From 2f085290160bde9ab4e2d82b7a95eb063145fb74 Mon Sep 17 00:00:00 2001
From: Sonia Zorba <sonia.zorba@inaf.it>
Date: Fri, 26 Mar 2021 16:17:17 +0100
Subject: [PATCH] Group with dot in name escape bugfix
---
.../controller/JWTWebServiceController.java | 2 +-
.../gms/controller/PermissionsController.java | 2 +-
.../ia2/gms/service/GroupNameService.java | 4 ++-
.../controller/PermissionsControllerTest.java | 26 +++++++++++++++++++
.../ia2/gms/service/GroupNameServiceTest.java | 2 +-
5 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
index 95fe2b1..0dd5c86 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
@@ -261,7 +261,7 @@ public class JWTWebServiceController {
if (userId.isPresent()) {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
- String group = String.join(".", userPermission.getGroupCompleteName());
+ String group = groupNameService.getCompleteName(userPermission.getGroupCompleteName());
pw.println(group + " " + userPermission.getPermission());
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
index 68fe489..39f649f 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/PermissionsController.java
@@ -125,7 +125,7 @@ public class PermissionsController {
if (userId.isPresent()) {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (UserPermission userPermission : searchService.getUserPermission(groupEntity, userId.get(), permissionsManager.getCurrentUserPermissions(groupEntity))) {
- String group = String.join(".", userPermission.getGroupCompleteName());
+ String group = groupNameService.getCompleteName(userPermission.getGroupCompleteName());
pw.println(group + " " + userPermission.getPermission());
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/service/GroupNameService.java b/gms/src/main/java/it/inaf/ia2/gms/service/GroupNameService.java
index 8b58646..d9972a0 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/service/GroupNameService.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/service/GroupNameService.java
@@ -83,7 +83,9 @@ public class GroupNameService {
}
private List<String> splitNames(String completeGroupName) {
- return Arrays.asList(completeGroupName.split("(?<!\\\\)\\."));
+ return Arrays.stream(completeGroupName.split("(?<!\\\\)\\."))
+ .map(name -> name.replace("\\.", "."))
+ .collect(Collectors.toList());
}
public String getShortGroupName(String completeGroupName, Optional<String> groupPrefix) {
diff --git a/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java b/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
index 8b41c20..850f97d 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/controller/PermissionsControllerTest.java
@@ -7,11 +7,14 @@ import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.model.RapUserPermission;
import it.inaf.ia2.gms.model.request.AddPermissionRequest;
+import it.inaf.ia2.gms.model.response.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.GroupNameService;
+import it.inaf.ia2.gms.service.SearchService;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import static org.hamcrest.CoreMatchers.is;
@@ -45,6 +48,9 @@ public class PermissionsControllerTest {
@Mock
private PermissionsManager permissionsManager;
+ @Mock
+ private SearchService searchService;
+
@Mock
private GroupsDAO groupsDAO;
@@ -137,6 +143,26 @@ public class PermissionsControllerTest {
.andExpect(content().string("rap_user ADMIN\n"));
}
+ @Test
+ public void testGetUserPermissions() throws Exception {
+
+ when(groupsDAO.findGroupByParentAndName("", "people")).thenReturn(Optional.of(getPeopleGroup()));
+ when(groupsDAO.findGroupByParentAndName("people_id", "name.surname")).thenReturn(Optional.of(getNameSurnameGroup()));
+
+ List<UserPermission> permissions = new ArrayList<>();
+ UserPermission up = new UserPermission();
+ up.setGroupCompleteName(Arrays.asList("people", "name.surname"));
+ up.setPermission(Permission.VIEW_MEMBERS);
+ permissions.add(up);
+
+ when(searchService.getUserPermission(any(), any(), any())).thenReturn(permissions);
+
+ mockMvc.perform(get("/permission?group=people.name\\.surname&user_id=id").principal(getPrincipal())
+ .accept(MediaType.TEXT_PLAIN))
+ .andExpect(status().isOk())
+ .andExpect(content().string("people.name\\.surname VIEW_MEMBERS\n"));
+ }
+
@Test
public void testAddPermission() throws Exception {
diff --git a/gms/src/test/java/it/inaf/ia2/gms/service/GroupNameServiceTest.java b/gms/src/test/java/it/inaf/ia2/gms/service/GroupNameServiceTest.java
index 826e91e..8c16c39 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/service/GroupNameServiceTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/service/GroupNameServiceTest.java
@@ -50,7 +50,7 @@ public class GroupNameServiceTest {
assertEquals(1, names.size());
assertEquals(2, names.get("def").size());
assertEquals("Parent_group", names.get("def").get(0));
- assertEquals("Child\\.withDot", names.get("def").get(1));
+ assertEquals("Child.withDot", names.get("def").get(1));
}
@Test
--
GitLab