Examples with Role com.bakdata.conquery.models.auth.entities.Role used on opensource projects

Example 6 with Role

use of com.bakdata.conquery.models.auth.entities.Role in project conquery by bakdata.

the class SerializationTests method user.

/*
	 * Only way to add permission without a storage.
	 */
@Test
public void user() throws IOException, JSONException {
    User user = new User("user", "user", STORAGE);
    user.addPermission(DatasetPermission.onInstance(Ability.READ, new DatasetId("test")));
    user.addPermission(ExecutionPermission.onInstance(Ability.READ, new ManagedExecutionId(new DatasetId("dataset"), UUID.randomUUID())));
    Role role = new Role("company", "company", STORAGE);
    user.addRole(role);
    CentralRegistry registry = new CentralRegistry();
    registry.register(role);
    SerializationTestUtil.forType(User.class).registry(registry).injectables(STORAGE).test(user);
}

Example 7 with Role

use of com.bakdata.conquery.models.auth.entities.Role in project conquery by bakdata.

the class CopyUserTest method testUserCopy.

@Test
void testUserCopy() {
    final DatasetRegistry registry = new DatasetRegistry(0);
    MetaStorage storage = new NonPersistentStoreFactory().createMetaStorage();
    registry.setMetaStorage(storage);
    // Create test role
    Role role = new Role("role", "role", storage);
    storage.addRole(role);
    role.addPermission(DatasetPermission.onInstance(Ability.READ, new DatasetId("dataset0")));
    // Create test group
    Group group = new Group("group", "group", storage);
    storage.addGroup(group);
    group.addPermission(DatasetPermission.onInstance(Ability.READ, new DatasetId("dataset1")));
    // Create original user with role and group mapping
    User originUser = new User("user", "user", storage);
    storage.addUser(originUser);
    originUser.addRole(role);
    group.addMember(originUser);
    // Do copy
    User copy = AuthorizationController.flatCopyUser(originUser, "copytest", storage);
    // Check that it is not the same user
    assertThat(copy).usingRecursiveComparison().isNotEqualTo(originUser);
    // Check that the copy does not have any mappings
    assertThat(group.containsMember(copy)).isFalse();
    assertThat(copy.getRoles()).isEmpty();
    // Check that the flat map worked
    assertThat(copy.getPermissions()).containsExactlyInAnyOrderElementsOf(originUser.getEffectivePermissions());
}

Example 8 with Role

use of com.bakdata.conquery.models.auth.entities.Role in project conquery by bakdata.

the class UIProcessor method getAuthOverview.

public FEAuthOverview getAuthOverview() {
    Collection<FEAuthOverview.OverviewRow> overview = new TreeSet<>();
    for (User user : getStorage().getAllUsers()) {
        Collection<Group> userGroups = AuthorizationHelper.getGroupsOf(user, getStorage());
        List<Role> effectiveRoles = user.getRoles().stream().map(getStorage()::getRole).collect(Collectors.toList());
        userGroups.forEach(g -> effectiveRoles.addAll(g.getRoles().stream().map(getStorage()::getRole).collect(Collectors.toList())));
        overview.add(FEAuthOverview.OverviewRow.builder().user(user).groups(userGroups).effectiveRoles(effectiveRoles).build());
    }
    return FEAuthOverview.builder().overview(overview).build();
}

Example 9 with Role

use of com.bakdata.conquery.models.auth.entities.Role in project conquery by bakdata.

the class SerializationTests method group.

@Test
public void group() throws IOException, JSONException {
    Group group = new Group("group", "group", STORAGE);
    group.addPermission(DatasetPermission.onInstance(Ability.READ, new DatasetId("test")));
    group.addPermission(ExecutionPermission.onInstance(Ability.READ, new ManagedExecutionId(new DatasetId("dataset"), UUID.randomUUID())));
    group.addRole(new Role("company", "company", STORAGE));
    Role role = new Role("company", "company", STORAGE);
    group.addRole(role);
    User user = new User("userName", "userLabel", STORAGE);
    group.addMember(user);
    CentralRegistry registry = new CentralRegistry();
    registry.register(role);
    registry.register(user);
    SerializationTestUtil.forType(Group.class).injectables(STORAGE).registry(registry).test(group);
}

Example 10 with Role

use of com.bakdata.conquery.models.auth.entities.Role in project conquery by bakdata.

the class RoleHandlingOnGroupTest method execute.

@Override
public void execute(StandaloneSupport conquery) throws Exception {
    Dataset dataset1 = new Dataset();
    dataset1.setLabel("dataset1");
    MetaStorage storage = conquery.getMetaStorage();
    Group group1 = new Group("company", "company", storage);
    Role role = new Role("role1", "role1", storage);
    TestUser user1 = new TestUser(storage);
    try {
        storage.addRole(role);
        storage.addUser(user1);
        storage.addGroup(group1);
        role.addPermission(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")));
        // // Add user to group
        group1.addMember(user1);
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
        // // Add role to group
        group1.addRole(role);
        assertThat(group1.getRoles()).containsExactlyInAnyOrder(role.getId());
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isTrue();
        // // Remove role from group
        group1.removeRole(role);
        assertThat(group1.getRoles()).isEmpty();
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
    } finally {
        storage.removeGroup(group1.getId());
        storage.removeUser(user1.getId());
        storage.removeRole(role.getId());
    }
}