use of com.synopsys.integration.alert.common.exception.AlertForbiddenOperationException in project hub-alert by blackducksoftware.
the class AuthenticationEventHandler method handle.
@Override
public void handle(AlertAuthenticationEvent event) {
UserModel user = event.getUser();
if (null != user) {
try {
Optional<UserModel> userModel = userAccessor.getUser(user.getName());
if (userModel.isPresent() && user.isExternal()) {
UserModel model = userModel.get();
UserModel updatedUser = UserModel.existingUser(model.getId(), user.getName(), user.getPassword(), user.getEmailAddress(), user.getAuthenticationType(), user.getRoles(), user.isEnabled());
userAccessor.updateUser(updatedUser, true);
} else {
userAccessor.addUser(user, true);
}
} catch (AlertForbiddenOperationException ignored) {
// Cannot update an external user's credentials
} catch (AlertConfigurationException ignored) {
// User already exists. Nothing to do.
}
}
}
use of com.synopsys.integration.alert.common.exception.AlertForbiddenOperationException in project hub-alert by blackducksoftware.
the class DefaultRoleAccessorTest method deleteRoleCustomFalseTest.
@Test
public void deleteRoleCustomFalseTest() {
DefaultRoleAccessor authorizationUtility = new DefaultRoleAccessor(roleRepository, userRoleRepository, permissionMatrixRepository, registeredDescriptorRepository, configContextRepository);
RoleEntity roleEntity = new RoleEntity("name", false);
roleEntity.setId(1L);
Mockito.when(roleRepository.findById(Mockito.any())).thenReturn(Optional.of(roleEntity));
try {
authorizationUtility.deleteRole(1L);
fail("Custom parameter of roleEntity set to 'false' did not throw expected AlertForbiddenOperationException.");
} catch (AlertForbiddenOperationException e) {
assertNotNull(e);
}
}
use of com.synopsys.integration.alert.common.exception.AlertForbiddenOperationException in project hub-alert by blackducksoftware.
the class DefaultRoleAccessor method deleteRole.
@Override
@Transactional(propagation = Propagation.REQUIRED)
public void deleteRole(Long roleId) throws AlertForbiddenOperationException {
Optional<RoleEntity> foundRole = roleRepository.findById(roleId);
if (foundRole.isPresent()) {
RoleEntity roleEntity = foundRole.get();
if (BooleanUtils.isFalse(roleEntity.getCustom())) {
throw new AlertForbiddenOperationException("Cannot delete the role '" + roleId + "' because it is not a custom role.");
}
// Deletion cascades to permissions
roleRepository.deleteById(roleEntity.getId());
}
}
use of com.synopsys.integration.alert.common.exception.AlertForbiddenOperationException in project hub-alert by blackducksoftware.
the class DefaultRoleAccessor method updateRoleName.
@Override
@Transactional(propagation = Propagation.REQUIRED)
public void updateRoleName(Long roleId, String roleName) throws AlertForbiddenOperationException {
Optional<RoleEntity> foundRole = roleRepository.findById(roleId);
if (foundRole.isPresent()) {
RoleEntity roleEntity = foundRole.get();
if (BooleanUtils.isFalse(roleEntity.getCustom())) {
throw new AlertForbiddenOperationException("Cannot update the existing role '" + foundRole.get().getRoleName() + "' to '" + roleName + "' because it is not a custom role");
}
RoleEntity updatedEntity = new RoleEntity(roleName, true);
updatedEntity.setId(roleEntity.getId());
roleRepository.save(updatedEntity);
}
}
use of com.synopsys.integration.alert.common.exception.AlertForbiddenOperationException in project hub-alert by blackducksoftware.
the class DefaultUserAccessorTest method updateUserNonDatabaseAuthInvalidTest.
@Test
public void updateUserNonDatabaseAuthInvalidTest() throws Exception {
final String roleName = "roleName";
AuthenticationType authenticationType = AuthenticationType.LDAP;
UserEntity userEntity = new UserEntity(username, password, emailAddress, 2L);
userEntity.setId(1L);
UserEntity existingUserEntity = new UserEntity("usernam-teste", "existing-password", "old-email.noreply@blackducksoftware.com", 2L);
existingUserEntity.setId(1L);
UserRoleModel roles = createUserRoleModel(1L, roleName, true);
UserModel userModel = UserModel.existingUser(1L, username, password, emailAddress, authenticationType, Set.of(roles), true);
UserRoleRelation userRoleRelation = new UserRoleRelation(1L, 2L);
UserRoleModel userRoleModel = createUserRoleModel(1L, roleName, true);
Mockito.when(userRepository.findById(Mockito.any())).thenReturn(Optional.of(existingUserEntity));
Mockito.when(authenticationTypeAccessor.getAuthenticationType(Mockito.any())).thenReturn(Optional.of(authenticationType));
Mockito.when(userRepository.save(Mockito.any())).thenReturn(existingUserEntity);
createModelMocks(userRoleRelation, userRoleModel, authenticationType);
DefaultUserAccessor defaultUserAccessor = new DefaultUserAccessor(userRepository, userRoleRepository, defaultPasswordEncoder, roleAccessor, authenticationTypeAccessor);
try {
defaultUserAccessor.updateUser(userModel, false);
fail("External user with ? did not throw expected " + AlertForbiddenOperationException.class.getSimpleName());
} catch (AlertForbiddenOperationException e) {
assertNotNull(e);
} catch (AlertConfigurationException wrongException) {
fail("Wrong exception thrown");
}
}
Aggregations