Examples with TestAuditLogger com.yahoo.elide.core.audit.TestAuditLogger used on opensource projects

Example 1 with TestAuditLogger

use of com.yahoo.elide.core.audit.TestAuditLogger in project elide by yahoo.

the class PersistentResourceTest method testClassLevelAudit.

@Test
public void testClassLevelAudit() throws Exception {
    Child child = newChild(5);
    Parent parent = newParent(7);
    TestAuditLogger logger = new TestAuditLogger();
    RequestScope requestScope = getUserScope(goodUser, logger);
    PersistentResource<Parent> parentResource = new PersistentResource<>(parent, requestScope.getUUIDFor(parent), requestScope);
    PersistentResource<Child> childResource = new PersistentResource<>(child, parentResource, "children", requestScope.getUUIDFor(child), requestScope);
    childResource.auditClass(Audit.Action.CREATE, new ChangeSpec(childResource, null, null, childResource.getObject()));
    assertEquals(1, logger.getMessages().size(), "One message should be logged");
    LogMessage message = logger.getMessages().get(0);
    assertEquals("CREATE Child 5 Parent 7", message.getMessage(), "Logging template should match");
    assertEquals(0, message.getOperationCode(), "Operation code should match");
    // tidy up this thread's messages
    logger.clear();
}

Example 2 with TestAuditLogger

use of com.yahoo.elide.core.audit.TestAuditLogger in project elide by yahoo.

the class PersistentResourceTest method testFieldLevelAudit.

@Test
public void testFieldLevelAudit() throws Exception {
    Child child = newChild(5);
    Parent parent = newParent(7);
    TestAuditLogger logger = new TestAuditLogger();
    RequestScope requestScope = getUserScope(goodUser, logger);
    PersistentResource<Parent> parentResource = new PersistentResource<>(parent, requestScope.getUUIDFor(parent), requestScope);
    PersistentResource<Child> childResource = new PersistentResource<>(child, parentResource, "children", requestScope.getUUIDFor(child), requestScope);
    childResource.auditField(new ChangeSpec(childResource, "name", parent, null));
    assertEquals(1, logger.getMessages().size(), "One message should be logged");
    LogMessage message = logger.getMessages().get(0);
    assertEquals("UPDATE Child 5 Parent 7", message.getMessage(), "Logging template should match");
    assertEquals(1, message.getOperationCode(), "Operation code should match");
    // tidy up this thread's messages
    logger.clear();
}

Example 3 with TestAuditLogger

use of com.yahoo.elide.core.audit.TestAuditLogger in project elide by yahoo.

the class TableExportIT method tableExportModelAdminReadPermissions.

/**
 * Tests Read Permissions on TableExport Model for Admin Role.
 * @throws IOException IOException
 */
@Test
public void tableExportModelAdminReadPermissions() throws IOException {
    ElideResponse response = null;
    String id = "edc4a871-dff2-4054-804e-d80075c08959";
    String query = "test-query";
    com.yahoo.elide.async.models.TableExport queryObj = new com.yahoo.elide.async.models.TableExport();
    queryObj.setId(id);
    queryObj.setQuery(query);
    queryObj.setResultType(ResultType.CSV);
    queryObj.setQueryType(QueryType.JSONAPI_V1_0);
    queryObj.setPrincipalName("owner-user");
    EntityDictionary dictionary = EntityDictionary.builder().checks(AsyncIntegrationTestApplicationResourceConfig.MAPPINGS).build();
    dataStore.populateEntityDictionary(dictionary);
    DataStoreTransaction tx = dataStore.beginTransaction();
    tx.createObject(queryObj, null);
    tx.commit(null);
    tx.close();
    Elide elide = new Elide(new ElideSettingsBuilder(dataStore).withEntityDictionary(dictionary).withAuditLogger(new TestAuditLogger()).build());
    User ownerUser = new User(() -> "owner-user");
    SecurityContextUser securityContextAdminUser = new SecurityContextUser(new SecurityContext() {

        @Override
        public Principal getUserPrincipal() {
            return () -> "1";
        }

        @Override
        public boolean isUserInRole(String s) {
            return true;
        }

        @Override
        public boolean isSecure() {
            return false;
        }

        @Override
        public String getAuthenticationScheme() {
            return null;
        }
    });
    SecurityContextUser securityContextNonAdminUser = new SecurityContextUser(new SecurityContext() {

        @Override
        public Principal getUserPrincipal() {
            return () -> "2";
        }

        @Override
        public boolean isUserInRole(String s) {
            return false;
        }

        @Override
        public boolean isSecure() {
            return false;
        }

        @Override
        public String getAuthenticationScheme() {
            return null;
        }
    });
    String baseUrl = "/";
    // Principal is Owner
    response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), ownerUser, NO_VERSION);
    assertEquals(HttpStatus.SC_OK, response.getResponseCode());
    // Principal has Admin Role
    response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), securityContextAdminUser, NO_VERSION);
    assertEquals(HttpStatus.SC_OK, response.getResponseCode());
    // Principal without Admin Role
    response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), securityContextNonAdminUser, NO_VERSION);
    assertEquals(HttpStatus.SC_NOT_FOUND, response.getResponseCode());
}

Example 4 with TestAuditLogger

use of com.yahoo.elide.core.audit.TestAuditLogger in project elide by yahoo.

the class ResourceIT method elideSecurityEnabled.

@Test
public void elideSecurityEnabled() {
    Elide elide = new Elide(new ElideSettingsBuilder(dataStore).withEntityDictionary(EntityDictionary.builder().checks(TestCheckMappings.MAPPINGS).build()).withAuditLogger(new TestAuditLogger()).build());
    elide.doScans();
    com.yahoo.elide.core.security.User user = new com.yahoo.elide.core.security.User(() -> "-1");
    ElideResponse response = elide.get(baseUrl, "parent/1/children", new MultivaluedHashMap<>(), user, NO_VERSION);
    assertEquals(HttpStatus.SC_OK, response.getResponseCode());
    assertEquals("{\"data\":[]}", response.getBody());
}

Example 5 with TestAuditLogger

use of com.yahoo.elide.core.audit.TestAuditLogger in project elide by yahoo.

the class PermissionAnnotationTest method setup.

@BeforeAll
public static void setup() {
    dictionary.bindEntity(FunWithPermissions.class);
    FunWithPermissions fun = new FunWithPermissions();
    fun.setId(1);
    AuditLogger testLogger = new TestAuditLogger();
    ElideSettings elideSettings = new ElideSettingsBuilder(null).withDefaultPageSize(10).withDefaultMaxPageSize(10).withAuditLogger(testLogger).withEntityDictionary(dictionary).build();
    RequestScope goodScope = new RequestScope(null, null, NO_VERSION, null, null, GOOD_USER, null, null, UUID.randomUUID(), elideSettings);
    funRecord = new PersistentResource<>(fun, goodScope.getUUIDFor(fun), goodScope);
    RequestScope badScope = new RequestScope(null, null, NO_VERSION, null, null, BAD_USER, null, null, UUID.randomUUID(), elideSettings);
    badRecord = new PersistentResource<>(fun, badScope.getUUIDFor(fun), badScope);
}