public void logIfNeeded(boolean granted, AccessControlEntry ace) { Assert.notNull(ace, "AccessControlEntry required"); if (ace instanceof AuditableAccessControlEntry) { AuditableAccessControlEntry auditableAce = (AuditableAccessControlEntry) ace; if (granted && auditableAce.isAuditSuccess()) { System.out.println("GRANTED due to ACE: " + ace); } else if (!granted && auditableAce.isAuditFailure()) { System.out.println("DENIED due to ACE: " + ace); } } } }
@Test public void successIsLoggedIfAceRequiresSuccessAudit() throws Exception { when(ace.isAuditSuccess()).thenReturn(true); logger.logIfNeeded(true, ace); assertThat(bytes.toString()).startsWith("GRANTED due to ACE"); }
@Test public void failureIsLoggedIfAceRequiresFailureAudit() throws Exception { when(ace.isAuditFailure()).thenReturn(true); logger.logIfNeeded(false, ace); assertThat(bytes.toString()).startsWith("DENIED due to ACE"); } }
@Test public void successIsNotLoggedIfAceDoesntRequireSuccessAudit() throws Exception { when(ace.isAuditSuccess()).thenReturn(false); logger.logIfNeeded(true, ace); assertThat(bytes.size()).isZero(); }
@Test public void failureIsntLoggedIfAceDoesntRequireFailureAudit() throws Exception { when(ace.isAuditFailure()).thenReturn(false); logger.logIfNeeded(false, ace); assertThat(bytes.size()).isZero(); }
@Test public void testAccessControlEntryImplGetters() { Acl mockAcl = mock(Acl.class); Sid sid = new PrincipalSid("johndoe"); // Create a sample entry AccessControlEntry ace = new AccessControlEntryImpl(Long.valueOf(1), mockAcl, sid, BasePermission.ADMINISTRATION, true, true, true); // and check every get() method assertThat(ace.getId()).isEqualTo(new Long(1)); assertThat(ace.getAcl()).isEqualTo(mockAcl); assertThat(ace.getSid()).isEqualTo(sid); assertThat(ace.isGranting()).isTrue(); assertThat(ace.getPermission()).isEqualTo(BasePermission.ADMINISTRATION); assertThat(((AuditableAccessControlEntry) ace).isAuditFailure()).isTrue(); assertThat(((AuditableAccessControlEntry) ace).isAuditSuccess()).isTrue(); }
@SuppressWarnings("unchecked") public MutableAcl updateAcl(MutableAcl acl) throws NotFoundException { List<AccessControlEntry> oldAces = acl.getEntries(); Field acesField = FieldUtils.getField(AclImpl.class, "aces"); acesField.setAccessible(true); List newAces; try { newAces = (List) acesField.get(acl); newAces.clear(); for (int i = 0; i < oldAces.size(); i++) { AccessControlEntry ac = oldAces.get(i); // Just give an ID to all this acl's aces, rest of the fields are just // copied newAces.add(new AccessControlEntryImpl((i + 1), ac.getAcl(), ac .getSid(), ac.getPermission(), ac.isGranting(), ((AuditableAccessControlEntry) ac).isAuditSuccess(), ((AuditableAccessControlEntry) ac).isAuditFailure())); } } catch (IllegalAccessException e) { e.printStackTrace(); } return acl; }
assertThat(topParent.getEntries().get(0).getPermission()).isEqualTo(BasePermission.READ); assertThat(topParent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben")); assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure()).isFalse(); assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess()).isFalse(); assertThat((topParent.getEntries().get(0)).isGranting()).isTrue(); assertThat(topParent.getEntries().get(1).getPermission()).isEqualTo(BasePermission.WRITE); assertThat(topParent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("ben")); assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure()).isFalse(); assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditSuccess()).isFalse(); assertThat(topParent.getEntries().get(1).isGranting()).isFalse(); assertThat(middleParent.getEntries().get(0).getPermission()).isEqualTo(BasePermission.DELETE); assertThat(middleParent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben")); assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure()).isFalse(); assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditSuccess()).isFalse(); assertThat(middleParent.getEntries().get(0).isGranting()).isTrue(); assertThat(child.getEntries().get(0).getPermission()).isEqualTo(BasePermission.DELETE); assertThat(new PrincipalSid("ben")).isEqualTo(child.getEntries().get(0).getSid()); assertThat(((AuditableAccessControlEntry) child.getEntries().get(0)).isAuditFailure()).isFalse(); assertThat(((AuditableAccessControlEntry) child.getEntries().get(0)).isAuditSuccess()).isFalse(); assertThat((child.getEntries().get(0)).isGranting()).isFalse();
.isAuditFailure()) .isFalse(); assertThat(((AuditableAccessControlEntry) acl.getEntries().get(1)) .isAuditFailure()) .isFalse(); assertThat(((AuditableAccessControlEntry) acl.getEntries().get(0)) .isAuditSuccess()) .isFalse(); assertThat(((AuditableAccessControlEntry) acl.getEntries().get(1)) .isAuditSuccess()) .isFalse();
@Override public void logIfNeeded(final boolean granted, final AccessControlEntry ace) { if ((ace != null) && (ace instanceof AuditableAccessControlEntry)) { final AuditableAccessControlEntry auditableAce = (AuditableAccessControlEntry) ace; if (granted && auditableAce.isAuditSuccess()) { LOG.debug("GRANTED due to ACE: " + ace); } else if (!granted && auditableAce.isAuditFailure()) { LOG.debug("DENIED due to ACE: " + ace); } } } }
public void logIfNeeded(boolean granted, AccessControlEntry ace) { Assert.notNull(ace, "AccessControlEntry required"); if (ace instanceof AuditableAccessControlEntry) { AuditableAccessControlEntry auditableAce = (AuditableAccessControlEntry) ace; if (granted && auditableAce.isAuditSuccess()) { System.out.println("GRANTED due to ACE: " + ace); } else if (!granted && auditableAce.isAuditFailure()) { System.out.println("DENIED due to ACE: " + ace); } } } }
/** * copy field values from specified entity * @param entry * @return */ public T from(AccessControlEntry entry) { this.id = StringUtils.valueOf(entry.getId()); this.sid = TenantSid.from(entry.getSid()); this.granting = entry.isGranting(); this.permission = PermissionData.from(entry.getPermission()); if(entry instanceof AuditableAccessControlEntry) { AuditableAccessControlEntry ae = (AuditableAccessControlEntry) entry; this.auditFailure = ae.isAuditFailure(); this.auditSuccess = ae.isAuditSuccess(); } return thiz(); }
public Builder from(AccessControlEntry entry) { setId((Long) entry.getId()); setPermission(entry.getPermission()); setSid(entry.getSid()); setGranting(entry.isGranting()); if(entry instanceof AuditableAccessControlEntry) { AuditableAccessControlEntry aace = (AuditableAccessControlEntry) entry; setAuditFailure(aace.isAuditFailure()); setAuditSuccess(aace.isAuditSuccess()); } return this; }