Examples with IdmRoleGuarantee eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee used on opensource projects

Search in sources :

Example 1 with IdmRoleGuarantee

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluator method getPredicate.

@Override
public Predicate getPredicate(Root<IdmRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, AuthorizationPolicy policy, BasePermission... permission) {
    AbstractAuthentication authentication = securityService.getAuthentication();
    if (authentication == null || authentication.getCurrentIdentity() == null) {
        return null;
    }
    // 
    if (hasPermission(policy, permission)) {
        Subquery<IdmRoleGuarantee> subquery = query.subquery(IdmRoleGuarantee.class);
        Root<IdmRoleGuarantee> subRoot = subquery.from(IdmRoleGuarantee.class);
        subquery.select(subRoot);
        subquery.where(builder.and(// correlation attr
        builder.equal(subRoot.get(IdmRoleGuarantee_.role), root), builder.equal(subRoot.get(IdmRoleGuarantee_.guarantee).get(AbstractEntity_.id), authentication.getCurrentIdentity().getId())));
        return builder.exists(subquery);
    }
    return null;
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) AbstractAuthentication(eu.bcvsolutions.idm.core.security.api.domain.AbstractAuthentication)

Example 2 with IdmRoleGuarantee

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluatorUnitTest method testEvaluateReadOnly.

@Test
public void testEvaluateReadOnly() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    UUID uuid = UUID.randomUUID();
    IdmRole authorizable = new IdmRole();
    IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
    guarantee.setGuarantee(new IdmIdentity(uuid));
    authorizable.getGuarantees().add(guarantee);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    when(securityService.getAuthentication()).thenReturn(getAuthentication(uuid));
    // 
    assertTrue(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 3 with IdmRoleGuarantee

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee in project CzechIdMng by bcvsolutions.

the class RoleGuaranteeEvaluatorUnitTest method testEvaluateFalse.

@Test
public void testEvaluateFalse() {
    IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
    IdmRole authorizable = new IdmRole();
    IdmRoleGuarantee guarantee = new IdmRoleGuarantee();
    guarantee.setGuarantee(new IdmIdentity(UUID.randomUUID()));
    authorizable.getGuarantees().add(guarantee);
    policy.setPermissions(IdmBasePermission.READ);
    // 
    when(securityService.getAuthentication()).thenReturn(getAuthentication());
    // 
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.READ));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.UPDATE));
    assertFalse(evaluator.evaluate(authorizable, policy, IdmBasePermission.ADMIN));
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 4 with IdmRoleGuarantee

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee in project CzechIdMng by bcvsolutions.

the class DefaultGroovyScriptServiceTest method testSecurityScriptListDeepUnvalid.

@Test(expected = IdmSecurityException.class)
public void testSecurityScriptListDeepUnvalid() {
    String script = "return entity.guarantees.get(0);";
    groovyScriptService.validateScript(script);
    IdmRole role = new IdmRole();
    List<IdmRoleGuarantee> guarantees = new ArrayList<>();
    guarantees.add(new IdmRoleGuarantee());
    role.setGuarantees(guarantees);
    role.setName(TEST_ONE);
    groovyScriptService.evaluate(script, ImmutableMap.of("entity", role));
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) ArrayList(java.util.ArrayList) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest) Test(org.junit.Test)

Example 5 with IdmRoleGuarantee

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee in project CzechIdMng by bcvsolutions.

the class DefaultGroovyScriptServiceTest method testSecurityScriptListValid.

@Test
public void testSecurityScriptListValid() {
    String script = "return list;";
    groovyScriptService.validateScript(script);
    IdmRole role = new IdmRole();
    List<IdmRoleGuarantee> guarantees = new ArrayList<>();
    guarantees.add(new IdmRoleGuarantee());
    role.setGuarantees(guarantees);
    role.setName(TEST_ONE);
    Object result = groovyScriptService.evaluate(script, ImmutableMap.of("entity", role, "list", guarantees));
    assertEquals(role.getGuarantees(), result);
}
Also used : IdmRoleGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee) ArrayList(java.util.ArrayList) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest) Test(org.junit.Test)

Aggregations

IdmRoleGuarantee (eu.bcvsolutions.idm.core.model.entity.IdmRoleGuarantee)6 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)4 Test (org.junit.Test)4 IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)2 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)2 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)2 AbstractVerifiableUnitTest (eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest)2 ArrayList (java.util.ArrayList)2 IdmRoleCatalogue (eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogue)1 IdmRoleCatalogueRole (eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole)1 AbstractAuthentication (eu.bcvsolutions.idm.core.security.api.domain.AbstractAuthentication)1 UUID (java.util.UUID)1 Predicate (javax.persistence.criteria.Predicate)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial