Search in sources :

Example 16 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class ApplicationsResourceTest method shouldCreateApplication.

@Test
public void shouldCreateApplication() throws ExecutionException, ResourceException {
    //given
    SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
    RealmContext realmContext = new RealmContext(mockSSOTokenContext);
    realmContext.setSubRealm("/", "/");
    CreateRequest mockCreateRequest = mock(CreateRequest.class);
    Subject mockSubject = new Subject();
    Application mockApplication = mock(Application.class);
    applicationsResource = new ApplicationsResource(debug, applicationManagerWrapper, applicationTypeManagerWrapper, queryAttributes, resourceErrorHandler) {

        @Override
        protected ApplicationWrapper createApplicationWrapper(JsonValue jsonValue, Subject mySubject) throws EntitlementException {
            return applicationWrapper;
        }

        @Override
        protected ApplicationWrapper createApplicationWrapper(Application application, ApplicationTypeManagerWrapper type) {
            return applicationWrapper;
        }
    };
    given(mockSSOTokenContext.getCallerSubject()).willReturn(mockSubject);
    given(applicationWrapper.getApplication()).willReturn(mockApplication);
    given(mockApplication.getName()).willReturn("newApplication");
    //when
    Promise<ResourceResponse, ResourceException> result = applicationsResource.createInstance(realmContext, mockCreateRequest);
    //then
    assertThat(result.getOrThrowUninterruptibly()).isNotNull();
}
Also used : RealmContext(org.forgerock.openam.rest.RealmContext) ApplicationTypeManagerWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeManagerWrapper) CreateRequest(org.forgerock.json.resource.CreateRequest) JsonValue(org.forgerock.json.JsonValue) Subject(javax.security.auth.Subject) EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) ResourceResponse(org.forgerock.json.resource.ResourceResponse) ResourceException(org.forgerock.json.resource.ResourceException) Application(com.sun.identity.entitlement.Application) Test(org.testng.annotations.Test)

Example 17 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class ApplicationsResourceTest method reservedInternalAppIsMappedDuringQuery.

@Test
public void reservedInternalAppIsMappedDuringQuery() throws EntitlementException, IllegalAccessException, InstantiationException {
    // Override the creation of the application wrapper so to return a mocked version.
    applicationsResource = new ApplicationsResource(debug, applicationManagerWrapper, applicationTypeManagerWrapper, queryAttributes, resourceErrorHandler) {

        @Override
        protected ApplicationWrapper createApplicationWrapper(Application application, ApplicationTypeManagerWrapper type) {
            ApplicationWrapper wrapper = mock(ApplicationWrapper.class);
            String appName = application.getName();
            given(wrapper.getName()).willReturn(appName);
            try {
                JsonValue jsonValue = JsonValueBuilder.jsonValue().put("name", "agentProtectedApplication").build();
                given(wrapper.toJsonValue()).willReturn(jsonValue);
            } catch (EntitlementException e) {
                fail();
            }
            return wrapper;
        }
    };
    // Given...
    SSOTokenContext mockSubjectContext = mock(SSOTokenContext.class);
    RealmContext realmContext = new RealmContext(mockSubjectContext);
    realmContext.setSubRealm("abc", "abc");
    Context serverContext = ClientContext.newInternalClientContext(realmContext);
    QueryRequest request = mock(QueryRequest.class);
    given(request.getSortKeys()).willReturn(Arrays.asList(SortKey.ascendingOrder("name")));
    Subject subject = new Subject();
    given(mockSubjectContext.getCallerSubject()).willReturn(subject);
    Set<String> appNames = asSet("iPlanetAMWebAgentService");
    given(applicationManagerWrapper.search(eq(subject), eq("/abc"), any(Set.class))).willReturn(appNames);
    Application app = mock(Application.class);
    given(applicationManagerWrapper.getApplication(eq(subject), eq("/abc"), eq("iPlanetAMWebAgentService"))).willReturn(app);
    given(app.getName()).willReturn("agentProtectedApplication");
    QueryResourceHandler handler = mock(QueryResourceHandler.class);
    given(handler.handleResource(any(ResourceResponse.class))).willReturn(true);
    // When...
    applicationsResource.queryCollection(serverContext, request, handler);
    // Then...
    verify(applicationManagerWrapper).search(eq(subject), eq("/abc"), any(Set.class));
    verify(applicationManagerWrapper).getApplication(eq(subject), eq("/abc"), anyString());
    ArgumentCaptor<ResourceResponse> resourceCapture = ArgumentCaptor.forClass(ResourceResponse.class);
    verify(handler).handleResource(resourceCapture.capture());
    ResourceResponse resource = resourceCapture.getValue();
    assertThat(resource.getId()).isEqualTo("agentProtectedApplication");
}
Also used : ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) Context(org.forgerock.services.context.Context) Set(java.util.Set) RealmContext(org.forgerock.openam.rest.RealmContext) QueryRequest(org.forgerock.json.resource.QueryRequest) ApplicationTypeManagerWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeManagerWrapper) JsonValue(org.forgerock.json.JsonValue) Matchers.anyString(org.mockito.Matchers.anyString) Subject(javax.security.auth.Subject) EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) ResourceResponse(org.forgerock.json.resource.ResourceResponse) QueryResourceHandler(org.forgerock.json.resource.QueryResourceHandler) Application(com.sun.identity.entitlement.Application) Test(org.testng.annotations.Test)

Example 18 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class UpgradeResourceTypeStep method upgradeApplication.

/**
     * Add the resource type UUID to the application and persist it.
     * @param ec The EntitlementConfiguration for the realm in which the application resides.
     * @param appName Name of the application.
     * @param resourceTypeUUID The resource type associated with the application.
     * @throws UpgradeException If the application failed to persist.
     */
private void upgradeApplication(EntitlementConfiguration ec, String appName, String resourceTypeUUID) throws UpgradeException {
    try {
        UpgradeProgress.reportStart(AUDIT_MODIFIED_APP_UUID_START, appName);
        final Application application = ec.getApplication(appName);
        application.addAllResourceTypeUuids(Collections.singleton(resourceTypeUUID));
        ec.storeApplication(application);
        UpgradeProgress.reportEnd(AUDIT_UPGRADE_SUCCESS);
    } catch (EntitlementException ee) {
        UpgradeProgress.reportEnd(AUDIT_UPGRADE_FAIL);
        throw new UpgradeException("Failed to add resource type uuid to application " + appName, ee);
    }
}
Also used : UpgradeException(org.forgerock.openam.upgrade.UpgradeException) EntitlementException(com.sun.identity.entitlement.EntitlementException) Application(com.sun.identity.entitlement.Application)

Example 19 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class OldPolicyConditionMigrationUpgradeStep method addResourceType.

private void addResourceType(Privilege privilege, String realm) throws UpgradeException, EntitlementException {
    Application application = privilege.getEntitlement().getApplication(getAdminSubject(), realm);
    Set<String> resourceTypeUuids = application.getResourceTypeUuids();
    if (CollectionUtils.isNotEmpty(resourceTypeUuids)) {
        // UpgradeResourceTypeStep only creates one Resource Type for each application, so there should
        // only be one resource type associated with the application at this stage
        privilege.setResourceTypeUuid(application.getResourceTypeUuids().iterator().next());
    } else {
        DEBUG.error("Failed to modify privilege {} in realm {}! Associated application has no Resource Types.", privilege.getName(), realm);
        throw new UpgradeException("Failed to modify privilege!");
    }
}
Also used : UpgradeException(org.forgerock.openam.upgrade.UpgradeException) Application(com.sun.identity.entitlement.Application)

Example 20 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class ApplicationV1Filter method filterUpdate.

/**
     * Update expects the application json to contain both actions and resources; these attributes are part of the old
     * json definition for an application. It also expects that the mentioned application exists with exactly one
     * resource type - no resource types or many resource types is not acceptable, else it is impossible to determine
     * which resource type applies to the set of actions and resources being passed as part of the application json.
     * <p/>
     * Changes to the actions and/or resources will be reflected in the applications associated resource type.
     *
     * @param context
     *         the filter chain context
     * @param request
     *         the update request
     * @param next
     *         a request handler representing the remainder of the filter chain
     */
@Override
public Promise<ResourceResponse, ResourceException> filterUpdate(final Context context, final UpdateRequest request, final RequestHandler next) {
    final JsonValue jsonValue = request.getContent();
    final Map<String, Boolean> actions = jsonValue.get(ACTIONS).asMap(Boolean.class);
    final Set<String> resources = jsonValue.get(RESOURCES).asSet(String.class);
    final String bodyRealm = jsonValue.get(REALM).asString();
    final String pathRealm = contextHelper.getRealm(context);
    if (actions == null) {
        return new BadRequestException("Invalid actions defined in request").asPromise();
    }
    if (resources == null) {
        return new BadRequestException("Invalid resources defined in request").asPromise();
    }
    if (!pathRealm.equals(bodyRealm)) {
        return resourceErrorHandler.handleError(context, request, new EntitlementException(EntitlementException.INVALID_APP_REALM, new String[] { bodyRealm, pathRealm })).asPromise();
    }
    final Subject callingSubject = contextHelper.getSubject(context);
    final String applicationName = request.getResourcePath();
    try {
        final ApplicationService applicationService = applicationServiceFactory.create(callingSubject, pathRealm);
        final Application application = applicationService.getApplication(applicationName);
        if (application == null) {
            return new NotFoundException("Unable to find application " + applicationName).asPromise();
        }
        if (application.getResourceTypeUuids().size() != 1) {
            return new BadRequestException("Cannot modify application with more than one " + "resource type using version 1.0 of this endpoint").asPromise();
        }
        // Retrieve the resource type from the applications single resource type.
        final String resourceTypeUuid = application.getResourceTypeUuids().iterator().next();
        ResourceType resourceType = resourceTypeService.getResourceType(callingSubject, pathRealm, resourceTypeUuid);
        boolean resourceTypeModified = false;
        if (!actions.equals(resourceType.getActions())) {
            resourceTypeModified = true;
            resourceType = resourceType.populatedBuilder().setActions(actions).build();
        }
        if (!resources.equals(resourceType.getPatterns())) {
            resourceTypeModified = true;
            resourceType = resourceType.populatedBuilder().setPatterns(resources).build();
        }
        if (resourceTypeModified) {
            resourceTypeService.updateResourceType(callingSubject, pathRealm, resourceType);
        }
        // Ensure the resource type UUID isn't lost.
        jsonValue.put(RESOURCE_TYPE_UUIDS, new HashSet<String>(Arrays.asList(resourceTypeUuid)));
    } catch (EntitlementException eE) {
        debug.error("Error filtering application update CREST request", eE);
        return resourceErrorHandler.handleError(context, request, eE).asPromise();
    }
    // Forward onto next handler.
    return applicationTransformer.transform(next.handleUpdate(context, request), context);
}
Also used : JsonValue(org.forgerock.json.JsonValue) NotFoundException(org.forgerock.json.resource.NotFoundException) ResourceType(org.forgerock.openam.entitlement.ResourceType) Subject(javax.security.auth.Subject) EntitlementException(com.sun.identity.entitlement.EntitlementException) BadRequestException(org.forgerock.json.resource.BadRequestException) Application(com.sun.identity.entitlement.Application) ApplicationService(org.forgerock.openam.entitlement.service.ApplicationService)

Aggregations

Application (com.sun.identity.entitlement.Application)65 EntitlementException (com.sun.identity.entitlement.EntitlementException)37 Subject (javax.security.auth.Subject)29 ResourceResponse (org.forgerock.json.resource.ResourceResponse)22 Test (org.testng.annotations.Test)22 HashSet (java.util.HashSet)20 JsonValue (org.forgerock.json.JsonValue)18 Set (java.util.Set)16 ResourceException (org.forgerock.json.resource.ResourceException)16 RealmContext (org.forgerock.openam.rest.RealmContext)16 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)16 HashMap (java.util.HashMap)15 ClientContext (org.forgerock.services.context.ClientContext)13 Context (org.forgerock.services.context.Context)13 Matchers.anyString (org.mockito.Matchers.anyString)13 UpgradeException (org.forgerock.openam.upgrade.UpgradeException)10 UpdateRequest (org.forgerock.json.resource.UpdateRequest)9 ApplicationWrapper (org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper)9 Map (java.util.Map)8 BadRequestException (org.forgerock.json.resource.BadRequestException)7