Examples with Permission io.gravitee.management.rest.security.Permission used on opensource projects

Search in sources :

Example 1 with Permission

use of io.gravitee.management.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initManagementMocks.

/**
 * MANAGEMENT Tests
 */
private void initManagementMocks() {
    Principal user = () -> USERNAME;
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.MANAGEMENT_API);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    when(membershipService.getRole(any(), any(), any(), any())).thenReturn(mock(RoleEntity.class));
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) RolePermission(io.gravitee.management.model.permissions.RolePermission) Permission(io.gravitee.management.rest.security.Permission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 2 with Permission

use of io.gravitee.management.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initApplicationMocks.

/**
 * APPLICATION Tests
 */
private ApplicationEntity initApplicationMocks() {
    ApplicationEntity application = new ApplicationEntity();
    application.setId(APPLICATION_ID);
    Principal user = () -> USERNAME;
    when(applicationService.findById(application.getId())).thenReturn(application);
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.APPLICATION_ANALYTICS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
    map.put("application", Collections.singletonList(application.getId()));
    when(uriInfo.getPathParameters()).thenReturn(map);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    return application;
}
Also used : MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) RolePermission(io.gravitee.management.model.permissions.RolePermission) Permission(io.gravitee.management.rest.security.Permission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 3 with Permission

use of io.gravitee.management.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initApiMocks.

/**
 * API Tests
 */
private ApiEntity initApiMocks() {
    ApiEntity api = new ApiEntity();
    api.setId(API_ID);
    Principal user = () -> USERNAME;
    when(apiService.findById(api.getId())).thenReturn(api);
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.API_ANALYTICS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
    map.put("api", Collections.singletonList(api.getId()));
    when(uriInfo.getPathParameters()).thenReturn(map);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    return api;
}
Also used : MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) RolePermission(io.gravitee.management.model.permissions.RolePermission) Permission(io.gravitee.management.rest.security.Permission) ApiEntity(io.gravitee.management.model.ApiEntity) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 4 with Permission

use of io.gravitee.management.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initPortalMocks.

/**
 * PORTAL Tests
 */
private void initPortalMocks() {
    Principal user = () -> USERNAME;
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.PORTAL_METADATA);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    when(membershipService.getRole(any(), any(), any(), any())).thenReturn(mock(RoleEntity.class));
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) RolePermission(io.gravitee.management.model.permissions.RolePermission) Permission(io.gravitee.management.rest.security.Permission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 5 with Permission

use of io.gravitee.management.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionsFilter method filter.

protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
    if (permissions != null && permissions.value().length > 0) {
        Principal principal = securityContext.getUserPrincipal();
        if (principal != null) {
            String username = principal.getName();
            for (Permission permission : permissions.value()) {
                RoleEntity role;
                Map<String, char[]> memberPermissions;
                switch(permission.value().getScope()) {
                    case MANAGEMENT:
                        role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.MANAGEMENT);
                        if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case PORTAL:
                        role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name(), username, RoleScope.PORTAL);
                        if (roleService.hasPermission(role.getPermissions(), permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case APPLICATION:
                        ApplicationEntity application = getApplication(requestContext);
                        memberPermissions = membershipService.getMemberPermissions(application, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case API:
                        ApiEntity api = getApi(requestContext);
                        memberPermissions = membershipService.getMemberPermissions(api, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    default:
                        sendSecurityError();
                }
            }
        }
        sendSecurityError();
    }
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) Permission(io.gravitee.management.rest.security.Permission) ApiEntity(io.gravitee.management.model.ApiEntity) Principal(java.security.Principal)

Aggregations

Permission (io.gravitee.management.rest.security.Permission)7 RolePermission (io.gravitee.management.model.permissions.RolePermission)6 Principal (java.security.Principal)5 ApplicationEntity (io.gravitee.management.model.ApplicationEntity)4 UriInfo (javax.ws.rs.core.UriInfo)4 ApiEntity (io.gravitee.management.model.ApiEntity)3 RoleEntity (io.gravitee.management.model.RoleEntity)3 MediaType (io.gravitee.common.http.MediaType)2 RolePermissionAction (io.gravitee.management.model.permissions.RolePermissionAction)2 Permissions (io.gravitee.management.rest.security.Permissions)2 ApplicationService (io.gravitee.management.service.ApplicationService)2 Api (io.swagger.annotations.Api)2 Function (java.util.function.Function)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 GET (javax.ws.rs.GET)2 Produces (javax.ws.rs.Produces)2 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)2 SubscriptionEntity (io.gravitee.management.model.SubscriptionEntity)1 Analytics (io.gravitee.management.model.analytics.Analytics)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial