Skip to content

Commit 38cc4eb

Browse files
GiooDevGiooDev
committed
Merge branch 'cherry-pick-a915173f-2' into 'master_8.0.x'
CP V8.0 - Bug #14348: Protecting VitamUI's context and security-profile from deletion during TNR execution. Bug #14348: Protecting VitamUI's context and security-profile from deletion during TNR execution. See merge request vitam/vitam!10684 (cherry picked from commit a915173) f2bc43a Bug #14348: Protecting VitamUI's context and security-profile from deletion during TNR execution. Co-authored-by: Julien Georges <julien.georges@culture.gouv.fr> See merge request vitam/vitam!10687
2 parents 302b1c7 + 001efbb commit 38cc4eb

File tree

2 files changed

+102
-37
lines changed

2 files changed

+102
-37
lines changed

sources/ihm-recette/ihm-recette-web-application/src/main/java/fr/gouv/vitam/ihmrecette/appserver/WebApplicationResourceDelete.java

Lines changed: 27 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
import fr.gouv.vitam.common.client.VitamContext;
3434
import fr.gouv.vitam.common.database.builder.query.Query;
3535
import fr.gouv.vitam.common.database.builder.query.QueryHelper;
36+
import fr.gouv.vitam.common.database.builder.query.BooleanQuery;
3637
import fr.gouv.vitam.common.database.builder.request.exception.InvalidCreateOperationException;
3738
import fr.gouv.vitam.common.database.builder.request.single.Delete;
3839
import fr.gouv.vitam.common.database.server.DbRequestResult;
@@ -95,7 +96,6 @@
9596
import java.util.List;
9697
import java.util.Queue;
9798

98-
9999
/**
100100
* Web Application Resource class for delete features
101101
*/
@@ -104,9 +104,9 @@
104104
public class WebApplicationResourceDelete {
105105

106106
private static final String CONTEXT_NAME = "Name";
107-
private static final String CONTEXT_TO_SAVE = "admin-context";
108-
private static final String SECURITY_PROFIL_NAME = "Name";
109-
private static final String SECURITY_PROFIL_NAME_TO_SAVE = "admin-security-profile";
107+
private static final String[] CONTEXTS_TO_SAVE = {"admin-context", "vitamui-context"};
108+
private static final String SECURITY_PROFILE_NAME = "Name";
109+
private static final String[] SECURITY_PROFILES_TO_SAVE = {"admin-security-profile", "vitamui-security-profile"};
110110
private static final String ONTOLOGY_ORIGIN = "Origin";
111111
private static final String ONTOLOGY_EXTERNAL = "EXTERNAL";
112112
private static final VitamLogger LOGGER = VitamLoggerFactory.getInstance(WebApplicationResourceDelete.class);
@@ -760,14 +760,14 @@ public Response deleteMasterdataContext() {
760760
*
761761
* @return Response
762762
*/
763-
@Path("masterdata/securityProfil")
763+
@Path("masterdata/securityProfile")
764764
@DELETE
765765
@Produces(MediaType.APPLICATION_JSON)
766-
public Response deleteMasterdataSecurityProfil() {
766+
public Response deleteMasterdataSecurityProfile() {
767767
Delete delete = null;
768768

769769
try {
770-
delete = queryDeleteSecurityProfil();
770+
delete = queryDeleteSecurityProfile();
771771

772772
mongoDbAccessAdmin.deleteCollectionForTesting(FunctionalAdminCollections.SECURITY_PROFILE, delete);
773773

@@ -944,7 +944,7 @@ public Response purgeDataForTnr() {
944944

945945
deleteMasterdataContext().close();
946946

947-
deleteMasterdataSecurityProfil().close();
947+
deleteMasterdataSecurityProfile().close();
948948

949949
return Response.status(Status.OK).build();
950950
}
@@ -971,9 +971,9 @@ public Response deleteAll() {
971971
LOGGER.error("Cannot create delegate logbook operation", exc);
972972
}
973973

974-
deleteMetadaOg(tenantId, collectionKO, parameters, helper);
974+
deleteMetadataOg(tenantId, collectionKO, parameters, helper);
975975

976-
deleteMetadaUnit(tenantId, collectionKO, parameters, helper);
976+
deleteMetadataUnit(tenantId, collectionKO, parameters, helper);
977977

978978
deleteRules(collectionKO, parameters, helper);
979979

@@ -1026,7 +1026,7 @@ public Response deleteAll() {
10261026
}
10271027
}
10281028

1029-
public void deleteMetadaOg(Integer tenantId, List<String> collectionKO, LogbookOperationParameters parameters,
1029+
public void deleteMetadataOg(Integer tenantId, List<String> collectionKO, LogbookOperationParameters parameters,
10301030
LogbookOperationsClientHelper helper) {
10311031
parameters.putParameterValue(LogbookParameterName.eventType, STP_DELETE_METADATA_OG).setStatus(StatusCode.OK)
10321032
.putParameterValue(LogbookParameterName.outcomeDetail,
@@ -1052,7 +1052,7 @@ public void deleteMetadaOg(Integer tenantId, List<String> collectionKO, LogbookO
10521052
}
10531053
}
10541054

1055-
public void deleteMetadaUnit(Integer tenantId, List<String> collectionKO, LogbookOperationParameters parameters,
1055+
public void deleteMetadataUnit(Integer tenantId, List<String> collectionKO, LogbookOperationParameters parameters,
10561056
LogbookOperationsClientHelper helper) {
10571057
parameters.putParameterValue(LogbookParameterName.eventType, STP_DELETE_METADATA_UNIT).setStatus(StatusCode.OK)
10581058
.putParameterValue(LogbookParameterName.outcomeDetailMessage,
@@ -1433,15 +1433,27 @@ private void deleteContext(List<String> collectionKO, LogbookOperationParameters
14331433
private Delete queryDeleteContext() throws InvalidCreateOperationException {
14341434

14351435
final Delete delete = new Delete();
1436-
final Query query = QueryHelper.not().add(QueryHelper.eq(CONTEXT_NAME, CONTEXT_TO_SAVE));
1436+
final BooleanQuery orQuery = QueryHelper.or();
1437+
1438+
for (String contextToSave : CONTEXTS_TO_SAVE) {
1439+
orQuery.add(QueryHelper.eq(CONTEXT_NAME, contextToSave));
1440+
}
1441+
1442+
final Query query = QueryHelper.not().add(orQuery);
14371443
delete.setQuery(query);
14381444
return delete;
14391445
}
14401446

1441-
private Delete queryDeleteSecurityProfil() throws InvalidCreateOperationException {
1447+
private Delete queryDeleteSecurityProfile() throws InvalidCreateOperationException {
14421448

14431449
final Delete delete = new Delete();
1444-
final Query query = QueryHelper.not().add(QueryHelper.eq(SECURITY_PROFIL_NAME, SECURITY_PROFIL_NAME_TO_SAVE));
1450+
final BooleanQuery orQuery = QueryHelper.or();
1451+
1452+
for (String securityProfileToSave : SECURITY_PROFILES_TO_SAVE) {
1453+
orQuery.add(QueryHelper.eq(SECURITY_PROFILE_NAME, securityProfileToSave));
1454+
}
1455+
1456+
final Query query = QueryHelper.not().add(orQuery);
14451457
delete.setQuery(query);
14461458
return delete;
14471459
}

sources/ihm-recette/ihm-recette-web-application/src/test/java/fr/gouv/vitam/ihmrecette/appserver/WebApplicationResourceDeleteTest.java

Lines changed: 75 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -128,9 +128,9 @@ public class WebApplicationResourceDeleteTest {
128128
private static final VitamLogger LOGGER = VitamLoggerFactory.getInstance(WebApplicationResourceDeleteTest.class);
129129

130130
private static final String CONTEXT_NAME = "Name";
131-
private static final String ADMIN_CONTEXT = "admin-context";
131+
private static final String[] CONTEXTS_TO_SAVE = {"admin-context", "vitamui-context"};
132132
private static final String SECURITY_PROFIL_NAME = "Name";
133-
private static final String SECURITY_PROFIL_NAME_TO_SAVE = "admin-security-profile";
133+
private static final String[] SECURITY_PROFILES_TO_SAVE = {"admin-security-profile", "vitamui-security-profile"};
134134
// Take it from conf file
135135
private static final String DEFAULT_WEB_APP_CONTEXT = "/ihm-recette";
136136
private static final String CREDENTIALS = "{\"token\": {\"principal\": \"myName\", \"credentials\": \"myName\"}}";
@@ -588,16 +588,18 @@ public void testDeleteMasterdataContextOK() {
588588
VitamThreadUtils.getVitamSession().setTenantId(TENANT_ID);
589589

590590
final GUID adminContext = addAdminContextData(FunctionalAdminCollections.CONTEXT);
591-
// Needs two contexts for testing purposes (admin context won't be deleted)
592-
final GUID idContext2 = addData(FunctionalAdminCollections.CONTEXT);
591+
final GUID vitamuiContext = addVitamuiContextData(FunctionalAdminCollections.CONTEXT);
592+
final GUID idContextToDelete = addData(FunctionalAdminCollections.CONTEXT);
593593
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, adminContext.getId()));
594-
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, idContext2.getId()));
594+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, vitamuiContext.getId()));
595+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, idContextToDelete.getId()));
595596
given().header(GlobalDataRest.X_TENANT_ID, TENANT_ID).header(GlobalDataRest.X_CSRF_TOKEN, tokenCSRF)
596597
.header(GlobalDataRest.X_REQUEST_ID, VitamThreadUtils.getVitamSession().getRequestId())
597598
.cookie(COOKIE).expect().statusCode(Status.OK.getStatusCode()).when()
598599
.delete("delete/masterdata/context");
599600
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, adminContext.getId()));
600-
assertFalse(existsData(FunctionalAdminCollections.CONTEXT, idContext2.getId()));
601+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, vitamuiContext.getId()));
602+
assertFalse(existsData(FunctionalAdminCollections.CONTEXT, idContextToDelete.getId()));
601603
} catch (final Exception e) {
602604
LOGGER.error(e);
603605
fail("Exception using mongoDbAccess");
@@ -611,16 +613,18 @@ public void testDeleteMasterdataSecuryityProfilOK() {
611613
VitamThreadUtils.getVitamSession().setTenantId(TENANT_ID);
612614

613615
final GUID adminSecurity = addAdminSecurityData(FunctionalAdminCollections.SECURITY_PROFILE);
614-
// Needs two contexts for testing purposes (admin context won't be deleted)
615-
final GUID idSecurity = addData(FunctionalAdminCollections.SECURITY_PROFILE);
616+
final GUID vitamuiSecurity = addVitamuiSecurityData(FunctionalAdminCollections.SECURITY_PROFILE);
617+
final GUID idSecurityToDelete = addData(FunctionalAdminCollections.SECURITY_PROFILE);
616618
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, adminSecurity.getId()));
617-
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, idSecurity.getId()));
619+
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, vitamuiSecurity.getId()));
620+
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, idSecurityToDelete.getId()));
618621
given().header(GlobalDataRest.X_TENANT_ID, TENANT_ID).header(GlobalDataRest.X_CSRF_TOKEN, tokenCSRF)
619622
.header(GlobalDataRest.X_REQUEST_ID, VitamThreadUtils.getVitamSession().getRequestId())
620623
.cookie(COOKIE).expect().statusCode(Status.OK.getStatusCode()).when()
621-
.delete("delete/masterdata/securityProfil");
624+
.delete("delete/masterdata/securityProfile");
622625
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, adminSecurity.getId()));
623-
assertFalse(existsData(FunctionalAdminCollections.SECURITY_PROFILE, idSecurity.getId()));
626+
assertTrue(existsData(FunctionalAdminCollections.SECURITY_PROFILE, vitamuiSecurity.getId()));
627+
assertFalse(existsData(FunctionalAdminCollections.SECURITY_PROFILE, idSecurityToDelete.getId()));
624628
} catch (final Exception e) {
625629
LOGGER.error(e);
626630
fail("Exception using mongoDbAccess");
@@ -652,9 +656,11 @@ public void testDeleteAllOk()
652656
assertTrue(existsData(FunctionalAdminCollections.ACCESSION_REGISTER_SUMMARY, idRegisterSummary.getId()));
653657
assertTrue(existsData(FunctionalAdminCollections.ACCESSION_REGISTER_DETAIL, idRegisterDetail.getId()));
654658
final GUID adminContext = addAdminContextData(FunctionalAdminCollections.CONTEXT);
655-
final GUID idContext2 = addData(FunctionalAdminCollections.CONTEXT);
659+
final GUID vitamuiContext = addVitamuiContextData(FunctionalAdminCollections.CONTEXT);
660+
final GUID idContextToDelete = addData(FunctionalAdminCollections.CONTEXT);
656661
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, adminContext.getId()));
657-
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, idContext2.getId()));
662+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, vitamuiContext.getId()));
663+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, idContextToDelete.getId()));
658664

659665
final GUID idOntology = addData(FunctionalAdminCollections.ONTOLOGY);
660666
assertTrue(existsData(FunctionalAdminCollections.ONTOLOGY, idOntology.getId()));
@@ -675,10 +681,10 @@ public void testDeleteAllOk()
675681
assertFalse(existsData(FunctionalAdminCollections.AGENCIES, idAgency.getId()));
676682
assertFalse(existsData(FunctionalAdminCollections.ACCESSION_REGISTER_SUMMARY, idRegisterSummary.getId()));
677683
assertFalse(existsData(FunctionalAdminCollections.ACCESSION_REGISTER_DETAIL, idRegisterDetail.getId()));
678-
assertFalse(existsData(FunctionalAdminCollections.PROFILE, idProfile.getId()));
679-
assertFalse(existsData(FunctionalAdminCollections.CONTEXT, idContext2.getId()));
680-
//Admin context must still exist
684+
assertFalse(existsData(FunctionalAdminCollections.CONTEXT, idContextToDelete.getId()));
685+
//Admin and VitamUI contexts must still exist
681686
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, adminContext.getId()));
687+
assertTrue(existsData(FunctionalAdminCollections.CONTEXT, vitamuiContext.getId()));
682688
} catch (final ReferentialException | InvalidParseOperationException | DocumentAlreadyExistsException e) {
683689
LOGGER.error(e);
684690
fail("Exception using mongoDbAccess");
@@ -754,7 +760,7 @@ private GUID addData(FunctionalAdminCollections collection)
754760
case RULES:
755761
data1.put("RuleId", "APP-00001");
756762
data1.put("RuleType", "AppraisalRule");
757-
data1.put("RuleValue", "Dossier individuel dagent civil");
763+
data1.put("RuleValue", "Dossier individuel d'agent civil");
758764
data1.put("RuleDuration", "80");
759765
data1.put("RuleMeasurement", "Year");
760766
data1.put("CreationDate", "2019-02-10");
@@ -849,7 +855,7 @@ public GUID addData(LogbookCollections collection) {
849855
public GUID addAdminContextData(FunctionalAdminCollections collection)
850856
throws ReferentialException, InvalidCreateOperationException, InvalidGuidOperationException,
851857
InvalidParseOperationException, SchemaValidationException, DocumentAlreadyExistsException {
852-
final Query query = QueryHelper.or().add(QueryHelper.eq(CONTEXT_NAME, ADMIN_CONTEXT));
858+
final Query query = QueryHelper.or().add(QueryHelper.eq(CONTEXT_NAME, CONTEXTS_TO_SAVE[0]));
853859
JsonNode select = query.getCurrentObject();
854860
DbRequestResult result = mongoDbAccessAdmin.findDocuments(select, FunctionalAdminCollections.CONTEXT);
855861
GUID adminContext;
@@ -858,26 +864,52 @@ public GUID addAdminContextData(FunctionalAdminCollections collection)
858864
} else {
859865
adminContext = GUIDFactory.newGUID();
860866
final ObjectNode data1 = JsonHandler.createObjectNode().put("_id", adminContext.getId());
861-
data1.put(CONTEXT_NAME, ADMIN_CONTEXT);
867+
data1.put(CONTEXT_NAME, CONTEXTS_TO_SAVE[0]);
862868
data1.put("Identifier", "Identifier");
863869
data1.put("CreationDate", "2019-02-13");
864870
data1.put("LastUpdate", "2019-02-13");
865871
data1.put("EnableControl", true);
866872
final ObjectNode permissionNode = JsonHandler.createObjectNode();
867873
permissionNode.put("tenant", TENANT_ID);
868874
data1.set("Permissions", JsonHandler.createArrayNode().add(permissionNode));
869-
data1.put("SecurityProfile", "admin-security-profile");
875+
data1.put("SecurityProfile", SECURITY_PROFILES_TO_SAVE[0]);
870876
data1.put("Status", "ACTIVE");
871877
mongoDbAccessAdmin.insertDocument(data1, collection).close();
872878
}
873879
return adminContext;
874880
}
875881

882+
public GUID addVitamuiContextData(FunctionalAdminCollections collection)
883+
throws ReferentialException, InvalidCreateOperationException, InvalidGuidOperationException,
884+
InvalidParseOperationException, SchemaValidationException, DocumentAlreadyExistsException {
885+
final Query query = QueryHelper.or().add(QueryHelper.eq(CONTEXT_NAME, CONTEXTS_TO_SAVE[1]));
886+
JsonNode select = query.getCurrentObject();
887+
DbRequestResult result = mongoDbAccessAdmin.findDocuments(select, FunctionalAdminCollections.CONTEXT);
888+
GUID vitamuiContext;
889+
if (result.getCount() > 0) {
890+
vitamuiContext = GUIDReader.getGUID(result.getDocuments(Context.class, ContextModel.class).get(0).getId());
891+
} else {
892+
vitamuiContext = GUIDFactory.newGUID();
893+
final ObjectNode data1 = JsonHandler.createObjectNode().put("_id", vitamuiContext.getId());
894+
data1.put(CONTEXT_NAME, CONTEXTS_TO_SAVE[1]);
895+
data1.put("Identifier", "Identifier");
896+
data1.put("CreationDate", "2019-02-13");
897+
data1.put("LastUpdate", "2019-02-13");
898+
data1.put("EnableControl", true);
899+
final ObjectNode permissionNode = JsonHandler.createObjectNode();
900+
permissionNode.put("tenant", TENANT_ID);
901+
data1.set("Permissions", JsonHandler.createArrayNode().add(permissionNode));
902+
data1.put("SecurityProfile", SECURITY_PROFILES_TO_SAVE[1]);
903+
data1.put("Status", "ACTIVE");
904+
mongoDbAccessAdmin.insertDocument(data1, collection).close();
905+
}
906+
return vitamuiContext;
907+
}
876908

877909
public GUID addAdminSecurityData(FunctionalAdminCollections collection)
878910
throws ReferentialException, InvalidCreateOperationException, InvalidGuidOperationException,
879911
InvalidParseOperationException, SchemaValidationException, DocumentAlreadyExistsException {
880-
final Query query = QueryHelper.or().add(QueryHelper.eq(SECURITY_PROFIL_NAME, SECURITY_PROFIL_NAME_TO_SAVE));
912+
final Query query = QueryHelper.or().add(QueryHelper.eq(SECURITY_PROFIL_NAME, SECURITY_PROFILES_TO_SAVE[0]));
881913
JsonNode select = query.getCurrentObject();
882914
DbRequestResult result = mongoDbAccessAdmin.findDocuments(select, FunctionalAdminCollections.SECURITY_PROFILE);
883915
GUID adminContext;
@@ -886,7 +918,7 @@ public GUID addAdminSecurityData(FunctionalAdminCollections collection)
886918
} else {
887919
adminContext = GUIDFactory.newGUID();
888920
final ObjectNode data1 = JsonHandler.createObjectNode().put("_id", adminContext.getId());
889-
data1.put(SECURITY_PROFIL_NAME, SECURITY_PROFIL_NAME_TO_SAVE);
921+
data1.put(SECURITY_PROFIL_NAME, SECURITY_PROFILES_TO_SAVE[0]);
890922
data1.put("Identifier", "admin-security-profile");
891923
data1.set("Permissions", new ArrayNode(null));
892924
data1.put("FullAccess", true);
@@ -895,6 +927,27 @@ public GUID addAdminSecurityData(FunctionalAdminCollections collection)
895927
return adminContext;
896928
}
897929

930+
public GUID addVitamuiSecurityData(FunctionalAdminCollections collection)
931+
throws ReferentialException, InvalidCreateOperationException, InvalidGuidOperationException,
932+
InvalidParseOperationException, SchemaValidationException, DocumentAlreadyExistsException {
933+
final Query query = QueryHelper.or().add(QueryHelper.eq(SECURITY_PROFIL_NAME, SECURITY_PROFILES_TO_SAVE[1]));
934+
JsonNode select = query.getCurrentObject();
935+
DbRequestResult result = mongoDbAccessAdmin.findDocuments(select, FunctionalAdminCollections.SECURITY_PROFILE);
936+
GUID vitamuiContext;
937+
if (result.getCount() > 0) {
938+
vitamuiContext = GUIDReader.getGUID(result.getDocuments(Context.class, ContextModel.class).get(0).getId());
939+
} else {
940+
vitamuiContext = GUIDFactory.newGUID();
941+
final ObjectNode data1 = JsonHandler.createObjectNode().put("_id", vitamuiContext.getId());
942+
data1.put(SECURITY_PROFIL_NAME, SECURITY_PROFILES_TO_SAVE[1]);
943+
data1.put("Identifier", "vitamui-security-profile");
944+
data1.set("Permissions", new ArrayNode(null));
945+
data1.put("FullAccess", true);
946+
mongoDbAccessAdmin.insertDocument(data1, collection).close();
947+
}
948+
return vitamuiContext;
949+
}
950+
898951
public boolean existsData(FunctionalAdminCollections collection, String id) {
899952
return mongoDbAccessAdmin.getDocumentById(id, collection) != null;
900953
}

0 commit comments

Comments
 (0)