use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.
the class UuidEvaluatorUnitTest method testEvaluateAdminPermission.
@Test
public void testEvaluateAdminPermission() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
UUID uuid = UUID.randomUUID();
IdmRole authorizable = new IdmRole(uuid);
policy.getEvaluatorProperties().put(UuidEvaluator.PARAMETER_UUID, uuid);
policy.setPermissions(IdmBasePermission.ADMIN);
//
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.
the class RoleGuaranteeEvaluatorUnitTest method testEvaluateReadOnly.
@Test
public void testEvaluateReadOnly() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
UUID uuid = UUID.randomUUID();
IdmRole authorizable = new IdmRole();
IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
guarantee.setGuarantee(new IdmIdentity(uuid));
authorizable.getGuarantees().add(guarantee);
policy.setPermissions(IdmBasePermission.READ);
//
when(securityService.getAuthentication()).thenReturn(getAuthentication(uuid));
//
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.
the class RoleGuaranteeEvaluatorUnitTest method testEvaluateFalse.
@Test
public void testEvaluateFalse() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
IdmRole authorizable = new IdmRole();
IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
guarantee.setGuarantee(new IdmIdentity(UUID.randomUUID()));
authorizable.getGuarantees().add(guarantee);
policy.setPermissions(IdmBasePermission.READ);
//
when(securityService.getAuthentication()).thenReturn(getAuthentication());
//
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.
the class RoleGuaranteeEvaluatorUnitTest method testEvaluateEmptyGuarantee.
@Test
public void testEvaluateEmptyGuarantee() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
IdmRole authorizable = new IdmRole();
policy.setPermissions(IdmBasePermission.READ);
//
when(securityService.getAuthentication()).thenReturn(getAuthentication());
//
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.
the class DefaultTestHelper method createUuidPolicy.
@Override
public IdmAuthorizationPolicyDto createUuidPolicy(UUID role, UUID authorizableEntity, BasePermission... permission) {
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role);
dto.setEvaluatorType("eu.bcvsolutions.idm.core.security.evaluator.UuidEvaluator");
dto.getEvaluatorProperties().put("uuid", authorizableEntity);
dto.setPermissions(permission);
return authorizationPolicyService.save(dto);
}
Aggregations