Example 1 with SecurityContextUser
use of com.yahoo.elide.jsonapi.resources.SecurityContextUser in project elide by yahoo.
the class TableExportIT method tableExportModelAdminReadPermissions.
/**
* Tests Read Permissions on TableExport Model for Admin Role.
* @throws IOException IOException
*/
@Test
public void tableExportModelAdminReadPermissions() throws IOException {
ElideResponse response = null;
String id = "edc4a871-dff2-4054-804e-d80075c08959";
String query = "test-query";
com.yahoo.elide.async.models.TableExport queryObj = new com.yahoo.elide.async.models.TableExport();
queryObj.setId(id);
queryObj.setQuery(query);
queryObj.setResultType(ResultType.CSV);
queryObj.setQueryType(QueryType.JSONAPI_V1_0);
queryObj.setPrincipalName("owner-user");
EntityDictionary dictionary = EntityDictionary.builder().checks(AsyncIntegrationTestApplicationResourceConfig.MAPPINGS).build();
dataStore.populateEntityDictionary(dictionary);
DataStoreTransaction tx = dataStore.beginTransaction();
tx.createObject(queryObj, null);
tx.commit(null);
tx.close();
Elide elide = new Elide(new ElideSettingsBuilder(dataStore).withEntityDictionary(dictionary).withAuditLogger(new TestAuditLogger()).build());
User ownerUser = new User(() -> "owner-user");
SecurityContextUser securityContextAdminUser = new SecurityContextUser(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return () -> "1";
}
@Override
public boolean isUserInRole(String s) {
return true;
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return null;
}
});
SecurityContextUser securityContextNonAdminUser = new SecurityContextUser(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return () -> "2";
}
@Override
public boolean isUserInRole(String s) {
return false;
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return null;
}
});
String baseUrl = "/";
// Principal is Owner
response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), ownerUser, NO_VERSION);
assertEquals(HttpStatus.SC_OK, response.getResponseCode());
// Principal has Admin Role
response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), securityContextAdminUser, NO_VERSION);
assertEquals(HttpStatus.SC_OK, response.getResponseCode());
// Principal without Admin Role
response = elide.get(baseUrl, "/tableExport/" + id, new MultivaluedHashMap<>(), securityContextNonAdminUser, NO_VERSION);
assertEquals(HttpStatus.SC_NOT_FOUND, response.getResponseCode());
}
Also used :
User(com.yahoo.elide.core.security.User)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
ElideSettingsBuilder(com.yahoo.elide.ElideSettingsBuilder)
ElideResponse(com.yahoo.elide.ElideResponse)
SecurityContext(javax.ws.rs.core.SecurityContext)
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
TestAuditLogger(com.yahoo.elide.core.audit.TestAuditLogger)
Elide(com.yahoo.elide.Elide)
EntityDictionary(com.yahoo.elide.core.dictionary.EntityDictionary)
Principal(java.security.Principal)
Test(org.junit.jupiter.api.Test)
Example 2 with SecurityContextUser
use of com.yahoo.elide.jsonapi.resources.SecurityContextUser in project elide by yahoo.
the class AsyncIT method asyncQueryModelAdminReadPermissions.
/**
* Tests Read Permissions on AsyncQuery Model for Admin Role.
