use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.
the class PermissionsFilter method filter.
protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
if (permissions != null && permissions.value().length > 0) {
Principal principal = securityContext.getUserPrincipal();
if (principal != null) {
String username = principal.getName();
for (Permission permission : permissions.value()) {
if (hasPermission(requestContext, username, permission)) {
return;
}
}
}
sendSecurityError();
}
}
use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method initManagementMocks.
/**
* ENVIRONMENT Tests
*/
private void initManagementMocks() {
Principal user = () -> USERNAME;
when(securityContext.getUserPrincipal()).thenReturn(user);
Permission perm = mock(Permission.class);
when(perm.value()).thenReturn(RolePermission.ENVIRONMENT_API);
when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
when(permissions.value()).thenReturn(new Permission[] { perm });
UriInfo uriInfo = mock(UriInfo.class);
when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
}
use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method initApiMocks.
/**
* API Tests
*/
private ApiEntity initApiMocks() {
ApiEntity api = new ApiEntity();
api.setId(API_ID);
Principal user = () -> USERNAME;
when(apiService.findById(api.getId())).thenReturn(api);
when(securityContext.getUserPrincipal()).thenReturn(user);
Permission perm = mock(Permission.class);
when(perm.value()).thenReturn(RolePermission.API_ANALYTICS);
when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
when(permissions.value()).thenReturn(new Permission[] { perm });
UriInfo uriInfo = mock(UriInfo.class);
MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
map.put("apiId", Collections.singletonList(api.getId()));
when(uriInfo.getPathParameters()).thenReturn(map);
when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
return api;
}
use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method initApplicationMocks.
/**
* APPLICATION Tests
*/
private ApplicationEntity initApplicationMocks() {
ApplicationEntity application = new ApplicationEntity();
application.setId(APPLICATION_ID);
Principal user = () -> USERNAME;
when(applicationService.findById(application.getId())).thenReturn(application);
when(securityContext.getUserPrincipal()).thenReturn(user);
Permission perm = mock(Permission.class);
when(perm.value()).thenReturn(RolePermission.APPLICATION_ANALYTICS);
when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
when(permissions.value()).thenReturn(new Permission[] { perm });
UriInfo uriInfo = mock(UriInfo.class);
MultivaluedHashMap<String, String> map = new MultivaluedHashMap<>();
map.put("applicationId", Collections.singletonList(application.getId()));
when(uriInfo.getPathParameters()).thenReturn(map);
when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
return application;
}
use of io.gravitee.rest.api.portal.rest.security.Permission in project gravitee-management-rest-api by gravitee-io.
the class PermissionFilterTest method initOrganizationMocks.
/**
* ORGANIZATION Tests
*/
private void initOrganizationMocks() {
Principal user = () -> USERNAME;
when(securityContext.getUserPrincipal()).thenReturn(user);
Permission perm = mock(Permission.class);
when(perm.value()).thenReturn(RolePermission.ORGANIZATION_USERS);
when(perm.acls()).thenReturn(new RolePermissionAction[] { RolePermissionAction.UPDATE });
when(permissions.value()).thenReturn(new Permission[] { perm });
UriInfo uriInfo = mock(UriInfo.class);
when(containerRequestContext.getUriInfo()).thenReturn(uriInfo);
}
Aggregations