Search in sources :

Example 1 with Permission

use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionsFilter method filter.

protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
    if (permissions != null && permissions.value().length > 0) {
        Principal principal = securityContext.getUserPrincipal();
        if (principal != null) {
            String username = principal.getName();
            for (Permission permission : permissions.value()) {
                if (hasPermission(requestContext, username, permission)) {
                    return;
                }
            }
        }
        sendSecurityError();
    }
}
Also used : Permission(io.gravitee.rest.api.portal.rest.security.Permission) Principal(java.security.Principal)

Example 2 with Permission

use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initManagementMocks.

/**
 * ENVIRONMENT Tests
 */
private void initManagementMocks() {
    Principal user = () -> USERNAME;
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.ENVIRONMENT_API);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
}
Also used : Permission(io.gravitee.rest.api.portal.rest.security.Permission) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 3 with Permission

use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initApiMocks.

/**
 * API Tests
 */
private ApiEntity initApiMocks() {
    ApiEntity api = new ApiEntity();
    api.setId(API_ID);
    Principal user = () -> USERNAME;
    when(apiService.findById(api.getId())).thenReturn(api);
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.API_ANALYTICS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
    map.put("apiId", Collections.singletonList(api.getId()));
    when(uriInfo.getPathParameters()).thenReturn(map);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    return api;
}
Also used : MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) Permission(io.gravitee.rest.api.portal.rest.security.Permission) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 4 with Permission

use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initApplicationMocks.

/**
 * APPLICATION Tests
 */
private ApplicationEntity initApplicationMocks() {
    ApplicationEntity application = new ApplicationEntity();
    application.setId(APPLICATION_ID);
    Principal user = () -> USERNAME;
    when(applicationService.findById(application.getId())).thenReturn(application);
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.APPLICATION_ANALYTICS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
    map.put("applicationId", Collections.singletonList(application.getId()));
    when(uriInfo.getPathParameters()).thenReturn(map);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
    return application;
}
Also used : MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) ApplicationEntity(io.gravitee.rest.api.model.ApplicationEntity) Permission(io.gravitee.rest.api.portal.rest.security.Permission) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Example 5 with Permission

use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.

the class PermissionFilterTest method initOrganizationMocks.

/**
 * ORGANIZATION Tests
 */
private void initOrganizationMocks() {
    Principal user = () -> USERNAME;
    when(securityContext.getUserPrincipal()).thenReturn(user);
    Permission perm = mock(Permission.class);
    when(perm.value()).thenReturn(RolePermission.ORGANIZATION_USERS);
    when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
    when(permissions.value()).thenReturn(new Permission[] { perm });
    UriInfo uriInfo = mock(UriInfo.class);
    when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
}
Also used : Permission(io.gravitee.rest.api.portal.rest.security.Permission) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) Principal(java.security.Principal) UriInfo(javax.ws.rs.core.UriInfo)

Aggregations

Permission (io.gravitee.rest.api.portal.rest.security.Permission)5 Principal (java.security.Principal)5 RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)4 UriInfo (javax.ws.rs.core.UriInfo)4 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)2 ApplicationEntity (io.gravitee.rest.api.model.ApplicationEntity)1 ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)1