use of datawave.security.authorization.SubjectIssuerDNPair in project datawave by NationalSecurityAgency.
the class AuthorizationsUtilTest method initialize.
@Before
public void initialize() {
System.setProperty(NpeUtils.NPE_OU_PROPERTY, "iamnotaperson");
methodAuths = "A,C";
userAuths = new HashSet<>();
userAuths.add(Sets.newHashSet("A", "C", "D"));
userAuths.add(Sets.newHashSet("A", "B", "E"));
SubjectIssuerDNPair userDN = SubjectIssuerDNPair.of(USER_DN, ISSUER_DN);
SubjectIssuerDNPair p1dn = SubjectIssuerDNPair.of("entity1UserDN", "entity1IssuerDN");
SubjectIssuerDNPair p2dn = SubjectIssuerDNPair.of("entity2UserDN", "entity2IssuerDN");
SubjectIssuerDNPair p3dn = SubjectIssuerDNPair.of("entity3UserDN", "entity3IssuerDN");
DatawaveUser user = new DatawaveUser(userDN, UserType.USER, Sets.newHashSet("A", "C", "D"), null, null, System.currentTimeMillis());
DatawaveUser p1 = new DatawaveUser(p1dn, UserType.SERVER, Sets.newHashSet("A", "B", "E"), null, null, System.currentTimeMillis());
DatawaveUser p2 = new DatawaveUser(p2dn, UserType.SERVER, Sets.newHashSet("A", "F", "G"), null, null, System.currentTimeMillis());
DatawaveUser p3 = new DatawaveUser(p3dn, UserType.SERVER, Sets.newHashSet("A", "B", "G"), null, null, System.currentTimeMillis());
proxiedUserPrincipal = new DatawavePrincipal(Lists.newArrayList(user, p1, p2));
proxiedServerPrincipal1 = new DatawavePrincipal(Lists.newArrayList(p1, p3));
proxiedServerPrincipal2 = new DatawavePrincipal(Lists.newArrayList(p1, p2, p3));
}
use of datawave.security.authorization.SubjectIssuerDNPair in project datawave by NationalSecurityAgency.
the class DatawaveRoleManagerTest method createAndSetWithSingleRole.
private void createAndSetWithSingleRole() {
String dn = "dn1";
String issuerDN = "idn";
SubjectIssuerDNPair combinedDN = SubjectIssuerDNPair.of(dn, issuerDN);
Collection<String> roles = Lists.newArrayList("REQ_ROLE_1");
DatawaveUser user = new DatawaveUser(combinedDN, UserType.USER, null, roles, null, System.currentTimeMillis());
datawavePrincipal = new DatawavePrincipal(Lists.newArrayList(user));
}
use of datawave.security.authorization.SubjectIssuerDNPair in project datawave by NationalSecurityAgency.
the class DatawaveRoleManagerTest method createAndSetWithTwoRoles.
private void createAndSetWithTwoRoles() {
String dn = "dn1";
String issuerDN = "idn";
SubjectIssuerDNPair combinedDn1 = SubjectIssuerDNPair.of(dn, issuerDN);
String combinedDN = dn + "<" + issuerDN + ">";
String dn2 = "dn2";
String combinedDN2 = dn2 + "<" + issuerDN + ">";
SubjectIssuerDNPair combinedDn2 = SubjectIssuerDNPair.of(dn2, issuerDN);
DatawaveUser u1 = new DatawaveUser(combinedDn1, UserType.USER, null, getFirstRole(), null, System.currentTimeMillis());
DatawaveUser u2 = new DatawaveUser(combinedDn2, UserType.SERVER, null, getSecondRole(), null, System.currentTimeMillis());
datawavePrincipal = new DatawavePrincipal(Lists.newArrayList(u1, u2));
}
use of datawave.security.authorization.SubjectIssuerDNPair in project datawave by NationalSecurityAgency.
the class ExtendedQueryExecutorBeanTest method testCreateQuery_auditException.
@Test(expected = DatawaveWebApplicationException.class)
public void testCreateQuery_auditException() throws Exception {
String queryLogicName = "queryLogicName";
String query = "query";
String queryName = "queryName";
String queryVisibility = "A&B";
long currentTime = System.currentTimeMillis();
Date beginDate = new Date(currentTime - 5000);
Date endDate = new Date(currentTime - 1000);
String queryAuthorizations = "AUTH_1";
Date expirationDate = new Date(currentTime + 999999);
int pagesize = 10;
QueryPersistence persistenceMode = QueryPersistence.PERSISTENT;
boolean trace = false;
String userName = "userName";
String userSid = "userSid";
String userDN = "userDN";
SubjectIssuerDNPair userDNpair = SubjectIssuerDNPair.of(userDN);
List<String> dnList = Collections.singletonList(userDN);
UUID queryId = UUID.randomUUID();
long pageNumber = 0L;
HashMap<String, Collection<String>> authsMap = new HashMap<>();
authsMap.put("USERDN", Arrays.asList(queryAuthorizations));
MultivaluedMap<String, String> queryParameters = new MultivaluedMapImpl<>();
queryParameters.putSingle(QueryParameters.QUERY_STRING, query);
queryParameters.putSingle(QueryParameters.QUERY_NAME, queryName);
queryParameters.putSingle(QueryParameters.QUERY_LOGIC_NAME, queryLogicName);
queryParameters.putSingle(QueryParameters.QUERY_BEGIN, QueryParametersImpl.formatDate(beginDate));
queryParameters.putSingle(QueryParameters.QUERY_END, QueryParametersImpl.formatDate(endDate));
queryParameters.putSingle(QueryParameters.QUERY_EXPIRATION, QueryParametersImpl.formatDate(expirationDate));
queryParameters.putSingle(QueryParameters.QUERY_AUTHORIZATIONS, queryAuthorizations);
queryParameters.putSingle(QueryParameters.QUERY_PAGESIZE, String.valueOf(pagesize));
queryParameters.putSingle(QueryParameters.QUERY_PERSISTENCE, persistenceMode.name());
queryParameters.putSingle(QueryParameters.QUERY_TRACE, String.valueOf(trace));
queryParameters.putSingle(ColumnVisibilitySecurityMarking.VISIBILITY_MARKING, queryVisibility);
queryParameters.putSingle("valid", "param");
expect(context.getCallerPrincipal()).andReturn(principal).anyTimes();
expect(this.queryLogicFactory.getQueryLogic(queryLogicName, this.principal)).andReturn((QueryLogic) this.queryLogic1);
queryLogic1.validate(queryParameters);
expect(principal.getName()).andReturn(userName);
expect(principal.getShortName()).andReturn(userSid);
expect(principal.getUserDN()).andReturn(userDNpair);
expect(principal.getDNs()).andReturn(new String[] { userDN });
expect(this.principal.getProxyServers()).andReturn(new ArrayList<>(0)).anyTimes();
expect(this.queryLogic1.containsDNWithAccess(Collections.singletonList(userDN))).andReturn(true);
expect(this.queryLogic1.getAuditType(null)).andReturn(AuditType.ACTIVE);
expect(this.principal.getAuthorizations()).andReturn((Collection) Arrays.asList(Arrays.asList(queryAuthorizations)));
expect(this.queryLogic1.getMaxPageSize()).andReturn(10).anyTimes();
expect(queryLogic1.getSelectors(null)).andReturn(null);
expect(auditor.audit(queryParameters)).andThrow(new JMSRuntimeException("EXPECTED TESTING EXCEPTION"));
queryLogic1.close();
PowerMock.replayAll();
QueryExecutorBean executor = new QueryExecutorBean();
setInternalState(executor, EJBContext.class, context);
setInternalState(executor, AccumuloConnectionFactory.class, connectionFactory);
setInternalState(executor, ResponseObjectFactory.class, responseObjectFactory);
setInternalState(executor, CreatedQueryLogicCacheBean.class, qlCache);
setInternalState(executor, QueryCache.class, cache);
setInternalState(executor, ClosedQueryCache.class, closedCache);
setInternalState(executor, Persister.class, persister);
setInternalState(executor, QueryLogicFactoryImpl.class, queryLogicFactory);
setInternalState(executor, QueryExpirationConfiguration.class, queryExpirationConf);
setInternalState(executor, AuditBean.class, auditor);
setInternalState(executor, QueryMetricsBean.class, metrics);
setInternalState(executor, Multimap.class, traceInfos);
setInternalState(executor, SecurityMarking.class, new ColumnVisibilitySecurityMarking());
setInternalState(executor, QueryParameters.class, new QueryParametersImpl());
setInternalState(executor, QueryMetricFactory.class, new QueryMetricFactoryImpl());
setInternalState(connectionRequestBean, EJBContext.class, context);
setInternalState(executor, AccumuloConnectionRequestBean.class, connectionRequestBean);
executor.createQuery(queryLogicName, queryParameters);
PowerMock.verifyAll();
}
use of datawave.security.authorization.SubjectIssuerDNPair in project datawave by NationalSecurityAgency.
the class ExtendedQueryExecutorBeanTest method testDefineQuery_UncheckedException.
@SuppressWarnings({ "unchecked", "rawtypes" })
@Test(expected = IllegalArgumentException.class)
public void testDefineQuery_UncheckedException() throws Exception {
// Set local test input
String queryLogicName = "queryLogicName";
String query = "query";
String queryName = "queryName";
String queryVisibility = "A&B";
long currentTime = System.currentTimeMillis();
Date beginDate = new Date(currentTime - 5000);
Date endDate = new Date(currentTime - 1000);
String queryAuthorizations = "AUTH_1";
Date expirationDate = new Date(currentTime + 10000);
int pagesize = 10;
int pageTimeout = -1;
Long maxResultsOverride = null;
QueryPersistence persistenceMode = QueryPersistence.PERSISTENT;
String userName = "userName";
String userSid = "userSid";
String userDN = "userdn";
SubjectIssuerDNPair userDNpair = SubjectIssuerDNPair.of(userDN);
boolean trace = false;
List<String> dnList = Collections.singletonList(userDN);
UUID queryId = UUID.randomUUID();
MultivaluedMap<String, String> queryParameters = new MultivaluedMapImpl<>();
queryParameters.putAll(QueryParametersImpl.paramsToMap(null, query, queryName, queryVisibility, beginDate, endDate, queryAuthorizations, expirationDate, pagesize, pageTimeout, maxResultsOverride, persistenceMode, null, trace));
queryParameters.putSingle("valid", "param");
ColumnVisibilitySecurityMarking marking = new ColumnVisibilitySecurityMarking();
marking.validate(queryParameters);
QueryParameters qp = new QueryParametersImpl();
qp.validate(queryParameters);
MultivaluedMap<String, String> op = new MultivaluedMapImpl<>();
op.putAll(qp.getUnknownParameters(queryParameters));
op.putSingle(PrivateAuditConstants.LOGIC_CLASS, queryLogicName);
op.putSingle(PrivateAuditConstants.COLUMN_VISIBILITY, queryVisibility);
op.putSingle(PrivateAuditConstants.USER_DN, userDNpair.subjectDN());
// Set expectations
queryLogic1.validate(queryParameters);
expect(this.context.getCallerPrincipal()).andReturn(this.principal).anyTimes();
expect(this.principal.getName()).andReturn(userName);
expect(this.principal.getShortName()).andReturn(userSid);
expect(this.principal.getDNs()).andReturn(new String[] { userDN });
expect(this.principal.getProxyServers()).andReturn(new ArrayList<>(0));
expect(this.principal.getAuthorizations()).andReturn((Collection) Arrays.asList(Arrays.asList(queryAuthorizations)));
expect(this.principal.getUserDN()).andReturn(userDNpair);
expect(persister.create(eq(userDNpair.subjectDN()), eq(dnList), eq(marking), eq(queryLogicName), eq(qp), eq(op))).andReturn(this.query);
expect(this.query.getId()).andReturn(queryId).times(3);
expect(this.queryLogicFactory.getQueryLogic(queryLogicName, principal)).andReturn((QueryLogic) this.queryLogic1);
expect(this.queryLogic1.getMaxPageSize()).andReturn(100).times(2);
expect(this.traceInfos.get(userSid)).andReturn(new ArrayList<>(0));
expect(this.traceInfos.get(null)).andReturn(Arrays.asList(PatternWrapper.wrap(query)));
PowerMock.mockStaticPartial(Trace.class, "start");
expect(Trace.start("query:define")).andReturn(this.span);
expect(this.queryLogic1.getConnectionPriority()).andThrow(ILLEGAL_STATE_EXCEPTION);
// TODO: 1.8.1: no longer done
// expect(this.span.parent()).andReturn(this.span);
// expect(this.span.parent()).andReturn(this.span);
this.span.stop();
// Run the test
PowerMock.replayAll();
try {
QueryExecutorBean subject = new QueryExecutorBean();
setInternalState(subject, EJBContext.class, context);
setInternalState(subject, Persister.class, persister);
setInternalState(subject, QueryLogicFactory.class, queryLogicFactory);
setInternalState(subject, QueryExpirationConfiguration.class, queryExpirationConf);
setInternalState(subject, Multimap.class, traceInfos);
setInternalState(subject, SecurityMarking.class, new ColumnVisibilitySecurityMarking());
setInternalState(subject, QueryParameters.class, new QueryParametersImpl());
setInternalState(subject, QueryMetricFactory.class, new QueryMetricFactoryImpl());
subject.defineQuery(queryLogicName, queryParameters);
} finally {
PowerMock.verifyAll();
}
}
Aggregations