Examples with PersistentResource com.yahoo.elide.core.PersistentResource used on opensource projects
Example 16 with PersistentResource
use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.
the class PermissionExecutorTest method testUserCheckCache.
@Test
public void testUserCheckCache() {
PersistentResource resource = newResource(UserCheckCacheRecord.class, false);
RequestScope requestScope = resource.getRequestScope();
// This should cache for updates, reads, etc.
assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource, ALL_FIELDS));
assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource, ALL_FIELDS));
assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkPermission(ReadPermission.class, resource, ALL_FIELDS));
assertEquals(ExpressionResult.PASS, requestScope.getPermissionExecutor().checkPermission(ReadPermission.class, resource, ALL_FIELDS));
}
Also used :
PersistentResource(com.yahoo.elide.core.PersistentResource)
ReadPermission(com.yahoo.elide.annotation.ReadPermission)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Example 17 with PersistentResource
use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.
the class PermissionExecutorTest method testUpdateFieldAwareFailureAny.
@Test
public void testUpdateFieldAwareFailureAny() {
PersistentResource resource = newResource(SampleBean.class, true);
RequestScope requestScope = resource.getRequestScope();
requestScope.getPermissionExecutor().checkSpecificFieldPermissions(resource, null, UpdatePermission.class, "mayFailInCommit");
assertThrows(ForbiddenAccessException.class, () -> requestScope.getPermissionExecutor().executeCommitChecks());
}
Also used :
PersistentResource(com.yahoo.elide.core.PersistentResource)
RequestScope(com.yahoo.elide.core.RequestScope)
Test(org.junit.jupiter.api.Test)
Example 18 with PersistentResource
use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.
the class PermissionExpressionBuilderTest method testSpecificFieldExpressionText.
@Test
public void testSpecificFieldExpressionText() {
@Entity
@Include(rootLevel = false)
@UpdatePermission(expression = "user has no access")
class Model {
@Id
private long id;
@UpdatePermission(expression = "user has all access OR user has no access")
private int foo;
}
dictionary.bindEntity(Model.class);
PersistentResource resource = newResource(new Model(), Model.class);
ChangeSpec changes = new ChangeSpec(resource, "foo", 1, 2);
Expression expression = builder.buildSpecificFieldExpressions(resource, UpdatePermission.class, "foo", changes);
assertEquals("UPDATE PERMISSION WAS INVOKED ON PersistentResource{type=model, id=0} WITH CHANGES ChangeSpec { " + "resource=PersistentResource{type=model, id=0}, field=foo, original=1, modified=2} " + "FOR EXPRESSION [FIELD(((user has all access " + "\u001B[34mWAS UNEVALUATED\u001B[m)) OR ((user has no access " + "\u001B[34mWAS UNEVALUATED\u001B[m)))]", expression.toString());
expression.evaluate(Expression.EvaluationMode.ALL_CHECKS);
assertEquals("UPDATE PERMISSION WAS INVOKED ON PersistentResource{type=model, id=0} WITH CHANGES ChangeSpec { " + "resource=PersistentResource{type=model, id=0}, field=foo, original=1, modified=2} " + "FOR EXPRESSION [FIELD(((user has all access " + "\u001B[32mPASSED\u001B[m)) OR ((user has no access " + "\u001B[34mWAS UNEVALUATED\u001B[m)))]", expression.toString());
}
Also used :
Entity(javax.persistence.Entity)
PersistentResource(com.yahoo.elide.core.PersistentResource)
ChangeSpec(com.yahoo.elide.core.security.ChangeSpec)
Expression(com.yahoo.elide.core.security.permissions.expressions.Expression)
Include(com.yahoo.elide.annotation.Include)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Example 19 with PersistentResource
use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.
the class PermissionExecutorTest method testPassAnySpecificFieldAwareFailOperationSuccessCommit.
@Test
public void testPassAnySpecificFieldAwareFailOperationSuccessCommit() {
@Entity
@Include(rootLevel = false)
@UpdatePermission(expression = "Prefab.Role.None AND passingOp")
class Model {
@Id
public Long id;
@UpdatePermission(expression = "Prefab.Role.None OR passingOp")
public String field = "some data";
}
PersistentResource resource = newResource(new Model(), Model.class, true);
RequestScope requestScope = resource.getRequestScope();
assertEquals(ExpressionResult.DEFERRED, requestScope.getPermissionExecutor().checkSpecificFieldPermissions(resource, null, UpdatePermission.class, "field"));
requestScope.getPermissionExecutor().executeCommitChecks();
}
Also used :
Entity(javax.persistence.Entity)
PersistentResource(com.yahoo.elide.core.PersistentResource)
Include(com.yahoo.elide.annotation.Include)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Example 20 with PersistentResource
use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.
the class PermissionExecutorTest method testNoCache.
@Test
public void testNoCache() {
PersistentResource resource = newResource(AnnotationOnlyRecord.class, false);
RequestScope requestScope = resource.getRequestScope();
assertThrows(ForbiddenAccessException.class, () -> requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource, ALL_FIELDS));
assertThrows(ForbiddenAccessException.class, () -> requestScope.getPermissionExecutor().checkPermission(UpdatePermission.class, resource, ALL_FIELDS));
}
Also used :
PersistentResource(com.yahoo.elide.core.PersistentResource)
RequestScope(com.yahoo.elide.core.RequestScope)
UpdatePermission(com.yahoo.elide.annotation.UpdatePermission)
Test(org.junit.jupiter.api.Test)
Aggregations
PersistentResource (com.yahoo.elide.core.PersistentResource)100
Test (org.junit.jupiter.api.Test)71
RequestScope (com.yahoo.elide.core.RequestScope)60
ReadPermission (com.yahoo.elide.annotation.ReadPermission)18
UpdatePermission (com.yahoo.elide.annotation.UpdatePermission)18
DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)17
Include (com.yahoo.elide.annotation.Include)16
Entity (javax.persistence.Entity)16
Resource (com.yahoo.elide.jsonapi.models.Resource)13
AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)10
NotFilterExpression (com.yahoo.elide.core.filter.expression.NotFilterExpression)10
OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)10
PermissionExecutor (com.yahoo.elide.core.security.PermissionExecutor)10
JsonApiDocument (com.yahoo.elide.jsonapi.models.JsonApiDocument)10
Book (example.Book)10
LinkedHashSet (java.util.LinkedHashSet)9
EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)8
BadRequestException (com.yahoo.elide.core.exceptions.BadRequestException)8
FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)8
RSQLFilterDialect (com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)7
