Examples with AuthzRoles cz.metacentrum.perun.core.impl.AuthzRoles used on opensource projects

Example 6 with AuthzRoles

use of cz.metacentrum.perun.core.impl.AuthzRoles in project perun by CESNET.

the class FacilitiesManagerEntryIntegrationTest method addHostsSameDestinationDifferentAdmin.

@Test(expected = PrivilegeException.class)
public void addHostsSameDestinationDifferentAdmin() throws Exception {
    System.out.println(CLASS_NAME + "addHostsStringsSameDestinationDifferentAdmin");
    // Sets list of hosts
    List<Host> listOfHosts = new ArrayList<Host>();
    Host testHost = new Host(0, "testHostOne");
    listOfHosts.add(testHost);
    String hostName = "testHostTwo";
    testHost = new Host(0, hostName);
    listOfHosts.add(testHost);
    // Initialize destination and service
    Destination destination = new Destination(0, hostName, Destination.DESTINATIONHOSTTYPE);
    Service service = new Service(0, "testService");
    ServicesManager servicesManagerEntry = perun.getServicesManager();
    service = servicesManagerEntry.createService(sess, service);
    // Creates second facility
    Facility secondFacility = new Facility(0, "TestSecondFacility", "TestDescriptionText");
    assertNotNull(perun.getFacilitiesManager().createFacility(sess, secondFacility));
    // Set up two members
    Member memberOne = setUpMember(vo);
    Member memberTwo = setUpMember(vo);
    // Set users as admins of different facilities
    User userOne = perun.getUsersManagerBl().getUserByMember(sess, memberOne);
    facilitiesManagerEntry.addAdmin(sess, facility, userOne);
    User userTwo = perun.getUsersManagerBl().getUserByMember(sess, memberTwo);
    facilitiesManagerEntry.addAdmin(sess, secondFacility, userTwo);
    // Sets userOne as actor in this test with role facility admin for facility
    AuthzRoles authzRoles = new AuthzRoles(Role.FACILITYADMIN, facility);
    sess.getPerunPrincipal().setRoles(authzRoles);
    sess.getPerunPrincipal().setUser(userOne);
    // Adds destination to facility
    servicesManagerEntry.addDestination(sess, service, facility, destination);
    assertTrue(servicesManagerEntry.getDestinations(sess, service, facility).size() == 1);
    // Change actor in this test to userTwo
    authzRoles = new AuthzRoles(Role.FACILITYADMIN, secondFacility);
    sess.getPerunPrincipal().setRoles(authzRoles);
    sess.getPerunPrincipal().setUser(userTwo);
    // Adds same host as destination to secondFacility with different admin -> should throw exception
    facilitiesManagerEntry.addHosts(sess, listOfHosts, secondFacility);
}

Example 7 with AuthzRoles

use of cz.metacentrum.perun.core.impl.AuthzRoles in project perun by CESNET.

the class FacilitiesManagerEntryIntegrationTest method addHostsSameHostsDifferentAdmin.

@Test(expected = PrivilegeException.class)
public void addHostsSameHostsDifferentAdmin() throws Exception {
    System.out.println(CLASS_NAME + "addHostsSameHostsDifferentAdmin");
    // Sets list of hosts
    List<Host> listOfHosts = new ArrayList<Host>();
    Host testHost = new Host(0, "testHostOne");
    listOfHosts.add(testHost);
    testHost = new Host(0, "testHostTwo");
    listOfHosts.add(testHost);
    // Set up two members
    Member memberOne = setUpMember(vo);
    Member memberTwo = setUpMember(vo);
    // Creates second facility
    Facility secondFacility = new Facility(0, "TestSecondFacility", "TestDescriptionText");
    assertNotNull(perun.getFacilitiesManager().createFacility(sess, secondFacility));
    // Set users as admins of different facilities
    User userOne = perun.getUsersManagerBl().getUserByMember(sess, memberOne);
    facilitiesManagerEntry.addAdmin(sess, facility, userOne);
    User userTwo = perun.getUsersManagerBl().getUserByMember(sess, memberTwo);
    facilitiesManagerEntry.addAdmin(sess, secondFacility, userTwo);
    // Sets userOne as actor in this test with role facility admin for facility
    AuthzRoles authzRoles = new AuthzRoles(Role.FACILITYADMIN, facility);
    sess.getPerunPrincipal().setRoles(authzRoles);
    sess.getPerunPrincipal().setUser(userOne);
    // Adds hosts to facility
    facilitiesManagerEntry.addHosts(sess, listOfHosts, facility);
    // Change actor in this test to userTwo
    authzRoles = new AuthzRoles(Role.FACILITYADMIN, secondFacility);
    sess.getPerunPrincipal().setRoles(authzRoles);
    sess.getPerunPrincipal().setUser(userTwo);
    // Adds same hosts to secondFacility with different admin -> should throw exception
    facilitiesManagerEntry.addHosts(sess, listOfHosts, secondFacility);
}

Example 8 with AuthzRoles

use of cz.metacentrum.perun.core.impl.AuthzRoles in project perun by CESNET.

the class SecurityTeamsManagerEntryIntegrationTest method testGetSecurityTeamsSecurityAdmin1.

@Test
public void testGetSecurityTeamsSecurityAdmin1() throws Exception {
    System.out.println(CLASS_NAME + "testGetSecurityTeamsSecurityAdmin1");
    AuthzRoles roles = sess.getPerunPrincipal().getRoles();
    try {
        setUpSecurityTeams();
        setUpUsers();
        List<SecurityTeam> expected = new ArrayList<>();
        expected.add(st0);
        expected.add(st1);
        sess.getPerunPrincipal().setRoles(new AuthzRoles(Role.SECURITYADMIN, expected));
        List<SecurityTeam> actual = securityTeamsManagerEntry.getSecurityTeams(sess);
        Collections.sort(expected);
        Collections.sort(actual);
        assertEquals(expected, actual);
    } finally {
        sess.getPerunPrincipal().setRoles(roles);
    }
}

Example 9 with AuthzRoles

use of cz.metacentrum.perun.core.impl.AuthzRoles in project perun by CESNET.

the class SecurityTeamsManagerEntryIntegrationTest method testGetSecurityTeamsPerunAdmin.

@Test
public void testGetSecurityTeamsPerunAdmin() throws Exception {
    System.out.println(CLASS_NAME + "testGetSecurityTeamsPerunAdmin");
    AuthzRoles roles = sess.getPerunPrincipal().getRoles();
    try {
        List<SecurityTeam> expected = setUpSecurityTeams();
        sess.getPerunPrincipal().setRoles(new AuthzRoles(Role.PERUNADMIN));
        List<SecurityTeam> actual = securityTeamsManagerEntry.getSecurityTeams(sess);
        assertTrue("Security teams should contain all created.", actual.containsAll(expected));
    } finally {
        sess.getPerunPrincipal().setRoles(roles);
    }
}

Example 10 with AuthzRoles

use of cz.metacentrum.perun.core.impl.AuthzRoles in project perun by CESNET.

the class AuthzResolverBlImpl method addAllSubgroupsToAuthzRoles.

/**
	 * For role GroupAdmin with association to "Group" add also all subgroups to authzRoles.
	 * If authzRoles is null, return empty AuthzRoles.
	 * If there is no GroupAdmin role or Group object for this role, return not changed authzRoles.
	 *
	 * @param sess       perun session
	 * @param authzRoles authzRoles for some user
	 * @return authzRoles also with subgroups of groups
	 */
public static AuthzRoles addAllSubgroupsToAuthzRoles(PerunSession sess, AuthzRoles authzRoles) throws InternalErrorException {
    if (authzRoles == null)
        return new AuthzRoles();
    if (authzRoles.hasRole(Role.GROUPADMIN)) {
        Map<String, Set<Integer>> groupAdminRoles = authzRoles.get(Role.GROUPADMIN);
        Set<Integer> groupsIds = groupAdminRoles.get("Group");
        Set<Integer> newGroupsIds = new HashSet<>(groupsIds);
        for (Integer id : groupsIds) {
            Group parentGroup;
            try {
                parentGroup = getPerunBlImpl().getGroupsManagerBl().getGroupById(sess, id);
            } catch (GroupNotExistsException ex) {
                log.debug("Group with id=" + id + " not exists when initializing rights for user: " + sess.getPerunPrincipal().getUser());
                continue;
            }
            List<Group> subGroups = getPerunBlImpl().getGroupsManagerBl().getAllSubGroups(sess, parentGroup);
            for (Group g : subGroups) {
                newGroupsIds.add(g.getId());
            }
        }
        groupAdminRoles.put("Group", newGroupsIds);
        authzRoles.put(Role.GROUPADMIN, groupAdminRoles);
    }
    return authzRoles;
}