Examples with IdmAuthorizationPolicyDto eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto used on opensource projects

Search in sources :

Example 11 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectForbiddenTest.

/**
 * We do not create relation Identity account ... we must not have the
 * permissions on the account
 */
@Test(expected = ForbiddenEntityException.class)
public void getConnectorObjectForbiddenTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    Assert.assertNotNull(system);
    IdmIdentityDto identity = helper.createIdentity();
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    Assert.assertNotNull(connectorObject.getAttributeByName(eavAttributeName));
    Assert.assertEquals(userOneName, connectorObject.getAttributeByName(eavAttributeName).getValue());
}
Also used : LocalDateTime(org.joda.time.LocalDateTime) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 12 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultAuthorizationManagerIntegrationTest method testFindValidPoliciesWithInvalidIdentityContractByDisabled.

@Test
public void testFindValidPoliciesWithInvalidIdentityContractByDisabled() {
    try {
        loginAsAdmin(InitTestData.TEST_USER_1);
        // prepare role
        IdmRoleDto role = helper.createRole();
        IdmRoleDto role2 = helper.createRole();
        helper.createUuidPolicy(role.getId(), role.getId(), IdmBasePermission.READ);
        helper.createBasePolicy(role2.getId(), IdmBasePermission.AUTOCOMPLETE);
        // prepare identity
        IdmIdentityDto identity = helper.createIdentity();
        // assign role
        helper.createIdentityRole(identity, role);
        IdmIdentityContractDto contract = helper.createIdentityContact(identity);
        contract.setState(ContractState.DISABLED);
        identityContractService.save(contract);
        helper.createIdentityRole(contract, role2);
        // 
        List<IdmAuthorizationPolicyDto> policies = service.getEnabledPolicies(identity.getId(), IdmRole.class);
        assertEquals(1, policies.size());
        assertEquals(role.getId(), policies.get(0).getRole());
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 13 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultAuthorizationManagerIntegrationTest method testFindValidPoliciesWithInvalidIdentityRole.

@Test
@Transactional
public void testFindValidPoliciesWithInvalidIdentityRole() {
    try {
        loginAsAdmin(InitTestData.TEST_USER_1);
        // prepare role
        IdmRoleDto role = helper.createRole();
        IdmRoleDto role2 = helper.createRole();
        helper.createUuidPolicy(role.getId(), role.getId(), IdmBasePermission.READ);
        helper.createBasePolicy(role2.getId(), IdmBasePermission.AUTOCOMPLETE);
        // prepare identity
        IdmIdentityDto identity = helper.createIdentity();
        // assign role
        helper.createIdentityRole(identity, role);
        IdmIdentityRoleDto assignedRole = helper.createIdentityRole(identity, role2);
        assignedRole.setValidFrom(new LocalDate().plusDays(1));
        identityRoleService.save(assignedRole);
        // 
        List<IdmAuthorizationPolicyDto> policies = service.getEnabledPolicies(identity.getId(), IdmRole.class);
        assertEquals(1, policies.size());
        assertEquals(role.getId(), policies.get(0).getRole());
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) LocalDate(org.joda.time.LocalDate) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 14 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultAuthorizationManagerUnitTest method init.

@Before
public void init() {
    manager = new DefaultAuthorizationManager(context, service, securityService, moduleService);
    // 
    enabledPolicies = new ArrayList<>();
    // 
    IdmAuthorizationPolicyDto policyOne = new IdmAuthorizationPolicyDto();
    policyOne.setPermissions(IdmBasePermission.READ);
    policyOne.setEvaluator(evaluator.getClass());
    enabledPolicies.add(policyOne);
    // 
    IdmAuthorizationPolicyDto policyTwo = new IdmAuthorizationPolicyDto();
    policyTwo.setPermissions(IdmBasePermission.UPDATE);
    policyTwo.setEvaluator(evaluator.getClass());
    enabledPolicies.add(policyTwo);
}
Also used : DefaultAuthorizationManager(eu.bcvsolutions.idm.core.security.service.impl.DefaultAuthorizationManager) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) Before(org.junit.Before)

Example 15 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class BasePermissionEvaluatorUnitTest method testEvaluateReadOnly.

@Test
public void testEvaluateReadOnly() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole(uuid);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest) Test(org.junit.Test)

Aggregations

IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)41 Test (org.junit.Test)25 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)23 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)18 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)16 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)14 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)7 AccAccount (eu.bcvsolutions.idm.acc.entity.AccAccount)6 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)5 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)5 UUID (java.util.UUID)5 Transactional (org.springframework.transaction.annotation.Transactional)5 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)4 IdmConfiguration (eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)4 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)4 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)4 LocalDateTime (org.joda.time.LocalDateTime)4 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial