Search in sources :

Example 1 with SecurityProvider

use of io.crnk.core.engine.security.SecurityProvider in project crnk-framework by crnk-project.

the class CrnkFeatureTest method testSecurityRegistration.

private void testSecurityRegistration(boolean enabled) {
    CrnkFeature feature = new CrnkFeature();
    feature.setSecurityEnabled(enabled);
    feature.securityContext = Mockito.mock(SecurityContext.class);
    FeatureContext context = Mockito.mock(FeatureContext.class);
    Mockito.when(context.getConfiguration()).thenReturn(Mockito.mock(Configuration.class));
    feature.configure(context);
    CrnkBoot boot = feature.getBoot();
    if (enabled) {
        SecurityProvider securityProvider = boot.getModuleRegistry().getSecurityProvider();
        Assert.assertNotNull(securityProvider);
    } else {
        try {
            Assert.assertNull(boot.getModuleRegistry().getSecurityProvider());
            Assert.fail();
        } catch (IllegalStateException e) {
            Assert.assertTrue(e.getMessage().contains("exactly one security provide must be installed"));
        }
    }
}
Also used : CrnkBoot(io.crnk.core.boot.CrnkBoot) Configuration(javax.ws.rs.core.Configuration) SecurityContext(javax.ws.rs.core.SecurityContext) SecurityProvider(io.crnk.core.engine.security.SecurityProvider) FeatureContext(javax.ws.rs.core.FeatureContext)

Example 2 with SecurityProvider

use of io.crnk.core.engine.security.SecurityProvider in project crnk-framework by crnk-project.

the class JaxrsModuleTest method checkSecurityProviderRegistered.

@Test
public void checkSecurityProviderRegistered() {
    SecurityContext securityContext = Mockito.mock(SecurityContext.class);
    JaxrsModule module = new JaxrsModule(securityContext);
    CrnkBoot boot = new CrnkBoot();
    boot.addModule(module);
    boot.boot();
    SecurityProvider securityProvider = boot.getModuleRegistry().getSecurityProvider();
    Assert.assertNotNull(securityProvider);
    Mockito.when(securityContext.isUserInRole("admin")).thenReturn(true);
    Assert.assertTrue(securityProvider.isUserInRole("admin"));
    Assert.assertFalse(securityProvider.isUserInRole("other"));
}
Also used : CrnkBoot(io.crnk.core.boot.CrnkBoot) SecurityContext(javax.ws.rs.core.SecurityContext) JaxrsModule(io.crnk.rs.internal.JaxrsModule) SecurityProvider(io.crnk.core.engine.security.SecurityProvider) Test(org.junit.Test)

Example 3 with SecurityProvider

use of io.crnk.core.engine.security.SecurityProvider in project crnk-framework by crnk-project.

the class SecurityModule method isUserInRole.

/**
 * Checks whether the current user posses the provided role
 *
 * @param role to check
 * @return true if in this role
 */
public boolean isUserInRole(String role) {
    if (!isEnabled()) {
        throw new IllegalStateException("security module is disabled");
    }
    checkInit();
    SecurityProvider securityProvider = context.getSecurityProvider();
    boolean contained = role == ALL_ROLE || securityProvider.isUserInRole(role);
    LOGGER.debug("isUserInRole returns {} for role {}", contained, role);
    return contained;
}
Also used : SecurityProvider(io.crnk.core.engine.security.SecurityProvider)

Example 4 with SecurityProvider

use of io.crnk.core.engine.security.SecurityProvider in project crnk-framework by crnk-project.

the class SecurityModuleTest method setup.

@Before
public void setup() {
    // TODO simplify ones simple module is fixed
    SimpleModule appModule = new SimpleModule("app") {

        @Override
        public void setupModule(ModuleContext context) {
            super.setupModule(context);
            context.addSecurityProvider(new SecurityProvider() {

                @Override
                public boolean isUserInRole(String role) {
                    return role.equals(allowedRule);
                }
            });
        }
    };
    appModule.addRepository(new TaskRepository());
    appModule.addRepository(new ProjectRepository());
    Builder builder = SecurityConfig.builder();
    builder.permitAll(ResourcePermission.GET);
    builder.permitRole("taskRole", Task.class, ResourcePermission.ALL);
    builder.permitRole("projectRole", "projects", ResourcePermission.POST);
    SecurityConfig config = builder.build();
    securityModule = SecurityModule.newServerModule(config);
    Assert.assertSame(config, securityModule.getConfig());
    ModuleRegistry moduleRegistry = new ModuleRegistry();
    moduleRegistry.setServiceDiscovery(new EmptyServiceDiscovery());
    moduleRegistry.setResourceRegistry(new ResourceRegistryImpl(new DefaultResourceRegistryPart(), moduleRegistry));
    moduleRegistry.addModule(securityModule);
    moduleRegistry.addModule(appModule);
    moduleRegistry.addModule(new JacksonModule(new ObjectMapper(), false, ImmutableList.of(new OffsetLimitPagingBehavior())));
    moduleRegistry.addModule(new CoreModule());
    moduleRegistry.init(new ObjectMapper());
}
Also used : OffsetLimitPagingBehavior(io.crnk.core.queryspec.pagingspec.OffsetLimitPagingBehavior) ProjectRepository(io.crnk.security.model.ProjectRepository) TaskRepository(io.crnk.security.model.TaskRepository) Builder(io.crnk.security.SecurityConfig.Builder) ModuleRegistry(io.crnk.core.module.ModuleRegistry) ResourceRegistryImpl(io.crnk.core.engine.internal.registry.ResourceRegistryImpl) JacksonModule(io.crnk.core.engine.internal.jackson.JacksonModule) SecurityProvider(io.crnk.core.engine.security.SecurityProvider) DefaultResourceRegistryPart(io.crnk.core.engine.registry.DefaultResourceRegistryPart) CoreModule(io.crnk.core.engine.internal.CoreModule) SimpleModule(io.crnk.core.module.SimpleModule) EmptyServiceDiscovery(io.crnk.core.module.discovery.EmptyServiceDiscovery) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Before(org.junit.Before)

Example 5 with SecurityProvider

use of io.crnk.core.engine.security.SecurityProvider in project crnk-framework by crnk-project.

the class ServletModuleTest method testSecurityProviderInstalled.

@Test
public void testSecurityProviderInstalled() {
    HttpRequestContextProvider provider = new HttpRequestContextProvider();
    ServletModule module = new ServletModule(provider);
    CrnkBoot boot = new CrnkBoot();
    boot.addModule(module);
    boot.boot();
    SecurityProvider securityProvider = boot.getModuleRegistry().getSecurityProvider();
    ServletContext servletContext = Mockito.mock(ServletContext.class);
    MockHttpServletRequest request = new MockHttpServletRequest(servletContext);
    MockHttpServletResponse response = new MockHttpServletResponse();
    request.addUserRole("guest");
    request.addUserRole("admin");
    provider.onRequestStarted(new HttpRequestContextBaseAdapter(new ServletRequestContext(servletContext, request, response, "api", HttpHeaders.DEFAULT_CHARSET)));
    Assert.assertFalse(securityProvider.isUserInRole("doesNotExist"));
    Assert.assertTrue(securityProvider.isUserInRole("guest"));
    Assert.assertTrue(securityProvider.isUserInRole("admin"));
}
Also used : HttpRequestContextBaseAdapter(io.crnk.core.engine.internal.http.HttpRequestContextBaseAdapter) CrnkBoot(io.crnk.core.boot.CrnkBoot) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) SecurityProvider(io.crnk.core.engine.security.SecurityProvider) ServletContext(javax.servlet.ServletContext) ServletRequestContext(io.crnk.servlet.internal.ServletRequestContext) ServletModule(io.crnk.servlet.internal.ServletModule) HttpRequestContextProvider(io.crnk.core.engine.http.HttpRequestContextProvider) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

SecurityProvider (io.crnk.core.engine.security.SecurityProvider)5 CrnkBoot (io.crnk.core.boot.CrnkBoot)3 SecurityContext (javax.ws.rs.core.SecurityContext)2 Test (org.junit.Test)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 HttpRequestContextProvider (io.crnk.core.engine.http.HttpRequestContextProvider)1 CoreModule (io.crnk.core.engine.internal.CoreModule)1 HttpRequestContextBaseAdapter (io.crnk.core.engine.internal.http.HttpRequestContextBaseAdapter)1 JacksonModule (io.crnk.core.engine.internal.jackson.JacksonModule)1 ResourceRegistryImpl (io.crnk.core.engine.internal.registry.ResourceRegistryImpl)1 DefaultResourceRegistryPart (io.crnk.core.engine.registry.DefaultResourceRegistryPart)1 ModuleRegistry (io.crnk.core.module.ModuleRegistry)1 SimpleModule (io.crnk.core.module.SimpleModule)1 EmptyServiceDiscovery (io.crnk.core.module.discovery.EmptyServiceDiscovery)1 OffsetLimitPagingBehavior (io.crnk.core.queryspec.pagingspec.OffsetLimitPagingBehavior)1 JaxrsModule (io.crnk.rs.internal.JaxrsModule)1 Builder (io.crnk.security.SecurityConfig.Builder)1 ProjectRepository (io.crnk.security.model.ProjectRepository)1 TaskRepository (io.crnk.security.model.TaskRepository)1 ServletModule (io.crnk.servlet.internal.ServletModule)1