissions for project" in { + "return all Permission.Administrative for project" in { val result = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM](_.getPermissionsApByProjectIri(imagesProjectIri)), ) @@ -182,7 +180,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { ) } - "return AdministrativePermission for project and group" in { + "return Permission.Administrative for project and group" in { val result = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM]( _.getPermissionsApByProjectAndGroupIri( @@ -194,7 +192,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { result shouldEqual AdministrativePermissionGetResponseADM(perm002_a1.p) } - "return AdministrativePermission for IRI" in { + "return Permission.Administrative for IRI" in { appActor ! AdministrativePermissionForIriGetRequestADM( administrativePermissionIri = perm002_a1.iri, requestingUser = rootUser, @@ -227,7 +225,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { CreateAdministrativePermissionAPIRequestADM( forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)), ), rootUser, UUID.randomUUID(), @@ -252,7 +250,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { id = Some(customIri), forProject = SharedTestDataADM.anythingProjectIri, forGroup = SharedTestDataADM.thingSearcherGroup.id, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)), ), rootUser, UUID.randomUUID(), @@ -268,12 +266,12 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val customIri = "http://rdfh.ch/permissions/0001/0pd-VUDeShWNJ2Nq3fGGGQ" val hasPermissions = Set( PermissionADM( - name = AdministrativePermission.ProjectResourceCreateAll.token, + name = Permission.Administrative.ProjectResourceCreateAll.token, additionalInformation = Some("blabla"), permissionCode = Some(8), ), ) - val expectedHasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) + val expectedHasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)) val actual = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM]( _.createAdministrativePermission( @@ -436,7 +434,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(SharedTestDataADM.thingSearcherGroup.id), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), ), ), rootUser, @@ -449,7 +447,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(actual.defaultObjectAccessPermission.forGroup.contains(SharedTestDataADM.thingSearcherGroup.id)) assert( actual.defaultObjectAccessPermission.hasPermissions.contains( - PermissionADM.from(ObjectAccessPermission.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, SharedTestDataADM.thingSearcherGroup.id), ), ) } @@ -464,7 +462,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM.anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.UnknownUser), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), rootUser, @@ -477,7 +475,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(received.defaultObjectAccessPermission.forProject == SharedTestDataADM.anythingProjectIri) assert( received.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.from(ObjectAccessPermission.RestrictedView, unknownUser)), + .contains(PermissionADM.from(Permission.ObjectAccess.RestrictedView, unknownUser)), ) } @@ -489,7 +487,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = imagesProjectIri, forResourceClass = Some(SharedOntologyTestDataADM.IMAGES_BILD_RESOURCE_CLASS), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.KnownUser)), + Set(PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.KnownUser)), ), rootUser, UUID.randomUUID(), @@ -503,7 +501,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { ) assert( actual.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.from(ObjectAccessPermission.Modify, knownUser)), + .contains(PermissionADM.from(Permission.ObjectAccess.Modify, knownUser)), ) } @@ -515,7 +513,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = imagesProjectIri, forProperty = Some(SharedOntologyTestDataADM.IMAGES_TITEL_PROPERTY), hasPermissions = - Set(PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator)), + Set(PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator)), ), rootUser, UUID.randomUUID(), @@ -529,7 +527,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { ) assert( actual.defaultObjectAccessPermission.hasPermissions - .contains(PermissionADM.from(ObjectAccessPermission.ChangeRights, creator)), + .contains(PermissionADM.from(Permission.ObjectAccess.ChangeRights, creator)), ) } @@ -541,7 +539,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectMember), ), ), rootUser, @@ -567,8 +565,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(SharedOntologyTestDataADM.INCUNABULA_BOOK_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), rootUser, @@ -594,7 +592,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forProject = SharedTestDataADM2.incunabulaProjectIri, forProperty = Some(SharedOntologyTestDataADM.INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.KnownUser), ), ), rootUser, @@ -621,8 +619,8 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { forResourceClass = Some(SharedOntologyTestDataADM.INCUNABULA_PAGE_RESOURCE_CLASS), forProperty = Some(SharedOntologyTestDataADM.INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), rootUser, @@ -666,7 +664,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assert(actual.defaultObjectAccessPermission.forGroup.contains(unknownUser)) assert( actual.defaultObjectAccessPermission.hasPermissions.contains( - PermissionADM.from(ObjectAccessPermission.RestrictedView, unknownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, unknownUser), ), ) } @@ -674,14 +672,14 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "create a DefaultObjectAccessPermission for project and property even if permissionCode of a permission was missing" in { val hasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.Delete.token, + name = Permission.ObjectAccess.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = None, ), ) val expectedPermissions = Set( PermissionADM( - name = ObjectAccessPermission.Delete.token, + name = Permission.ObjectAccess.Delete.token, additionalInformation = Some(projectAdmin), permissionCode = Some(7), ), @@ -996,7 +994,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "ask to update hasPermissions of a permission" should { "throw ForbiddenException for PermissionChangeHasPermissionsRequestADM if requesting user is not system or project Admin" in { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" - val hasPermissions = NonEmptyChunk(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) + val hasPermissions = NonEmptyChunk(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)) val exit = UnsafeZioRun.run( ZIO.serviceWithZIO[PermissionsResponderADM]( @@ -1017,7 +1015,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "update hasPermissions of an administrative permission" in { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" - val hasPermissions = NonEmptyChunk(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) + val hasPermissions = NonEmptyChunk(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)) val actual = UnsafeZioRun.runOrThrow( ZIO.serviceWithZIO[PermissionsResponderADM]( _.updatePermissionHasPermissions( @@ -1039,7 +1037,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val permissionIri = "http://rdfh.ch/permissions/00FF/buxHAlz8SHuu0FuiLN_tKQ" val hasPermissions = NonEmptyChunk( PermissionADM( - name = AdministrativePermission.ProjectAdminAll.token, + name = Permission.Administrative.ProjectAdminAll.token, additionalInformation = Some("aIRI"), permissionCode = Some(1), ), @@ -1057,15 +1055,15 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val ap = actual.asInstanceOf[AdministrativePermissionGetResponseADM].administrativePermission assert(ap.iri == permissionIri) ap.hasPermissions.size should be(1) - val expectedSetOfPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) + val expectedSetOfPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)) assert(ap.hasPermissions.equals(expectedSetOfPermissions)) } "update hasPermissions of a default object access permission" in { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val hasPermissions = NonEmptyChunk( - PermissionADM.from(ObjectAccessPermission.ChangeRights, creator), - PermissionADM.from(ObjectAccessPermission.Modify, projectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, creator), + PermissionADM.from(Permission.ObjectAccess.Modify, projectMember), ) val actual = UnsafeZioRun.runOrThrow( @@ -1097,7 +1095,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val expectedHasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.ChangeRights.token, + name = Permission.ObjectAccess.ChangeRights.token, additionalInformation = Some(creator), permissionCode = Some(8), ), @@ -1122,7 +1120,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val hasPermissions = NonEmptyChunk( PermissionADM( - name = ObjectAccessPermission.Delete.token, + name = Permission.ObjectAccess.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = None, ), @@ -1130,7 +1128,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val expectedHasPermissions = Set( PermissionADM( - name = ObjectAccessPermission.Delete.token, + name = Permission.ObjectAccess.Delete.token, additionalInformation = Some(projectAdmin), permissionCode = Some(7), ), @@ -1153,7 +1151,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { "not update hasPermissions of a default object access permission, if both name and project code of a permission were missing" in { val permissionIri = "http://rdfh.ch/permissions/00FF/Q3OMWyFqStGYK8EXmC7KhQ" val code = 1 - val name = ObjectAccessPermission.Delete.token + val name = Permission.ObjectAccess.Delete.token val hasPermissions = NonEmptyChunk( PermissionADM( name = name, @@ -1201,7 +1199,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assertFailsWithA[BadRequestException]( exit, s"Invalid value for name parameter of hasPermissions: $name, it should be one of " + - s"${ObjectAccessPermissions.allTokens.mkString(", ")}", + s"${Permission.ObjectAccess.allTokens.mkString(", ")}", ) } @@ -1210,7 +1208,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { val code = 10 val hasPermissions = NonEmptyChunk( PermissionADM( - name = ObjectAccessPermission.Delete.token, + name = Permission.ObjectAccess.Delete.token, additionalInformation = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), permissionCode = Some(code), ), @@ -1229,7 +1227,7 @@ class PermissionsResponderADMSpec extends CoreSpec with ImplicitSender { assertFailsWithA[BadRequestException]( exit, s"Invalid value for permissionCode parameter of hasPermissions: $code, it should be one of " + - s"${ObjectAccessPermissions.allCodes.mkString(", ")}", + s"${Permission.ObjectAccess.allCodes.mkString(", ")}", ) } diff --git a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala index d2c799bc05..92e517ce2f 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/admin/ProjectRestServiceSpec.scala @@ -28,9 +28,8 @@ import org.knora.webapi.sharedtestdata.SharedTestDataADM import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndResponses.ProjectCreateRequest import org.knora.webapi.slice.admin.api.model.ProjectsEndpointsRequestsAndResponses.ProjectUpdateRequest import org.knora.webapi.slice.admin.api.service.ProjectRestService -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.KnoraProject._ -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.RestrictedView import org.knora.webapi.util.MutableTestIri import org.knora.webapi.util.ZioScalaTestUtil.assertFailsWithA @@ -207,8 +206,8 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { ap.forProject == received.project.id && ap.forGroup == OntologyConstants.KnoraAdmin.ProjectAdmin && ap.hasPermissions.equals( Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ) } @@ -219,7 +218,7 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { val hasAPForProjectMember = receivedApAdmin.administrativePermissions.filter { (ap: AdministrativePermissionADM) => ap.forProject == received.project.id && ap.forGroup == OntologyConstants.KnoraAdmin.ProjectMember && - ap.hasPermissions.equals(Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll))) + ap.hasPermissions.equals(Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll))) } hasAPForProjectMember.size shouldBe 1 @@ -238,8 +237,8 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { ) && doap.hasPermissions.equals( Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ) } @@ -253,8 +252,8 @@ class ProjectRestServiceSpec extends CoreSpec with ImplicitSender { ) && doap.hasPermissions.equals( Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ) } diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala index f4e9005f89..4b0096e8d1 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponderV2SpecFullData.scala @@ -16,7 +16,7 @@ import org.knora.webapi.messages.util.DatePrecisionYear import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission // FIXME: Rename to something more generic and without spec in the name since it is not a spec and is used in more then one spec class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -26,7 +26,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -46,7 +46,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("5524469101"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -66,7 +66,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("184e99ca01"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -84,7 +84,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("db77ec0302"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -102,7 +102,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("9ea13f3d02"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -122,7 +122,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("497df9ab"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -141,7 +141,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0803/c5058f3a/values/8653a672", valueHasUUID = UuidUtil.decode("8653a672"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -162,7 +162,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("10e00c7acc2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -182,7 +182,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("92faf25701"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:UnknownUser,knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -202,7 +202,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("0ca74ce5"), permissions = "CR knora-admin:Creator|V knora-admin:UnknownUser,knora-admin:KnownUser,knora-admin:ProjectMember", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -224,7 +224,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("cfd09f1e01"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -244,7 +244,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("c3295339"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -261,7 +261,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -277,7 +277,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -297,7 +297,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("e94fa8a09205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -317,7 +317,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("7b4a9bf89305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -335,7 +335,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("3e74ee319405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -353,7 +353,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("019e416b9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -371,7 +371,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("c4c794a49405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -389,7 +389,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("87f1e7dd9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -407,7 +407,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("4a1b3b179505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -425,7 +425,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("0d458e509505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -443,7 +443,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("d06ee1899505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -461,7 +461,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("939834c39505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -481,7 +481,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("dda85bbb9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -500,7 +500,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0803/2a6221216701/values/1a7f08829105", valueHasUUID = UuidUtil.decode("1a7f08829105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -520,7 +520,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("56c287fc9505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -541,7 +541,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("f89173afca2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -561,7 +561,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("ac79fbd99205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -579,7 +579,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("6fa34e139305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -597,7 +597,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("32cda14c9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -615,7 +615,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("f5f6f4859305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -635,7 +635,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("b82048bf9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -655,7 +655,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("262655679205"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -675,7 +675,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("a0d2aef49105"), permissions = "CR knora-admin:Creator|V knora-admin:ProjectMember,knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -697,7 +697,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("63fc012e9205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -717,7 +717,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("d1010fd69005"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -735,7 +735,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("942b620f9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -753,7 +753,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueHasUUID = UuidUtil.decode("5755b5489105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -772,7 +772,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter resourceIri = "http://rdfh.ch/0803/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", projectADM = SharedTestDataADM.incunabulaProject, values = Map(), @@ -800,7 +800,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter label = "A thing with version history", resourceIri = "http://rdfh.ch/0001/thing-with-history", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.Modify, + userPermission = Permission.ObjectAccess.Modify, attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), @@ -817,7 +817,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/2b", valueHasUUID = UuidUtil.decode("W5fm67e0QDWxRZumcXcs6g"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2019-02-11T10:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/2a"), @@ -836,7 +836,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/3a", valueHasUUID = UuidUtil.decode("IZGOjVqxTfSNO4ieKyp0SA"), permissions = "V knora-admin:UnknownUser|M knora-admin:ProjectMember", - userPermission = ObjectAccessPermission.Modify, + userPermission = Permission.ObjectAccess.Modify, valueCreationDate = Instant.parse("2019-02-10T10:30:10Z"), attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", previousValueIri = None, @@ -853,7 +853,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueIri = "http://rdfh.ch/0001/thing-with-history/values/1a", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2019-02-11T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", previousValueIri = None, @@ -966,7 +966,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), - userPermission = ObjectAccessPermission.Modify, + userPermission = Permission.ObjectAccess.Modify, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -980,7 +980,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueCreationDate = Instant.parse("2019-02-13T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/1b"), deletionInfo = None, ), @@ -1004,7 +1004,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter attachedToUser = "http://rdfh.ch/users/9XBCrDV3SRa7kS1WwynB4Q", resourceClassIri = "http://www.knora.org/ontology/0001/anything#Thing".toSmartIri, creationDate = Instant.parse("2019-02-08T15:05:10Z"), - userPermission = ObjectAccessPermission.Modify, + userPermission = Permission.ObjectAccess.Modify, values = Map( "http://www.knora.org/ontology/0001/anything#hasInteger".toSmartIri -> Vector( ReadOtherValueV2( @@ -1018,7 +1018,7 @@ class ResourcesResponderV2SpecFullData(implicit stringFormatter: StringFormatter valueCreationDate = Instant.parse("2019-02-12T09:05:10Z"), attachedToUser = "http://rdfh.ch/users/BhkfBc3hTeS_IDo-JgXRbQ", valueHasUUID = UuidUtil.decode("pLlW4ODASumZfZFbJdpw1g"), - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, previousValueIri = Some("http://rdfh.ch/0001/thing-with-history/values/1a"), deletionInfo = None, ), diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala index e0d08e4ba3..a5bed861f4 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ResourcesResponseCheckerV2SpecFullData.scala @@ -16,7 +16,7 @@ import org.knora.webapi.messages.util.DatePrecisionYear import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission // FIXME: Rename to something without spec in the name since it is not a spec class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFormatter) { @@ -27,7 +27,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor resourceIri = "http://rdfh.ch/2a6221216701", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -46,7 +46,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("e94fa8a09205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -66,7 +66,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("7b4a9bf89305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -84,7 +84,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("3e74ee319405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -102,7 +102,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("019e416b9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -120,7 +120,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("c4c794a49405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -138,7 +138,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("87f1e7dd9405"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -156,7 +156,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("4a1b3b179505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -174,7 +174,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("0d458e509505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -192,7 +192,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("d06ee1899505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -210,7 +210,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("939834c39505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -230,7 +230,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("dda85bbb9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -249,7 +249,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueIri = "http://rdfh.ch/2a6221216701/values/1a7f08829105", valueHasUUID = UuidUtil.decode("1a7f08829105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -269,7 +269,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("56c287fc9505"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:21Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -290,7 +290,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("f89173afca2704"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -310,7 +310,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("ac79fbd99205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -328,7 +328,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("6fa34e139305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -346,7 +346,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("32cda14c9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -364,7 +364,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("f5f6f4859305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -384,7 +384,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("b82048bf9305"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -404,7 +404,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("262655679205"), permissions = "CR knora-admin:Creator|D knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -424,7 +424,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("a0d2aef49105"), permissions = "CR knora-admin:Creator|V knora-admin:ProjectMember,knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -446,7 +446,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("63fc012e9205"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -466,7 +466,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("d1010fd69005"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, @@ -484,7 +484,7 @@ class ResourcesResponseCheckerV2SpecFullData(implicit stringFormatter: StringFor valueHasUUID = UuidUtil.decode("942b620f9105"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, valueCreationDate = Instant.parse("2016-03-02T15:05:20Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", previousValueIri = None, diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala index 38d885b7d3..b53d98113a 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/SearchResponderV2SpecFullData.scala @@ -17,7 +17,7 @@ import org.knora.webapi.messages.util.search._ import org.knora.webapi.messages.v2.responder.resourcemessages._ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.sharedtestdata.SharedTestDataADM -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import pekko.actor.ActorSystem @@ -34,7 +34,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.ChangeRights, + userPermission = Permission.ObjectAccess.ChangeRights, attachedToUser = testUser1, resourceClassIri = booksBookIri.toSmartIri, projectADM = SharedTestDataADM.anythingProject, @@ -53,7 +53,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("d34d34d3-4d34-d34d-3496-2b2dfef6a5b9"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.Modify, + userPermission = Permission.ObjectAccess.Modify, previousValueIri = None, valueCreationDate = Instant.parse("2018-05-29T16:42:04.381Z"), attachedToUser = testUser2, @@ -137,7 +137,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "http://rdfh.ch/0803/c5058f3a", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.RestrictedView, + userPermission = Permission.ObjectAccess.RestrictedView, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -156,7 +156,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("c3295339"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.View, + userPermission = Permission.ObjectAccess.View, previousValueIri = None, valueCreationDate = Instant.parse("2016-03-02T15:05:10Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", @@ -173,7 +173,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { resourceIri = "http://rdfh.ch/0803/ff17e5ef9601", permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser|RV knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.RestrictedView, + userPermission = Permission.ObjectAccess.RestrictedView, attachedToUser = "http://rdfh.ch/users/91e19f1e01", resourceClassIri = "http://www.knora.org/ontology/0803/incunabula#book".toSmartIri, projectADM = SharedTestDataADM.incunabulaProject, @@ -192,7 +192,7 @@ class SearchResponderV2SpecFullData(implicit stringFormatter: StringFormatter) { valueHasUUID = UuidUtil.decode("d9a522845006"), permissions = "CR knora-admin:Creator|M knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser", - userPermission = ObjectAccessPermission.View, + userPermission = Permission.ObjectAccess.View, previousValueIri = None, valueCreationDate = Instant.parse("2016-03-02T15:05:23Z"), attachedToUser = "http://rdfh.ch/users/91e19f1e01", diff --git a/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala b/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala index 32b43f0ad8..1a1f8da72d 100644 --- a/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala +++ b/integration/src/test/scala/org/knora/webapi/responders/v2/ValuesResponderV2Spec.scala @@ -2607,7 +2607,7 @@ class ValuesResponderV2Spec extends CoreSpec with ImplicitSender { } } - "not update a value with custom permissions if the requesting user does not have ObjectAccessPermission.ChangeRights on the value" in { + "not update a value with custom permissions if the requesting user does not have Permission.ObjectAccess.ChangeRights on the value" in { val resourceIri: IRI = aThingIri val propertyIri: SmartIri = "http://0.0.0.0:3333/ontology/0001/anything/v2#hasInteger".toSmartIri val permissions = "CR knora-admin:Creator" @@ -2733,7 +2733,7 @@ class ValuesResponderV2Spec extends CoreSpec with ImplicitSender { updatedValueFromTriplestore.permissions should ===(permissions) } - "not update a value, changing only its permissions, if the requesting user does not have ObjectAccessPermission.ChangeRights on the value" in { + "not update a value, changing only its permissions, if the requesting user does not have Permission.ObjectAccess.ChangeRights on the value" in { val resourceIri: IRI = aThingIri val propertyIri: SmartIri = "http://0.0.0.0:3333/ontology/0001/anything/v2#hasInteger".toSmartIri val permissions = "CR knora-admin:Creator" diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala index 2ec5ae48d7..ecd3c6d269 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedPermissionsTestData.scala @@ -12,8 +12,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.ObjectAcces import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionADM import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM._ import org.knora.webapi.sharedtestdata.SharedTestDataADM2._ -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission /* Helper case classes */ case class ap(iri: String, p: AdministrativePermissionADM) @@ -40,9 +39,9 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forResourceClass = Some(OntologyConstants.KnoraBase.LinkObj), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -55,9 +54,9 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forResourceClass = Some(OntologyConstants.KnoraBase.Region), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -70,10 +69,10 @@ object SharedPermissionsTestData { forProject = OntologyConstants.KnoraAdmin.SystemProject, forProperty = Some(OntologyConstants.KnoraBase.HasStillImageFileValue), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -93,7 +92,7 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ) @@ -106,8 +105,8 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), - PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), ), ), ) @@ -120,9 +119,9 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = "http://rdfh.ch/groups/00FF/images-reviewer", hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bildformat", ), ), @@ -135,7 +134,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/00FF/PNTn7ZvsS_OabbexCxr_Eg", forProject = imagesProjectIri, forGroup = Some("http://rdfh.ch/groups/00FF/images-reviewer"), - hasPermissions = Set(PermissionADM.from(ObjectAccessPermission.Delete, OntologyConstants.KnoraAdmin.Creator)), + hasPermissions = Set(PermissionADM.from(Permission.ObjectAccess.Delete, OntologyConstants.KnoraAdmin.Creator)), ), ) @@ -147,9 +146,9 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -162,9 +161,9 @@ object SharedPermissionsTestData { forProject = imagesProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.KnownUser), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -183,7 +182,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/003-a1", forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)), ), ) @@ -195,8 +194,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), - PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), ), ), ) @@ -207,10 +206,10 @@ object SharedPermissionsTestData { p = ObjectAccessPermissionADM( forResource = Some("http://rdfh.ch/0803/00014b43f902"), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -221,10 +220,10 @@ object SharedPermissionsTestData { p = ObjectAccessPermissionADM( forValue = Some("http://rdfh.ch/0803/00014b43f902/values/1ad3999ad60b"), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), ), ), ) @@ -237,10 +236,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -253,10 +252,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(INCUNABULA_BOOK_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -269,9 +268,9 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forResourceClass = Some(INCUNABULA_PAGE_RESOURCE_CLASS), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), ), ), ) @@ -284,8 +283,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.incunabulaProjectIri, forProperty = Some(INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) @@ -299,7 +298,7 @@ object SharedPermissionsTestData { forResourceClass = Some(INCUNABULA_PAGE_RESOURCE_CLASS), forProperty = Some(INCUNABULA_PartOf_Property), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), ) @@ -318,7 +317,7 @@ object SharedPermissionsTestData { iri = "http://rdfh.ch/permissions/00FF/XFozeICsTE2gHSOsm4ZMIw", forProject = SharedTestDataADM2.anythingProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)), ), ) @@ -330,8 +329,8 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.anythingProjectIri, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), - PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), ), ), ) @@ -344,10 +343,10 @@ object SharedPermissionsTestData { forProject = SharedTestDataADM2.anythingProjectIri, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.KnownUser), - PermissionADM.from(ObjectAccessPermission.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.KnownUser), + PermissionADM.from(Permission.ObjectAccess.RestrictedView, OntologyConstants.KnoraAdmin.UnknownUser), ), ), ) diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala index 957f826449..419a052560 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM.scala @@ -15,8 +15,8 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.Permissions import org.knora.webapi.messages.admin.responder.projectsmessages.Project import org.knora.webapi.messages.store.triplestoremessages.StringLiteralV2 import org.knora.webapi.messages.util.KnoraSystemInstances -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.Group +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User /** @@ -139,12 +139,12 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -214,8 +214,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -240,7 +240,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -269,11 +269,11 @@ object SharedTestDataADM { administrativePermissionsPerProject = Map( imagesProjectIri -> Set( PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, s"${SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI}#bild", ), PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, s"${SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI}#bildformat", ), ), @@ -380,8 +380,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -406,7 +406,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -431,7 +431,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -548,8 +548,8 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -576,7 +576,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -600,7 +600,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -690,7 +690,7 @@ object SharedTestDataADM { ), administrativePermissionsPerProject = Map( beolProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), ), ), ), diff --git a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala index 78aae0a08f..81fdb43db8 100644 --- a/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala +++ b/integration/src/test/scala/org/knora/webapi/sharedtestdata/SharedTestDataADM2.scala @@ -11,7 +11,7 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionA import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionsDataADM import org.knora.webapi.sharedtestdata import org.knora.webapi.sharedtestdata.SharedOntologyTestDataADM.IMAGES_ONTOLOGY_IRI -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission +import org.knora.webapi.slice.admin.domain.model.Permission /** * This object holds the same user which are loaded with 'test_data/project_data/admin-data.ttl'. Using this object @@ -70,12 +70,12 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -113,8 +113,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -140,7 +140,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -169,9 +169,9 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( imagesProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bild"), PermissionADM.from( - AdministrativePermission.ProjectResourceCreateRestricted, + Permission.Administrative.ProjectResourceCreateRestricted, s"$IMAGES_ONTOLOGY_IRI#bildformat", ), ), @@ -225,8 +225,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -252,7 +252,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -278,7 +278,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( incunabulaProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -333,8 +333,8 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -359,7 +359,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), @@ -384,7 +384,7 @@ object SharedTestDataADM2 { ), administrativePermissionsPerProject = Map( anythingProjectIri -> Set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), ), diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index a228fbefc1..7638bf7839 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -24,9 +24,8 @@ import org.knora.webapi.messages.admin.responder.permissionsmessages.PermissionP import org.knora.webapi.messages.admin.responder.projectsmessages.ProjectsADMJsonProtocol import org.knora.webapi.messages.store.triplestoremessages.TriplestoreJsonProtocol import org.knora.webapi.messages.traits.Jsonable -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.slice.admin.domain.model.User @@ -564,7 +563,7 @@ case class PermissionsDataADM( /* Does the user have the 'ProjectAdminAllPermission' permission for the project */ def hasProjectAdminAllPermissionFor(projectIri: IRI): Boolean = administrativePermissionsPerProject.get(projectIri) match { - case Some(permissions) => permissions(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) + case Some(permissions) => permissions(PermissionADM.from(Permission.Administrative.ProjectAdminAll)) case None => false } @@ -586,8 +585,8 @@ case class PermissionsDataADM( case ResourceCreateOperation(resourceClassIri) => this.administrativePermissionsPerProject.get(insideProject) match { case Some(set) => - set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) || set( - PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, resourceClassIri), + set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)) || set( + PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, resourceClassIri), ) case None => { // println("FALSE: No administrative permissions defined for this project.") @@ -639,7 +638,7 @@ case class PermissionsDataADM( } /** - * Represents 'knora-base:AdministrativePermission' + * Represents 'knora-base:Permission.Administrative' * * @param iri the IRI of the permission. * @param permissionType the type of the permission. @@ -669,7 +668,7 @@ case class ObjectAccessPermissionADM( } /** - * Represents 'knora-base:AdministrativePermission' + * Represents 'knora-base:Permission.Administrative' * * @param iri the IRI of the administrative permission. * @param forProject the project this permission applies to. @@ -724,14 +723,16 @@ case class PermissionADM(name: String, additionalInformation: Option[IRI] = None */ object PermissionADM { - def from(permission: ObjectAccessPermission, restriction: IRI): PermissionADM = - PermissionADM(permission.token, Some(restriction), Some(permission.code)) + def from(permission: Permission): PermissionADM = + PermissionADM(permission.token, None, codeFrom(permission)) - def from(permission: AdministrativePermission): PermissionADM = - PermissionADM(permission.token, None, None) + def from(permission: Permission, restriction: IRI): PermissionADM = + PermissionADM(permission.token, Some(restriction), codeFrom(permission)) - def from(permission: AdministrativePermission, restriction: IRI): PermissionADM = - PermissionADM(permission.token, Some(restriction), None) + private def codeFrom(permission: Permission) = permission match { + case oa: Permission.ObjectAccess => Some(oa.code) + case _: Permission.Administrative => None + } } /** @@ -761,10 +762,10 @@ object PermissionProfileType { sealed trait PermissionType object PermissionType { case object OAP extends PermissionType { - override def toString: String = "ObjectAccessPermission" + override def toString: String = "Permission.ObjectAccess" } case object AP extends PermissionType { - override def toString: String = "AdministrativePermission" + override def toString: String = "Permission.Administrative" } case object DOAP extends PermissionType { override def toString: String = "DefaultObjectAccessPermission" diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala index d53101c6d0..6f736480b3 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala @@ -7,8 +7,7 @@ package org.knora.webapi.messages.admin.responder.permissionsmessages import dsp.errors.BadRequestException import org.knora.webapi.IRI -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission -import org.knora.webapi.slice.admin.domain.model.AdministrativePermissions +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.PermissionIri /** @@ -27,10 +26,10 @@ object PermissionsMessagesUtilADM { */ def verifyHasPermissionsAP(hasPermissions: Set[PermissionADM]): Set[PermissionADM] = { val updatedPermissions = hasPermissions.map { permission => - if (AdministrativePermission.fromToken(permission.name).isEmpty) + if (Permission.Administrative.fromToken(permission.name).isEmpty) throw BadRequestException( s"Invalid value for name parameter of hasPermissions: ${permission.name}, it should be one of " + - s"${AdministrativePermissions.allTokens.mkString(", ")}", + s"${Permission.Administrative.allTokens.mkString(", ")}", ) PermissionADM( name = permission.name, diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala index 1de84f7dcd..46b0b88cc4 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/ConstructResponseUtilV2.scala @@ -51,7 +51,7 @@ import org.knora.webapi.messages.v2.responder.standoffmessages.GetXSLTransformat import org.knora.webapi.messages.v2.responder.standoffmessages.MappingXMLtoStandoff import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.resources.IiifImageRequestUrl @@ -360,7 +360,7 @@ object ConstructResponseUtilV2 { valueObjectClass: SmartIri, nestedResource: Option[ResourceWithValueRdfData] = None, isIncomingLink: Boolean = false, - userPermission: ObjectAccessPermission, + userPermission: Permission.ObjectAccess, assertions: FlatPredicateObjects, standoff: FlatStatements, ) extends RdfData @@ -378,7 +378,7 @@ object ConstructResponseUtilV2 { subjectIri: IRI, assertions: FlatPredicateObjects, isMainResource: Boolean, - userPermission: Option[ObjectAccessPermission], + userPermission: Option[Permission.ObjectAccess], valuePropertyAssertions: RdfPropertyValues, ) extends RdfData @@ -414,7 +414,7 @@ object ConstructResponseUtilV2 { */ case class RdfWithUserPermission( assertions: ConstructPredicateObjects, - maybeUserPermission: Option[ObjectAccessPermission], + maybeUserPermission: Option[Permission.ObjectAccess], ) } @@ -520,7 +520,7 @@ final case class ConstructResponseUtilV2Live( case (pred: SmartIri, objs: Seq[LiteralV2]) => pred -> objs.head } - val userPermission: Option[ObjectAccessPermission] = + val userPermission: Option[Permission.ObjectAccess] = PermissionUtilADM.getUserPermissionFromConstructAssertionsADM(resourceIri, assertions, requestingUser) // Make a ResourceWithValueRdfData for each resource IRI. diff --git a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala index 26f04d12bb..7606148d9c 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/util/PermissionUtilADM.scala @@ -26,9 +26,7 @@ import org.knora.webapi.messages.store.triplestoremessages.LiteralV2 import org.knora.webapi.messages.store.triplestoremessages.SparqlExtendedConstructResponse.ConstructPredicateObjects import org.knora.webapi.messages.util.PermissionUtilADM.formatPermissionADMs import org.knora.webapi.messages.util.PermissionUtilADM.parsePermissions -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User /** @@ -45,18 +43,18 @@ object PermissionUtilADM extends LazyLogging { * on the entity. */ private def calculateHighestGrantedPermissionLevel( - entityPermissions: Map[ObjectAccessPermission, Set[IRI]], + entityPermissions: Map[Permission.ObjectAccess, Set[IRI]], userGroups: Set[IRI], - ): Option[ObjectAccessPermission] = { + ): Option[Permission.ObjectAccess] = { // Make a set of all the permissions the user can obtain for this entity. - val permissionLevels: Set[ObjectAccessPermission] = entityPermissions.foldLeft(Set.empty[ObjectAccessPermission]) { - case (acc, (permissionLevel, grantedToGroups)) => + val permissionLevels: Set[Permission.ObjectAccess] = + entityPermissions.foldLeft(Set.empty[Permission.ObjectAccess]) { case (acc, (permissionLevel, grantedToGroups)) => if (grantedToGroups.intersect(userGroups).nonEmpty) { acc + permissionLevel } else { acc } - } + } if (permissionLevels.nonEmpty) { // The user has some permissions; return the code of the highest one. @@ -68,13 +66,13 @@ object PermissionUtilADM extends LazyLogging { } /** - * Determines the permissions that a user has on a entity, and returns an [[ObjectAccessPermission]]. + * Determines the permissions that a user has on a entity, and returns an [[Permission.ObjectAccess]]. * * @param entityCreator the IRI of the user that created the entity. * @param entityProject the IRI of the entity's project. * @param entityPermissionLiteral the literal that is the object of the entity's `knora-base:hasPermissions` predicate. * @param requestingUser the user making the request. - * @return an [[ObjectAccessPermission]] representing the user's permission level for the entity, or `None` if the user + * @return an [[Permission.ObjectAccess]] representing the user's permission level for the entity, or `None` if the user * has no permissions on the entity. */ def getUserPermissionADM( @@ -82,16 +80,16 @@ object PermissionUtilADM extends LazyLogging { entityProject: IRI, entityPermissionLiteral: String, requestingUser: User, - ): Option[ObjectAccessPermission] = { + ): Option[Permission.ObjectAccess] = { val maybePermissionLevel = if ( requestingUser.isSystemUser || requestingUser.isSystemAdmin || requestingUser.permissions .hasProjectAdminAllPermissionFor(entityProject) ) { // If the user is the system user, is in the SystemAdmin group, or has ProjectAdminAllPermission, just give them the maximum permission. - Some(ObjectAccessPermission.maxPermission) + Some(Permission.ObjectAccess.maxPermission) } else { - val entityPermissions: Map[ObjectAccessPermission, Set[IRI]] = parsePermissions(entityPermissionLiteral) + val entityPermissions: Map[Permission.ObjectAccess, Set[IRI]] = parsePermissions(entityPermissionLiteral) // Make a list of all the groups (both built-in and custom) that the user belongs to in relation // to the entity. @@ -171,14 +169,14 @@ object PermissionUtilADM extends LazyLogging { permissionLiteralB: String, requestingUser: User, ): PermissionComparisonResult = { - val maybePermissionA: Option[ObjectAccessPermission] = getUserPermissionADM( + val maybePermissionA: Option[Permission.ObjectAccess] = getUserPermissionADM( entityCreator = requestingUser.id, entityProject = entityProject, entityPermissionLiteral = permissionLiteralA, requestingUser = requestingUser, ) - val maybePermissionB: Option[ObjectAccessPermission] = getUserPermissionADM( + val maybePermissionB: Option[Permission.ObjectAccess] = getUserPermissionADM( entityCreator = requestingUser.id, entityProject = entityProject, entityPermissionLiteral = permissionLiteralB, @@ -190,7 +188,7 @@ object PermissionUtilADM extends LazyLogging { case (None, Some(_)) => ALessThanB case (Some(_), None) => AGreaterThanB - case (Some(permissionA: ObjectAccessPermission), Some(permissionB: ObjectAccessPermission)) => + case (Some(permissionA: Permission.ObjectAccess), Some(permissionB: Permission.ObjectAccess)) => if (permissionA == permissionB) { AEqualToB } else if (permissionA < permissionB) { @@ -203,7 +201,7 @@ object PermissionUtilADM extends LazyLogging { /** * Given data from a [[org.knora.webapi.messages.store.triplestoremessages.SparqlExtendedConstructResponse]], determines the permissions that a user has on a entity, - * and returns an [[ObjectAccessPermission]]. + * and returns an [[Permission.ObjectAccess]]. * * @param entityIri the IRI of the entity. * @param assertions a [[Seq]] containing all the permission-relevant predicates and objects @@ -220,7 +218,7 @@ object PermissionUtilADM extends LazyLogging { entityIri: IRI, assertions: ConstructPredicateObjects, requestingUser: User, - ): Option[ObjectAccessPermission] = { + ): Option[Permission.ObjectAccess] = { val assertionsAsStrings: Seq[(IRI, String)] = assertions.toSeq.flatMap { case (pred: SmartIri, objs: Seq[LiteralV2]) => objs.map { obj => @@ -236,7 +234,7 @@ object PermissionUtilADM extends LazyLogging { } /** - * Determines the permissions that a user has on a entity, and returns an [[ObjectAccessPermission]]. + * Determines the permissions that a user has on a entity, and returns an [[Permission.ObjectAccess]]. * * @param entityIri the IRI of the entity. * @param assertions a [[Seq]] containing all the permission-relevant predicates and objects @@ -253,7 +251,7 @@ object PermissionUtilADM extends LazyLogging { entityIri: IRI, assertions: Seq[(IRI, String)], requestingUser: User, - ): Option[ObjectAccessPermission] = { + ): Option[Permission.ObjectAccess] = { // Get the entity's creator, project, and permissions. val assertionMap: Map[IRI, String] = assertions.toMap @@ -290,7 +288,7 @@ object PermissionUtilADM extends LazyLogging { errorFun: String => Nothing = { (permissionLiteral: String) => throw InconsistentRepositoryDataException(s"invalid permission literal: $permissionLiteral") }, - ): Map[ObjectAccessPermission, Set[IRI]] = { + ): Map[Permission.ObjectAccess, Set[IRI]] = { val permissions: Seq[String] = permissionLiteral.split(OntologyConstants.KnoraBase.PermissionListDelimiter).toIndexedSeq @@ -302,7 +300,7 @@ object PermissionUtilADM extends LazyLogging { } val abbreviation: String = splitPermission(0) - val perm = ObjectAccessPermission + val perm = Permission.ObjectAccess .fromToken(abbreviation) .getOrElse(errorFun(permissionLiteral)) @@ -338,7 +336,7 @@ object PermissionUtilADM extends LazyLogging { permissionType match { case PermissionType.AP => - if (AdministrativePermission.fromToken(abbreviation).isEmpty) { + if (Permission.Administrative.fromToken(abbreviation).isEmpty) { throw InconsistentRepositoryDataException(s"Unrecognized permission abbreviation '$abbreviation'") } @@ -359,7 +357,7 @@ object PermissionUtilADM extends LazyLogging { } case PermissionType.OAP => - if (!ObjectAccessPermissions.allTokens.contains(abbreviation)) { + if (!Permission.ObjectAccess.allTokens.contains(abbreviation)) { throw InconsistentRepositoryDataException(s"Unrecognized permission abbreviation '$abbreviation'") } val shortGroups: Array[String] = @@ -389,64 +387,64 @@ object PermissionUtilADM extends LazyLogging { */ def buildPermissionObject(name: String, iris: Set[IRI]): Set[PermissionADM] = name match { - case AdministrativePermission.ProjectResourceCreateAll.token => - Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)) + case Permission.Administrative.ProjectResourceCreateAll.token => + Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)) - case AdministrativePermission.ProjectResourceCreateRestricted.token => + case Permission.Administrative.ProjectResourceCreateRestricted.token => if (iris.nonEmpty) { logger.debug(s"buildPermissionObject - ProjectResourceCreateRestrictedPermission - iris: $iris") - iris.map(iri => PermissionADM.from(AdministrativePermission.ProjectResourceCreateRestricted, iri)) + iris.map(iri => PermissionADM.from(Permission.Administrative.ProjectResourceCreateRestricted, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case AdministrativePermission.ProjectAdminAll.token => - Set(PermissionADM.from(AdministrativePermission.ProjectAdminAll)) + case Permission.Administrative.ProjectAdminAll.token => + Set(PermissionADM.from(Permission.Administrative.ProjectAdminAll)) - case AdministrativePermission.ProjectAdminGroupAll.token => - Set(PermissionADM.from(AdministrativePermission.ProjectAdminGroupAll)) + case Permission.Administrative.ProjectAdminGroupAll.token => + Set(PermissionADM.from(Permission.Administrative.ProjectAdminGroupAll)) - case AdministrativePermission.ProjectAdminGroupRestricted.token => + case Permission.Administrative.ProjectAdminGroupRestricted.token => if (iris.nonEmpty) { - iris.map(PermissionADM.from(AdministrativePermission.ProjectAdminGroupRestricted, _)) + iris.map(PermissionADM.from(Permission.Administrative.ProjectAdminGroupRestricted, _)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case AdministrativePermission.ProjectAdminRightsAll.token => - Set(PermissionADM.from(AdministrativePermission.ProjectAdminRightsAll)) + case Permission.Administrative.ProjectAdminRightsAll.token => + Set(PermissionADM.from(Permission.Administrative.ProjectAdminRightsAll)) - case ObjectAccessPermission.ChangeRights.token => + case Permission.ObjectAccess.ChangeRights.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.from(ObjectAccessPermission.ChangeRights, iri)) + iris.map(iri => PermissionADM.from(Permission.ObjectAccess.ChangeRights, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case ObjectAccessPermission.Delete.token => + case Permission.ObjectAccess.Delete.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.from(ObjectAccessPermission.Delete, iri)) + iris.map(iri => PermissionADM.from(Permission.ObjectAccess.Delete, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case ObjectAccessPermission.Modify.token => + case Permission.ObjectAccess.Modify.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.from(ObjectAccessPermission.Modify, iri)) + iris.map(iri => PermissionADM.from(Permission.ObjectAccess.Modify, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case ObjectAccessPermission.View.token => + case Permission.ObjectAccess.View.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.from(ObjectAccessPermission.View, iri)) + iris.map(iri => PermissionADM.from(Permission.ObjectAccess.View, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } - case ObjectAccessPermission.RestrictedView.token => + case Permission.ObjectAccess.RestrictedView.token => if (iris.nonEmpty) { - iris.map(iri => PermissionADM.from(ObjectAccessPermission.RestrictedView, iri)) + iris.map(iri => PermissionADM.from(Permission.ObjectAccess.RestrictedView, iri)) } else { throw InconsistentRepositoryDataException(s"Missing additional permission information.") } @@ -496,7 +494,7 @@ object PermissionUtilADM extends LazyLogging { /* Sort permissions in descending order */ val sortedPermissions: Array[(String, String)] = groupedPermissions.toArray.sortWith { (left, right) => - ObjectAccessPermissions.codeByToken(left._1) > ObjectAccessPermissions.codeByToken(right._1) + Permission.ObjectAccess.codeByToken(left._1) > Permission.ObjectAccess.codeByToken(right._1) } /* create the permissions string */ diff --git a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala index 9dc191e567..f9089c3e62 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/resourcemessages/ResourceMessagesV2.scala @@ -34,7 +34,7 @@ import org.knora.webapi.messages.v2.responder.resourcemessages.CreateResourceReq import org.knora.webapi.messages.v2.responder.standoffmessages.MappingXMLtoStandoff import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.admin.domain.service.UserService @@ -383,7 +383,7 @@ case class ReadResourceV2( attachedToUser: IRI, projectADM: Project, permissions: String, - userPermission: ObjectAccessPermission, + userPermission: Permission.ObjectAccess, values: Map[SmartIri, Seq[ReadValueV2]], creationDate: Instant, lastModificationDate: Option[Instant], diff --git a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala index 2fc4a0e4a2..7dda89deff 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/v2/responder/valuemessages/ValueMessagesV2.scala @@ -45,7 +45,7 @@ import org.knora.webapi.routing.RouteUtilV2 import org.knora.webapi.routing.RouteUtilZ import org.knora.webapi.slice.admin.api.model.MaintenanceRequests.AssetId import org.knora.webapi.slice.admin.domain.model.KnoraProject.Shortcode -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.resourceinfo.domain.IriConverter import org.knora.webapi.slice.resources.IiifImageRequestUrl @@ -342,7 +342,7 @@ sealed trait ReadValueV2 extends IOValueV2 { /** * The permission that the requesting user has on the value. */ - def userPermission: ObjectAccessPermission + def userPermission: Permission.ObjectAccess /** * The date when the value was created. @@ -493,7 +493,7 @@ case class ReadTextValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: ObjectAccessPermission, + userPermission: Permission.ObjectAccess, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: TextValueContentV2, @@ -532,7 +532,7 @@ case class ReadLinkValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: ObjectAccessPermission, + userPermission: Permission.ObjectAccess, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: LinkValueContentV2, @@ -569,7 +569,7 @@ case class ReadOtherValueV2( valueIri: IRI, attachedToUser: IRI, permissions: String, - userPermission: ObjectAccessPermission, + userPermission: Permission.ObjectAccess, valueCreationDate: Instant, valueHasUUID: UUID, valueContent: ValueContentV2, diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index cfd9c3582e..5d13c513d3 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -35,12 +35,10 @@ import org.knora.webapi.responders.IriLocker import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder import org.knora.webapi.slice.admin.AdminConstants -import org.knora.webapi.slice.admin.domain.model.AdministrativePermission import org.knora.webapi.slice.admin.domain.model.Group import org.knora.webapi.slice.admin.domain.model.GroupIri import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermissions +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.PermissionIri import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.KnoraProjectService @@ -1420,7 +1418,7 @@ final case class PermissionsResponderADMLive( _ = if (permissionsListBuffer.isEmpty) { val defaultFallbackPermission = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.Creator), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.Creator), ) permissionsListBuffer += (("Fallback", defaultFallbackPermission)) } else { @@ -1625,11 +1623,11 @@ final case class PermissionsResponderADMLive( validateDOAPHasPermissions(hasPermissions) hasPermissions.map { permission => val code: Int = permission.permissionCode match { - case None => ObjectAccessPermissions.codeByToken(permission.name) + case None => Permission.ObjectAccess.codeByToken(permission.name) case Some(code) => code } val name = if (permission.name.isEmpty) { - val nameCodeSet: Option[(String, Int)] = ObjectAccessPermissions.codeByToken.find { case (_, code) => + val nameCodeSet: Option[(String, Int)] = Permission.ObjectAccess.codeByToken.find { case (_, code) => code == permission.permissionCode.get } nameCodeSet.get._1 @@ -1654,17 +1652,17 @@ final case class PermissionsResponderADMLive( if (permission.additionalInformation.isEmpty) { throw BadRequestException(s"additionalInformation of a default object access permission type cannot be empty.") } - if (permission.name.nonEmpty && !ObjectAccessPermissions.allTokens(permission.name)) + if (permission.name.nonEmpty && !Permission.ObjectAccess.allTokens(permission.name)) throw BadRequestException( s"Invalid value for name parameter of hasPermissions: ${permission.name}, it should be one of " + - s"${ObjectAccessPermissions.allTokens.mkString(", ")}", + s"${Permission.ObjectAccess.allTokens.mkString(", ")}", ) if (permission.permissionCode.nonEmpty) { val code = permission.permissionCode.get - if (ObjectAccessPermission.from(code).isEmpty) { + if (Permission.ObjectAccess.from(code).isEmpty) { throw BadRequestException( s"Invalid value for permissionCode parameter of hasPermissions: $code, it should be one of " + - s"${ObjectAccessPermissions.allCodes.mkString(", ")}", + s"${Permission.ObjectAccess.allCodes.mkString(", ")}", ) } } @@ -1675,7 +1673,7 @@ final case class PermissionsResponderADMLive( } if (permission.permissionCode.nonEmpty && permission.name.nonEmpty) { val code = permission.permissionCode.get - if (!ObjectAccessPermission.fromToken(permission.name).map(_.code).contains(code)) { + if (!Permission.ObjectAccess.fromToken(permission.name).map(_.code).contains(code)) { throw BadRequestException( s"Given permission code $code and permission name ${permission.name} are not consistent.", ) @@ -2219,8 +2217,8 @@ final case class PermissionsResponderADMLive( forProject = projectIri.value, forGroup = OntologyConstants.KnoraAdmin.ProjectAdmin, hasPermissions = Set( - PermissionADM.from(AdministrativePermission.ProjectAdminAll), - PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll), + PermissionADM.from(Permission.Administrative.ProjectAdminAll), + PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll), ), ), SystemUser, @@ -2232,7 +2230,7 @@ final case class PermissionsResponderADMLive( CreateAdministrativePermissionAPIRequestADM( forProject = projectIri.value, forGroup = OntologyConstants.KnoraAdmin.ProjectMember, - hasPermissions = Set(PermissionADM.from(AdministrativePermission.ProjectResourceCreateAll)), + hasPermissions = Set(PermissionADM.from(Permission.Administrative.ProjectResourceCreateAll)), ), SystemUser, UUID.randomUUID(), @@ -2245,8 +2243,8 @@ final case class PermissionsResponderADMLive( forProject = projectIri.value, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectAdmin), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), SystemUser, @@ -2260,8 +2258,8 @@ final case class PermissionsResponderADMLive( forProject = projectIri.value, forGroup = Some(OntologyConstants.KnoraAdmin.ProjectMember), hasPermissions = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), - PermissionADM.from(ObjectAccessPermission.Modify, OntologyConstants.KnoraAdmin.ProjectMember), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.ProjectAdmin), + PermissionADM.from(Permission.ObjectAccess.Modify, OntologyConstants.KnoraAdmin.ProjectMember), ), ), SystemUser, diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala index c7d25fe4f0..2bc46a467b 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourceUtilV2.scala @@ -28,7 +28,7 @@ import org.knora.webapi.messages.v2.responder.resourcemessages.ReadResourceV2 import org.knora.webapi.messages.v2.responder.valuemessages.FileValueContentV2 import org.knora.webapi.messages.v2.responder.valuemessages.ReadValueV2 import org.knora.webapi.messages.v2.responder.valuemessages.StillImageExternalFileValueContentV2 -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.store.triplestore.api.TriplestoreService import org.knora.webapi.store.triplestore.api.TriplestoreService.Queries.Construct @@ -42,13 +42,13 @@ trait ResourceUtilV2 { * Checks that a user has the specified permission on a resource. * * @param resourceInfo the resource to be updated. - * @param permissionNeeded the necessary ObjectAccessPermission, + * @param permissionNeeded the necessary Permission.ObjectAccess, * @param requestingUser the requesting user. * @return [[ForbiddenException]] if user does not have permission needed on the resource. */ def checkResourcePermission( resourceInfo: ReadResourceV2, - permissionNeeded: ObjectAccessPermission, + permissionNeeded: Permission.ObjectAccess, requestingUser: User, ): IO[ForbiddenException, Unit] @@ -57,14 +57,14 @@ trait ResourceUtilV2 { * * @param resourceInfo the resource containing the value. * @param valueInfo the value to be updated. - * @param permissionNeeded the necessary ObjectAccessPermission, + * @param permissionNeeded the necessary Permission.ObjectAccess, * @param requestingUser the requesting user. * @return [[ForbiddenException]] if user does not have permissions on the value. */ def checkValuePermission( resourceInfo: ReadResourceV2, valueInfo: ReadValueV2, - permissionNeeded: ObjectAccessPermission, + permissionNeeded: Permission.ObjectAccess, requestingUser: User, ): IO[ForbiddenException, Unit] @@ -124,15 +124,15 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela * Checks that a user has the specified permission on a resource. * * @param resourceInfo the resource to be updated. - * @param permissionNeeded the necessary ObjectAccessPermission, + * @param permissionNeeded the necessary Permission.ObjectAccess, * @param requestingUser the requesting user. */ override def checkResourcePermission( resourceInfo: ReadResourceV2, - permissionNeeded: ObjectAccessPermission, + permissionNeeded: Permission.ObjectAccess, requestingUser: User, ): IO[ForbiddenException, Unit] = { - val maybeUserPermission: Option[ObjectAccessPermission] = PermissionUtilADM.getUserPermissionADM( + val maybeUserPermission: Option[Permission.ObjectAccess] = PermissionUtilADM.getUserPermissionADM( entityCreator = resourceInfo.attachedToUser, entityProject = resourceInfo.projectADM.id, entityPermissionLiteral = resourceInfo.permissions, @@ -140,8 +140,8 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela ) val hasRequiredPermission: Boolean = maybeUserPermission match { - case Some(userPermission: ObjectAccessPermission) => userPermission >= permissionNeeded - case None => false + case Some(userPermission: Permission.ObjectAccess) => userPermission >= permissionNeeded + case None => false } ZIO @@ -159,16 +159,16 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela * * @param resourceInfo the resource containing the value. * @param valueInfo the value to be updated. - * @param permissionNeeded the necessary ObjectAccessPermission, + * @param permissionNeeded the necessary Permission.ObjectAccess, * @param requestingUser the requesting user. */ override def checkValuePermission( resourceInfo: ReadResourceV2, valueInfo: ReadValueV2, - permissionNeeded: ObjectAccessPermission, + permissionNeeded: Permission.ObjectAccess, requestingUser: User, ): IO[ForbiddenException, Unit] = { - val maybeUserPermission: Option[ObjectAccessPermission] = PermissionUtilADM.getUserPermissionADM( + val maybeUserPermission: Option[Permission.ObjectAccess] = PermissionUtilADM.getUserPermissionADM( entityCreator = valueInfo.attachedToUser, entityProject = resourceInfo.projectADM.id, entityPermissionLiteral = valueInfo.permissions, @@ -176,8 +176,8 @@ final case class ResourceUtilV2Live(triplestore: TriplestoreService, messageRela ) val hasRequiredPermission: Boolean = maybeUserPermission match { - case Some(userPermission: ObjectAccessPermission) => userPermission >= permissionNeeded - case None => false + case Some(userPermission: Permission.ObjectAccess) => userPermission >= permissionNeeded + case None => false } ZIO diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala index 81aaa40236..d28d794bf0 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ResourcesResponderV2.scala @@ -43,7 +43,7 @@ import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder import org.knora.webapi.responders.v2.resources.CreateResourceV2Handler import org.knora.webapi.slice.admin.domain.model.KnoraProject.ProjectIri -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.KnoraProjectService import org.knora.webapi.slice.admin.domain.service.ProjectService @@ -237,7 +237,7 @@ final case class ResourcesResponderV2( // Check that the user has permission to modify the resource. _ <- resourceUtilV2.checkResourcePermission( resource, - ObjectAccessPermission.Modify, + Permission.ObjectAccess.Modify, updateResourceMetadataRequestV2.requestingUser, ) @@ -384,7 +384,7 @@ final case class ResourcesResponderV2( // Check that the user has permission to mark the resource as deleted. _ <- resourceUtilV2.checkResourcePermission( resource, - ObjectAccessPermission.Delete, + Permission.ObjectAccess.Delete, deleteResourceV2.requestingUser, ) diff --git a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala index 5511bd01d8..66aa8241fc 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/v2/ValuesResponderV2.scala @@ -38,7 +38,7 @@ import org.knora.webapi.messages.v2.responder.valuemessages._ import org.knora.webapi.responders.IriLocker import org.knora.webapi.responders.IriService import org.knora.webapi.responders.Responder -import org.knora.webapi.slice.admin.domain.model.ObjectAccessPermission +import org.knora.webapi.slice.admin.domain.model.Permission import org.knora.webapi.slice.admin.domain.model.User import org.knora.webapi.slice.admin.domain.service.ProjectService import org.knora.webapi.slice.ontology.domain.model.Cardinality.AtLeastOne @@ -178,7 +178,7 @@ final case class ValuesResponderV2Live( // Check that the user has permission to modify the resource. _ <- resourceUtilV2.checkResourcePermission( resourceInfo = resourceInfo, - permissionNeeded = ObjectAccessPermission.Modify, + permissionNeeded = Permission.ObjectAccess.Modify, requestingUser = requestingUser, ) @@ -1015,7 +1015,7 @@ final case class ValuesResponderV2Live( // Validate and reformat the submitted permissions. newValuePermissionLiteral <- permissionUtilADM.validatePermissions(updateValuePermissionsV2.permissions) - // Check that the user has ObjectAccessPermission.ChangeRights on the value, and that the new permissions are + // Check that the user has Permission.ObjectAccess.ChangeRights on the value, and that the new permissions are // different from the current ones. currentPermissionsParsed <- ZIO.attempt(PermissionUtilADM.parsePermissions(currentValue.permissions)) newPermissionsParsed <- @@ -1033,7 +1033,7 @@ final case class ValuesResponderV2Live( _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, valueInfo = currentValue, - permissionNeeded = ObjectAccessPermission.ChangeRights, + permissionNeeded = Permission.ObjectAccess.ChangeRights, requestingUser = requestingUser, ) @@ -1103,7 +1103,7 @@ final case class ValuesResponderV2Live( } // Check that the user has permission to do the update. If they want to change the permissions - // on the value, they need ObjectAccessPermission.ChangeRights, otherwise they need ObjectAccessPermission.Modify. + // on the value, they need Permission.ObjectAccess.ChangeRights, otherwise they need Permission.ObjectAccess.Modify. currentPermissionsParsed <- ZIO.attempt(PermissionUtilADM.parsePermissions(currentValue.permissions)) newPermissionsParsed <- ZIO.attempt( @@ -1114,8 +1114,8 @@ final case class ValuesResponderV2Live( ) permissionNeeded = - if (newPermissionsParsed != currentPermissionsParsed) { ObjectAccessPermission.ChangeRights } - else { ObjectAccessPermission.Modify } + if (newPermissionsParsed != currentPermissionsParsed) { Permission.ObjectAccess.ChangeRights } + else { Permission.ObjectAccess.Modify } _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, @@ -1173,7 +1173,7 @@ final case class ValuesResponderV2Live( // check that the user has permission to modify the resource. resourceUtilV2.checkResourcePermission( resourceInfo = resourceInfo, - permissionNeeded = ObjectAccessPermission.Modify, + permissionNeeded = Permission.ObjectAccess.Modify, requestingUser = requestingUser, ) @@ -1597,7 +1597,7 @@ final case class ValuesResponderV2Live( _ <- resourceUtilV2.checkValuePermission( resourceInfo = resourceInfo, valueInfo = currentValue, - permissionNeeded = ObjectAccessPermission.Delete, + permissionNeeded = Permission.ObjectAccess.Delete, requestingUser, ) @@ -2380,8 +2380,8 @@ final case class ValuesResponderV2Live( */ private lazy val standoffLinkValuePermissions: String = { val permissions: Set[PermissionADM] = Set( - PermissionADM.from(ObjectAccessPermission.ChangeRights, OntologyConstants.KnoraAdmin.SystemUser), - PermissionADM.from(ObjectAccessPermission.View, OntologyConstants.KnoraAdmin.UnknownUser), + PermissionADM.from(Permission.ObjectAccess.ChangeRights, OntologyConstants.KnoraAdmin.SystemUser), + PermissionADM.from(Permission.ObjectAccess.View, OntologyConstants.KnoraAdmin.UnknownUser), ) PermissionUtilADM.formatPermissionADMs(permissions, PermissionType.OAP) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala deleted file mode 100644 index 951bacbef2..0000000000 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/AdministrativePermissions.scala +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. - * SPDX-License-Identifier: Apache-2.0 - */ - -package org.knora.webapi.slice.admin.domain.model - -sealed trait AdministrativePermission { - def token: String -} - -object AdministrativePermission { - case object ProjectResourceCreateAll extends AdministrativePermission { - override val token: String = "ProjectResourceCreateAllPermission" - } - case object ProjectResourceCreateRestricted extends AdministrativePermission { - override val token: String = "ProjectResourceCreateRestrictedPermission" - } - case object ProjectAdminAll extends AdministrativePermission { - override val token: String = "ProjectAdminAllPermission" - } - case object ProjectAdminGroupAll extends AdministrativePermission { - override val token: String = "ProjectAdminGroupAllPermission" - } - case object ProjectAdminGroupRestricted extends AdministrativePermission { - override val token: String = "ProjectAdminGroupRestrictedPermission" - } - case object ProjectAdminRightsAll extends AdministrativePermission { - override val token: String = "ProjectAdminRightsAllPermission" - } - - def fromToken(token: String): Option[AdministrativePermission] = - AdministrativePermissions.all.find(_.token == token) -} - -object AdministrativePermissions { - val all: Set[AdministrativePermission] = Set( - AdministrativePermission.ProjectResourceCreateAll, - AdministrativePermission.ProjectResourceCreateRestricted, - AdministrativePermission.ProjectAdminAll, - AdministrativePermission.ProjectAdminGroupAll, - AdministrativePermission.ProjectAdminGroupRestricted, - AdministrativePermission.ProjectAdminRightsAll, - ) - val allTokens: Set[String] = all.map(_.token) -} diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala deleted file mode 100644 index 1bb250766a..0000000000 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/ObjectAccessPermissions.scala +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. - * SPDX-License-Identifier: Apache-2.0 - */ - -package org.knora.webapi.slice.admin.domain.model - -sealed trait ObjectAccessPermission extends Ordered[ObjectAccessPermission] { - self => - def token: String - def code: Int - final override def compare(that: ObjectAccessPermission): Int = self.code - that.code - final override def toString: String = token -} - -object ObjectAccessPermission { - case object RestrictedView extends ObjectAccessPermission { - override val token: String = "RV" - override val code: Int = 1 - } - - case object View extends ObjectAccessPermission { - override val token: String = "V" - override val code: Int = 2 - } - - case object Modify extends ObjectAccessPermission { - override val token: String = "M" - override val code: Int = 6 - } - - case object Delete extends ObjectAccessPermission { - override val token: String = "D" - override val code: Int = 7 - } - - case object ChangeRights extends ObjectAccessPermission { - override val token: String = "CR" - override val code: Int = 8 - } - - val maxPermission: ObjectAccessPermission = ChangeRights - def from(code: Int): Option[ObjectAccessPermission] = ObjectAccessPermissions.all.find(_.code == code) - def fromToken(token: String): Option[ObjectAccessPermission] = - ObjectAccessPermissions.all.find(_.token == token) -} - -object ObjectAccessPermissions { - val all: Set[ObjectAccessPermission] = Set( - ObjectAccessPermission.ChangeRights, - ObjectAccessPermission.Delete, - ObjectAccessPermission.Modify, - ObjectAccessPermission.RestrictedView, - ObjectAccessPermission.View, - ) - val allCodes: Set[Int] = all.map(_.code) - val allTokens: Set[String] = all.map(_.token) - val codeByToken: Map[String, Int] = all.map(p => p.token -> p.code).toMap -} diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/Permission.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/Permission.scala new file mode 100644 index 0000000000..bac17d2332 --- /dev/null +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/Permission.scala @@ -0,0 +1,104 @@ +/* + * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. + * SPDX-License-Identifier: Apache-2.0 + */ + +package org.knora.webapi.slice.admin.domain.model + +sealed trait Permission { + def token: String +} + +object Permission { + sealed trait ObjectAccess extends Ordered[ObjectAccess] with Permission { + self => + def code: Int + final override def compare(that: ObjectAccess): Int = self.code - that.code + final override def toString: String = token + } + + object ObjectAccess { + case object RestrictedView extends ObjectAccess { + override val token: String = "RV" + override val code: Int = 1 + } + + case object View extends ObjectAccess { + override val token: String = "V" + override val code: Int = 2 + } + + case object Modify extends ObjectAccess { + override val token: String = "M" + override val code: Int = 6 + } + + case object Delete extends ObjectAccess { + override val token: String = "D" + override val code: Int = 7 + } + + case object ChangeRights extends ObjectAccess { + override val token: String = "CR" + override val code: Int = 8 + } + + val maxPermission: ObjectAccess = ChangeRights + + def from(code: Int): Option[ObjectAccess] = all.find(_.code == code) + + def fromToken(token: String): Option[ObjectAccess] = all.find(_.token == token) + + val all: Set[ObjectAccess] = Set( + ObjectAccess.ChangeRights, + ObjectAccess.Delete, + ObjectAccess.Modify, + ObjectAccess.RestrictedView, + ObjectAccess.View, + ) + val allCodes: Set[Int] = all.map(_.code) + val allTokens: Set[String] = all.map(_.token) + val codeByToken: Map[String, Int] = all.map(p => p.token -> p.code).toMap + } + + sealed trait Administrative extends Permission + + object Administrative { + case object ProjectResourceCreateAll extends Administrative { + override val token: String = "ProjectResourceCreateAllPermission" + } + + case object ProjectResourceCreateRestricted extends Administrative { + override val token: String = "ProjectResourceCreateRestrictedPermission" + } + + case object ProjectAdminAll extends Administrative { + override val token: String = "ProjectAdminAllPermission" + } + + case object ProjectAdminGroupAll extends Administrative { + override val token: String = "ProjectAdminGroupAllPermission" + } + + case object ProjectAdminGroupRestricted extends Administrative { + override val token: String = "ProjectAdminGroupRestrictedPermission" + } + + case object ProjectAdminRightsAll extends Administrative { + override val token: String = "ProjectAdminRightsAllPermission" + } + + def fromToken(token: String): Option[Administrative] = all.find(_.token == token) + + val all: Set[Administrative] = Set( + Administrative.ProjectResourceCreateAll, + Administrative.ProjectResourceCreateRestricted, + Administrative.ProjectAdminAll, + Administrative.ProjectAdminGroupAll, + Administrative.ProjectAdminGroupRestricted, + Administrative.ProjectAdminRightsAll, + ) + + val allTokens: Set[String] = all.map(_.token) + } +} From 281dbacf8ddc8983eca00f39374ce4ef82c276ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 11:35:42 +0100 Subject: [PATCH 11/16] Inline PermissionsMessagesUtilADM.scala --- .../PermissionsMessagesADM.scala | 4 +- .../PermissionsMessagesUtilADM.scala | 44 ------------------- .../admin/PermissionsResponderADM.scala | 25 ++++++++++- 3 files changed, 25 insertions(+), 48 deletions(-) delete mode 100644 webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index 7638bf7839..2ee21b3f52 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -307,7 +307,7 @@ case class DefaultObjectAccessPermissionForIriGetRequestADM( requestingUser: User, apiRequestID: UUID, ) extends PermissionsResponderRequestADM { - PermissionsMessagesUtilADM.checkPermissionIri(defaultObjectAccessPermissionIri) + PermissionIri.from(defaultObjectAccessPermissionIri).fold(e => throw BadRequestException(e), _.value) } /** @@ -398,7 +398,7 @@ case class DefaultObjectAccessPermissionsStringForPropertyGetADM( */ case class PermissionByIriGetRequestADM(permissionIri: IRI, requestingUser: User) extends PermissionsResponderRequestADM { - PermissionsMessagesUtilADM.checkPermissionIri(permissionIri) + PermissionIri.from(permissionIri).fold(e => throw BadRequestException(e), _.value) } ////////////////////////////////////////////////////////////////////////////////////////////////////////////////// diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala deleted file mode 100644 index 6f736480b3..0000000000 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesUtilADM.scala +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright © 2021 - 2024 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. - * SPDX-License-Identifier: Apache-2.0 - */ - -package org.knora.webapi.messages.admin.responder.permissionsmessages - -import dsp.errors.BadRequestException -import org.knora.webapi.IRI -import org.knora.webapi.slice.admin.domain.model.Permission -import org.knora.webapi.slice.admin.domain.model.PermissionIri - -/** - * Providing helper methods. - */ -object PermissionsMessagesUtilADM { - - //////////////////// - // Helper Methods // - //////////////////// - - /** - * For administrative permission we only need the name parameter of each PermissionADM given in hasPermissions collection. - * This method, validates the content of hasPermissions collection by only keeping the values of name params. - * @param hasPermissions Set of the permissions. - */ - def verifyHasPermissionsAP(hasPermissions: Set[PermissionADM]): Set[PermissionADM] = { - val updatedPermissions = hasPermissions.map { permission => - if (Permission.Administrative.fromToken(permission.name).isEmpty) - throw BadRequestException( - s"Invalid value for name parameter of hasPermissions: ${permission.name}, it should be one of " + - s"${Permission.Administrative.allTokens.mkString(", ")}", - ) - PermissionADM( - name = permission.name, - additionalInformation = None, - permissionCode = None, - ) - } - updatedPermissions - } - - def checkPermissionIri(iri: IRI): IRI = PermissionIri.from(iri).fold(e => throw BadRequestException(e), _.value) -} diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index 5d13c513d3..3f4971d980 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -707,9 +707,30 @@ final case class PermissionsResponderADMLive( GroupIri.from(req.forGroup).getOrElse(throw BadRequestException(s"Invalid group IRI ${req.forGroup}")) } - PermissionsMessagesUtilADM.verifyHasPermissionsAP(req.hasPermissions) + verifyHasPermissionsAP(req.hasPermissions) + }.unit + /** + * For administrative permission we only need the name parameter of each PermissionADM given in hasPermissions collection. + * This method, validates the content of hasPermissions collection by only keeping the values of name params. + * @param hasPermissions Set of the permissions. + */ + private def verifyHasPermissionsAP(hasPermissions: Set[PermissionADM]): Set[PermissionADM] = + hasPermissions + .map(_.name) + .map { name => + Permission.Administrative + .fromToken(name) + .getOrElse( + throw BadRequestException( + s"Invalid value for name parameter of hasPermissions: $name, it should be one of " + s"${Permission.Administrative.allTokens + .mkString(", ")}", + ), + ) + } + .map(PermissionADM.from) + override def createAdministrativePermission( createRequest: CreateAdministrativePermissionAPIRequestADM, requestingUser: User, @@ -1817,7 +1838,7 @@ final case class PermissionsResponderADMLive( case ap: AdministrativePermissionADM => // Yes. val verifiedPermissions = - PermissionsMessagesUtilADM.verifyHasPermissionsAP(newHasPermissions.toSet) + verifyHasPermissionsAP(newHasPermissions.toSet) for { formattedPermissions <- ZIO.attempt( From 8f96c2a6319048ed0885f36b9fd19e03c9b8b7c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 12:13:16 +0100 Subject: [PATCH 12/16] Make PermissionIri extend StringValue --- .../slice/admin/domain/model/PermissionIri.scala | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala index 91382fc88e..2dc17b896f 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala @@ -7,15 +7,16 @@ package org.knora.webapi.slice.admin.domain.model import sttp.tapir.Codec import sttp.tapir.CodecFormat - import dsp.valueobjects.Iri.isIri import dsp.valueobjects.UuidUtil import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.DefaultPermissionProperties import org.knora.webapi.slice.admin.domain.model.KnoraProject.Shortcode +import org.knora.webapi.slice.common.StringValueCompanion +import org.knora.webapi.slice.common.Value.StringValue -final case class PermissionIri private (value: String) extends AnyVal +final case class PermissionIri private (value: String) extends AnyVal with StringValue -object PermissionIri { +object PermissionIri extends StringValueCompanion[PermissionIri] { implicit val tapirCodec: Codec[String, PermissionIri, CodecFormat.TextPlain] = Codec.string.mapEither(PermissionIri.from)(_.value) @@ -40,9 +41,6 @@ object PermissionIri { case _ => Left(s"Invalid permission IRI: $value.") } - def unsafeFrom(value: String): PermissionIri = - from(value).fold(msg => throw new IllegalArgumentException(msg), identity) - /** * Creates a new permission IRI based on a UUID. * From 9b6ecbd46823651a4d17eec157724cc8e74ac505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 12:13:29 +0100 Subject: [PATCH 13/16] revert toString values for PermissionType --- .../permissionsmessages/PermissionsMessagesADM.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index 2ee21b3f52..a929ca2fd5 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -762,10 +762,10 @@ object PermissionProfileType { sealed trait PermissionType object PermissionType { case object OAP extends PermissionType { - override def toString: String = "Permission.ObjectAccess" + override def toString: String = "ObjectAccessPermission" } case object AP extends PermissionType { - override def toString: String = "Permission.Administrative" + override def toString: String = "AdministrativePermission" } case object DOAP extends PermissionType { override def toString: String = "DefaultObjectAccessPermission" From 5e04b82fd453601854c8cc8da61f6bda63194269 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 12:20:25 +0100 Subject: [PATCH 14/16] revert scaladoc values for AdministrativePermission --- .../permissionsmessages/PermissionsMessagesADM.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala index a929ca2fd5..401e449a39 100644 --- a/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/messages/admin/responder/permissionsmessages/PermissionsMessagesADM.scala @@ -638,7 +638,7 @@ case class PermissionsDataADM( } /** - * Represents 'knora-base:Permission.Administrative' + * Represents 'knora-base:AdministrativePermission' * * @param iri the IRI of the permission. * @param permissionType the type of the permission. @@ -668,7 +668,7 @@ case class ObjectAccessPermissionADM( } /** - * Represents 'knora-base:Permission.Administrative' + * Represents 'knora-base:AdministrativePermission' * * @param iri the IRI of the administrative permission. * @param forProject the project this permission applies to. From 2d08e9b09de13ede14d052a115c7589a8f9dec3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 12:20:35 +0100 Subject: [PATCH 15/16] fmt --- .../knora/webapi/slice/admin/domain/model/PermissionIri.scala | 1 + 1 file changed, 1 insertion(+) diff --git a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala index 2dc17b896f..3147cc108e 100644 --- a/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala +++ b/webapi/src/main/scala/org/knora/webapi/slice/admin/domain/model/PermissionIri.scala @@ -7,6 +7,7 @@ package org.knora.webapi.slice.admin.domain.model import sttp.tapir.Codec import sttp.tapir.CodecFormat + import dsp.valueobjects.Iri.isIri import dsp.valueobjects.UuidUtil import org.knora.webapi.messages.OntologyConstants.KnoraAdmin.DefaultPermissionProperties From b6c4013d1276d845a9a1198bb76725583eee1055 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Kleinb=C3=B6lting?= Date: Thu, 28 Mar 2024 15:59:46 +0100 Subject: [PATCH 16/16] Update webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala Co-authored-by: Balduin Landolt <33053745+BalduinLandolt@users.noreply.github.com> --- .../knora/webapi/responders/admin/PermissionsResponderADM.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala index 3f4971d980..1b5d2ddde8 100644 --- a/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala +++ b/webapi/src/main/scala/org/knora/webapi/responders/admin/PermissionsResponderADM.scala @@ -713,7 +713,7 @@ final case class PermissionsResponderADMLive( /** * For administrative permission we only need the name parameter of each PermissionADM given in hasPermissions collection. - * This method, validates the content of hasPermissions collection by only keeping the values of name params. + * This method validates the content of hasPermissions collection by only keeping the values of name params. * @param hasPermissions Set of the permissions. */ private def verifyHasPermissionsAP(hasPermissions: Set[PermissionADM]): Set[PermissionADM] =