use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method initApplicationMocks.
/**
* APPLICATION Tests
*/
private ApplicationEntity initApplicationMocks() {
ApplicationEntity application = new ApplicationEntity();
application.setId(APPLICATION_ID);
Principal user = () -> USERNAME;
when(applicationService.findById(application.getId())).thenReturn(application);
when(securityContext.getUserPrincipal()).thenReturn(user);
Permission perm = mock(Permission.class);
when(perm.value()).thenReturn(RolePermission.APPLICATION_ANALYTICS);
when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
when(permissions.value()).thenReturn(new Permission[] { perm });
UriInfo uriInfo = mock(UriInfo.class);
MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
map.put("application", Collections.singletonList(application.getId()));
when(uriInfo.getPathParameters()).thenReturn(map);
when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
return application;
}
use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method shouldThrowForbiddenExceptionWhenNoApplicationPermissions.
@Test(expected = ForbiddenAccessException.class)
public void shouldThrowForbiddenExceptionWhenNoApplicationPermissions() {
ApplicationEntity application = initApplicationMocks();
when(roleService.hasPermission(any(), any(), any())).thenReturn(false);
try {
permissionFilter.filter(permissions, containerRequestContext);
} catch (ForbiddenAccessException e) {
verify(applicationService, times(1)).findById(application.getId());
verify(apiService, never()).findById(any());
verify(roleService, times(1)).hasPermission(any(), any(), any());
verify(membershipService, times(1)).getMemberPermissions(application, USERNAME);
verify(membershipService, never()).getRole(any(), any(), any(), any());
throw e;
}
Assert.fail("Should throw a ForbiddenAccessException");
}
use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.
the class SubscriptionsResource method convert.
private Subscription convert(SubscriptionEntity subscriptionEntity) {
Subscription subscription = new Subscription();
subscription.setId(subscriptionEntity.getId());
subscription.setCreatedAt(subscriptionEntity.getCreatedAt());
subscription.setUpdatedAt(subscriptionEntity.getUpdatedAt());
subscription.setStartingAt(subscriptionEntity.getStartingAt());
subscription.setEndingAt(subscriptionEntity.getEndingAt());
subscription.setProcessedAt(subscriptionEntity.getProcessedAt());
subscription.setProcessedBy(subscriptionEntity.getProcessedBy());
subscription.setReason(subscriptionEntity.getReason());
subscription.setStatus(subscriptionEntity.getStatus());
ApplicationEntity application = applicationService.findById(subscriptionEntity.getApplication());
subscription.setApplication(new Subscription.Application(application.getId(), application.getName(), application.getType(), new Subscription.User(application.getPrimaryOwner().getId(), application.getPrimaryOwner().getDisplayName())));
PlanEntity plan = planService.findById(subscriptionEntity.getPlan());
subscription.setPlan(new Subscription.Plan(plan.getId(), plan.getName()));
subscription.setClosedAt(subscriptionEntity.getClosedAt());
return subscription;
}
use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.
the class PermissionsFilter method filter.
protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
if (permissions != null && permissions.value().length > 0) {
Principal principal = securityContext.getUserPrincipal();
if (principal != null) {
String username = principal.getName();
for (Permission permission : permissions.value()) {
RoleEntity role;
Map<String, char[]> memberPermissions;
switch(permission.value().getScope()) {
case MANAGEMENT:
role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.MANAGEMENT);
if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
return;
}
break;
case PORTAL:
role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.PORTAL);
if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
return;
}
break;
case APPLICATION:
ApplicationEntity application = getApplication(requestContext);
memberPermissions = membershipService.getMemberPermissions(application, username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
case API:
ApiEntity api = getApi(requestContext);
memberPermissions = membershipService.getMemberPermissions(api, username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
default:
sendSecurityError();
}
}
}
sendSecurityError();
}
}
use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.
the class ApplicationService_CreateTest method shouldCreateForUser.
@Test
public void shouldCreateForUser() throws TechnicalException {
when(application.getName()).thenReturn(APPLICATION_NAME);
when(application.getStatus()).thenReturn(ApplicationStatus.ACTIVE);
when(applicationRepository.findById(anyString())).thenReturn(Optional.empty());
when(applicationRepository.create(any())).thenReturn(application);
when(newApplication.getName()).thenReturn(APPLICATION_NAME);
when(newApplication.getDescription()).thenReturn("My description");
when(groupService.findByEvent(any())).thenReturn(Collections.emptySet());
when(userService.findById(any())).thenReturn(mock(UserEntity.class));
final ApplicationEntity applicationEntity = applicationService.create(newApplication, USER_NAME);
assertNotNull(applicationEntity);
assertEquals(APPLICATION_NAME, applicationEntity.getName());
}
Aggregations