Example 31 with DataStoreTransaction
use of com.yahoo.elide.core.datastore.DataStoreTransaction in project elide by yahoo.
the class TransactionWrapperTest method testGetToManyRelation.
@Test
public void testGetToManyRelation() {
DataStoreTransaction wrapped = mock(DataStoreTransaction.class);
DataStoreTransaction wrapper = new TestTransactionWrapper(wrapped);
DataStoreIterable expected = mock(DataStoreIterable.class);
when(wrapped.getToManyRelation(any(), any(), any(), any())).thenReturn(expected);
DataStoreIterable actual = wrapper.getToManyRelation(null, null, null, null);
verify(wrapped, times(1)).getToManyRelation(any(), any(), any(), any());
assertEquals(expected, actual);
}
Also used :
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
DataStoreIterable(com.yahoo.elide.core.datastore.DataStoreIterable)
Test(org.junit.jupiter.api.Test)
Example 32 with DataStoreTransaction
use of com.yahoo.elide.core.datastore.DataStoreTransaction in project elide by yahoo.
the class TransactionWrapperTest method testCommit.
@Test
public void testCommit() {
DataStoreTransaction wrapped = mock(DataStoreTransaction.class);
DataStoreTransaction wrapper = new TestTransactionWrapper(wrapped);
wrapper.commit(null);
verify(wrapped, times(1)).commit(any());
}
Also used :
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
Test(org.junit.jupiter.api.Test)
Example 33 with DataStoreTransaction
use of com.yahoo.elide.core.datastore.DataStoreTransaction in project elide by yahoo.
the class TransactionWrapperTest method testSave.
@Test
public void testSave() {
DataStoreTransaction wrapped = mock(DataStoreTransaction.class);
DataStoreTransaction wrapper = new TestTransactionWrapper(wrapped);
wrapper.save(null, null);
verify(wrapped, times(1)).save(any(), any());
}
Also used :
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
Test(org.junit.jupiter.api.Test)
Example 34 with DataStoreTransaction
use of com.yahoo.elide.core.datastore.DataStoreTransaction in project elide by yahoo.
the class VerifyFieldAccessFilterExpressionVisitorTest method testCustomFilterJoin.
@Test
public void testCustomFilterJoin() throws Exception {
RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
FilterExpression expression = dialect.parseFilterExpression("genre==foo", ClassType.of(Book.class), true);
Book book = new Book();
PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
DataStoreTransaction tx = scope.getTransaction();
when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE)).thenReturn(ExpressionResult.DEFERRED);
when(permissionExecutor.checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE)).thenThrow(new ForbiddenAccessException(ReadPermission.class));
when(permissionExecutor.evaluateFilterJoinUserChecks(any(), any())).thenReturn(ExpressionResult.DEFERRED);
when(permissionExecutor.handleFilterJoinReject(any(), any(), any())).thenAnswer(invocation -> {
FilterPredicate filterPredicate = invocation.getArgument(0);
PathElement pathElement = invocation.getArgument(1);
ForbiddenAccessException reason = invocation.getArgument(2);
assertEquals("Book", pathElement.getType().getSimpleName());
assertEquals(GENRE, filterPredicate.getField());
assertEquals("book.genre IN [foo]", filterPredicate.toString());
// custom processing
return "Book".equals(pathElement.getType().getSimpleName()) && filterPredicate.toString().matches("book.genre IN \\[\\w+\\]") && reason.getLoggedMessage().matches(".*Message=ReadPermission Denied.*\\n.*") ? ExpressionResult.DEFERRED : ExpressionResult.FAIL;
});
VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
// restricted HOME field
assertTrue(expression.accept(visitor));
verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
verify(permissionExecutor, never()).checkUserPermissions(any(), any(), isA(String.class));
verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used :
PersistentResource(com.yahoo.elide.core.PersistentResource)
PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor)
ForbiddenAccessException(com.yahoo.elide.core.exceptions.ForbiddenAccessException)
PathElement(com.yahoo.elide.core.Path.PathElement)
Book(example.Book)
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
FilterPredicate(com.yahoo.elide.core.filter.predicates.FilterPredicate)
OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression)
FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression)
NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression)
AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression)
ReadPermission(com.yahoo.elide.annotation.ReadPermission)
RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)
Test(org.junit.jupiter.api.Test)
Example 35 with DataStoreTransaction
use of com.yahoo.elide.core.datastore.DataStoreTransaction in project elide by yahoo.
the class VerifyFieldAccessFilterExpressionVisitorTest method testUserChecksDeferred.
@Test
public void testUserChecksDeferred() throws Exception {
RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
Book book = new Book();
Author author = new Author();
book.setAuthors(Collections.singleton(author));
author.setBooks(Collections.singleton(book));
PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
PersistentResource<Author> resourceAuthor = new PersistentResource<>(author, "", scope);
PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
DataStoreTransaction tx = scope.getTransaction();
when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
when(permissionExecutor.checkSpecificFieldPermissionsDeferred(resource, null, ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
when(permissionExecutor.getReadPermissionFilter(ClassType.of(Author.class), null)).thenReturn(Optional.empty());
when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenReturn(ExpressionResult.DEFERRED);
when(permissionExecutor.checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
when(tx.getToManyRelation(eq(tx), eq(book), any(), eq(scope))).thenReturn(new DataStoreIterableBuilder(book.getAuthors()).build());
VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
// restricted HOME field
assertFalse(expression.accept(visitor));
verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
verify(permissionExecutor, times(1)).getReadPermissionFilter(ClassType.of(Author.class), new HashSet<>());
verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME);
verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
verify(tx, times(1)).getToManyRelation(eq(tx), eq(book), any(), eq(scope));
}
Also used :
PersistentResource(com.yahoo.elide.core.PersistentResource)
DataStoreIterableBuilder(com.yahoo.elide.core.datastore.DataStoreIterableBuilder)
PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor)
Book(example.Book)
Author(example.Author)
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression)
FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression)
NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression)
AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression)
RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)
Test(org.junit.jupiter.api.Test)
Aggregations
DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)139
Test (org.junit.jupiter.api.Test)101
RequestScope (com.yahoo.elide.core.RequestScope)40
DataStore (com.yahoo.elide.core.datastore.DataStore)30
FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)28
Elide (com.yahoo.elide.Elide)27
ElideResponse (com.yahoo.elide.ElideResponse)22
EntityProjection (com.yahoo.elide.core.request.EntityProjection)22
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)18
PersistentResource (com.yahoo.elide.core.PersistentResource)17
Item (com.yahoo.elide.datastores.search.models.Item)17
Book (example.Book)13
MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)9
BeforeEach (org.junit.jupiter.api.BeforeEach)9
Author (example.Author)8
FilterPredicate (com.yahoo.elide.core.filter.predicates.FilterPredicate)7
FirstBean (com.yahoo.elide.example.beans.FirstBean)7
ArrayList (java.util.ArrayList)7
HashMap (java.util.HashMap)7
AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)6
