Search in sources :

Example 21 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class UuidEvaluatorUnitTest method testEvaluateAdminPermission.

@Test
public void testEvaluateAdminPermission() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole(uuid);
    policy.getEvaluatorProperties().put(UuidEvaluator.PARAMETER_UUID, uuid);
    policy.setPermissions(IdmBasePermission.ADMIN);
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest) Test(org.junit.Test)

Example 22 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluatorUnitTest method testEvaluateReadOnly.

@Test
public void testEvaluateReadOnly() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole();
    IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
    guarantee.setGuarantee(new IdmIdentity(uuid));
    authorizable.getGuarantees().add(guarantee);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    when(securityService.getAuthentication()).thenReturn(getAuthentication(uuid));
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 23 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluatorUnitTest method testEvaluateFalse.

@Test
public void testEvaluateFalse() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    IdmRole authorizable = new IdmRole();
    IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
    guarantee.setGuarantee(new IdmIdentity(UUID.randomUUID()));
    authorizable.getGuarantees().add(guarantee);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    when(securityService.getAuthentication()).thenReturn(getAuthentication());
    // 
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 24 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluatorUnitTest method testEvaluateEmptyGuarantee.

@Test
public void testEvaluateEmptyGuarantee() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    IdmRole authorizable = new IdmRole();
    policy.setPermissions(IdmBasePermission.READ);
    // 
    when(securityService.getAuthentication()).thenReturn(getAuthentication());
    // 
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 25 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method createUuidPolicy.

@Override
public IdmAuthorizationPolicyDto createUuidPolicy(UUID role, UUID authorizableEntity, BasePermission... permission) {
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role);
    dto.setEvaluatorType("eu.bcvsolutions.idm.core.security.evaluator.UuidEvaluator");
    dto.getEvaluatorProperties().put("uuid", authorizableEntity);
    dto.setPermissions(permission);
    return authorizationPolicyService.save(dto);
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)

Aggregations

IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)41 Test (org.junit.Test)25 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)23 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)18 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)16 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)14 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)7 AccAccount (eu.bcvsolutions.idm.acc.entity.AccAccount)6 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)5 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)5 UUID (java.util.UUID)5 Transactional (org.springframework.transaction.annotation.Transactional)5 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)4 IdmConfiguration (eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)4 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)4 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)4 LocalDateTime (org.joda.time.LocalDateTime)4 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)3