Search in sources :

Example 11 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class LifeCycleTest method testPreSecurityLifecycleHookException.

@Test
public void testPreSecurityLifecycleHookException() {
    DataStoreTransaction tx = mock(DataStoreTransaction.class);
    FieldTestModel testModel = mock(FieldTestModel.class);
    doThrow(IllegalStateException.class).when(testModel).attributeCallback(eq(UPDATE), eq(PRESECURITY), any(ChangeSpec.class));
    RequestScope scope = buildRequestScope(dictionary, tx);
    PersistentResource resource = new PersistentResource(testModel, "1", scope);
    assertThrows(IllegalStateException.class, () -> resource.updateAttribute("field", "New value"));
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) ChangeSpec(com.yahoo.elide.core.security.ChangeSpec) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) RequestScope(com.yahoo.elide.core.RequestScope) Test(org.junit.jupiter.api.Test)

Example 12 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PermissionExecutorTest method testSuccessfulRunAtCommitCheck.

@Test
public void testSuccessfulRunAtCommitCheck() throws Exception {
    @Entity
    @Include(rootLevel = false)
    @UpdatePermission(expression = "sampleCommit")
    class Model implements SampleOperationModel {
    }
    PersistentResource resource = newResource(new Model(), Model.class, false);
    RequestScope requestScope = resource.getRequestScope();
    // Because the check is runAtCommit, the check is DEFERRED.
    assertEquals(ExpressionResult.DEFERRED, requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource, ALL_FIELDS));
    requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used : Entity(javax.persistence.Entity) PersistentResource(com.yahoo.elide.core.PersistentResource) Include(com.yahoo.elide.annotation.Include) RequestScope(com.yahoo.elide.core.RequestScope) UpdatePermission(com.yahoo.elide.annotation.UpdatePermission) Test(org.junit.jupiter.api.Test)

Example 13 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PermissionExecutorTest method testReadFieldAwareSuccessAllAnyField.

@Test
public void testReadFieldAwareSuccessAllAnyField() {
    SampleBean sampleBean = new SampleBean();
    sampleBean.id = 1L;
    PersistentResource resource = newResource(sampleBean, SampleBean.class, false);
    RequestScope requestScope = resource.getRequestScope();
    assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkPermission(ReadPermission.class, resource, ALL_FIELDS));
    requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) ReadPermission(com.yahoo.elide.annotation.ReadPermission) RequestScope(com.yahoo.elide.core.RequestScope) Test(org.junit.jupiter.api.Test)

Example 14 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PermissionExecutorTest method testSpecificFieldOveriddenOperationCheckSucceed.

@Test
public void testSpecificFieldOveriddenOperationCheckSucceed() {
    PersistentResource resource = newResource(CheckedEntity.class, true);
    RequestScope requestScope = resource.getRequestScope();
    // Should succeed in operation check despite the commit check failure
    assertEquals(ExpressionResult.DEFERRED, requestScope.getPermissionExecutor().checkSpecificFieldPermissions(resource, null, UpdatePermission.class, "hello"));
    requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) RequestScope(com.yahoo.elide.core.RequestScope) UpdatePermission(com.yahoo.elide.annotation.UpdatePermission) Test(org.junit.jupiter.api.Test)

Example 15 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PermissionExecutorTest method testReadFieldAwareSuccessAll.

@Test
public void testReadFieldAwareSuccessAll() {
    SampleBean sampleBean = new SampleBean();
    sampleBean.id = 1L;
    PersistentResource resource = newResource(sampleBean, SampleBean.class, false);
    RequestScope requestScope = resource.getRequestScope();
    assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkSpecificFieldPermissions(resource, new ChangeSpec(null, null, null, null), ReadPermission.class, "allVisible"));
    requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) ReadPermission(com.yahoo.elide.annotation.ReadPermission) RequestScope(com.yahoo.elide.core.RequestScope) Test(org.junit.jupiter.api.Test)

Aggregations

PersistentResource (com.yahoo.elide.core.PersistentResource)100 Test (org.junit.jupiter.api.Test)71 RequestScope (com.yahoo.elide.core.RequestScope)60 ReadPermission (com.yahoo.elide.annotation.ReadPermission)18 UpdatePermission (com.yahoo.elide.annotation.UpdatePermission)18 DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)17 Include (com.yahoo.elide.annotation.Include)16 Entity (javax.persistence.Entity)16 Resource (com.yahoo.elide.jsonapi.models.Resource)13 AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)10 NotFilterExpression (com.yahoo.elide.core.filter.expression.NotFilterExpression)10 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)10 PermissionExecutor (com.yahoo.elide.core.security.PermissionExecutor)10 JsonApiDocument (com.yahoo.elide.jsonapi.models.JsonApiDocument)10 Book (example.Book)10 LinkedHashSet (java.util.LinkedHashSet)9 EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)8 BadRequestException (com.yahoo.elide.core.exceptions.BadRequestException)8 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)8 RSQLFilterDialect (com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)7