Replace EDIT_VC occurrences with CREATE_VC, and removed it.

Change-Id: If3b04dfc9dac4c12c3ac8d5a29ae863b6337372c

Changes

@@ -24,6 +24,7 @@
 - Removed user-privileges from user-group list response.
 - Added role names to user-group list
 - Added not-timeExceeded to the totalResult constraints.
+- Replace EDIT_VC occurrences with CREATE_VC, and removed it.
 
 
 # version 0.74.1-SNAPSHOT

src/main/java/de/ids_mannheim/korap/constant/OAuth2Scope.java

@@ -27,7 +27,7 @@ public enum OAuth2Scope {
 
     ADD_USER_GROUP_MEMBER_ROLE, DELETE_USER_GROUP_MEMBER_ROLE,
 
-    CREATE_VC, VC_INFO, EDIT_VC, DELETE_VC,
+    CREATE_VC, VC_INFO, DELETE_VC,
 
     SHARE_VC, DELETE_VC_ACCESS, VC_ACCESS_INFO,
 

src/main/java/de/ids_mannheim/korap/web/controller/QueryReferenceController.java

@@ -91,7 +91,7 @@ public Response createQuery (@Context SecurityContext securityContext,
                 .getUserPrincipal();
 
         try {
-            scopeService.verifyScope(context, OAuth2Scope.EDIT_VC);
+            scopeService.verifyScope(context, OAuth2Scope.CREATE_VC);
             ParameterChecker.checkObjectValue(query, "request entity");
             if (query.getQueryType() == null) {
                 query.setQueryType(QueryType.QUERY);

src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java

@@ -108,7 +108,7 @@ public Response createUpdateVC (@Context SecurityContext securityContext,
                 .getUserPrincipal();
 
         try {
-            scopeService.verifyScope(context, OAuth2Scope.EDIT_VC);
+            scopeService.verifyScope(context, OAuth2Scope.CREATE_VC);
             ParameterChecker.checkObjectValue(vc, "request entity");
             if (vc.getQueryType() == null) {
                 vc.setQueryType(QueryType.VIRTUAL_CORPUS);
@@ -375,7 +375,8 @@ public Response deleteRoleByGroupAndQuery (
         return Response.ok().build();
     }
 
-    /**
+    /** DEPRECATED **
+     * 
      * Only VCA Admins and system admins are allowed to delete a
      * VC-access.
      * 
@@ -398,8 +399,10 @@ public Response deleteAccessById (
                 + "in API v1.1."));
     }
 
-    /**
-     * Lists all member roles in a group.
+    /** This service may not be necessary thus it is hidden in the wiki.
+     * 
+     * Lists member roles in a group. It can be filtered by query, so only query
+     * related roles should be listed.
      * 
      * Only available to group and system admins.
      * 

src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java

@@ -493,7 +493,7 @@ protected String createExpiredAccessToken () throws KustvaktException {
         ZonedDateTime now = ZonedDateTime
                 .now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
         Set<AccessScope> scopes = new HashSet<>();
-        scopes.add(new AccessScope(OAuth2Scope.EDIT_VC));
+        scopes.add(new AccessScope(OAuth2Scope.CREATE_VC));
 
         AccessToken accessToken = new AccessToken();
         accessToken.setCreatedDate(now.minusSeconds(5));

src/test/java/de/ids_mannheim/korap/web/controller/vc/VirtualCorpusClientTest.java

@@ -27,7 +27,7 @@ public void testVC_withClient () throws KustvaktException {
         String userAuthHeader = HttpAuthorizationHandler
                 .createBasicAuthorizationHeaderValue(username, "password");
         response = requestAuthorizationCode("code", clientId, clientRedirectUri,
-                "create_vc vc_info delete_vc edit_vc", "myState",
+                "create_vc vc_info delete_vc create_vc", "myState",
                 userAuthHeader);
         String code = parseAuthorizationCode(response);
         response = requestTokenWithAuthorizationCodeAndForm(clientId,