Examples with AuthorizationType com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType used on opensource projects

Search in sources :

Example 6 with AuthorizationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType in project midpoint by Evolveum.

the class UserProfileServiceMock method initializePrincipalFromAssignments.

private void initializePrincipalFromAssignments(MidPointPrincipal principal, PrismObject<SystemConfigurationType> systemConfiguration) {
    OperationResult result = new OperationResult(UserProfileServiceMock.class.getName() + ".addAuthorizations");
    principal.setApplicableSecurityPolicy(locateSecurityPolicy(principal, systemConfiguration, result));
    if (systemConfiguration != null) {
        principal.setAdminGuiConfiguration(systemConfiguration.asObjectable().getAdminGuiConfiguration());
    }
    AuthorizationType authorizationType = new AuthorizationType();
    authorizationType.getAction().add("FAKE");
    principal.getAuthorities().add(new Authorization(authorizationType));
    ActivationType activation = principal.getUser().getActivation();
    if (activation != null) {
        activationComputer.computeEffective(principal.getUser().getLifecycleState(), activation);
    }
}
Also used : Authorization(com.evolveum.midpoint.security.api.Authorization) ActivationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) AuthorizationType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType)

Example 7 with AuthorizationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType in project midpoint by Evolveum.

the class AbstractSecurityTest method test000Sanity.

@Test
public void test000Sanity() throws Exception {
    final String TEST_NAME = "test000Sanity";
    TestUtil.displayTestTile(this, TEST_NAME);
    assertLoggedInUser(USER_ADMINISTRATOR_USERNAME);
    // WHEN
    PrismObject<RoleType> roleSelf = getRole(ROLE_SELF_OID);
    // THEN
    display("Role self", roleSelf);
    List<AuthorizationType> authorizations = roleSelf.asObjectable().getAuthorization();
    assertEquals("Wrong number of authorizations", 2, authorizations.size());
    AuthorizationType authRead = findAutz(authorizations, ModelAuthorizationAction.READ.getUrl());
    assertEquals("Wrong action in authorization", ModelAuthorizationAction.READ.getUrl(), authRead.getAction().get(0));
    List<OwnedObjectSelectorType> objectSpecs = authRead.getObject();
    assertEquals("Wrong number of object specs in authorization", 1, objectSpecs.size());
    SubjectedObjectSelectorType objectSpec = objectSpecs.get(0);
    List<SpecialObjectSpecificationType> specials = objectSpec.getSpecial();
    assertEquals("Wrong number of specials in object specs in authorization", 1, specials.size());
    SpecialObjectSpecificationType special = specials.get(0);
    assertEquals("Wrong special in object specs in authorization", SpecialObjectSpecificationType.SELF, special);
}
Also used : SubjectedObjectSelectorType(com.evolveum.midpoint.xml.ns._public.common.common_3.SubjectedObjectSelectorType) OwnedObjectSelectorType(com.evolveum.midpoint.xml.ns._public.common.common_3.OwnedObjectSelectorType) RoleType(com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType) SpecialObjectSpecificationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SpecialObjectSpecificationType) AuthorizationType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType) Test(org.testng.annotations.Test) AbstractInitializedModelIntegrationTest(com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)

Example 8 with AuthorizationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType in project midpoint by Evolveum.

the class SelfRegistrationAuthenticationChannel method resolveAuthorities.

@Override
public Collection<Authorization> resolveAuthorities(Collection<Authorization> authorities) {
    ArrayList<Authorization> newAuthorities = new ArrayList<>();
    AuthorizationType authorizationType = new AuthorizationType();
    authorizationType.getAction().add(AuthorizationConstants.AUTZ_UI_SELF_REGISTRATION_FINISH_URL);
    Authorization selfServiceCredentialsAuthz = new Authorization(authorizationType);
    newAuthorities.add(selfServiceCredentialsAuthz);
    authorities.addAll(newAuthorities);
    return authorities;
}
Also used : Authorization(com.evolveum.midpoint.security.api.Authorization) ArrayList(java.util.ArrayList) AuthorizationType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType)

Example 9 with AuthorizationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType in project midpoint by Evolveum.

the class TestSecurityMultitenant method test116AutzLetoProtectTenantAdminRole.

/**
 * Make sure that tenant admin cannot break tenant admin role.
 */
@Test
public void test116AutzLetoProtectTenantAdminRole() throws Exception {
    // GIVEN
    cleanupAutzTest(null);
    login(USER_LETO_ATREIDES_NAME);
    // WHEN
    when();
    assertAddDeny(ROLE_ATREIDES_HACKER_FILE);
    AuthorizationType superuserAuthorization = new AuthorizationType().action(AuthorizationConstants.AUTZ_ALL_URL);
    assertDeny("add authorizations to atreides admin", (task, result) -> modifyObjectAddContainer(RoleType.class, ROLE_ATREIDES_ADMIN_OID, RoleType.F_AUTHORIZATION, task, result, superuserAuthorization));
    assertDeny("induce superuser", (task, result) -> induceRole(ROLE_ATREIDES_ADMIN_OID, ROLE_SUPERUSER_OID, task, result));
    assertDeny("add dummy account", (task, result) -> assignAccount(UserType.class, USER_PAUL_ATREIDES_OID, RESOURCE_DUMMY_OID, null, task, result));
    PolicyRuleType policyRule = new PolicyRuleType();
    policyRule.beginPolicyConstraints().beginMinAssignees().multiplicity("1");
    assertDeny("assign policy rule", (task, result) -> assignPolicyRule(RoleType.class, ROLE_ATREIDES_ADMIN_OID, policyRule, task, result));
    AssignmentType policyExceptionAssignment = new AssignmentType();
    policyExceptionAssignment.beginPolicyException().ruleName("foobar");
    assertDeny("assign policy exception", (task, result) -> assign(RoleType.class, ROLE_ATREIDES_ADMIN_OID, policyExceptionAssignment, task, result));
    PolicyExceptionType policyException = new PolicyExceptionType().ruleName("foofoo");
    assertDeny("add policyException to atreides admin", (task, result) -> modifyObjectAddContainer(RoleType.class, ROLE_ATREIDES_ADMIN_OID, RoleType.F_POLICY_EXCEPTION, task, result, policyException));
    // THEN
    then();
    assertGlobalStateUntouched();
}
Also used : PolicyRuleType(com.evolveum.midpoint.xml.ns._public.common.common_3.PolicyRuleType) PolicyExceptionType(com.evolveum.midpoint.xml.ns._public.common.common_3.PolicyExceptionType) RoleType(com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType) AssignmentType(com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType) AuthorizationType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) Test(org.testng.annotations.Test)

Aggregations

AuthorizationType (com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType)9 Authorization (com.evolveum.midpoint.security.api.Authorization)5 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)2 RoleType (com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType)2 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)2 ArrayList (java.util.ArrayList)2 Test (org.testng.annotations.Test)2 AbstractInitializedModelIntegrationTest (com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)1 PrismObject (com.evolveum.midpoint.prism.PrismObject)1 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)1 MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1 Task (com.evolveum.midpoint.task.api.Task)1 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)1 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)1 ActivationType (com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType)1 AssignmentType (com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType)1 OwnedObjectSelectorType (com.evolveum.midpoint.xml.ns._public.common.common_3.OwnedObjectSelectorType)1 PolicyExceptionType (com.evolveum.midpoint.xml.ns._public.common.common_3.PolicyExceptionType)1 PolicyRuleType (com.evolveum.midpoint.xml.ns._public.common.common_3.PolicyRuleType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial