/** * Create an instance of {@link NamespaceAuthorization } * */ public NamespaceAuthorization createNamespaceAuthorization() { return new NamespaceAuthorization(); }
/** * Create an instance of {@link NamespaceAuthorization } * */ public NamespaceAuthorization createNamespaceAuthorization() { return new NamespaceAuthorization(); }
/** * Create an instance of {@link NamespaceAuthorization } * */ public NamespaceAuthorization createNamespaceAuthorization() { return new NamespaceAuthorization(); }
public Object createNewInstance() { return new NamespaceAuthorization(); }
public Object createNewInstance() { return new NamespaceAuthorization(); }
public Object createNewInstance() { return new NamespaceAuthorization(); }
/** * Returns a list of namespace authorizations for all namespaces registered in the system and with all permissions enabled. * * @return namespacePermissions the list of namespace authorizations */ public Set<NamespaceAuthorization> getAllNamespaceAuthorizations() { Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>(); List<NamespaceKey> namespaceKeys = namespaceDao.getNamespaces(); for (NamespaceKey namespaceKey : namespaceKeys) { NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization(); namespaceAuthorizations.add(namespaceAuthorization); namespaceAuthorization.setNamespace(namespaceKey.getNamespaceCode()); namespaceAuthorization.setNamespacePermissions(getAllNamespacePermissions()); } return namespaceAuthorizations; }
/** * Returns a list of namespace authorizations for all namespaces registered in the system and with all permissions enabled. * * @return namespacePermissions the list of namespace authorizations */ public Set<NamespaceAuthorization> getAllNamespaceAuthorizations() { Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>(); List<NamespaceKey> namespaceKeys = namespaceDao.getNamespaces(); for (NamespaceKey namespaceKey : namespaceKeys) { NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization(); namespaceAuthorizations.add(namespaceAuthorization); namespaceAuthorization.setNamespace(namespaceKey.getNamespaceCode()); namespaceAuthorization.setNamespacePermissions(getAllNamespacePermissions()); } return namespaceAuthorizations; }
@Test public void getAuthorizedNamespacesWhenUserHasNoPermissionAssertReturnEmpty() { ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser .setNamespaceAuthorizations(new HashSet<>(Arrays.asList(new NamespaceAuthorization("namespace", Arrays.asList(NamespacePermissionEnum.WRITE))))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper("username", "", true, true, true, true, Collections.emptyList(), applicationUser), null)); Set<String> authorizedNamespaces = namespaceSecurityHelper.getAuthorizedNamespaces(NamespacePermissionEnum.READ); assertEquals(0, authorizedNamespaces.size()); }
@Test public void getAuthorizedNamespacesWhenUserHasPermissionAssertReturnNamespace() { ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser .setNamespaceAuthorizations(new HashSet<>(Arrays.asList(new NamespaceAuthorization("namespace", Arrays.asList(NamespacePermissionEnum.READ))))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper("username", "", true, true, true, true, Collections.emptyList(), applicationUser), null)); Set<String> authorizedNamespaces = namespaceSecurityHelper.getAuthorizedNamespaces(NamespacePermissionEnum.READ); assertEquals(1, authorizedNamespaces.size()); assertTrue(authorizedNamespaces.contains("namespace")); }
/** * Converts the given UserNamespaceAuthorizationEntity to NamespaceAuthorization. * * @param userNamespaceAuthorizationEntity The UserNamespaceAuthorizationEntity * * @return The NamespaceAuthorization */ private NamespaceAuthorization toNamespaceAuthorization(UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity) { NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization(); namespaceAuthorization.setNamespace(userNamespaceAuthorizationEntity.getNamespace().getCode()); namespaceAuthorization.setNamespacePermissions(getNamespacePermissions(userNamespaceAuthorizationEntity)); return namespaceAuthorization; }
/** * Converts the given UserNamespaceAuthorizationEntity to NamespaceAuthorization. * * @param userNamespaceAuthorizationEntity The UserNamespaceAuthorizationEntity * * @return The NamespaceAuthorization */ private NamespaceAuthorization toNamespaceAuthorization(UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity) { NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization(); namespaceAuthorization.setNamespace(userNamespaceAuthorizationEntity.getNamespace().getCode()); namespaceAuthorization.setNamespacePermissions(getNamespacePermissions(userNamespaceAuthorizationEntity)); return namespaceAuthorization; }
@Test public void testGetCurrentUser() throws Exception { // Create a set of test namespace authorizations. Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>(); namespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE, SUPPORTED_NAMESPACE_PERMISSIONS)); namespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS)); UserAuthorizations userAuthorizations = new UserAuthorizations(); userAuthorizations.setNamespaceAuthorizations(new ArrayList(namespaceAuthorizations)); when(currentUserService.getCurrentUser()).thenReturn(userAuthorizations); // Get the current user information. UserAuthorizations resultUserAuthorizations = currentUserRestController.getCurrentUser(); // Verify the external calls. verify(currentUserService).getCurrentUser(); verifyNoMoreInteractions(currentUserService); // Validate the returned object. assertEquals(userAuthorizations, resultUserAuthorizations); } }
/** * Sets specified namespace authorizations for the current user by updating the security context. * * @param namespace the namespace * @param namespacePermissions the list of namespace permissions */ public void setCurrentUserNamespaceAuthorizations(String namespace, List<NamespacePermissionEnum> namespacePermissions) { String username = AbstractServiceTest.USER_ID; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(username); Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>(); namespaceAuthorizations.add(new NamespaceAuthorization(namespace, namespacePermissions)); applicationUser.setNamespaceAuthorizations(namespaceAuthorizations); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(username, "password", false, false, false, false, Collections.emptyList(), applicationUser), null)); }
applicationUser.setUserId(userId); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", Arrays.asList(NamespacePermissionEnum.READ))); applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("bar", Arrays.asList(NamespacePermissionEnum.WRITE))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
@Test public void checkPermissionAssertNoErrorWhenUserHasMultiplePermissions() throws Exception { // Mock a join point of the method call // mockMethod("foo"); JoinPoint joinPoint = mock(JoinPoint.class); MethodSignature methodSignature = mock(MethodSignature.class); Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class); when(methodSignature.getMethod()).thenReturn(method); when(methodSignature.getParameterNames()).thenReturn(new String[] {"namespace"}); when(joinPoint.getSignature()).thenReturn(methodSignature); when(joinPoint.getArgs()).thenReturn(new Object[] {"foo"}); String userId = "userId"; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(userId); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations() .add(new NamespaceAuthorization("foo", Arrays.asList(NamespacePermissionEnum.READ, NamespacePermissionEnum.WRITE))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null)); try { namespaceSecurityAdvice.checkPermission(joinPoint); } catch (AccessDeniedException e) { fail(); } }
@Test public void checkPermissionAssertAccessDeniedWhenCurrentUserHasNullPermissions() throws Exception { // Mock a join point of the method call // mockMethod("foo"); JoinPoint joinPoint = mock(JoinPoint.class); MethodSignature methodSignature = mock(MethodSignature.class); Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class); when(methodSignature.getParameterNames()).thenReturn(new String[] {"namespace"}); when(methodSignature.getMethod()).thenReturn(method); when(joinPoint.getSignature()).thenReturn(methodSignature); when(joinPoint.getArgs()).thenReturn(new Object[] {"foo"}); String userId = "userId"; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(userId); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", null)); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null)); try { namespaceSecurityAdvice.checkPermission(joinPoint); fail(); } catch (Exception e) { assertEquals(AccessDeniedException.class, e.getClass()); assertEquals(String.format("User \"%s\" does not have \"[READ]\" permission(s) to the namespace \"foo\"", userId), e.getMessage()); } }
@Test public void testGetJobAssertNoErrorGivenJobRunningAndUserDoesHasPermissions() throws Exception { jobDefinitionServiceTestHelper.createJobDefinition(ACTIVITI_XML_TEST_USER_TASK_WITH_CLASSPATH); Job job = jobService.createAndStartJob(jobServiceTestHelper.createJobCreateRequest(TEST_ACTIVITI_NAMESPACE_CD, TEST_ACTIVITI_JOB_NAME)); String username = "username"; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(username); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization(TEST_ACTIVITI_NAMESPACE_CD, Arrays.asList(NamespacePermissionEnum.READ))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(username, "password", false, false, false, false, Collections.emptyList(), applicationUser), null)); try { jobService.getJob(job.getId(), false); } catch (AccessDeniedException e) { fail(); } }
@Test public void testGetJobAssertNoErrorGivenJobCompletedAndUserDoesHasPermissions() throws Exception { jobDefinitionServiceTestHelper.createJobDefinition(null); Job job = jobService.createAndStartJob(jobServiceTestHelper.createJobCreateRequest(TEST_ACTIVITI_NAMESPACE_CD, TEST_ACTIVITI_JOB_NAME)); String username = "username"; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(username); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization(TEST_ACTIVITI_NAMESPACE_CD, Arrays.asList(NamespacePermissionEnum.READ))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(username, "password", false, false, false, false, Collections.emptyList(), applicationUser), null)); try { jobService.getJob(job.getId(), false); } catch (AccessDeniedException e) { fail(); } }
@Test public void testDeleteJobAssertNoErrorWhenUserHasPermissions() throws Exception { // Start a job that will wait in a receive task jobDefinitionServiceTestHelper.createJobDefinition(ACTIVITI_XML_TEST_RECEIVE_TASK_WITH_CLASSPATH); Job job = jobService.createAndStartJob(jobServiceTestHelper.createJobCreateRequest(TEST_ACTIVITI_NAMESPACE_CD, TEST_ACTIVITI_JOB_NAME)); String username = "username"; ApplicationUser applicationUser = new ApplicationUser(getClass()); applicationUser.setUserId(username); applicationUser.setNamespaceAuthorizations(new HashSet<>()); applicationUser.getNamespaceAuthorizations() .add(new NamespaceAuthorization(TEST_ACTIVITI_NAMESPACE_CD, Arrays.asList(NamespacePermissionEnum.EXECUTE))); SecurityContextHolder.getContext().setAuthentication( new TestingAuthenticationToken(new SecurityUserWrapper(username, "password", false, false, false, false, Collections.emptyList(), applicationUser), null)); try { jobService.deleteJob(job.getId(), new JobDeleteRequest("test delete reason")); } catch (AccessDeniedException e) { fail(); } }