Example 1 with Group
use of io.gravitee.repository.management.model.Group in project gravitee-management-rest-api by gravitee-io.
the class GroupService_FindByEventTest method shouldGetGroupsByEvents.
@Test
public void shouldGetGroupsByEvents() throws Exception {
Group grp1 = new Group();
grp1.setId("grp1");
grp1.setName("grp1");
grp1.setEventRules(Collections.singletonList(new GroupEventRule(GroupEvent.API_CREATE)));
Group grp2 = new Group();
grp2.setId("grp2");
grp2.setName("grp2");
grp2.setEventRules(Collections.singletonList(new GroupEventRule(GroupEvent.API_CREATE)));
HashSet<Group> findAll = new HashSet<>();
findAll.add(grp1);
findAll.add(grp2);
when(groupRepository.findAllByEnvironment(Mockito.any())).thenReturn(findAll);
when(membershipService.getRoles(any(), any(), any(), any())).thenReturn(Collections.emptySet());
Set<GroupEntity> groupEntities = groupService.findByEvent(API_CREATE);
assertNotNull(groupEntities);
assertFalse(groupEntities.isEmpty());
assertEquals(2, groupEntities.size());
List<String> groupIds = groupEntities.stream().map(GroupEntity::getId).collect(Collectors.toList());
assertTrue(groupIds.containsAll(Arrays.asList("grp1", "grp2")));
}
Also used :
Group(io.gravitee.repository.management.model.Group)
GroupEntity(io.gravitee.rest.api.model.GroupEntity)
GroupEventRule(io.gravitee.repository.management.model.GroupEventRule)
Test(org.junit.Test)
Example 2 with Group
use of io.gravitee.repository.management.model.Group in project gravitee-management-rest-api by gravitee-io.
the class GroupService_FindByEventTest method shouldNotGetGroupsByEvents.
@Test
public void shouldNotGetGroupsByEvents() throws Exception {
Group grp1 = new Group();
grp1.setId("grp1");
grp1.setEventRules(Collections.singletonList(new GroupEventRule(GroupEvent.APPLICATION_CREATE)));
Group grp2 = new Group();
grp2.setId("grp2");
grp2.setEventRules(Collections.singletonList(new GroupEventRule(GroupEvent.APPLICATION_CREATE)));
HashSet<Group> findAll = new HashSet<>();
findAll.add(grp1);
findAll.add(grp2);
when(groupRepository.findAllByEnvironment(any())).thenReturn(findAll);
Set<GroupEntity> groupEntities = groupService.findByEvent(API_CREATE);
assertNotNull(groupEntities);
assertTrue(groupEntities.isEmpty());
}
Also used :
Group(io.gravitee.repository.management.model.Group)
GroupEntity(io.gravitee.rest.api.model.GroupEntity)
GroupEventRule(io.gravitee.repository.management.model.GroupEventRule)
Test(org.junit.Test)
Example 3 with Group
use of io.gravitee.repository.management.model.Group in project gravitee-management-rest-api by gravitee-io.
the class GroupService_IsUserAuthorizedToAccessTest method shouldNotBeAuthorizedForPublicApiIfMemberOfUnauthorizedGroups.
@Test
public void shouldNotBeAuthorizedForPublicApiIfMemberOfUnauthorizedGroups() throws TechnicalException {
when(api.getVisibility()).thenReturn(Visibility.PUBLIC);
when(api.getId()).thenReturn("apiId");
Group grp1 = new Group();
Group grp2 = new Group();
grp1.setId("grp1");
grp2.setId("grp2");
when(groupRepository.findAll()).thenReturn(new HashSet<>(Arrays.asList(grp1, grp2)));
when(api.getGroups()).thenReturn(new HashSet<>(Arrays.asList("grp1", "grp2")));
when(membershipService.getMember(MembershipReferenceType.API, api.getId(), "user", RoleScope.API)).thenReturn(null);
when(membershipService.getMember(MembershipReferenceType.GROUP, "grp2", "user", RoleScope.API)).thenReturn(null);
boolean userAuthorizedToAccess = groupService.isUserAuthorizedToAccessApiData(api, Collections.singletonList("grp1"), "user");
assertFalse(userAuthorizedToAccess);
verify(membershipService, times(2)).getMember(any(), any(), any(), any());
verify(membershipService, times(1)).getMember(MembershipReferenceType.API, api.getId(), "user", RoleScope.API);
verify(membershipService, times(1)).getMember(MembershipReferenceType.GROUP, "grp2", "user", RoleScope.API);
verify(api, never()).getGroups();
verify(groupRepository, times(1)).findAll();
}Example 4 with Group
use of io.gravitee.repository.management.model.Group in project gravitee-management-rest-api by gravitee-io.
the class CurrentUserResource method getCurrentUser.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get the authenticated user")
@ApiResponses({ @ApiResponse(code = 200, message = "Authenticated user", response = UserDetails.class), @ApiResponse(code = 401, message = "Unauthorized user"), @ApiResponse(code = 500, message = "Internal server error") })
public Response getCurrentUser() {
if (isAuthenticated()) {
final UserDetails details = getAuthenticatedUserDetails();
final String userId = details.getUsername();
final String password = details.getPassword() != null ? details.getPassword() : "";
UserEntity userEntity;
try {
userEntity = userService.findByIdWithRoles(userId);
} catch (final UserNotFoundException unfe) {
final String unfeMessage = "User '{}' does not exist.";
if (LOG.isDebugEnabled()) {
LOG.info(unfeMessage, userId, unfe);
} else {
LOG.info(unfeMessage, userId);
}
response.addCookie(cookieGenerator.generate(TokenAuthenticationFilter.AUTH_COOKIE_NAME, null));
return status(Response.Status.UNAUTHORIZED).build();
}
List<GrantedAuthority> authorities = new ArrayList<>(details.getAuthorities());
UserDetails userDetails = new UserDetails(userEntity.getId(), password, authorities);
userDetails.setId(userEntity.getId());
// in case of memory user, look at the repository layer to get value updated by the user through the MyAccount page
userDetails.setFirstname(IDP_SOURCE_MEMORY.equals(userEntity.getSource()) && userEntity.getFirstname() != null ? userEntity.getFirstname() : details.getFirstname());
userDetails.setLastname(IDP_SOURCE_MEMORY.equals(userEntity.getSource()) && userEntity.getLastname() != null ? userEntity.getLastname() : details.getLastname());
userDetails.setSource(userEntity.getSource());
userDetails.setSourceId(userEntity.getSourceId());
userDetails.setPrimaryOwner(userEntity.isPrimaryOwner());
userDetails.setCreatedAt(userEntity.getCreatedAt());
userDetails.setUpdatedAt(userEntity.getUpdatedAt());
userDetails.setLastConnectionAt(userEntity.getLastConnectionAt());
if (details.getEmail() == null && IDP_SOURCE_MEMORY.equals(userEntity.getSource()) && userEntity.getEmail() != null) {
userDetails.setEmail(userEntity.getEmail());
} else {
userDetails.setEmail(details.getEmail());
}
boolean newsletterEnabled = environment.getProperty("newsletter.enabled", boolean.class, true);
if (newsletterEnabled && userEntity.getNewsletterSubscribed() == null && userEntity.getFirstConnectionAt() != null) {
long diffInMs = Math.abs(new Date().getTime() - userEntity.getFirstConnectionAt().getTime());
long diff = TimeUnit.DAYS.convert(diffInMs, TimeUnit.MILLISECONDS);
userDetails.setDisplayNewsletterSubscription(diff >= 7);
} else {
userDetails.setDisplayNewsletterSubscription(false);
}
// convert UserEntityRoles to UserDetailsRoles
userDetails.setRoles(userEntity.getRoles().stream().map(userEntityRole -> {
UserDetailRole userDetailRole = new UserDetailRole();
userDetailRole.setScope(userEntityRole.getScope().name());
userDetailRole.setName(userEntityRole.getName());
userDetailRole.setPermissions(userEntityRole.getPermissions());
return userDetailRole;
}).collect(Collectors.toList()));
final Set<MembershipEntity> memberships = membershipService.getMembershipsByMemberAndReference(MembershipMemberType.USER, userId, MembershipReferenceType.GROUP);
if (!memberships.isEmpty()) {
final Map<String, Set<String>> userGroups = new HashMap<>();
environmentService.findByOrganization(GraviteeContext.getCurrentOrganization()).forEach(environment -> {
try {
final Set<Group> groups = groupRepository.findAllByEnvironment(environment.getId());
userGroups.put(environment.getId(), new HashSet<>());
memberships.stream().map(MembershipEntity::getReferenceId).forEach(groupId -> {
final Optional<Group> optionalGroup = groups.stream().filter(group -> groupId.equals(group.getId())).findFirst();
optionalGroup.ifPresent(entity -> userGroups.get(environment.getId()).add(entity.getName()));
});
userDetails.setGroupsByEnvironment(userGroups);
} catch (TechnicalException e) {
LOG.error("Error while trying to get groups of the user " + userId, e);
}
});
}
userDetails.setFirstLogin(1 == userEntity.getLoginCount());
if (userEntity.getCustomFields() != null) {
userDetails.setCustomFields(userEntity.getCustomFields());
}
return ok(userDetails, MediaType.APPLICATION_JSON).build();
} else {
return ok().build();
}
}
Also used :
UserNotFoundException(io.gravitee.rest.api.service.exceptions.UserNotFoundException)
PagedResult(io.gravitee.rest.api.management.rest.model.PagedResult)
BEARER(io.gravitee.rest.api.management.rest.model.TokenType.BEARER)
TechnicalException(io.gravitee.repository.exceptions.TechnicalException)
LoggerFactory(org.slf4j.LoggerFactory)
UserNotFoundException(io.gravitee.rest.api.service.exceptions.UserNotFoundException)
Valid(javax.validation.Valid)
ApiOperation(io.swagger.annotations.ApiOperation)
Algorithm(com.auth0.jwt.algorithms.Algorithm)
CookieGenerator(io.gravitee.rest.api.security.cookies.CookieGenerator)
TokenEntity(io.gravitee.rest.api.management.rest.model.TokenEntity)
Duration(java.time.Duration)
Response.status(javax.ws.rs.core.Response.status)
AbstractResource(io.gravitee.rest.api.management.rest.resource.AbstractResource)
URI(java.net.URI)
UserDetailRole(io.gravitee.rest.api.idp.api.authentication.UserDetailRole)
SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder)
Context(javax.ws.rs.core.Context)
GroupRepository(io.gravitee.repository.management.api.GroupRepository)
Instant(java.time.Instant)
NotNull(javax.validation.constraints.NotNull)
UserDetails(io.gravitee.rest.api.idp.api.authentication.UserDetails)
Collectors(java.util.stream.Collectors)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
MediaType(io.gravitee.common.http.MediaType)
InvalidImageException(io.gravitee.rest.api.exception.InvalidImageException)
javax.ws.rs(javax.ws.rs)
Response(javax.ws.rs.core.Response)
Response.ok(javax.ws.rs.core.Response.ok)
DEFAULT_JWT_EXPIRE_AFTER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_EXPIRE_AFTER)
Request(javax.ws.rs.core.Request)
Authentication(org.springframework.security.core.Authentication)
JWT(com.auth0.jwt.JWT)
io.gravitee.rest.api.service(io.gravitee.rest.api.service)
java.util(java.util)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
GraviteeContext(io.gravitee.rest.api.service.common.GraviteeContext)
ApiResponses(io.swagger.annotations.ApiResponses)
Inject(javax.inject.Inject)
ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment)
Claims(io.gravitee.rest.api.service.common.JWTHelper.Claims)
io.gravitee.rest.api.model(io.gravitee.rest.api.model)
TokensResource(io.gravitee.rest.api.management.rest.resource.TokensResource)
Api(io.swagger.annotations.Api)
Cookie(javax.servlet.http.Cookie)
Logger(org.slf4j.Logger)
ImageUtils(io.gravitee.rest.api.security.utils.ImageUtils)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Group(io.gravitee.repository.management.model.Group)
EntityTag(javax.ws.rs.core.EntityTag)
Maps(io.gravitee.common.util.Maps)
TimeUnit(java.util.concurrent.TimeUnit)
DEFAULT_JWT_ISSUER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER)
TokenAuthenticationFilter(io.gravitee.rest.api.security.filter.TokenAuthenticationFilter)
ApiResponse(io.swagger.annotations.ApiResponse)
ResourceContext(javax.ws.rs.container.ResourceContext)
JWTHelper(io.gravitee.rest.api.service.common.JWTHelper)
Group(io.gravitee.repository.management.model.Group)
TechnicalException(io.gravitee.repository.exceptions.TechnicalException)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
UserDetailRole(io.gravitee.rest.api.idp.api.authentication.UserDetailRole)
UserDetails(io.gravitee.rest.api.idp.api.authentication.UserDetails)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 5 with Group
use of io.gravitee.repository.management.model.Group in project gravitee-management-rest-api by gravitee-io.
the class GroupService_UpdateTest method shouldUpdateGroup.
@Test
public void shouldUpdateGroup() throws Exception {
UpdateGroupEntity updatedGroupEntity = new UpdateGroupEntity();
updatedGroupEntity.setDisableMembershipNotifications(true);
updatedGroupEntity.setEmailInvitation(true);
updatedGroupEntity.setEventRules(null);
updatedGroupEntity.setLockApiRole(true);
updatedGroupEntity.setLockApplicationRole(true);
updatedGroupEntity.setMaxInvitation(100);
updatedGroupEntity.setName("my-group-name");
updatedGroupEntity.setRoles(Maps.<RoleScope, String>builder().put(RoleScope.API, "OWNER").build());
updatedGroupEntity.setSystemInvitation(false);
when(groupRepository.findById(GROUP_ID)).thenReturn(Optional.of(Mockito.mock(Group.class)));
when(permissionService.hasPermission(RolePermission.ENVIRONMENT_GROUP, "DEFAULT", CREATE, UPDATE, DELETE)).thenReturn(true);
when(membershipService.getRoles(any(), any(), any(), any())).thenReturn(Collections.emptySet());
groupService.update(GROUP_ID, updatedGroupEntity);
verify(groupRepository).update(argThat(group -> group.isDisableMembershipNotifications() && group.isEmailInvitation() && group.getEventRules() == null && group.isLockApiRole() && group.isLockApplicationRole() && group.getMaxInvitation() == 100 && group.getName().equals("my-group-name") && !group.isSystemInvitation()));
verify(membershipService).addRoleToMemberOnReference(argThat(membershipReference -> membershipReference.getType() == MembershipReferenceType.API && membershipReference.getId() == null), argThat(membershipMember -> membershipMember.getMemberId().equals(GROUP_ID) && membershipMember.getReference() == null && membershipMember.getMemberType() == MembershipMemberType.GROUP), argThat(membershipRole -> membershipRole.getScope() == RoleScope.API && membershipRole.getName().equals("OWNER")));
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
InjectMocks(org.mockito.InjectMocks)
RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction)
ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat)
GroupRepository(io.gravitee.repository.management.api.GroupRepository)
Mock(org.mockito.Mock)
RunWith(org.junit.runner.RunWith)
Group(io.gravitee.repository.management.model.Group)
Test(org.junit.Test)
RoleScope(io.gravitee.rest.api.model.permissions.RoleScope)
Maps(io.gravitee.common.util.Maps)
Mockito(org.mockito.Mockito)
MembershipReferenceType(io.gravitee.rest.api.model.MembershipReferenceType)
Optional(java.util.Optional)
GroupServiceImpl(io.gravitee.rest.api.service.impl.GroupServiceImpl)
Collections(java.util.Collections)
MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner)
MembershipMemberType(io.gravitee.rest.api.model.MembershipMemberType)
UpdateGroupEntity(io.gravitee.rest.api.model.UpdateGroupEntity)
RolePermission(io.gravitee.rest.api.model.permissions.RolePermission)
UpdateGroupEntity(io.gravitee.rest.api.model.UpdateGroupEntity)
Test(org.junit.Test)
Aggregations
Group (io.gravitee.repository.management.model.Group)6
Test (org.junit.Test)5
Maps (io.gravitee.common.util.Maps)2
GroupRepository (io.gravitee.repository.management.api.GroupRepository)2
GroupEventRule (io.gravitee.repository.management.model.GroupEventRule)2
GroupEntity (io.gravitee.rest.api.model.GroupEntity)2
JWT (com.auth0.jwt.JWT)1
Algorithm (com.auth0.jwt.algorithms.Algorithm)1
MediaType (io.gravitee.common.http.MediaType)1
TechnicalException (io.gravitee.repository.exceptions.TechnicalException)1
InvalidImageException (io.gravitee.rest.api.exception.InvalidImageException)1
UserDetailRole (io.gravitee.rest.api.idp.api.authentication.UserDetailRole)1
UserDetails (io.gravitee.rest.api.idp.api.authentication.UserDetails)1
PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)1
TokenEntity (io.gravitee.rest.api.management.rest.model.TokenEntity)1
BEARER (io.gravitee.rest.api.management.rest.model.TokenType.BEARER)1
AbstractResource (io.gravitee.rest.api.management.rest.resource.AbstractResource)1
TokensResource (io.gravitee.rest.api.management.rest.resource.TokensResource)1
io.gravitee.rest.api.model (io.gravitee.rest.api.model)1
MembershipMemberType (io.gravitee.rest.api.model.MembershipMemberType)1
