public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public static Authorization createMockGlobalAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_GLOBAL); when(mockAuthorization.getUserId()).thenReturn(Authorization.ANY); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_GRANT_PERMISSION_VALUES); return mockAuthorization; }
public static Authorization createMockGrantAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_GRANT); when(mockAuthorization.getUserId()).thenReturn(EXAMPLE_USER_ID); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_GRANT_PERMISSION_VALUES); return mockAuthorization; }
public static Authorization createMockRevokeAuthorization() { Authorization mockAuthorization = mock(Authorization.class); when(mockAuthorization.getId()).thenReturn(EXAMPLE_AUTHORIZATION_ID); when(mockAuthorization.getAuthorizationType()).thenReturn(Authorization.AUTH_TYPE_REVOKE); when(mockAuthorization.getUserId()).thenReturn(EXAMPLE_USER_ID); when(mockAuthorization.getResourceType()).thenReturn(EXAMPLE_RESOURCE_TYPE_ID); when(mockAuthorization.getResourceId()).thenReturn(EXAMPLE_RESOURCE_ID); when(mockAuthorization.getPermissions(Permissions.values())).thenReturn(EXAMPLE_REVOKE_PERMISSION_VALUES); return mockAuthorization; }
@Test public void testCreateGrantAuthorization() { Authorization authorization = MockProvider.createMockGrantAuthorization(); when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization); when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization); AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(authorization); AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization); given() .body(dto).contentType(ContentType.JSON) .then().expect() .statusCode(Status.OK.getStatusCode()) .when() .post(AUTH_CREATE_PATH); verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_GRANT); verify(authorization, times(2)).setUserId(authorization.getUserId()); verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType()); verify(authorization, times(2)).setResourceId(authorization.getResourceId()); verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values())); verify(authorizationServiceMock).saveAuthorization(authorization); }
@Test public void testCreateRevokeAuthorization() { Authorization authorization = MockProvider.createMockRevokeAuthorization(); when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_REVOKE)).thenReturn(authorization); when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization); AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(authorization); AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization); given() .body(dto).contentType(ContentType.JSON) .then().expect() .statusCode(Status.OK.getStatusCode()) .when() .post(AUTH_CREATE_PATH); verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_REVOKE); verify(authorization, times(2)).setUserId(authorization.getUserId()); verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType()); verify(authorization, times(2)).setResourceId(authorization.getResourceId()); verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values())); verify(authorizationServiceMock).saveAuthorization(authorization); }
@Test public void testCreateGlobalAuthorization() { Authorization authorization = MockProvider.createMockGlobalAuthorization(); when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL)).thenReturn(authorization); when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization); AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(authorization); AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization); given() .body(dto).contentType(ContentType.JSON) .then().expect() .statusCode(Status.OK.getStatusCode()) .when() .post(AUTH_CREATE_PATH); verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL); verify(authorization).setUserId(Authorization.ANY); verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType()); verify(authorization, times(2)).setResourceId(authorization.getResourceId()); verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values())); verify(authorizationServiceMock).saveAuthorization(authorization); }
@Test public void testGetAuthorizationById() { Authorization authorization = MockProvider.createMockGlobalAuthorization(); AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class); when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery); when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery); when(authorizationQuery.singleResult()).thenReturn(authorization); given() .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID) .then().expect() .statusCode(Status.OK.getStatusCode()).contentType(ContentType.JSON) .body("id", equalTo(authorization.getId())) .body("type", equalTo(authorization.getAuthorizationType())) .body("permissions[0]", equalTo(Permissions.READ.getName())) .body("permissions[1]", equalTo(Permissions.UPDATE.getName())) .body("userId", equalTo(authorization.getUserId())) .body("groupId", equalTo(authorization.getGroupId())) .body("resourceType", equalTo(authorization.getResourceType())) .body("resourceId", equalTo(authorization.getResourceId())) .when() .get(AUTH_RESOURCE_PATH); }
public static AuthorizationDto fromAuthorization(Authorization dbAuthorization) { AuthorizationDto authorizationDto = new AuthorizationDto(); authorizationDto.setId(dbAuthorization.getId()); authorizationDto.setType(dbAuthorization.getAuthorizationType()); Permission[] dbPermissions = getPermissions(dbAuthorization); authorizationDto.setPermissions(PermissionConverter.getNamesForPermissions(dbAuthorization, dbPermissions)); authorizationDto.setUserId(dbAuthorization.getUserId()); authorizationDto.setGroupId(dbAuthorization.getGroupId()); authorizationDto.setResourceType(dbAuthorization.getResourceType()); authorizationDto.setResourceId(dbAuthorization.getResourceId()); return authorizationDto; }
public static AuthorizationDto fromAuthorization(Authorization dbAuthorization) { AuthorizationDto authorizationDto = new AuthorizationDto(); authorizationDto.setId(dbAuthorization.getId()); authorizationDto.setType(dbAuthorization.getAuthorizationType()); Permission[] dbPermissions = getPermissions(dbAuthorization); authorizationDto.setPermissions(PermissionConverter.getNamesForPermissions(dbAuthorization, dbPermissions)); authorizationDto.setUserId(dbAuthorization.getUserId()); authorizationDto.setGroupId(dbAuthorization.getGroupId()); authorizationDto.setResourceType(dbAuthorization.getResourceType()); authorizationDto.setResourceId(dbAuthorization.getResourceId()); return authorizationDto; }
@Test public void testSimpleAuthorizationQuery() { List<Authorization> mockAuthorizations = MockProvider.createMockGlobalAuthorizations(); AuthorizationQuery mockQuery = setUpMockQuery(mockAuthorizations); Response response = given().queryParam("type", Authorization.AUTH_TYPE_GLOBAL) .then().expect().statusCode(Status.OK.getStatusCode()) .when().get(SERVICE_PATH); InOrder inOrder = inOrder(mockQuery); inOrder.verify(mockQuery).authorizationType(Authorization.AUTH_TYPE_GLOBAL); inOrder.verify(mockQuery).list(); String content = response.asString(); List<String> instances = from(content).getList(""); Assert.assertEquals("There should be one authorization returned.", 1, instances.size()); Assert.assertNotNull("The returned authorization should not be null.", instances.get(0)); Authorization mockAuthorization = mockAuthorizations.get(0); Assert.assertEquals(mockAuthorization.getId(), from(content).getString("[0].id")); Assert.assertEquals(mockAuthorization.getAuthorizationType(), from(content).getInt("[0].type")); Assert.assertEquals(Permissions.READ.getName(), from(content).getString("[0].permissions[0]")); Assert.assertEquals(Permissions.UPDATE.getName(), from(content).getString("[0].permissions[1]")); Assert.assertEquals(mockAuthorization.getUserId(), from(content).getString("[0].userId")); Assert.assertEquals(mockAuthorization.getGroupId(), from(content).getString("[0].groupId")); Assert.assertEquals(mockAuthorization.getResourceType(), from(content).getInt("[0].resourceType")); Assert.assertEquals(mockAuthorization.getResourceId(), from(content).getString("[0].resourceId")); }
public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public void testCreateUser() { // initially there are no authorizations for jonny2: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); // create new user identityService.saveUser(identityService.newUser("jonny2")); // now there is an authorization for jonny2 which grants him ALL permissions on himself Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(USER.resourceType(), authorization.getResourceType()); assertEquals("jonny2", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(ALL)); // delete the user identityService.deleteUser("jonny2"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); }
public void testCreateGroup() { // initially there are no authorizations for group "sales": assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); // create new group identityService.saveGroup(identityService.newGroup("sales")); // now there is an authorization for sales which grants all members READ permissions Authorization authorization = authorizationService.createAuthorizationQuery().groupIdIn("sales").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(GROUP.resourceType(), authorization.getResourceType()); assertEquals("sales", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); // delete the group identityService.deleteGroup("sales"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); }
public static AuthorizationDto fromAuthorization(Authorization dbAuthorization) { AuthorizationDto authorizationDto = new AuthorizationDto(); authorizationDto.setId(dbAuthorization.getId()); authorizationDto.setType(dbAuthorization.getAuthorizationType()); Permission[] dbPermissions = dbAuthorization.getPermissions(Permissions.values()); authorizationDto.setPermissions(PermissionConverter.getNamesForPermissions(dbAuthorization, dbPermissions)); authorizationDto.setUserId(dbAuthorization.getUserId()); authorizationDto.setGroupId(dbAuthorization.getGroupId()); authorizationDto.setResourceType(dbAuthorization.getResourceType()); authorizationDto.setResourceId(dbAuthorization.getResourceId()); return authorizationDto; }
public void testCreateUser() { // initially there are no authorizations for jonny2: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); // create new user identityService.saveUser(identityService.newUser("jonny2")); // now there is an authorization for jonny2 which grants him ALL permissions on himself Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(USER.resourceType(), authorization.getResourceType()); assertEquals("jonny2", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(ALL)); // delete the user identityService.deleteUser("jonny2"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); }
public void testCreateGroup() { // initially there are no authorizations for group "sales": assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); // create new group identityService.saveGroup(identityService.newGroup("sales")); // now there is an authorization for sales which grants all members READ permissions Authorization authorization = authorizationService.createAuthorizationQuery().groupIdIn("sales").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(GROUP.resourceType(), authorization.getResourceType()); assertEquals("sales", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); // delete the group identityService.deleteGroup("sales"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); }