use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleServiceIntegrationTest method testReferentialIntegrity.
@Test
public void testReferentialIntegrity() {
IdmIdentityDto identity = new IdmIdentityDto();
String username = "delete_test_" + System.currentTimeMillis();
identity.setUsername(username);
// confidential storage
identity.setPassword(new GuardedString("heslo"));
identity.setFirstName("Test");
identity.setLastName("Identity");
identity = identityService.save(identity);
// role
IdmRoleDto role = new IdmRoleDto();
String roleName = "test_r_" + System.currentTimeMillis();
role.setName(roleName);
IdmRoleGuaranteeDto roleGuarantee = new IdmRoleGuaranteeDto();
roleGuarantee.setRole(role.getId());
roleGuarantee.setGuarantee(identity.getId());
role.setGuarantees(Lists.newArrayList(roleGuarantee));
role = roleService.save(role);
assertNotNull(roleService.getByCode(roleName));
assertEquals(1, roleGuaranteeRepository.findAllByRole_Id(role.getId()).size());
roleService.delete(role);
assertNull(roleService.getByCode(roleName));
assertEquals(0, roleGuaranteeRepository.findAllByRole_Id(role.getId()).size());
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class CodeableEvaluatorIntegrationTest method testPermissionByUuid.
@Test
public void testPermissionByUuid() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(CodeableEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.ROLE.getName());
dto.setAuthorizableType(IdmRole.class.getCanonicalName());
dto.getEvaluatorProperties().put(CodeableEvaluator.PARAMETER_IDENTIFIER, role.getId().toString());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmRoleDto> roles = roleService.find(null, IdmBasePermission.READ).getContent();
assertEquals(1, roles.size());
assertEquals(role.getId(), roles.get(0).getId());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class CodeableEvaluatorIntegrationTest method testPermissionByCode.
@Test
public void testPermissionByCode() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(CodeableEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.ROLE.getName());
dto.setAuthorizableType(IdmRole.class.getCanonicalName());
dto.getEvaluatorProperties().put(CodeableEvaluator.PARAMETER_IDENTIFIER, role.getCode());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmRoleDto> roles = roleService.find(null, IdmBasePermission.READ).getContent();
assertEquals(1, roles.size());
assertEquals(role.getId(), roles.get(0).getId());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testReadWithoutPermissions.
@Test
public void testReadWithoutPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
//
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
assertEquals(0, configurationService.find(null, IdmBasePermission.READ).getTotalElements());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testReadSecuredWithPermissions.
@Test
public void testReadSecuredWithPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.getEvaluatorProperties().put(ConfigurationEvaluator.PARAMETER_SECURED, Boolean.TRUE.toString());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmConfigurationDto> configs = configurationService.find(null, IdmBasePermission.READ).getContent();
assertTrue(configs.contains(publicConfig));
assertTrue(configs.contains(privateConfig));
} finally {
logout();
}
}
Aggregations