use of com.yahoo.athenz.common.config.AuthzDetailsEntity in project athenz by yahoo.
the class ZMSImplTest method testPutEntityAuthzDetails.
@Test
public void testPutEntityAuthzDetails() throws JsonProcessingException {
final String name = "zts.authorization_details_setup";
final String domainName = "put-entity-authz-details";
Entity entity = new Entity();
entity.setName(ResourceUtils.entityResourceName(domainName, name));
final String jsonData = "{\"type\":\"message_access\",\"roles\":[{\"name\":\"msg-readers\"," + "\"optional\":true},{\"name\":\"msg-writers\",\"optional\":false},{\"name\":" + "\"msg-editors\"}],\"fields\":[{\"name\":\"location\",\"optional\":true}," + "{\"name\":\"identifier\",\"optional\":false},{\"name\":\"resource\"}]}";
entity.setValue(new Struct().with("data", jsonData));
TopLevelDomain dom1 = zmsTestInitializer.createTopLevelDomainObject(domainName, "Test Domain1", "testOrg", zmsTestInitializer.getAdminUser());
zmsTestInitializer.getZms().postTopLevelDomain(zmsTestInitializer.getMockDomRsrcCtx(), zmsTestInitializer.getAuditRef(), dom1);
// add a new authz entity as expected
zmsTestInitializer.getZms().putEntity(zmsTestInitializer.getMockDomRsrcCtx(), domainName, name, zmsTestInitializer.getAuditRef(), entity);
Entity response = zmsTestInitializer.getZms().getEntity(zmsTestInitializer.getMockDomRsrcCtx(), domainName, name);
assertNotNull(response);
ObjectMapper jsonMapper = new ObjectMapper();
jsonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true);
AuthzDetailsEntity authzEntity = AuthzHelper.convertEntityToAuthzDetailsEntity(response);
assertNotNull(authzEntity);
List<AuthzDetailsField> roles = authzEntity.getRoles();
assertNotNull(roles);
assertEquals(roles.size(), 3);
List<AuthzDetailsField> fields = authzEntity.getFields();
assertNotNull(fields);
assertEquals(fields.size(), 3);
zmsTestInitializer.getZms().deleteTopLevelDomain(zmsTestInitializer.getMockDomRsrcCtx(), domainName, zmsTestInitializer.getAuditRef());
}
use of com.yahoo.athenz.common.config.AuthzDetailsEntity in project athenz by yahoo.
the class ZMSImpl method validateAuthorizationDetailsEntity.
void validateAuthorizationDetailsEntity(final String entityName, Entity resource, final String caller) {
if (!entityName.startsWith(AuthzDetailsEntity.ENTITY_NAME_PREFIX)) {
return;
}
// convert our entity into the expected object
AuthzDetailsEntity authzDetailsEntity;
try {
authzDetailsEntity = AuthzHelper.convertEntityToAuthzDetailsEntity(resource);
} catch (Exception ex) {
throw ZMSUtils.requestError("Invalid authorization details entity object provided", caller);
}
if (StringUtil.isEmpty(authzDetailsEntity.getType())) {
throw ZMSUtils.requestError("Authorization details entity object missing type", caller);
}
List<AuthzDetailsField> roles = authzDetailsEntity.getRoles();
if (roles == null || roles.isEmpty()) {
throw ZMSUtils.requestError("Authorization details entity object missing roles", caller);
}
List<AuthzDetailsField> fields = authzDetailsEntity.getFields();
if (fields == null || fields.isEmpty()) {
throw ZMSUtils.requestError("Authorization details entity object missing fields", caller);
}
}
use of com.yahoo.athenz.common.config.AuthzDetailsEntity in project athenz by yahoo.
the class AuthzHelperTest method testConvertEntityToAuthzDetailsEntity.
@Test
public void testConvertEntityToAuthzDetailsEntity() throws JsonProcessingException {
Entity entity = new Entity();
entity.setName("athenz:entity.zts.authorization_details_set1");
final String jsonData = "{\"type\":\"message_access\",\"roles\":[{\"name\":\"msg-readers\"," + "\"optional\":true},{\"name\":\"msg-writers\",\"optional\":false},{\"name\":" + "\"msg-editors\"}],\"fields\":[{\"name\":\"location\",\"optional\":true}," + "{\"name\":\"identifier\",\"optional\":false},{\"name\":\"resource\"}]}";
entity.setValue(new Struct().with("data", jsonData));
AuthzDetailsEntity authzEntity = AuthzHelper.convertEntityToAuthzDetailsEntity(entity);
assertNotNull(authzEntity);
assertEquals(authzEntity.getType(), "message_access");
List<AuthzDetailsField> roles = authzEntity.getRoles();
assertNotNull(roles);
assertEquals(roles.size(), 3);
assertEquals(roles.get(0).getName(), "msg-readers");
assertTrue(roles.get(0).isOptional());
assertEquals(roles.get(1).getName(), "msg-writers");
assertFalse(roles.get(1).isOptional());
assertEquals(roles.get(2).getName(), "msg-editors");
assertFalse(roles.get(2).isOptional());
List<AuthzDetailsField> fields = authzEntity.getFields();
assertNotNull(fields);
assertEquals(fields.size(), 3);
assertEquals(fields.get(0).getName(), "location");
assertTrue(fields.get(0).isOptional());
assertEquals(fields.get(1).getName(), "identifier");
assertFalse(fields.get(1).isOptional());
assertEquals(fields.get(2).getName(), "resource");
assertFalse(fields.get(2).isOptional());
}
use of com.yahoo.athenz.common.config.AuthzDetailsEntity in project athenz by yahoo.
the class DataCache method processEntity.
public void processEntity(com.yahoo.athenz.zms.Entity entity, final String domainName) {
final String entityName = entity.getName();
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Processing entity: {}", entity.getName());
}
if (!entityName.startsWith(ResourceUtils.entityResourceName(domainName, AuthzDetailsEntity.ENTITY_NAME_PREFIX))) {
return;
}
// we're going to convert our entity into authz object
AuthzDetailsEntity detailsEntity;
try {
detailsEntity = AuthzHelper.convertEntityToAuthzDetailsEntity(entity);
} catch (JsonProcessingException ex) {
LOGGER.error("Unable to process entity {}, error {}", entity, ex.getMessage());
return;
}
for (AuthzDetailsField role : detailsEntity.getRoles()) {
final String roleName = role.getName();
if (!authzDetailsCache.containsKey(roleName)) {
authzDetailsCache.put(roleName, new ArrayList<>());
}
final List<AuthzDetailsEntity> entitiesForRole = authzDetailsCache.get(roleName);
entitiesForRole.add(detailsEntity);
}
}
Aggregations