Example 26 with AuthenticationInfo
use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.
the class LoginHandlerTest method testSessionInvalidatedOnLogin.
@Test
public void testSessionInvalidatedOnLogin() {
final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
final IdProviders idProviders = IdProviders.from(IdProvider.create().displayName("system").key(IdProviderKey.from("system")).build());
Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
final SessionMock session = Mockito.spy(new SessionMock());
ContextAccessor.current().getLocalScope().setSession(session);
runScript("/lib/xp/examples/auth/login.js");
verify(session, times(5)).invalidate();
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
SessionMock(com.enonic.xp.session.SessionMock)
Test(org.junit.jupiter.api.Test)
Example 27 with AuthenticationInfo
use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.
the class ChangePasswordHandlerTest method testExamples.
@Test
public void testExamples() {
final AuthenticationInfo authInfo = AuthenticationInfo.create().user(TestDataFixtures.getTestUser()).principals(RoleKeys.ADMIN_LOGIN).build();
this.session.setAttribute(authInfo);
runScript("/lib/xp/examples/auth/changePassword.js");
Mockito.verify(this.securityService).setPassword(eq(authInfo.getUser().getKey()), eq("new-secret-password"));
}
Also used :
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Test(org.junit.jupiter.api.Test)
Example 28 with AuthenticationInfo
use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.
the class NodePermissionsResolverTest method hasPermissionAll.
@Test
public void hasPermissionAll() throws Exception {
final AuthenticationInfo authInfo = AuthenticationInfo.create().user(User.create().key(USER_A).login("usera").build()).principals(USER_A, GROUP_B, ROLE_C).build();
final AccessControlList nodePermissions = AccessControlList.create().add(AccessControlEntry.create().principal(USER_A).allow(READ).build()).add(AccessControlEntry.create().principal(GROUP_B).allow(CREATE).build()).add(AccessControlEntry.create().principal(ROLE_C).allow(READ, MODIFY, CREATE).build()).build();
assertTrue(NodePermissionsResolver.userHasPermission(authInfo, READ, nodePermissions));
assertTrue(NodePermissionsResolver.userHasPermission(authInfo, CREATE, nodePermissions));
assertTrue(NodePermissionsResolver.userHasPermission(authInfo, MODIFY, nodePermissions));
assertFalse(NodePermissionsResolver.userHasPermission(authInfo, PUBLISH, nodePermissions));
}
Also used :
AccessControlList(com.enonic.xp.security.acl.AccessControlList)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Test(org.junit.jupiter.api.Test)
Example 29 with AuthenticationInfo
use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.
the class NodePermissionsResolverTest method hasPermissionSome.
@Test
public void hasPermissionSome() throws Exception {
final AuthenticationInfo authInfo = AuthenticationInfo.create().user(User.create().key(USER_A).login("usera").build()).principals(USER_A, ROLE_C).build();
final AccessControlList nodePermissions = AccessControlList.create().add(AccessControlEntry.create().principal(USER_A).allow(READ).build()).add(AccessControlEntry.create().principal(GROUP_B).allow(CREATE).build()).add(AccessControlEntry.create().principal(ROLE_C).allow(MODIFY).build()).build();
assertTrue(NodePermissionsResolver.userHasPermission(authInfo, READ, nodePermissions));
assertFalse(NodePermissionsResolver.userHasPermission(authInfo, CREATE, nodePermissions));
assertTrue(NodePermissionsResolver.userHasPermission(authInfo, MODIFY, nodePermissions));
assertFalse(NodePermissionsResolver.userHasPermission(authInfo, PUBLISH, nodePermissions));
}
Also used :
AccessControlList(com.enonic.xp.security.acl.AccessControlList)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Test(org.junit.jupiter.api.Test)
Example 30 with AuthenticationInfo
use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.
the class HasRoleHandlerTest method testDoesNotHaveRole.
@Test
public void testDoesNotHaveRole() {
final AuthenticationInfo authInfo = AuthenticationInfo.create().user(TestDataFixtures.getTestUser()).principals(RoleKeys.ADMIN_LOGIN).build();
this.session.setAttribute(authInfo);
runFunction("/test/hasRole-test.js", "doesNotHaveRole");
}
Also used :
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Test(org.junit.jupiter.api.Test)
Aggregations
AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)67
Test (org.junit.jupiter.api.Test)44
Context (com.enonic.xp.context.Context)17
User (com.enonic.xp.security.User)17
Session (com.enonic.xp.session.Session)9
CreateUserParams (com.enonic.xp.security.CreateUserParams)7
AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)6
IdProviders (com.enonic.xp.security.IdProviders)6
EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)6
VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)6
PropertyTree (com.enonic.xp.data.PropertyTree)5
AccessControlList (com.enonic.xp.security.acl.AccessControlList)5
UsernamePasswordAuthToken (com.enonic.xp.security.auth.UsernamePasswordAuthToken)5
PrincipalKey (com.enonic.xp.security.PrincipalKey)4
SessionMock (com.enonic.xp.session.SessionMock)4
LogAuditLogParams (com.enonic.xp.audit.LogAuditLogParams)2
Content (com.enonic.xp.content.Content)2
ProjectName (com.enonic.xp.project.ProjectName)2
AbstractNodeTest (com.enonic.xp.repo.impl.node.AbstractNodeTest)2
IdProvider (com.enonic.xp.security.IdProvider)2
