Examples with Expression com.yahoo.elide.core.security.permissions.expressions.Expression used on opensource projects

Search in sources :

Example 11 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionToFilterExpressionVisitorTest method filterExpressionForPermissions.

private FilterExpression filterExpressionForPermissions(String permission) {
    Function<Check, Expression> checkFn = (check) -> new CheckExpression(check, null, requestScope, null, cache);
    ParseTree expression = EntityPermissions.parseExpression(permission);
    PermissionToFilterExpressionVisitor fev = new PermissionToFilterExpressionVisitor(dictionary, requestScope, null);
    return expression.accept(new PermissionExpressionVisitor(dictionary, checkFn)).accept(NORMALIZATION_VISITOR).accept(fev);
}
Also used : CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) BeforeEach(org.junit.jupiter.api.BeforeEach) FilterPredicate(com.yahoo.elide.core.filter.predicates.FilterPredicate) Arrays(java.util.Arrays) Path(com.yahoo.elide.core.Path) Role(com.yahoo.elide.core.security.checks.prefab.Role) User(com.yahoo.elide.core.security.User) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) Map(java.util.Map) PermissionExpressionVisitor(com.yahoo.elide.core.security.visitors.PermissionExpressionVisitor) NO_EVALUATION_EXPRESSION(com.yahoo.elide.core.security.visitors.PermissionToFilterExpressionVisitor.NO_EVALUATION_EXPRESSION) RequestScope(com.yahoo.elide.core.RequestScope) OperationCheck(com.yahoo.elide.core.security.checks.OperationCheck) MethodSource(org.junit.jupiter.params.provider.MethodSource) PermissionToFilterExpressionVisitor(com.yahoo.elide.core.security.visitors.PermissionToFilterExpressionVisitor) UUID(java.util.UUID) Arguments(org.junit.jupiter.params.provider.Arguments) EntityDictionary(com.yahoo.elide.core.dictionary.EntityDictionary) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) Test(org.junit.jupiter.api.Test) List(java.util.List) Stream(java.util.stream.Stream) ExpressionResultCache(com.yahoo.elide.core.security.permissions.ExpressionResultCache) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) Optional(java.util.Optional) TRUE_USER_CHECK_EXPRESSION(com.yahoo.elide.core.security.visitors.PermissionToFilterExpressionVisitor.TRUE_USER_CHECK_EXPRESSION) PermissionExpressionNormalizationVisitor(com.yahoo.elide.core.security.visitors.PermissionExpressionNormalizationVisitor) TestDictionary(com.yahoo.elide.core.dictionary.TestDictionary) ElideSettingsBuilder(com.yahoo.elide.ElideSettingsBuilder) HashMap(java.util.HashMap) Author(example.Author) Function(java.util.function.Function) NO_VERSION(com.yahoo.elide.core.dictionary.EntityDictionary.NO_VERSION) ParseTree(org.antlr.v4.runtime.tree.ParseTree) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) FilterExpressionCheck(com.yahoo.elide.core.security.checks.FilterExpressionCheck) ElideSettings(com.yahoo.elide.ElideSettings) TestUser(com.yahoo.elide.core.security.TestUser) ChangeSpec(com.yahoo.elide.core.security.ChangeSpec) Check(com.yahoo.elide.core.security.checks.Check) Book(example.Book) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) EntityPermissions(com.yahoo.elide.core.dictionary.EntityPermissions) Type(com.yahoo.elide.core.type.Type) Operator(com.yahoo.elide.core.filter.Operator) Collections(java.util.Collections) FALSE_USER_CHECK_EXPRESSION(com.yahoo.elide.core.security.visitors.PermissionToFilterExpressionVisitor.FALSE_USER_CHECK_EXPRESSION) CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) OrFilterExpression(com.yahoo.elide.core.filter.expression.OrFilterExpression) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) AndFilterExpression(com.yahoo.elide.core.filter.expression.AndFilterExpression) FilterExpression(com.yahoo.elide.core.filter.expression.FilterExpression) OperationCheck(com.yahoo.elide.core.security.checks.OperationCheck) FilterExpressionCheck(com.yahoo.elide.core.security.checks.FilterExpressionCheck) Check(com.yahoo.elide.core.security.checks.Check) PermissionToFilterExpressionVisitor(com.yahoo.elide.core.security.visitors.PermissionToFilterExpressionVisitor) PermissionExpressionVisitor(com.yahoo.elide.core.security.visitors.PermissionExpressionVisitor) ParseTree(org.antlr.v4.runtime.tree.ParseTree) CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression)

Example 12 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionBuilderTest method testSpecificFieldExpressionText.

@Test
public void testSpecificFieldExpressionText() {
    @Entity
    @Include(rootLevel = false)
    @UpdatePermission(expression = "user has no access")
    class Model {

        @Id
        private long id;

        @UpdatePermission(expression = "user has all access OR user has no access")
        private int foo;
    }
    dictionary.bindEntity(Model.class);
    PersistentResource resource = newResource(new Model(), Model.class);
    ChangeSpec changes = new ChangeSpec(resource, "foo", 1, 2);
    Expression expression = builder.buildSpecificFieldExpressions(resource, UpdatePermission.class, "foo", changes);
    assertEquals("UPDATE PERMISSION WAS INVOKED ON PersistentResource{type=model, id=0} WITH CHANGES ChangeSpec { " + "resource=PersistentResource{type=model, id=0}, field=foo, original=1, modified=2} " + "FOR EXPRESSION [FIELD(((user has all access " + "\u001B[34mWAS UNEVALUATED\u001B[m)) OR ((user has no access " + "\u001B[34mWAS UNEVALUATED\u001B[m)))]", expression.toString());
    expression.evaluate(Expression.EvaluationMode.ALL_CHECKS);
    assertEquals("UPDATE PERMISSION WAS INVOKED ON PersistentResource{type=model, id=0} WITH CHANGES ChangeSpec { " + "resource=PersistentResource{type=model, id=0}, field=foo, original=1, modified=2} " + "FOR EXPRESSION [FIELD(((user has all access " + "\u001B[32mPASSED\u001B[m)) OR ((user has no access " + "\u001B[34mWAS UNEVALUATED\u001B[m)))]", expression.toString());
}
Also used : Entity(javax.persistence.Entity) PersistentResource(com.yahoo.elide.core.PersistentResource) ChangeSpec(com.yahoo.elide.core.security.ChangeSpec) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) Include(com.yahoo.elide.annotation.Include) UpdatePermission(com.yahoo.elide.annotation.UpdatePermission) Test(org.junit.jupiter.api.Test)

Example 13 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitor method visitNotExpression.

@Override
public Expression visitNotExpression(NotExpression notExpression) {
    Expression inner = notExpression.getLogical();
    if (inner instanceof AndExpression) {
        AndExpression and = (AndExpression) inner;
        Expression left = new NotExpression(and.getLeft()).accept(this);
        Expression right = new NotExpression(and.getRight()).accept(this);
        return new OrExpression(left, right);
    }
    if (inner instanceof OrExpression) {
        OrExpression or = (OrExpression) inner;
        Expression left = new NotExpression(or.getLeft()).accept(this);
        Expression right = new NotExpression(or.getRight()).accept(this);
        return new AndExpression(left, right);
    }
    if (inner instanceof NotExpression) {
        NotExpression not = (NotExpression) inner;
        return (not.getLogical()).accept(this);
    }
    return notExpression;
}
Also used : AndExpression(com.yahoo.elide.core.security.permissions.expressions.AndExpression) CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) OrExpression(com.yahoo.elide.core.security.permissions.expressions.OrExpression) AndExpression(com.yahoo.elide.core.security.permissions.expressions.AndExpression) NotExpression(com.yahoo.elide.core.security.permissions.expressions.NotExpression) NotExpression(com.yahoo.elide.core.security.permissions.expressions.NotExpression) OrExpression(com.yahoo.elide.core.security.permissions.expressions.OrExpression)

Example 14 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionVisitorTest method testComplexExpression.

@Test
public void testComplexExpression() {
    Expression expression = getExpressionForPermission(UpdatePermission.class);
    assertEquals(ExpressionResult.PASS, expression.evaluate(Expression.EvaluationMode.ALL_CHECKS));
}
Also used : Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) Test(org.junit.jupiter.api.Test)

Example 15 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitor method visitOrExpression.

@Override
public Expression visitOrExpression(OrExpression orExpression) {
    Expression left = orExpression.getLeft();
    Expression right = orExpression.getRight();
    return new OrExpression(left.accept(this), right.accept(this));
}
Also used : CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) OrExpression(com.yahoo.elide.core.security.permissions.expressions.OrExpression) AndExpression(com.yahoo.elide.core.security.permissions.expressions.AndExpression) NotExpression(com.yahoo.elide.core.security.permissions.expressions.NotExpression) OrExpression(com.yahoo.elide.core.security.permissions.expressions.OrExpression)

Aggregations

Expression (com.yahoo.elide.core.security.permissions.expressions.Expression)24 Test (org.junit.jupiter.api.Test)12 CheckExpression (com.yahoo.elide.core.security.permissions.expressions.CheckExpression)11 AndExpression (com.yahoo.elide.core.security.permissions.expressions.AndExpression)8 OrExpression (com.yahoo.elide.core.security.permissions.expressions.OrExpression)8 ParseTree (org.antlr.v4.runtime.tree.ParseTree)8 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)7 ReadPermission (com.yahoo.elide.annotation.ReadPermission)5 PersistentResource (com.yahoo.elide.core.PersistentResource)5 RequestScope (com.yahoo.elide.core.RequestScope)5 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)5 ChangeSpec (com.yahoo.elide.core.security.ChangeSpec)5 Type (com.yahoo.elide.core.type.Type)5 Function (java.util.function.Function)5 ForbiddenAccessException (com.yahoo.elide.core.exceptions.ForbiddenAccessException)4 ExpressionResult (com.yahoo.elide.core.security.permissions.ExpressionResult)4 AnyFieldExpression (com.yahoo.elide.core.security.permissions.expressions.AnyFieldExpression)4 SpecificFieldExpression (com.yahoo.elide.core.security.permissions.expressions.SpecificFieldExpression)4 Annotation (java.lang.annotation.Annotation)4 Set (java.util.Set)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial