use of com.baidu.hugegraph.auth.RolePermission in project incubator-hugegraph by apache.
the class RolePermissionTest method testBuiltinNone.
@Test
public void testBuiltinNone() {
RolePermission none = RolePermission.none();
RolePermission role1 = RolePermission.role("none", HugePermission.NONE);
Assert.assertEquals(none, role1);
Assert.assertSame(none, RolePermission.builtin(none));
Assert.assertSame(none, RolePermission.builtin(role1));
Assert.assertEquals("{\"roles\":{\"none\":{\"NONE\":[" + "{\"type\":\"ALL\",\"label\":\"*\",\"properties\":null}]}}}", none.toJson());
RolePermission role = RolePermission.fromJson("{\"roles\":{\"none\":{\"NONE\":[" + "{\"type\":\"ALL\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(none, role));
}
use of com.baidu.hugegraph.auth.RolePermission in project incubator-hugegraph by apache.
the class RolePermissionTest method testBuiltinAdmin.
@Test
public void testBuiltinAdmin() {
RolePermission admin = RolePermission.admin();
RolePermission role1 = RolePermission.role("admin", HugePermission.ANY);
Assert.assertEquals(admin, role1);
Assert.assertSame(admin, RolePermission.builtin(admin));
Assert.assertSame(admin, RolePermission.builtin(role1));
RolePermission role = RolePermission.fromJson("{\"roles\":{\"admin\":{\"ANY\":[" + "{\"type\":\"ALL\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(admin, role));
RolePermission role2 = RolePermission.all("admin");
Assert.assertSame(admin, RolePermission.builtin(role2));
Assert.assertTrue(roleContains(admin, role2));
Assert.assertTrue(roleContains(role2, role));
RolePermission hg = RolePermission.all("hg1");
RolePermission role3 = RolePermission.fromJson("{\"roles\":" + "{\"hg1\":{\"ANY\":" + "[{\"type\":\"ALL\",\"label\":" + "\"write\",\"properties\":null}" + "]}}");
Assert.assertSame(hg, RolePermission.builtin(hg));
Assert.assertSame(hg, RolePermission.fromJson(hg));
Assert.assertTrue(roleContains(hg, role3));
/*
* NOTE: admin role not match graph role
* if want do this, rely on upper-layer special judgment
*/
Assert.assertFalse(roleContains(admin, hg));
}
use of com.baidu.hugegraph.auth.RolePermission in project incubator-hugegraph by apache.
the class AuthTest method testRolePermission.
@Test
public void testRolePermission() {
HugeGraph graph = graph();
AuthManager authManager = graph.authManager();
authManager.createUser(makeUser("admin", "pa"));
Id user0 = authManager.createUser(makeUser("hugegraph", "p0"));
Id user1 = authManager.createUser(makeUser("hugegraph1", "p1"));
Id group1 = authManager.createGroup(makeGroup("group1"));
Id group2 = authManager.createGroup(makeGroup("group2"));
Id graph1 = authManager.createTarget(makeTarget("hugegraph", "url1"));
Id graph2 = authManager.createTarget(makeTarget("hugegraph1", "url2"));
List<HugeResource> rv = HugeResource.parseResources("[{\"type\": \"VERTEX\", \"label\": \"person\", " + "\"properties\":{\"city\": \"Beijing\", \"age\": \"P.gte(20)\"}}," + " {\"type\": \"VERTEX_LABEL\", \"label\": \"*\"}," + " {\"type\": \"PROPERTY_KEY\", \"label\": \"*\"}]");
List<HugeResource> re = HugeResource.parseResources("[{\"type\": \"EDGE\", \"label\": \"write\"}, " + " {\"type\": \"PROPERTY_KEY\"}, {\"type\": \"VERTEX_LABEL\"}, " + " {\"type\": \"EDGE_LABEL\"}, {\"type\": \"INDEX_LABEL\"}]");
List<HugeResource> rg = HugeResource.parseResources("[{\"type\": \"GREMLIN\"}]");
Id graph1v = authManager.createTarget(makeTarget("hugegraph-v", "hugegraph", "url1", rv));
Id graph1e = authManager.createTarget(makeTarget("hugegraph-e", "hugegraph", "url1", re));
Id graph1gremlin = authManager.createTarget(makeTarget("hugegraph-g", "hugegraph", "url1", rg));
Id belong1 = authManager.createBelong(makeBelong(user0, group1));
Id belong2 = authManager.createBelong(makeBelong(user1, group2));
authManager.createAccess(makeAccess(group1, graph1, HugePermission.READ));
authManager.createAccess(makeAccess(group1, graph1, HugePermission.WRITE));
authManager.createAccess(makeAccess(group1, graph2, HugePermission.READ));
authManager.createAccess(makeAccess(group2, graph2, HugePermission.READ));
Id access1v = authManager.createAccess(makeAccess(group1, graph1v, HugePermission.READ));
authManager.createAccess(makeAccess(group1, graph1v, HugePermission.WRITE));
authManager.createAccess(makeAccess(group1, graph1e, HugePermission.READ));
Id access1g = authManager.createAccess(makeAccess(group1, graph1gremlin, HugePermission.EXECUTE));
RolePermission role;
role = authManager.rolePermission(authManager.getUser(user0));
String expected = "{\"roles\":" + "{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"EDGE_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"INDEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"WRITE\":" + "[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"EXECUTE\":" + "[{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}," + "\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getBelong(belong1));
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getGroup(group1));
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getAccess(access1v));
expected = "{\"roles\":" + "{\"hugegraph\":{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getAccess(access1g));
expected = "{\"roles\":{\"hugegraph\":{\"EXECUTE\":[" + "{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getUser(user1));
expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getBelong(belong2));
expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getTarget(graph1v));
expected = "{\"roles\":" + "{\"hugegraph\":" + "{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
}
use of com.baidu.hugegraph.auth.RolePermission in project incubator-hugegraph by apache.
the class RolePermissionTest method testContains.
@Test
public void testContains() {
String json = "{\"roles\":" + "{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"EDGE_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"INDEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" + "{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," + "{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," + "{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"EXECUTE\":[" + "{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}," + "\"hugegraph1\":{\"READ\":[]}}}";
RolePermission role = RolePermission.fromJson(json);
RolePermission r1 = RolePermission.fromJson(json);
Assert.assertEquals(role, r1);
Assert.assertTrue(roleContains(role, r1));
RolePermission r2 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(role, r2));
RolePermission r3 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\"," + "\"properties\":{\"date\":\"2018-8-8\"}}]}}");
Assert.assertTrue(roleContains(role, r3));
RolePermission r4 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":{\"city\":\"Beijing\"," + "\"age\":\"P.gte(20)\"}}]}}");
Assert.assertTrue(roleContains(role, r4));
RolePermission r5 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":{\"city\":\"Beijing\"," + "\"age\":\"P.gte(21)\"}}]}}");
Assert.assertFalse(roleContains(role, r5));
RolePermission r6 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":null}]}}");
Assert.assertFalse(roleContains(role, r6));
RolePermission r7 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"person2\"," + "\"properties\":{\"city\":\"Beijing\"," + "\"age\":\"P.gte(20)\"}}]}}");
Assert.assertFalse(roleContains(role, r7));
RolePermission r8 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"EDGE\",\"label\":\"person\"," + "\"properties\":{\"city\":\"Beijing\"," + "\"age\":\"P.gte(20)\"}}]}}");
Assert.assertFalse(roleContains(role, r8));
role = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"ALL\",\"label\":\"write\"," + "\"properties\":null}]}}");
RolePermission r9 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"ALL\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(role, r9));
RolePermission r10 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"EDGE\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(role, r10));
RolePermission r11 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"VERTEX\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertTrue(roleContains(role, r11));
RolePermission r12 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"READ\":[" + "{\"type\":\"VERTEX\",\"label\":\"person\"," + "\"properties\":null}]}}");
Assert.assertFalse(roleContains(role, r12));
RolePermission r13 = RolePermission.fromJson("{\"roles\":{\"hugegraph\":{\"WRITE\":[" + "{\"type\":\"VERTEX\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertFalse(roleContains(role, r13));
RolePermission r14 = RolePermission.fromJson("{\"roles\":{\"hugegraph2\":{\"READ\":[" + "{\"type\":\"VERTEX\",\"label\":\"write\"," + "\"properties\":null}]}}");
Assert.assertFalse(roleContains(role, r14));
}
Aggregations