Examples with AuthRule com.amplifyframework.core.model.AuthRule used on opensource projects

Example 1 with AuthRule

use of com.amplifyframework.core.model.AuthRule in project amplify-android by aws-amplify.

the class AppSyncGraphQLRequestFactory method getMapOfFieldNameAndValues.

private static Map<String, Object> getMapOfFieldNameAndValues(@NonNull ModelSchema schema, @NonNull Model instance) throws AmplifyException {
    if (!instance.getClass().getSimpleName().equals(schema.getName())) {
        throw new AmplifyException("The object provided is not an instance of " + schema.getName() + ".", "Please provide an instance of " + schema.getName() + " that matches the schema type.");
    }
    final Map<String, Object> result = new HashMap<>();
    for (ModelField modelField : schema.getFields().values()) {
        if (modelField.isReadOnly()) {
            // Skip read only fields, since they should not be included on the input object.
            continue;
        }
        String fieldName = modelField.getName();
        Object fieldValue = extractFieldValue(fieldName, instance, schema);
        final ModelAssociation association = schema.getAssociations().get(fieldName);
        if (association == null) {
            result.put(fieldName, fieldValue);
        } else if (association.isOwner()) {
            Model target = (Model) Objects.requireNonNull(fieldValue);
            result.put(association.getTargetName(), target.getId());
        }
    // Ignore if field is associated, but is not a "belongsTo" relationship
    }
    /*
         * If the owner field exists on the model, and the value is null, it should be omitted when performing a
         * mutation because the AppSync server will automatically populate it using the authentication token provided
         * in the request header.  The logic below filters out the owner field if null for this scenario.
         */
    for (AuthRule authRule : schema.getAuthRules()) {
        if (AuthStrategy.OWNER.equals(authRule.getAuthStrategy())) {
            String ownerField = authRule.getOwnerFieldOrDefault();
            if (result.containsKey(ownerField) && result.get(ownerField) == null) {
                result.remove(ownerField);
            }
        }
    }
    return result;
}

Example 2 with AuthRule

use of com.amplifyframework.core.model.AuthRule in project amplify-android by aws-amplify.

the class MultiAuthModeStrategy method authTypesFor.

@Override
public AuthorizationTypeIterator authTypesFor(@NonNull ModelSchema modelSchema, @NonNull ModelOperation operation) {
    final List<AuthRule> applicableRules = new ArrayList<>();
    Consumer<List<AuthRule>> filterAuthRules = authRules -> {
        for (AuthRule rule : authRules) {
            if (rule.getOperationsOrDefault().contains(operation)) {
                applicableRules.add(rule);
            }
        }
    };
    filterAuthRules.accept(modelSchema.getAuthRules());
    for (ModelField field : modelSchema.getFields().values()) {
        filterAuthRules.accept(field.getAuthRules());
    }
    return new MultiAuthorizationTypeIterator(applicableRules);
}

Example 3 with AuthRule

use of com.amplifyframework.core.model.AuthRule in project amplify-android by aws-amplify.

the class AppSyncRequestFactory method getMapOfFieldNameAndValues.

private static Map<String, Object> getMapOfFieldNameAndValues(@NonNull ModelSchema schema, @NonNull Model instance) throws AmplifyException {
    boolean isSerializedModel = instance instanceof SerializedModel;
    boolean hasMatchingModelName = instance.getClass().getSimpleName().equals(schema.getName());
    if (!(hasMatchingModelName || isSerializedModel)) {
        throw new AmplifyException("The object provided is not an instance of " + schema.getName() + ".", "Please provide an instance of " + schema.getName() + " that matches the schema type.");
    }
    Map<String, Object> result = new HashMap<>(extractFieldLevelData(schema, instance));
    /*
         * If the owner field exists on the model, and the value is null, it should be omitted when performing a
         * mutation because the AppSync server will automatically populate it using the authentication token provided
         * in the request header.  The logic below filters out the owner field if null for this scenario.
         */
    for (AuthRule authRule : schema.getAuthRules()) {
        if (AuthStrategy.OWNER.equals(authRule.getAuthStrategy())) {
            String ownerField = authRule.getOwnerFieldOrDefault();
            if (result.containsKey(ownerField) && result.get(ownerField) == null) {
                result.remove(ownerField);
            }
        }
    }
    return result;
}

Example 4 with AuthRule

use of com.amplifyframework.core.model.AuthRule in project amplify-android by aws-amplify.

the class MultiAuthorizationTypeIteratorTest method testOwnerAndGroupRules.

/**
 * Verify that if there are mixed owner and group rules, we return the auth types in the correct order.
 * We're verifying that:
 * - both owner rules are processed first (userPools and oidc) with isOwner = true.
 * - both group rules are processed next (userPools and oidc) withg isOwner = false.
 *
 * isOwner is used in the code to determine whether a request may need the owner parameter added.
 */
@Test
public void testOwnerAndGroupRules() {
    Iterator<AuthorizationType> expectedAuthTypes = Arrays.asList(AuthorizationType.AMAZON_COGNITO_USER_POOLS, AuthorizationType.OPENID_CONNECT, AuthorizationType.AMAZON_COGNITO_USER_POOLS, AuthorizationType.OPENID_CONNECT).iterator();
    Iterator<Boolean> expectedIsOwnerFlags = Arrays.asList(true, true, false, false).iterator();
    List<AuthRule> authRules = Arrays.asList(buildOwnerRule(null, null, null, null), buildOwnerRule(AuthStrategy.Provider.USER_POOLS, "differentOwnerField", null, CREATE_DELETE_OPERATIONS), buildOwnerRule(AuthStrategy.Provider.OIDC, "differentOwner", "myClaim", null), buildGroupRule(null, null, null, null, null), buildGroupRule(AuthStrategy.Provider.OIDC, "myGroupField", "someClaim", Collections.singletonList("group1"), null));
    MultiAuthorizationTypeIterator actualAuthTypeIterator = new MultiAuthorizationTypeIterator(authRules);
    assertIteratorState(expectedAuthTypes, expectedIsOwnerFlags, actualAuthTypeIterator);
}

Example 5 with AuthRule

use of com.amplifyframework.core.model.AuthRule in project amplify-android by aws-amplify.

the class MultiAuthorizationTypeIteratorTest method testAllRules.

/**
 * Test a schema with auth rules for each strategy is returned in the expected order.
 */
@Test
public void testAllRules() {
    Iterator<AuthorizationType> expectedAuthTypes = Arrays.asList(AuthorizationType.AMAZON_COGNITO_USER_POOLS, AuthorizationType.OPENID_CONNECT, AuthorizationType.AWS_IAM, AuthorizationType.API_KEY).iterator();
    Iterator<Boolean> expectedIsOwnerFlags = Arrays.asList(true, false, false, false).iterator();
    List<AuthRule> authRules = Arrays.asList(buildGroupRule(AuthStrategy.Provider.OIDC, null, null, null, null), buildPrivateRule(AuthStrategy.Provider.IAM, null), buildOwnerRule(null, null, null, null), buildPublicRule(null, null));
    MultiAuthorizationTypeIterator actualAuthTypeIterator = new MultiAuthorizationTypeIterator(authRules);
    assertIteratorState(expectedAuthTypes, expectedIsOwnerFlags, actualAuthTypeIterator);
}