Search in sources :

Example 81 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class ConfigurationEvaluatorIntegrationTest method testReadWithPermissions.

@Test
public void testReadWithPermissions() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // prepare role
    IdmRoleDto role = helper.createRole();
    // 
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role.getId());
    dto.setEvaluator(ConfigurationEvaluator.class);
    dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
    dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
    dto.setPermissions(IdmBasePermission.READ);
    authorizationPolicyService.save(dto);
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        // 
        // evaluate	access
        List<IdmConfigurationDto> configs = configurationService.find(null, IdmBasePermission.READ).getContent();
        assertTrue(configs.contains(publicConfig));
        assertFalse(configs.contains(privateConfig));
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmConfigurationDto(eu.bcvsolutions.idm.core.api.dto.IdmConfigurationDto) IdmConfiguration(eu.bcvsolutions.idm.core.model.entity.IdmConfiguration) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 82 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class ConfigurationEvaluatorIntegrationTest method testUpdateSecuredWithoutPermissions.

@Test(expected = ForbiddenEntityException.class)
public void testUpdateSecuredWithoutPermissions() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // prepare role
    IdmRoleDto role = helper.createRole();
    // 
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role.getId());
    dto.setEvaluator(ConfigurationEvaluator.class);
    dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
    dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
    dto.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE);
    authorizationPolicyService.save(dto);
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        // 
        privateConfig.setValue("update");
        configurationService.save(privateConfig, IdmBasePermission.UPDATE);
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmConfiguration(eu.bcvsolutions.idm.core.model.entity.IdmConfiguration) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 83 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityTransitiveEvaluatorsIntegrationTest method prepareIdentityProfile.

private IdmIdentityDto prepareIdentityProfile() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // get default role
    IdmRoleDto role = roleService.getByCode(InitDemoData.DEFAULT_ROLE_NAME);
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identity = identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    return identity;
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 84 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class RoleRequestByIdentityEvaluatorIntegrationTest method testCannotReadRoleRequestByIdentity.

@Test(expected = ForbiddenEntityException.class)
public void testCannotReadRoleRequestByIdentity() {
    IdmIdentityDto identityOne = helper.createIdentity();
    IdmIdentityDto identityTwo = helper.createIdentity();
    // 
    IdmRoleDto role = helper.createRole();
    helper.createIdentityRole(identityTwo, role);
    IdmRoleRequestDto roleRequest = helper.assignRoles(helper.getPrimeContract(identityOne.getId()), role);
    // 
    try {
        loginService.login(new LoginDto(identityTwo.getUsername(), identityTwo.getPassword()));
        // 
        roleRequestService.get(roleRequest.getId(), IdmBasePermission.READ);
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 85 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class RoleRequestByIdentityEvaluatorIntegrationTest method testCreateRoleRequestForOtherIdentity.

@Test
public void testCreateRoleRequestForOtherIdentity() {
    IdmIdentityDto identityOne = helper.createIdentity();
    IdmIdentityDto identityTwo = helper.createIdentity();
    // create policy
    IdmRoleDto role = helper.createRole();
    helper.createUuidPolicy(role.getId(), identityTwo.getId(), IdentityBasePermission.CHANGEPERMISSION);
    helper.createIdentityRole(identityOne, role);
    // assign default role
    helper.createIdentityRole(identityOne, roleService.getByCode(InitDemoData.DEFAULT_ROLE_NAME));
    // 
    try {
        loginService.login(new LoginDto(identityOne.getUsername(), identityOne.getPassword()));
        // 
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setApplicant(identityTwo.getId());
        roleRequest.setRequestedByType(RoleRequestedByType.MANUALLY);
        roleRequest = roleRequestService.save(roleRequest, IdmBasePermission.CREATE);
        // 
        Assert.notNull(roleRequest.getId());
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Aggregations

IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)288 Test (org.junit.Test)227 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)209 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)159 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)99 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)74 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)51 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)50 ArrayList (java.util.ArrayList)50 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)45 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)44 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)44 List (java.util.List)40 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)36 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)35 UUID (java.util.UUID)35 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)32 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)32