Search in sources :

Example 1 with PermissionMatrixRelation

use of com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation in project hub-alert by blackducksoftware.

the class DefaultRoleAccessorTest method updatePermissionsForRole.

@Test
public void updatePermissionsForRole() throws Exception {
    final String roleName = "roleName";
    final String contextString = "context-test";
    final String descriptorName = "descriptorName";
    RoleEntity roleEntity = new RoleEntity(roleName, true);
    roleEntity.setId(1L);
    ConfigContextEntity configContextEntity = new ConfigContextEntity(contextString);
    configContextEntity.setId(1L);
    RegisteredDescriptorEntity registeredDescriptorEntity = new RegisteredDescriptorEntity(descriptorName, 1L);
    registeredDescriptorEntity.setId(1L);
    PermissionKey permissionKey = new PermissionKey(contextString, descriptorName);
    PermissionMatrixModel permissionMatrix = new PermissionMatrixModel(Map.of(permissionKey, AccessOperation.READ.getBit() + AccessOperation.WRITE.getBit()));
    PermissionMatrixRelation permissionMatrixRelation = new PermissionMatrixRelation(roleEntity.getId(), configContextEntity.getId(), registeredDescriptorEntity.getId(), AccessOperation.READ.getBit() + AccessOperation.WRITE.getBit());
    Mockito.when(roleRepository.findByRoleName(Mockito.any())).thenReturn(Optional.of(roleEntity));
    mockUpdateRoleOperations(permissionMatrixRelation, configContextEntity, registeredDescriptorEntity);
    mockCreateModelFromPermission(configContextEntity, registeredDescriptorEntity);
    DefaultRoleAccessor authorizationUtility = new DefaultRoleAccessor(roleRepository, userRoleRepository, permissionMatrixRepository, registeredDescriptorRepository, configContextRepository);
    PermissionMatrixModel permissionMatrixModel = authorizationUtility.updatePermissionsForRole(roleName, permissionMatrix);
    Mockito.verify(permissionMatrixRepository).saveAll(Mockito.any());
    assertFalse(permissionMatrixModel.isEmpty());
    assertEquals(permissionMatrix, permissionMatrixModel);
}
Also used : RoleEntity(com.synopsys.integration.alert.database.user.RoleEntity) PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) RegisteredDescriptorEntity(com.synopsys.integration.alert.database.configuration.RegisteredDescriptorEntity) PermissionMatrixRelation(com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation) ConfigContextEntity(com.synopsys.integration.alert.database.configuration.ConfigContextEntity) Test(org.junit.jupiter.api.Test)

Example 2 with PermissionMatrixRelation

use of com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation in project hub-alert by blackducksoftware.

the class DefaultRoleAccessorTest method createRoleWithPermissions.

@Test
public void createRoleWithPermissions() {
    final String roleName = "roleName";
    final String contextString = "context-test";
    final String descriptorName = "descriptorName";
    RoleEntity roleEntity = new RoleEntity(roleName, true);
    roleEntity.setId(1L);
    ConfigContextEntity configContextEntity = new ConfigContextEntity(contextString);
    configContextEntity.setId(1L);
    RegisteredDescriptorEntity registeredDescriptorEntity = new RegisteredDescriptorEntity(descriptorName, 1L);
    registeredDescriptorEntity.setId(1L);
    PermissionKey permissionKey = new PermissionKey(contextString, descriptorName);
    PermissionMatrixModel permissionMatrixModel = new PermissionMatrixModel(Map.of(permissionKey, AccessOperation.READ.getBit() + AccessOperation.WRITE.getBit()));
    PermissionMatrixRelation permissionMatrixRelation = new PermissionMatrixRelation(roleEntity.getId(), configContextEntity.getId(), registeredDescriptorEntity.getId(), AccessOperation.READ.getBit() + AccessOperation.WRITE.getBit());
    Mockito.when(roleRepository.save(Mockito.any())).thenReturn(new RoleEntity(roleName, true));
    mockUpdateRoleOperations(permissionMatrixRelation, configContextEntity, registeredDescriptorEntity);
    mockCreateModelFromPermission(configContextEntity, registeredDescriptorEntity);
    DefaultRoleAccessor authorizationUtility = new DefaultRoleAccessor(roleRepository, userRoleRepository, permissionMatrixRepository, registeredDescriptorRepository, configContextRepository);
    UserRoleModel userRoleModel = authorizationUtility.createRoleWithPermissions(roleName, permissionMatrixModel);
    Mockito.verify(permissionMatrixRepository).deleteAll(Mockito.any());
    assertEquals(roleName, userRoleModel.getName());
    assertTrue(userRoleModel.isCustom());
    assertEquals(permissionMatrixModel, userRoleModel.getPermissions());
}
Also used : RoleEntity(com.synopsys.integration.alert.database.user.RoleEntity) PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) RegisteredDescriptorEntity(com.synopsys.integration.alert.database.configuration.RegisteredDescriptorEntity) PermissionMatrixRelation(com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation) UserRoleModel(com.synopsys.integration.alert.common.persistence.model.UserRoleModel) ConfigContextEntity(com.synopsys.integration.alert.database.configuration.ConfigContextEntity) Test(org.junit.jupiter.api.Test)

Example 3 with PermissionMatrixRelation

use of com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation in project hub-alert by blackducksoftware.

the class DefaultRoleAccessor method createRoleWithPermissions.

@Override
@Transactional(propagation = Propagation.REQUIRED)
public UserRoleModel createRoleWithPermissions(String roleName, PermissionMatrixModel permissionMatrix) {
    RoleEntity roleEntity = createRole(roleName, true);
    List<PermissionMatrixRelation> permissions = updateRoleOperations(roleEntity, permissionMatrix);
    return new UserRoleModel(roleEntity.getId(), roleEntity.getRoleName(), roleEntity.getCustom(), createModelFromPermission(permissions));
}
Also used : RoleEntity(com.synopsys.integration.alert.database.user.RoleEntity) PermissionMatrixRelation(com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation) UserRoleModel(com.synopsys.integration.alert.common.persistence.model.UserRoleModel) Transactional(org.springframework.transaction.annotation.Transactional)

Example 4 with PermissionMatrixRelation

use of com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation in project hub-alert by blackducksoftware.

the class DefaultRoleAccessor method createModelFromPermission.

private PermissionMatrixModel createModelFromPermission(List<PermissionMatrixRelation> permissions) {
    Map<PermissionKey, Integer> permissionOperations = new HashMap<>();
    if (null != permissions) {
        for (PermissionMatrixRelation relation : permissions) {
            Optional<String> optionalContext = configContextRepository.findById(relation.getContextId()).map(ConfigContextEntity::getContext);
            Optional<String> optionalDescriptorName = registeredDescriptorRepository.findById(relation.getDescriptorId()).map(RegisteredDescriptorEntity::getName);
            if (optionalDescriptorName.isPresent() && optionalContext.isPresent()) {
                PermissionKey permissionKey = new PermissionKey(optionalContext.get(), optionalDescriptorName.get());
                int existingPermissions = permissionOperations.getOrDefault(permissionKey, 0);
                permissionOperations.put(permissionKey, existingPermissions | relation.getOperations());
            }
        }
    }
    return new PermissionMatrixModel(permissionOperations);
}
Also used : PermissionMatrixModel(com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel) HashMap(java.util.HashMap) PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) RegisteredDescriptorEntity(com.synopsys.integration.alert.database.configuration.RegisteredDescriptorEntity) PermissionMatrixRelation(com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation) ConfigContextEntity(com.synopsys.integration.alert.database.configuration.ConfigContextEntity)

Example 5 with PermissionMatrixRelation

use of com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation in project hub-alert by blackducksoftware.

the class DefaultRoleAccessor method updateRoleOperations.

private List<PermissionMatrixRelation> updateRoleOperations(RoleEntity roleEntity, PermissionMatrixModel permissionMatrix) {
    List<PermissionMatrixRelation> oldPermissionsForRole = permissionMatrixRepository.findAllByRoleId(roleEntity.getId());
    if (!oldPermissionsForRole.isEmpty()) {
        permissionMatrixRepository.deleteAll(oldPermissionsForRole);
    }
    List<PermissionMatrixRelation> matrixEntries = new ArrayList<>();
    Map<PermissionKey, Integer> permissions = permissionMatrix.getPermissions();
    for (Map.Entry<PermissionKey, Integer> permission : permissions.entrySet()) {
        PermissionKey permissionKey = permission.getKey();
        ConfigContextEntity dbContext = configContextRepository.findFirstByContext(permissionKey.getContext()).orElseThrow(() -> new AlertRuntimeException("Invalid context specified for permission"));
        RegisteredDescriptorEntity registeredDescriptor = registeredDescriptorRepository.findFirstByName(permissionKey.getDescriptorName()).orElseThrow(() -> new AlertRuntimeException("Invalid descriptor name specified for permission"));
        int accessOperations = permission.getValue();
        PermissionMatrixRelation permissionMatrixRelation = new PermissionMatrixRelation(roleEntity.getId(), dbContext.getId(), registeredDescriptor.getId(), accessOperations);
        matrixEntries.add(permissionMatrixRelation);
    }
    if (!matrixEntries.isEmpty()) {
        return permissionMatrixRepository.saveAll(matrixEntries);
    }
    return List.of();
}
Also used : PermissionKey(com.synopsys.integration.alert.common.persistence.model.PermissionKey) ArrayList(java.util.ArrayList) RegisteredDescriptorEntity(com.synopsys.integration.alert.database.configuration.RegisteredDescriptorEntity) PermissionMatrixRelation(com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation) AlertRuntimeException(com.synopsys.integration.alert.api.common.model.exception.AlertRuntimeException) HashMap(java.util.HashMap) Map(java.util.Map) ConfigContextEntity(com.synopsys.integration.alert.database.configuration.ConfigContextEntity)

Aggregations

PermissionMatrixRelation (com.synopsys.integration.alert.database.authorization.PermissionMatrixRelation)7 PermissionKey (com.synopsys.integration.alert.common.persistence.model.PermissionKey)5 ConfigContextEntity (com.synopsys.integration.alert.database.configuration.ConfigContextEntity)5 RegisteredDescriptorEntity (com.synopsys.integration.alert.database.configuration.RegisteredDescriptorEntity)5 RoleEntity (com.synopsys.integration.alert.database.user.RoleEntity)5 PermissionMatrixModel (com.synopsys.integration.alert.common.persistence.model.PermissionMatrixModel)4 Test (org.junit.jupiter.api.Test)3 UserRoleModel (com.synopsys.integration.alert.common.persistence.model.UserRoleModel)2 HashMap (java.util.HashMap)2 Transactional (org.springframework.transaction.annotation.Transactional)2 AlertConfigurationException (com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)1 AlertRuntimeException (com.synopsys.integration.alert.api.common.model.exception.AlertRuntimeException)1 PermissionMatrixRepository (com.synopsys.integration.alert.database.authorization.PermissionMatrixRepository)1 ConfigContextRepository (com.synopsys.integration.alert.database.configuration.repository.ConfigContextRepository)1 RegisteredDescriptorRepository (com.synopsys.integration.alert.database.configuration.repository.RegisteredDescriptorRepository)1 RoleRepository (com.synopsys.integration.alert.database.user.RoleRepository)1 UserRoleRepository (com.synopsys.integration.alert.database.user.UserRoleRepository)1 ArrayList (java.util.ArrayList)1 Map (java.util.Map)1