Examples with DataStoreIterableBuilder com.yahoo.elide.core.datastore.DataStoreIterableBuilder used on opensource projects

Example 11 with DataStoreIterableBuilder

use of com.yahoo.elide.core.datastore.DataStoreIterableBuilder in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testUserChecksDeferred.

@Test
public void testUserChecksDeferred() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PersistentResource<Author> resourceAuthor = new PersistentResource<>(author, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.checkSpecificFieldPermissionsDeferred(resource, null, ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.getReadPermissionFilter(ClassType.of(Author.class), null)).thenReturn(Optional.empty());
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
    when(tx.getToManyRelation(eq(tx), eq(book), any(), eq(scope))).thenReturn(new DataStoreIterableBuilder(book.getAuthors()).build());
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, times(1)).getReadPermissionFilter(ClassType.of(Author.class), new HashSet<>());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
    verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME);
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, times(1)).getToManyRelation(eq(tx), eq(book), any(), eq(scope));
}

Example 12 with DataStoreIterableBuilder

use of com.yahoo.elide.core.datastore.DataStoreIterableBuilder in project elide by yahoo.

the class PersistentResourceTest method testDeletePermissionCheckedOnInverseRelationship.

@Test
public void testDeletePermissionCheckedOnInverseRelationship() {
    Left left = new Left();
    left.setId(1);
    Right right = new Right();
    right.setId(2);
    Set<Right> rights = Sets.newHashSet(right);
    left.setFieldLevelDelete(Sets.newHashSet(right));
    right.setAllowDeleteAtFieldLevel(Sets.newHashSet(left));
    // Bad User triggers the delete permission failure
    when(tx.getToManyRelation(any(), eq(left), any(), any())).thenReturn(new DataStoreIterableBuilder(rights).build());
    RequestScope badScope = buildRequestScope(tx, badUser);
    PersistentResource<Left> leftResource = new PersistentResource<>(left, badScope.getUUIDFor(left), badScope);
    assertTrue(leftResource.clearRelation("fieldLevelDelete"));
    assertEquals(0, leftResource.getObject().getFieldLevelDelete().size());
}

Example 13 with DataStoreIterableBuilder

use of com.yahoo.elide.core.datastore.DataStoreIterableBuilder in project elide by yahoo.

the class PersistentResourceTest method testGetRelationByInvalidId.

@Test
public void testGetRelationByInvalidId() {
    FunWithPermissions fun = new FunWithPermissions();
    Child child1 = newChild(1);
    Child child2 = newChild(2);
    Child child3 = newChild(3);
    fun.setRelation2(Sets.newHashSet(child1, child2, child3));
    when(tx.getToManyRelation(eq(tx), any(), any(), any())).thenReturn(new DataStoreIterableBuilder(Sets.newHashSet(child1)).build());
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    PersistentResource<FunWithPermissions> funResource = new PersistentResource<>(fun, "3", goodScope);
    assertThrows(InvalidObjectIdentifierException.class, () -> funResource.getRelation(getRelationship(ClassType.of(FunWithPermissions.class), "relation2"), "-1000"));
}

Example 14 with DataStoreIterableBuilder

use of com.yahoo.elide.core.datastore.DataStoreIterableBuilder in project elide by yahoo.

the class PersistentResourceTest method testGetSingleRelationInMemory.

@Test
public void testGetSingleRelationInMemory() {
    // Ensure we don't break when we try to get a specific relationship in memory (i.e. not yet pushed to datastore)
    Parent parent = newParent(1);
    Child child1 = newChild(1, "paul john");
    Child child2 = newChild(2, "john buzzard");
    Child child3 = newChild(3, "chris smith");
    Set<Child> children = Sets.newHashSet(child1, child2, child3);
    parent.setChildren(children);
    RequestScope scope = new TestRequestScope(tx, goodUser, dictionary);
    when(scope.getTransaction().getToManyRelation(any(), eq(parent), any(), any())).thenReturn(new DataStoreIterableBuilder(children).build());
    PersistentResource<Parent> parentResource = new PersistentResource<>(parent, "1", scope);
    PersistentResource childResource = parentResource.getRelation(getRelationship(ClassType.of(Parent.class), "children"), "2");
    assertEquals("2", childResource.getId());
    assertEquals("john buzzard", ((Child) childResource.getObject()).getName());
}

Example 15 with DataStoreIterableBuilder

use of com.yahoo.elide.core.datastore.DataStoreIterableBuilder in project elide by yahoo.

the class PersistentResourceTest method testNoSaveNonModifications.

// Test to ensure that save() is not called on unmodified objects
@Test
public void testNoSaveNonModifications() {
    FunWithPermissions fun = new FunWithPermissions();
    Child child = newChild(1);
    Child secret = newChild(2);
    Parent parent = new Parent();
    fun.setRelation3(child);
    Set<Child> children1 = Sets.newHashSet(child);
    fun.setRelation1(children1);
    Set<Child> children2 = Sets.newHashSet(child);
    parent.setChildren(children2);
    parent.setFirstName("Leeroy");
    child.setReadNoAccess(secret);
    when(tx.getToOneRelation(any(), eq(fun), eq(com.yahoo.elide.core.request.Relationship.builder().name("relation3").alias("relation3").projection(EntityProjection.builder().type(Child.class).build()).build()), any())).thenReturn(child);
    when(tx.getToManyRelation(any(), eq(fun), eq(com.yahoo.elide.core.request.Relationship.builder().name("relation1").alias("relation1").projection(EntityProjection.builder().type(Child.class).build()).build()), any())).thenReturn(new DataStoreIterableBuilder(children1).build());
    when(tx.getToManyRelation(any(), eq(parent), eq(com.yahoo.elide.core.request.Relationship.builder().name("children").alias("children").projection(EntityProjection.builder().type(Child.class).build()).build()), any())).thenReturn(new DataStoreIterableBuilder(children2).build());
    when(tx.getToOneRelation(any(), eq(child), eq(com.yahoo.elide.core.request.Relationship.builder().name("readNoAccess").alias("readNoAccess").projection(EntityProjection.builder().type(Child.class).build()).build()), any())).thenReturn(secret);
    RequestScope funScope = new TestRequestScope(tx, goodUser, dictionary);
    RequestScope childScope = new TestRequestScope(tx, goodUser, dictionary);
    RequestScope parentScope = new TestRequestScope(tx, goodUser, dictionary);
    PersistentResource<FunWithPermissions> funResource = new PersistentResource<>(fun, "1", funScope);
    PersistentResource<Child> childResource = new PersistentResource<>(child, "1", childScope);
    PersistentResource<Child> secretResource = new PersistentResource<>(secret, "1", childScope);
    PersistentResource<Parent> parentResource = new PersistentResource<>(parent, "1", parentScope);
    // Add an existing to-one relationship
    funResource.addRelation("relation3", childResource);
    // Add an exising to-many relationship
    funResource.addRelation("relation1", childResource);
    // Update set with same data
    funResource.updateRelation("relation1", Sets.newHashSet(childResource));
    // Update to-one relation with same relation with same data
    funResource.updateRelation("relation3", Sets.newHashSet(childResource));
    // Update to-many with bi-directional relationship
    parentResource.updateRelation("children", Sets.newHashSet(childResource));
    // Update to-one with bi-directional relation with same data
    childResource.updateRelation("readNoAccess", Sets.newHashSet(secretResource));
    // Update an attribute with the same value
    parentResource.updateAttribute("firstName", "Leeroy");
    // Remove non-existing to-many relation
    childResource.removeRelation("friends", secretResource);
    // Clear empty to-many relation
    childResource.clearRelation("parents");
    // Clear empty to-one relation
    secretResource.clearRelation("readNoAccess");
    parentScope.saveOrCreateObjects();
    childScope.saveOrCreateObjects();
    funScope.saveOrCreateObjects();
    verify(tx, never()).save(fun, funScope);
    verify(tx, never()).save(child, childScope);
    verify(tx, never()).save(parent, parentScope);
    verify(tx, never()).save(secret, childScope);
}