Search in sources :

Example 11 with IdmRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.

the class DefaultGroovyScriptServiceTest method testSecurityScriptListValid.

@Test
public void testSecurityScriptListValid() {
    String script = "return list;";
    groovyScriptService.validateScript(script);
    IdmRole role = new IdmRole();
    List<IdmRoleGuarantee> guarantees = new ArrayList<>();
    guarantees.add(new IdmRoleGuarantee());
    role.setGuarantees(guarantees);
    role.setName(TEST_ONE);
    Object result = groovyScriptService.evaluate(script, ImmutableMap.of("entity", role, "list", guarantees));
    assertEquals(role.getGuarantees(), result);
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) ArrayList(java.util.ArrayList) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest) Test(org.junit.Test)

Example 12 with IdmRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.

the class UuidEvaluatorUnitTest method testEvaluateReadOnly.

@Test
public void testEvaluateReadOnly() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole(uuid);
    policy.getEvaluatorProperties().put(UuidEvaluator.PARAMETER_UUID, uuid);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest) Test(org.junit.Test)

Example 13 with IdmRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.

the class DefaultAuthorizationManagerUnitTest method testGetPermissions.

@Test
public void testGetPermissions() {
    when(service.getEnabledPolicies(any(), any())).thenReturn(enabledPolicies);
    when(securityService.isAuthenticated()).thenReturn(true);
    when(context.getBean(BasePermissionEvaluator.class)).thenReturn(evaluator);
    // 
    Set<String> basePermissions = manager.getPermissions(new IdmRole());
    assertEquals(2, basePermissions.size());
    assertTrue(basePermissions.contains(IdmBasePermission.READ.getName()));
    assertTrue(basePermissions.contains(IdmBasePermission.UPDATE.getName()));
}
Also used : IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 14 with IdmRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.

the class DefaultGrantedAuthoritiesFactoryTest method testSystemAdmin.

/**
 * System admin have all authorities
 */
@Test
public void testSystemAdmin() {
    IdmRole role = new IdmRole();
    role.setName("role");
    role.setId(UUID.randomUUID());
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setId(UUID.randomUUID());
    identity.setUsername("admin");
    IdmIdentityContractDto contract = new IdmIdentityContractDto();
    role.setId(UUID.randomUUID());
    contract.setIdentity(identity.getId());
    IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
    identityRole.setIdentityContract(contract.getId());
    identityRole.setRole(role.getId());
    List<IdmIdentityRoleDto> roles = Lists.newArrayList();
    when(moduleService.getAvailablePermissions()).thenReturn(groupPermissions);
    when(identityService.getByUsername(identity.getUsername())).thenReturn(identity);
    when(identityRoleService.findValidRole(identity.getId(), null)).thenReturn(new PageImpl<>(new ArrayList<>(roles)));
    when(roleService.getSubroles(any(UUID.class))).thenReturn(Lists.newArrayList());
    when(authorizationPolicyService.getDefaultAuthorities(any())).thenReturn(Sets.newHashSet(new DefaultGrantedAuthority(IdmGroupPermission.APP, IdmBasePermission.ADMIN), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.READ), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.ADMIN)));
    List<GrantedAuthority> grantedAuthorities = defaultGrantedAuthoritiesFactory.getGrantedAuthorities(identity.getUsername());
    assertEquals(1, grantedAuthorities.size());
    assertEquals(new DefaultGrantedAuthority(IdmGroupPermission.APP, IdmBasePermission.ADMIN), grantedAuthorities.iterator().next());
}
Also used : DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) UUID(java.util.UUID) DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 15 with IdmRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.

the class BasePermissionEvaluatorUnitTest method testEvaluateAdminPermission.

@Test
public void testEvaluateAdminPermission() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole(uuid);
    policy.setPermissions(IdmBasePermission.ADMIN);
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest) Test(org.junit.Test)

Aggregations

IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)15 Test (org.junit.Test)13 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)9 IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)7 UUID (java.util.UUID)7 IdmRoleGuarantee (eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee)4 ArrayList (java.util.ArrayList)4 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)3 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)2 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)2 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)2 AbstractVerifiableUnitTest (eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest)2 ImmutableMap (com.google.common.collect.ImmutableMap)1 AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)1 AccountType (eu.bcvsolutions.idm.acc.domain.AccountType)1 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)1 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)1 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)1 SysRoleSystemAttributeDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)1 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)1