* @throws IOException IOException
*/
@Test
public void asyncQueryModelAdminReadPermissions() throws IOException {
ElideResponse response = null;
String id = "edc4a871-dff2-4054-804e-d80075c08959";
String query = "test-query";
com.yahoo.elide.async.models.AsyncQuery queryObj = new com.yahoo.elide.async.models.AsyncQuery();
queryObj.setId(id);
queryObj.setQuery(query);
queryObj.setQueryType(QueryType.JSONAPI_V1_0);
queryObj.setPrincipalName("owner-user");
dataStore.populateEntityDictionary(EntityDictionary.builder().checks(AsyncIntegrationTestApplicationResourceConfig.MAPPINGS).build());
DataStoreTransaction tx = dataStore.beginTransaction();
tx.createObject(queryObj, null);
tx.commit(null);
tx.close();
Elide elide = new Elide(new ElideSettingsBuilder(dataStore).withEntityDictionary(EntityDictionary.builder().checks(AsyncIntegrationTestApplicationResourceConfig.MAPPINGS).build()).withAuditLogger(new TestAuditLogger()).build());
elide.doScans();
User ownerUser = new User(() -> "owner-user");
SecurityContextUser securityContextAdminUser = new SecurityContextUser(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return () -> "1";
}
@Override
public boolean isUserInRole(String s) {
return true;
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return null;
}
});
SecurityContextUser securityContextNonAdminUser = new SecurityContextUser(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return () -> "2";
}
@Override
public boolean isUserInRole(String s) {
return false;
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return null;
}
});
String baseUrl = "/";
// Principal is Owner
response = elide.get(baseUrl, "/asyncQuery/" + id, new MultivaluedHashMap<>(), ownerUser, NO_VERSION);
assertEquals(HttpStatus.SC_OK, response.getResponseCode());
// Principal has Admin Role
response = elide.get(baseUrl, "/asyncQuery/" + id, new MultivaluedHashMap<>(), securityContextAdminUser, NO_VERSION);
assertEquals(HttpStatus.SC_OK, response.getResponseCode());
// Principal without Admin Role
response = elide.get(baseUrl, "/asyncQuery/" + id, new MultivaluedHashMap<>(), securityContextNonAdminUser, NO_VERSION);
assertEquals(HttpStatus.SC_NOT_FOUND, response.getResponseCode());
}
Also used :
User(com.yahoo.elide.core.security.User)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
ElideSettingsBuilder(com.yahoo.elide.ElideSettingsBuilder)
ElideResponse(com.yahoo.elide.ElideResponse)
SecurityContext(javax.ws.rs.core.SecurityContext)
DataStoreTransaction(com.yahoo.elide.core.datastore.DataStoreTransaction)
TestAuditLogger(com.yahoo.elide.core.audit.TestAuditLogger)
Elide(com.yahoo.elide.Elide)
Principal(java.security.Principal)
Test(org.junit.jupiter.api.Test)
Example 3 with SecurityContextUser
use of com.yahoo.elide.jsonapi.resources.SecurityContextUser in project elide by yahoo.
the class GraphQLEndpoint method post.
/**
* Create handler.
* @param uriInfo URI info
* @param headers the request headers
* @param securityContext security context
* @param graphQLDocument post data as jsonapi document
* @return response
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
public Response post(@Context UriInfo uriInfo, @Context HttpHeaders headers, @Context SecurityContext securityContext, String graphQLDocument) {
String apiVersion = HeaderUtils.resolveApiVersion(headers.getRequestHeaders());
Map<String, List<String>> requestHeaders = HeaderUtils.lowercaseAndRemoveAuthHeaders(headers.getRequestHeaders());
User user = new SecurityContextUser(securityContext);
QueryRunner runner = runners.getOrDefault(apiVersion, null);
ElideResponse response;
if (runner == null) {
response = buildErrorResponse(elide.getMapper().getObjectMapper(), new InvalidOperationException("Invalid API Version"), false);
} else {
response = runner.run(getBaseUrlEndpoint(uriInfo), graphQLDocument, user, UUID.randomUUID(), requestHeaders);
}
return Response.status(response.getResponseCode()).entity(response.getBody()).build();
}
Also used :
User(com.yahoo.elide.core.security.User)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
ElideResponse(com.yahoo.elide.ElideResponse)
InvalidOperationException(com.yahoo.elide.core.exceptions.InvalidOperationException)
SecurityContextUser(com.yahoo.elide.jsonapi.resources.SecurityContextUser)
List(java.util.List)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Aggregations
ElideResponse (com.yahoo.elide.ElideResponse)3
User (com.yahoo.elide.core.security.User)3
SecurityContextUser (com.yahoo.elide.jsonapi.resources.SecurityContextUser)3
Elide (com.yahoo.elide.Elide)2
ElideSettingsBuilder (com.yahoo.elide.ElideSettingsBuilder)2
TestAuditLogger (com.yahoo.elide.core.audit.TestAuditLogger)2
DataStoreTransaction (com.yahoo.elide.core.datastore.DataStoreTransaction)2
Principal (java.security.Principal)2
MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)2
SecurityContext (javax.ws.rs.core.SecurityContext)2
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2
Test (org.junit.jupiter.api.Test)2
EntityDictionary (com.yahoo.elide.core.dictionary.EntityDictionary)1
InvalidOperationException (com.yahoo.elide.core.exceptions.InvalidOperationException)1
List (java.util.List)1
Consumes (javax.ws.rs.Consumes)1
POST (javax.ws.rs.POST)1
