Examples with Right com.zimbra.cs.account.accesscontrol.Right used on opensource projects

Search in sources :

Example 21 with Right

use of com.zimbra.cs.account.accesscontrol.Right in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testGrantChangeOnIndirectlyInheritedDistributionList.

@Test
public void testGrantChangeOnIndirectlyInheritedDistributionList() throws Exception {
    Right right = A_USER_RIGHT_DISTRIBUTION_LIST;
    Domain domain = createDomain();
    DistributionList grantTarget = createUserDistributionList(GRANTTARGET_USER_GROUP, domain);
    DistributionList subGroup = createUserDistributionList(SUBGROUP_OF_GRANTTARGET_USER_GROUP, domain);
    DistributionList target = createUserDistributionList(TARGET_USER_GROUP, domain);
    Account grantee = createUserAccount(GRANTEE_USER_ACCT, domain);
    mProv.addMembers(grantTarget, new String[] { subGroup.getName() });
    mProv.addMembers(subGroup, new String[] { target.getName() });
    boolean allow;
    grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
    revokeRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertFalse(allow);
    grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList) Test(org.junit.Test)

Example 22 with Right

use of com.zimbra.cs.account.accesscontrol.Right in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testGrantChangeOnTarget.

@Test
public void testGrantChangeOnTarget() throws Exception {
    Right right = A_USER_RIGHT;
    Domain domain = createDomain();
    Account grantTarget = createUserAccount(GRANTTARGET_USER_ACCT, domain);
    Account target = grantTarget;
    Account grantee = createUserAccount(GRANTEE_USER_ACCT, domain);
    boolean allow;
    grantRight(TargetType.account, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
    revokeRight(TargetType.account, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertFalse(allow);
    grantRight(TargetType.account, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) Test(org.junit.Test)

Example 23 with Right

use of com.zimbra.cs.account.accesscontrol.Right in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testGrantChangeOnDirectlyInheritedDistributionList.

@Test
public void testGrantChangeOnDirectlyInheritedDistributionList() throws Exception {
    Right right = A_USER_RIGHT_DISTRIBUTION_LIST;
    Domain domain = createDomain();
    DistributionList grantTarget = createUserDistributionList(GRANTTARGET_USER_GROUP, domain);
    DistributionList target = createUserDistributionList(TARGET_USER_GROUP, domain);
    Account grantee = createUserAccount(GRANTEE_USER_ACCT, domain);
    mProv.addMembers(grantTarget, new String[] { target.getName() });
    boolean allow;
    grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
    revokeRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertFalse(allow);
    grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList) Test(org.junit.Test)

Example 24 with Right

use of com.zimbra.cs.account.accesscontrol.Right in project zm-mailbox by Zimbra.

the class TestACLAll method testTarget.

/*
     * test a particular target type and a range of rights for all grantee types
     */
private void testTarget() throws Exception {
    SKIP_FOR_REAL_LDAP_SERVER(SkipTestReason.LONG_TEST);
    /*
         *  account
         *  calresource
         *  cos
         *  dl
         *  group
         *  domain
         *  server
         *  ucservice
         *  xmppcomponent
         *  zimlet
         *  config
         *  global
         */
    TargetType targetType = TargetType.ucservice;
    // sRights.indexOf(ADMIN_COMBO_ACCOUNT);  // inclusive
    int beginRight = 0;
    // inclusive
    int endRight = rights.size() - 1;
    int totalTests = TestGranteeType.TEST_GRANTEE_TYPES.size() * (endRight - beginRight + 1);
    int curTest = 1;
    for (TestGranteeType granteeType : TestGranteeType.TEST_GRANTEE_TYPES) {
        boolean skip = EXCLUDE_GRANTEE_TYPES.contains(granteeType.getCode());
        // for (Right right : sRights) {
        for (int i = beginRight; i <= endRight; i++) {
            Right right = rights.get(i);
            doTest((curTest++) + "/" + totalTests, targetType, granteeType, right, skip);
        }
    }
}
Also used : TargetType(com.zimbra.cs.account.accesscontrol.TargetType) RightsByTargetType(com.zimbra.cs.account.accesscontrol.RightCommand.RightsByTargetType) DomainedRightsByTargetType(com.zimbra.cs.account.accesscontrol.RightCommand.DomainedRightsByTargetType) ComboRight(com.zimbra.cs.account.accesscontrol.ComboRight) CheckRight(com.zimbra.cs.account.accesscontrol.CheckRight) UserRight(com.zimbra.cs.account.accesscontrol.UserRight) AttrRight(com.zimbra.cs.account.accesscontrol.AttrRight) PresetRight(com.zimbra.cs.account.accesscontrol.PresetRight) Right(com.zimbra.cs.account.accesscontrol.Right)

Example 25 with Right

use of com.zimbra.cs.account.accesscontrol.Right in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testGranteeAdminFlagChanged.

@Test
public void testGranteeAdminFlagChanged() throws Exception {
    Right right = A_CACHEABLE_ADMIN_RIGHT;
    Domain domain = createDomain();
    Account grantTarget = createUserAccount(GRANTTARGET_USER_ACCT, domain);
    Account target = grantTarget;
    Account grantee = createDelegatedAdminAccount(GRANTEE_ADMIN_ACCT, domain);
    boolean allow;
    grantRight(TargetType.account, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, true, null);
    assertTrue(allow);
    grantee.setIsDelegatedAdminAccount(false);
    try {
        allow = accessMgr.canDo(grantee, target, right, true, null);
    } catch (ServiceException e) {
        if (ServiceException.PERM_DENIED.equals(e.getCode()))
            allow = false;
    }
    assertFalse(allow);
    grantee.setIsDelegatedAdminAccount(true);
    allow = accessMgr.canDo(grantee, target, right, true, null);
    assertTrue(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) ServiceException(com.zimbra.common.service.ServiceException) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) Test(org.junit.Test)

Aggregations

Right (com.zimbra.cs.account.accesscontrol.Right)52 Account (com.zimbra.cs.account.Account)38 Domain (com.zimbra.cs.account.Domain)22 Test (org.junit.Test)20 GuestAccount (com.zimbra.cs.account.GuestAccount)17 DistributionList (com.zimbra.cs.account.DistributionList)12 AdminRight (com.zimbra.cs.account.accesscontrol.AdminRight)8 Element (com.zimbra.common.soap.Element)7 Group (com.zimbra.cs.account.Group)7 AttrRight (com.zimbra.cs.account.accesscontrol.AttrRight)7 ComboRight (com.zimbra.cs.account.accesscontrol.ComboRight)7 TargetType (com.zimbra.cs.account.accesscontrol.TargetType)7 UserRight (com.zimbra.cs.account.accesscontrol.UserRight)7 RightsByTargetType (com.zimbra.cs.account.accesscontrol.RightCommand.RightsByTargetType)6 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)6 ServiceException (com.zimbra.common.service.ServiceException)5 CheckRight (com.zimbra.cs.account.accesscontrol.CheckRight)5 GranteeType (com.zimbra.cs.account.accesscontrol.GranteeType)5 PresetRight (com.zimbra.cs.account.accesscontrol.PresetRight)5 ZimbraACE (com.zimbra.cs.account.accesscontrol.ZimbraACE)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial