Examples with Role com.yahoo.athenz.zms.Role used on opensource projects

Search in sources :

Example 46 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method testMatchDelegatedTrustAssertionValidWithPattern.

@Test
public void testMatchDelegatedTrustAssertionValidWithPattern() {
    Assertion assertion = new Assertion();
    assertion.setAction("ASSUME_ROLE");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("*:role.Role");
    assertion.setRole("weather:role.*");
    Role role = null;
    List<Role> roles = new ArrayList<>();
    role = createRoleObject("weather", "Role1", null, "user_domain.user1", null);
    roles.add(role);
    role = createRoleObject("weather", "Role", null, "user_domain.user2", null);
    roles.add(role);
    assertTrue(authorizer.matchDelegatedTrustAssertion(assertion, "weather:role.Role", "user_domain.user2", roles));
}
Also used : Role(com.yahoo.athenz.zms.Role) Assertion(com.yahoo.athenz.zms.Assertion) ArrayList(java.util.ArrayList) Test(org.testng.annotations.Test)

Example 47 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method testMatchPrincipalInRoleStdMemberMatch.

@Test
public void testMatchPrincipalInRoleStdMemberMatch() {
    Role role = createRoleObject("weather", "Role", null, "user_domain.user2", null);
    assertTrue(authorizer.matchPrincipalInRole(role, null, "user_domain.user2", null));
}
Also used : Role(com.yahoo.athenz.zms.Role) Test(org.testng.annotations.Test)

Example 48 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method createRoleObject.

public static Role createRoleObject(String domainName, String roleName, String trust) {
    Role role = new Role();
    role.setName(domainName + ":role." + roleName);
    role.setTrust(trust);
    return role;
}
Also used : Role(com.yahoo.athenz.zms.Role)

Example 49 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method testAccessDelegatedTrust.

@Test
public void testAccessDelegatedTrust() {
    DataCache domain = new DataCache();
    DomainData domainData = new DomainData();
    domainData.setName("coretechtrust");
    domain.setDomainData(domainData);
    domainData.setRoles(new ArrayList<Role>());
    Role role1 = createRoleObject("coretechtrust", "role1", null, "user_domain.user1", null);
    Role role2 = createRoleObject("coretechtrust", "role2", null, "user_domain.user2", null);
    domainData.getRoles().add(role1);
    domainData.getRoles().add(role2);
    Policy policy = createPolicyObject("coretechtrust", "trust", "coretechtrust:role.role1", false, "ASSUME_ROLE", "weather:role.role1", AssertionEffect.ALLOW);
    domainData.setPolicies(new com.yahoo.athenz.zms.SignedPolicies());
    domainData.getPolicies().setContents(new com.yahoo.athenz.zms.DomainPolicies());
    domainData.getPolicies().getContents().setPolicies(new ArrayList<Policy>());
    domainData.getPolicies().getContents().getPolicies().add(policy);
    store.getCacheStore().put("coretechtrust", domain);
    domain = new DataCache();
    domainData = new DomainData();
    domainData.setName("weather");
    domain.setDomainData(domainData);
    domainData.setRoles(new ArrayList<Role>());
    role1 = createRoleObject("weather", "role1", "coretechtrust");
    domainData.getRoles().add(role1);
    policy = createPolicyObject("weather", "access", "weather:role.role1", false, "update", "weather:table1", AssertionEffect.ALLOW);
    domainData.setPolicies(new com.yahoo.athenz.zms.SignedPolicies());
    domainData.getPolicies().setContents(new com.yahoo.athenz.zms.DomainPolicies());
    domainData.getPolicies().getContents().setPolicies(new ArrayList<Policy>());
    domainData.getPolicies().getContents().getPolicies().add(policy);
    store.getCacheStore().put("weather", domain);
    Principal principal1 = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user1;s=signature", 0, null);
    assertTrue(authorizer.access("update", "weather:table1", principal1, null));
    assertTrue(authorizer.access("update", "weather:table1", principal1, "coretechtrust"));
    assertFalse(authorizer.access("update", "weather:table1", principal1, "unknowntrust"));
    assertFalse(authorizer.access("update", "weather:table2", principal1, null));
    assertFalse(authorizer.access("delete", "weather:table1", principal1, null));
    Principal principal2 = SimplePrincipal.create("user_domain", "user2", "v=U1;d=user_domain;n=user2;s=signature", 0, null);
    assertFalse(authorizer.access("update", "weather:table1", principal2, null));
    Principal principal3 = SimplePrincipal.create("user_domain", "user3", "v=U1;d=user_domain;n=user3;s=signature", 0, null);
    assertFalse(authorizer.access("update", "weather:table1", principal3, null));
    store.getCacheStore().invalidate("coretechtrust");
    store.getCacheStore().invalidate("weather");
}
Also used : Role(com.yahoo.athenz.zms.Role) Policy(com.yahoo.athenz.zms.Policy) DomainData(com.yahoo.athenz.zms.DomainData) DataCache(com.yahoo.athenz.zts.cache.DataCache) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 50 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method testMatchDelegatedTrustAssertionValidWithOutPattern.

@Test
public void testMatchDelegatedTrustAssertionValidWithOutPattern() {
    Assertion assertion = new Assertion();
    assertion.setAction("ASSUME_ROLE");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("*:role.Role");
    assertion.setRole("weather:role.Role");
    Role role = null;
    List<Role> roles = new ArrayList<>();
    role = createRoleObject("weather", "Role1", null, "user_domain.user1", null);
    roles.add(role);
    role = createRoleObject("weather", "Role", null, "user_domain.user2", null);
    roles.add(role);
    assertTrue(authorizer.matchDelegatedTrustAssertion(assertion, "weather:role.Role", "user_domain.user2", roles));
}
Also used : Role(com.yahoo.athenz.zms.Role) Assertion(com.yahoo.athenz.zms.Assertion) ArrayList(java.util.ArrayList) Test(org.testng.annotations.Test)

Aggregations

Role (com.yahoo.athenz.zms.Role)94 Test (org.testng.annotations.Test)57 RoleMember (com.yahoo.athenz.zms.RoleMember)47 ArrayList (java.util.ArrayList)47 DomainData (com.yahoo.athenz.zms.DomainData)32 DataCache (com.yahoo.athenz.zts.cache.DataCache)31 PrincipalRole (com.yahoo.athenz.zms.PrincipalRole)27 Policy (com.yahoo.athenz.zms.Policy)22 SignedDomain (com.yahoo.athenz.zms.SignedDomain)22 Assertion (com.yahoo.athenz.zms.Assertion)20 MemberRole (com.yahoo.athenz.zts.cache.MemberRole)19 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)14 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)13 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)12 ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)11 SQLException (java.sql.SQLException)9 HashMap (java.util.HashMap)8 ResourceException (com.yahoo.athenz.zms.ResourceException)7 Domain (com.yahoo.athenz.zms.Domain)6 File (java.io.File)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial