Search in sources :

Example 41 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class NonEntityQueryTest method testConstraints.

@Test
public void testConstraints() throws Exception {
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_NAME_2, passwordEncryption.getPlainHash(USER_PASSWORD), Locale.getDefault());
    assertNotNull(userSession);
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        ValueLoadContext context = ValueLoadContext.create();
        context.setQueryString("select s.name from sys$Server s");
        context.addProperty("name");
        List<KeyValueEntity> list = dataManager.secure().loadValues(context);
        assertEquals(0, list.size());
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : LoginWorker(com.haulmont.cuba.security.app.LoginWorker) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) UserSession(com.haulmont.cuba.security.global.UserSession) KeyValueEntity(com.haulmont.cuba.core.entity.KeyValueEntity) Test(org.junit.Test)

Example 42 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class NonEntityQueryTest method testInMemoryAndSeveralConstraintsWithError.

@Test
public void testInMemoryAndSeveralConstraintsWithError() throws Exception {
    ConfigStorageService configStorageService = AppBeans.get(ConfigStorageService.class);
    configStorageService.setDbProperty("cuba.disableLoadValuesIfConstraints", "true");
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_NAME_2, passwordEncryption.getPlainHash(USER_PASSWORD), Locale.getDefault());
    assertNotNull(userSession);
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        ValueLoadContext context = ValueLoadContext.create();
        context.setQueryString("select s.viewXml from sys$EntitySnapshot s");
        context.addProperty("viewXml");
        try {
            dataManager.secure().loadValues(context);
            fail();
        } catch (RowLevelSecurityException e) {
        }
        context = ValueLoadContext.create();
        context.setQueryString("select s.name, sn.viewXml from sys$Server s, sys$EntitySnapshot sn");
        context.addProperty("name");
        context.addProperty("viewXml");
        try {
            dataManager.secure().loadValues(context);
            fail();
        } catch (RowLevelSecurityException e) {
        }
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : LoginWorker(com.haulmont.cuba.security.app.LoginWorker) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) ConfigStorageService(com.haulmont.cuba.core.app.ConfigStorageService) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) UserSession(com.haulmont.cuba.security.global.UserSession) Test(org.junit.Test)

Example 43 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class NonEntityQueryTest method testIncorrectPathInWhere.

@Test
public void testIncorrectPathInWhere() throws Exception {
    ConfigStorageService configStorageService = AppBeans.get(ConfigStorageService.class);
    configStorageService.setDbProperty("cuba.disableLoadValuesIfConstraints", "true");
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_NAME_1, passwordEncryption.getPlainHash(USER_PASSWORD), Locale.getDefault());
    assertNotNull(userSession);
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        ValueLoadContext context = ValueLoadContext.create();
        context.setQueryString("select s.viewXml from sys$EntitySnapshot s where s.name1 = '1'");
        context.addProperty("viewXml");
        dataManager.secure().loadValues(context);
    } catch (NullPointerException e) {
        fail("Handling property path error");
    } catch (IllegalStateException e) {
        if (!"query path 's.name1' is unresolved".equals(e.getMessage())) {
            throw e;
        }
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : LoginWorker(com.haulmont.cuba.security.app.LoginWorker) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) ConfigStorageService(com.haulmont.cuba.core.app.ConfigStorageService) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) UserSession(com.haulmont.cuba.security.global.UserSession) Test(org.junit.Test)

Example 44 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class NonEntityQueryTest method testDeniedAttribute.

@Test
public void testDeniedAttribute() throws Exception {
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_NAME_1, passwordEncryption.getPlainHash(USER_PASSWORD), Locale.getDefault());
    assertNotNull(userSession);
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        ValueLoadContext context = ValueLoadContext.create();
        context.setQueryString("select s.name from sys$Server s");
        context.addProperty("name");
        List<KeyValueEntity> list = dataManager.secure().loadValues(context);
        assertEquals(1, list.size());
        KeyValueEntity e = list.get(0);
        assertNull(e.getValue("name"));
        context = ValueLoadContext.create();
        context.setQueryString("select count(s.id) from sys$Server s where s.name = 'someServer'");
        context.addProperty("count");
        try {
            dataManager.secure().loadValues(context);
            fail();
        } catch (AccessDeniedException e1) {
        }
        context = ValueLoadContext.create();
        context.setQueryString("select s.name, count(s.id) from sys$Server s group by s.name");
        context.addProperty("name");
        context.addProperty("count");
        try {
            dataManager.secure().loadValues(context);
            fail();
        } catch (AccessDeniedException e1) {
        }
        context = ValueLoadContext.create();
        context.setQueryString("select count(s.id) from sys$Server s join sec$User u on u.login = s.name");
        context.addProperty("count");
        try {
            dataManager.secure().loadValues(context);
            fail();
        } catch (AccessDeniedException e1) {
        }
        context = ValueLoadContext.create();
        context.setQueryString("select count(sn) from sys$Server s, sys$EntitySnapshot sn");
        context.addProperty("count");
        list = dataManager.secure().loadValues(context);
        assertEquals(0, list.size());
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : LoginWorker(com.haulmont.cuba.security.app.LoginWorker) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) UserSession(com.haulmont.cuba.security.global.UserSession) KeyValueEntity(com.haulmont.cuba.core.entity.KeyValueEntity) Test(org.junit.Test)

Example 45 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class NonEntityQueryTest method testInMemoryAndSeveralConstraints.

@Test
public void testInMemoryAndSeveralConstraints() throws Exception {
    ConfigStorageService configStorageService = AppBeans.get(ConfigStorageService.class);
    configStorageService.setDbProperty("cuba.disableLoadValuesIfConstraints", "false");
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_NAME_2, passwordEncryption.getPlainHash(USER_PASSWORD), Locale.getDefault());
    assertNotNull(userSession);
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        ValueLoadContext context = ValueLoadContext.create();
        context.setQueryString("select s.viewXml from sys$EntitySnapshot s");
        context.addProperty("viewXml");
        List<KeyValueEntity> list = dataManager.secure().loadValues(context);
        assertEquals(1, list.size());
        context = ValueLoadContext.create();
        context.setQueryString("select s.name, sn.viewXml from sys$Server s, sys$EntitySnapshot sn");
        context.addProperty("name");
        context.addProperty("viewXml");
        list = dataManager.secure().loadValues(context);
        assertEquals(0, list.size());
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : LoginWorker(com.haulmont.cuba.security.app.LoginWorker) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) ConfigStorageService(com.haulmont.cuba.core.app.ConfigStorageService) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) UserSession(com.haulmont.cuba.security.global.UserSession) KeyValueEntity(com.haulmont.cuba.core.entity.KeyValueEntity) Test(org.junit.Test)

Aggregations

UserSession (com.haulmont.cuba.security.global.UserSession)127 SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)29 LoginWorker (com.haulmont.cuba.security.app.LoginWorker)25 TestUserSessionSource (com.haulmont.cuba.testsupport.TestUserSessionSource)24 LoginException (com.haulmont.cuba.security.global.LoginException)23 Test (org.junit.Test)19 User (com.haulmont.cuba.security.entity.User)17 UUID (java.util.UUID)16 IOException (java.io.IOException)14 NoUserSessionException (com.haulmont.cuba.security.global.NoUserSessionException)12 ArrayList (java.util.ArrayList)11 Locale (java.util.Locale)11 List (java.util.List)10 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9 FileStorageException (com.haulmont.cuba.core.global.FileStorageException)7 LogFileNotFoundException (com.haulmont.cuba.core.sys.logging.LogFileNotFoundException)6 UserSessionSource (com.haulmont.cuba.core.global.UserSessionSource)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 ServletRequestAttributes (org.springframework.web.context.request.ServletRequestAttributes)5 FileDescriptor (com.haulmont.cuba.core.entity.FileDescriptor)4