Examples with DatasetPermission - com.bakdata.conquery.models.auth.permissions.DatasetPermission

Example 1 with DatasetPermission

use of com.bakdata.conquery.models.auth.permissions.DatasetPermission in project conquery by bakdata.

the class RoleHandlingOnGroupTest method execute.

@Override
public void execute(StandaloneSupport conquery) throws Exception {
    Dataset dataset1 = new Dataset();
    dataset1.setLabel("dataset1");
    MetaStorage storage = conquery.getMetaStorage();
    Group group1 = new Group("company", "company", storage);
    Role role = new Role("role1", "role1", storage);
    TestUser user1 = new TestUser(storage);
    try {
        storage.addRole(role);
        storage.addUser(user1);
        storage.addGroup(group1);
        role.addPermission(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")));
        // // Add user to group
        group1.addMember(user1);
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
        // // Add role to group
        group1.addRole(role);
        assertThat(group1.getRoles()).containsExactlyInAnyOrder(role.getId());
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isTrue();
        // // Remove role from group
        group1.removeRole(role);
        assertThat(group1.getRoles()).isEmpty();
        assertThat(user1.isPermitted(new DatasetPermission().instancePermission(Ability.READ, new DatasetId("testDataset")))).isFalse();
    } finally {
        storage.removeGroup(group1.getId());
        storage.removeUser(user1.getId());
        storage.removeRole(role.getId());
    }
}

Also used : Role(com.bakdata.conquery.models.auth.entities.Role) Group(com.bakdata.conquery.models.auth.entities.Group) DatasetPermission(com.bakdata.conquery.models.auth.permissions.DatasetPermission) Dataset(com.bakdata.conquery.models.datasets.Dataset) MetaStorage(com.bakdata.conquery.io.storage.MetaStorage) DatasetId(com.bakdata.conquery.models.identifiable.ids.specific.DatasetId)

Example 2 with DatasetPermission

use of com.bakdata.conquery.models.auth.permissions.DatasetPermission in project conquery by bakdata.

the class PermissionCreationTest method createPermissionIllegalAbility.

@Test
public void createPermissionIllegalAbility() {
    Permission perm = null;
    try {
        // This should fail because the ability is not allowed for a DatasetPermission
        perm = DatasetPermission.onInstance(Ability.SHARE.asSet(), new DatasetId("test"));
    } catch (Exception e) {
        assertThat(e).isInstanceOf(IllegalArgumentException.class);
    }
    // Should not be reached
    assertThat(perm).isNull();
}

Also used : DatasetPermission(com.bakdata.conquery.models.auth.permissions.DatasetPermission) Permission(org.apache.shiro.authz.Permission) DatasetId(com.bakdata.conquery.models.identifiable.ids.specific.DatasetId) Test(org.junit.jupiter.api.Test)

Aggregations

DatasetPermission (com.bakdata.conquery.models.auth.permissions.DatasetPermission)2 DatasetId (com.bakdata.conquery.models.identifiable.ids.specific.DatasetId)2 MetaStorage (com.bakdata.conquery.io.storage.MetaStorage)1 Group (com.bakdata.conquery.models.auth.entities.Group)1 Role (com.bakdata.conquery.models.auth.entities.Role)1 Dataset (com.bakdata.conquery.models.datasets.Dataset)1 Permission (org.apache.shiro.authz.Permission)1 Test (org.junit.jupiter.api.Test)1