Search in sources :

Example 6 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class EntitlementRegistryTest method shouldReturnCorrectSubjectName.

@Test
public void shouldReturnCorrectSubjectName() {
    // Given
    String name = "test";
    EntitlementSubject testSubject = new JwtClaimSubject();
    testRegistry.registerSubjectType(EntitlementSubject.class);
    testRegistry.registerSubjectType(name, JwtClaimSubject.class);
    // When
    String result = testRegistry.getSubjectName(testSubject);
    // Then
    assertThat(result).isEqualTo(name);
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) JwtClaimSubject(com.sun.identity.entitlement.JwtClaimSubject) Test(org.testng.annotations.Test)

Example 7 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgrader method isSubjectConditionUpgradable.

private boolean isSubjectConditionUpgradable(EntitlementSubject subject) {
    if (subject == null) {
        return true;
    }
    if (subject instanceof NoSubject) {
        return true;
    }
    if (subject instanceof LogicalSubject) {
        LogicalSubject logicalSubject = (LogicalSubject) subject;
        boolean upgradable = true;
        for (EntitlementSubject sub : logicalSubject.getESubjects()) {
            upgradable &= isUpgradablePolicySubject(sub);
        }
        return upgradable;
    }
    return isUpgradablePolicySubject(subject);
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) NoSubject(com.sun.identity.entitlement.NoSubject) LogicalSubject(com.sun.identity.entitlement.LogicalSubject)

Example 8 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method isPolicyWithAndSubjectConditionUpgradable.

@Test(dataProvider = "isPolicyWithAndSubjectConditionUpgradableDataProvider")
public void isPolicyWithAndSubjectConditionUpgradable(Class<? extends EntitlementSubject> sub1, boolean sub1InMap, Class<? extends EntitlementSubject> sub2, boolean sub2InMap, boolean expectedResult) {
    //Given
    Privilege policy = mock(Privilege.class);
    AndSubject andSubject = mock(AndSubject.class);
    Set<EntitlementSubject> andSubjects = new HashSet<EntitlementSubject>();
    EntitlementSubject subject1 = mock(sub1);
    EntitlementSubject subject2 = mock(sub2);
    andSubjects.add(subject1);
    andSubjects.add(subject2);
    given(policy.getSubject()).willReturn(andSubject);
    given(andSubject.getESubjects()).willReturn(andSubjects);
    if (subject1 instanceof PolicySubject) {
        given(((PolicySubject) subject1).getClassName()).willReturn("SUBJECT1_CLASS_NAME");
    }
    if (subject2 instanceof PolicySubject) {
        given(((PolicySubject) subject2).getClassName()).willReturn("SUBJECT2_CLASS_NAME");
    }
    given(conditionUpgradeMap.containsSubjectCondition("SUBJECT1_CLASS_NAME")).willReturn(sub1InMap);
    given(conditionUpgradeMap.containsSubjectCondition("SUBJECT2_CLASS_NAME")).willReturn(sub2InMap);
    //When
    boolean upgradable = conditionUpgrader.isPolicyUpgradable(policy);
    //Then
    assertThat(upgradable).isEqualTo(expectedResult);
}
Also used : AndSubject(com.sun.identity.entitlement.AndSubject) EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) PolicySubject(com.sun.identity.entitlement.opensso.PolicySubject) Privilege(com.sun.identity.entitlement.Privilege) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 9 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method shouldMigratePolicyWithOrSubjectCondition.

@SuppressWarnings("unchecked")
@Test
public void shouldMigratePolicyWithOrSubjectCondition() throws EntitlementException, UpgradeException {
    //Given
    Privilege policy = mock(Privilege.class);
    OrSubject orSubject = mock(OrSubject.class);
    Set<EntitlementSubject> orSubjects = new HashSet<EntitlementSubject>();
    PolicySubject subject1 = mock(PolicySubject.class);
    PolicySubject subject2 = mock(PolicySubject.class);
    orSubjects.add(subject1);
    orSubjects.add(subject2);
    EntitlementSubject migratedSubject1 = mock(EntitlementSubject.class);
    EntitlementSubject migratedSubject2 = mock(EntitlementSubject.class);
    given(policy.getSubject()).willReturn(orSubject);
    given(orSubject.getESubjects()).willReturn(orSubjects);
    given(subject1.getClassName()).willReturn("SUBJECT1_CLASS_NAME");
    given(subject2.getClassName()).willReturn("SUBJECT2_CLASS_NAME");
    given(conditionUpgradeMap.migrateSubjectCondition(eq("SUBJECT1_CLASS_NAME"), eq(subject1), Matchers.<MigrationReport>anyObject())).willReturn(migratedSubject1);
    given(conditionUpgradeMap.migrateSubjectCondition(eq("SUBJECT2_CLASS_NAME"), eq(subject2), Matchers.<MigrationReport>anyObject())).willReturn(migratedSubject2);
    //When
    conditionUpgrader.dryRunPolicyUpgrade(policy);
    //Then
    ArgumentCaptor<Set> subjectCaptor = ArgumentCaptor.forClass(Set.class);
    verify(orSubject).setESubjects(subjectCaptor.capture());
    assertThat(subjectCaptor.getValue()).hasSize(2).contains(migratedSubject1, migratedSubject2);
    verify(policy, never()).setSubject(Matchers.<EntitlementSubject>anyObject());
    verify(policy, never()).setCondition(Matchers.<EntitlementCondition>anyObject());
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) PolicySubject(com.sun.identity.entitlement.opensso.PolicySubject) HashSet(java.util.HashSet) Set(java.util.Set) Privilege(com.sun.identity.entitlement.Privilege) OrSubject(com.sun.identity.entitlement.OrSubject) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 10 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method isPolicyWithSingleSubjectAndEnvironmentConditionUpgradable.

@Test(dataProvider = "isPolicyWithSingleSubjectAndEnvironmentConditionUpgradableDataProvider")
public void isPolicyWithSingleSubjectAndEnvironmentConditionUpgradable(Class<? extends EntitlementSubject> sub, boolean subInMap, Class<? extends EntitlementCondition> con, boolean conInMap, boolean expectedResult) {
    //Given
    Privilege policy = mock(Privilege.class);
    EntitlementSubject subject = null;
    if (sub != null) {
        subject = mock(sub);
    }
    EntitlementCondition condition = null;
    if (con != null) {
        condition = mock(con);
    }
    given(policy.getSubject()).willReturn(subject);
    given(policy.getCondition()).willReturn(condition);
    if (subject instanceof PolicySubject) {
        given(((PolicySubject) subject).getClassName()).willReturn("SUBJECT_CLASS_NAME");
    }
    if (condition instanceof PolicyCondition) {
        given(((PolicyCondition) condition).getClassName()).willReturn("CONDITION_CLASS_NAME");
    }
    given(conditionUpgradeMap.containsSubjectCondition("SUBJECT_CLASS_NAME")).willReturn(subInMap);
    given(conditionUpgradeMap.containsEnvironmentCondition("CONDITION_CLASS_NAME")).willReturn(conInMap);
    //When
    boolean upgradable = conditionUpgrader.isPolicyUpgradable(policy);
    //Then
    assertThat(upgradable).isEqualTo(expectedResult);
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) PolicySubject(com.sun.identity.entitlement.opensso.PolicySubject) EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition) PolicyCondition(com.sun.identity.entitlement.opensso.PolicyCondition) Privilege(com.sun.identity.entitlement.Privilege) Test(org.testng.annotations.Test)

Aggregations

EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)30 Privilege (com.sun.identity.entitlement.Privilege)17 HashSet (java.util.HashSet)15 Entitlement (com.sun.identity.entitlement.Entitlement)13 Test (org.testng.annotations.Test)13 EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)11 OrSubject (com.sun.identity.entitlement.OrSubject)9 PolicySubject (com.sun.identity.entitlement.opensso.PolicySubject)9 HashMap (java.util.HashMap)6 PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)5 ResourceAttribute (com.sun.identity.entitlement.ResourceAttribute)5 Set (java.util.Set)5 AuthenticatedUsers (org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers)4 AndCondition (com.sun.identity.entitlement.AndCondition)3 IPrivilege (com.sun.identity.entitlement.IPrivilege)3 OrCondition (com.sun.identity.entitlement.OrCondition)3 ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)3 Subject (com.sun.identity.policy.interfaces.Subject)3 PrivilegeSubject (com.sun.identity.policy.plugins.PrivilegeSubject)3 Cookie (javax.ws.rs.core.Cookie)3