Examples with RoleMember com.yahoo.athenz.zms.RoleMember used on opensource projects

Search in sources :

Example 16 with RoleMember

use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.

the class DataCacheTest method testProcessRoleMembersWithWildcardsMultipleRoles.

@Test
public void testProcessRoleMembersWithWildcardsMultipleRoles() {
    List<RoleMember> members1 = new ArrayList<>();
    members1.add(new RoleMember().setMemberName("user_domain.user1"));
    members1.add(new RoleMember().setMemberName("user_domain.user2"));
    members1.add(new RoleMember().setMemberName("user_domain.*"));
    members1.add(new RoleMember().setMemberName("user_domain.user*"));
    members1.add(new RoleMember().setMemberName("*"));
    List<RoleMember> members2 = new ArrayList<>();
    members2.add(new RoleMember().setMemberName("user_domain.user1"));
    members2.add(new RoleMember().setMemberName("user_domain.user3"));
    members2.add(new RoleMember().setMemberName("user_domain.*"));
    members2.add(new RoleMember().setMemberName("*"));
    DataCache cache = new DataCache();
    cache.processRoleMembers("dom.role1", members1);
    cache.processRoleMembers("dom.role2", members2);
    Set<MemberRole> set1 = cache.getMemberRoleSet("user_domain.user1");
    assertNotNull(set1);
    assertTrue(set1.contains(new MemberRole("dom.role1", 0)));
    assertTrue(set1.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set1.size(), 2);
    Set<MemberRole> set2 = cache.getMemberRoleSet("user_domain.user2");
    assertNotNull(set2);
    assertTrue(set2.contains(new MemberRole("dom.role1", 0)));
    assertEquals(set2.size(), 1);
    Set<MemberRole> set3 = cache.getMemberRoleSet("user_domain.user3");
    assertNotNull(set3);
    assertTrue(set3.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set3.size(), 1);
    Set<MemberRole> set4 = cache.getAllMemberRoleSet();
    assertNotNull(set4);
    assertTrue(set4.contains(new MemberRole("dom.role1", 0)));
    assertTrue(set4.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set4.size(), 2);
    Map<String, Set<MemberRole>> setMap = cache.getPrefixMemberRoleSetMap();
    assertNotNull(setMap);
    assertEquals(setMap.size(), 2);
    Set<MemberRole> set5 = setMap.get("user_domain.");
    assertNotNull(set5);
    assertTrue(set5.contains(new MemberRole("dom.role1", 0)));
    assertTrue(set5.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set4.size(), 2);
    Set<MemberRole> set6 = setMap.get("user_domain.user");
    assertNotNull(set6);
    assertTrue(set6.contains(new MemberRole("dom.role1", 0)));
    assertEquals(set6.size(), 1);
}
Also used : Set(java.util.Set) ArrayList(java.util.ArrayList) RoleMember(com.yahoo.athenz.zms.RoleMember) DataCache(com.yahoo.athenz.zts.cache.DataCache) Test(org.testng.annotations.Test)

Example 17 with RoleMember

use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.

the class DataCacheTest method testMultipleRoles.

@Test
public void testMultipleRoles() {
    Role role1 = new Role();
    role1.setName("dom.role1");
    List<RoleMember> members1 = new ArrayList<>();
    members1.add(new RoleMember().setMemberName("user_domain.user1"));
    members1.add(new RoleMember().setMemberName("user_domain.user2"));
    role1.setRoleMembers(members1);
    Role role2 = new Role();
    role2.setName("dom.role2");
    List<RoleMember> members2 = new ArrayList<>();
    members2.add(new RoleMember().setMemberName("user_domain.user2"));
    members2.add(new RoleMember().setMemberName("user_domain.user3"));
    role2.setRoleMembers(members2);
    DataCache cache = new DataCache();
    cache.processRole(role1);
    cache.processRole(role2);
    Set<MemberRole> set1 = cache.getMemberRoleSet("user_domain.user1");
    assertNotNull(set1);
    assertTrue(set1.contains(new MemberRole("dom.role1", 0)));
    assertEquals(set1.size(), 1);
    Set<MemberRole> set2 = cache.getMemberRoleSet("user_domain.user2");
    assertNotNull(set2);
    assertTrue(set2.contains(new MemberRole("dom.role1", 0)));
    assertTrue(set2.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set2.size(), 2);
    Set<MemberRole> set3 = cache.getMemberRoleSet("user_domain.user3");
    assertNotNull(set3);
    assertTrue(set3.contains(new MemberRole("dom.role2", 0)));
    assertEquals(set3.size(), 1);
    Set<MemberRole> set4 = cache.getMemberRoleSet("user_domain.user4");
    assertNull(set4);
}
Also used : Role(com.yahoo.athenz.zms.Role) ArrayList(java.util.ArrayList) RoleMember(com.yahoo.athenz.zms.RoleMember) DataCache(com.yahoo.athenz.zts.cache.DataCache) Test(org.testng.annotations.Test)

Example 18 with RoleMember

use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.

the class ZTSImplTest method testGetRoleTokenProxyUser.

@Test
public void testGetRoleTokenProxyUser() {
    List<RoleMember> writers = new ArrayList<>();
    writers.add(new RoleMember().setMemberName("user_domain.proxy-user1"));
    writers.add(new RoleMember().setMemberName("user_domain.joe"));
    List<RoleMember> readers = new ArrayList<>();
    readers.add(new RoleMember().setMemberName("user_domain.proxy-user2"));
    readers.add(new RoleMember().setMemberName("user_domain.jane"));
    SignedDomain signedDomain = createSignedDomain("coretech-proxy2", "weather-proxy2", "storage", writers, readers, true);
    store.processDomain(signedDomain, false);
    Principal principal = SimplePrincipal.create("user_domain", "proxy-user1", "v=U1;d=user_domain;n=proxy-user1;s=sig", 0, null);
    ResourceContext context = createResourceContext(principal);
    RoleToken roleToken = zts.getRoleToken(context, "coretech-proxy2", null, Integer.valueOf(600), Integer.valueOf(1200), "user_domain.joe");
    com.yahoo.athenz.auth.token.RoleToken token = new com.yahoo.athenz.auth.token.RoleToken(roleToken.getToken());
    assertEquals(token.getRoles().size(), 1);
    assertTrue(token.getRoles().contains("writers"));
    assertTrue(roleToken.getToken().contains(";h=localhost;"));
    assertTrue(roleToken.getToken().contains(";i=10.11.12.13"));
    assertTrue(roleToken.getToken().contains(";p=user_domain.joe;"));
    assertTrue(roleToken.getToken().contains(";proxy=user_domain.proxy-user1;"));
    assertEquals(roleToken.getExpiryTime(), token.getExpiryTime());
    principal = SimplePrincipal.create("user_domain", "proxy-user2", "v=U1;d=user_domain;n=proxy-user2;s=sig", 0, null);
    context = createResourceContext(principal);
    roleToken = zts.getRoleToken(context, "coretech-proxy2", null, Integer.valueOf(600), Integer.valueOf(1200), "user_domain.jane");
    token = new com.yahoo.athenz.auth.token.RoleToken(roleToken.getToken());
    assertEquals(token.getRoles().size(), 1);
    assertTrue(token.getRoles().contains("readers"));
    assertTrue(roleToken.getToken().contains(";h=localhost;"));
    assertTrue(roleToken.getToken().contains(";i=10.11.12.13"));
    assertTrue(roleToken.getToken().contains(";p=user_domain.jane;"));
    assertTrue(roleToken.getToken().contains(";proxy=user_domain.proxy-user2;"));
    assertEquals(roleToken.getExpiryTime(), token.getExpiryTime());
}
Also used : ArrayList(java.util.ArrayList) SignedDomain(com.yahoo.athenz.zms.SignedDomain) RoleMember(com.yahoo.athenz.zms.RoleMember) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 19 with RoleMember

use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.

the class ZTSImplTest method testGetRoleTokenProxyUserSpecificRole.

@Test
public void testGetRoleTokenProxyUserSpecificRole() {
    List<RoleMember> writers = new ArrayList<>();
    writers.add(new RoleMember().setMemberName("user_domain.proxy-user1"));
    writers.add(new RoleMember().setMemberName("user_domain.joe"));
    List<RoleMember> readers = new ArrayList<>();
    readers.add(new RoleMember().setMemberName("user_domain.proxy-user2"));
    readers.add(new RoleMember().setMemberName("user_domain.jane"));
    readers.add(new RoleMember().setMemberName("user_domain.proxy-user1"));
    SignedDomain signedDomain = createSignedDomain("coretech-proxy4", "weather-proxy4", "storage", writers, readers, true);
    store.processDomain(signedDomain, false);
    Principal principal = SimplePrincipal.create("user_domain", "proxy-user1", "v=U1;d=user_domain;n=proxy-user1;s=sig", 0, null);
    ResourceContext context = createResourceContext(principal);
    RoleToken roleToken = zts.getRoleToken(context, "coretech-proxy4", "writers", Integer.valueOf(600), Integer.valueOf(1200), "user_domain.joe");
    com.yahoo.athenz.auth.token.RoleToken token = new com.yahoo.athenz.auth.token.RoleToken(roleToken.getToken());
    assertEquals(token.getRoles().size(), 1);
    assertTrue(token.getRoles().contains("writers"));
    assertTrue(roleToken.getToken().contains(";h=localhost;"));
    assertTrue(roleToken.getToken().contains(";i=10.11.12.13"));
    assertTrue(roleToken.getToken().contains(";p=user_domain.joe;"));
    assertTrue(roleToken.getToken().contains(";proxy=user_domain.proxy-user1;"));
    assertEquals(roleToken.getExpiryTime(), token.getExpiryTime());
}
Also used : ArrayList(java.util.ArrayList) SignedDomain(com.yahoo.athenz.zms.SignedDomain) RoleMember(com.yahoo.athenz.zms.RoleMember) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 20 with RoleMember

use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.

the class ZTSImplTest method createSignedDomainExpiration.

private SignedDomain createSignedDomainExpiration(String domainName, String serviceName, Boolean enabled) {
    SignedDomain signedDomain = new SignedDomain();
    List<Role> roles = new ArrayList<>();
    String memberName = "user_domain.user1";
    Role role = new Role();
    role.setName(generateRoleName(domainName, "admin"));
    List<RoleMember> members = new ArrayList<RoleMember>();
    RoleMember roleMember = new RoleMember();
    roleMember.setMemberName("user_domain.adminuser");
    members.add(roleMember);
    role.setRoleMembers(members);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "role1"));
    members = new ArrayList<RoleMember>();
    roleMember = new RoleMember();
    roleMember.setMemberName(memberName);
    roleMember.setExpiration(Timestamp.fromMillis(System.currentTimeMillis() - 100));
    members.add(roleMember);
    role.setRoleMembers(members);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "role2"));
    members = new ArrayList<RoleMember>();
    roleMember = new RoleMember();
    roleMember.setMemberName(memberName);
    roleMember.setExpiration(Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(1)));
    members.add(roleMember);
    role.setRoleMembers(members);
    roles.add(role);
    List<ServiceIdentity> services = new ArrayList<>();
    ServiceIdentity service = new ServiceIdentity();
    service.setName(generateServiceIdentityName(domainName, serviceName));
    setServicePublicKey(service, "0", ZTS_Y64_CERT0);
    services.add(service);
    DomainData domain = new DomainData();
    domain.setName(domainName);
    domain.setRoles(roles);
    domain.setServices(services);
    domain.setModified(Timestamp.fromCurrentTime());
    domain.setEnabled(enabled);
    signedDomain.setDomain(domain);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(domain), privateKey));
    signedDomain.setKeyId("0");
    return signedDomain;
}
Also used : Role(com.yahoo.athenz.zms.Role) ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity) SignedDomain(com.yahoo.athenz.zms.SignedDomain) ArrayList(java.util.ArrayList) DomainData(com.yahoo.athenz.zms.DomainData) RoleMember(com.yahoo.athenz.zms.RoleMember)

Aggregations

RoleMember (com.yahoo.athenz.zms.RoleMember)65 ArrayList (java.util.ArrayList)48 Role (com.yahoo.athenz.zms.Role)47 Test (org.testng.annotations.Test)35 SignedDomain (com.yahoo.athenz.zms.SignedDomain)26 DomainData (com.yahoo.athenz.zms.DomainData)25 DataCache (com.yahoo.athenz.zts.cache.DataCache)23 MemberRole (com.yahoo.athenz.zts.cache.MemberRole)18 Policy (com.yahoo.athenz.zms.Policy)13 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)13 Assertion (com.yahoo.athenz.zms.Assertion)12 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)12 PrincipalRole (com.yahoo.athenz.zms.PrincipalRole)9 ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)8 HashSet (java.util.HashSet)7 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)6 File (java.io.File)6 HashMap (java.util.HashMap)6 Domain (com.yahoo.athenz.zms.Domain)5 Set (java.util.Set)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial