Analysis
(The purpose of the analysis is to give as much as possible of the needed information for designing and implementing the task.)
Overview
Users and the groups they belong to, must be represented by objects. There must be a service or services that provide API to manage the users and the groups, their attributes and permissions. This API will use the persistence layer to persist the data to the database and will be used by the web services and the client and web views. Depends on S2S_DEPLOY_TECHNOLOGIES_R0.
Task requirements
- object model for the security logic and services that will manage it.
- implement security server core on basic level so we can work with users and groups.
- create good junit tests
Task result
User and Group classes with their required properties. Security service or services. Exceptions thrown by the security logic.
Implementation idea
The user and group classes will be simple java beans. The service will have methods like:
public User login(String username, String password) {...}
public void register(user newUser) throws SecurityException {...}
... and etc.
Related
The service in the security logic will communicate with the daos from the persistence layer created in S2S_PERSISTENCE_COMMONS_R0.
How to demo
- Demostrate how to create, remove, update users.
- Demonstrate how to make groups and add users to them.
- use the result of S2S_DEPLOY_TECHNOLOGIES_R0 task to demonstrate the listed features.
In future the web services and the web view will use this logic.
Design
In this revision there will be two persistent objects in security layer - Users and Groups. Every User will be able to subscribe to zero or more Groups, and every Group will be able to contain zero or more Users.
The security layer in that revision will be represented by two services. One for managing the users of the system and one for managing the groups. The permission logic will be added at later revision when there are books and comments. The services will communicate with the DAO(Data Access Objects) layer to query the database and the queries themselves will not be created here. The results of the web services and the content of the web pages/applets will be controlled from the service layer, that the security logic is part of.
- The UserService:
- Will have method for log in an User. The method will check if the User exists in the database, if the password of the user is right and only then will log in the user by it's user name and password and return the persisted entry. In the other cases it will throw special SecurityException with the right message.
- Will have method for registering of a new user. The method will receive as parameter an not persisted User object if user with the same user name already exists in the database will throw SecurityException with the right message.
- Will have method for deleting an user account, it will take the responsibility to delete all the user subscriptions to books, comments, groups or leave them as anonymous.
- Will have method that provides all the groups an user is subscribed to.
- Will have method that saves the changes an user has made to it's profile.
- The GroupService:
- Will have method for creating of a new group by given name. If a group with such name already exists in the DB will throw SecurityException with appropriate message
- Will have method that retrieves all the users belonging to a group.
- Will have method that deletes an existing group from the database.
- Will have method that removes user from given group.
- Will have method that add user to given group.
Here is the class diagram, describing the above methods:
Tests:
trunk/sophie2-platform/modules/org.sophie2.server/src/test/java/org/sophie2/server/service/GroupServiceTest.java
trunk/sophie2-platform/modules/org.sophie2.server/src/test/java/org/sophie2/server/service/UserServiceTest.java
Implementation
There is no SecurityException class anymore. The implementation is done using boolean return values for the methods.
- the service package with the security logic.
- the last changeset: 623
Testing
Comments
(Write comments for this or later revisions here.)
