Search in sources :

Example 6 with Permission

use of io.envoyproxy.envoy.config.rbac.v3.Permission in project grpc-java by grpc.

the class RbacFilterTest method authenticatedParser.

@Test
@SuppressWarnings("unchecked")
public void authenticatedParser() throws Exception {
    List<Permission> permissionList = Arrays.asList(Permission.newBuilder().setNotRule(Permission.newBuilder().setRequestedServerName(STRING_MATCHER).build()).build());
    List<Principal> principalList = Arrays.asList(Principal.newBuilder().setAuthenticated(Authenticated.newBuilder().setPrincipalName(STRING_MATCHER).build()).build());
    ConfigOrError<?> result = parse(permissionList, principalList);
    assertThat(result.errorDetail).isNull();
    SSLSession sslSession = mock(SSLSession.class);
    X509Certificate mockCert = mock(X509Certificate.class);
    when(sslSession.getPeerCertificates()).thenReturn(new X509Certificate[] { mockCert });
    when(mockCert.getSubjectAlternativeNames()).thenReturn(Arrays.<List<?>>asList(Arrays.asList(2, "/" + PATH)));
    Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_SSL_SESSION, sslSession).build();
    ServerCall<Void, Void> serverCall = mock(ServerCall.class);
    when(serverCall.getAttributes()).thenReturn(attributes);
    GrpcAuthorizationEngine engine = new GrpcAuthorizationEngine(((RbacConfig) result.config).authConfig());
    AuthDecision decision = engine.evaluate(new Metadata(), serverCall);
    assertThat(decision.decision()).isEqualTo(GrpcAuthorizationEngine.Action.DENY);
}
Also used : AuthDecision(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision) SSLSession(javax.net.ssl.SSLSession) Attributes(io.grpc.Attributes) Metadata(io.grpc.Metadata) GrpcAuthorizationEngine(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine) X509Certificate(java.security.cert.X509Certificate) Permission(io.envoyproxy.envoy.config.rbac.v3.Permission) Principal(io.envoyproxy.envoy.config.rbac.v3.Principal) Test(org.junit.Test)

Example 7 with Permission

use of io.envoyproxy.envoy.config.rbac.v3.Permission in project grpc-java by grpc.

the class AuthorizationPolicyTranslator method parseRules.

private static Map<String, Policy> parseRules(List<Map<String, ?>> objects, String name) throws IllegalArgumentException {
    Map<String, Policy> policies = new LinkedHashMap<String, Policy>();
    for (Map<String, ?> object : objects) {
        String policyName = JsonUtil.getString(object, "name");
        if (policyName == null || policyName.isEmpty()) {
            throw new IllegalArgumentException("rule \"name\" is absent or empty");
        }
        List<Principal> principals = new ArrayList<>();
        Map<String, ?> source = JsonUtil.getObject(object, "source");
        if (source != null) {
            principals.add(parseSource(source));
        } else {
            principals.add(Principal.newBuilder().setAny(true).build());
        }
        List<Permission> permissions = new ArrayList<>();
        Map<String, ?> request = JsonUtil.getObject(object, "request");
        if (request != null) {
            permissions.add(parseRequest(request));
        } else {
            permissions.add(Permission.newBuilder().setAny(true).build());
        }
        Policy policy = Policy.newBuilder().addAllPermissions(permissions).addAllPrincipals(principals).build();
        policies.put(name + "_" + policyName, policy);
    }
    return policies;
}
Also used : Policy(io.envoyproxy.envoy.config.rbac.v3.Policy) ArrayList(java.util.ArrayList) Permission(io.envoyproxy.envoy.config.rbac.v3.Permission) Principal(io.envoyproxy.envoy.config.rbac.v3.Principal) LinkedHashMap(java.util.LinkedHashMap)

Example 8 with Permission

use of io.envoyproxy.envoy.config.rbac.v3.Permission in project RxPermissions by tbruyelle.

the class RxPermissionsSampleTest method test_permission_denied_dont_ask_again.

@Test
@TargetApi(Build.VERSION_CODES.M)
public void test_permission_denied_dont_ask_again() throws Exception {
    // mocks
    final String permissionString = Manifest.permission.READ_PHONE_STATE;
    final boolean granted = false;
    final boolean shouldShowRequestPermissionRationale = false;
    final Permission permission = new Permission(permissionString, granted, shouldShowRequestPermissionRationale);
    when(rxPermissions.requestEach(permissionString)).thenReturn(Observable.just(permission));
    // test
    rxPermissions.requestEach(permissionString).test().assertNoErrors().assertValue(permission);
}
Also used : Permission(com.tbruyelle.rxpermissions3.Permission) Test(org.junit.Test) TargetApi(android.annotation.TargetApi)

Example 9 with Permission

use of io.envoyproxy.envoy.config.rbac.v3.Permission in project DevRing by LJYcoder.

the class PermissionManager method requestEachCombined.

// 请求多个权限建议用这个
public void requestEachCombined(FragmentActivity activity, final PermissionListener listener, String... permissions) {
    if (activity != null) {
        RxPermissions rxPermissions = new RxPermissions(activity);
        rxPermissions.requestEachCombined(permissions).subscribe(new Consumer<Permission>() {

            @Override
            public void accept(Permission permission) throws Exception {
                if (permission.granted) {
                    // All permissions are granted !
                    if (listener != null) {
                        listener.onGranted(permission.name);
                    }
                } else if (permission.shouldShowRequestPermissionRationale) {
                    // At least one denied permission without ask never again
                    if (listener != null) {
                        listener.onDenied(permission.name);
                    }
                } else {
                    // Need to go to the settings
                    if (listener != null) {
                        listener.onDeniedWithNeverAsk(permission.name);
                    }
                }
            }
        });
    }
}
Also used : RxPermissions(com.tbruyelle.rxpermissions2.RxPermissions) Permission(com.tbruyelle.rxpermissions2.Permission)

Example 10 with Permission

use of io.envoyproxy.envoy.config.rbac.v3.Permission in project RxPermissions by tbruyelle.

the class MainActivity method onCreate.

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    RxPermissions rxPermissions = new RxPermissions(this);
    rxPermissions.setLogging(true);
    setContentView(R.layout.act_main);
    surfaceView = findViewById(R.id.surfaceView);
    disposable = RxView.clicks(findViewById(R.id.enableCamera)).compose(rxPermissions.ensureEach(permission.CAMERA)).subscribe(new Consumer<Permission>() {

        @Override
        public void accept(Permission permission) {
            Log.i(TAG, "Permission result " + permission);
            if (permission.granted) {
                releaseCamera();
                camera = Camera.open(0);
                try {
                    camera.setPreviewDisplay(surfaceView.getHolder());
                    camera.startPreview();
                } catch (IOException e) {
                    Log.e(TAG, "Error while trying to display the camera preview", e);
                }
            } else if (permission.shouldShowRequestPermissionRationale) {
                // Denied permission without ask never again
                Toast.makeText(MainActivity.this, "Denied permission without ask never again", Toast.LENGTH_SHORT).show();
            } else {
                // Denied permission with ask never again
                // Need to go to the settings
                Toast.makeText(MainActivity.this, "Permission denied, can't enable the camera", Toast.LENGTH_SHORT).show();
            }
        }
    }, new Consumer<Throwable>() {

        @Override
        public void accept(Throwable t) {
            Log.e(TAG, "onError", t);
        }
    }, new Action() {

        @Override
        public void run() {
            Log.i(TAG, "OnComplete");
        }
    });
}
Also used : Action(io.reactivex.rxjava3.functions.Action) RxPermissions(com.tbruyelle.rxpermissions3.RxPermissions) Consumer(io.reactivex.rxjava3.functions.Consumer) Permission(com.tbruyelle.rxpermissions3.Permission) IOException(java.io.IOException)

Aggregations

Permission (io.envoyproxy.envoy.config.rbac.v3.Permission)9 Principal (io.envoyproxy.envoy.config.rbac.v3.Principal)9 Test (org.junit.Test)9 GrpcAuthorizationEngine (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine)6 AuthDecision (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision)6 Permission (com.tbruyelle.rxpermissions2.Permission)5 RxPermissions (com.tbruyelle.rxpermissions2.RxPermissions)5 Metadata (io.grpc.Metadata)5 Attributes (io.grpc.Attributes)3 Permission (com.tbruyelle.rxpermissions3.Permission)2 HeaderMatcher (io.envoyproxy.envoy.config.route.v3.HeaderMatcher)2 PathMatcher (io.envoyproxy.envoy.type.matcher.v3.PathMatcher)2 IOException (java.io.IOException)2 InetSocketAddress (java.net.InetSocketAddress)2 TargetApi (android.annotation.TargetApi)1 Message (com.google.protobuf.Message)1 RxPermissions (com.tbruyelle.rxpermissions3.RxPermissions)1 CidrRange (io.envoyproxy.envoy.config.core.v3.CidrRange)1 Policy (io.envoyproxy.envoy.config.rbac.v3.Policy)1 MetadataMatcher (io.envoyproxy.envoy.type.matcher.v3.MetadataMatcher)1