use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.
the class AttributesManagerImpl method setAttributePolicyCollections.
@Override
public void setAttributePolicyCollections(PerunSession sess, List<AttributePolicyCollection> policyCollections) {
try {
// deleting old attribute policies
List<Integer> attributeIds = policyCollections.stream().map(AttributePolicyCollection::getAttributeId).distinct().collect(Collectors.toList());
for (Integer attributeId : attributeIds) {
jdbc.update("DELETE FROM attribute_policy_collections WHERE attr_id=?", attributeId);
}
// inserting new policies
for (AttributePolicyCollection apc : policyCollections) {
int next_id = jdbc.queryForInt("SELECT nextval('attribute_policy_collections_id_seq')");
jdbc.update("INSERT INTO attribute_policy_collections (id, attr_id, action) VALUES " + "(?, ?, ?::attribute_action)", next_id, apc.getAttributeId(), apc.getAction().toString());
for (AttributePolicy ap : apc.getPolicies()) {
jdbc.update("INSERT INTO attribute_policies (id, role_id, object, policy_collection_id) VALUES " + "((nextval('attribute_policies_id_seq')), (SELECT id FROM roles WHERE name=?), ?::role_object, ?)", ap.getRole().toLowerCase(), ap.getObject().toString(), next_id);
}
}
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.
the class AttributesManagerEntryIntegrationTest method setAttributePolicyCollections.
@Test
public void setAttributePolicyCollections() throws Exception {
System.out.println(CLASS_NAME + "setAttributePolicyCollections");
Attribute userAttribute1 = setUpAttribute(String.class.getName(), "testUserAttribute1", AttributesManager.NS_USER_ATTR_DEF, "TEST VALUE");
List<AttributePolicyCollection> policyCollections = new ArrayList<>();
List<AttributePolicy> policies = new ArrayList<>();
policies.add(new AttributePolicy(42, Role.VOADMIN, RoleObject.Vo, 1));
policies.add(new AttributePolicy(43, Role.PERUNOBSERVER, RoleObject.None, 1));
policyCollections.add(new AttributePolicyCollection(100, userAttribute1.getId(), AttributeAction.READ, new ArrayList<>(policies)));
perun.getAttributesManager().setAttributePolicyCollections(sess, policyCollections);
List<AttributePolicyCollection> insertedCollections = perun.getAttributesManager().getAttributePolicyCollections(sess, userAttribute1.getId());
assertEquals(insertedCollections.size(), policyCollections.size());
assertEquals(insertedCollections.get(0).getAttributeId(), userAttribute1.getId());
assertEquals(insertedCollections.get(0).getAction(), policyCollections.get(0).getAction());
List<AttributePolicy> insertedPolicies = insertedCollections.get(0).getPolicies();
assertEquals(insertedPolicies.size(), 2);
assertEquals(insertedPolicies.get(0).getPolicyCollectionId(), insertedCollections.get(0).getId());
assertEquals(insertedPolicies.get(0).getObject(), policyCollections.get(0).getPolicies().get(0).getObject());
assertEquals(insertedPolicies.get(0).getRole(), policyCollections.get(0).getPolicies().get(0).getRole());
assertEquals(insertedPolicies.get(1).getPolicyCollectionId(), insertedCollections.get(0).getId());
assertEquals(insertedPolicies.get(1).getObject(), policyCollections.get(0).getPolicies().get(1).getObject());
assertEquals(insertedPolicies.get(1).getRole(), policyCollections.get(0).getPolicies().get(1).getRole());
}
use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.
the class AttributesManagerEntryIntegrationTest method getAttributePolicyCollections.
@Test
public void getAttributePolicyCollections() throws Exception {
System.out.println(CLASS_NAME + "getAttributePolicyCollections");
Attribute groupAttribute1 = setUpAttribute(String.class.getName(), "testGroupAttribute1", AttributesManager.NS_GROUP_ATTR_DEF, "TEST VALUE");
List<AttributePolicyCollection> policyCollections = new ArrayList<>();
List<AttributePolicy> policies = new ArrayList<>();
policies.add(new AttributePolicy(123, Role.GROUPADMIN, RoleObject.Group, 1));
policies.add(new AttributePolicy(789, Role.PERUNOBSERVER, RoleObject.None, 1));
policyCollections.add(new AttributePolicyCollection(42, groupAttribute1.getId(), AttributeAction.READ, new ArrayList<>(policies)));
policies.clear();
policies.add(new AttributePolicy(123, Role.GROUPADMIN, RoleObject.Group, 1));
policyCollections.add(new AttributePolicyCollection(43, groupAttribute1.getId(), AttributeAction.WRITE, new ArrayList<>(policies)));
perun.getAttributesManager().setAttributePolicyCollections(sess, policyCollections);
List<AttributePolicyCollection> insertedGroupCollections = perun.getAttributesManager().getAttributePolicyCollections(sess, groupAttribute1.getId());
List<AttributePolicy> insertedPolicies;
assertEquals(2, insertedGroupCollections.size());
for (AttributePolicyCollection apc : insertedGroupCollections) {
insertedPolicies = apc.getPolicies();
assertTrue(apc.getAction().equals(AttributeAction.READ) ? insertedPolicies.size() == 2 : insertedPolicies.size() == 1);
assertEquals(groupAttribute1.getId(), apc.getAttributeId());
for (AttributePolicy ap : insertedPolicies) {
assertEquals(apc.getId(), ap.getPolicyCollectionId());
if (apc.getAction().equals(AttributeAction.READ)) {
if (ap.getRole().equals(Role.GROUPADMIN)) {
assertEquals(RoleObject.Group, ap.getObject());
} else {
assertEquals(Role.PERUNOBSERVER, ap.getRole());
assertEquals(RoleObject.None, ap.getObject());
}
} else {
assertEquals(AttributeAction.WRITE, apc.getAction());
assertEquals(Role.GROUPADMIN, ap.getRole());
assertEquals(RoleObject.Group, ap.getObject());
}
}
}
}
use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.
the class AttributesManagerEntry method setAttributePolicyCollections.
@Override
public void setAttributePolicyCollections(PerunSession sess, List<AttributePolicyCollection> policyCollections) throws PrivilegeException, AttributeNotExistsException, RoleNotSupportedException {
Utils.checkPerunSession(sess);
// check validity of roles, existence of attributes
for (AttributePolicyCollection apc : policyCollections) {
for (AttributePolicy ap : apc.getPolicies()) {
if (!AuthzResolver.roleExists(ap.getRole())) {
throw new RoleNotSupportedException("Role: " + ap.getRole() + " does not exists.", ap.getRole());
}
getAttributeDefinitionById(sess, apc.getAttributeId());
}
}
// Authorization
if (!AuthzResolver.authorizedInternal(sess, "setAttributePolicyCollections_List<AttributePolicyCollection>_int_policy")) {
throw new PrivilegeException("setAttributePolicyCollections");
}
getAttributesManagerBl().setAttributePolicyCollections(sess, policyCollections);
}
Aggregations