use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testReadSecuredWithPermissions.
@Test
public void testReadSecuredWithPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.getEvaluatorProperties().put(ConfigurationEvaluator.PARAMETER_SECURED, Boolean.TRUE.toString());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmConfigurationDto> configs = configurationService.find(null, IdmBasePermission.READ).getContent();
assertTrue(configs.contains(publicConfig));
assertTrue(configs.contains(privateConfig));
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testReadWithPermissions.
@Test
public void testReadWithPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.setPermissions(IdmBasePermission.READ);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
List<IdmConfigurationDto> configs = configurationService.find(null, IdmBasePermission.READ).getContent();
assertTrue(configs.contains(publicConfig));
assertFalse(configs.contains(privateConfig));
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class ConfigurationEvaluatorIntegrationTest method testUpdateSecuredWithoutPermissions.
@Test(expected = ForbiddenEntityException.class)
public void testUpdateSecuredWithoutPermissions() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// prepare role
IdmRoleDto role = helper.createRole();
//
IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
dto.setRole(role.getId());
dto.setEvaluator(ConfigurationEvaluator.class);
dto.setGroupPermission(CoreGroupPermission.CONFIGURATION.getName());
dto.setAuthorizableType(IdmConfiguration.class.getCanonicalName());
dto.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE);
authorizationPolicyService.save(dto);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
privateConfig.setValue("update");
configurationService.save(privateConfig, IdmBasePermission.UPDATE);
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class IdentityTransitiveEvaluatorsIntegrationTest method testReadProfile.
@Test
public void testReadProfile() {
IdmIdentityDto identity = prepareIdentityProfile();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
IdmIdentityDto read = identityService.get(identity.getId(), IdmBasePermission.READ);
assertEquals(identity, read);
//
List<IdmIdentityContractDto> contracts = identityContractService.find(null, IdmBasePermission.READ).getContent();
assertEquals(1, contracts.size());
IdmIdentityContractDto contract = contracts.get(0);
assertEquals(identity.getId(), contract.getIdentity());
//
List<IdmIdentityRoleDto> roles = identityRoleService.find(null, IdmBasePermission.READ).getContent();
assertEquals(1, roles.size());
assertEquals(contract.getId(), roles.get(0).getIdentityContract());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class IdentityTransitiveEvaluatorsIntegrationTest method testReadForUpdateProfile.
@Test(expected = ForbiddenEntityException.class)
public void testReadForUpdateProfile() {
IdmIdentityDto identity = prepareIdentityProfile();
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
identityService.get(identity.getId(), IdmBasePermission.UPDATE);
} finally {
logout();
}
}
Aggregations