Examples with PersistentResource com.yahoo.elide.core.PersistentResource used on opensource projects

Search in sources :

Example 41 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testUserChecksDeferred.

@Test
public void testUserChecksDeferred() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PersistentResource<Author> resourceAuthor = new PersistentResource<>(author, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.checkSpecificFieldPermissionsDeferred(resource, null, ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.getReadPermissionFilter(ClassType.of(Author.class), null)).thenReturn(Optional.empty());
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
    when(tx.getToManyRelation(eq(tx), eq(book), any(), eq(scope))).thenReturn(new DataStoreIterableBuilder(book.getAuthors()).build());
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, times(1)).getReadPermissionFilter(ClassType.of(Author.class), new HashSet<>());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
    verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME);
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, times(1)).getToManyRelation(eq(tx), eq(book), any(), eq(scope));
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) DataStoreIterableBuilder(com.yahoo.elide.core.datastore.DataStoreIterableBuilder) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) Book(example.Book) Author(example.Author) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 42 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitRejectDeferThenFail.

@Test
public void testShortCircuitRejectDeferThenFail() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, never()).getReadPermissionFilter(ClassType.of(Author.class), null);
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(any(), any(), any(), any());
    verify(permissionExecutor, never()).checkSpecificFieldPermissionsDeferred(any(), any(), any(), any());
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) Author(example.Author) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 43 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitPass.

@Test
public void testShortCircuitPass() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.name==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, NAME)).thenReturn(ExpressionResult.PASS);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertTrue(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, NAME);
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, never()).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) Author(example.Author) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 44 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PersistentResourceFetcher method removeObjects.

/**
 * Removes a relationship, or deletes a root level resource.
 * @param context Environment encapsulating graphQL's request environment
 * @return set of removed {@link PersistentResource} object(s)
 */
private ConnectionContainer removeObjects(Environment context) {
    /* sanity check for id and data argument w REPLACE */
    if (context.data.isPresent()) {
        throw new BadRequestException("REPLACE must not include data argument");
    }
    if (!context.ids.isPresent()) {
        throw new BadRequestException("REPLACE must include ids argument");
    }
    ConnectionContainer connection = (ConnectionContainer) fetchObjects(context);
    Set<PersistentResource> toRemove = connection.getPersistentResources();
    if (!context.isRoot()) {
        /* has parent */
        toRemove.forEach(item -> context.parentResource.removeRelation(context.field.getName(), item));
    } else {
        /* is root */
        toRemove.forEach(PersistentResource::deleteResource);
    }
    return new ConnectionContainer(Collections.emptySet(), Optional.empty(), connection.getTypeName());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) ConnectionContainer(com.yahoo.elide.graphql.containers.ConnectionContainer) BadRequestException(com.yahoo.elide.core.exceptions.BadRequestException)

Example 45 with PersistentResource

use of com.yahoo.elide.core.PersistentResource in project elide by yahoo.

the class PersistentResourceFetcher method fetchObject.

/**
 * Fetches a root-level entity.
 * @param requestScope Request scope
 * @param projection constructed entityProjection for a class
 * @param ids List of ids (can be NULL)
 * @return {@link PersistentResource} object(s)
 */
public static ConnectionContainer fetchObject(RequestScope requestScope, EntityProjection projection, Optional<List<String>> ids) {
    EntityDictionary dictionary = requestScope.getDictionary();
    String typeName = dictionary.getJsonAliasFor(projection.getType());
    /* fetching a collection */
    Observable<PersistentResource> records = ids.map((idList) -> {
        /* handle empty list of ids */
        if (idList.isEmpty()) {
            throw new BadRequestException("Empty list passed to ids");
        }
        return PersistentResource.loadRecords(projection, idList, requestScope);
    }).orElseGet(() -> PersistentResource.loadRecords(projection, new ArrayList<>(), requestScope));
    return new ConnectionContainer(records.toList(LinkedHashSet::new).blockingGet(), Optional.ofNullable(projection.getPagination()), typeName);
}
Also used : MapEntryContainer(com.yahoo.elide.graphql.containers.MapEntryContainer) OperationDefinition(graphql.language.OperationDefinition) DataFetchingEnvironment(graphql.schema.DataFetchingEnvironment) ConnectionContainer(com.yahoo.elide.graphql.containers.ConnectionContainer) ClassType(com.yahoo.elide.core.type.ClassType) ArrayList(java.util.ArrayList) Map(java.util.Map) PersistentResource(com.yahoo.elide.core.PersistentResource) DataFetcher(graphql.schema.DataFetcher) Relationship(com.yahoo.elide.core.request.Relationship) Observable(io.reactivex.Observable) LinkedHashSet(java.util.LinkedHashSet) RequestScope(com.yahoo.elide.core.RequestScope) ARGUMENT_OPERATION(com.yahoo.elide.graphql.ModelBuilder.ARGUMENT_OPERATION) FETCH(com.yahoo.elide.graphql.RelationshipOp.FETCH) InvalidObjectIdentifierException(com.yahoo.elide.core.exceptions.InvalidObjectIdentifierException) Set(java.util.Set) EntityProjection(com.yahoo.elide.core.request.EntityProjection) NotNull(javax.validation.constraints.NotNull) Collectors(java.util.stream.Collectors) EntityDictionary(com.yahoo.elide.core.dictionary.EntityDictionary) Sets(com.google.common.collect.Sets) Objects(java.util.Objects) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) BadRequestException(com.yahoo.elide.core.exceptions.BadRequestException) InvalidValueException(com.yahoo.elide.core.exceptions.InvalidValueException) Type(com.yahoo.elide.core.type.Type) Optional(java.util.Optional) GraphQLContainer(com.yahoo.elide.graphql.containers.GraphQLContainer) Queue(java.util.Queue) ArrayDeque(java.util.ArrayDeque) Collections(java.util.Collections) LinkedHashSet(java.util.LinkedHashSet) PersistentResource(com.yahoo.elide.core.PersistentResource) ConnectionContainer(com.yahoo.elide.graphql.containers.ConnectionContainer) ArrayList(java.util.ArrayList) BadRequestException(com.yahoo.elide.core.exceptions.BadRequestException) EntityDictionary(com.yahoo.elide.core.dictionary.EntityDictionary)

Aggregations

PersistentResource (com.yahoo.elide.core.PersistentResource)100 Test (org.junit.jupiter.api.Test)71 RequestScope (com.yahoo.elide.core.RequestScope)60 ReadPermission (com.yahoo.elide.annotation.ReadPermission)18 UpdatePermission (com.yahoo.elide.annotation.UpdatePermission)18 DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)17 Include (com.yahoo.elide.annotation.Include)16 Entity (javax.persistence.Entity)16 Resource (com.yahoo.elide.jsonapi.models.Resource)13 AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)10 NotFilterExpression (com.yahoo.elide.core.filter.expression.NotFilterExpression)10 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)10 PermissionExecutor (com.yahoo.elide.core.security.PermissionExecutor)10 JsonApiDocument (com.yahoo.elide.jsonapi.models.JsonApiDocument)10 Book (example.Book)10 LinkedHashSet (java.util.LinkedHashSet)9 EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)8 BadRequestException (com.yahoo.elide.core.exceptions.BadRequestException)8 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)8 RSQLFilterDialect (com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial