use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.
the class DefaultGroovyScriptServiceTest method testSecurityScriptListValid.
@Test
public void testSecurityScriptListValid() {
String script = "return list;";
groovyScriptService.validateScript(script);
IdmRole role = new IdmRole();
List<IdmRoleGuarantee> guarantees = new ArrayList<>();
guarantees.add(new IdmRoleGuarantee());
role.setGuarantees(guarantees);
role.setName(TEST_ONE);
Object result = groovyScriptService.evaluate(script, ImmutableMap.of("entity", role, "list", guarantees));
assertEquals(role.getGuarantees(), result);
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.
the class UuidEvaluatorUnitTest method testEvaluateReadOnly.
@Test
public void testEvaluateReadOnly() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
UUID uuid = UUID.randomUUID();
IdmRole authorizable = new IdmRole(uuid);
policy.getEvaluatorProperties().put(UuidEvaluator.PARAMETER_UUID, uuid);
policy.setPermissions(IdmBasePermission.READ);
//
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerUnitTest method testGetPermissions.
@Test
public void testGetPermissions() {
when(service.getEnabledPolicies(any(), any())).thenReturn(enabledPolicies);
when(securityService.isAuthenticated()).thenReturn(true);
when(context.getBean(BasePermissionEvaluator.class)).thenReturn(evaluator);
//
Set<String> basePermissions = manager.getPermissions(new IdmRole());
assertEquals(2, basePermissions.size());
assertTrue(basePermissions.contains(IdmBasePermission.READ.getName()));
assertTrue(basePermissions.contains(IdmBasePermission.UPDATE.getName()));
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.
the class DefaultGrantedAuthoritiesFactoryTest method testSystemAdmin.
/**
* System admin have all authorities
*/
@Test
public void testSystemAdmin() {
IdmRole role = new IdmRole();
role.setName("role");
role.setId(UUID.randomUUID());
IdmIdentityDto identity = new IdmIdentityDto();
identity.setId(UUID.randomUUID());
identity.setUsername("admin");
IdmIdentityContractDto contract = new IdmIdentityContractDto();
role.setId(UUID.randomUUID());
contract.setIdentity(identity.getId());
IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
identityRole.setIdentityContract(contract.getId());
identityRole.setRole(role.getId());
List<IdmIdentityRoleDto> roles = Lists.newArrayList();
when(moduleService.getAvailablePermissions()).thenReturn(groupPermissions);
when(identityService.getByUsername(identity.getUsername())).thenReturn(identity);
when(identityRoleService.findValidRole(identity.getId(), null)).thenReturn(new PageImpl<>(new ArrayList<>(roles)));
when(roleService.getSubroles(any(UUID.class))).thenReturn(Lists.newArrayList());
when(authorizationPolicyService.getDefaultAuthorities(any())).thenReturn(Sets.newHashSet(new DefaultGrantedAuthority(IdmGroupPermission.APP, IdmBasePermission.ADMIN), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.READ), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.ADMIN)));
List<GrantedAuthority> grantedAuthorities = defaultGrantedAuthoritiesFactory.getGrantedAuthorities(identity.getUsername());
assertEquals(1, grantedAuthorities.size());
assertEquals(new DefaultGrantedAuthority(IdmGroupPermission.APP, IdmBasePermission.ADMIN), grantedAuthorities.iterator().next());
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRole in project CzechIdMng by bcvsolutions.
the class BasePermissionEvaluatorUnitTest method testEvaluateAdminPermission.
@Test
public void testEvaluateAdminPermission() {
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
UUID uuid = UUID.randomUUID();
IdmRole authorizable = new IdmRole(uuid);
policy.setPermissions(IdmBasePermission.ADMIN);
//
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Aggregations