Examples with MutableAcl org.springframework.security.acls.model.MutableAcl used on opensource projects

Search in sources :

Example 1 with MutableAcl

use of org.springframework.security.acls.model.MutableAcl in project spring-security by spring-projects.

the class ContactManagerBackend method addPermission.

public void addPermission(Contact contact, Sid recipient, Permission permission) {
    MutableAcl acl;
    ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId());
    try {
        acl = (MutableAcl) mutableAclService.readAclById(oid);
    } catch (NotFoundException nfe) {
        acl = mutableAclService.createAcl(oid);
    }
    acl.insertAce(acl.getEntries().size(), permission, recipient, true);
    mutableAclService.updateAcl(acl);
    logger.debug("Added permission " + permission + " for Sid " + recipient + " contact " + contact);
}
Also used : ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) ObjectIdentityImpl(org.springframework.security.acls.domain.ObjectIdentityImpl) NotFoundException(org.springframework.security.acls.model.NotFoundException) MutableAcl(org.springframework.security.acls.model.MutableAcl)

Example 2 with MutableAcl

use of org.springframework.security.acls.model.MutableAcl in project spring-security by spring-projects.

the class BasicLookupStrategyTests method checkEntries.

private void checkEntries(ObjectIdentity topParentOid, ObjectIdentity middleParentOid, ObjectIdentity childOid, Map<ObjectIdentity, Acl> map) throws Exception {
    assertThat(map).hasSize(3);
    MutableAcl topParent = (MutableAcl) map.get(topParentOid);
    MutableAcl middleParent = (MutableAcl) map.get(middleParentOid);
    MutableAcl child = (MutableAcl) map.get(childOid);
    // Check the retrieved versions has IDs
    assertThat(topParent.getId()).isNotNull();
    assertThat(middleParent.getId()).isNotNull();
    assertThat(child.getId()).isNotNull();
    // Check their parents were correctly retrieved
    assertThat(topParent.getParentAcl()).isNull();
    assertThat(middleParent.getParentAcl().getObjectIdentity()).isEqualTo(topParentOid);
    assertThat(child.getParentAcl().getObjectIdentity()).isEqualTo(middleParentOid);
    // Check their ACEs were correctly retrieved
    assertThat(topParent.getEntries()).hasSize(2);
    assertThat(middleParent.getEntries()).hasSize(1);
    assertThat(child.getEntries()).hasSize(1);
    // Check object identities were correctly retrieved
    assertThat(topParent.getObjectIdentity()).isEqualTo(topParentOid);
    assertThat(middleParent.getObjectIdentity()).isEqualTo(middleParentOid);
    assertThat(child.getObjectIdentity()).isEqualTo(childOid);
    // Check each entry
    assertThat(topParent.isEntriesInheriting()).isTrue();
    assertThat(Long.valueOf(1)).isEqualTo(topParent.getId());
    assertThat(new PrincipalSid("ben")).isEqualTo(topParent.getOwner());
    assertThat(Long.valueOf(1)).isEqualTo(topParent.getEntries().get(0).getId());
    assertThat(topParent.getEntries().get(0).getPermission()).isEqualTo(BasePermission.READ);
    assertThat(topParent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben"));
    assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure()).isFalse();
    assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess()).isFalse();
    assertThat((topParent.getEntries().get(0)).isGranting()).isTrue();
    assertThat(Long.valueOf(2)).isEqualTo(topParent.getEntries().get(1).getId());
    assertThat(topParent.getEntries().get(1).getPermission()).isEqualTo(BasePermission.WRITE);
    assertThat(topParent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("ben"));
    assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure()).isFalse();
    assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditSuccess()).isFalse();
    assertThat(topParent.getEntries().get(1).isGranting()).isFalse();
    assertThat(middleParent.isEntriesInheriting()).isTrue();
    assertThat(Long.valueOf(2)).isEqualTo(middleParent.getId());
    assertThat(new PrincipalSid("ben")).isEqualTo(middleParent.getOwner());
    assertThat(Long.valueOf(3)).isEqualTo(middleParent.getEntries().get(0).getId());
    assertThat(middleParent.getEntries().get(0).getPermission()).isEqualTo(BasePermission.DELETE);
    assertThat(middleParent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben"));
    assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure()).isFalse();
    assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditSuccess()).isFalse();
    assertThat(middleParent.getEntries().get(0).isGranting()).isTrue();
    assertThat(child.isEntriesInheriting()).isTrue();
    assertThat(Long.valueOf(3)).isEqualTo(child.getId());
    assertThat(new PrincipalSid("ben")).isEqualTo(child.getOwner());
    assertThat(Long.valueOf(4)).isEqualTo(child.getEntries().get(0).getId());
    assertThat(child.getEntries().get(0).getPermission()).isEqualTo(BasePermission.DELETE);
    assertThat(new PrincipalSid("ben")).isEqualTo(child.getEntries().get(0).getSid());
    assertThat(((AuditableAccessControlEntry) child.getEntries().get(0)).isAuditFailure()).isFalse();
    assertThat(((AuditableAccessControlEntry) child.getEntries().get(0)).isAuditSuccess()).isFalse();
    assertThat((child.getEntries().get(0)).isGranting()).isFalse();
}
Also used : AuditableAccessControlEntry(org.springframework.security.acls.model.AuditableAccessControlEntry) MutableAcl(org.springframework.security.acls.model.MutableAcl)

Example 3 with MutableAcl

use of org.springframework.security.acls.model.MutableAcl in project spring-security by spring-projects.

the class EhCacheBasedAclCacheTests method putInCacheAclWithParent.

@Test
public void putInCacheAclWithParent() throws Exception {
    Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
    auth.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(auth);
    ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2));
    AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL"));
    MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
    acl.setParent(parentAcl);
    myCache.putInCache(acl);
    verify(cache, times(4)).put(element.capture());
    List<Element> allValues = element.getAllValues();
    assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity());
    assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl);
    assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId());
    assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl);
    assertThat(allValues.get(2).getKey()).isEqualTo(acl.getObjectIdentity());
    assertThat(allValues.get(2).getObjectValue()).isEqualTo(acl);
    assertThat(allValues.get(3).getKey()).isEqualTo(acl.getId());
    assertThat(allValues.get(3).getObjectValue()).isEqualTo(acl);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) Authentication(org.springframework.security.core.Authentication) Element(net.sf.ehcache.Element) MutableAcl(org.springframework.security.acls.model.MutableAcl) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 4 with MutableAcl

use of org.springframework.security.acls.model.MutableAcl in project spring-security by spring-projects.

the class EhCacheBasedAclCacheTests method getFromCacheObjectIdentityPopulatesTransient.

@Test
public void getFromCacheObjectIdentityPopulatesTransient() throws Exception {
    when(cache.get(acl.getObjectIdentity())).thenReturn(new Element(acl.getId(), acl));
    myCache.putInCache(acl);
    ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null);
    ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null);
    MutableAcl fromCache = myCache.getFromCache(acl.getObjectIdentity());
    assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
    assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
}
Also used : Element(net.sf.ehcache.Element) MutableAcl(org.springframework.security.acls.model.MutableAcl) Test(org.junit.Test)

Example 5 with MutableAcl

use of org.springframework.security.acls.model.MutableAcl in project spring-security by spring-projects.

the class EhCacheBasedAclCacheTests method methodsRejectNullParameters.

@Test
public void methodsRejectNullParameters() throws Exception {
    try {
        Serializable id = null;
        myCache.evictFromCache(id);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        ObjectIdentity obj = null;
        myCache.evictFromCache(obj);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        Serializable id = null;
        myCache.getFromCache(id);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        ObjectIdentity obj = null;
        myCache.getFromCache(obj);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        MutableAcl acl = null;
        myCache.putInCache(acl);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
}
Also used : Serializable(java.io.Serializable) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) MutableAcl(org.springframework.security.acls.model.MutableAcl) Test(org.junit.Test)

Aggregations

MutableAcl (org.springframework.security.acls.model.MutableAcl)58 Test (org.junit.jupiter.api.Test)23 ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)20 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)17 Sid (org.springframework.security.acls.model.Sid)14 Authentication (org.springframework.security.core.Authentication)12 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)11 NotFoundException (org.springframework.security.acls.model.NotFoundException)10 ObjectIdentityImpl (org.springframework.security.acls.domain.ObjectIdentityImpl)9 EntityTypeIdentity (org.molgenis.data.security.EntityTypeIdentity)8 Transactional (org.springframework.transaction.annotation.Transactional)8 Test (org.testng.annotations.Test)8 Test (org.junit.Test)7 PackageIdentity (org.molgenis.data.security.PackageIdentity)6 CumulativePermission (org.springframework.security.acls.domain.CumulativePermission)6 WithMockUser (org.springframework.security.test.context.support.WithMockUser)6 Package (org.molgenis.data.meta.model.Package)5 Acl (org.springframework.security.acls.model.Acl)5 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)5 File (java.io.File)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial