From 3f45b7214482d60ab2498f2171f1d6510d72621d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Hron?= Date: Tue, 21 May 2024 13:38:02 +0200 Subject: [PATCH 1/3] Add DirtyCheck annotation and change owner functionality The DirtyCheck annotation has been added to the AbstractAclObjectIdentity class to improve change tracking. Additionally, a 'change owner' function with corresponding integration tests has been added to the AclUtilServiceSpec class to allow for changing the owner of an object. The tests ensure that the change in ownership is properly reflected in both Acl and persistent data. --- .../acl/AclUtilServiceSpec.groovy | 32 +++++++++++++++++++ .../acl/AbstractAclObjectIdentity.groovy | 3 ++ 2 files changed, 35 insertions(+) diff --git a/integration-test-app/src/integration-test/groovy/grails/plugin/springsecurity/acl/AclUtilServiceSpec.groovy b/integration-test-app/src/integration-test/groovy/grails/plugin/springsecurity/acl/AclUtilServiceSpec.groovy index 5d0a55c..a7657e0 100644 --- a/integration-test-app/src/integration-test/groovy/grails/plugin/springsecurity/acl/AclUtilServiceSpec.groovy +++ b/integration-test-app/src/integration-test/groovy/grails/plugin/springsecurity/acl/AclUtilServiceSpec.groovy @@ -175,4 +175,36 @@ class AclUtilServiceSpec extends AbstractAclSpec { ProxyUtils.isProxy report.getClass() aclUtilService.hasPermission(authenticateAsUser(false), report, WRITE) } + + void 'change owner'() { + given: + buildReports() + AclSid sid = new AclSid(sid: 'ben', principal: true).save(failOnError: true) + def report = Report.get(report1Id) + AclClass aclClass = new AclClass(className: Report.name).save(failOnError: true) + AclObjectIdentity aclObjectIdentity = new AclObjectIdentity( + aclClass: aclClass, + objectId: report1Id, + owner: sid, + entriesInheriting: true).save(failOnError: true) + + new AclEntry( + aclObjectIdentity: aclObjectIdentity, + sid: sid, + mask: 1, + granting: true).save(failOnError: true) + flushAndClear() + + expect: 'persistent data to be same as Acl' + aclUtilService.readAcl(report).owner.principal == AclObjectIdentity.findByObjectId(report1Id).owner.sid + + when: + authenticateAsAdmin() + aclUtilService.changeOwner(report, 'admin') + flushAndClear() + + then: "compare Acl with persistent data" + def aoi1 = AclObjectIdentity.findByObjectId(report1Id) + aclUtilService.readAcl(report).owner.principal == aoi1.owner.sid + } } diff --git a/plugin/src/main/groovy/grails/plugin/springsecurity/acl/AbstractAclObjectIdentity.groovy b/plugin/src/main/groovy/grails/plugin/springsecurity/acl/AbstractAclObjectIdentity.groovy index fe9edb6..c8d0cad 100644 --- a/plugin/src/main/groovy/grails/plugin/springsecurity/acl/AbstractAclObjectIdentity.groovy +++ b/plugin/src/main/groovy/grails/plugin/springsecurity/acl/AbstractAclObjectIdentity.groovy @@ -14,6 +14,8 @@ */ package grails.plugin.springsecurity.acl +import grails.gorm.dirty.checking.DirtyCheck + import groovy.transform.EqualsAndHashCode import groovy.transform.ToString @@ -25,6 +27,7 @@ import groovy.transform.ToString */ @EqualsAndHashCode(includes=['aclClass', 'parent', 'owner', 'entriesInheriting']) @ToString(includeNames=true) +@DirtyCheck abstract class AbstractAclObjectIdentity implements Serializable { AclClass aclClass From f33171ead6d40666121e5a7a4fc1ad887d26d952 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Hron?= Date: Tue, 21 May 2024 13:54:18 +0200 Subject: [PATCH 2/3] Update projectVersion --- gradle.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle.properties b/gradle.properties index 2c33e03..bd5bb21 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,4 +1,4 @@ -projectVersion=4.0.0.BUILD-SNAPSHOT +projectVersion=4.0.0.BSA grailsVersion=4.0.0.RC1 gormVersion=7.0.0.RC2 gradleWrapperVersion=4.9 @@ -7,4 +7,4 @@ springSecurityVersion=5.1.2.RELEASE springSecurityCoreVersion=4.0.0.M2 javaServletApiVersion=3.1.0 micronautVersion=1.0.5 -hibernateCoreVersion=5.3.7.Final \ No newline at end of file +hibernateCoreVersion=5.3.7.Final From ad768601f3862ff26806c5e254cebdae666c7034 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Hron?= Date: Fri, 24 May 2024 17:43:17 +0200 Subject: [PATCH 3/3] Update owner parameter in changeOwner method Modified the changeOwner method in AclUtilService.groovy to handle various types of input recipients. The new recipient can be a username, role name, Sid, or Authentication. --- .../grails/plugin/springsecurity/acl/AclUtilService.groovy | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/plugin/grails-app/services/grails/plugin/springsecurity/acl/AclUtilService.groovy b/plugin/grails-app/services/grails/plugin/springsecurity/acl/AclUtilService.groovy index 59c987f..f6ac8c6 100644 --- a/plugin/grails-app/services/grails/plugin/springsecurity/acl/AclUtilService.groovy +++ b/plugin/grails-app/services/grails/plugin/springsecurity/acl/AclUtilService.groovy @@ -102,11 +102,12 @@ class AclUtilService { * Update the owner of the domain class instance. * * @param domainObject the domain class instance - * @param newOwnerUsername the new username + * @param newRecipient can be a username, role name, Sid, or Authentication */ - void changeOwner(domainObject, String newUsername) { + void changeOwner(domainObject, recipient) { MutableAcl acl = readAcl(domainObject) - acl.owner = new PrincipalSid(newUsername) + Sid newSid = createSid(recipient) + acl.owner = newSid aclService.updateAcl acl }