use of com.enonic.xp.security.PrincipalKey in project xp by enonic.
the class ApplyNodePermissionsCommandTest method applyPermissionsWithOverwrite.
private void applyPermissionsWithOverwrite() {
final PrincipalKey user1 = PrincipalKey.ofUser(USK, "user1");
final PrincipalKey user2 = PrincipalKey.ofUser(USK, "user2");
final PrincipalKey group1 = PrincipalKey.ofGroup(USK, "group1");
final AccessControlList permissions = AccessControlList.of(AccessControlEntry.create().principal(PrincipalKey.ofAnonymous()).allow(READ, WRITE_PERMISSIONS).build(), AccessControlEntry.create().principal(user1).allow(READ, MODIFY).build(), AccessControlEntry.create().principal(group1).allow(READ, CREATE, DELETE, MODIFY).build());
CreateRootNodeCommand.create().params(CreateRootNodeParams.create().permissions(AccessControlList.create().add(AccessControlEntry.create().principal(TEST_DEFAULT_USER.getKey()).allowAll().build()).build()).build()).indexServiceInternal(this.indexServiceInternal).storageService(this.storageService).searchService(this.searchService).build().execute();
final Node topNode = createNode(CreateNodeParams.create().name("my-node").parent(NodePath.ROOT).permissions(permissions).inheritPermissions(false).build());
final Node child1_1 = createNode(CreateNodeParams.create().name("child1_1").parent(topNode.path()).build());
final Node child1_2 = createNode(CreateNodeParams.create().name("child1_2").parent(topNode.path()).build());
final AccessControlList child1_1_1Permissions = AccessControlList.of(AccessControlEntry.create().principal(PrincipalKey.ofAnonymous()).allow(READ, WRITE_PERMISSIONS).build(), AccessControlEntry.create().principal(user1).allow(READ, MODIFY).build(), AccessControlEntry.create().principal(user2).allow(READ, CREATE, DELETE, MODIFY, PUBLISH).build());
final Node child1_1_1 = createNode(CreateNodeParams.create().name("child1_1_1").parent(child1_1.path()).permissions(child1_1_1Permissions).inheritPermissions(false).build());
final Node child1_2_1 = createNode(CreateNodeParams.create().name("child1_2_1").parent(child1_2.path()).build());
final Node child1_2_2 = createNode(CreateNodeParams.create().name("child1_2_2").parent(child1_2.path()).build());
refresh();
final ApplyNodePermissionsParams params = ApplyNodePermissionsParams.create().nodeId(topNode.id()).permissions(topNode.getPermissions()).overwriteChildPermissions(true).applyPermissionsListener(Mockito.mock(ApplyPermissionsListener.class)).build();
final ApplyNodePermissionsResult updateNodes = ApplyNodePermissionsCommand.create().params(params).indexServiceInternal(this.indexServiceInternal).storageService(this.storageService).searchService(this.searchService).build().execute();
refresh();
assertEquals(6, updateNodes.getSucceedNodes().getSize());
final Node topNodeUpdated = getNodeById(topNode.id());
assertEquals(permissions, topNodeUpdated.getPermissions());
final Node child1_1Updated = getNodeById(child1_1.id());
assertEquals(permissions, child1_1Updated.getPermissions());
assertVersions(child1_1Updated);
assertTrue(child1_1.getTimestamp().isBefore(child1_1_1.getTimestamp()));
final Node child1_2Updated = getNodeById(child1_2.id());
assertEquals(permissions, child1_2Updated.getPermissions());
final Node child1_1_1Updated = getNodeById(child1_1_1.id());
assertEquals(permissions, child1_1_1Updated.getPermissions());
final Node child1_2_1Updated = getNodeById(child1_2_1.id());
assertEquals(permissions, child1_2_1Updated.getPermissions());
final Node child1_2_2Updated = getNodeById(child1_2_2.id());
assertEquals(permissions, child1_2_2Updated.getPermissions());
}
use of com.enonic.xp.security.PrincipalKey in project xp by enonic.
the class IdProviderNodeTranslator method idProviderPermissionsFromNode.
static IdProviderAccessControlList idProviderPermissionsFromNode(final Node idProviderNode, final Node usersNode, final Node groupsNode) {
final IdProviderAccessControlList.Builder acl = IdProviderAccessControlList.create();
final AccessControlList idProviderPermissions = idProviderNode.getPermissions();
final AccessControlList usersPermissions = usersNode.getPermissions();
final AccessControlList groupsPermissions = groupsNode.getPermissions();
final PrincipalKeys principals = PrincipalKeys.from(idProviderPermissions.getAllPrincipals(), usersPermissions.getAllPrincipals(), groupsPermissions.getAllPrincipals());
for (PrincipalKey principal : principals) {
if (idProviderPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE, PUBLISH, READ_PERMISSIONS, WRITE_PERMISSIONS) && usersPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE, PUBLISH, READ_PERMISSIONS, WRITE_PERMISSIONS) && groupsPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE, PUBLISH, READ_PERMISSIONS, WRITE_PERMISSIONS)) {
final IdProviderAccessControlEntry access = IdProviderAccessControlEntry.create().principal(principal).access(ADMINISTRATOR).build();
acl.add(access);
} else if (usersPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE) && groupsPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE)) {
final IdProviderAccessControlEntry access = IdProviderAccessControlEntry.create().principal(principal).access(ID_PROVIDER_MANAGER).build();
acl.add(access);
} else if (usersPermissions.isAllowedFor(principal, READ, CREATE, MODIFY, DELETE)) {
final IdProviderAccessControlEntry access = IdProviderAccessControlEntry.create().principal(principal).access(WRITE_USERS).build();
acl.add(access);
} else if (usersPermissions.isAllowedFor(principal, CREATE)) {
final IdProviderAccessControlEntry access = IdProviderAccessControlEntry.create().principal(principal).access(CREATE_USERS).build();
acl.add(access);
} else if (usersPermissions.isAllowedFor(principal, READ)) {
final IdProviderAccessControlEntry access = IdProviderAccessControlEntry.create().principal(principal).access(IdProviderAccess.READ).build();
acl.add(access);
}
}
return acl.build();
}
use of com.enonic.xp.security.PrincipalKey in project xp by enonic.
the class IssueServiceImplTest_comment method comment_noIssue.
@Test
public void comment_noIssue() throws Exception {
final Instant created = Instant.now().minus(1, ChronoUnit.MINUTES);
final PrincipalKey creator = PrincipalKey.from("user:store:me");
final String creatorDisplayName = "Me Myself";
final CreateIssueCommentParams params = CreateIssueCommentParams.create().text("text").issue(IssueId.create()).creator(creator).creatorDisplayName(creatorDisplayName).created(created).build();
assertThrows(NodeNotFoundException.class, () -> this.issueService.createComment(params));
}
use of com.enonic.xp.security.PrincipalKey in project xp by enonic.
the class SchedulerServiceImplTest method createOneTimeJob.
@Test
void createOneTimeJob() throws Exception {
final ScheduledJobName name = ScheduledJobName.from("test");
final DescriptorKey descriptor = DescriptorKey.from(ApplicationKey.from("com.enonic.app.features"), "landing");
final ScheduleCalendar calendar = calendarService.oneTime(Instant.parse("2021-02-25T10:44:33.170079900Z"));
final PropertyTree config = new PropertyTree();
config.addString("string", "value");
final PrincipalKey user = PrincipalKey.from("user:system:user");
final CreateScheduledJobParams params = CreateScheduledJobParams.create().name(name).descriptor(descriptor).calendar(calendar).config(config).description("description").enabled(true).user(user).build();
final Instant now = Instant.now();
Thread.sleep(100);
final ScheduledJob scheduledJob = adminContext().callWith(() -> schedulerService.create(params));
assertEquals("2021-02-25T10:44:33.170079900Z", ((OneTimeCalendar) scheduledJob.getCalendar()).getValue().toString());
assertEquals(ScheduleCalendarType.ONE_TIME, scheduledJob.getCalendar().getType());
assertEquals("user:system:repo-test-user", scheduledJob.getCreator().toString());
assertEquals("user:system:repo-test-user", scheduledJob.getModifier().toString());
assertTrue(now.isBefore(scheduledJob.getModifiedTime()));
assertTrue(now.isBefore(scheduledJob.getCreatedTime()));
}
use of com.enonic.xp.security.PrincipalKey in project xp by enonic.
the class IssueServiceImplTest_update method update.
@Test
public void update() throws Exception {
final Instant createdTime = Instant.now();
final Issue issue = this.createIssue(createdTime);
final PrincipalKey commentatorKey = PrincipalKey.from("user:myStore:commentator-1");
final UpdateIssueParams updateIssueParams = UpdateIssueParams.create().id(issue.getId()).editor(editMe -> {
editMe.title = "updated title";
editMe.description = "updated description";
editMe.approverIds = PrincipalKeys.from(PrincipalKey.from("user:myStore:approver-1"), PrincipalKey.from("user:myStore:approver-2"));
editMe.publishRequest = PublishRequest.create().addExcludeId(ContentId.from("new-exclude-id")).addItem(PublishRequestItem.create().id(ContentId.from("new-content-id")).includeChildren(true).build()).build();
editMe.issueStatus = IssueStatus.CLOSED;
}).build();
final Issue updatedIssue = this.issueService.update(updateIssueParams);
assertNotNull(updatedIssue);
assertEquals("updated title", updatedIssue.getTitle());
assertEquals("updated description", updatedIssue.getDescription());
assertEquals(IssueStatus.CLOSED, updatedIssue.getStatus());
assertEquals(PrincipalKey.from("user:system:test-user"), updatedIssue.getCreator());
assertEquals(PrincipalKey.from("user:system:test-user"), updatedIssue.getModifier());
assertEquals(PrincipalKey.from("user:myStore:approver-1"), updatedIssue.getApproverIds().first());
assertEquals(ContentId.from("new-exclude-id"), updatedIssue.getPublishRequest().getExcludeIds().first());
assertEquals(ContentId.from("new-content-id"), updatedIssue.getPublishRequest().getItems().first().getId());
assertEquals(true, updatedIssue.getPublishRequest().getItems().first().getIncludeChildren());
assertEquals(IssueNameFactory.create(updatedIssue.getIndex()), updatedIssue.getName());
assertNotEquals(updatedIssue.getCreatedTime(), updatedIssue.getModifiedTime());
}
Aggregations