Examples with IdmAuthorizationPolicyDto eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto used on opensource projects

Search in sources :

Example 31 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class AbstractIdentityAuthoritiesProcessorTest method getTestPolicy.

protected IdmAuthorizationPolicyDto getTestPolicy(IdmRoleDto role, BasePermission base, GroupPermission group) {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    policy.setGroupPermission(group.getName());
    policy.setPermissions(base);
    policy.setRole(role.getId());
    policy.setEvaluator(BasePermissionEvaluator.class);
    return authorizationPolicyService.get(authorizationPolicyService.save(policy).getId());
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)

Example 32 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class CodeableEvaluatorIntegrationTest method testPermissionByWrongUuid.

@Test
public void testPermissionByWrongUuid() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // prepare role
    IdmRoleDto role = helper.createRole();
    // 
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role.getId());
    dto.setEvaluator(CodeableEvaluator.class);
    dto.setGroupPermission(CoreGroupPermission.ROLE.getName());
    dto.setAuthorizableType(IdmRole.class.getCanonicalName());
    dto.getEvaluatorProperties().put(CodeableEvaluator.PARAMETER_IDENTIFIER, "wrong");
    dto.setPermissions(IdmBasePermission.READ);
    authorizationPolicyService.save(dto);
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        // 
        // evaluate	access
        assertEquals(0, roleService.find(null, IdmBasePermission.READ).getTotalElements());
        ;
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 33 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class ConfigurationEvaluatorIntegrationTest method testUpdateWithoutPermissions.

@Test(expected = ForbiddenEntityException.class)
public void testUpdateWithoutPermissions() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // prepare role
    IdmRoleDto role = helper.createRole();
    // 
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role.getId());
    dto.setEvaluator(ConfigurationEvaluator.class);
    dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
    dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
    dto.setPermissions(IdmBasePermission.READ);
    authorizationPolicyService.save(dto);
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        // 
        publicConfig.setValue("update");
        configurationService.save(publicConfig, IdmBasePermission.UPDATE);
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmConfiguration(eu.bcvsolutions.idm.core.model.entity.IdmConfiguration) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 34 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class UuidEvaluatorUnitTest method testEvaluateReadOnly.

@Test
public void testEvaluateReadOnly() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole(uuid);
    policy.getEvaluatorProperties().put(UuidEvaluator.PARAMETER_UUID, uuid);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest) Test(org.junit.Test)

Example 35 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class RoleForRequestEvaluatorIntegrationTest method createPolicy.

private IdmAuthorizationPolicyDto createPolicy(UUID roleId, IdmBasePermission... permissions) {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    // add autocomplete data access
    policy.setPermissions(permissions);
    policy.setGroupPermission(CoreGroupPermission.ROLE.getName());
    policy.setAuthorizableType(IdmRole.class.getCanonicalName());
    policy.setRole(roleId);
    policy.setEvaluator(RoleCanBeRequestedEvaluator.class);
    return authorizationPolicyService.save(policy);
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole)

Aggregations

IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)41 Test (org.junit.Test)25 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)23 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)18 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)16 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)14 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)7 AccAccount (eu.bcvsolutions.idm.acc.entity.AccAccount)6 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)5 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)5 UUID (java.util.UUID)5 Transactional (org.springframework.transaction.annotation.Transactional)5 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)4 IdmConfiguration (eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)4 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)4 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)4 LocalDateTime (org.joda.time.LocalDateTime)4 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial