Examples with Resource com.yahoo.elide.jsonapi.models.Resource used on opensource projects

Example 26 with Resource

use of com.yahoo.elide.jsonapi.models.Resource in project elide by yahoo.

the class PersistentResourceTest method testTransferPermissionErrorOnUpdateRelationshipPackageLevel.

@Test
public void testTransferPermissionErrorOnUpdateRelationshipPackageLevel() {
    ContainerWithPackageShare containerWithPackageShare = new ContainerWithPackageShare();
    Untransferable untransferable = new Untransferable();
    untransferable.setContainerWithPackageShare(containerWithPackageShare);
    List<Resource> unShareableList = new ArrayList<>();
    unShareableList.add(new ResourceIdentifier("untransferable", "1").castToResource());
    Relationship unShareales = new Relationship(null, new Data<>(unShareableList));
    when(tx.loadObject(any(), eq(1L), any())).thenReturn(untransferable);
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    PersistentResource<ContainerWithPackageShare> containerResource = new PersistentResource<>(containerWithPackageShare, goodScope.getUUIDFor(containerWithPackageShare), goodScope);
    assertThrows(ForbiddenAccessException.class, () -> containerResource.updateRelation("untransferables", unShareales.toPersistentResources(goodScope)));
}

Example 27 with Resource

use of com.yahoo.elide.jsonapi.models.Resource in project elide by yahoo.

the class PersistentResourceTest method testUpdatePermissionCheckedOnInverseRelationship.

@Test
public void testUpdatePermissionCheckedOnInverseRelationship() {
    Left left = new Left();
    left.setId(1);
    Right right = new Right();
    Set<Right> rights = Sets.newHashSet(right);
    left.setNoInverseUpdate(rights);
    right.setNoUpdate(Sets.newHashSet(left));
    List<Resource> empty = new ArrayList<>();
    Relationship ids = new Relationship(null, new Data<>(empty));
    when(tx.getToManyRelation(any(), eq(left), any(), any())).thenReturn(new DataStoreIterableBuilder(rights).build());
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    PersistentResource<Left> leftResource = new PersistentResource<>(left, goodScope.getUUIDFor(left), goodScope);
    assertThrows(ForbiddenAccessException.class, () -> leftResource.updateRelation("noInverseUpdate", ids.toPersistentResources(goodScope)));
    // Modifications have a deferred check component:
    leftResource.getRequestScope().getPermissionExecutor().executeCommitChecks();
}

Example 28 with Resource

use of com.yahoo.elide.jsonapi.models.Resource in project elide by yahoo.

the class PersistentResourceTest method testTransferPermissionSuccessOnClearSingularRelationship.

@Test
public void testTransferPermissionSuccessOnClearSingularRelationship() {
    example.User userModel = new example.User();
    userModel.setId(1);
    NoShareEntity noShare = new NoShareEntity();
    /* The noshare already exists so no exception should be thrown */
    userModel.setNoShare(noShare);
    List<Resource> empty = new ArrayList<>();
    Relationship ids = new Relationship(null, new Data<>(empty));
    when(tx.getToOneRelation(any(), eq(userModel), any(), any())).thenReturn(noShare);
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    PersistentResource<example.User> userResource = new PersistentResource<>(userModel, goodScope.getUUIDFor(userModel), goodScope);
    boolean returnVal = userResource.updateRelation("noShare", ids.toPersistentResources(goodScope));
    assertTrue(returnVal);
    assertNull(userModel.getNoShare());
}

Example 29 with Resource

use of com.yahoo.elide.jsonapi.models.Resource in project elide by yahoo.

the class PersistentResourceTest method testSuccessfulManyToManyRelationshipNoopUpdate.

@Test
public /*
     * The following are ids for a hypothetical relationship.
     * GIVEN:
     * all (all the ids in the DB) = 1,2,3,4,5
     * mine (everything the current user has access to) = 1,2,3
     * requested (what the user wants to change to) = 1,2,3
     * THEN:
     * deleted (what gets removed from the DB) = nothing
     * final (what get stored in the relationship) = 1,2,3,4,5
     * BECAUSE:
     * notMine = all - mine
     * updated = (requested UNION mine) - (requested INTERSECT mine)
     * deleted = (mine - requested)
     * final = (notMine) UNION requested
     */
void testSuccessfulManyToManyRelationshipNoopUpdate() throws Exception {
    Parent parent = new Parent();
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    Child child1 = newChild(1);
    Child child2 = newChild(2);
    Child child3 = newChild(3);
    // Not accessible to goodUser
    Child child4 = newChild(-4);
    // Not accessible to goodUser
    Child child5 = newChild(-5);
    // All = (1,2,3,4,5)
    // Mine = (1,2,3)
    Set<Child> allChildren = new HashSet<>();
    allChildren.add(child1);
    allChildren.add(child2);
    allChildren.add(child3);
    allChildren.add(child4);
    allChildren.add(child5);
    parent.setChildren(allChildren);
    parent.setSpouses(Sets.newHashSet());
    when(tx.getToManyRelation(any(), eq(parent), any(), any())).thenReturn(new DataStoreIterableBuilder(allChildren).build());
    PersistentResource<Parent> parentResource = new PersistentResource<>(parent, "1", goodScope);
    // Requested = (1,2,3)
    List<Resource> idList = new ArrayList<>();
    idList.add(new ResourceIdentifier("child", "3").castToResource());
    idList.add(new ResourceIdentifier("child", "2").castToResource());
    idList.add(new ResourceIdentifier("child", "1").castToResource());
    Relationship ids = new Relationship(null, new Data<>(idList));
    when(tx.loadObject(any(), eq(1L), any())).thenReturn(child1);
    when(tx.loadObject(any(), eq(2L), any())).thenReturn(child2);
    when(tx.loadObject(any(), eq(3L), any())).thenReturn(child3);
    when(tx.loadObject(any(), eq(-4L), any())).thenReturn(child4);
    when(tx.loadObject(any(), eq(-5L), any())).thenReturn(child5);
    // Final set after operation = (1,2,3,4,5)
    Set<Child> expected = new HashSet<>();
    expected.add(child1);
    expected.add(child2);
    expected.add(child3);
    expected.add(child4);
    expected.add(child5);
    boolean updated = parentResource.updateRelation("children", ids.toPersistentResources(goodScope));
    goodScope.saveOrCreateObjects();
    verify(tx, never()).save(parent, goodScope);
    verify(tx, never()).save(child1, goodScope);
    verify(tx, never()).save(child2, goodScope);
    verify(tx, never()).save(child4, goodScope);
    verify(tx, never()).save(child5, goodScope);
    verify(tx, never()).save(child3, goodScope);
    assertFalse(updated, "Many-2-many relationship should not be updated.");
    assertTrue(parent.getChildren().containsAll(expected), "All expected members were updated");
    assertTrue(expected.containsAll(parent.getChildren()), "All expected members were updated");
/*
         * No tests for reference integrity since the parent is the owner and
         * this is a many to many relationship.
         */
}

Example 30 with Resource

use of com.yahoo.elide.jsonapi.models.Resource in project elide by yahoo.

the class PersistentResourceTest method testTransferPermissionErrorOnUpdateSingularRelationship.

@Test
public void testTransferPermissionErrorOnUpdateSingularRelationship() {
    example.User userModel = new example.User();
    userModel.setId(1);
    NoShareEntity noShare = new NoShareEntity();
    noShare.setId(1);
    List<Resource> idList = new ArrayList<>();
    idList.add(new ResourceIdentifier("noshare", "1").castToResource());
    Relationship ids = new Relationship(null, new Data<>(idList));
    EntityProjection collection = EntityProjection.builder().type(NoShareEntity.class).build();
    when(tx.loadObject(eq(collection), eq(1L), any())).thenReturn(noShare);
    RequestScope goodScope = buildRequestScope(tx, goodUser);
    PersistentResource<example.User> userResource = new PersistentResource<>(userModel, goodScope.getUUIDFor(userModel), goodScope);
    assertThrows(ForbiddenAccessException.class, () -> userResource.updateRelation("noShare", ids.toPersistentResources(goodScope)));
}