Examples with AuthManager com.baidu.hugegraph.auth.AuthManager used on opensource projects

Example 21 with AuthManager

use of com.baidu.hugegraph.auth.AuthManager in project incubator-hugegraph by apache.

the class ProjectAPI method update.

@PUT
@Timed
@Path("{id}")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON_WITH_CHARSET)
public String update(@Context GraphManager manager, @PathParam("graph") String graph, @PathParam("id") String id, @QueryParam("action") String action, JsonProject jsonProject) {
    LOG.debug("Graph [{}] update {} project: {}", graph, action, jsonProject);
    checkUpdatingBody(jsonProject);
    HugeGraph g = graph(manager, graph);
    HugeProject project;
    Id projectId = UserAPI.parseId(id);
    AuthManager authManager = manager.authManager();
    try {
        project = authManager.getProject(projectId);
    } catch (NotFoundException e) {
        throw new IllegalArgumentException("Invalid project id: " + id);
    }
    if (ProjectAPI.isAddGraph(action)) {
        project = jsonProject.buildAddGraph(project);
    } else if (ProjectAPI.isRemoveGraph(action)) {
        project = jsonProject.buildRemoveGraph(project);
    } else {
        E.checkArgument(StringUtils.isEmpty(action), "The action parameter can only be either " + "%s or %s or '', but got '%s'", ProjectAPI.ACTION_ADD_GRAPH, ProjectAPI.ACTION_REMOVE_GRAPH, action);
        project = jsonProject.buildUpdateDescription(project);
    }
    authManager.updateProject(project);
    return manager.serializer(g).writeAuthElement(project);
}

Example 22 with AuthManager

use of com.baidu.hugegraph.auth.AuthManager in project incubator-hugegraph by apache.

the class AuthTest method testRolePermission.

@Test
public void testRolePermission() {
    HugeGraph graph = graph();
    AuthManager authManager = graph.authManager();
    authManager.createUser(makeUser("admin", "pa"));
    Id user0 = authManager.createUser(makeUser("hugegraph", "p0"));
    Id user1 = authManager.createUser(makeUser("hugegraph1", "p1"));
    Id group1 = authManager.createGroup(makeGroup("group1"));
    Id group2 = authManager.createGroup(makeGroup("group2"));
    Id graph1 = authManager.createTarget(makeTarget("hugegraph", "url1"));
    Id graph2 = authManager.createTarget(makeTarget("hugegraph1", "url2"));
    List<HugeResource> rv = HugeResource.parseResources("[{\"type\": \"VERTEX\", \"label\": \"person\", " + "\"properties\":{\"city\": \"Beijing\", \"age\": \"P.gte(20)\"}}," + " {\"type\": \"VERTEX_LABEL\", \"label\": \"*\"}," + " {\"type\": \"PROPERTY_KEY\", \"label\": \"*\"}]");
    List<HugeResource> re = HugeResource.parseResources("[{\"type\": \"EDGE\", \"label\": \"write\"}, " + " {\"type\": \"PROPERTY_KEY\"}, {\"type\": \"VERTEX_LABEL\"}, " + " {\"type\": \"EDGE_LABEL\"}, {\"type\": \"INDEX_LABEL\"}]");
    List<HugeResource> rg = HugeResource.parseResources("[{\"type\": \"GREMLIN\"}]");
    Id graph1v = authManager.createTarget(makeTarget("hugegraph-v", "hugegraph", "url1", rv));
    Id graph1e = authManager.createTarget(makeTarget("hugegraph-e", "hugegraph", "url1", re));
    Id graph1gremlin = authManager.createTarget(makeTarget("hugegraph-g", "hugegraph", "url1", rg));
    Id belong1 = authManager.createBelong(makeBelong(user0, group1));
    Id belong2 = authManager.createBelong(makeBelong(user1, group2));
    authManager.createAccess(makeAccess(group1, graph1, HugePermission.READ));
    authManager.createAccess(makeAccess(group1, graph1, HugePermission.WRITE));
    authManager.createAccess(makeAccess(group1, graph2, HugePermission.READ));
    authManager.createAccess(makeAccess(group2, graph2, HugePermission.READ));
    Id access1v = authManager.createAccess(makeAccess(group1, graph1v, HugePermission.READ));
    authManager.createAccess(makeAccess(group1, graph1v, HugePermission.WRITE));
    authManager.createAccess(makeAccess(group1, graph1e, HugePermission.READ));
    Id access1g = authManager.createAccess(makeAccess(group1, graph1gremlin, HugePermission.EXECUTE));
    RolePermission role;
    role = authManager.rolePermission(authManager.getUser(user0));
    String expected = "{\"roles\":" + "{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"EDGE_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"INDEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"WRITE\":" + "[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"EXECUTE\":" + "[{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}," + "\"hugegraph1\":{\"READ\":[]}}}";
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getBelong(belong1));
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getGroup(group1));
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getAccess(access1v));
    expected = "{\"roles\":" + "{\"hugegraph\":{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getAccess(access1g));
    expected = "{\"roles\":{\"hugegraph\":{\"EXECUTE\":[" + "{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}}}";
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getUser(user1));
    expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getBelong(belong2));
    expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
    Assert.assertEquals(expected, role.toJson());
    role = authManager.rolePermission(authManager.getTarget(graph1v));
    expected = "{\"roles\":" + "{\"hugegraph\":" + "{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
    Assert.assertEquals(expected, role.toJson());
}

Example 23 with AuthManager

use of com.baidu.hugegraph.auth.AuthManager in project incubator-hugegraph by apache.

the class AuthTest method testMatchUser.

@Test
public void testMatchUser() {
    HugeGraph graph = graph();
    AuthManager authManager = graph.authManager();
    String password = StringEncoding.hashPassword("pass1");
    authManager.createUser(makeUser("tom", password));
    Assert.assertNotNull(authManager.matchUser("tom", "pass1"));
    Assert.assertNull(authManager.matchUser("tom", "pass2"));
    Assert.assertNull(authManager.matchUser("Tom", "pass1"));
    Assert.assertThrows(IllegalArgumentException.class, () -> {
        authManager.matchUser("Tom", null);
    });
    Assert.assertThrows(IllegalArgumentException.class, () -> {
        authManager.matchUser(null, "pass1");
    });
    Assert.assertThrows(IllegalArgumentException.class, () -> {
        authManager.matchUser(null, null);
    });
}

Example 24 with AuthManager

use of com.baidu.hugegraph.auth.AuthManager in project incubator-hugegraph by apache.

the class AuthTest method testUpdateProject.

@Test
public void testUpdateProject() {
    HugeProject project = makeProject("test_project", "this is a desc");
    AuthManager authManager = graph().authManager();
    Id projectId = authManager.createProject(project);
    project = authManager.getProject(projectId);
    project.description("this is a desc another");
    projectId = authManager.updateProject(project);
    HugeProject newProject = authManager.getProject(projectId);
    Assert.assertEquals("this is a desc another", newProject.description());
}

Example 25 with AuthManager

use of com.baidu.hugegraph.auth.AuthManager in project incubator-hugegraph by apache.

the class AuthTest method testUpdateUser.

@Test
public void testUpdateUser() throws InterruptedException {
    HugeGraph graph = graph();
    AuthManager authManager = graph.authManager();
    Id id = authManager.createUser(makeUser("tom", "pass1"));
    HugeUser user = authManager.getUser(id);
    Assert.assertEquals("tom", user.name());
    Assert.assertEquals("pass1", user.password());
    Assert.assertEquals(user.create(), user.update());
    Date oldUpdateTime = user.update();
    Thread.sleep(1L);
    user.password("pass2");
    authManager.updateUser(user);
    HugeUser user2 = authManager.getUser(id);
    Assert.assertEquals("tom", user2.name());
    Assert.assertEquals("pass2", user2.password());
    Assert.assertEquals(oldUpdateTime, user2.create());
    Assert.assertNotEquals(oldUpdateTime, user2.update());
    Assert.assertThrows(IllegalArgumentException.class, () -> {
        authManager.updateUser(makeUser("tom2", "pass1"));
    }, e -> {
        Assert.assertContains("Can't save user", e.getMessage());
        Assert.assertContains("that not exists", e.getMessage());
    });
}