Search in sources :

Example 1 with KeyValueCollectionPermissionImpl

use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.

the class AdminConfigPolicyTest method getSubjectPermissions.

public KeyValueCollectionPermission getSubjectPermissions() {
    KeyValueCollectionPermission subjectCollectionPermissions = new KeyValueCollectionPermissionImpl();
    subjectCollectionPermissions.addAll(new HashMap<String, List<String>>() {

        {
            for (int i = 0; i < 3; i++) {
                put(TEST_ATTRIBUTE_NAME + i, Arrays.asList(TEST_ATTRIBUTE_VALUE + i));
            }
        }
    });
    return subjectCollectionPermissions;
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl) ArrayList(java.util.ArrayList) List(java.util.List)

Example 2 with KeyValueCollectionPermissionImpl

use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.

the class AdminConfigPolicyTest method testRemoveSomePermissions.

@Test
public void testRemoveSomePermissions() {
    AdminConfigPolicy adminConfigPolicy = new AdminConfigPolicy();
    adminConfigPolicy.setPermissions(new PermissionsImpl());
    List<String> featurePolicyPermissions = getValidPolicyPermissions();
    List<String> servicePolicyPermissions = getValidPolicyPermissions();
    featurePolicyPermissions.add(TEST_PERMISSION_VALUE + UNAUTHORIZED + "=\"" + TEST_ATTRIBUTE_NAME + UNAUTHORIZED + "=" + TEST_ATTRIBUTE_VALUE + UNAUTHORIZED + "\"");
    servicePolicyPermissions.add(TEST_PERMISSION_VALUE + UNAUTHORIZED + "=\"" + TEST_ATTRIBUTE_NAME + UNAUTHORIZED + "=" + TEST_ATTRIBUTE_VALUE + UNAUTHORIZED + "\"");
    adminConfigPolicy.setFeaturePolicies(featurePolicyPermissions);
    adminConfigPolicy.setServicePolicies(servicePolicyPermissions);
    List<KeyValuePermission> matchOneFeaturePermissions = getMatchOnePermissions(AdminConfigPolicy.FEATURE_NAME);
    matchOneFeaturePermissions.add(new KeyValuePermissionImpl(AdminConfigPolicy.FEATURE_NAME, Sets.newHashSet(TEST_PERMISSION_VALUE + UNAUTHORIZED)));
    List<KeyValuePermission> matchOneServicePermissions = getMatchOnePermissions(AdminConfigPolicy.SERVICE_PID);
    matchOneServicePermissions.add(new KeyValuePermissionImpl(AdminConfigPolicy.SERVICE_PID, Sets.newHashSet(TEST_PERMISSION_VALUE + UNAUTHORIZED)));
    List<KeyValuePermission> matchOneInvalidActionPermission = new ArrayList<>();
    matchOneInvalidActionPermission.add(new KeyValuePermissionImpl("UNKNOWN_ACTION", Sets.newHashSet(TEST_PERMISSION_VALUE)));
    KeyValueCollectionPermission requestedFeaturePermissions = new KeyValueCollectionPermissionImpl(AdminConfigPolicy.VIEW_FEATURE_ACTION, matchOneFeaturePermissions.stream().toArray(KeyValuePermissionImpl[]::new));
    KeyValueCollectionPermission requestedServicePermissions = new KeyValueCollectionPermissionImpl(AdminConfigPolicy.VIEW_SERVICE_ACTION, matchOneServicePermissions.stream().toArray(KeyValuePermissionImpl[]::new));
    KeyValueCollectionPermission requestedInvalidActionPermissions = new KeyValueCollectionPermissionImpl("UNKNOWN_ACTION", matchOneInvalidActionPermission.stream().toArray(KeyValuePermissionImpl[]::new));
    assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedFeaturePermissions, requestedFeaturePermissions).getPermissionList().size());
    assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedServicePermissions, requestedServicePermissions).getPermissionList().size());
    assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedServicePermissions, requestedServicePermissions).getPermissionList().size());
    assertEquals(1, adminConfigPolicy.isPermittedMatchOne(getSubjectPermissions(), requestedInvalidActionPermissions, requestedInvalidActionPermissions).getPermissionList().size());
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) PermissionsImpl(ddf.security.permission.impl.PermissionsImpl) KeyValuePermissionImpl(ddf.security.permission.impl.KeyValuePermissionImpl) ArrayList(java.util.ArrayList) KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl) KeyValuePermission(ddf.security.permission.KeyValuePermission) Test(org.junit.Test)

Example 3 with KeyValueCollectionPermissionImpl

use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.

the class FilterPluginTest method makeDecision.

public Answer<Boolean> makeDecision() {
    Map<String, List<String>> testRoleMap = new HashMap<>();
    List<String> testRoles = new ArrayList<>();
    testRoles.add("A");
    testRoles.add("B");
    testRoleMap.put("Roles", testRoles);
    final KeyValueCollectionPermission testUserPermission = new KeyValueCollectionPermissionImpl(CollectionPermission.READ_ACTION, testRoleMap);
    return new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) {
            Object[] args = invocation.getArguments();
            Permission incomingPermission = (Permission) args[1];
            return testUserPermission.implies(incomingPermission);
        }
    };
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Answer(org.mockito.stubbing.Answer) InvocationOnMock(org.mockito.invocation.InvocationOnMock) CollectionPermission(ddf.security.permission.CollectionPermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl) List(java.util.List) ArrayList(java.util.ArrayList)

Example 4 with KeyValueCollectionPermissionImpl

use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.

the class XacmlPdpTest method testEnvironmentVariables.

@Test
public void testEnvironmentVariables() {
    RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo(TEST_COUNTRY), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
    List<AttributesType> attributes = request.getAttributes();
    AttributesType environmentAttributes = null;
    for (AttributesType attribute : attributes) {
        if (attribute.getCategory().equals(ENVIRONMENT_CATEGORY)) {
            environmentAttributes = attribute;
        }
    }
    assertNotNull(environmentAttributes);
    assertThat(environmentAttributes.getAttribute().get(0).getAttributeId(), is("item0"));
    assertThat(environmentAttributes.getAttribute().get(0).getAttributeValue().size(), is(1));
    assertThat(environmentAttributes.getAttribute().get(1).getAttributeId(), is("item1"));
    assertThat(environmentAttributes.getAttribute().get(1).getAttributeValue().size(), is(2));
    assertThat(environmentAttributes.getAttribute().get(2).getAttributeId(), is("item2"));
    assertThat(environmentAttributes.getAttribute().get(2).getAttributeValue().size(), is(3));
}
Also used : AttributesType(oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType) KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl) RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType) Test(org.junit.Test)

Example 5 with KeyValueCollectionPermissionImpl

use of ddf.security.permission.impl.KeyValueCollectionPermissionImpl in project ddf by codice.

the class XacmlPdpTest method testActionBadCountry.

@Test
public void testActionBadCountry() {
    RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo("CAN"), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
    assertThat(testRealm.isPermitted(request), equalTo(false));
}
Also used : KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl) RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType) Test(org.junit.Test)

Aggregations

KeyValueCollectionPermissionImpl (ddf.security.permission.impl.KeyValueCollectionPermissionImpl)22 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)16 Test (org.junit.Test)13 ArrayList (java.util.ArrayList)12 RequestType (oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)8 KeyValuePermission (ddf.security.permission.KeyValuePermission)7 List (java.util.List)7 KeyValuePermissionImpl (ddf.security.permission.impl.KeyValuePermissionImpl)6 HashMap (java.util.HashMap)5 CollectionPermission (ddf.security.permission.CollectionPermission)4 Permission (org.apache.shiro.authz.Permission)4 PermissionsImpl (ddf.security.permission.impl.PermissionsImpl)3 PdpException (ddf.security.pdp.realm.xacml.processor.PdpException)2 PolicyExtension (ddf.security.policy.extension.PolicyExtension)2 AuthenticationException (org.apache.shiro.authc.AuthenticationException)2 Subject (ddf.security.Subject)1 SecurityAssertion (ddf.security.assertion.SecurityAssertion)1 Expansion (ddf.security.expansion.Expansion)1 CollectionPermissionImpl (ddf.security.permission.impl.CollectionPermissionImpl)1 MatchOneCollectionPermission (ddf.security.permission.impl.MatchOneCollectionPermission)1