Examples with Role com.yahoo.athenz.zms.Role used on opensource projects

Search in sources :

Example 66 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method createAwsSignedDomain.

private SignedDomain createAwsSignedDomain(String domainName, String account) {
    SignedDomain signedDomain = new SignedDomain();
    List<Role> roles = new ArrayList<>();
    Role role = new Role();
    role.setName(generateRoleName(domainName, "admin"));
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.user"));
    role.setRoleMembers(members);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "aws_role"));
    members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.user100"));
    members.add(new RoleMember().setMemberName("user_domain.user101"));
    role.setRoleMembers(members);
    roles.add(role);
    List<com.yahoo.athenz.zms.Policy> policies = new ArrayList<>();
    com.yahoo.athenz.zms.Policy policy = new com.yahoo.athenz.zms.Policy();
    com.yahoo.athenz.zms.Assertion assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":aws_role_name");
    assertion.setAction("assume_aws_role");
    assertion.setRole(generateRoleName(domainName, "aws_role"));
    List<com.yahoo.athenz.zms.Assertion> assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(generatePolicyName(domainName, "aws_policy"));
    policies.add(policy);
    com.yahoo.athenz.zms.DomainPolicies domainPolicies = new com.yahoo.athenz.zms.DomainPolicies();
    domainPolicies.setDomain(domainName);
    domainPolicies.setPolicies(policies);
    com.yahoo.athenz.zms.SignedPolicies signedPolicies = new com.yahoo.athenz.zms.SignedPolicies();
    signedPolicies.setContents(domainPolicies);
    signedPolicies.setSignature(Crypto.sign(SignUtils.asCanonicalString(domainPolicies), privateKey));
    signedPolicies.setKeyId("0");
    DomainData domain = new DomainData();
    domain.setName(domainName);
    domain.setAccount(account);
    domain.setRoles(roles);
    domain.setPolicies(signedPolicies);
    signedDomain.setDomain(domain);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(domain), privateKey));
    signedDomain.setKeyId("0");
    return signedDomain;
}
Also used : Policy(com.yahoo.athenz.zms.Policy) Policy(com.yahoo.athenz.zms.Policy) ArrayList(java.util.ArrayList) Assertion(com.yahoo.athenz.zms.Assertion) DomainData(com.yahoo.athenz.zms.DomainData) Assertion(com.yahoo.athenz.zms.Assertion) Role(com.yahoo.athenz.zms.Role) SignedDomain(com.yahoo.athenz.zms.SignedDomain) RoleMember(com.yahoo.athenz.zms.RoleMember)

Example 67 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class ZTSImplTest method testMatchDelegatedTrustAssertionNoRoleMatchWithOutPattern.

@Test
public void testMatchDelegatedTrustAssertionNoRoleMatchWithOutPattern() {
    Assertion assertion = new Assertion();
    assertion.setAction("ASSUME_ROLE");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("*:role.Role");
    assertion.setRole("weather:role.Role");
    Role role = null;
    List<Role> roles = new ArrayList<>();
    role = createRoleObject("coretech", "Role1", null);
    roles.add(role);
    role = createRoleObject("coretech", "Role2", null);
    roles.add(role);
    assertFalse(authorizer.matchDelegatedTrustAssertion(assertion, "weather:role.Role1", null, roles));
    assertFalse(authorizer.matchDelegatedTrustAssertion(assertion, "coretech:role.Role", null, roles));
}
Also used : Role(com.yahoo.athenz.zms.Role) Assertion(com.yahoo.athenz.zms.Assertion) ArrayList(java.util.ArrayList) Test(org.testng.annotations.Test)

Example 68 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class InstanceProviderManagerTest method createSignedDomain.

private SignedDomain createSignedDomain(String domainName, String serviceName, boolean includeService, boolean includeEndPoint, String endPoint) {
    SignedDomain signedDomain = new SignedDomain();
    List<Role> roles = new ArrayList<>();
    Role role = new Role();
    role.setName(domainName + ":role.admin");
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.adminuser"));
    role.setRoleMembers(members);
    roles.add(role);
    List<ServiceIdentity> services = new ArrayList<>();
    ServiceIdentity service = new ServiceIdentity();
    service.setName(domainName + "." + serviceName);
    if (includeEndPoint) {
        service.setProviderEndpoint(endPoint);
    }
    services.add(service);
    List<com.yahoo.athenz.zms.Policy> policies = new ArrayList<>();
    com.yahoo.athenz.zms.Policy policy = new com.yahoo.athenz.zms.Policy();
    com.yahoo.athenz.zms.Assertion assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":instance");
    assertion.setAction("read");
    assertion.setRole(domainName + ":role.admin");
    List<com.yahoo.athenz.zms.Assertion> assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(domainName + ":policy.test");
    policies.add(policy);
    com.yahoo.athenz.zms.DomainPolicies domainPolicies = new com.yahoo.athenz.zms.DomainPolicies();
    domainPolicies.setDomain(domainName);
    domainPolicies.setPolicies(policies);
    com.yahoo.athenz.zms.SignedPolicies signedPolicies = new com.yahoo.athenz.zms.SignedPolicies();
    signedPolicies.setContents(domainPolicies);
    signedPolicies.setSignature(Crypto.sign(SignUtils.asCanonicalString(domainPolicies), privateKey));
    signedPolicies.setKeyId("0");
    DomainData domain = new DomainData();
    domain.setName(domainName);
    domain.setRoles(roles);
    if (includeService) {
        domain.setServices(services);
    }
    domain.setPolicies(signedPolicies);
    domain.setModified(Timestamp.fromCurrentTime());
    signedDomain.setDomain(domain);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(domain), privateKey));
    signedDomain.setKeyId("0");
    return signedDomain;
}
Also used : ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity) ArrayList(java.util.ArrayList) DomainData(com.yahoo.athenz.zms.DomainData) Role(com.yahoo.athenz.zms.Role) SignedDomain(com.yahoo.athenz.zms.SignedDomain) RoleMember(com.yahoo.athenz.zms.RoleMember)

Example 69 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class JDBCConnectionTest method testInsertRoleWithTrust.

@Test
public void testInsertRoleWithTrust() throws Exception {
    JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
    Role role = new Role().setName("my-domain:role.role1").setTrust("trust_domain");
    Mockito.doReturn(1).when(mockPrepStmt).executeUpdate();
    Mockito.when(mockResultSet.next()).thenReturn(true);
    // return domain
    Mockito.when(mockResultSet.getInt(1)).thenReturn(5);
    boolean requestSuccess = jdbcConn.insertRole("my-domain", role);
    assertTrue(requestSuccess);
    Mockito.verify(mockPrepStmt, times(1)).setString(1, "my-domain");
    Mockito.verify(mockPrepStmt, times(1)).setString(1, "role1");
    Mockito.verify(mockPrepStmt, times(1)).setInt(2, 5);
    Mockito.verify(mockPrepStmt, times(1)).setString(3, "trust_domain");
    jdbcConn.close();
}
Also used : Role(com.yahoo.athenz.zms.Role) PrincipalRole(com.yahoo.athenz.zms.PrincipalRole) JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection) Test(org.testng.annotations.Test)

Example 70 with Role

use of com.yahoo.athenz.zms.Role in project athenz by yahoo.

the class JDBCConnectionTest method testUpdateRoleInvalidDomain.

@Test
public void testUpdateRoleInvalidDomain() throws Exception {
    JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
    Role role = new Role().setName("my-domain:role.role1");
    // domain id failure
    Mockito.when(mockResultSet.next()).thenReturn(false);
    try {
        jdbcConn.updateRole("my-domain", role);
        fail();
    } catch (Exception ex) {
        assertTrue(true);
    }
    jdbcConn.close();
}
Also used : Role(com.yahoo.athenz.zms.Role) PrincipalRole(com.yahoo.athenz.zms.PrincipalRole) JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection) ResourceException(com.yahoo.athenz.zms.ResourceException) SQLException(java.sql.SQLException) Test(org.testng.annotations.Test)

Aggregations

Role (com.yahoo.athenz.zms.Role)94 Test (org.testng.annotations.Test)57 RoleMember (com.yahoo.athenz.zms.RoleMember)47 ArrayList (java.util.ArrayList)47 DomainData (com.yahoo.athenz.zms.DomainData)32 DataCache (com.yahoo.athenz.zts.cache.DataCache)31 PrincipalRole (com.yahoo.athenz.zms.PrincipalRole)27 Policy (com.yahoo.athenz.zms.Policy)22 SignedDomain (com.yahoo.athenz.zms.SignedDomain)22 Assertion (com.yahoo.athenz.zms.Assertion)20 MemberRole (com.yahoo.athenz.zts.cache.MemberRole)19 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)14 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)13 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)12 ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)11 SQLException (java.sql.SQLException)9 HashMap (java.util.HashMap)8 ResourceException (com.yahoo.athenz.zms.ResourceException)7 Domain (com.yahoo.athenz.zms.Domain)6 File (java.io.File)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial