Example 11 with PermissionsImpl
use of ddf.security.permission.impl.PermissionsImpl in project ddf by codice.
the class OperationPluginTest method makeDecision.
private Answer<Boolean> makeDecision() {
Map<String, List<String>> testRoleMap = new HashMap<String, List<String>>();
List<String> testRoles = new ArrayList<String>();
testRoles.add("A");
testRoles.add("B");
testRoleMap.put("Roles", testRoles);
final KeyValueCollectionPermission testUserPermission = new PermissionsImpl().buildKeyValueCollectionPermission(CollectionPermission.READ_ACTION, testRoleMap);
return new Answer<Boolean>() {
@Override
public Boolean answer(InvocationOnMock invocation) {
Object[] args = invocation.getArguments();
Permission incomingPermission = (Permission) args[1];
return testUserPermission.implies(incomingPermission);
}
};
}
Also used :
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Answer(org.mockito.stubbing.Answer)
PermissionsImpl(ddf.security.permission.impl.PermissionsImpl)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
CollectionPermission(ddf.security.permission.CollectionPermission)
Permission(org.apache.shiro.authz.Permission)
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 12 with PermissionsImpl
use of ddf.security.permission.impl.PermissionsImpl in project ddf by codice.
the class FilterPluginTest method testPluginFilterResourceNoStrategiesBad.
@Test(expected = StopProcessingException.class)
public void testPluginFilterResourceNoStrategiesBad() throws StopProcessingException {
plugin = new FilterPlugin(new Security());
plugin.setPermissions(new PermissionsImpl());
plugin.processPostResource(resourceResponse, getMoreRolesMetacard());
}
Also used :
FilterPlugin(ddf.catalog.security.filter.plugin.FilterPlugin)
PermissionsImpl(ddf.security.permission.impl.PermissionsImpl)
Security(org.codice.ddf.security.impl.Security)
Test(org.junit.Test)
Example 13 with PermissionsImpl
use of ddf.security.permission.impl.PermissionsImpl in project ddf by codice.
the class FilterPluginTest method setup.
@Before
public void setup() {
AuthorizingRealm realm = mock(AuthorizingRealm.class);
when(realm.getName()).thenReturn("mockRealm");
when(realm.isPermitted(any(PrincipalCollection.class), any(Permission.class))).then(makeDecision());
Collection<org.apache.shiro.realm.Realm> realms = new ArrayList<>();
realms.add(realm);
DefaultSecurityManager manager = new DefaultSecurityManager();
manager.setRealms(realms);
SimplePrincipalCollection principalCollection = new SimplePrincipalCollection(new Principal() {
@Override
public String getName() {
return "testuser";
}
}, realm.getName());
Subject systemSubject = new MockSubject(manager, principalCollection);
plugin = new FilterPlugin(new Security()) {
@Override
protected Subject getSystemSubject() {
return systemSubject;
}
};
plugin.setPermissions(new PermissionsImpl());
plugin.setSubjectOperations(new SubjectUtils());
plugin.setSecurityLogger(mock(SecurityLogger.class));
QueryRequestImpl request = getSampleRequest();
Map<String, Serializable> properties = new HashMap<>();
Subject subject = new MockSubject(manager, principalCollection);
properties.put(SecurityConstants.SECURITY_SUBJECT, subject);
request.setProperties(properties);
incomingResponse = new QueryResponseImpl(request);
ResourceRequest resourceRequest = mock(ResourceRequest.class);
when(resourceRequest.getProperties()).thenReturn(properties);
resourceResponse = new ResourceResponseImpl(resourceRequest, mock(Resource.class));
resourceResponse.setProperties(properties);
DeleteRequest deleteRequest = mock(DeleteRequest.class);
when(deleteRequest.getProperties()).thenReturn(properties);
List<Metacard> deletedMetacards = new ArrayList<>();
deletedMetacards.add(getExactRolesMetacard());
deleteResponse = new DeleteResponseImpl(deleteRequest, properties, deletedMetacards);
List<Metacard> badDeletedMetacards = new ArrayList<>();
badDeletedMetacards.add(getMoreRolesMetacard());
badDeleteResponse = new DeleteResponseImpl(deleteRequest, properties, badDeletedMetacards);
createRequest = new CreateRequestImpl(getExactRolesMetacard());
createRequest.setProperties(properties);
badCreateRequest = new CreateRequestImpl(getMoreRolesMetacard());
badCreateRequest.setProperties(properties);
updateRequest = new UpdateRequestImpl(getExactRolesMetacard().getId(), getExactRolesMetacard());
updateRequest.setProperties(properties);
ResultImpl result1 = new ResultImpl(getMoreRolesMetacard());
ResultImpl result2 = new ResultImpl(getMissingRolesMetacard());
ResultImpl result3 = new ResultImpl(getExactRolesMetacard());
ResultImpl result4 = new ResultImpl(getNoRolesMetacard());
ResultImpl result5 = new ResultImpl(getNoSecurityAttributeMetacard());
incomingResponse.addResult(result1, false);
incomingResponse.addResult(result2, false);
incomingResponse.addResult(result3, false);
incomingResponse.addResult(result4, false);
incomingResponse.addResult(result5, true);
}
Also used :
SubjectUtils(ddf.security.service.impl.SubjectUtils)
Serializable(java.io.Serializable)
FilterPlugin(ddf.catalog.security.filter.plugin.FilterPlugin)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
ResultImpl(ddf.catalog.data.impl.ResultImpl)
Security(org.codice.ddf.security.impl.Security)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
PermissionsImpl(ddf.security.permission.impl.PermissionsImpl)
CollectionPermission(ddf.security.permission.CollectionPermission)
Permission(org.apache.shiro.authz.Permission)
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
ResourceResponseImpl(ddf.catalog.operation.impl.ResourceResponseImpl)
DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)
DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject)
Subject(ddf.security.Subject)
QueryResponseImpl(ddf.catalog.operation.impl.QueryResponseImpl)
Metacard(ddf.catalog.data.Metacard)
DeleteResponseImpl(ddf.catalog.operation.impl.DeleteResponseImpl)
QueryRequestImpl(ddf.catalog.operation.impl.QueryRequestImpl)
CreateRequestImpl(ddf.catalog.operation.impl.CreateRequestImpl)
ResourceRequest(ddf.catalog.operation.ResourceRequest)
UpdateRequestImpl(ddf.catalog.operation.impl.UpdateRequestImpl)
DeleteRequest(ddf.catalog.operation.DeleteRequest)
Principal(java.security.Principal)
SecurityLogger(ddf.security.audit.SecurityLogger)
Before(org.junit.Before)
Example 14 with PermissionsImpl
use of ddf.security.permission.impl.PermissionsImpl in project ddf by codice.
the class ConfluenceSourceTest method setup.
@Before
public void setup() {
MetacardType type = new MetacardTypeImpl("confluence", MetacardImpl.BASIC_METACARD.getAttributeDescriptors());
transformer = new ConfluenceInputTransformer(type, Collections.emptyList());
encryptionService = mock(EncryptionService.class);
reader = mock(ResourceReader.class);
factory = mock(SecureCxfClientFactory.class);
clientBuilderFactory = mock(ClientBuilderFactory.class);
client = mock(SearchResource.class);
registry = mock(AttributeRegistry.class);
clientResponse = mock(Response.class);
when(factory.getClient()).thenReturn(client);
doReturn(clientResponse).when(client).search(anyString(), isNull(), isNull(), anyString(), anyInt(), anyInt(), anyBoolean());
when(encryptionService.decryptValue(anyString())).thenReturn("decryptedPass");
when(registry.lookup("attrib1")).thenReturn(Optional.of(new AttributeDescriptorImpl("attrib1", true, true, true, false, BasicTypes.STRING_TYPE)));
when(registry.lookup("attrib2")).thenReturn(Optional.of(new AttributeDescriptorImpl("attrib2", true, true, true, true, BasicTypes.STRING_TYPE)));
confluence = new TestConfluenceSource(adapter, encryptionService, transformer, reader, registry, factory, clientBuilderFactory);
confluence.setSecurityLogger(mock(SecurityLogger.class));
confluence.setPermissions(new PermissionsImpl());
confluence.setAvailabilityPollInterval(1);
confluence.setConfigurationPid("configPid");
confluence.setEndpointUrl("https://confluence/rest/api/content");
confluence.setExpandedSections(Collections.singletonList("expandedField"));
confluence.setUsername("username");
confluence.setPassword("password");
confluence.setIncludeArchivedSpaces(false);
List<String> additionalAttributes = new ArrayList<>();
additionalAttributes.add("attrib1=val1");
additionalAttributes.add("attrib2=val1,val2,val3");
confluence.setAttributeOverrides(additionalAttributes);
}
Also used :
ResourceReader(ddf.catalog.resource.ResourceReader)
SecureCxfClientFactory(org.codice.ddf.cxf.client.SecureCxfClientFactory)
ClientBuilderFactory(org.codice.ddf.cxf.client.ClientBuilderFactory)
ArrayList(java.util.ArrayList)
MetacardTypeImpl(ddf.catalog.data.impl.MetacardTypeImpl)
AttributeDescriptorImpl(ddf.catalog.data.impl.AttributeDescriptorImpl)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
SearchResource(org.codice.ddf.confluence.api.SearchResource)
MetacardType(ddf.catalog.data.MetacardType)
Response(javax.ws.rs.core.Response)
SourceResponse(ddf.catalog.operation.SourceResponse)
AttributeRegistry(ddf.catalog.data.AttributeRegistry)
EncryptionService(ddf.security.encryption.EncryptionService)
PermissionsImpl(ddf.security.permission.impl.PermissionsImpl)
SecurityLogger(ddf.security.audit.SecurityLogger)
Before(org.junit.Before)
Example 15 with PermissionsImpl
use of ddf.security.permission.impl.PermissionsImpl in project ddf by codice.
the class CatalogFrameworkImplTest method createFramework.
private CatalogFrameworkImpl createFramework(FrameworkProperties frameworkProperties) {
final SourcePoller<SourceStatus> mockStatusSourcePoller = mock(SourcePoller.class);
doAnswer(invocationOnMock -> Optional.of(((Source) invocationOnMock.getArguments()[0]).isAvailable() ? SourceStatus.AVAILABLE : SourceStatus.UNAVAILABLE)).when(mockStatusSourcePoller).getCachedValueForSource(any(Source.class));
final SourcePoller<Set<ContentType>> mockContentTypesSourcePoller = mock(SourcePoller.class);
doAnswer(invocationOnMock -> Optional.of(((Source) invocationOnMock.getArguments()[0]).getContentTypes())).when(mockContentTypesSourcePoller).getCachedValueForSource(any(Source.class));
OperationsSecuritySupport opsSecurity = new OperationsSecuritySupport();
MetacardFactory metacardFactory = new MetacardFactory(frameworkProperties.getMimeTypeToTransformerMapper(), uuidGenerator);
OperationsMetacardSupport opsMetacard = new OperationsMetacardSupport(frameworkProperties, metacardFactory);
SourceOperations sourceOperations = new SourceOperations(frameworkProperties, mock(ActionRegistry.class), mockStatusSourcePoller, mockContentTypesSourcePoller);
QueryOperations queryOperations = new QueryOperations(frameworkProperties, sourceOperations, opsSecurity, opsMetacard);
queryOperations.setSecurityLogger(mock(SecurityLogger.class));
queryOperations.setPermissions(new PermissionsImpl());
OperationsStorageSupport opsStorage = new OperationsStorageSupport(sourceOperations, queryOperations);
OperationsCatalogStoreSupport opsCatStore = new OperationsCatalogStoreSupport(frameworkProperties, sourceOperations);
CreateOperations createOperations = new CreateOperations(frameworkProperties, queryOperations, sourceOperations, opsSecurity, opsMetacard, opsCatStore, opsStorage);
UpdateOperations updateOperations = new UpdateOperations(frameworkProperties, queryOperations, sourceOperations, opsSecurity, opsMetacard, opsCatStore, opsStorage);
DeleteOperations deleteOperations = new DeleteOperations(frameworkProperties, queryOperations, sourceOperations, opsSecurity, opsMetacard);
ResourceOperations resourceOperations = new ResourceOperations(frameworkProperties, queryOperations, opsSecurity);
TransformOperations transformOperations = new TransformOperations(frameworkProperties);
Historian historian = new Historian();
historian.setHistoryEnabled(false);
updateOperations.setHistorian(historian);
deleteOperations.setHistorian(historian);
CatalogFrameworkImpl catalogFramework = new CatalogFrameworkImpl(createOperations, updateOperations, deleteOperations, queryOperations, resourceOperations, sourceOperations, transformOperations);
// Conditionally bind objects if framework properties are setup
if (CollectionUtils.isNotEmpty(frameworkProperties.getCatalogProviders())) {
sourceOperations.bind(provider);
}
if (CollectionUtils.isNotEmpty(frameworkProperties.getStorageProviders())) {
sourceOperations.bind(storageProvider);
}
return catalogFramework;
}
Also used :
OperationsCatalogStoreSupport(ddf.catalog.impl.operations.OperationsCatalogStoreSupport)
Set(java.util.Set)
HashSet(java.util.HashSet)
SourceOperations(ddf.catalog.impl.operations.SourceOperations)
SourceStatus(org.codice.ddf.catalog.sourcepoller.SourceStatus)
ResourceOperations(ddf.catalog.impl.operations.ResourceOperations)
RemoteDeleteOperations(ddf.catalog.impl.operations.RemoteDeleteOperations)
DeleteOperations(ddf.catalog.impl.operations.DeleteOperations)
ActionRegistry(ddf.action.ActionRegistry)
TransformOperations(ddf.catalog.impl.operations.TransformOperations)
Source(ddf.catalog.source.Source)
ByteSource(com.google.common.io.ByteSource)
FederatedSource(ddf.catalog.source.FederatedSource)
MetacardFactory(ddf.catalog.impl.operations.MetacardFactory)
OperationsStorageSupport(ddf.catalog.impl.operations.OperationsStorageSupport)
QueryOperations(ddf.catalog.impl.operations.QueryOperations)
UpdateOperations(ddf.catalog.impl.operations.UpdateOperations)
PermissionsImpl(ddf.security.permission.impl.PermissionsImpl)
OperationsSecuritySupport(ddf.catalog.impl.operations.OperationsSecuritySupport)
CreateOperations(ddf.catalog.impl.operations.CreateOperations)
Historian(ddf.catalog.history.Historian)
OperationsMetacardSupport(ddf.catalog.impl.operations.OperationsMetacardSupport)
SecurityLogger(ddf.security.audit.SecurityLogger)
Aggregations
PermissionsImpl (ddf.security.permission.impl.PermissionsImpl)17
ArrayList (java.util.ArrayList)8
Test (org.junit.Test)8
KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)7
SecurityLogger (ddf.security.audit.SecurityLogger)6
Before (org.junit.Before)5
FilterPlugin (ddf.catalog.security.filter.plugin.FilterPlugin)4
ByteSource (com.google.common.io.ByteSource)3
Metacard (ddf.catalog.data.Metacard)3
QueryOperations (ddf.catalog.impl.operations.QueryOperations)3
ResourceOperations (ddf.catalog.impl.operations.ResourceOperations)3
SourceOperations (ddf.catalog.impl.operations.SourceOperations)3
ResourceRequest (ddf.catalog.operation.ResourceRequest)3
FederatedSource (ddf.catalog.source.FederatedSource)3
Source (ddf.catalog.source.Source)3
HashMap (java.util.HashMap)3
HashSet (java.util.HashSet)3
Set (java.util.Set)3
SourceStatus (org.codice.ddf.catalog.sourcepoller.SourceStatus)3
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3
