Skip to content

Tests and fixes AIP delete permission checks on relatives, resolves incorrect nested iteration on transactional reports #3580

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
eduardojst10 wants to merge 1 commit into
base: development
Choose a base branch
from
Open

Tests and fixes AIP delete permission checks on relatives, resolves incorrect nested iteration on transactional reports #3580

eduardojst10 wants to merge 1 commit into from

Conversation

@eduardojst10
Copy link
Contributor

@eduardojst10 eduardojst10 commented Jan 13, 2026
edited
Loading

DeleteRodaObjectPluginsUtils.java

  • corrected handling of AIP deletion when sublevel AIPs exist and the user lacks DELETE permission on one or more children
  • prevents unintended orphans when parameter dontCheckRelatives=false

DeleteAIPPermissionTest.java

Test scenarios

  1. Delete parent blocked by child permission:### DeleteRodaObjectPluginsUtils.java
  • corrected handling of AIP deletion when sublevel AIPs exist and the user lacks DELETE permission on one or more children
  • prevents unintended orphans when parameter dontCheckRelatives=false

DeleteAIPPermissionTest.java

Test scenarios

  1. Delete parent blocked by child permission:
    • user has DELETE permission on parent but not on child
    • dontCheckRelatives=false
    • both child and parent are not deleted
  2. Delete parent and child with full permissions:
    • user has DELETE permission on both parent and child
    • dontCheckRelatives=false
    • both child and parent are deleted
  3. Delete child, parent without DELETE permissions:
    • child has no sublevels
    • user has DELETE permission on child but not on parent
    • dontCheckRelatives=false
    • child is deleted
    • parent is not deleted
  4. Delete parent ignoring relatives:
    • user has DELETE permission on parent but not on child
    • dontCheckRelatives=true
    • parent is deleted
    • child is orphan

Additionally tests were made through the use of curl and user bearer token functionality. Since delete permissions of AIP parent are still controlled in roda-wui (AIPController)

Addresses issue #896

RODATransactionManager.java

  • avoid transactional instability caused by concurrent report iteration
  • replaced incorrect nested loop over transactional reports with stream maintaining logic of rollback skip

@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Jan 13, 2026
@dosubot
Copy link

dosubot bot commented Jan 13, 2026

Related Documentation

Checked 5 published document(s) in 1 knowledge base(s). No updates required.

How did I do? Any feedback?  Join Discord

@dosubot dosubot bot added the bug label Jan 13, 2026
006627
006627 requested changes Jan 14, 2026
View reviewed changes
roda-core/roda-core-tests/src/main/java/org/roda/core/storage/DeleteAIPPermissionTest.java
*
* @author Eduardo Teixeira <[email protected]>
*/
public class DeleteAIPPermissionTest {
Copy link
Collaborator

@006627 006627 Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The necessary test annotation to run this test during compilation is missing.

@eduardojst10 eduardojst10 force-pushed the eteixeira-dev-permissionAIP branch from 1ffb11e to e18c9f4 Compare January 15, 2026 11:51
@eduardojst10
fix child aip delete behaviour for user without permissions, tested s…
2eb8af3 
…cenarios for aip delete behaviour; fix concurrentModificationException when iterating and writing over failed reports.
@eduardojst10 eduardojst10 force-pushed the eteixeira-dev-permissionAIP branch from 2373608 to 2eb8af3 Compare January 16, 2026 16:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@006627 006627 006627 requested changes

@hmiguim hmiguim Awaiting requested review from hmiguim

Assignees

No one assigned

Labels

bug size:L This PR changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@eduardojst10 @006627