Search in sources :

Example 1 with ApplicationEntity

use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initApplicationMocks.

/**
 * APPLICATION Tests
 */
private ApplicationEntity initApplicationMocks() {
    ApplicationEntity application = new ApplicationEntity();
    application.setId(APPLICATION_ID);
    Principal user = () -> USERNAME;
    when(applicationService.findById(application.getId())).thenReturn(application);
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.APPLICATION_ANALYTICS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
    map.put("application", Collections.singletonList(application.getId()));
    when(uriInfo.getPathParameters()).thenReturn(map);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    return application;
}
Also used : MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) RolePermission(io.gravitee.management.model.permissions.RolePermission) Permission(io.gravitee.management.rest.security.Permission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 2 with ApplicationEntity

use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method shouldThrowForbiddenExceptionWhenNoApplicationPermissions.

@Test(expected = ForbiddenAccessException.class)
public void shouldThrowForbiddenExceptionWhenNoApplicationPermissions() {
    ApplicationEntity application = initApplicationMocks();
    when(roleService.hasPermission(any(), any(), any())).thenReturn(false);
    try {
        permissionFilter.filter(permissions, containerRequestContext);
    } catch (ForbiddenAccessException e) {
        verify(applicationService, times(1)).findById(application.getId());
        verify(apiService, never()).findById(any());
        verify(roleService, times(1)).hasPermission(any(), any(), any());
        verify(membershipService, times(1)).getMemberPermissions(application, USERNAME);
        verify(membershipService, never()).getRole(any(), any(), any(), any());
        throw e;
    }
    Assert.fail("Should throw a ForbiddenAccessException");
}
Also used : ApplicationEntity(io.gravitee.management.model.ApplicationEntity) ForbiddenAccessException(io.gravitee.management.service.exceptions.ForbiddenAccessException) Test(org.junit.Test)

Example 3 with ApplicationEntity

use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.

the class SubscriptionsResource method convert.

private Subscription convert(SubscriptionEntity subscriptionEntity) {
    Subscription subscription = new Subscription();
    subscription.setId(subscriptionEntity.getId());
    subscription.setCreatedAt(subscriptionEntity.getCreatedAt());
    subscription.setUpdatedAt(subscriptionEntity.getUpdatedAt());
    subscription.setStartingAt(subscriptionEntity.getStartingAt());
    subscription.setEndingAt(subscriptionEntity.getEndingAt());
    subscription.setProcessedAt(subscriptionEntity.getProcessedAt());
    subscription.setProcessedBy(subscriptionEntity.getProcessedBy());
    subscription.setReason(subscriptionEntity.getReason());
    subscription.setStatus(subscriptionEntity.getStatus());
    ApplicationEntity application = applicationService.findById(subscriptionEntity.getApplication());
    subscription.setApplication(new Subscription.Application(application.getId(), application.getName(), application.getType(), new Subscription.User(application.getPrimaryOwner().getId(), application.getPrimaryOwner().getDisplayName())));
    PlanEntity plan = planService.findById(subscriptionEntity.getPlan());
    subscription.setPlan(new Subscription.Plan(plan.getId(), plan.getName()));
    subscription.setClosedAt(subscriptionEntity.getClosedAt());
    return subscription;
}
Also used : ApplicationEntity(io.gravitee.management.model.ApplicationEntity) PlanEntity(io.gravitee.management.model.PlanEntity) Subscription(io.gravitee.management.rest.model.Subscription)

Example 4 with ApplicationEntity

use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.

the class PermissionsFilter method filter.

protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
    if (permissions != null && permissions.value().length > 0) {
        Principal principal = securityContext.getUserPrincipal();
        if (principal != null) {
            String username = principal.getName();
            for (Permission permission : permissions.value()) {
                RoleEntity role;
                Map<String, char[]> memberPermissions;
                switch(permission.value().getScope()) {
                    case MANAGEMENT:
                        role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.MANAGEMENT);
                        if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case PORTAL:
                        role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.PORTAL);
                        if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case APPLICATION:
                        ApplicationEntity application = getApplication(requestContext);
                        memberPermissions = membershipService.getMemberPermissions(application, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case API:
                        ApiEntity api = getApi(requestContext);
                        memberPermissions = membershipService.getMemberPermissions(api, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    default:
                        sendSecurityError();
                }
            }
        }
        sendSecurityError();
    }
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) Permission(io.gravitee.management.rest.security.Permission) ApiEntity(io.gravitee.management.model.ApiEntity) Principal(java.security.Principal)

Example 5 with ApplicationEntity

use of io.gravitee.management.model.ApplicationEntity in project gravitee-management-rest-api by gravitee-io.

the class ApplicationService_CreateTest method shouldCreateForUser.

@Test
public void shouldCreateForUser() throws TechnicalException {
    when(application.getName()).thenReturn(APPLICATION_NAME);
    when(application.getStatus()).thenReturn(ApplicationStatus.ACTIVE);
    when(applicationRepository.findById(anyString())).thenReturn(Optional.empty());
    when(applicationRepository.create(any())).thenReturn(application);
    when(newApplication.getName()).thenReturn(APPLICATION_NAME);
    when(newApplication.getDescription()).thenReturn("My description");
    when(groupService.findByEvent(any())).thenReturn(Collections.emptySet());
    when(userService.findById(any())).thenReturn(mock(UserEntity.class));
    final ApplicationEntity applicationEntity = applicationService.create(newApplication, USER_NAME);
    assertNotNull(applicationEntity);
    assertEquals(APPLICATION_NAME, applicationEntity.getName());
}
Also used : ApplicationEntity(io.gravitee.management.model.ApplicationEntity) NewApplicationEntity(io.gravitee.management.model.NewApplicationEntity) UserEntity(io.gravitee.management.model.UserEntity) Test(org.junit.Test)

Aggregations

ApplicationEntity (io.gravitee.management.model.ApplicationEntity)16 Test (org.junit.Test)9 Membership (io.gravitee.repository.management.model.Membership)6 UserEntity (io.gravitee.management.model.UserEntity)5 Permission (io.gravitee.management.rest.security.Permission)4 RolePermission (io.gravitee.management.model.permissions.RolePermission)3 Permissions (io.gravitee.management.rest.security.Permissions)3 MediaType (io.gravitee.common.http.MediaType)2 ApiEntity (io.gravitee.management.model.ApiEntity)2 UpdateApplicationEntity (io.gravitee.management.model.UpdateApplicationEntity)2 RolePermissionAction (io.gravitee.management.model.permissions.RolePermissionAction)2 ApplicationService (io.gravitee.management.service.ApplicationService)2 Application (io.gravitee.repository.management.model.Application)2 Api (io.swagger.annotations.Api)2 Principal (java.security.Principal)2 Function (java.util.function.Function)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 GET (javax.ws.rs.GET)2 Produces (javax.ws.rs.Produces)2