Examples with Expression com.yahoo.elide.core.security.permissions.expressions.Expression used on opensource projects

Search in sources :

Example 21 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class AbstractPermissionExecutor method executeCommitChecks.

/**
 * Execute commmit checks.
 */
@Override
public void executeCommitChecks() {
    commitCheckQueue.forEach((expr) -> {
        Expression expression = expr.getExpression();
        ExpressionResult result = expression.evaluate(Expression.EvaluationMode.ALL_CHECKS);
        if (result == FAIL) {
            ForbiddenAccessException e = new ForbiddenAccessException(expr.getAnnotationClass(), expression, Expression.EvaluationMode.ALL_CHECKS);
            if (log.isTraceEnabled()) {
                log.trace("{}", e.getLoggedMessage());
            }
            throw e;
        }
    });
    commitCheckQueue.clear();
}
Also used : Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) ExpressionResult(com.yahoo.elide.core.security.permissions.ExpressionResult) ForbiddenAccessException(com.yahoo.elide.core.exceptions.ForbiddenAccessException)

Example 22 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionBuilderTest method testAnyFieldExpressionText.

@Test
public void testAnyFieldExpressionText() {
    @Entity
    @Include(rootLevel = false)
    @ReadPermission(expression = "user has all access AND user has no access")
    class Model {
    }
    dictionary.bindEntity(Model.class);
    PersistentResource resource = newResource(new Model(), Model.class);
    Expression expression = builder.buildAnyFieldExpressions(resource, ReadPermission.class, null, null);
    assertEquals("READ PERMISSION WAS INVOKED ON PersistentResource{type=model, id=null}  " + "FOR EXPRESSION [((user has all access \u001B[34mWAS UNEVALUATED\u001B[m)) " + "AND ((user has no access \u001B[34mWAS UNEVALUATED\u001B[m))]", expression.toString());
    expression.evaluate(Expression.EvaluationMode.ALL_CHECKS);
    assertEquals("READ PERMISSION WAS INVOKED ON PersistentResource{type=model, id=null}  " + "FOR EXPRESSION [((user has all access PASSED)) " + "AND ((user has no access FAILED))]", expression.toString());
}
Also used : Entity(javax.persistence.Entity) PersistentResource(com.yahoo.elide.core.PersistentResource) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) Include(com.yahoo.elide.annotation.Include) ReadPermission(com.yahoo.elide.annotation.ReadPermission) Test(org.junit.jupiter.api.Test)

Example 23 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitorTest method normalforms.

@Test
public void normalforms() {
    ParseTree tree;
    Expression normalizedExpression;
    tree = EntityPermissions.parseExpression("not ((parentInitCheck and passingOp) or shouldCache)");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("((NOT ((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m))) OR " + "(NOT ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m)))) AND " + "(NOT ((shouldCache \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not (parentInitCheck and (passingOp or shouldCache))");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("(NOT ((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m))) OR " + "((NOT ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m))) AND " + "(NOT ((shouldCache \u001B[34mWAS UNEVALUATED\u001B[m))))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not parentInitCheck and not passingOp");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("(NOT ((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m))) AND " + "(NOT ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
}
Also used : CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) ParseTree(org.antlr.v4.runtime.tree.ParseTree) Test(org.junit.jupiter.api.Test)

Example 24 with Expression

use of com.yahoo.elide.core.security.permissions.expressions.Expression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitorTest method andExpressionTest.

@Test
public void andExpressionTest() {
    ParseTree tree;
    Expression normalizedExpression;
    tree = EntityPermissions.parseExpression("not (sampleCommit and sampleOperation)");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("(NOT ((sampleCommit \u001B[34mWAS UNEVALUATED\u001B[m))) OR " + "(NOT ((sampleOperation \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not (Prefab.Role.All and sampleCommit and initCheck)");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("((NOT ((Prefab.Role.All \u001B[34mWAS UNEVALUATED\u001B[m))) OR " + "(NOT ((sampleCommit \u001B[34mWAS UNEVALUATED\u001B[m)))) OR " + "(NOT ((initCheck \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not (parentInitCheck and passingOp) and (FailOp and shouldCache)");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("((NOT ((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m))) OR (NOT ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m)))) AND " + "(((FailOp \u001B[34mWAS UNEVALUATED\u001B[m)) AND ((shouldCache \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not (parentInitCheck and passingOp) and not (FailOp and shouldCache)");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("((NOT ((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m))) OR (NOT ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m)))) AND " + "((NOT ((FailOp \u001B[34mWAS UNEVALUATED\u001B[m))) OR (NOT ((shouldCache \u001B[34mWAS UNEVALUATED\u001B[m))))", normalizedExpression.toString());
    tree = EntityPermissions.parseExpression("not (not (parentInitCheck and passingOp) and not (FailOp and shouldCache))");
    normalizedExpression = tree.accept(permissionExpressionVisitor).accept(normalizationVisitor);
    Assertions.assertEquals("(((parentInitCheck \u001B[34mWAS UNEVALUATED\u001B[m)) AND ((passingOp \u001B[34mWAS UNEVALUATED\u001B[m))) OR " + "(((FailOp \u001B[34mWAS UNEVALUATED\u001B[m)) AND ((shouldCache \u001B[34mWAS UNEVALUATED\u001B[m)))", normalizedExpression.toString());
}
Also used : CheckExpression(com.yahoo.elide.core.security.permissions.expressions.CheckExpression) Expression(com.yahoo.elide.core.security.permissions.expressions.Expression) ParseTree(org.antlr.v4.runtime.tree.ParseTree) Test(org.junit.jupiter.api.Test)

Aggregations

Expression (com.yahoo.elide.core.security.permissions.expressions.Expression)24 Test (org.junit.jupiter.api.Test)12 CheckExpression (com.yahoo.elide.core.security.permissions.expressions.CheckExpression)11 AndExpression (com.yahoo.elide.core.security.permissions.expressions.AndExpression)8 OrExpression (com.yahoo.elide.core.security.permissions.expressions.OrExpression)8 ParseTree (org.antlr.v4.runtime.tree.ParseTree)8 FilterExpression (com.yahoo.elide.core.filter.expression.FilterExpression)7 ReadPermission (com.yahoo.elide.annotation.ReadPermission)5 PersistentResource (com.yahoo.elide.core.PersistentResource)5 RequestScope (com.yahoo.elide.core.RequestScope)5 OrFilterExpression (com.yahoo.elide.core.filter.expression.OrFilterExpression)5 ChangeSpec (com.yahoo.elide.core.security.ChangeSpec)5 Type (com.yahoo.elide.core.type.Type)5 Function (java.util.function.Function)5 ForbiddenAccessException (com.yahoo.elide.core.exceptions.ForbiddenAccessException)4 ExpressionResult (com.yahoo.elide.core.security.permissions.ExpressionResult)4 AnyFieldExpression (com.yahoo.elide.core.security.permissions.expressions.AnyFieldExpression)4 SpecificFieldExpression (com.yahoo.elide.core.security.permissions.expressions.SpecificFieldExpression)4 Annotation (java.lang.annotation.Annotation)4 Set (java.util.Set)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial