Search in sources :

Example 11 with AuthorizationManager

use of com.synopsys.integration.alert.common.security.authorization.AuthorizationManager in project hub-alert by blackducksoftware.

the class TestHelperConfigurationTest method testForbidden.

@Test
public void testForbidden() {
    AuthenticationTestUtils authenticationTestUtils = new AuthenticationTestUtils();
    DescriptorKey descriptorKey = new ChannelKey("channel_key", "channel-display-name");
    PermissionKey permissionKey = new PermissionKey(ConfigContextEnum.GLOBAL.name(), descriptorKey.getUniversalKey());
    Map<PermissionKey, Integer> permissions = Map.of(permissionKey, AuthenticationTestUtils.NO_PERMISSIONS);
    AuthorizationManager authorizationManager = authenticationTestUtils.createAuthorizationManagerWithCurrentUserSet("admin", "admin", () -> new PermissionMatrixModel(permissions));
    ConfigurationTestHelper testHelper = new ConfigurationTestHelper(authorizationManager, ConfigContextEnum.GLOBAL, descriptorKey);
    ValidationActionResponse response = testHelper.test(() -> new ValidationActionResponse(HttpStatus.OK, ValidationResponseModel.success()), () -> ConfigurationTestResult.success("Success"));
    assertEquals(HttpStatus.FORBIDDEN, response.getHttpStatus());
}
Also used : PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) ValidationActionResponse(com.synopsys.integration.alert.common.action.ValidationActionResponse) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) ChannelKey(com.synopsys.integration.alert.descriptor.api.model.ChannelKey) AuthenticationTestUtils(com.synopsys.integration.alert.test.common.AuthenticationTestUtils) DescriptorKey(com.synopsys.integration.alert.descriptor.api.model.DescriptorKey) AuthorizationManager(com.synopsys.integration.alert.common.security.authorization.AuthorizationManager) Test(org.junit.jupiter.api.Test)

Example 12 with AuthorizationManager

use of com.synopsys.integration.alert.common.security.authorization.AuthorizationManager in project hub-alert by blackducksoftware.

the class TestHelperConfigurationTest method testValidationSuccess.

@Test
public void testValidationSuccess() {
    AuthenticationTestUtils authenticationTestUtils = new AuthenticationTestUtils();
    DescriptorKey descriptorKey = new ChannelKey("channel_key", "channel-display-name");
    PermissionKey permissionKey = new PermissionKey(ConfigContextEnum.GLOBAL.name(), descriptorKey.getUniversalKey());
    Map<PermissionKey, Integer> permissions = Map.of(permissionKey, AuthenticationTestUtils.FULL_PERMISSIONS);
    AuthorizationManager authorizationManager = authenticationTestUtils.createAuthorizationManagerWithCurrentUserSet("admin", "admin", () -> new PermissionMatrixModel(permissions));
    ConfigurationTestHelper testHelper = new ConfigurationTestHelper(authorizationManager, ConfigContextEnum.GLOBAL, descriptorKey);
    ValidationActionResponse response = testHelper.test(() -> new ValidationActionResponse(HttpStatus.OK, ValidationResponseModel.success()), () -> ConfigurationTestResult.success("Success"));
    assertEquals(HttpStatus.OK, response.getHttpStatus());
}
Also used : PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) ValidationActionResponse(com.synopsys.integration.alert.common.action.ValidationActionResponse) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) ChannelKey(com.synopsys.integration.alert.descriptor.api.model.ChannelKey) AuthenticationTestUtils(com.synopsys.integration.alert.test.common.AuthenticationTestUtils) DescriptorKey(com.synopsys.integration.alert.descriptor.api.model.DescriptorKey) AuthorizationManager(com.synopsys.integration.alert.common.security.authorization.AuthorizationManager) Test(org.junit.jupiter.api.Test)

Example 13 with AuthorizationManager

use of com.synopsys.integration.alert.common.security.authorization.AuthorizationManager in project hub-alert by blackducksoftware.

the class TestHelperConfigurationTest method testMessageWithErrors.

@Test
public void testMessageWithErrors() {
    AuthenticationTestUtils authenticationTestUtils = new AuthenticationTestUtils();
    DescriptorKey descriptorKey = new ChannelKey("channel_key", "channel-display-name");
    PermissionKey permissionKey = new PermissionKey(ConfigContextEnum.GLOBAL.name(), descriptorKey.getUniversalKey());
    Map<PermissionKey, Integer> permissions = Map.of(permissionKey, AuthenticationTestUtils.FULL_PERMISSIONS);
    AuthorizationManager authorizationManager = authenticationTestUtils.createAuthorizationManagerWithCurrentUserSet("admin", "admin", () -> new PermissionMatrixModel(permissions));
    ConfigurationTestHelper testHelper = new ConfigurationTestHelper(authorizationManager, ConfigContextEnum.GLOBAL, descriptorKey);
    ValidationActionResponse response = testHelper.test(() -> new ValidationActionResponse(HttpStatus.OK, ValidationResponseModel.success()), () -> ConfigurationTestResult.failure("Failure"));
    ValidationResponseModel validationResponseModel = response.getContent().orElseThrow(() -> new IllegalStateException("Validation content missing"));
    assertEquals(HttpStatus.OK, response.getHttpStatus());
    assertTrue(validationResponseModel.hasErrors());
}
Also used : ValidationResponseModel(com.synopsys.integration.alert.common.rest.model.ValidationResponseModel) PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) ValidationActionResponse(com.synopsys.integration.alert.common.action.ValidationActionResponse) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) ChannelKey(com.synopsys.integration.alert.descriptor.api.model.ChannelKey) AuthenticationTestUtils(com.synopsys.integration.alert.test.common.AuthenticationTestUtils) DescriptorKey(com.synopsys.integration.alert.descriptor.api.model.DescriptorKey) AuthorizationManager(com.synopsys.integration.alert.common.security.authorization.AuthorizationManager) Test(org.junit.jupiter.api.Test)

Example 14 with AuthorizationManager

use of com.synopsys.integration.alert.common.security.authorization.AuthorizationManager in project hub-alert by blackducksoftware.

the class CertificateControllerTestIT method init.

@BeforeEach
public void init() throws Exception {
    AuthorizationManager authorizationManager = Mockito.mock(AuthorizationManager.class);
    Mockito.when(authorizationManager.hasCreatePermission(Mockito.any(ConfigContextEnum.class), Mockito.any(DescriptorKey.class))).thenReturn(Boolean.TRUE);
    Mockito.when(authorizationManager.hasReadPermission(Mockito.any(ConfigContextEnum.class), Mockito.any(DescriptorKey.class))).thenReturn(Boolean.TRUE);
    Mockito.when(authorizationManager.hasDeletePermission(Mockito.any(ConfigContextEnum.class), Mockito.any(DescriptorKey.class))).thenReturn(Boolean.TRUE);
    Mockito.when(authorizationManager.hasWritePermission(Mockito.any(ConfigContextEnum.class), Mockito.any(DescriptorKey.class))).thenReturn(Boolean.TRUE);
    Mockito.when(authorizationManager.hasExecutePermission(Mockito.any(ConfigContextEnum.class), Mockito.any(DescriptorKey.class))).thenReturn(Boolean.TRUE);
    certificateActions = new CertificateActions(certificatesDescriptorKey, authorizationManager, certificateAccessor, trustStoreService);
    mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(SecurityMockMvcConfigurers.springSecurity()).build();
    certTestUtil.init(alertProperties);
}
Also used : DescriptorKey(com.synopsys.integration.alert.descriptor.api.model.DescriptorKey) CertificatesDescriptorKey(com.synopsys.integration.alert.component.certificates.CertificatesDescriptorKey) AuthorizationManager(com.synopsys.integration.alert.common.security.authorization.AuthorizationManager) ConfigContextEnum(com.synopsys.integration.alert.common.enumeration.ConfigContextEnum) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 15 with AuthorizationManager

use of com.synopsys.integration.alert.common.security.authorization.AuthorizationManager in project hub-alert by blackducksoftware.

the class CertificateActionsTestIT method createExceptionTest.

@Test
public void createExceptionTest() throws Exception {
    String certificateContent = certTestUtil.readCertificateContents();
    CertificateModel certificate = new CertificateModel(TEST_ALIAS, certificateContent, DateUtils.createCurrentDateString(DateUtils.UTC_DATE_FORMAT_TO_MINUTE));
    AlertTrustStoreManager trustStoreService = Mockito.mock(AlertTrustStoreManager.class);
    AuthorizationManager authorizationManager = Mockito.mock(AuthorizationManager.class);
    Mockito.when(authorizationManager.hasCreatePermission(Mockito.anyString(), Mockito.anyString())).thenReturn(Boolean.TRUE);
    Mockito.doThrow(new AlertException("Test exception")).when(trustStoreService).importCertificate(Mockito.any(CustomCertificateModel.class));
    CertificateActions certificateActions = new CertificateActions(new CertificatesDescriptorKey(), authorizationManager, certificateAccessor, trustStoreService);
    ActionResponse<CertificateModel> response = certificateActions.create(certificate);
    assertTrue(response.isError());
    assertTrue(certificateAccessor.getCertificates().isEmpty());
}
Also used : CustomCertificateModel(com.synopsys.integration.alert.common.persistence.model.CustomCertificateModel) CertificatesDescriptorKey(com.synopsys.integration.alert.component.certificates.CertificatesDescriptorKey) AlertTrustStoreManager(com.synopsys.integration.alert.component.certificates.AlertTrustStoreManager) CustomCertificateModel(com.synopsys.integration.alert.common.persistence.model.CustomCertificateModel) AuthorizationManager(com.synopsys.integration.alert.common.security.authorization.AuthorizationManager) AlertException(com.synopsys.integration.alert.api.common.model.exception.AlertException) AlertIntegrationTest(com.synopsys.integration.alert.util.AlertIntegrationTest) Test(org.junit.jupiter.api.Test)

Aggregations

AuthorizationManager (com.synopsys.integration.alert.common.security.authorization.AuthorizationManager)83 Test (org.junit.jupiter.api.Test)78 DescriptorKey (com.synopsys.integration.alert.descriptor.api.model.DescriptorKey)49 PermissionKey (com.synopsys.integration.alert.common.persistence.model.PermissionKey)38 PermissionMatrixModel (com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel)38 AuthenticationTestUtils (com.synopsys.integration.alert.test.common.AuthenticationTestUtils)38 EmailGlobalConfigModel (com.synopsys.integration.alert.service.email.model.EmailGlobalConfigModel)27 EmailGlobalConfigurationValidator (com.synopsys.integration.alert.channel.email.validator.EmailGlobalConfigurationValidator)26 ChannelKey (com.synopsys.integration.alert.descriptor.api.model.ChannelKey)23 ValidationResponseModel (com.synopsys.integration.alert.common.rest.model.ValidationResponseModel)20 AlertIntegrationTest (com.synopsys.integration.alert.util.AlertIntegrationTest)16 ActionResponse (com.synopsys.integration.alert.common.action.ActionResponse)15 ConfigContextEnum (com.synopsys.integration.alert.common.enumeration.ConfigContextEnum)14 EmailGlobalConfigAccessor (com.synopsys.integration.alert.channel.email.database.accessor.EmailGlobalConfigAccessor)13 ConfigurationTestResult (com.synopsys.integration.alert.common.message.model.ConfigurationTestResult)12 EmailChannelMessagingService (com.synopsys.integration.alert.channel.email.distribution.EmailChannelMessagingService)9 JavamailPropertiesFactory (com.synopsys.integration.alert.service.email.JavamailPropertiesFactory)9 JiraServerGlobalConfigurationValidator (com.synopsys.integration.alert.channel.jira.server.validator.JiraServerGlobalConfigurationValidator)8 ValidationActionResponse (com.synopsys.integration.alert.common.action.ValidationActionResponse)8 SettingsProxyModel (com.synopsys.integration.alert.common.rest.model.SettingsProxyModel)7