use of io.gravitee.management.model.RoleEntity in project gravitee-management-rest-api by gravitee-io.
the class UserServiceTest method shouldCreate.
@Test
public void shouldCreate() throws TechnicalException {
when(newUser.getUsername()).thenReturn(USER_NAME);
when(newUser.getEmail()).thenReturn(EMAIL);
when(newUser.getFirstname()).thenReturn(FIRST_NAME);
when(newUser.getLastname()).thenReturn(LAST_NAME);
when(userRepository.findById(USER_NAME)).thenReturn(Optional.empty());
when(user.getId()).thenReturn(USER_NAME);
when(user.getUsername()).thenReturn(USER_NAME);
when(user.getEmail()).thenReturn(EMAIL);
when(user.getFirstname()).thenReturn(FIRST_NAME);
when(user.getLastname()).thenReturn(LAST_NAME);
when(user.getPassword()).thenReturn(PASSWORD);
when(user.getCreatedAt()).thenReturn(date);
when(user.getUpdatedAt()).thenReturn(date);
when(userRepository.create(any(User.class))).thenReturn(user);
RoleEntity role = mock(RoleEntity.class);
when(role.getScope()).thenReturn(io.gravitee.management.model.permissions.RoleScope.PORTAL);
when(role.getName()).thenReturn("USER");
when(roleService.findDefaultRoleByScopes(RoleScope.MANAGEMENT, RoleScope.PORTAL)).thenReturn(Collections.singletonList(role));
when(membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name(), user.getId(), RoleScope.PORTAL)).thenReturn(role);
final UserEntity createdUserEntity = userService.create(newUser, false);
verify(userRepository).create(argThat(new ArgumentMatcher<User>() {
public boolean matches(final Object argument) {
final User userToCreate = (User) argument;
return USER_NAME.equals(userToCreate.getUsername()) && EMAIL.equals(userToCreate.getEmail()) && FIRST_NAME.equals(userToCreate.getFirstname()) && LAST_NAME.equals(userToCreate.getLastname()) && userToCreate.getCreatedAt() != null && userToCreate.getUpdatedAt() != null && userToCreate.getCreatedAt().equals(userToCreate.getUpdatedAt());
}
}));
assertEquals(USER_NAME, createdUserEntity.getUsername());
assertEquals(FIRST_NAME, createdUserEntity.getFirstname());
assertEquals(LAST_NAME, createdUserEntity.getLastname());
assertEquals(EMAIL, createdUserEntity.getEmail());
assertEquals(PASSWORD, createdUserEntity.getPassword());
assertEquals(ROLES, createdUserEntity.getRoles());
assertEquals(date, createdUserEntity.getCreatedAt());
assertEquals(date, createdUserEntity.getUpdatedAt());
}
use of io.gravitee.management.model.RoleEntity in project gravitee-management-rest-api by gravitee-io.
the class MembershipService_GetMembersTest method shouldGetMembersWithMembership.
@Test
public void shouldGetMembersWithMembership() throws Exception {
Membership membership = new Membership();
membership.setReferenceId(API_ID);
membership.setCreatedAt(new Date());
membership.setUpdatedAt(membership.getCreatedAt());
membership.setReferenceType(MembershipReferenceType.API);
membership.setRoles(Collections.singletonMap(RoleScope.API.getId(), SystemRole.PRIMARY_OWNER.name()));
membership.setUserId("user-id");
UserEntity userEntity = new UserEntity();
userEntity.setUsername(membership.getUserId());
userEntity.setFirstname("John");
userEntity.setLastname("Doe");
RoleEntity po = mock(RoleEntity.class);
po.setScope(io.gravitee.management.model.permissions.RoleScope.API);
po.setName(SystemRole.PRIMARY_OWNER.name());
when(membershipRepository.findByReferenceAndRole(MembershipReferenceType.API, API_ID, RoleScope.API, SystemRole.PRIMARY_OWNER.name())).thenReturn(Collections.singleton(membership));
when(userService.findById(membership.getUserId())).thenReturn(userEntity);
when(membershipRepository.findById(userEntity.getUsername(), MembershipReferenceType.API, API_ID)).thenReturn(of(membership));
when(roleService.findById(RoleScope.API, SystemRole.PRIMARY_OWNER.name())).thenReturn(po);
Set<MemberEntity> members = membershipService.getMembers(MembershipReferenceType.API, API_ID, RoleScope.API, SystemRole.PRIMARY_OWNER.name());
Assert.assertNotNull(members);
Assert.assertFalse("members must not be empty", members.isEmpty());
verify(membershipRepository, times(1)).findByReferenceAndRole(MembershipReferenceType.API, API_ID, RoleScope.API, SystemRole.PRIMARY_OWNER.name());
verify(userService, times(1)).findById(membership.getUserId());
}
use of io.gravitee.management.model.RoleEntity in project gravitee-management-rest-api by gravitee-io.
the class MembershipService_GetMembersTest method shouldGetMembersWithoutMembership.
@Test
public void shouldGetMembersWithoutMembership() throws Exception {
Membership membership = new Membership();
membership.setReferenceId(API_ID);
membership.setCreatedAt(new Date());
membership.setUpdatedAt(membership.getCreatedAt());
membership.setReferenceType(MembershipReferenceType.API);
membership.setRoles(Collections.singletonMap(RoleScope.API.getId(), SystemRole.PRIMARY_OWNER.name()));
membership.setUserId("user-id");
UserEntity userEntity = new UserEntity();
userEntity.setUsername(membership.getUserId());
userEntity.setFirstname("John");
userEntity.setLastname("Doe");
RoleEntity po = mock(RoleEntity.class);
po.setScope(io.gravitee.management.model.permissions.RoleScope.API);
po.setName(SystemRole.PRIMARY_OWNER.name());
when(membershipRepository.findByReferenceAndRole(MembershipReferenceType.API, API_ID, RoleScope.API, null)).thenReturn(Collections.singleton(membership));
when(userService.findById(membership.getUserId())).thenReturn(userEntity);
when(membershipRepository.findById(userEntity.getUsername(), MembershipReferenceType.API, API_ID)).thenReturn(of(membership));
when(roleService.findById(RoleScope.API, SystemRole.PRIMARY_OWNER.name())).thenReturn(po);
Set<MemberEntity> members = membershipService.getMembers(MembershipReferenceType.API, API_ID, RoleScope.API);
Assert.assertNotNull(members);
Assert.assertFalse("members must not be empty", members.isEmpty());
verify(membershipRepository, times(1)).findByReferenceAndRole(MembershipReferenceType.API, API_ID, RoleScope.API, null);
verify(userService, times(1)).findById(membership.getUserId());
}
use of io.gravitee.management.model.RoleEntity in project gravitee-management-rest-api by gravitee-io.
the class RoleService_FindByIdTest method test_int_to_CRUD.
private void test_int_to_CRUD(int perm, RolePermissionAction... action) throws TechnicalException {
Role roleMock = mock(Role.class);
when(roleMock.getScope()).thenReturn(RoleScope.PORTAL);
when(roleMock.getName()).thenReturn("name");
when(roleMock.getPermissions()).thenReturn(new int[] { perm });
when(mockRoleRepository.findById(RoleScope.PORTAL, "name")).thenReturn(Optional.of(roleMock));
RoleEntity entity = roleService.findById(RoleScope.PORTAL, "name");
assertNotNull("no entity found", entity);
assertEquals("invalid scope", io.gravitee.management.model.permissions.RoleScope.PORTAL, entity.getScope());
assertFalse("no permissions found", entity.getPermissions().isEmpty());
assertTrue("invalid Permission name", entity.getPermissions().containsKey(DOCUMENTATION.getName()));
char[] perms = entity.getPermissions().get(DOCUMENTATION.getName());
assertEquals("not enough permissions", action.length, perms.length);
for (RolePermissionAction rolePermissionAction : action) {
assertTrue("not the good permission", Arrays.asList(ArrayUtils.toObject(perms)).contains(rolePermissionAction.getId()));
}
}
use of io.gravitee.management.model.RoleEntity in project gravitee-management-rest-api by gravitee-io.
the class AuthenticationSuccessFilter method doFilter.
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) servletRequest;
final Optional<Cookie> optionalStringToken;
if (req.getCookies() == null) {
optionalStringToken = Optional.empty();
} else {
optionalStringToken = Arrays.stream(req.getCookies()).filter(cookie -> HttpHeaders.AUTHORIZATION.equals(cookie.getName())).filter(cookie -> cookie.getValue() != null && !cookie.getValue().isEmpty()).findAny();
}
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && !optionalStringToken.isPresent()) {
// JWT signer
final Map<String, Object> claims = new HashMap<>();
claims.put(Claims.ISSUER, jwtIssuer);
final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
// Manage authorities, initialize it with dynamic permissions from the IDP
Set<GrantedAuthority> authorities = new HashSet<>(userDetails.getAuthorities());
// We must also load permissions from repository for configured management or portal role
RoleEntity role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.MANAGEMENT);
if (role != null) {
authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
}
role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.PORTAL);
if (role != null) {
authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
}
claims.put(Claims.PERMISSIONS, authorities);
claims.put(Claims.SUBJECT, userDetails.getUsername());
claims.put(Claims.EMAIL, userDetails.getEmail());
claims.put(Claims.FIRSTNAME, userDetails.getFirstname());
claims.put(Claims.LASTNAME, userDetails.getLastname());
final JWTSigner.Options options = new JWTSigner.Options();
options.setExpirySeconds(jwtExpireAfter);
options.setIssuedAt(true);
options.setJwtId(true);
final Cookie bearerCookie = jwtCookieGenerator.generate("Bearer " + new JWTSigner(jwtSecret).sign(claims, options));
((HttpServletResponse) servletResponse).addCookie(bearerCookie);
}
filterChain.doFilter(servletRequest, servletResponse);
}
Aggregations