Commit e23f2c1c authored by Matija Obreza's avatar Matija Obreza
Browse files

#email is used as AclSid#sid name

- PermissionEvaluator uses SID name to match with the principal
parent 477f0630
......@@ -33,6 +33,7 @@ import javax.persistence.FetchType;
import javax.persistence.JoinColumn;
import javax.persistence.MappedSuperclass;
import javax.persistence.PrePersist;
import javax.persistence.PreUpdate;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
......@@ -137,12 +138,14 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AclSid imple
* Ensure UUID.
*/
@PrePersist
@PreUpdate
void ensureUUID() {
if (this.uuid == null) {
this.uuid = UUID.randomUUID().toString();
}
// Use #uuid as SID name
setSid(this.uuid.toString());
// Use #email as SID name
setSid(email);
}
/**
......
......@@ -65,6 +65,18 @@ public class BasicUserServiceTest extends ServiceTest {
assertThat(userUser.getId(), equalTo(user.getId()));
}
@Test
public void testChangeEmail() throws UserException {
final TestUser user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
TestUser user2 = testUserService.updateUser(user, "1" + USER_EMAIL, USER_FULLNAME);
assertThat(user2.getEmail(), equalTo("1" + USER_EMAIL));
// Is AclSid#sid updated?
AclSid sid=testUserService.getUser(user.getId());
assertThat(sid.getId(), equalTo(user.getId()));
assertThat(sid.getSid(), equalTo(user2.getEmail()));
}
@Test
public void testUserIsAclSid() throws UserException {
final TestUser user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
......
......@@ -74,12 +74,12 @@ public class PermissionsTest extends ServiceTest {
List<AclEntry> entries = aclService.getAclEntries(acl1);
for (AclEntry entry : entries) {
assertThat(entry.getAclSid().getId(), equalTo(user.getId()));
assertThat(entry.getAclSid().getSid(), equalTo(user.getUuid()));
assertThat(entry.getAclSid().getSid(), equalTo(user.getEmail()));
}
AclObjectIdentity objectIdentity = aclService.getObjectIdentity(acl1);
assertThat(objectIdentity.getOwnerSid().getId(), equalTo(user.getId()));
assertThat(objectIdentity.getOwnerSid().getSid(), equalTo(user.getUuid()));
assertThat(objectIdentity.getOwnerSid().getSid(), equalTo(user.getEmail()));
LOG.info("Removing entity");
aclEntityPersistence.delete(acl1);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment