Upgrade to app-blocks:1.4-SNAPSHOT

pom.xml

@@ -58,7 +58,7 @@
 		<snippetsDirectory>${project.build.directory}/generated-snippets</snippetsDirectory>
 
 		<junit.version>4.12</junit.version>
-		<application.blocks.version>1.3</application.blocks.version>
+		<application.blocks.version>1.4-SNAPSHOT</application.blocks.version>
 		<commons.beanutils.version>1.9.2</commons.beanutils.version>
 		<commons.collections.version>3.2.1</commons.collections.version>
 		<commons.fileupload.version>1.3.1</commons.fileupload.version>

src/main/java/org/genesys2/server/aspect/AsAdminAspect.java

@@ -21,6 +21,7 @@ import java.util.Arrays;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
+import org.genesys.blocks.security.service.BasicUserService;
 import org.genesys2.server.model.UserRole;
 import org.genesys2.server.model.impl.User;
 import org.genesys2.server.service.UserService;
@@ -80,7 +81,7 @@ public class AsAdminAspect {
 	public synchronized Authentication getSystemAdminAccount() {
 		if (SYS_ADMIN == null) {
 			LOG.warn("SYS_ADMIN not loaded. Loading now.");
-			final User sysUser = userService.getSystemUser("SYSTEM");
+			final User sysUser = userService.getUserByEmail(BasicUserService.SYSTEM_ADMIN);
 
 			if (sysUser == null) {
 				LOG.warn("Temporary SYS_ADMIN account is being used.");

src/main/java/org/genesys2/server/listener/sample/CreateAdminListener.java

@@ -49,19 +49,13 @@ public class CreateAdminListener extends RunAsAdminListener {
 		if (userService.listUsers(new PageRequest(0, 1)).getTotalElements() == 0) {
 			createDefaultAccounts();
 		}
-
-		if (userService.getSystemUser("SYSTEM") == null) {
-			createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
-		}
 	}
 
 	private void createDefaultAccounts() throws UserException, PasswordPolicyException {
-		createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
 		createAdmin(defaultAdminEmail, "First Admin", defaultAdminPassword, AccountType.LOCAL);
 	}
 
 	private void createAdmin(String email, String fullName, String password, AccountType accountType) throws UserException, PasswordPolicyException {
-		
 		final User user = userService.createUser(email, fullName, password, accountType);
 		userService.setRoles(user, Sets.newHashSet(UserRole.ADMINISTRATOR));
 		LOG.warn("Admin account for " + email + " has been successfully added.");

src/main/java/org/genesys2/server/model/UserRole.java

@@ -19,7 +19,9 @@ package org.genesys2.server.model;
 import org.springframework.security.core.GrantedAuthority;
 
 public enum UserRole implements GrantedAuthority {
-	USER("User"), ADMINISTRATOR("Administrator"), VALIDATEDUSER("Validated user"), VETTEDUSER("Vetted user"), CONTENTMANAGER("Content Manager");
+	USER("User"), ADMINISTRATOR("Administrator"), VALIDATEDUSER("Validated user"), VETTEDUSER("Vetted user"), CONTENTMANAGER("Content Manager"), 
+	/** Everyone role */
+	EVERYONE("Everyone");
 
 	String label;
 

src/main/java/org/genesys2/server/persistence/domain/UserRepository.java

@@ -27,12 +27,9 @@ import org.springframework.transaction.annotation.Transactional;
 @Transactional
 public interface UserRepository extends JpaRepository<User, Long> {
 
-	@Query("select u from User u where u.email = ?1 and u.accountType != 'SYSTEM'")
+	@Query("select u from User u where lower(u.email) = lower(?1)")
 	User findByEmail(String email);
 
-	@Query("select u from User u where u.email = ?1 and u.accountType = 'SYSTEM'")
-	User findSystemUser(String username);
-
 	User findByUuid(String uuid);
 
 	@Query("select u from User u where u.email like ?1 and u.accountType != 'SYSTEM'")

src/main/java/org/genesys2/server/service/UserService.java

@@ -46,8 +46,6 @@ public interface UserService extends BasicUserService<UserRole, User> {
 
 	UserWrapper getWrappedById(long userId) throws UserException;
 
-	User getSystemUser(String string);
-
 	Page<User> listUsers(Pageable pageable);
 
 	boolean checkPasswordsMatch(String rawPassword, String encodedPassword);

src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java

@@ -19,6 +19,7 @@ package org.genesys2.server.service.impl;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.Date;
 import java.util.HashSet;
@@ -50,6 +51,7 @@ import org.springframework.data.domain.PageImpl;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -60,6 +62,8 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import com.google.common.collect.Sets;
+
 @Service(value = "userService")
 @Transactional(readOnly = true)
 public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implements UserService {
@@ -86,6 +90,23 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
 		return UserRole.USER;
 	}
 
+	@Override
+	protected JpaRepository<User, Long> getUserRepository() {
+		return userRepository;
+	}
+
+	@Override
+	protected User createSystemAdministrator(String username) throws UserException {
+		final User admin = createUser(username, "System Administrator", null, AccountType.SYSTEM);
+		setRoles(admin, Sets.newHashSet(UserRole.ADMINISTRATOR));
+		return admin;
+	}
+
+	@Override
+	public Collection<UserRole> getDefaultUserRoles() {
+		return Sets.newHashSet(UserRole.USER, UserRole.EVERYONE);
+	}
+	
 	@Override
 	@Transactional
 	public User createUser(String email, String fullName, String password, AccountType accountType) throws UserException {
@@ -274,15 +295,6 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
 		return user;
 	}
 
-	@Override
-	public User getSystemUser(String username) {
-		User sysUser = userRepository.findSystemUser(username);
-		if (sysUser != null) {
-			sysUser.getRoles().size();
-		}
-		return sysUser;
-	}
-
 	@Override
 	public boolean exists(String username) {
 		return userRepository.findByEmail(username) != null;

src/main/java/org/genesys2/server/servlet/controller/AclEditController.java

@@ -41,7 +41,7 @@ public class AclEditController extends BaseController {
 	public String permissions(ModelMap model, @PathVariable(value = "clazz") String className, @PathVariable("id") long id,
 			@RequestParam(value = "back", required = false) String backUrl) {
 
-		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(className, id);
+		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(id, className);
 		model.addAttribute("aclObjectIdentity", objectIdentity);
 		if (objectIdentity != null) {
 			model.addAttribute("aclPermissions", aclService.getAvailablePermissions(className));

src/main/java/org/genesys2/server/servlet/controller/rest/PermissionController.java

@@ -27,7 +27,6 @@ import org.genesys.blocks.security.service.CustomAclService;
 import org.genesys2.server.model.impl.User;
 import org.genesys2.server.service.UserService;
 import org.genesys2.server.servlet.model.PermissionJson;
-import org.genesys2.server.servlet.util.PermissionJsonUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -55,15 +54,15 @@ public class PermissionController extends RestController {
 	@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
 	public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
 		LOG.info("Adding permission {}", permissionJson);
-		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
+		final AclObjectIdentity oid = aclService.getObjectIdentity(permissionJson.getOid(), permissionJson.getClazz());
 
 		if (permissionJson.getAuthority() != null) {
 			final AclSid sid = aclService.getAuthoritySid(permissionJson.getAuthority());
-			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), sid, permissionMap);
+			aclService.setPermissions(oid, sid, permissionJson);
 
 		} else if (permissionJson.getSid() != null) {
 			final AclSid sid = aclService.getSid(permissionJson.getSid());
-			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), sid, permissionMap);
+			aclService.setPermissions(oid, sid, permissionJson);
 		}
 
 		return JSON_OK;
@@ -71,16 +70,15 @@ public class PermissionController extends RestController {
 
 	@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
 	public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
-		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
-		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
+		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getOid(), permissionJson.getClazz());
 
 		if (permissionJson.getAuthority() != null) {
 			final AclSid sid = aclService.getAuthoritySid(permissionJson.getAuthority());
-			aclService.updatePermissions(objectIdentity, sid, permissionMap);
+			aclService.setPermissions(objectIdentity, sid, permissionJson);
 
 		} else if (permissionJson.getSid() != null) {
 			final AclSid sid = aclService.getSid(permissionJson.getSid());
-			aclService.updatePermissions(objectIdentity, sid, permissionMap);
+			aclService.setPermissions(objectIdentity, sid, permissionJson);
 		}
 
 		return JSON_OK;
@@ -98,7 +96,7 @@ public class PermissionController extends RestController {
 	@RequestMapping(value = "/autocomplete-oauth-client", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
 	public @ResponseBody Map<String, Long> acOauthClient(@RequestParam("term") String title) {
 		final Map<String, Long> oauthMap = new HashMap<>();
-		for (final OAuthClient client : clientDetailsService.autocompleteClients(title)) {
+		for (final OAuthClient client : clientDetailsService.autocompleteClients(title, 20)) {
 			oauthMap.put(client.getTitle(), client.getId());
 		}
 		return oauthMap;

src/main/java/org/genesys2/server/servlet/model/PermissionJson.java

@@ -16,7 +16,9 @@
 
 package org.genesys2.server.servlet.model;
 
-public class PermissionJson {
+import org.genesys.blocks.security.serialization.Permissions;
+
+public class PermissionJson extends Permissions {
 	// sid
 	private Long sid;
 	private String authority;
@@ -25,13 +27,6 @@ public class PermissionJson {
 	private long oid;
 	private String clazz;
 	
-	// permissions
-	private boolean create;
-	private boolean read;
-	private boolean write;
-	private boolean delete;
-	private boolean manage;
-
 	@Override
 	public String toString() {
 		return "PJ oid=" + oid + " class=" + clazz + " (sid=" + sid + " OR authority=" + authority + ")";

src/main/java/org/genesys2/server/servlet/util/PermissionJsonUtil.java

@@ -25,12 +25,18 @@ import static org.springframework.security.acls.domain.BasePermission.WRITE;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.genesys.blocks.security.serialization.Permissions;
 import org.genesys2.server.servlet.model.PermissionJson;
 
 public final class PermissionJsonUtil {
 	private PermissionJsonUtil() {
 	}
 
+	/**
+	 * @deprecated Use {@link Permissions} instead.
+	 * @param permissionJson
+	 * @return
+	 */
 	public static Map<Integer, Boolean> createPermissionsMap(PermissionJson permissionJson) {
 		final Map<Integer, Boolean> permissionMap = new HashMap<>();
 		permissionMap.put(CREATE.getMask(), permissionJson.isCreate());
@@ -40,5 +46,4 @@ public final class PermissionJsonUtil {
 		permissionMap.put(ADMINISTRATION.getMask(), permissionJson.isManage());
 		return permissionMap;
 	}
-
 }

src/main/java/org/genesys2/spring/config/OAuth2ServerConfig.java

@@ -16,8 +16,10 @@
 package org.genesys2.spring.config;
 
 import org.genesys.blocks.oauth.service.OAuthServiceImpl;
+import org.genesys.blocks.oauth.util.AppBlocksInitializer;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
@@ -26,6 +28,7 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -51,6 +54,12 @@ public class OAuth2ServerConfig {
 		return new OAuthServiceImpl();
 	}
 
+	// TODO Remove in 2.5
+	@Bean
+	protected AppBlocksInitializer appBlocksInitializer() {
+		return new AppBlocksInitializer();
+	}
+
 	@Configuration
 	@EnableResourceServer
 	protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@@ -62,6 +71,7 @@ public class OAuth2ServerConfig {
 
 		@Override
 		public void configure(final HttpSecurity http) throws Exception {
+			/*@formatter:off*/
 			http.requestMatchers().antMatchers("/oauth/**", "/api/**").and()
 				// no sessions
 				.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
@@ -79,9 +89,9 @@ public class OAuth2ServerConfig {
 				.antMatcher("/api/v0/info/version").anonymous().and()
 				// others must be authenticated
 				.antMatcher("/api/**").authorizeRequests().anyRequest().authenticated()
-
-			// Ta
+				
 			;
+			/*@formatter:on*/
 		}
 
 	}
@@ -104,6 +114,9 @@ public class OAuth2ServerConfig {
 		@Autowired
 		@Qualifier("oauthService")
 		private ClientDetailsService clientDetailsService;
+		
+		@Autowired
+		public PasswordEncoder passwordEncoder;
 
 		@Override
 		public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
@@ -117,7 +130,8 @@ public class OAuth2ServerConfig {
 
 		@Override
 		public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
-			oauthServer.allowFormAuthenticationForClients().checkTokenAccess("permitAll()").realm(APPLICATION_RESOURCE_ID + "/client");
+			oauthServer.allowFormAuthenticationForClients().checkTokenAccess("permitAll()").realm(APPLICATION_RESOURCE_ID + "/client")
+				.passwordEncoder(passwordEncoder); // added encoder
 		}
 
 	}
@@ -129,6 +143,12 @@ public class OAuth2ServerConfig {
 		@Qualifier("oauthService")
 		private TokenStore tokenStore;
 
+		@Value("${default.oauth.accessToken.validity}")
+		private int accessTokenValiditySeconds;
+
+		@Value("${default.oauth.refreshToken.validity}")
+		private int refreshTokenValiditySeconds;
+
 		@Bean
 		public ApprovalStore approvalStore() throws Exception {
 			final TokenApprovalStore store = new TokenApprovalStore();
@@ -142,6 +162,8 @@ public class OAuth2ServerConfig {
 			final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
 			defaultTokenServices.setTokenStore(tokenStore);
 			defaultTokenServices.setSupportRefreshToken(true);
+			defaultTokenServices.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
+			defaultTokenServices.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
 			return defaultTokenServices;
 		}
 	}

src/main/resources/application.properties

@@ -35,6 +35,8 @@ default.admin.email=admin@example.com
 default.admin.password=Admin123!
 default.oauthclient.clientId=
 default.oauthclient.clientSecret=
+default.oauth.accessToken.validity=21600
+default.oauth.refreshToken.validity=604800
 
 build.version=${project.version}
 build.artifactId=${project.artifactId}

src/main/resources/liquibase/liquibase-changeLog.yml

@@ -1166,4 +1166,16 @@ databaseChangeLog:
         oldColumnName:   dsd
         remarks:         Dataset column
         tableName:       ds2value
-    
+
+# Upgrade to appliation-blocks:1.4-SNAPSHOT
+- changeSet:
+    id:            1526423063000-1
+    author:        mobreza
+    comment:       Add lastLogin to User
+    changes:
+    - addColumn:
+        columns:
+        - column:
+            name:  lastLogin
+            type:  datetime(6)
+        tableName: user

src/test/java/org/genesys2/tests/resttests/AbstractRestTest.java

@@ -19,11 +19,6 @@ package org.genesys2.tests.resttests;
 import java.io.File;
 import java.util.Set;
 
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.SerializationFeature;
-import com.hazelcast.core.HazelcastInstance;
-import com.hazelcast.core.IQueue;
-
 import org.apache.velocity.app.VelocityEngine;
 import org.elasticsearch.common.collect.Sets;
 import org.genesys.blocks.auditlog.service.ClassPKService;
@@ -164,7 +159,8 @@ import org.springframework.http.converter.json.Jackson2ObjectMapperFactoryBean;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.mail.javamail.JavaMailSenderImpl;
 import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
-import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.annotation.DirtiesContext.HierarchyMode;
@@ -175,6 +171,11 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.hazelcast.core.HazelcastInstance;
+import com.hazelcast.core.IQueue;
+
 @RunWith(SpringJUnit4ClassRunner.class)
 @ContextHierarchy(@ContextConfiguration(name = "this", classes = { AbstractRestTest.Config.class }, initializers = PropertyPlacholderInitializer.class))
 @EnableAspectJAutoProxy
@@ -251,6 +252,11 @@ public abstract class AbstractRestTest extends BaseSpringTest {
 		public CacheManager cacheManager() {
 			return new NoOpCacheManager();
 		}
+		
+		@Bean
+		public PasswordEncoder passwordEncoder() {
+			return new BCryptPasswordEncoder();
+		}
 
 		@Bean
 		public UserService userService() {

src/test/java/org/genesys2/tests/resttests/CropsControllerTest.java

 package org.genesys2.tests.resttests;
 
-import static org.hamcrest.Matchers.*;
-import static org.springframework.restdocs.mockmvc.MockMvcRestDocumentation.*;
-import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.*;
-import static org.springframework.restdocs.payload.PayloadDocumentation.*;
-import static org.springframework.restdocs.request.RequestDocumentation.*;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.notNullValue;
+import static org.hamcrest.Matchers.nullValue;
+import static org.springframework.restdocs.mockmvc.MockMvcRestDocumentation.document;
+import static org.springframework.restdocs.mockmvc.MockMvcRestDocumentation.documentationConfiguration;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.delete;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.post;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.put;
+import static org.springframework.restdocs.payload.PayloadDocumentation.fieldWithPath;
+import static org.springframework.restdocs.payload.PayloadDocumentation.requestFields;
+import static org.springframework.restdocs.payload.PayloadDocumentation.responseFields;
+import static org.springframework.restdocs.request.RequestDocumentation.parameterWithName;
+import static org.springframework.restdocs.request.RequestDocumentation.pathParameters;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import java.util.ArrayList;
 import java.util.List;
 
-import com.fasterxml.jackson.annotation.JsonInclude.Include;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.SerializationFeature;
-
 import org.genesys2.server.model.impl.Crop;
 import org.genesys2.server.model.impl.CropRule;
 import org.junit.After;
@@ -34,6 +40,12 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.context.WebApplicationContext;
 
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+
 @Transactional(transactionManager = "transactionManager")
 public class CropsControllerTest extends AbstractRestTest {
 
@@ -68,15 +80,11 @@ public class CropsControllerTest extends AbstractRestTest {
         
         crop = cropService.addCrop("maize", "Maize", "Crop description in EN", null);
         cropRule = cropService.addCropRule(crop, "Zea", "mays", true);
-
-        List<CropRule> cropRules = new ArrayList<>();
-        cropRules.add(cropRule);
-        crop.setCropRules(cropRules);
+        crop = cropRule.getCrop();
     }
 
     @After
     public void tearDown() {
-        cropRuleRepository.delete(cropRule);
         cropRepository.delete(crop);
     }
 
@@ -90,7 +98,7 @@ public class CropsControllerTest extends AbstractRestTest {
                 .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
                 .andExpect(jsonPath("$", hasSize(1)))
                 .andExpect(jsonPath("$[0].id", is(notNullValue())))
-                .andExpect(jsonPath("$[0].version", is(0)))
+                .andExpect(jsonPath("$[0].version", is(1)))
                 .andExpect(jsonPath("$[0].shortName", is("maize")))
                 .andExpect(jsonPath("$[0].i18n", is(nullValue())))
                 .andExpect(jsonPath("$[0].name", is("Maize")))
@@ -114,7 +122,7 @@ public class CropsControllerTest extends AbstractRestTest {
                 .andExpect(status().isOk())
                 .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
                 .andExpect(jsonPath("$.id", is(notNullValue())))
-                .andExpect(jsonPath("$.version", is(0)))
+                .andExpect(jsonPath("$.version", is(1)))
                 .andExpect(jsonPath("$.shortName", is("rice")))
                 .andExpect(jsonPath("$.i18n", is(nullValue())))
                 .andExpect(jsonPath("$.name", is("Rice")))
@@ -134,6 +142,8 @@ public class CropsControllerTest extends AbstractRestTest {
 		                        fieldWithPath("rdfUri").type(JsonFieldType.STRING).optional().description("URI of RDF term describing the crop"),
 		                        fieldWithPath("i18n").type(JsonFieldType.STRING).optional().description("i18n map"),
                                 fieldWithPath("otherNames").type(JsonFieldType.ARRAY).optional().description("Alternative spellings of the crop name"),
+                                fieldWithPath("active").ignored(),
+                                fieldWithPath("_type").ignored(),
 		                        fieldWithPath("createdBy").ignored(),
 		                        fieldWithPath("createdDate").ignored(),
 		                        fieldWithPath("lastModifiedBy").ignored(),
@@ -152,7 +162,7 @@ public class CropsControllerTest extends AbstractRestTest {
                 .andExpect(status().isOk())
                 .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
                 .andExpect(jsonPath("$.id", is(notNullValue())))
-                .andExpect(jsonPath("$.version", is(0)))
+                .andExpect(jsonPath("$.version", is(1)))
                 .andExpect(jsonPath("$.shortName", is("maize")))
                 .andExpect(jsonPath("$.i18n", is(nullValue())))
                 .andExpect(jsonPath("$.name", is("Maize")))
@@ -168,6 +178,8 @@ public class CropsControllerTest extends AbstractRestTest {
                         fieldWithPath("rdfUri").type(JsonFieldType.STRING).optional().description("URI of RDF term describing the crop"),
                         fieldWithPath("i18n").type(JsonFieldType.STRING).optional().description("i18n map"),
                         fieldWithPath("otherNames").type(JsonFieldType.ARRAY).optional().description("Alternative spellings of the crop name"),
+                        fieldWithPath("active").ignored(),
+                        fieldWithPath("_type").ignored(),
                         fieldWithPath("createdBy").ignored(),
                         fieldWithPath("createdDate").ignored(),
                         fieldWithPath("lastModifiedBy").ignored(),
@@ -188,7 +200,7 @@ public class CropsControllerTest extends AbstractRestTest {
                 .andExpect(status().isOk())
                 .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
                 .andExpect(jsonPath("$.id", is(nullValue())))
-                .andExpect(jsonPath("$.version", is(0)))
+                .andExpect(jsonPath("$.version", is(1)))
                 .andExpect(jsonPath("$.shortName", is("rice")))
                 .andExpect(jsonPath("$.i18n", is(nullValue())))
                 .andExpect(jsonPath("$.name", is("Rice")))

src/test/java/org/genesys2/tests/resttests/TraitsControllerTest.java

@@ -6,15 +6,11 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import java.util.ArrayList;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
 
 import org.genesys.blocks.security.UserException;
 import org.genesys.blocks.security.model.BasicUser.AccountType;
+import org.genesys.blocks.security.serialization.Permissions;
 import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
 import org.genesys2.server.model.UserRole;
 import org.genesys2.server.model.genesys.Method;
@@ -40,6 +36,9 @@ import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 import org.springframework.web.context.WebApplicationContext;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
 @Ignore
 public class TraitsControllerTest extends AbstractRestTest {
 
@@ -71,14 +70,11 @@ public class TraitsControllerTest extends AbstractRestTest {
 
         method = traitService.addMethod("rdfUriMethod", "descriptionMethod", objectMapper.writeValueAsString("en"), "unitForMethod", "fieldName", 1, 2, "options", "range", parameter);
 
-        Map<Integer, Boolean> permission = new HashMap<>();
-        permission.put(4, true);
-        permission.put(1, false);
-        permission.put(2, false);
-        permission.put(8, false);
-        permission.put(16, true);
+        Permissions permission=new Permissions().grantNone();
+        permission.create=true;
+        permission.manage=true;
 
-        aclService.addPermissions(method.getId(), Method.class.getName(), user, permission);
+        aclService.setPermissions(method, user, permission);
 
         List<GrantedAuthority> authorities = new ArrayList<>();
         GrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(UserRole.ADMINISTRATOR.getName());

src/test/java/org/genesys2/tests/resttests/UserControllerTest.java

@@ -7,15 +7,11 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import java.util.ArrayList;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
-
-import com.fasterxml.jackson.databind.JsonNode;