use of com.orientechnologies.orient.core.metadata.security.ORole in project orientdb by orientechnologies.
the class OSystemUserAuthenticator method isAuthorized.
// OSecurityAuthenticator
// If not supported by the authenticator, return false.
// Checks to see if a
public boolean isAuthorized(final String username, final String resource) {
if (username == null || resource == null)
return false;
try {
if (getServer() != null) {
OUser user = getServer().getSecurity().getSystemUser(username, null);
if (user != null && user.getAccountStatus() == OSecurityUser.STATUSES.ACTIVE) {
ORole role = null;
ORule.ResourceGeneric rg = ORule.mapLegacyResourceToGenericResource(resource);
if (rg != null) {
String specificResource = ORule.mapLegacyResourceToSpecificResource(resource);
if (specificResource == null || specificResource.equals("*")) {
specificResource = null;
}
role = user.checkIfAllowed(rg, specificResource, ORole.PERMISSION_EXECUTE);
}
return role != null;
}
}
} catch (Exception ex) {
OLogManager.instance().error(this, "isAuthorized() Exception: %s", ex.getMessage());
}
return false;
}
use of com.orientechnologies.orient.core.metadata.security.ORole in project orientdb by orientechnologies.
the class RestrictedTest method testReaderRoleDesntInheritsFromWriterRole.
@Test(dependsOnMethods = "testReaderRoleCanSeeInheritedDocument")
public void testReaderRoleDesntInheritsFromWriterRole() throws IOException {
database.open("admin", "admin");
ORole reader = database.getMetadata().getSecurity().getRole("reader");
reader.setParentRole(null);
reader.save();
}
use of com.orientechnologies.orient.core.metadata.security.ORole in project orientdb by orientechnologies.
the class RestrictedTest method testReaderRoleInheritsFromWriterRole.
@Test(dependsOnMethods = "testReaderCannotSeeWriterDocumentAgain")
public void testReaderRoleInheritsFromWriterRole() throws IOException {
database.open("admin", "admin");
ORole reader = database.getMetadata().getSecurity().getRole("reader");
reader.setParentRole(database.getMetadata().getSecurity().getRole("writer"));
reader.save();
}
Aggregations