Examples with CollectionPermission ddf.security.permission.CollectionPermission used on opensource projects

Search in sources :

Example 16 with CollectionPermission

use of ddf.security.permission.CollectionPermission in project ddf by codice.

the class WorkspacePolicyExtensionTest method testShouldRemoveRolesAndEmailsWhenEmailImplied.

@Test
public void testShouldRemoveRolesAndEmailsWhenEmailImplied() {
    List<Permission> before = ImmutableList.of(RANDOM, ROLES, EMAILS);
    doReturn(before).when(match).getPermissionList();
    CollectionPermission subject = subjectFrom(makePermission(Constants.EMAIL_ADDRESS_CLAIM_URI, VALUES));
    List<Permission> after = extension.isPermittedMatchAll(subject, match).getPermissionList();
    assertThat(after, is(ImmutableList.of(RANDOM)));
}
Also used : CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) Test(org.junit.Test)

Example 17 with CollectionPermission

use of ddf.security.permission.CollectionPermission in project ddf by codice.

the class AuthorizationFilterTest method getMockContextPolicy.

private ContextPolicy getMockContextPolicy() {
    ContextPolicy contextPolicy = mock(ContextPolicy.class);
    when(contextPolicy.getAuthenticationMethods()).thenReturn(Collections.singletonList("BASIC"));
    when(contextPolicy.getAllowedAttributePermissions()).thenReturn(new CollectionPermission(PATH, new KeyValuePermission(PATH, Collections.singleton("permission"))));
    when(contextPolicy.getContextPath()).thenReturn(PATH);
    when(contextPolicy.getRealm()).thenReturn("DDF");
    return contextPolicy;
}
Also used : CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy)

Example 18 with CollectionPermission

use of ddf.security.permission.CollectionPermission in project ddf by codice.

the class AuthzRealmTest method testBadPolicyExtension.

@Test
public void testBadPolicyExtension() {
    permissionList.clear();
    KeyValuePermission kvp = new KeyValuePermission("country", Arrays.asList("AUS", "CAN", "GBR"));
    permissionList.add(kvp);
    testRealm.addPolicyExtension(new PolicyExtension() {

        @Override
        public KeyValueCollectionPermission isPermittedMatchAll(CollectionPermission subjectAllCollection, KeyValueCollectionPermission matchAllCollection) {
            throw new NullPointerException();
        }

        @Override
        public KeyValueCollectionPermission isPermittedMatchOne(CollectionPermission subjectAllCollection, KeyValueCollectionPermission matchOneCollection) {
            throw new NullPointerException();
        }
    });
    boolean[] permittedArray = testRealm.isPermitted(mockSubjectPrincipal, permissionList);
    for (boolean permitted : permittedArray) {
        Assert.assertEquals(true, permitted);
    }
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) PolicyExtension(ddf.security.policy.extension.PolicyExtension) KeyValuePermission(ddf.security.permission.KeyValuePermission) Test(org.junit.Test)

Example 19 with CollectionPermission

use of ddf.security.permission.CollectionPermission in project ddf by codice.

the class TestPepInterceptorActions method testMessageWithDefaultUrlAction.

@Test
public void testMessageWithDefaultUrlAction() throws SecurityServiceException {
    PEPAuthorizingInterceptor interceptor = new PEPAuthorizingInterceptor();
    SecurityManager mockSecurityManager = mock(SecurityManager.class);
    interceptor.setSecurityManager(mockSecurityManager);
    Message messageWithAction = mock(Message.class);
    SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
    SecurityToken mockSecurityToken = mock(SecurityToken.class);
    Subject mockSubject = mock(Subject.class);
    assertNotNull(mockSecurityAssertion);
    PowerMockito.mockStatic(SecurityAssertionStore.class);
    PowerMockito.mockStatic(SecurityLogger.class);
    when(SecurityAssertionStore.getSecurityAssertion(messageWithAction)).thenReturn(mockSecurityAssertion);
    // SecurityLogger is already stubbed out
    when(mockSecurityAssertion.getSecurityToken()).thenReturn(mockSecurityToken);
    when(mockSecurityToken.getToken()).thenReturn(null);
    when(mockSecurityManager.getSubject(mockSecurityToken)).thenReturn(mockSubject);
    QName op = new QName("http://catalog/query/", "Search", "ns1");
    QName port = new QName("http://catalog/query/", "QueryPort", "ns1");
    when(messageWithAction.get(MessageContext.WSDL_OPERATION)).thenReturn(op);
    when(messageWithAction.get(MessageContext.WSDL_PORT)).thenReturn(port);
    Exchange mockExchange = mock(Exchange.class);
    BindingOperationInfo mockBOI = mock(BindingOperationInfo.class);
    when(messageWithAction.getExchange()).thenReturn(mockExchange);
    when(mockExchange.get(BindingOperationInfo.class)).thenReturn(mockBOI);
    when(mockBOI.getExtensor(SoapOperationInfo.class)).thenReturn(null);
    doAnswer(new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) throws Throwable {
            CollectionPermission perm = (CollectionPermission) invocation.getArguments()[0];
            assertEquals("http://catalog/query/QueryPort/SearchRequest", perm.getAction());
            return true;
        }
    }).when(mockSubject).isPermitted(isA(CollectionPermission.class));
    // This should work.
    interceptor.handleMessage(messageWithAction);
    PowerMockito.verifyStatic();
}
Also used : BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) SecurityManager(ddf.security.service.SecurityManager) Message(org.apache.cxf.message.Message) QName(javax.xml.namespace.QName) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Subject(ddf.security.Subject) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Exchange(org.apache.cxf.message.Exchange) InvocationOnMock(org.mockito.invocation.InvocationOnMock) CollectionPermission(ddf.security.permission.CollectionPermission) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 20 with CollectionPermission

use of ddf.security.permission.CollectionPermission in project ddf by codice.

the class TestPepInterceptorActions method testMessageWithOperationAction.

@Test
public void testMessageWithOperationAction() throws SecurityServiceException {
    PEPAuthorizingInterceptor interceptor = new PEPAuthorizingInterceptor();
    SecurityManager mockSecurityManager = mock(SecurityManager.class);
    interceptor.setSecurityManager(mockSecurityManager);
    Message messageWithAction = mock(Message.class);
    SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
    SecurityToken mockSecurityToken = mock(SecurityToken.class);
    Subject mockSubject = mock(Subject.class);
    assertNotNull(mockSecurityAssertion);
    PowerMockito.mockStatic(SecurityAssertionStore.class);
    PowerMockito.mockStatic(SecurityLogger.class);
    when(SecurityAssertionStore.getSecurityAssertion(messageWithAction)).thenReturn(mockSecurityAssertion);
    // SecurityLogger is already stubbed out
    when(mockSecurityAssertion.getSecurityToken()).thenReturn(mockSecurityToken);
    when(mockSecurityToken.getToken()).thenReturn(null);
    when(mockSecurityManager.getSubject(mockSecurityToken)).thenReturn(mockSubject);
    Exchange mockExchange = mock(Exchange.class);
    BindingOperationInfo mockBOI = mock(BindingOperationInfo.class);
    SoapOperationInfo mockSOI = mock(SoapOperationInfo.class);
    when(messageWithAction.getExchange()).thenReturn(mockExchange);
    when(mockExchange.get(BindingOperationInfo.class)).thenReturn(mockBOI);
    when(mockBOI.getExtensor(SoapOperationInfo.class)).thenReturn(mockSOI);
    when(mockSOI.getAction()).thenReturn("urn:catalog:query:query-port:search");
    doAnswer(new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) throws Throwable {
            CollectionPermission perm = (CollectionPermission) invocation.getArguments()[0];
            assertEquals("urn:catalog:query:query-port:search", perm.getAction());
            return true;
        }
    }).when(mockSubject).isPermitted(isA(CollectionPermission.class));
    // This should work.
    interceptor.handleMessage(messageWithAction);
    PowerMockito.verifyStatic();
}
Also used : BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) SecurityManager(ddf.security.service.SecurityManager) Message(org.apache.cxf.message.Message) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Subject(ddf.security.Subject) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Exchange(org.apache.cxf.message.Exchange) InvocationOnMock(org.mockito.invocation.InvocationOnMock) SoapOperationInfo(org.apache.cxf.binding.soap.model.SoapOperationInfo) CollectionPermission(ddf.security.permission.CollectionPermission) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Aggregations

CollectionPermission (ddf.security.permission.CollectionPermission)21 Test (org.junit.Test)16 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)13 KeyValuePermission (ddf.security.permission.KeyValuePermission)12 Permission (org.apache.shiro.authz.Permission)10 Subject (ddf.security.Subject)5 SecurityAssertion (ddf.security.assertion.SecurityAssertion)5 SecurityManager (ddf.security.service.SecurityManager)4 Message (org.apache.cxf.message.Message)4 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)4 InvocationOnMock (org.mockito.invocation.InvocationOnMock)4 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)4 ArrayList (java.util.ArrayList)3 QName (javax.xml.namespace.QName)3 Exchange (org.apache.cxf.message.Exchange)3 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)3 ContextPolicy (org.codice.ddf.security.policy.context.ContextPolicy)3 PolicyExtension (ddf.security.policy.extension.PolicyExtension)2 List (java.util.List)2 ImmutableMap (com.google.common.collect.ImmutableMap)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial