Examples with NamespaceAuthorization org.finra.herd.model.api.xml.NamespaceAuthorization used on opensource projects

Search in sources :

Example 16 with NamespaceAuthorization

use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertNoExceptionWhenHasPermissionsNamespaceIgnoreCase.

@Test
public void checkPermissionAssertNoExceptionWhenHasPermissionsNamespaceIgnoreCase() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    // user has permission to capital "FOO" and needs permission to lowercase "foo"
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("FOO", Arrays.asList(NamespacePermissionEnum.READ)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
    } catch (AccessDeniedException e) {
        fail();
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 17 with NamespaceAuthorization

use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertAccessDeniedWhenCurrentUserHasNoAnyRequiredPermissions.

@Test
public void checkPermissionAssertAccessDeniedWhenCurrentUserHasNoAnyRequiredPermissions() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethodMultiplePermissions", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", Arrays.asList(NamespacePermissionEnum.WRITE_DESCRIPTIVE_CONTENT)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
        fail();
    } catch (Exception e) {
        assertEquals(AccessDeniedException.class, e.getClass());
        assertEquals(String.format("User \"%s\" does not have \"[READ OR WRITE]\" permission(s) to the namespace \"foo\"", userId), e.getMessage());
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 18 with NamespaceAuthorization

use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertNoErrorWhenUserHasMultiplePermissions.

@Test
public void checkPermissionAssertNoErrorWhenUserHasMultiplePermissions() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getMethod()).thenReturn(method);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", Arrays.asList(NamespacePermissionEnum.READ, NamespacePermissionEnum.WRITE)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
    } catch (AccessDeniedException e) {
        fail();
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 19 with NamespaceAuthorization

use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.

the class HttpHeaderAuthenticationFilterTest method testHttpHeaderAuthenticationFilterUserAuthorizationDisabled.

@Test
public void testHttpHeaderAuthenticationFilterUserAuthorizationDisabled() throws Exception {
    // Create and persist the relative database entities.
    userDaoTestHelper.createUserEntity(USER_ID, true);
    namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE);
    namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE_2);
    // Create an ordered set of expected namespace authorizations.
    Set<NamespaceAuthorization> expectedNamespaceAuthorizations = new HashSet<>();
    expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE, SUPPORTED_NAMESPACE_PERMISSIONS));
    expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS));
    setupTestFunctions("testRole");
    Map<String, Object> overrideMap = getDefaultSecurityEnvironmentVariables();
    overrideMap.put(ConfigurationValue.USER_NAMESPACE_AUTHORIZATION_ENABLED.getKey(), "false");
    modifyPropertySourceInEnvironment(overrideMap);
    try {
        MockHttpServletRequest request = getRequestWithHeaders(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09");
        // Invalidate user session if exists.
        invalidateApplicationUser(request);
        httpHeaderAuthenticationFilter.init(new MockFilterConfig());
        httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
        validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
        // retry with same request.
        httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
        validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
    } finally {
        restorePropertySourceInEnvironment();
    }
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HashSet(java.util.HashSet) MockFilterConfig(org.springframework.mock.web.MockFilterConfig) Test(org.junit.Test) AbstractAppTest(org.finra.herd.app.AbstractAppTest)

Example 20 with NamespaceAuthorization

use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.

the class HttpHeaderAuthenticationFilterTest method testHttpHeaderAuthenticationFilterRegularUser.

@Test
public void testHttpHeaderAuthenticationFilterRegularUser() throws Exception {
    // Create and persist the relative database entities.
    namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE);
    userNamespaceAuthorizationDaoTestHelper.createUserNamespaceAuthorizationEntity(USER_ID, namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE_2), SUPPORTED_NAMESPACE_PERMISSIONS);
    userNamespaceAuthorizationDaoTestHelper.createUserNamespaceAuthorizationEntity(USER_ID, namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE_3), SUPPORTED_NAMESPACE_PERMISSIONS);
    // Create an ordered set of expected namespace authorizations.
    Set<NamespaceAuthorization> expectedNamespaceAuthorizations = new HashSet<>();
    expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS));
    expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_3, SUPPORTED_NAMESPACE_PERMISSIONS));
    setupTestFunctions("testRole");
    modifyPropertySourceInEnvironment(getDefaultSecurityEnvironmentVariables());
    try {
        MockHttpServletRequest request = getRequestWithHeaders(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09");
        // Invalidate user session if exists.
        invalidateApplicationUser(request);
        httpHeaderAuthenticationFilter.init(new MockFilterConfig());
        httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
        validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
        // retry with same request.
        httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
        validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
    } finally {
        restorePropertySourceInEnvironment();
    }
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HashSet(java.util.HashSet) MockFilterConfig(org.springframework.mock.web.MockFilterConfig) Test(org.junit.Test) AbstractAppTest(org.finra.herd.app.AbstractAppTest)

Aggregations

NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)33 Test (org.junit.Test)29 ApplicationUser (org.finra.herd.model.dto.ApplicationUser)25 SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)22 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)20 AccessDeniedException (org.springframework.security.access.AccessDeniedException)17 Method (java.lang.reflect.Method)14 JoinPoint (org.aspectj.lang.JoinPoint)14 MethodSignature (org.aspectj.lang.reflect.MethodSignature)14 AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)14 LinkedHashSet (java.util.LinkedHashSet)7 ArrayList (java.util.ArrayList)5 HashSet (java.util.HashSet)5 AbstractAppTest (org.finra.herd.app.AbstractAppTest)5 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5 MockFilterChain (org.springframework.mock.web.MockFilterChain)4 MockFilterConfig (org.springframework.mock.web.MockFilterConfig)4 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4 Job (org.finra.herd.model.api.xml.Job)3 UserAuthorizations (org.finra.herd.model.api.xml.UserAuthorizations)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial