use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.
the class AdminConfigPolicyTest method getSubjectPermissions.
public KeyValueCollectionPermission getSubjectPermissions() {
KeyValueCollectionPermission subjectCollectionPermissions = new KeyValueCollectionPermissionImpl();
subjectCollectionPermissions.addAll(new HashMap<String, List<String>>() {
{
for (int i = 0; i < 3; i++) {
put(TEST_ATTRIBUTE_NAME + i, Arrays.asList(TEST_ATTRIBUTE_VALUE + i));
}
}
});
return subjectCollectionPermissions;
}
use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.
the class AdminConfigPolicyTest method testRemoveSomePermissions.
@Test
public void testRemoveSomePermissions() {
AdminConfigPolicy adminConfigPolicy = new AdminConfigPolicy();
adminConfigPolicy.setPermissions(new PermissionsImpl());
List<String> featurePolicyPermissions = getValidPolicyPermissions();
List<String> servicePolicyPermissions = getValidPolicyPermissions();
featurePolicyPermissions.add(TEST_PERMISSION_VALUE + UNAUTHORIZED + "=\"" + TEST_ATTRIBUTE_NAME + UNAUTHORIZED + "=" + TEST_ATTRIBUTE_VALUE + UNAUTHORIZED + "\"");
servicePolicyPermissions.add(TEST_PERMISSION_VALUE + UNAUTHORIZED + "=\"" + TEST_ATTRIBUTE_NAME + UNAUTHORIZED + "=" + TEST_ATTRIBUTE_VALUE + UNAUTHORIZED + "\"");
adminConfigPolicy.setFeaturePolicies(featurePolicyPermissions);
adminConfigPolicy.setServicePolicies(servicePolicyPermissions);
List<KeyValuePermission> matchOneFeaturePermissions = getMatchOnePermissions(AdminConfigPolicy.FEATURE_NAME);
matchOneFeaturePermissions.add(new KeyValuePermissionImpl(AdminConfigPolicy.FEATURE_NAME, Sets.newHashSet(TEST_PERMISSION_VALUE + UNAUTHORIZED)));
List<KeyValuePermission> matchOneServicePermissions = getMatchOnePermissions(AdminConfigPolicy.SERVICE_PID);
matchOneServicePermissions.add(new KeyValuePermissionImpl(AdminConfigPolicy.SERVICE_PID, Sets.newHashSet(TEST_PERMISSION_VALUE + UNAUTHORIZED)));
List<KeyValuePermission> matchOneInvalidActionPermission = new ArrayList<>();
matchOneInvalidActionPermission.add(new KeyValuePermissionImpl("UNKNOWN_ACTION", Sets.newHashSet(TEST_PERMISSION_VALUE)));
KeyValueCollectionPermission requestedFeaturePermissions = new KeyValueCollectionPermissionImpl(AdminConfigPolicy.VIEW_FEATURE_ACTION, matchOneFeaturePermissions.stream().toArray(KeyValuePermissionImpl[]::new));
KeyValueCollectionPermission requestedServicePermissions = new KeyValueCollectionPermissionImpl(AdminConfigPolicy.VIEW_SERVICE_ACTION, matchOneServicePermissions.stream().toArray(KeyValuePermissionImpl[]::new));
KeyValueCollectionPermission requestedInvalidActionPermissions = new KeyValueCollectionPermissionImpl("UNKNOWN_ACTION", matchOneInvalidActionPermission.stream().toArray(KeyValuePermissionImpl[]::new));
assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedFeaturePermissions, requestedFeaturePermissions).getPermissionList().size());
assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedServicePermissions, requestedServicePermissions).getPermissionList().size());
assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedServicePermissions, requestedServicePermissions).getPermissionList().size());
assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedInvalidActionPermissions, requestedInvalidActionPermissions).getPermissionList().size());
}
use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.
the class FilterPluginTest method makeDecision.
public Answer<Boolean> makeDecision() {
Map<String, List<String>> testRoleMap = new HashMap<>();
List<String> testRoles = new ArrayList<>();
testRoles.add("A");
testRoles.add("B");
testRoleMap.put("Roles", testRoles);
final KeyValueCollectionPermission testUserPermission = new KeyValueCollectionPermissionImpl(CollectionPermission.READ_ACTION, testRoleMap);
return new Answer<Boolean>() {
@Override
public Boolean answer(InvocationOnMock invocation) {
Object[] args = invocation.getArguments();
Permission incomingPermission = (Permission) args[1];
return testUserPermission.implies(incomingPermission);
}
};
}
use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.
the class XacmlPdpTest method testEnvironmentVariables.
@Test
public void testEnvironmentVariables() {
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo(TEST_COUNTRY), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
List<AttributesType> attributes = request.getAttributes();
AttributesType environmentAttributes = null;
for (AttributesType attribute : attributes) {
if (attribute.getCategory().equals(ENVIRONMENT_CATEGORY)) {
environmentAttributes = attribute;
}
}
assertNotNull(environmentAttributes);
assertThat(environmentAttributes.getAttribute().get(0).getAttributeId(), is("item0"));
assertThat(environmentAttributes.getAttribute().get(0).getAttributeValue().size(), is(1));
assertThat(environmentAttributes.getAttribute().get(1).getAttributeId(), is("item1"));
assertThat(environmentAttributes.getAttribute().get(1).getAttributeValue().size(), is(2));
assertThat(environmentAttributes.getAttribute().get(2).getAttributeId(), is("item2"));
assertThat(environmentAttributes.getAttribute().get(2).getAttributeValue().size(), is(3));
}
use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.
the class XacmlPdpTest method testActionBadCountry.
@Test
public void testActionBadCountry() {
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo("CAN"), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
assertThat(testRealm.isPermitted(request), equalTo(false));
}
Aggregations