Example 41 with GuardedString
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testReadWithPermissions.
@Test
public void testReadWithPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmConfigurationDto> configs = configurationService.find(null, IdmBasePermission.READ).getContent();
assertTrue(configs.contains(publicConfig));
assertFalse(configs.contains(privateConfig));
} finally {
logout();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
IdmConfigurationDto(eu.bcvsolutions.idm.core.api.dto.IdmConfigurationDto)
IdmConfiguration(eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 42 with GuardedString
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testUpdateSecuredWithoutPermissions.
@Test(expected = ForbiddenEntityException.class)
public void testUpdateSecuredWithoutPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
privateConfig.setValue("update");
configurationService.save(privateConfig, IdmBasePermission.UPDATE);
} finally {
logout();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
IdmConfiguration(eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 43 with GuardedString
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class IdentityTransitiveEvaluatorsIntegrationTest method prepareIdentityProfile.
private IdmIdentityDto prepareIdentityProfile() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// get default role
IdmRoleDto role = roleService.getByCode(InitDemoData.DEFAULT_ROLE_NAME);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identity = identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
return identity;
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Example 44 with GuardedString
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class RoleForRequestEvaluatorIntegrationTest method createUser.
private IdmIdentityDto createUser(String name, String password, IdmRoleDto... roles) {
IdmIdentityDto identity = new IdmIdentityDto();
identity.setEmail(RandomStringUtils.randomAlphabetic(10) + "@email.com");
identity.setLastName(name);
identity.setFirstName(name);
identity.setUsername(name);
identity.setPassword(new GuardedString(password));
final IdmIdentityDto result = identityService.save(identity);
//
IdmIdentityContractDto contract = createContract(result);
assignRoles(contract, roles);
//
return result;
}
Also used :
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Example 45 with GuardedString
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class DefaultRecaptchaServiceUnitTest method testNotValid2.
@Test()
public void testNotValid2() {
RecaptchaResponse response = getRecaptchaResponse(TEST_HOSTNAME, false, "a");
when(config.getSecretKey()).thenReturn(new GuardedString(TEST_SECRET_KEY));
when(template.postForEntity(anyString(), any(), eq(RecaptchaResponse.class))).thenReturn(getResponse(response, HttpStatus.OK));
try {
service.checkRecaptcha(getRecaptchaRequest(TEST_REMOTE_IP, TEST_REQUEST));
} catch (ResultCodeException O_o) {
Assert.assertEquals(O_o.getStatus(), CoreResultCode.RECAPTCHA_CHECK_FAILED.getStatus());
}
verify(template).postForEntity(anyString(), any(), eq(RecaptchaResponse.class));
verifyNoMoreInteractions(template);
}
Also used :
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
RecaptchaTestUtil.getRecaptchaResponse(eu.bcvsolutions.idm.core.security.service.impl.RecaptchaTestUtil.getRecaptchaResponse)
RecaptchaResponse(eu.bcvsolutions.idm.core.security.api.dto.RecaptchaResponse)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
Test(org.junit.Test)
AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)
Aggregations
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)97
Test (org.junit.Test)61
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)59
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)49
LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)40
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)30
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)26
PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)20
ArrayList (java.util.ArrayList)13
IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)11
IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)11
AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)10
AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)9
HashMap (java.util.HashMap)9
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)8
Transactional (org.springframework.transaction.annotation.Transactional)8
ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)7
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)7
IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)7
List (java.util.List)7
