Example 1 with SearchFilter
use of com.sun.identity.entitlement.util.SearchFilter in project OpenAM by OpenRock.
the class XACMLExportImport method exportXACML.
/**
* Performs an export of all Policies found in the Privilege Manager that match the
* provided filters.
*
* @param realm Non null realm.
* @param admin Non null admin subject to authenticate as.
* @param filters Non null, but maybe empty filters to select Privileges against.
* @return A non null but possibly empty collection of Policies.
* @throws EntitlementException If there was any problem with the generation of Policies.
*/
public PolicySet exportXACML(String realm, Subject admin, List<String> filters) throws EntitlementException {
PrivilegeManager pm = privilegeManagerFactory.createReferralPrivilegeManager(realm, admin);
Set<SearchFilter> filterSet = new HashSet<SearchFilter>();
if (filters != null) {
for (String filter : filters) {
SearchFilter searchFilter = searchFilterFactory.getFilter(filter);
message("Export: Search Filter: {0}", searchFilter);
filterSet.add(searchFilter);
}
}
Set<String> privilegeNames = pm.searchNames(filterSet);
message("Export: Privilege Matches {0}", privilegeNames.size());
PrivilegeSet privilegeSet = new PrivilegeSet();
for (String name : privilegeNames) {
Privilege privilege = pm.findByName(name, admin);
message("Export: Privilege {0}", privilege.getName());
privilegeSet.addPrivilege(privilege);
}
PolicySet policySet = xacmlReaderWriter.toXACML(realm, privilegeSet);
message("Export: Complete");
return policySet;
}
Also used :
PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager)
IPrivilegeManager(com.sun.identity.entitlement.IPrivilegeManager)
SearchFilter(com.sun.identity.entitlement.util.SearchFilter)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
HashSet(java.util.HashSet)
Example 2 with SearchFilter
use of com.sun.identity.entitlement.util.SearchFilter in project OpenAM by OpenRock.
the class PrivilegeResource method getEqualSearchFilter.
private SearchFilter getEqualSearchFilter(String f) throws EntitlementException {
SearchFilter sf = null;
int idx = f.indexOf('=');
if (idx != -1) {
String attrName = f.substring(0, idx);
if ((attrName.equals(Privilege.LAST_MODIFIED_DATE_ATTRIBUTE)) || (attrName.equals(Privilege.CREATION_DATE_ATTRIBUTE))) {
try {
sf = new SearchFilter(SearchFilterFactory.getSearchAttribute(attrName), Long.parseLong(f.substring(idx + 1)), SearchFilter.Operator.EQUALS_OPERATOR);
} catch (NumberFormatException e) {
String[] param = { f };
throw new EntitlementException(328, param);
}
} else {
sf = new SearchFilter(SearchFilterFactory.getSearchAttribute(attrName), f.substring(idx + 1));
}
}
return sf;
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SearchFilter(com.sun.identity.entitlement.util.SearchFilter)
Example 3 with SearchFilter
use of com.sun.identity.entitlement.util.SearchFilter in project OpenAM by OpenRock.
the class ApplicationFilterTest method test.
@Test
public void test() throws Exception {
SSOToken userToken = AuthUtils.authenticate("/", USER1, USER1);
Subject userSubject = SubjectUtils.createSubject(userToken);
Set<SearchFilter> filters = new HashSet<SearchFilter>();
filters.add(new SearchFilter(Application.NAME_SEARCH_ATTRIBUTE, "ApplicationFilterTes*"));
Set<String> names = ApplicationManager.search(userSubject, "/", filters);
if (names.isEmpty()) {
throw new Exception("ApplicationFilterTest.test: expect to return one entry");
}
filters.clear();
filters.add(new SearchFilter(Application.NAME_SEARCH_ATTRIBUTE, "4rwrwr*"));
names = ApplicationManager.search(userSubject, "/", filters);
if (!names.isEmpty()) {
throw new Exception("ApplicationFilterTest.test: expect to return no entries");
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SearchFilter(com.sun.identity.entitlement.util.SearchFilter)
Subject(javax.security.auth.Subject)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Example 4 with SearchFilter
use of com.sun.identity.entitlement.util.SearchFilter in project OpenAM by OpenRock.
the class SearchFilterFactoryTest method shouldParseNumericOperator.
@Test
public void shouldParseNumericOperator() throws EntitlementException {
String filter = Privilege.LAST_MODIFIED_DATE_ATTRIBUTE + ">1235";
SearchFilter result = factory.getFilter(filter);
assertThat(result.getOperator()).isEqualTo(SearchFilter.Operator.GREATER_THAN_OPERATOR);
}
Also used :
SearchFilter(com.sun.identity.entitlement.util.SearchFilter)
Test(org.testng.annotations.Test)
Example 5 with SearchFilter
use of com.sun.identity.entitlement.util.SearchFilter in project OpenAM by OpenRock.
the class PrivilegeManagerTest method testListPrivilegeNames.
@Test(dependsOnMethods = { "testAddPrivilege" })
public void testListPrivilegeNames() throws Exception {
if (!migrated) {
return;
}
PrivilegeManager prm = PrivilegeManager.getInstance("/", SubjectUtils.createSubject(adminToken));
Set<SearchFilter> psf = new HashSet<SearchFilter>();
psf.add(new SearchFilter(Privilege.NAME_SEARCH_ATTRIBUTE, "*"));
Set privilegeNames = prm.searchNames(psf);
if (!privilegeNames.contains(PRIVILEGE_NAME)) {
throw new Exception("PrivilegeManagerTest.testListPrivilegeNames():" + "got privilege names does not contain saved privilege");
}
psf = new HashSet<SearchFilter>();
psf.add(new SearchFilter(Privilege.DESCRIPTION_SEARCH_ATTRIBUTE, PRIVILEGE_DESC));
privilegeNames = prm.searchNames(psf);
if (!privilegeNames.contains(PRIVILEGE_NAME)) {
throw new Exception("PrivilegeManagerTest.testListPrivilegeNames():" + "got privilege names does not contain saved privilege");
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
SearchFilter(com.sun.identity.entitlement.util.SearchFilter)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Aggregations
SearchFilter (com.sun.identity.entitlement.util.SearchFilter)26
Test (org.testng.annotations.Test)18
QueryRequest (org.forgerock.json.resource.QueryRequest)9
HashSet (java.util.HashSet)8
JsonPointer (org.forgerock.json.JsonPointer)8
SSOException (com.iplanet.sso.SSOException)7
IdRepoException (com.sun.identity.idm.IdRepoException)7
Subject (javax.security.auth.Subject)6
EntitlementException (com.sun.identity.entitlement.EntitlementException)4
SearchAttribute (com.sun.identity.entitlement.util.SearchAttribute)4
SMSException (com.sun.identity.sm.SMSException)4
SSOToken (com.iplanet.sso.SSOToken)3
PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)2
Date (java.util.Date)2
Matchers.anyString (org.mockito.Matchers.anyString)2
AfterTest (org.testng.annotations.AfterTest)2
BeforeTest (org.testng.annotations.BeforeTest)2
CLIException (com.sun.identity.cli.CLIException)1
IPrivilege (com.sun.identity.entitlement.IPrivilege)1
IPrivilegeManager (com.sun.identity.entitlement.IPrivilegeManager)1
