Examples with PrincipalKey com.enonic.xp.security.PrincipalKey used on opensource projects

Search in sources :

Example 36 with PrincipalKey

use of com.enonic.xp.security.PrincipalKey in project xp by enonic.

the class ContentAuditLogSupportImpl method doUpdate.

private void doUpdate(final UpdateContentParams params, final Content content, final Context rootContext) {
    final PropertyTree data = new PropertyTree();
    final PropertySet paramsSet = data.addSet("params");
    final PropertySet resultSet = data.addSet("result");
    final PrincipalKey modifier = rootContext.getAuthInfo().getUser() != null ? rootContext.getAuthInfo().getUser().getKey() : PrincipalKey.ofAnonymous();
    paramsSet.addString("contentId", nullToNull(params.getContentId()));
    paramsSet.addString("modifier", nullToNull(modifier));
    paramsSet.addBoolean("clearAttachments", params.isClearAttachments());
    paramsSet.addBoolean("requireValid", params.isRequireValid());
    addContent(resultSet, content);
    log("system.content.update", data, content.getId(), rootContext);
}
Also used : PropertyTree(com.enonic.xp.data.PropertyTree) PropertySet(com.enonic.xp.data.PropertySet) PrincipalKey(com.enonic.xp.security.PrincipalKey)

Example 37 with PrincipalKey

use of com.enonic.xp.security.PrincipalKey in project xp by enonic.

the class NodesHasPermissionResolver method execute.

public boolean execute() {
    final Context context = ContextAccessor.current();
    if (context.getAuthInfo().hasRole(RoleKeys.ADMIN)) {
        return true;
    }
    if (nodeIds.isEmpty()) {
        return false;
    }
    final NodeQuery query = NodeQuery.create().addQueryFilter(IdFilter.create().fieldName(NodeIndexPath.ID.getPath()).values(nodeIds).build()).addQueryFilter(ValueFilter.create().fieldName(getPermissionFieldName().getPath()).addValues(context.getAuthInfo().getPrincipals().stream().map(PrincipalKey::toString).collect(Collectors.toList())).build()).searchMode(SearchMode.COUNT).build();
    final FindNodesByQueryResult result = FindNodesByQueryCommand.create(this).query(query).build().execute();
    return result.getTotalHits() == nodeIds.getSize();
}
Also used : Context(com.enonic.xp.context.Context) FindNodesByQueryResult(com.enonic.xp.node.FindNodesByQueryResult) NodeQuery(com.enonic.xp.node.NodeQuery) PrincipalKey(com.enonic.xp.security.PrincipalKey)

Example 38 with PrincipalKey

use of com.enonic.xp.security.PrincipalKey in project xp by enonic.

the class ApplicationAuditLogSupportImpl method log.

private void log(final String type, final PropertyTree data, final AuditLogUris uris) {
    final Context rootContext = ContextBuilder.copyOf(ContextAccessor.current()).build();
    final PrincipalKey userPrincipalKey = rootContext.getAuthInfo().getUser() != null ? rootContext.getAuthInfo().getUser().getKey() : PrincipalKey.ofAnonymous();
    ContextBuilder.from(rootContext).authInfo(AuthenticationInfo.copyOf(rootContext.getAuthInfo()).principals(RoleKeys.AUDIT_LOG).build()).build().callWith(() -> auditLogService.log(LogAuditLogParams.create().type(type).source(SOURCE).data(data).objectUris(uris).user(userPrincipalKey).build()));
}
Also used : Context(com.enonic.xp.context.Context) PrincipalKey(com.enonic.xp.security.PrincipalKey)

Example 39 with PrincipalKey

use of com.enonic.xp.security.PrincipalKey in project xp by enonic.

the class SecurityServiceImplTest method testUpdateIdProvider.

@Test
public void testUpdateIdProvider() throws Exception {
    runAsAdmin(() -> {
        // setup
        final PrincipalKey userKey = PrincipalKey.ofUser(SYSTEM, "User1");
        final PrincipalKey groupKey1 = PrincipalKey.ofGroup(SYSTEM, "Group-a");
        final PrincipalKey groupKey2 = PrincipalKey.ofGroup(SYSTEM, "group-b");
        final IdProviderAccessControlList permissions = IdProviderAccessControlList.of(IdProviderAccessControlEntry.create().principal(userKey).access(CREATE_USERS).build(), IdProviderAccessControlEntry.create().principal(groupKey1).access(ADMINISTRATOR).build(), IdProviderAccessControlEntry.create().principal(groupKey2).access(WRITE_USERS).build());
        final CreateIdProviderParams createIdProvider = CreateIdProviderParams.create().key(IdProviderKey.from("enonic")).displayName("Enonic Id Provider").permissions(permissions).description("old id provider description").build();
        final IdProvider idProviderCreated = securityService.createIdProvider(createIdProvider);
        // exercise
        final IdProviderAccessControlList updatePermissions = IdProviderAccessControlList.of(IdProviderAccessControlEntry.create().principal(userKey).access(CREATE_USERS).build(), IdProviderAccessControlEntry.create().principal(groupKey1).access(ADMINISTRATOR).build());
        final UpdateIdProviderParams updateIdProvider = UpdateIdProviderParams.create().key(IdProviderKey.from("enonic")).displayName("Enonic Id Provider updated").permissions(updatePermissions).description("new id provider description").build();
        final IdProvider idProviderUpdated = securityService.updateIdProvider(updateIdProvider);
        // verify
        assertNotNull(idProviderUpdated);
        assertEquals("enonic", idProviderUpdated.getKey().toString());
        assertEquals("Enonic Id Provider updated", idProviderUpdated.getDisplayName());
        assertEquals("new id provider description", idProviderUpdated.getDescription());
        final IdProviderAccessControlList updatedPermissions = securityService.getIdProviderPermissions(IdProviderKey.from("enonic"));
        assertNotNull(idProviderCreated);
        assertEquals(CREATE_USERS, updatedPermissions.getEntry(userKey).getAccess());
        assertEquals(ADMINISTRATOR, updatedPermissions.getEntry(groupKey1).getAccess());
        assertNull(updatedPermissions.getEntry(groupKey2));
    });
}
Also used : IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) IdProvider(com.enonic.xp.security.IdProvider) PrincipalKey(com.enonic.xp.security.PrincipalKey) CreateIdProviderParams(com.enonic.xp.security.CreateIdProviderParams) UpdateIdProviderParams(com.enonic.xp.security.UpdateIdProviderParams) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 40 with PrincipalKey

use of com.enonic.xp.security.PrincipalKey in project xp by enonic.

the class SecurityServiceImplTest method testUpdateUserDuplicatedEmailWithEditor.

@Test
public void testUpdateUserDuplicatedEmailWithEditor() {
    try {
        runAsAdmin(() -> {
            final PrincipalKey userKey1 = PrincipalKey.ofUser(SYSTEM, "User1");
            final CreateUserParams createUser1 = CreateUserParams.create().userKey(userKey1).displayName("User 1").email("same_email@enonic.com").login("User1").password("123456").build();
            final PrincipalKey userKey2 = PrincipalKey.ofUser(SYSTEM, "user2");
            final CreateUserParams createUser2 = CreateUserParams.create().userKey(userKey2).displayName("User 2").email("same_email@enonic.com").login("user2").build();
            final User user1 = securityService.createUser(createUser1);
            securityService.createUser(createUser2);
            final UpdateUserParams updateUserParams = UpdateUserParams.create(user1).editor(editableUser -> editableUser.email = "same_email@enonic.com").build();
            securityService.updateUser(updateUserParams);
            refresh();
        });
        fail("Expected exception");
    } catch (IllegalArgumentException e) {
        assertEquals("A user with email 'same_email@enonic.com' already exists in id provider 'system'", e.getMessage());
    }
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) IdProviderKey(com.enonic.xp.security.IdProviderKey) PrincipalRelationships(com.enonic.xp.security.PrincipalRelationships) IndexServiceInternalImpl(com.enonic.xp.repo.impl.elasticsearch.IndexServiceInternalImpl) CreateGroupParams(com.enonic.xp.security.CreateGroupParams) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) NodeRepositoryServiceImpl(com.enonic.xp.repo.impl.repository.NodeRepositoryServiceImpl) Role(com.enonic.xp.security.Role) IndexDataServiceImpl(com.enonic.xp.repo.impl.storage.IndexDataServiceImpl) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IndexServiceImpl(com.enonic.xp.repo.impl.index.IndexServiceImpl) AuthenticationException(com.enonic.xp.security.auth.AuthenticationException) ContextBuilder(com.enonic.xp.context.ContextBuilder) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) UpdateIdProviderParams(com.enonic.xp.security.UpdateIdProviderParams) StorageDaoImpl(com.enonic.xp.repo.impl.elasticsearch.storage.StorageDaoImpl) SystemConstants(com.enonic.xp.security.SystemConstants) UpdateRoleParams(com.enonic.xp.security.UpdateRoleParams) CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) PrincipalRelationship(com.enonic.xp.security.PrincipalRelationship) CREATE_USERS(com.enonic.xp.security.acl.IdProviderAccess.CREATE_USERS) Test(org.junit.jupiter.api.Test) SearchDaoImpl(com.enonic.xp.repo.impl.elasticsearch.search.SearchDaoImpl) SecurityConstants(com.enonic.xp.security.SecurityConstants) VersionServiceImpl(com.enonic.xp.repo.impl.version.VersionServiceImpl) NodeStorageServiceImpl(com.enonic.xp.repo.impl.storage.NodeStorageServiceImpl) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) BinaryServiceImpl(com.enonic.xp.repo.impl.binary.BinaryServiceImpl) NodeSearchServiceImpl(com.enonic.xp.repo.impl.search.NodeSearchServiceImpl) RoleKeys(com.enonic.xp.security.RoleKeys) Context(com.enonic.xp.context.Context) IdProvider(com.enonic.xp.security.IdProvider) IdProviderAccessControlEntry(com.enonic.xp.security.acl.IdProviderAccessControlEntry) ADMINISTRATOR(com.enonic.xp.security.acl.IdProviderAccess.ADMINISTRATOR) CreateRoleParams(com.enonic.xp.security.CreateRoleParams) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) EventPublisher(com.enonic.xp.event.EventPublisher) UpdateUserParams(com.enonic.xp.security.UpdateUserParams) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) Callable(java.util.concurrent.Callable) UsernamePasswordAuthToken(com.enonic.xp.security.auth.UsernamePasswordAuthToken) NodeServiceImpl(com.enonic.xp.repo.impl.node.NodeServiceImpl) RepositoryServiceImpl(com.enonic.xp.repo.impl.repository.RepositoryServiceImpl) AuditLogConfig(com.enonic.xp.core.impl.audit.config.AuditLogConfig) AuditLogServiceImpl(com.enonic.xp.core.impl.audit.AuditLogServiceImpl) AuditLogService(com.enonic.xp.audit.AuditLogService) VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken) PrincipalQuery(com.enonic.xp.security.PrincipalQuery) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) PrincipalNotFoundException(com.enonic.xp.security.PrincipalNotFoundException) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) RepositoryEntryServiceImpl(com.enonic.xp.repo.impl.repository.RepositoryEntryServiceImpl) Group(com.enonic.xp.security.Group) AuthenticationToken(com.enonic.xp.security.auth.AuthenticationToken) UpdateGroupParams(com.enonic.xp.security.UpdateGroupParams) IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) WRITE_USERS(com.enonic.xp.security.acl.IdProviderAccess.WRITE_USERS) Mockito(org.mockito.Mockito) PrincipalQueryResult(com.enonic.xp.security.PrincipalQueryResult) NodeVersionServiceImpl(com.enonic.xp.repo.impl.node.dao.NodeVersionServiceImpl) CreateIdProviderParams(com.enonic.xp.security.CreateIdProviderParams) IdProviderAlreadyExistsException(com.enonic.xp.security.IdProviderAlreadyExistsException) PrincipalKey(com.enonic.xp.security.PrincipalKey) PrincipalAlreadyExistsException(com.enonic.xp.security.PrincipalAlreadyExistsException) MemoryBlobStore(com.enonic.xp.internal.blobstore.MemoryBlobStore) BranchServiceImpl(com.enonic.xp.repo.impl.branch.storage.BranchServiceImpl) PrincipalKeys(com.enonic.xp.security.PrincipalKeys) CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) UpdateUserParams(com.enonic.xp.security.UpdateUserParams) PrincipalKey(com.enonic.xp.security.PrincipalKey) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Aggregations

PrincipalKey (com.enonic.xp.security.PrincipalKey)84 Test (org.junit.jupiter.api.Test)47 PropertyTree (com.enonic.xp.data.PropertyTree)22 User (com.enonic.xp.security.User)18 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)15 CreateUserParams (com.enonic.xp.security.CreateUserParams)14 PrincipalKeys (com.enonic.xp.security.PrincipalKeys)14 Instant (java.time.Instant)12 Node (com.enonic.xp.node.Node)10 DescriptorKey (com.enonic.xp.page.DescriptorKey)10 Context (com.enonic.xp.context.Context)9 IdProviderKey (com.enonic.xp.security.IdProviderKey)9 PrincipalRelationship (com.enonic.xp.security.PrincipalRelationship)9 CreateGroupParams (com.enonic.xp.security.CreateGroupParams)8 AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)8 NodeId (com.enonic.xp.node.NodeId)7 NodeQuery (com.enonic.xp.node.NodeQuery)7 ScheduledJob (com.enonic.xp.scheduler.ScheduledJob)7 Group (com.enonic.xp.security.Group)6 AccessControlList (com.enonic.xp.security.acl.AccessControlList)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial