Examples with PersistentResource com.yahoo.elide.core.PersistentResource used on opensource projects

Search in sources :

Example 66 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitDeferred.

@Test
public void testShortCircuitDeferred() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("genre==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE)).thenThrow(ForbiddenAccessException.class);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE);
    verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
    verify(permissionExecutor, times(1)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 67 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitReject.

@Test
public void testShortCircuitReject() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("genre==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE)).thenThrow(ForbiddenAccessException.class);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE);
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
    verify(permissionExecutor, times(1)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 68 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testBypassReadonlyFilterRestriction.

@Test
public void testBypassReadonlyFilterRestriction() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.name==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.evaluateFilterJoinUserChecks(any(), any())).thenReturn(ExpressionResult.PASS);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertTrue(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(any(), any(), any(), any());
    verify(permissionExecutor, never()).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, never()).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 69 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testAccept.

@Test
public void testAccept() throws Exception {
    Path p1Path = new Path(Arrays.asList(new PathElement(Book.class, Author.class, AUTHORS), new PathElement(Author.class, String.class, NAME)));
    FilterPredicate p1 = new InPredicate(p1Path, "foo", "bar");
    Path p2Path = new Path(Arrays.asList(new PathElement(Book.class, String.class, NAME)));
    FilterPredicate p2 = new InPredicate(p2Path, "blah");
    Path p3Path = new Path(Arrays.asList(new PathElement(Book.class, String.class, GENRE)));
    FilterPredicate p3 = new InPredicate(p3Path, SCIFI);
    // P4 is a duplicate of P3
    Path p4Path = new Path(Arrays.asList(new PathElement(Book.class, String.class, GENRE)));
    FilterPredicate p4 = new InPredicate(p4Path, SCIFI);
    OrFilterExpression or = new OrFilterExpression(p2, p3);
    AndFilterExpression and1 = new AndFilterExpression(or, p1);
    AndFilterExpression and2 = new AndFilterExpression(and1, p4);
    NotFilterExpression not = new NotFilterExpression(and2);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // unrestricted fields
    assertTrue(not.accept(visitor));
    assertTrue(and1.accept(visitor));
    assertTrue(and2.accept(visitor));
    assertTrue(or.accept(visitor));
    assertTrue(p1.accept(visitor));
    assertTrue(p2.accept(visitor));
    assertTrue(p3.accept(visitor));
    assertTrue(p4.accept(visitor));
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    verify(permissionExecutor, times(17)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(5)).checkSpecificFieldPermissions(resource, null, ReadPermission.class, NAME);
    verify(permissionExecutor, times(21)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, never()).handleFilterJoinReject(any(), any(), any());
}
Also used : Path(com.yahoo.elide.core.Path) PersistentResource(com.yahoo.elide.core.PersistentResource) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) InPredicate(com.yahoo.elide.core.filter.predicates.InPredicate) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) PathElement(com.yahoo.elide.core.Path.PathElement) Book(example.Book) Author(example.Author) FilterPredicate(com.yahoo.elide.core.filter.predicates.FilterPredicate) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) Test(org.junit.jupiter.api.Test)

Example 70 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class JsonApiTest method writeList.

@Test
public void writeList() throws JsonProcessingException {
    Parent parent = new Parent();
    Child child = new Child();
    parent.setId(123L);
    parent.setSpouses(Sets.newHashSet());
    child.setId(2);
    parent.setChildren(Collections.singleton(child));
    child.setParents(Collections.singleton(parent));
    parent.setFirstName("bob");
    child.setFriends(new HashSet<>());
    RequestScope userScope = new TestRequestScope(BASE_URL, tx, user, dictionary);
    JsonApiDocument jsonApiDocument = new JsonApiDocument();
    jsonApiDocument.setData(new Data<>(Collections.singletonList(new PersistentResource<>(parent, userScope.getUUIDFor(parent), userScope).toResource())));
    String expected = "{\"data\":[{" + "\"type\":\"parent\"," + "\"id\":\"123\"," + "\"attributes\":{\"firstName\":\"bob\"}," + "\"relationships\":{" + "\"children\":{" + "\"links\":{\"self\":\"http://localhost:8080/json/parent/123/relationships/children\",\"related\":\"http://localhost:8080/json/parent/123/children\"}," + "\"data\":[{\"type\":\"child\",\"id\":\"2\"}]}," + "\"spouses\":{" + "\"links\":{\"self\":\"http://localhost:8080/json/parent/123/relationships/spouses\",\"related\":\"http://localhost:8080/json/parent/123/spouses\"}," + "\"data\":[]}}," + "\"links\":{\"self\":\"http://localhost:8080/json/parent/123\"}}]}";
    Data<Resource> data = jsonApiDocument.getData();
    String doc = mapper.writeJsonApiDocument(jsonApiDocument);
    assertEquals(data, jsonApiDocument.getData());
    assertEquals(expected, doc);
    checkEquality(jsonApiDocument);
}
Also used : TestRequestScope(com.yahoo.elide.core.TestRequestScope) PersistentResource(com.yahoo.elide.core.PersistentResource) JsonApiDocument(com.yahoo.elide.jsonapi.models.JsonApiDocument) Parent(example.Parent) Resource(com.yahoo.elide.jsonapi.models.Resource) PersistentResource(com.yahoo.elide.core.PersistentResource) Child(example.Child) RequestScope(com.yahoo.elide.core.RequestScope) TestRequestScope(com.yahoo.elide.core.TestRequestScope) Test(org.junit.jupiter.api.Test)

Aggregations

PersistentResource (com.yahoo.elide.core.PersistentResource)100 Test (org.junit.jupiter.api.Test)71 RequestScope (com.yahoo.elide.core.RequestScope)60 ReadPermission (com.yahoo.elide.annotation.ReadPermission)18 UpdatePermission (com.yahoo.elide.annotation.UpdatePermission)18 DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)17 Include (com.yahoo.elide.annotation.Include)16 Entity (javax.persistence.Entity)16 Resource (com.yahoo.elide.jsonapi.models.Resource)13 AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)10 NotFilterExpression (com.yahoo.elide.core.filter.expression.NotFilterExpression)10 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)10 PermissionExecutor (com.yahoo.elide.core.security.PermissionExecutor)10 JsonApiDocument (com.yahoo.elide.jsonapi.models.JsonApiDocument)10 Book (example.Book)10 LinkedHashSet (java.util.LinkedHashSet)9 EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)8 BadRequestException (com.yahoo.elide.core.exceptions.BadRequestException)8 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)8 RSQLFilterDialect (com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial