use of org.junit.Assert.assertEquals in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testDefaultRoleSubRoles.
@Test
@Transactional
public void testDefaultRoleSubRoles() {
IdmIdentityDto identity = getHelper().createIdentity();
// create new default role with two enabled sub roles + one disabled.
IdmRoleDto defaultRole = getHelper().createRole();
IdmRoleDto subRoleOne = getHelper().createRole();
IdmRoleDto subRoleTwo = getHelper().createRole();
IdmRoleDto role = getHelper().createRole();
role.setDisabled(true);
IdmRoleDto disabledSubRole = roleService.save(role);
getHelper().createRoleComposition(defaultRole, subRoleOne);
getHelper().createRoleComposition(subRoleOne, subRoleTwo);
getHelper().createRoleComposition(defaultRole, disabledSubRole);
//
// create distinct authorization policies
IdmAuthorizationPolicyDto policyDefault = getHelper().createBasePolicy(defaultRole.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.CREATE);
IdmAuthorizationPolicyDto policyOne = getHelper().createBasePolicy(subRoleOne.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.UPDATE);
IdmAuthorizationPolicyDto policyTwo = getHelper().createBasePolicy(subRoleTwo.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.READ);
IdmAuthorizationPolicyDto policyDisabled = getHelper().createBasePolicy(disabledSubRole.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.DELETE);
//
getHelper().setConfigurationValue(RoleConfiguration.PROPERTY_DEFAULT_ROLE, defaultRole.getCode());
//
List<IdmAuthorizationPolicyDto> enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(3, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyDefault.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyOne.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyTwo.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().allMatch(p -> !p.getId().equals(policyDisabled.getId())));
//
Set<String> authorities = manager.getAuthorities(identity.getId(), IdmIdentity.class);
Assert.assertEquals(3, authorities.size());
Assert.assertTrue(authorities.stream().anyMatch(a -> a.equals(IdmBasePermission.CREATE.getName())));
Assert.assertTrue(authorities.stream().anyMatch(a -> a.equals(IdmBasePermission.UPDATE.getName())));
Assert.assertTrue(authorities.stream().anyMatch(a -> a.equals(IdmBasePermission.READ.getName())));
Assert.assertTrue(authorities.stream().allMatch(a -> !a.equals(IdmBasePermission.DELETE.getName())));
//
try {
getHelper().login(identity);
Set<String> permissions = identityService.getPermissions(identity.getId());
Assert.assertEquals(3, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.CREATE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.UPDATE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.getName())));
Assert.assertTrue(permissions.stream().allMatch(p -> !p.equals(IdmBasePermission.DELETE.getName())));
} finally {
logout();
}
}
use of org.junit.Assert.assertEquals in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testCacheAfterContractIsChanged.
@Test
@Transactional
@SuppressWarnings({ "rawtypes", "unchecked" })
public void testCacheAfterContractIsChanged() {
// create and login identity
IdmIdentityDto identity = getHelper().createIdentity();
UUID mockIdentity = UUID.randomUUID();
// prepare role
IdmRoleDto role = getHelper().createRole();
getHelper().createBasePolicy(role.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
getHelper().createIdentityRole(identity, role);
//
Assert.assertNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, identity.getId()));
Assert.assertNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId()));
Assert.assertNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, mockIdentity));
Assert.assertNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, mockIdentity));
//
cacheManager.cacheValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, mockIdentity, new HashMap<>());
cacheManager.cacheValue(AuthorizationManager.PERMISSION_CACHE_NAME, mockIdentity, new HashMap<>());
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, mockIdentity));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, mockIdentity));
//
// without login
Set<String> permissions = manager.getPermissions(role);
Assert.assertTrue(permissions.isEmpty());
//
try {
getHelper().login(identity);
//
// new entity is not supported with cache, but permissions are evaluated
permissions = manager.getPermissions(new IdmRoleDto());
Assert.assertEquals(2, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.AUTOCOMPLETE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.getName())));
Assert.assertNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId()));
//
// load from db
permissions = manager.getPermissions(role);
Assert.assertEquals(2, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.AUTOCOMPLETE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.getName())));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, identity.getId()));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId()));
// load from cache
permissions = manager.getPermissions(role);
Assert.assertEquals(2, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.AUTOCOMPLETE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.getName())));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, identity.getId()));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId()));
// check cache content - one
ValueWrapper cacheValue = cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, identity.getId());
List<UUID> cachedPolicies = (List) ((Map) cacheValue.get()).get(role.getClass());
Assert.assertEquals(1, cachedPolicies.size());
Assert.assertEquals(BasePermissionEvaluator.class.getCanonicalName(), ((IdmAuthorizationPolicyDto) cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_DEFINITION_CACHE_NAME, cachedPolicies.get(0)).get()).getEvaluatorType());
cacheValue = cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId());
permissions = (Set) ((Map) cacheValue.get()).get(role.getId());
Assert.assertEquals(2, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.AUTOCOMPLETE.getName())));
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.getName())));
//
// change contract => evict cache of logged identity
getHelper().createContract(identity);
//
// check cache is evicted only for logged identity
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, identity.getId()));
Assert.assertNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, identity.getId()));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.AUTHORIZATION_POLICY_CACHE_NAME, mockIdentity));
Assert.assertNotNull(cacheManager.getValue(AuthorizationManager.PERMISSION_CACHE_NAME, mockIdentity));
} finally {
logout();
}
}
use of org.junit.Assert.assertEquals in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testDistictPolicies.
@Test
@Transactional
public void testDistictPolicies() {
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmRoleDto role = getHelper().createRole();
IdmRoleDto roleTwo = getHelper().createRole();
IdmAuthorizationPolicyDto policy = getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
getHelper().createIdentityRole(identity, role);
getHelper().createIdentityRole(identity, role);
getHelper().createIdentityRole(identity, roleTwo);
getHelper().createIdentityRole(identity, roleTwo);
//
List<IdmAuthorizationPolicyDto> enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(1, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policy.getId())));
//
IdmAuthorizationPolicyDto policyTwo = getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.READ, IdmBasePermission.AUTOCOMPLETE);
//
enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(1, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policy.getId()) || p.getId().equals(policyTwo.getId())));
//
IdmAuthorizationPolicyDto policyThree = getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.AUTOCOMPLETE);
//
enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(2, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policy.getId()) || p.getId().equals(policyTwo.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyThree.getId())));
//
// with parameters
ConfigurationMap propsFour = new ConfigurationMap();
propsFour.put("one", "valueOne");
propsFour.put("two", "valueTwo");
IdmAuthorizationPolicyDto policyFour = getHelper().createAuthorizationPolicy(roleTwo.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, UuidEvaluator.class, propsFour, IdmBasePermission.READ, IdmBasePermission.AUTOCOMPLETE);
//
ConfigurationMap propsFive = new ConfigurationMap();
propsFive.put("two", "valueTwo");
propsFive.put("one", "valueOne");
IdmAuthorizationPolicyDto policyFive = getHelper().createAuthorizationPolicy(roleTwo.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, UuidEvaluator.class, propsFive, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
//
enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(3, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policy.getId()) || p.getId().equals(policyTwo.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyThree.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyFour.getId()) || p.getId().equals(policyFive.getId())));
//
ConfigurationMap propsSix = new ConfigurationMap();
propsSix.put("one", "valueOneU");
propsSix.put("two", "valueTwo");
IdmAuthorizationPolicyDto policySix = getHelper().createAuthorizationPolicy(roleTwo.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, UuidEvaluator.class, propsSix, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
//
ConfigurationMap propsSeven = new ConfigurationMap();
propsSeven.put("one", "valueOneU");
propsSeven.put("two", "valueTwo");
IdmAuthorizationPolicyDto policySeven = getHelper().createAuthorizationPolicy(roleTwo.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, UuidEvaluator.class, propsSeven, IdmBasePermission.READ);
//
enabledDistinctPolicies = manager.getEnabledDistinctPolicies(identity.getId(), IdmIdentity.class);
Assert.assertEquals(5, enabledDistinctPolicies.size());
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policy.getId()) || p.getId().equals(policyTwo.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyThree.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policyFour.getId()) || p.getId().equals(policyFive.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policySix.getId())));
Assert.assertTrue(enabledDistinctPolicies.stream().anyMatch(p -> p.getId().equals(policySeven.getId())));
}
use of org.junit.Assert.assertEquals in project CzechIdMng by bcvsolutions.
the class DefaultFormServiceIntegrationTest method testMinMaxDateValidation.
@Test
public void testMinMaxDateValidation() {
ZonedDateTime now = ZonedDateTime.now();
// prepare form definition a test saving form values
IdmFormAttributeDto attributeDate = new IdmFormAttributeDto();
String attributeDateCode = getHelper().createName();
attributeDate.setCode(attributeDateCode);
attributeDate.setName(attributeDateCode);
attributeDate.setPersistentType(PersistentType.DATE);
attributeDate.setMin(new BigDecimal("3"));
attributeDate.setMax(new BigDecimal("5"));
IdmFormAttributeDto attributeDateTime = new IdmFormAttributeDto();
String attributeDateTimeCode = getHelper().createName();
attributeDateTime.setCode(attributeDateTimeCode);
attributeDateTime.setName(attributeDateTimeCode);
attributeDateTime.setPersistentType(PersistentType.DATETIME);
attributeDateTime.setMin(new BigDecimal("6"));
attributeDateTime.setMax(new BigDecimal("8"));
IdmFormDefinitionDto formDefinitionOne = formService.createDefinition(IdmIdentity.class.getCanonicalName(), getHelper().createName(), Lists.newArrayList(attributeDate, attributeDateTime));
attributeDate = formDefinitionOne.getMappedAttributeByCode(attributeDate.getCode());
attributeDateTime = formDefinitionOne.getMappedAttributeByCode(attributeDateTime.getCode());
//
IdmFormValueDto valueDate = new IdmFormValueDto(attributeDate);
IdmFormValueDto valueDateTime = new IdmFormValueDto(attributeDateTime);
//
IdmFormInstanceDto formInstance = new IdmFormInstanceDto();
formInstance.setFormDefinition(formDefinitionOne);
formInstance.setValues(Lists.newArrayList(valueDate, valueDateTime));
//
List<InvalidFormAttributeDto> validationErrors = formService.validate(formInstance);
//
Assert.assertTrue(validationErrors.isEmpty());
//
valueDate.setDateValue(now.plusDays(2));
valueDateTime.setDateValue(now.plusDays(5));
//
validationErrors = formService.validate(formInstance);
Assert.assertEquals(2, validationErrors.size());
Assert.assertTrue(validationErrors.stream().allMatch(e -> e.getMinValue() != null));
Assert.assertTrue(validationErrors.stream().anyMatch(e -> e.getMinValue().equals(new BigDecimal("3")) && e.getAttributeCode().equals(attributeDateCode)));
Assert.assertTrue(validationErrors.stream().anyMatch(e -> e.getMinValue().equals(new BigDecimal("6")) && e.getAttributeCode().equals(attributeDateTimeCode)));
//
valueDate.setDateValue(now.plusDays(6));
valueDateTime.setDateValue(now.plusDays(9));
//
validationErrors = formService.validate(formInstance);
Assert.assertEquals(2, validationErrors.size());
Assert.assertTrue(validationErrors.stream().allMatch(e -> e.getMaxValue() != null));
Assert.assertTrue(validationErrors.stream().anyMatch(e -> e.getMaxValue().equals(new BigDecimal("5")) && e.getAttributeCode().equals(attributeDateCode)));
Assert.assertTrue(validationErrors.stream().anyMatch(e -> e.getMaxValue().equals(new BigDecimal("8")) && e.getAttributeCode().equals(attributeDateTimeCode)));
//
valueDate.setDateValue(now.plusDays(5));
valueDateTime.setDateValue(now.plusDays(8));
//
validationErrors = formService.validate(formInstance);
Assert.assertTrue(validationErrors.isEmpty());
//
valueDate.setDateValue(now.plusDays(3));
valueDateTime.setDateValue(now.plusDays(6).plusMinutes(2));
//
validationErrors = formService.validate(formInstance);
Assert.assertTrue(validationErrors.isEmpty());
}
use of org.junit.Assert.assertEquals in project CzechIdMng by bcvsolutions.
the class DefaultFormServiceIntegrationTest method testUniqueValidation.
@Test
public void testUniqueValidation() {
// prepare form definition a test saving form values
IdmFormAttributeDto attribute = new IdmFormAttributeDto();
String attributeName = getHelper().createName();
attribute.setCode(attributeName);
attribute.setName(attributeName);
attribute.setPersistentType(PersistentType.TEXT);
attribute.setUnique(Boolean.TRUE);
IdmFormDefinitionDto formDefinitionOne = formService.createDefinition(IdmIdentity.class.getCanonicalName(), getHelper().createName(), Lists.newArrayList(attribute));
attribute = formDefinitionOne.getMappedAttributeByCode(attribute.getCode());
//
IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
IdmFormValueDto value = new IdmFormValueDto(attribute);
value.setValue("one");
//
IdmFormInstanceDto formInstance = new IdmFormInstanceDto(owner, formDefinitionOne, Lists.newArrayList(value));
//
List<InvalidFormAttributeDto> validationErrors = formService.validate(formInstance);
Assert.assertTrue(validationErrors.isEmpty());
//
IdmFormInstanceDto savedFormInstance = formService.saveFormInstance(owner, formDefinitionOne, Lists.newArrayList(value));
IdmFormValueDto savedValue = savedFormInstance.toValueMap().get(attributeName).get(0);
//
validationErrors = formService.validate(formInstance);
Assert.assertEquals(1, validationErrors.size());
Assert.assertTrue(validationErrors.stream().allMatch(e -> e.getUniqueValue().equals("one")));
//
value.setId(savedValue.getId());
validationErrors = formService.validate(formInstance);
Assert.assertTrue(validationErrors.isEmpty());
//
value.setId(UUID.randomUUID());
validationErrors = formService.validate(formInstance);
Assert.assertEquals(1, validationErrors.size());
Assert.assertTrue(validationErrors.stream().allMatch(e -> e.getUniqueValue().equals("one")));
}
Aggregations