Examples with Policy com.yahoo.athenz.zms.Policy used on opensource projects

Search in sources :

Example 16 with Policy

use of com.yahoo.athenz.zms.Policy in project athenz by yahoo.

the class DataCacheTest method testPolicyWithInvalidAssertionRole.

@Test
public void testPolicyWithInvalidAssertionRole() {
    Domain domain = new Domain();
    domain.setName("testDomain");
    Role role1 = new Role();
    role1.setName("testDomain.role.role1");
    List<RoleMember> members1 = new ArrayList<>();
    members1.add(new RoleMember().setMemberName("user_domain.user1"));
    members1.add(new RoleMember().setMemberName("user_domain.user2"));
    role1.setRoleMembers(members1);
    Role role2 = new Role();
    role2.setName("testDomain.role.role2");
    List<RoleMember> members2 = new ArrayList<>();
    members2.add(new RoleMember().setMemberName("user_domain.user2"));
    role2.setRoleMembers(members2);
    Role role3 = new Role();
    role3.setName("testDomain.role.role3");
    List<RoleMember> members3 = new ArrayList<>();
    members3.add(new RoleMember().setMemberName("user_domain.user3"));
    role3.setRoleMembers(members3);
    Policy policy = new Policy();
    policy.setName("testDomain.policy.policy1");
    Assertion assertion = new Assertion();
    assertion.setAction("assume_role");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("testDomain.role");
    assertion.setRole("testDomain.role.Invalid");
    List<Assertion> assertList = new ArrayList<Assertion>();
    assertList.add(assertion);
    policy.setAssertions(assertList);
    HashMap<String, Role> roleList = new HashMap<>();
    roleList.put(role1.getName(), role1);
    roleList.put(role2.getName(), role2);
    roleList.put(role3.getName(), role3);
    DataCache cache = new DataCache();
    cache.processRole(role1);
    cache.processRole(role2);
    cache.processRole(role3);
    cache.processPolicy(domain.getName(), policy, roleList);
    Set<MemberRole> set1 = cache.getMemberRoleSet("user_domain.user1");
    assertNotNull(set1);
    assertTrue(set1.contains(new MemberRole("testDomain.role.role1", 0)));
    assertEquals(set1.size(), 1);
    Set<MemberRole> set2 = cache.getMemberRoleSet("user_domain.user2");
    assertNotNull(set2);
    assertTrue(set2.contains(new MemberRole("testDomain.role.role1", 0)));
    assertTrue(set2.contains(new MemberRole("testDomain.role.role2", 0)));
    assertEquals(set2.size(), 2);
    Set<MemberRole> set3 = cache.getMemberRoleSet("user_domain.user3");
    assertNotNull(set3);
    assertTrue(set3.contains(new MemberRole("testDomain.role.role3", 0)));
    assertEquals(set3.size(), 1);
}
Also used : Policy(com.yahoo.athenz.zms.Policy) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Assertion(com.yahoo.athenz.zms.Assertion) DataCache(com.yahoo.athenz.zts.cache.DataCache) Role(com.yahoo.athenz.zms.Role) Domain(com.yahoo.athenz.zms.Domain) RoleMember(com.yahoo.athenz.zms.RoleMember) Test(org.testng.annotations.Test)

Example 17 with Policy

use of com.yahoo.athenz.zms.Policy in project athenz by yahoo.

the class DataCacheTest method testPolicyWithAssertionRoleNoMember.

@Test
public void testPolicyWithAssertionRoleNoMember() {
    Domain domain = new Domain();
    domain.setName("testDomain");
    Role role1 = new Role();
    role1.setName("testDomain.role.role1");
    Role role2 = new Role();
    role2.setName("testDomain.role.role2");
    List<RoleMember> members2 = new ArrayList<>();
    members2.add(new RoleMember().setMemberName("user_domain.user2"));
    role2.setRoleMembers(members2);
    Role role3 = new Role();
    role3.setName("testDomain.role.role3");
    List<RoleMember> members3 = new ArrayList<>();
    members3.add(new RoleMember().setMemberName("user_domain.user3"));
    role3.setRoleMembers(members3);
    Policy policy = new Policy();
    policy.setName("testDomain.policy.policy1");
    Assertion assertion = new Assertion();
    assertion.setAction("assume_role");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("testDomain.roleA");
    assertion.setRole("testDomain.role.role1");
    List<Assertion> assertList = new ArrayList<Assertion>();
    assertList.add(assertion);
    policy.setAssertions(assertList);
    HashMap<String, Role> roleList = new HashMap<>();
    roleList.put(role1.getName(), role1);
    roleList.put(role2.getName(), role2);
    roleList.put(role3.getName(), role3);
    DataCache cache = new DataCache();
    cache.processRole(role1);
    cache.processRole(role2);
    cache.processRole(role3);
    cache.processPolicy(domain.getName(), policy, roleList);
    Set<MemberRole> set1 = cache.getMemberRoleSet("user_domain.user1");
    assertNull(set1);
    Set<MemberRole> set2 = cache.getMemberRoleSet("user_domain.user2");
    assertNotNull(set2);
    assertTrue(set2.contains(new MemberRole("testDomain.role.role2", 0)));
    assertEquals(set2.size(), 1);
    Set<MemberRole> set3 = cache.getMemberRoleSet("user_domain.user3");
    assertNotNull(set3);
    assertTrue(set3.contains(new MemberRole("testDomain.role.role3", 0)));
    assertEquals(set3.size(), 1);
}
Also used : Policy(com.yahoo.athenz.zms.Policy) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Assertion(com.yahoo.athenz.zms.Assertion) DataCache(com.yahoo.athenz.zts.cache.DataCache) Role(com.yahoo.athenz.zms.Role) Domain(com.yahoo.athenz.zms.Domain) RoleMember(com.yahoo.athenz.zms.RoleMember) Test(org.testng.annotations.Test)

Example 18 with Policy

use of com.yahoo.athenz.zms.Policy in project athenz by yahoo.

the class DataCacheTest method testPolicyNoRoleProcessed.

@Test
public void testPolicyNoRoleProcessed() {
    Domain domain = new Domain();
    domain.setName("testDomain");
    Role role1 = new Role();
    role1.setName("testDomain.role.role1");
    List<RoleMember> members1 = new ArrayList<>();
    members1.add(new RoleMember().setMemberName("user_domain.user1"));
    role1.setRoleMembers(members1);
    Policy policy = new Policy();
    policy.setName("testDomain.policy.policy1");
    Assertion assertion1 = new Assertion();
    assertion1.setAction("assume_role");
    assertion1.setEffect(AssertionEffect.ALLOW);
    assertion1.setResource("testDomain.roleA");
    assertion1.setRole("testDomain.role.role1");
    List<Assertion> assertList = new ArrayList<Assertion>();
    assertList.add(assertion1);
    policy.setAssertions(assertList);
    DataCache cache = new DataCache();
    HashMap<String, Role> roleList = new HashMap<>();
    roleList.put(role1.getName(), role1);
    cache.processPolicy(domain.getName(), policy, roleList);
    Set<MemberRole> set1 = cache.getMemberRoleSet("user_domain.user1");
    assertNotNull(set1);
    assertTrue(set1.contains(new MemberRole("testDomain.roleA", 0)));
    assertEquals(set1.size(), 1);
    Set<MemberRole> set2 = cache.getMemberRoleSet("user_domain.user2");
    assertNull(set2);
}
Also used : Policy(com.yahoo.athenz.zms.Policy) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Assertion(com.yahoo.athenz.zms.Assertion) DataCache(com.yahoo.athenz.zts.cache.DataCache) Role(com.yahoo.athenz.zms.Role) Domain(com.yahoo.athenz.zms.Domain) RoleMember(com.yahoo.athenz.zms.RoleMember) Test(org.testng.annotations.Test)

Example 19 with Policy

use of com.yahoo.athenz.zms.Policy in project athenz by yahoo.

the class FileConnection method getAthenzDomain.

@Override
public AthenzDomain getAthenzDomain(String domainName) {
    DomainStruct domainStruct = getDomainStruct(domainName);
    if (domainStruct == null) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "domain not found", "getAthenzDomain");
    }
    AthenzDomain athenzDomain = new AthenzDomain(domainName);
    athenzDomain.setDomain(getDomain(domainStruct));
    if (domainStruct.getRoles() != null) {
        athenzDomain.setRoles(new ArrayList<Role>(domainStruct.getRoles().values()));
    }
    if (domainStruct.getPolicies() != null) {
        athenzDomain.setPolicies(new ArrayList<Policy>(domainStruct.getPolicies().values()));
    }
    if (domainStruct.getServices() != null) {
        athenzDomain.setServices(new ArrayList<ServiceIdentity>(domainStruct.getServices().values()));
    }
    return athenzDomain;
}
Also used : Role(com.yahoo.athenz.zms.Role) PrincipalRole(com.yahoo.athenz.zms.PrincipalRole) Policy(com.yahoo.athenz.zms.Policy) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain) ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity)

Example 20 with Policy

use of com.yahoo.athenz.zms.Policy in project athenz by yahoo.

the class JDBCConnection method getPolicy.

@Override
public Policy getPolicy(String domainName, String policyName) {
    final String caller = "getPolicy";
    try (PreparedStatement ps = con.prepareStatement(SQL_GET_POLICY)) {
        ps.setString(1, domainName);
        ps.setString(2, policyName);
        try (ResultSet rs = executeQuery(ps, caller)) {
            if (rs.next()) {
                Policy policy = new Policy().setName(ZMSUtils.policyResourceName(domainName, policyName)).setModified(Timestamp.fromMillis(rs.getTimestamp(ZMSConsts.DB_COLUMN_MODIFIED).getTime()));
                return policy;
            }
        }
    } catch (SQLException ex) {
        throw sqlError(ex, caller);
    }
    return null;
}
Also used : Policy(com.yahoo.athenz.zms.Policy) SQLException(java.sql.SQLException) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement)

Aggregations

Policy (com.yahoo.athenz.zms.Policy)46 Assertion (com.yahoo.athenz.zms.Assertion)24 Test (org.testng.annotations.Test)24 Role (com.yahoo.athenz.zms.Role)22 ArrayList (java.util.ArrayList)18 DomainData (com.yahoo.athenz.zms.DomainData)16 RoleMember (com.yahoo.athenz.zms.RoleMember)13 DataCache (com.yahoo.athenz.zts.cache.DataCache)13 SignedDomain (com.yahoo.athenz.zms.SignedDomain)8 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)7 HashMap (java.util.HashMap)7 Domain (com.yahoo.athenz.zms.Domain)6 ResourceException (com.yahoo.athenz.zms.ResourceException)4 ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)4 SQLException (java.sql.SQLException)4 Principal (com.yahoo.athenz.auth.Principal)3 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)3 Array (com.yahoo.rdl.Array)2 Struct (com.yahoo.rdl.Struct)2 PreparedStatement (java.sql.PreparedStatement)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial