Example 11 with UpdatePermission
use of com.yahoo.elide.annotation.UpdatePermission in project elide by yahoo.
the class PermissionExecutorTest method testBadInstance.
@Test
public void testBadInstance() {
@Entity
@Include(rootLevel = false)
@UpdatePermission(expression = "privatePermission")
class Model {
}
PersistentResource resource = newResource(new Model(), Model.class, true);
RequestScope requestScope = resource.getRequestScope();
assertThrows(IllegalArgumentException.class, () -> requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource));
requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used :
Entity(javax.persistence.Entity)
PersistentResource(com.yahoo.elide.core.PersistentResource)
Include(com.yahoo.elide.annotation.Include)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Example 12 with UpdatePermission
use of com.yahoo.elide.annotation.UpdatePermission in project elide by yahoo.
the class PermissionExecutorTest method testFailOperationCheckDeferred.
@Test
public void testFailOperationCheckDeferred() throws Exception {
@Entity
@Include(rootLevel = false)
@UpdatePermission(expression = "sampleOperation")
class Model implements SampleOperationModel {
@Override
public boolean test() {
return false;
}
}
PersistentResource resource = newResource(new Model(), Model.class, true);
RequestScope requestScope = resource.getRequestScope();
// Because the object is newly created, the check is DEFERRED.
assertEquals(ExpressionResult.DEFERRED, requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource));
assertThrows(ForbiddenAccessException.class, () -> requestScope.getPermissionExecutor().executeCommitChecks());
}
Also used :
Entity(javax.persistence.Entity)
PersistentResource(com.yahoo.elide.core.PersistentResource)
Include(com.yahoo.elide.annotation.Include)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Example 13 with UpdatePermission
use of com.yahoo.elide.annotation.UpdatePermission in project elide by yahoo.
the class PermissionExecutorTest method testFailRunAtCommitCheck.
@Test
public void testFailRunAtCommitCheck() throws Exception {
@Entity
@Include(rootLevel = false)
@UpdatePermission(expression = "sampleCommit")
class Model implements SampleOperationModel {
@Override
public boolean test() {
return false;
}
}
PersistentResource resource = newResource(new Model(), Model.class, false);
RequestScope requestScope = resource.getRequestScope();
// Because the check is runAtCommit, the check is DEFERRED.
assertEquals(ExpressionResult.DEFERRED, requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource));
assertThrows(ForbiddenAccessException.class, () -> requestScope.getPermissionExecutor().executeCommitChecks());
}
Also used :
Entity(javax.persistence.Entity)
PersistentResource(com.yahoo.elide.core.PersistentResource)
Include(com.yahoo.elide.annotation.Include)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Aggregations
UpdatePermission (com.yahoo.elide.annotation.UpdatePermission)13
Include (com.yahoo.elide.annotation.Include)12
PersistentResource (com.yahoo.elide.core.PersistentResource)12
Entity (javax.persistence.Entity)12
Test (org.junit.jupiter.api.Test)12
RequestScope (com.yahoo.elide.core.RequestScope)11
ChangeSpec (com.yahoo.elide.core.security.ChangeSpec)1
Expression (com.yahoo.elide.core.security.permissions.expressions.Expression)1
