Search in sources :

Example 11 with KeyValuePermission

use of ddf.security.permission.KeyValuePermission in project ddf by codice.

the class AuthorizationFilterTest method getMockContextPolicy.

private ContextPolicy getMockContextPolicy() {
    ContextPolicy contextPolicy = mock(ContextPolicy.class);
    when(contextPolicy.getAuthenticationMethods()).thenReturn(Collections.singletonList("BASIC"));
    when(contextPolicy.getAllowedAttributePermissions()).thenReturn(new CollectionPermission(PATH, new KeyValuePermission(PATH, Collections.singleton("permission"))));
    when(contextPolicy.getContextPath()).thenReturn(PATH);
    when(contextPolicy.getRealm()).thenReturn("DDF");
    return contextPolicy;
}
Also used : CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy)

Example 12 with KeyValuePermission

use of ddf.security.permission.KeyValuePermission in project ddf by codice.

the class XacmlPdpTest method generateSubjectInfo.

private AuthorizationInfo generateSubjectInfo(String country) {
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<Permission> permissions = new HashSet<Permission>();
    Set<String> roles = new HashSet<String>();
    // add roles
    roles.add("users");
    roles.add("admin");
    // add permissions
    KeyValuePermission citizenshipPermission = new KeyValuePermission(COUNTRY);
    citizenshipPermission.addValue(country);
    permissions.add(citizenshipPermission);
    KeyValuePermission typePermission = new KeyValuePermission(SUBJECT_ACCESS);
    typePermission.addValue(ACCESS_TYPE_A);
    typePermission.addValue(ACCESS_TYPE_B);
    KeyValuePermission nameIdentPermission = new KeyValuePermission(NAME_IDENTIFIER);
    nameIdentPermission.addValue("testuser1");
    KeyValuePermission givenNamePermission = new KeyValuePermission(GIVEN_NAME);
    givenNamePermission.addValue("Test User");
    permissions.add(typePermission);
    permissions.add(nameIdentPermission);
    permissions.add(givenNamePermission);
    info.setRoles(roles);
    info.setObjectPermissions(permissions);
    return info;
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) HashSet(java.util.HashSet)

Example 13 with KeyValuePermission

use of ddf.security.permission.KeyValuePermission in project ddf by codice.

the class AuthzRealmTest method testIsPermittedOneSingle.

@Test
public void testIsPermittedOneSingle() {
    permissionList.clear();
    KeyValuePermission kvp = new KeyValuePermission("country", Arrays.asList("AUS", "CAN", "GBR"));
    permissionList.add(kvp);
    boolean[] permittedArray = testRealm.isPermitted(mockSubjectPrincipal, permissionList);
    for (boolean permitted : permittedArray) {
        Assert.assertEquals(true, permitted);
    }
}
Also used : KeyValuePermission(ddf.security.permission.KeyValuePermission) Test(org.junit.Test)

Example 14 with KeyValuePermission

use of ddf.security.permission.KeyValuePermission in project ddf by codice.

the class AuthzRealmTest method testBadPolicyExtension.

@Test
public void testBadPolicyExtension() {
    permissionList.clear();
    KeyValuePermission kvp = new KeyValuePermission("country", Arrays.asList("AUS", "CAN", "GBR"));
    permissionList.add(kvp);
    testRealm.addPolicyExtension(new PolicyExtension() {

        @Override
        public KeyValueCollectionPermission isPermittedMatchAll(CollectionPermission subjectAllCollection, KeyValueCollectionPermission matchAllCollection) {
            throw new NullPointerException();
        }

        @Override
        public KeyValueCollectionPermission isPermittedMatchOne(CollectionPermission subjectAllCollection, KeyValueCollectionPermission matchOneCollection) {
            throw new NullPointerException();
        }
    });
    boolean[] permittedArray = testRealm.isPermitted(mockSubjectPrincipal, permissionList);
    for (boolean permitted : permittedArray) {
        Assert.assertEquals(true, permitted);
    }
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) PolicyExtension(ddf.security.policy.extension.PolicyExtension) KeyValuePermission(ddf.security.permission.KeyValuePermission) Test(org.junit.Test)

Example 15 with KeyValuePermission

use of ddf.security.permission.KeyValuePermission in project ddf by codice.

the class AuthzRealmTest method testIsKvpPermitted.

@Test
public void testIsKvpPermitted() {
    permissionList.clear();
    KeyValuePermission kvp = new KeyValuePermission("role", Arrays.asList("admin"));
    permissionList.add(kvp);
    boolean[] permittedArray = testRealm.isPermitted(mockSubjectPrincipal, permissionList);
    for (boolean permitted : permittedArray) {
        Assert.assertEquals(true, permitted);
    }
}
Also used : KeyValuePermission(ddf.security.permission.KeyValuePermission) Test(org.junit.Test)

Aggregations

KeyValuePermission (ddf.security.permission.KeyValuePermission)22 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)18 ArrayList (java.util.ArrayList)10 Test (org.junit.Test)10 CollectionPermission (ddf.security.permission.CollectionPermission)8 Permission (org.apache.shiro.authz.Permission)8 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)4 HashSet (java.util.HashSet)3 List (java.util.List)3 Expansion (ddf.security.expansion.Expansion)2 AuthzRealm (ddf.security.pdp.realm.AuthzRealm)2 HashMap (java.util.HashMap)2 AttributeType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeType)2 AttributeValueType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType)2 AttributesType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType)2 WildcardPermission (org.apache.shiro.authz.permission.WildcardPermission)2 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)2 XmlParser (org.codice.ddf.parser.xml.XmlParser)2 Before (org.junit.Before)2 XSString (org.opensaml.core.xml.schema.XSString)2