Example 21 with KeyValuePermission
use of ddf.security.permission.KeyValuePermission in project ddf by codice.
the class WorkspaceAccessPluginTest method testPermittedWhenOwnerOnUpdatedRoles.
@Test
public void testPermittedWhenOwnerOnUpdatedRoles() throws Exception {
String id = "0";
WorkspaceMetacardImpl before = WorkspaceMetacardImpl.from(ImmutableMap.of(Metacard.ID, id, Core.METACARD_OWNER, "before", WorkspaceAttributes.WORKSPACE_SHARING, ImmutableList.of()));
WorkspaceMetacardImpl after = WorkspaceMetacardImpl.from(ImmutableMap.of(Metacard.ID, id, Core.METACARD_OWNER, "after", WorkspaceAttributes.WORKSPACE_SHARING, ImmutableList.of("<xml/>")));
UpdateRequest update = mockUpdateRequest(ImmutableMap.of(id, after));
ArgumentCaptor<KeyValueCollectionPermission> args = ArgumentCaptor.forClass(KeyValueCollectionPermission.class);
doReturn(true).when(subject).isPermitted(args.capture());
accessPlugin.processPreUpdate(update, ImmutableMap.of(id, before));
KeyValuePermission permission = (KeyValuePermission) args.getValue().getKeyValuePermissionList().get(0);
assertThat(permission.getKey(), is(Constants.EMAIL_ADDRESS_CLAIM_URI));
// NOTE: the permission should contain the owner of the before metacard, not after
assertThat(permission.getValues(), is(ImmutableSet.of(before.getOwner())));
}
Also used :
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
UpdateRequest(ddf.catalog.operation.UpdateRequest)
KeyValuePermission(ddf.security.permission.KeyValuePermission)
WorkspaceMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.WorkspaceMetacardImpl)
Test(org.junit.Test)
Example 22 with KeyValuePermission
use of ddf.security.permission.KeyValuePermission in project ddf by codice.
the class Policy method getAllowedAttributePermissions.
@Override
public CollectionPermission getAllowedAttributePermissions() {
List<KeyValuePermission> perms = new ArrayList<>();
for (ContextAttributeMapping mapping : attributeMappings) {
perms.add(mapping.getAttributePermission());
}
KeyValueCollectionPermission permissions = new KeyValueCollectionPermission(getContextPath());
permissions.addAll(perms);
return permissions;
}
Also used :
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
ArrayList(java.util.ArrayList)
KeyValuePermission(ddf.security.permission.KeyValuePermission)
ContextAttributeMapping(org.codice.ddf.security.policy.context.attributes.ContextAttributeMapping)
Aggregations
KeyValuePermission (ddf.security.permission.KeyValuePermission)22
KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)18
ArrayList (java.util.ArrayList)10
Test (org.junit.Test)10
CollectionPermission (ddf.security.permission.CollectionPermission)8
Permission (org.apache.shiro.authz.Permission)8
SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)4
HashSet (java.util.HashSet)3
List (java.util.List)3
Expansion (ddf.security.expansion.Expansion)2
AuthzRealm (ddf.security.pdp.realm.AuthzRealm)2
HashMap (java.util.HashMap)2
AttributeType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeType)2
AttributeValueType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType)2
AttributesType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType)2
WildcardPermission (org.apache.shiro.authz.permission.WildcardPermission)2
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)2
XmlParser (org.codice.ddf.parser.xml.XmlParser)2
Before (org.junit.Before)2
XSString (org.opensaml.core.xml.schema.XSString)2
