added UMA import, closes #811 even harder

openid-connect-common/src/main/java/org/mitre/uma/repository/PermissionRepository.java

@@ -19,6 +19,7 @@ package org.mitre.uma.repository;
 
 import java.util.Collection;
 
+import org.mitre.uma.model.Permission;
 import org.mitre.uma.model.PermissionTicket;
 
 /**
@@ -45,8 +46,24 @@ public interface PermissionRepository {
 	public PermissionTicket getByTicket(String ticket);
 
 	/**
+	 * Get all the tickets in the system (used by the import/export API)
+	 * 
 	 * @return
 	 */
 	public Collection<PermissionTicket> getAll();
 
+	/**
+	 * Save a permission object with no associated ticket (used by the import/export API)
+	 * 
+	 * @param p
+	 * @return 
+	 */
+	public Permission saveRawPermission(Permission p);
+
+	/**
+	 * @param permissionId
+	 * @return
+	 */
+	public Permission getById(Long permissionId);
+
 }

openid-connect-common/src/main/java/org/mitre/uma/service/PermissionService.java

@@ -17,7 +17,6 @@
 
 package org.mitre.uma.service;
 
-import java.util.Collection;
 import java.util.Set;
 
 import org.mitre.uma.model.PermissionTicket;
@@ -56,9 +55,4 @@ public interface PermissionService {
 	 */
 	public PermissionTicket updateTicket(PermissionTicket ticket);
 
-	/**
-	 * @return
-	 */
-	public Collection<PermissionTicket> getAll();
-
 }

openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java

@@ -41,6 +41,4 @@ public interface ResourceSetService {
 
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String authClientId);
 
-	public Collection<ResourceSet> getAll();
-
 }

openid-connect-server-webapp/src/main/resources/db/tables/hsql_database_tables.sql

@@ -299,7 +299,7 @@ CREATE TABLE IF NOT EXISTS permission_ticket (
 
 CREATE TABLE IF NOT EXISTS permission (
 	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
-	resource_set_id BIGINT NOT NULL
+	resource_set_id BIGINT
 );
 
 CREATE TABLE IF NOT EXISTS permission_scope (

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java

@@ -64,9 +64,4 @@ public class DummyResourceSetService implements ResourceSetService {
 		return Collections.emptySet();
 	}
 
-	@Override
-	public Collection<ResourceSet> getAll() {
-		return Collections.emptySet();
-	}
-
 }

uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java

@@ -34,12 +34,14 @@ import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
 import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
+import org.mitre.oauth2.model.RegisteredClient;
 import org.mitre.oauth2.model.SavedUserAuthentication;
 import org.mitre.oauth2.model.SystemScope;
 import org.mitre.oauth2.repository.AuthenticationHolderRepository;
 import org.mitre.oauth2.repository.OAuth2ClientRepository;
 import org.mitre.oauth2.repository.OAuth2TokenRepository;
 import org.mitre.oauth2.repository.SystemScopeRepository;
+import org.mitre.openid.connect.ClientDetailsEntityJsonProcessor;
 import org.mitre.openid.connect.model.ApprovedSite;
 import org.mitre.openid.connect.model.BlacklistedSite;
 import org.mitre.openid.connect.model.WhitelistedSite;
@@ -53,8 +55,8 @@ import org.mitre.uma.model.PermissionTicket;
 import org.mitre.uma.model.Policy;
 import org.mitre.uma.model.ResourceSet;
 import org.mitre.uma.model.SavedRegisteredClient;
-import org.mitre.uma.service.PermissionService;
+import org.mitre.uma.repository.PermissionRepository;
-import org.mitre.uma.service.ResourceSetService;
+import org.mitre.uma.repository.ResourceSetRepository;
 import org.mitre.uma.service.impl.JpaRegisteredClientService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -63,6 +65,8 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.stereotype.Service;
 
+import com.google.gson.JsonElement;
+import com.google.gson.JsonParser;
 import com.google.gson.stream.JsonReader;
 import com.google.gson.stream.JsonToken;
 import com.google.gson.stream.JsonWriter;
@@ -89,6 +93,7 @@ import static org.mitre.util.JsonUtils.writeNullSafeArray;
 @SuppressWarnings(value = {"unchecked"})
 public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements MITREidDataService {
 
+	private static final String REGISTERED_CLIENT = "registeredClient";
 	private static final String DEFAULT_SCOPE = "defaultScope";
 	private static final String STRUCTURED_PARAMETER = "structuredParameter";
 	private static final String STRUCTURED = "structured";
@@ -196,9 +201,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 	@Autowired
 	private JpaRegisteredClientService registeredClientService;
 	@Autowired
-	private ResourceSetService resourceSetService;
+	private ResourceSetRepository resourceSetRepository;
 	@Autowired
-	private PermissionService permissionService;
+	private PermissionRepository permissionRepository;
 	
 	/* (non-Javadoc)
 	 * @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
@@ -275,7 +280,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 	 * @throws IOException 
 	 */
 	private void writePermissionTickets(JsonWriter writer) throws IOException {
-		for (PermissionTicket ticket : permissionService.getAll()) {
+		for (PermissionTicket ticket : permissionRepository.getAll()) {
 			writer.beginObject();
 			
 			writer.name(CLAIMS_SUPPLIED);
@@ -309,7 +314,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 			writer.beginObject();
 			Permission p = ticket.getPermission();
 			writer.name(RESOURCE_SET).value(p.getResourceSet().getId());
-			writer.name(SCOPE);
+			writer.name(SCOPES);
 			writer.beginArray();
 			for (String s : p.getScopes()) {
 				writer.value(s);
@@ -330,7 +335,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 	 * @throws IOException 
 	 */
 	private void writeResourceSets(JsonWriter writer) throws IOException {
-		for (ResourceSet rs : resourceSetService.getAll()) {
+		for (ResourceSet rs : resourceSetRepository.getAll()) {
 			writer.beginObject();
 			writer.name(ID).value(rs.getId());
 			writer.name(CLIENT_ID).value(rs.getClientId());
@@ -343,7 +348,6 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 			writer.beginArray();
 			for (Policy policy : rs.getPolicies()) {
 				writer.beginObject();
-				writer.name(ID).value(policy.getId());
 				writer.name(NAME).value(policy.getName());
 				writer.name(SCOPES);
 				writer.beginArray();
@@ -396,8 +400,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 	private void writeSavedRegisteredClients(JsonWriter writer) throws IOException {
 		for (SavedRegisteredClient src : registeredClientService.getAll()) {
 			writer.beginObject();
-			writer.name("issuer").value(src.getIssuer());
+			writer.name(ISSUER).value(src.getIssuer());
-			writer.name("registeredClient").value(src.getRegisteredClient().getSource().toString());
+			writer.name(REGISTERED_CLIENT).value(src.getRegisteredClient().getSource().toString());
 			writer.endObject();
 			logger.debug("Wrote saved registered client {}", src.getId());
 		}
@@ -450,7 +454,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 			for (Permission p : token.getPermissions()) {
 				writer.beginObject();
 				writer.name(RESOURCE_SET).value(p.getResourceSet().getId());
-				writer.name(SCOPE);
+				writer.name(SCOPES);
 				writer.beginArray();
 				for (String s : p.getScopes()) {
 					writer.value(s);
@@ -764,6 +768,12 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 					readRefreshTokens(reader);
 				} else if (name.equals(SYSTEMSCOPES)) {
 					readSystemScopes(reader);
+				} else if (name.equals(SAVED_REGISTERED_CLIENTS)) {
+					readSavedRegisteredClients(reader);
+				} else if (name.equals(RESOURCE_SETS)) {
+					readResourceSets(reader);
+				} else if (name.equals(PERMISSION_TICKETS)) {
+					readPermissionTickets(reader);
 				} else {
 					// unknown token, skip it
 					reader.skipValue();
@@ -781,14 +791,295 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 		}
 		fixObjectReferences();
 	}
-	private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
+	
-	private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
-	private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
 
 	/**
 	 * @param reader
-	 * @throws IOException
 	 */
+	private void readPermissionTickets(JsonReader reader) throws IOException {
+		JsonParser parser = new JsonParser();
+		reader.beginArray();
+		while (reader.hasNext()) {
+			PermissionTicket ticket = new PermissionTicket();
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+				case END_OBJECT:
+					continue;
+				case NAME:
+					String name = reader.nextName();
+					if (reader.peek() == JsonToken.NULL) {
+						reader.skipValue();
+					} else if (name.equals(CLAIMS_SUPPLIED)) {
+						Set<Claim> claimsSupplied = new HashSet<>();
+						reader.beginArray();
+						while (reader.hasNext()) {
+							Claim c = new Claim();
+							reader.beginObject();
+							while (reader.hasNext()) {
+								switch (reader.peek()) {
+								case END_OBJECT:
+									continue;
+								case NAME:
+									String cname = reader.nextName();
+									if (reader.peek() == JsonToken.NULL) {
+										reader.skipValue();
+									} else if (cname.equals(ISSUER)) {
+										c.setIssuer(readSet(reader));
+									} else if (cname.equals(CLAIM_TOKEN_FORMAT)) {
+										c.setClaimTokenFormat(readSet(reader));
+									} else if (cname.equals(CLAIM_TYPE)) {
+										c.setClaimType(reader.nextString());
+									} else if (cname.equals(FRIENDLY_NAME)) {
+										c.setFriendlyName(reader.nextString());
+									} else if (cname.equals(NAME)) {
+										c.setName(reader.nextString());
+									} else if (cname.equals(VALUE)) {
+										JsonElement e = parser.parse(reader.nextString());
+										c.setValue(e);
+									} else {
+										logger.debug("Found unexpected entry");
+										reader.skipValue();
+									}
+									break;
+								default:
+									logger.debug("Found unexpected entry");
+									reader.skipValue();
+									continue;
+								}
+							}
+							reader.endObject();
+							claimsSupplied.add(c);
+						}
+						reader.endArray();
+						ticket.setClaimsSupplied(claimsSupplied);
+					} else if (name.equals(EXPIRATION)) {
+						ticket.setExpiration(utcToDate(reader.nextString()));
+					} else if (name.equals(PERMISSION)) {
+						Permission p = new Permission();
+						Long rsid = null;
+						reader.beginObject();
+						while (reader.hasNext()) {
+							switch (reader.peek()) {
+							case END_OBJECT:
+								continue;
+							case NAME:
+								String pname = reader.nextName();
+								if (reader.peek() == JsonToken.NULL) {
+									reader.skipValue();
+								} else if (pname.equals(RESOURCE_SET)) {
+									rsid = reader.nextLong();
+								} else if (pname.equals(SCOPES)) {
+									p.setScopes(readSet(reader));
+								} else {
+									logger.debug("Found unexpected entry");
+									reader.skipValue();
+								}
+								break;
+							default:
+								logger.debug("Found unexpected entry");
+								reader.skipValue();
+								continue;
+							}
+						}
+						reader.endObject();
+						Permission saved = permissionRepository.saveRawPermission(p);
+						permissionToResourceRefs.put(saved.getId(), rsid);
+					} else if (name.equals(TICKET)) {
+					} else {
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+					}
+					break;
+				default:
+					logger.debug("Found unexpected entry");
+					reader.skipValue();
+					continue;
+				}
+			}
+			reader.endObject();
+			permissionRepository.save(ticket);
+		}
+		reader.endArray();
+	}
+
+
+	private Map<Long, Long> resourceSetOldToNewIdMap = new HashMap<>();
+	
+	/**
+	 * @param reader
+	 */
+	private void readResourceSets(JsonReader reader) throws IOException {
+		JsonParser parser = new JsonParser();
+		reader.beginArray();
+		while (reader.hasNext()) {
+			Long oldId = null;
+			ResourceSet rs = new ResourceSet();
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+				case END_OBJECT:
+					continue;
+				case NAME:
+					String name = reader.nextName();
+					if (reader.peek() == JsonToken.NULL) {
+						reader.skipValue();
+					} else if (name.equals(ID)) {
+						oldId = reader.nextLong();
+					} else if (name.equals(CLIENT_ID)) {
+						rs.setClientId(reader.nextString());
+					} else if (name.equals(ICON_URI)) {
+						rs.setIconUri(reader.nextString());
+					} else if (name.equals(NAME)) {
+						rs.setName(reader.nextString());
+					} else if (name.equals(TYPE)) {
+						rs.setType(reader.nextString());
+					} else if (name.equals(URI)) {
+						rs.setUri(reader.nextString());
+					} else if (name.equals(OWNER)) {
+						rs.setOwner(reader.nextString());
+					} else if (name.equals(POLICIES)) {
+						Set<Policy> policies = new HashSet<>();
+						reader.beginArray();
+						while (reader.hasNext()) {
+							Policy p = new Policy();
+							reader.beginObject();
+							while (reader.hasNext()) {
+								switch (reader.peek()) {
+								case END_OBJECT:
+									continue;
+								case NAME:
+									String pname = reader.nextName();
+									if (reader.peek() == JsonToken.NULL) {
+										reader.skipValue();
+									} else if (pname.equals(NAME)) {
+										p.setName(reader.nextString());
+									} else if (pname.equals(SCOPES)) {
+										p.setScopes(readSet(reader));
+									} else if (pname.equals(CLAIMS_REQUIRED)) {
+										Set<Claim> claimsRequired = new HashSet<>();
+										reader.beginArray();
+										while (reader.hasNext()) {
+											Claim c = new Claim();
+											reader.beginObject();
+											while (reader.hasNext()) {
+												switch (reader.peek()) {
+												case END_OBJECT:
+													continue;
+												case NAME:
+													String cname = reader.nextName();
+													if (reader.peek() == JsonToken.NULL) {
+														reader.skipValue();
+													} else if (cname.equals(ISSUER)) {
+														c.setIssuer(readSet(reader));
+													} else if (cname.equals(CLAIM_TOKEN_FORMAT)) {
+														c.setClaimTokenFormat(readSet(reader));
+													} else if (cname.equals(CLAIM_TYPE)) {
+														c.setClaimType(reader.nextString());
+													} else if (cname.equals(FRIENDLY_NAME)) {
+														c.setFriendlyName(reader.nextString());
+													} else if (cname.equals(NAME)) {
+														c.setName(reader.nextString());
+													} else if (cname.equals(VALUE)) {
+														JsonElement e = parser.parse(reader.nextString());
+														c.setValue(e);
+													} else {
+														logger.debug("Found unexpected entry");
+														reader.skipValue();
+													}
+													break;
+												default:
+													logger.debug("Found unexpected entry");
+													reader.skipValue();
+													continue;
+												}
+											}
+											reader.endObject();
+											claimsRequired.add(c);
+										}
+										reader.endArray();
+										p.setClaimsRequired(claimsRequired);
+									} else {
+										logger.debug("Found unexpected entry");
+										reader.skipValue();
+									}
+									break;
+								default:
+									logger.debug("Found unexpected entry");
+									reader.skipValue();
+									continue;
+								}
+							}
+							reader.endObject();
+							policies.add(p);
+						}
+						reader.endArray();
+						rs.setPolicies(policies);
+					} else if (name.equals(SCOPES)) {
+						rs.setScopes(readSet(reader));
+					} else {
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+					}
+					break;
+				default:
+					logger.debug("Found unexpected entry");
+					reader.skipValue();
+					continue;
+				}
+			}
+			reader.endObject();
+			Long newId = resourceSetRepository.save(rs).getId();
+			resourceSetOldToNewIdMap.put(oldId, newId);
+		}
+		reader.endArray();
+		logger.info("Done reading resource sets");
+	}
+
+	/**
+	 * @param reader
+	 */
+	private void readSavedRegisteredClients(JsonReader reader) throws IOException{
+		reader.beginArray();
+		while (reader.hasNext()) {
+			String issuer = null;
+			String clientString = null;
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+				case END_OBJECT:
+					continue;
+				case NAME:
+					String name = reader.nextName();
+					if (reader.peek() == JsonToken.NULL) {
+						reader.skipValue();
+					} else if (name.equals(ISSUER)) {
+						issuer = reader.nextString();
+					} else if (name.equals(REGISTERED_CLIENT)) {
+						clientString = reader.nextString();
+					} else {
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+					}
+					break;
+				default:
+					logger.debug("Found unexpected entry");
+					reader.skipValue();
+					continue;
+				}
+			}
+			reader.endObject();
+			RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(clientString);
+			registeredClientService.save(issuer, client);
+			logger.debug("Saved registered client");
+		}
+		reader.endArray();
+		logger.info("Done reading saved registered clients");
+	}
+
+	private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
+	private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
+	private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
 	/**
 	 * @param reader
 	 * @throws IOException
@@ -851,6 +1142,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 	private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
 	private Map<Long, Long> accessTokenToIdTokenRefs = new HashMap<Long, Long>();
 	private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
+	private Map<Long, Long> permissionToResourceRefs = new HashMap<>();
 
 	/**
 	 * @param reader
@@ -870,6 +1162,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 			Long authHolderId = null;
 			Long refreshTokenId = null;
 			Long idTokenId = null;
+			Set<Permission> permissions = new HashSet<>();
 			while (reader.hasNext()) {
 				switch (reader.peek()) {
 				case END_OBJECT:
@@ -902,6 +1195,43 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 					} else if (name.equals(SCOPE)) {
 						Set<String> scope = readSet(reader);
 						token.setScope(scope);
+					} else if (name.equals(PERMISSIONS)) {
+						reader.beginArray();
+						while (reader.hasNext()) {
+							Permission p = new Permission();
+							Long rsid = null;
+							Set<String> scope = new HashSet<>();
+							reader.beginObject();
+							while (reader.hasNext()) {
+								switch (reader.peek()) {
+								case END_OBJECT:
+									continue;
+								case NAME:
+									String pname = reader.nextName();
+									if (reader.peek() == JsonToken.NULL) {
+										reader.skipValue();
+									} else if (pname.equals(RESOURCE_SET)) {
+										rsid = reader.nextLong();
+									} else if (pname.equals(SCOPES)) {
+										scope = readSet(reader);
+									} else {
+										logger.debug("Found unexpected entry");
+										reader.skipValue();
+									}
+									break;
+								default:
+									logger.debug("Found unexpected entry");
+									reader.skipValue();
+									continue;
+								}
+							}
+							p.setScopes(scope);
+							Permission saved = permissionRepository.saveRawPermission(p);
+							permissionToResourceRefs.put(saved.getId(), rsid);
+							permissions.add(saved);
+						}
+						reader.endArray();
+						token.setPermissions(permissions);
 					} else if (name.equals(TYPE)) {
 						token.setTokenType(reader.nextString());
 					} else {
@@ -931,6 +1261,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 		reader.endArray();
 		logger.info("Done reading access tokens");
 	}
+	
+	
 	private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
 
 	/**
@@ -1046,8 +1378,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 		return savedUserAuth;
 	}
 
-	Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
+	private Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
-	Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
+	private Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
 
 	/**
 	 * @param reader
@@ -1110,7 +1442,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 		reader.endArray();
 		logger.info("Done reading grants");
 	}
-	Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
+	
+	private Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
 
 	/**
 	 * @param reader
@@ -1467,6 +1800,17 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 		}
 		accessTokenOldToNewIdMap.clear();
 		grantOldToNewIdMap.clear();
+		for (Long permissionId : permissionToResourceRefs.keySet()) {
+			Long oldResourceId = permissionToResourceRefs.get(permissionId);
+			Long newResourceId = resourceSetOldToNewIdMap.get(oldResourceId);
+			Permission p = permissionRepository.getById(permissionId);
+			ResourceSet rs = resourceSetRepository.getById(newResourceId);
+			p.setResourceSet(rs);
+			permissionRepository.saveRawPermission(p);
+		}
+		permissionToResourceRefs.clear();
+		resourceSetOldToNewIdMap.clear();
+		
 		logger.info("Done fixing object references.");
 	}
 	

uma-server/src/main/java/org/mitre/uma/repository/impl/JpaPermissionRepository.java

@@ -23,6 +23,7 @@ import javax.persistence.EntityManager;
 import javax.persistence.PersistenceContext;
 import javax.persistence.TypedQuery;
 
+import org.mitre.uma.model.Permission;
 import org.mitre.uma.model.PermissionTicket;
 import org.mitre.uma.repository.PermissionRepository;
 import org.mitre.util.jpa.JpaUtil;
@@ -64,4 +65,20 @@ public class JpaPermissionRepository implements PermissionRepository {
 		return query.getResultList();
 	}
 
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#saveRawPermission(org.mitre.uma.model.Permission)
+	 */
+	@Override
+	public Permission saveRawPermission(Permission p) {
+		return JpaUtil.saveOrUpdate(p.getId(), em, p);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#getById(java.lang.Long)
+	 */
+	@Override
+	public Permission getById(Long permissionId) {
+		return em.find(Permission.class, permissionId);
+	}
+
 }

uma-server/src/main/java/org/mitre/uma/service/impl/DefaultPermissionService.java

@@ -18,7 +18,6 @@
 package org.mitre.uma.service.impl;
 
 import java.sql.Date;
-import java.util.Collection;
 import java.util.Set;
 import java.util.UUID;
 
@@ -93,14 +92,6 @@ public class DefaultPermissionService implements PermissionService {
 		
 	}
 
-	/* (non-Javadoc)
-	 * @see org.mitre.uma.service.PermissionService#getAll()
-	 */
-	@Override
-	public Collection<PermissionTicket> getAll() {
-		return repository.getAll();
-	}
-
 	
 	
 }

uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java

@@ -116,12 +116,4 @@ public class DefaultResourceSetService implements ResourceSetService {
 		return true;
 	}
 	
-	/* (non-Javadoc)
-	 * @see org.mitre.uma.service.ResourceSetService#getAll()
-	 */
-	@Override
-	public Collection<ResourceSet> getAll() {
-		return repository.getAll();
-	}
-	
 }