Examples with Group com.bakdata.conquery.models.auth.entities.Group used on opensource projects

Search in sources :

Example 11 with Group

use of com.bakdata.conquery.models.auth.entities.Group in project conquery by bakdata.

the class RoleHandlingOnGroupTest method execute.

@Override
public void execute(StandaloneSupport conquery) throws Exception {
    Dataset dataset1 = new Dataset();
    dataset1.setLabel("dataset1");
    MetaStorage storage = conquery.getMetaStorage();
    Group group1 = new Group("company", "company", storage);
    Role role = new Role("role1", "role1", storage);
    TestUser user1 = new TestUser(storage);
    try {
        storage.addRole(role);
        storage.addUser(user1);
        storage.addGroup(group1);
        role.addPermission(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")));
        // // Add user to group
        group1.addMember(user1);
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
        // // Add role to group
        group1.addRole(role);
        assertThat(group1.getRoles()).containsExactlyInAnyOrder(role.getId());
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isTrue();
        // // Remove role from group
        group1.removeRole(role);
        assertThat(group1.getRoles()).isEmpty();
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
    } finally {
        storage.removeGroup(group1.getId());
        storage.removeUser(user1.getId());
        storage.removeRole(role.getId());
    }
}
Also used : Role(com.bakdata.conquery.models.auth.entities.Role) Group(com.bakdata.conquery.models.auth.entities.Group) DatasetPermission(com.bakdata.conquery.models.auth.permissions.DatasetPermission) Dataset(com.bakdata.conquery.models.datasets.Dataset) MetaStorage(com.bakdata.conquery.io.storage.MetaStorage) DatasetId(com.bakdata.conquery.models.identifiable.ids.specific.DatasetId)

Example 12 with Group

use of com.bakdata.conquery.models.auth.entities.Group in project conquery by bakdata.

the class FormConfigTest method patchConfig.

@Test
public void patchConfig() {
    // PREPARE
    user.addPermission(DatasetPermission.onInstance(Ability.READ, datasetId));
    Group group1 = new Group("test1", "test1", storage);
    storage.addGroup(group1);
    Group group2 = new Group("test2", "test2", storage);
    storage.addGroup(group2);
    group1.addMember(user);
    group2.addMember(user);
    ObjectMapper mapper = FormConfigProcessor.getMAPPER();
    JsonNode values = mapper.valueToTree(form);
    FormConfigAPI formConfig = FormConfigAPI.builder().formType(form.getFormType()).values(values).build();
    FormConfig config = processor.addConfig(user, dataset, formConfig);
    // EXECUTE PART 1
    processor.patchConfig(user, config, FormConfigPatch.builder().label("newTestLabel").tags(new String[] { "tag1", "tag2" }).groups(List.of(group1.getId())).values(new ObjectNode(mapper.getNodeFactory(), Map.of("test-Node", new TextNode("test-text")))).build());
    // CHECK PART 1
    FormConfig patchedFormExpected = new FormConfig(form.getClass().getAnnotation(CPSType.class).id(), values);
    patchedFormExpected.setDataset(dataset);
    patchedFormExpected.setFormId(config.getFormId());
    patchedFormExpected.setLabel("newTestLabel");
    patchedFormExpected.setShared(true);
    patchedFormExpected.setTags(new String[] { "tag1", "tag2" });
    patchedFormExpected.setOwner(user);
    patchedFormExpected.setValues(new ObjectNode(mapper.getNodeFactory(), Map.of("test-Node", new TextNode("test-text"))));
    final FormConfigId formId = config.getId();
    assertThat(storage.getFormConfig(formId)).usingRecursiveComparison().ignoringFields("cachedId", FormConfig.Fields.creationTime).isEqualTo(patchedFormExpected);
    assertThat(storage.getGroup(group1.getId()).getPermissions()).contains(FormConfigPermission.onInstance(AbilitySets.SHAREHOLDER, formId));
    assertThat(storage.getGroup(group2.getId()).getPermissions()).doesNotContain(FormConfigPermission.onInstance(AbilitySets.SHAREHOLDER, formId));
    // EXECUTE PART 2 (Unshare)
    processor.patchConfig(user, config, FormConfigPatch.builder().groups(List.of()).build());
    // CHECK PART 2
    patchedFormExpected.setShared(false);
    assertThat(storage.getFormConfig(formId)).usingRecursiveComparison().ignoringFields("cachedId", FormConfig.Fields.creationTime).isEqualTo(patchedFormExpected);
    assertThat(storage.getGroup(group1.getId()).getPermissions()).doesNotContain(FormConfigPermission.onInstance(AbilitySets.SHAREHOLDER, formId));
    assertThat(storage.getGroup(group2.getId()).getPermissions()).doesNotContain(FormConfigPermission.onInstance(AbilitySets.SHAREHOLDER, formId));
}
Also used : Group(com.bakdata.conquery.models.auth.entities.Group) FormConfigAPI(com.bakdata.conquery.apiv1.forms.FormConfigAPI) FormConfig(com.bakdata.conquery.models.forms.configs.FormConfig) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) JsonNode(com.fasterxml.jackson.databind.JsonNode) TextNode(com.fasterxml.jackson.databind.node.TextNode) FormConfigId(com.bakdata.conquery.models.identifiable.ids.specific.FormConfigId) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Test(org.junit.jupiter.api.Test)

Example 13 with Group

use of com.bakdata.conquery.models.auth.entities.Group in project conquery by bakdata.

the class PermissionGroupHandlingTest method execute.

/**
 * This is a longer test that plays through different scenarios of permission
 * and role adding/deleting. Creating many objects here to avoid side effects.
 */
@Override
public void execute(StandaloneSupport conquery) throws Exception {
    MetaStorage storage = conquery.getMetaStorage();
    Dataset dataset1 = new Dataset();
    dataset1.setLabel("dataset1");
    ManagedExecutionId query1 = new ManagedExecutionId(dataset1.getId(), UUID.randomUUID());
    Role role1 = new Role("role", "role", storage);
    TestUser user1 = new TestUser(storage);
    Group group1 = new Group("company", "company", storage);
    try {
        storage.addRole(role1);
        storage.addUser(user1);
        storage.addGroup(group1);
        user1.addRole(role1);
        group1.addMember(user1);
        user1.addPermission(ExecutionPermission.onInstance(Ability.READ, query1));
        role1.addPermission(ExecutionPermission.onInstance(Ability.DELETE, query1));
        group1.addPermission(ExecutionPermission.onInstance(Ability.SHARE, query1));
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.READ, query1))).isTrue();
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.DELETE, query1))).isTrue();
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.SHARE, query1))).isTrue();
        // remove user from group
        group1.removeMember(user1);
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.READ, query1))).isTrue();
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.DELETE, query1))).isTrue();
        assertThat(user1.isPermitted(ExecutionPermission.onInstance(Ability.SHARE, query1))).isFalse();
    } finally {
        storage.removeGroup(group1.getId());
        storage.removeUser(user1.getId());
        storage.removeRole(role1.getId());
    }
}
Also used : Role(com.bakdata.conquery.models.auth.entities.Role) Group(com.bakdata.conquery.models.auth.entities.Group) MetaStorage(com.bakdata.conquery.io.storage.MetaStorage) Dataset(com.bakdata.conquery.models.datasets.Dataset) ManagedExecutionId(com.bakdata.conquery.models.identifiable.ids.specific.ManagedExecutionId)

Example 14 with Group

use of com.bakdata.conquery.models.auth.entities.Group in project conquery by bakdata.

the class RestartTest method execute.

@Override
public void execute(String name, TestConquery testConquery) throws Exception {
    // read test specification
    String testJson = In.resource("/tests/query/RESTART_TEST_DATA/SIMPLE_TREECONCEPT_Query.json").withUTF8().readAll();
    Validator validator = Validators.newValidator();
    EntityIdMap entityIdMap = IdMapSerialisationTest.createTestPersistentMap();
    ManagerNode manager = testConquery.getStandaloneCommand().getManager();
    AdminDatasetProcessor adminDatasetProcessor = manager.getAdmin().getAdminDatasetProcessor();
    AdminProcessor adminProcessor = manager.getAdmin().getAdminProcessor();
    StandaloneSupport conquery = testConquery.getSupport(name);
    DatasetId dataset = conquery.getDataset().getId();
    ConqueryTestSpec test = JsonIntegrationTest.readJson(dataset, testJson);
    ValidatorHelper.failOnError(log, validator.validate(test));
    test.importRequiredData(conquery);
    test.executeTest(conquery);
    final int numberOfExecutions = conquery.getMetaStorage().getAllExecutions().size();
    // IDMapping Testing
    NamespaceStorage namespaceStorage = conquery.getNamespaceStorage();
    namespaceStorage.updateIdMapping(entityIdMap);
    final Dataset dataset1 = adminDatasetProcessor.addDataset(TEST_DATASET_1);
    final Dataset dataset2 = adminDatasetProcessor.addDataset(TEST_DATASET_2);
    final Dataset dataset3 = adminDatasetProcessor.addDataset(TEST_DATASET_3);
    final Dataset dataset4 = adminDatasetProcessor.addDataset(TEST_DATASET_4);
    final Dataset dataset5 = adminDatasetProcessor.addDataset(TEST_DATASET_5);
    final Dataset dataset6 = adminDatasetProcessor.addDataset(TEST_DATASET_6);
    MetaStorage storage = conquery.getMetaStorage();
    Role role = new Role("role", "ROLE", storage);
    Role roleToDelete = new Role("roleDelete", "ROLE_DELETE", storage);
    User user = new User("user@test.email", "USER", storage);
    User userToDelete = new User("userDelete@test.email", "USER_DELETE", storage);
    Group group = new Group("group", "GROUP", storage);
    Group groupToDelete = new Group("groupDelete", "GROUP_DELETE", storage);
    {
        // Auth testing (deletion and permission grant)
        // build constellation
        // TODO USE APIS
        adminProcessor.addUser(user);
        adminProcessor.addUser(userToDelete);
        adminProcessor.addRole(role);
        adminProcessor.addRole(roleToDelete);
        adminProcessor.addGroup(group);
        adminProcessor.addGroup(groupToDelete);
        adminProcessor.addRoleTo(user, role);
        adminProcessor.addRoleTo(user, roleToDelete);
        adminProcessor.addRoleTo(userToDelete, role);
        adminProcessor.addRoleTo(userToDelete, roleToDelete);
        adminProcessor.addRoleTo(group, role);
        adminProcessor.addRoleTo(group, roleToDelete);
        adminProcessor.addRoleTo(groupToDelete, role);
        adminProcessor.addRoleTo(groupToDelete, roleToDelete);
        adminProcessor.addUserToGroup(group, user);
        adminProcessor.addUserToGroup(group, userToDelete);
        adminProcessor.addUserToGroup(groupToDelete, user);
        adminProcessor.addUserToGroup(groupToDelete, userToDelete);
        // Adding Permissions
        adminProcessor.createPermission(user, dataset1.createPermission(Ability.READ.asSet()));
        adminProcessor.createPermission(userToDelete, dataset2.createPermission(Ability.READ.asSet()));
        adminProcessor.createPermission(role, dataset3.createPermission(Ability.READ.asSet()));
        adminProcessor.createPermission(roleToDelete, dataset4.createPermission(Ability.READ.asSet()));
        adminProcessor.createPermission(group, dataset5.createPermission(Ability.READ.asSet()));
        adminProcessor.createPermission(groupToDelete, dataset6.createPermission(Ability.READ.asSet()));
        // Delete entities
        // TODO use API
        adminProcessor.deleteUser(userToDelete);
        adminProcessor.deleteRole(roleToDelete);
        adminProcessor.deleteGroup(groupToDelete);
    }
    log.info("Shutting down for restart");
    testConquery.shutdown();
    log.info("Restarting");
    testConquery.beforeAll();
    final StandaloneSupport support = testConquery.openDataset(dataset);
    log.info("Restart complete");
    DatasetRegistry datasetRegistry = support.getDatasetsProcessor().getDatasetRegistry();
    assertThat(support.getMetaStorage().getAllExecutions().size()).as("Executions after restart").isEqualTo(numberOfExecutions);
    test.executeTest(support);
    {
        // Auth actual tests
        User userStored = storage.getUser(user.getId());
        assertThat(userStored).isEqualTo(user);
        assertThat(storage.getRole(role.getId())).isEqualTo(role);
        assertThat(storage.getGroup(group.getId())).isEqualTo(group);
        assertThat(storage.getUser(userToDelete.getId())).as("deleted user should stay deleted").isNull();
        assertThat(storage.getRole(roleToDelete.getId())).as("deleted role should stay deleted").isNull();
        assertThat(storage.getGroup(groupToDelete.getId())).as("deleted group should stay deleted").isNull();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_1.getId()).getDataset(), Ability.READ)).isTrue();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_2.getId()).getDataset(), Ability.READ)).isFalse();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_3.getId()).getDataset(), Ability.READ)).isTrue();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_4.getId()).getDataset(), Ability.READ)).isFalse();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_5.getId()).getDataset(), Ability.READ)).isTrue();
        assertThat(userStored.isPermitted(datasetRegistry.get(TEST_DATASET_6.getId()).getDataset(), Ability.READ)).isFalse();
    }
    EntityIdMap entityIdMapAfterRestart = conquery.getNamespaceStorage().getIdMapping();
    assertThat(entityIdMapAfterRestart).isEqualTo(entityIdMap);
    // We need to reassign the dataset processor because the instance prio to the restart became invalid
    adminDatasetProcessor = testConquery.getStandaloneCommand().getManager().getAdmin().getAdminDatasetProcessor();
    // Cleanup
    adminDatasetProcessor.deleteDataset(dataset1);
    adminDatasetProcessor.deleteDataset(dataset2);
    adminDatasetProcessor.deleteDataset(dataset3);
    adminDatasetProcessor.deleteDataset(dataset4);
    adminDatasetProcessor.deleteDataset(dataset5);
    adminDatasetProcessor.deleteDataset(dataset6);
}
Also used : Group(com.bakdata.conquery.models.auth.entities.Group) User(com.bakdata.conquery.models.auth.entities.User) Dataset(com.bakdata.conquery.models.datasets.Dataset) AdminProcessor(com.bakdata.conquery.resources.admin.rest.AdminProcessor) EntityIdMap(com.bakdata.conquery.models.identifiable.mapping.EntityIdMap) DatasetId(com.bakdata.conquery.models.identifiable.ids.specific.DatasetId) Role(com.bakdata.conquery.models.auth.entities.Role) ManagerNode(com.bakdata.conquery.commands.ManagerNode) MetaStorage(com.bakdata.conquery.io.storage.MetaStorage) ConqueryTestSpec(com.bakdata.conquery.integration.json.ConqueryTestSpec) DatasetRegistry(com.bakdata.conquery.models.worker.DatasetRegistry) NamespaceStorage(com.bakdata.conquery.io.storage.NamespaceStorage) StandaloneSupport(com.bakdata.conquery.util.support.StandaloneSupport) AdminDatasetProcessor(com.bakdata.conquery.resources.admin.rest.AdminDatasetProcessor) Validator(javax.validation.Validator)

Aggregations

Group (com.bakdata.conquery.models.auth.entities.Group)14 User (com.bakdata.conquery.models.auth.entities.User)8 MetaStorage (com.bakdata.conquery.io.storage.MetaStorage)6 Role (com.bakdata.conquery.models.auth.entities.Role)6 DatasetId (com.bakdata.conquery.models.identifiable.ids.specific.DatasetId)5 Dataset (com.bakdata.conquery.models.datasets.Dataset)4 ManagedExecutionId (com.bakdata.conquery.models.identifiable.ids.specific.ManagedExecutionId)3 DatasetRegistry (com.bakdata.conquery.models.worker.DatasetRegistry)3 ConqueryPermission (com.bakdata.conquery.models.auth.permissions.ConqueryPermission)2 GroupId (com.bakdata.conquery.models.identifiable.ids.specific.GroupId)2 ArrayList (java.util.ArrayList)2 Permission (org.apache.shiro.authz.Permission)2 Test (org.junit.jupiter.api.Test)2 FormConfigAPI (com.bakdata.conquery.apiv1.forms.FormConfigAPI)1 CQElement (com.bakdata.conquery.apiv1.query.CQElement)1 ConceptQuery (com.bakdata.conquery.apiv1.query.ConceptQuery)1 ExternalUpload (com.bakdata.conquery.apiv1.query.ExternalUpload)1 ExternalUploadResult (com.bakdata.conquery.apiv1.query.ExternalUploadResult)1 Query (com.bakdata.conquery.apiv1.query.Query)1 QueryDescription (com.bakdata.conquery.apiv1.query.QueryDescription)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial