Examples with RSQLFilterDialect com.yahoo.elide.core.filter.dialect.RSQLFilterDialect used on opensource projects

Search in sources :

Example 1 with RSQLFilterDialect

use of com.yahoo.elide.core.filter.dialect.RSQLFilterDialect in project elide by yahoo.

the class FilteredIteratorTest method testFilteredResult.

@Test
public void testFilteredResult() throws Exception {
    EntityDictionary dictionary = EntityDictionary.builder().build();
    dictionary.bindEntity(Book.class);
    Book book1 = new Book();
    book1.setTitle("foo");
    Book book2 = new Book();
    book2.setTitle("bar");
    Book book3 = new Book();
    book3.setTitle("foobar");
    List<Book> books = List.of(book1, book2, book3);
    RSQLFilterDialect filterDialect = RSQLFilterDialect.builder().dictionary(dictionary).build();
    FilterExpression expression = filterDialect.parse(ClassType.of(Book.class), new HashSet<>(), "title==*bar", NO_VERSION);
    RequestScope scope = new TestRequestScope(null, null, dictionary);
    Iterator<Book> bookIterator = new FilteredIterator<>(expression, scope, books.iterator());
    assertTrue(bookIterator.hasNext());
    assertEquals("bar", bookIterator.next().getTitle());
    assertTrue(bookIterator.hasNext());
    assertEquals("foobar", bookIterator.next().getTitle());
    assertFalse(bookIterator.hasNext());
}
Also used : TestRequestScope(com.yahoo.elide.core.TestRequestScope) Book(example.Book) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) EntityDictionary(com.yahoo.elide.core.dictionary.EntityDictionary) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) RequestScope(com.yahoo.elide.core.RequestScope) TestRequestScope(com.yahoo.elide.core.TestRequestScope) Test(org.junit.jupiter.api.Test)

Example 2 with RSQLFilterDialect

use of com.yahoo.elide.core.filter.dialect.RSQLFilterDialect in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testCustomFilterJoin.

@Test
public void testCustomFilterJoin() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("genre==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, GENRE)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE)).thenThrow(new ForbiddenAccessException(ReadPermission.class));
    when(permissionExecutor.evaluateFilterJoinUserChecks(any(), any())).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.handleFilterJoinReject(any(), any(), any())).thenAnswer(invocation -> {
        FilterPredicate filterPredicate = invocation.getArgument(0);
        PathElement pathElement = invocation.getArgument(1);
        ForbiddenAccessException reason = invocation.getArgument(2);
        assertEquals("Book", pathElement.getType().getSimpleName());
        assertEquals(GENRE, filterPredicate.getField());
        assertEquals("book.genre IN [foo]", filterPredicate.toString());
        // custom processing
        return "Book".equals(pathElement.getType().getSimpleName()) && filterPredicate.toString().matches("book.genre IN \\[\\w+\\]") && reason.getLoggedMessage().matches(".*Message=ReadPermission Denied.*\\n.*") ? ExpressionResult.DEFERRED : ExpressionResult.FAIL;
    });
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertTrue(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
    verify(permissionExecutor, never()).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) ForbiddenAccessException(com.yahoo.elide.core.exceptions.ForbiddenAccessException) PathElement(com.yahoo.elide.core.Path.PathElement) Book(example.Book) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) FilterPredicate(com.yahoo.elide.core.filter.predicates.FilterPredicate) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) ReadPermission(com.yahoo.elide.annotation.ReadPermission) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 3 with RSQLFilterDialect

use of com.yahoo.elide.core.filter.dialect.RSQLFilterDialect in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testUserChecksDeferred.

@Test
public void testUserChecksDeferred() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PersistentResource<Author> resourceAuthor = new PersistentResource<>(author, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.checkSpecificFieldPermissionsDeferred(resource, null, ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.getReadPermissionFilter(ClassType.of(Author.class), null)).thenReturn(Optional.empty());
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
    when(tx.getToManyRelation(eq(tx), eq(book), any(), eq(scope))).thenReturn(new DataStoreIterableBuilder(book.getAuthors()).build());
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, times(1)).getReadPermissionFilter(ClassType.of(Author.class), new HashSet<>());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
    verify(permissionExecutor, times(1)).checkSpecificFieldPermissions(resourceAuthor, null, ReadPermission.class, HOME);
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, times(1)).getToManyRelation(eq(tx), eq(book), any(), eq(scope));
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) DataStoreIterableBuilder(com.yahoo.elide.core.datastore.DataStoreIterableBuilder) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) Book(example.Book) Author(example.Author) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 4 with RSQLFilterDialect

use of com.yahoo.elide.core.filter.dialect.RSQLFilterDialect in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitRejectDeferThenFail.

@Test
public void testShortCircuitRejectDeferThenFail() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.homeAddress==main", ClassType.of(Book.class), true);
    Book book = new Book();
    Author author = new Author();
    book.setAuthors(Collections.singleton(author));
    author.setBooks(Collections.singleton(book));
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.DEFERRED);
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME)).thenThrow(ForbiddenAccessException.class);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertFalse(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, never()).getReadPermissionFilter(ClassType.of(Author.class), null);
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, HOME);
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(any(), any(), any(), any());
    verify(permissionExecutor, never()).checkSpecificFieldPermissionsDeferred(any(), any(), any(), any());
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, times(1)).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) Author(example.Author) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Example 5 with RSQLFilterDialect

use of com.yahoo.elide.core.filter.dialect.RSQLFilterDialect in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitorTest method testShortCircuitPass.

@Test
public void testShortCircuitPass() throws Exception {
    RSQLFilterDialect dialect = RSQLFilterDialect.builder().dictionary(scope.getDictionary()).build();
    FilterExpression expression = dialect.parseFilterExpression("authors.name==foo", ClassType.of(Book.class), true);
    Book book = new Book();
    PersistentResource<Book> resource = new PersistentResource<>(book, "", scope);
    PermissionExecutor permissionExecutor = scope.getPermissionExecutor();
    DataStoreTransaction tx = scope.getTransaction();
    when(permissionExecutor.checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS)).thenReturn(ExpressionResult.PASS);
    when(permissionExecutor.checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, NAME)).thenReturn(ExpressionResult.PASS);
    VerifyFieldAccessFilterExpressionVisitor visitor = new VerifyFieldAccessFilterExpressionVisitor(resource);
    // restricted HOME field
    assertTrue(expression.accept(visitor));
    verify(permissionExecutor, times(1)).evaluateFilterJoinUserChecks(any(), any());
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Book.class), ReadPermission.class, AUTHORS);
    verify(permissionExecutor, times(1)).checkUserPermissions(ClassType.of(Author.class), ReadPermission.class, NAME);
    verify(permissionExecutor, never()).checkSpecificFieldPermissions(resource, null, ReadPermission.class, GENRE);
    verify(permissionExecutor, times(2)).checkUserPermissions(any(), any(), isA(String.class));
    verify(permissionExecutor, never()).handleFilterJoinReject(any(), any(), any());
    verify(tx, never()).getToManyRelation(any(), any(), any(), any());
}
Also used : PersistentResource(com.yahoo.elide.core.PersistentResource) Book(example.Book) PermissionExecutor(com.yahoo.elide.core.security.PermissionExecutor) DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction) Author(example.Author) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) NotFilterExpression(com.yahoo.elide.core.filter.expression.NotFilterExpression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) RSQLFilterDialect(com.yahoo.elide.core.filter.dialect.RSQLFilterDialect) Test(org.junit.jupiter.api.Test)

Aggregations

RSQLFilterDialect (com.yahoo.elide.core.filter.dialect.RSQLFilterDialect)19 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)12 Test (org.junit.jupiter.api.Test)12 Book (example.Book)10 PersistentResource (com.yahoo.elide.core.PersistentResource)7 AndFilterExpression (com.yahoo.elide.core.filter.expression.AndFilterExpression)7 NotFilterExpression (com.yahoo.elide.core.filter.expression.NotFilterExpression)7 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)7 PermissionExecutor (com.yahoo.elide.core.security.PermissionExecutor)7 EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)6 Elide (com.yahoo.elide.Elide)5 ElideSettingsBuilder (com.yahoo.elide.ElideSettingsBuilder)5 DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)5 SQLUnitTest (com.yahoo.elide.datastores.aggregation.framework.SQLUnitTest)3 Query (com.yahoo.elide.datastores.aggregation.query.Query)3 Author (example.Author)3 RequestScope (com.yahoo.elide.core.RequestScope)2 TestRequestScope (com.yahoo.elide.core.TestRequestScope)2 DefaultFilterDialect (com.yahoo.elide.core.filter.dialect.jsonapi.DefaultFilterDialect)2 MultipleFilterDialect (com.yahoo.elide.core.filter.dialect.jsonapi.MultipleFilterDialect)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial