Examples with Privilege com.sun.identity.entitlement.Privilege used on opensource projects

Example 56 with Privilege

use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.

the class OldPolicyConditionMigrationUpgradeStep method perform.

/**
     * Does the persisting of the upgraded policies.
     *
     * @throws UpgradeException If there is a problem saving the policies.
     */
@Override
public void perform() throws UpgradeException {
    for (Map.Entry<String, Set<Privilege>> entry : privilegesToUpgrade.entrySet()) {
        String realm = entry.getKey();
        //ensure reading apps cleanly
        ApplicationManager.clearCache(realm);
        PrivilegeManager privilegeManager = getPrivilegeManager(realm);
        for (Privilege privilege : entry.getValue()) {
            privilege.getEntitlement().clearCache();
            try {
                addResourceType(privilege, realm);
                privilegeManager.modify(privilege.getName(), privilege);
            } catch (EntitlementException e) {
                DEBUG.error("Failed to modify privilege!", e);
                throw new UpgradeException("Failed to modify privilege!", e);
            }
        }
    }
}

Example 57 with Privilege

use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.

the class OldPolicyConditionMigrationUpgradeStep method initialize.

/**
     * Checks what policies could be automatically upgraded and performs the upgrade without saving so that the
     * migrated policy can be validated to ensure the upgrade went well.
     *
     * @throws UpgradeException If a problem occurred checking the policies.
     */
@Override
public void initialize() throws UpgradeException {
    if (!isCurrentVersionLessThan(1200, true)) {
        return;
    }
    try {
        DEBUG.message("Initializing OldPolicyConditionMigrationStep");
        for (String realm : getRealmNames()) {
            if (!realm.startsWith("/")) {
                realm = "/" + realm;
            }
            PrivilegeManager privilegeManager = getPrivilegeManager(realm);
            List<Privilege> privileges;
            try {
                privileges = privilegeManager.findAllPolicies();
            } catch (EntitlementException e) {
                continue;
            }
            for (Privilege privilege : privileges) {
                if (conditionUpgrader.isPolicyUpgradable(privilege)) {
                    try {
                        MigrationReport report = conditionUpgrader.dryRunPolicyUpgrade(privilege);
                        addReport(realm, report);
                        addUpgradablePolicy(realm, privilege);
                    } catch (Exception e) {
                        addUnupgradablePolicy(realm, privilege);
                    }
                }
            }
        }
    } catch (UpgradeException e) {
        DEBUG.error("Error while trying to detect changes in entitlements", e);
        throw e;
    } catch (Exception ex) {
        DEBUG.error("Error while trying to detect changes in entitlements", ex);
        throw new UpgradeException(ex);
    }
}

Example 58 with Privilege

use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method shouldMigratePolicyWithSingleSubjectAndEnvironmentCondition.

@Test
public void shouldMigratePolicyWithSingleSubjectAndEnvironmentCondition() throws EntitlementException, UpgradeException {
    //Given
    Privilege policy = mock(Privilege.class);
    PolicySubject subject = mock(PolicySubject.class);
    PolicyCondition condition = mock(PolicyCondition.class);
    EntitlementSubject migratedSubject = mock(EntitlementSubject.class);
    EntitlementCondition migratedCondition = mock(EntitlementCondition.class);
    given(policy.getSubject()).willReturn(subject);
    given(policy.getCondition()).willReturn(condition);
    given(subject.getClassName()).willReturn("SUBJECT_CLASS_NAME");
    given(condition.getClassName()).willReturn("CONDITION_CLASS_NAME");
    given(conditionUpgradeMap.migrateSubjectCondition(eq("SUBJECT_CLASS_NAME"), eq(subject), Matchers.<MigrationReport>anyObject())).willReturn(migratedSubject);
    given(conditionUpgradeMap.migrateEnvironmentCondition(eq("CONDITION_CLASS_NAME"), eq(condition), Matchers.<MigrationReport>anyObject())).willReturn(migratedCondition);
    //When
    conditionUpgrader.dryRunPolicyUpgrade(policy);
    //Then
    ArgumentCaptor<EntitlementSubject> subjectCaptor = ArgumentCaptor.forClass(EntitlementSubject.class);
    verify(policy).setSubject(subjectCaptor.capture());
    assertThat(subjectCaptor.getValue()).isEqualTo(migratedSubject);
    ArgumentCaptor<EntitlementCondition> conditionCaptor = ArgumentCaptor.forClass(EntitlementCondition.class);
    verify(policy).setCondition(conditionCaptor.capture());
    assertThat(conditionCaptor.getValue()).isEqualTo(migratedCondition);
}

Example 59 with Privilege

use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method shouldMigratePolicyWithAndEnvironmentCondition.

@SuppressWarnings("unchecked")
@Test
public void shouldMigratePolicyWithAndEnvironmentCondition() throws EntitlementException, UpgradeException {
    //Given
    Privilege policy = mock(Privilege.class);
    AndCondition andCondition = mock(AndCondition.class);
    Set<EntitlementCondition> andConditions = new HashSet<EntitlementCondition>();
    PolicyCondition condition1 = mock(PolicyCondition.class);
    PolicyCondition condition2 = mock(PolicyCondition.class);
    andConditions.add(condition1);
    andConditions.add(condition2);
    EntitlementCondition migratedCondition1 = mock(EntitlementCondition.class);
    EntitlementCondition migratedCondition2 = mock(EntitlementCondition.class);
    given(policy.getCondition()).willReturn(andCondition);
    given(andCondition.getEConditions()).willReturn(andConditions);
    given(condition1.getClassName()).willReturn("CONDITION1_CLASS_NAME");
    given(condition2.getClassName()).willReturn("CONDITION2_CLASS_NAME");
    given(conditionUpgradeMap.migrateEnvironmentCondition(eq("CONDITION1_CLASS_NAME"), eq(condition1), Matchers.<MigrationReport>anyObject())).willReturn(migratedCondition1);
    given(conditionUpgradeMap.migrateEnvironmentCondition(eq("CONDITION2_CLASS_NAME"), eq(condition2), Matchers.<MigrationReport>anyObject())).willReturn(migratedCondition2);
    //When
    conditionUpgrader.dryRunPolicyUpgrade(policy);
    //Then
    ArgumentCaptor<Set> conditionCaptor = ArgumentCaptor.forClass(Set.class);
    verify(andCondition).setEConditions(conditionCaptor.capture());
    assertThat(conditionCaptor.getValue()).hasSize(2).contains(migratedCondition1, migratedCondition2);
    verify(policy, never()).setSubject(Matchers.<EntitlementSubject>anyObject());
    verify(policy, never()).setCondition(Matchers.<EntitlementCondition>anyObject());
}

Example 60 with Privilege

use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method isPolicyWithNotEnvironmentConditionUpgradable.

@Test(dataProvider = "isPolicyWithNotEnvironmentConditionUpgradableDataProvider")
public void isPolicyWithNotEnvironmentConditionUpgradable(Class<? extends EntitlementCondition> condition, boolean conditionInMap, boolean expectedResult) {
    //Given
    Privilege policy = mock(Privilege.class);
    NotCondition notCondition = mock(NotCondition.class);
    Set<EntitlementCondition> notConditions = new HashSet<EntitlementCondition>();
    EntitlementCondition con = mock(condition);
    notConditions.add(con);
    given(policy.getCondition()).willReturn(notCondition);
    given(notCondition.getEConditions()).willReturn(notConditions);
    if (con instanceof PolicyCondition) {
        given(((PolicyCondition) con).getClassName()).willReturn("CONDITION_CLASS_NAME");
    }
    given(conditionUpgradeMap.containsEnvironmentCondition("CONDITION_CLASS_NAME")).willReturn(conditionInMap);
    //When
    boolean upgradable = conditionUpgrader.isPolicyUpgradable(policy);
    //Then
    assertThat(upgradable).isEqualTo(expectedResult);
}