Search in sources :

Example 1 with SimplePrincipal

use of io.irontest.auth.SimplePrincipal in project irontest by zheng-wang.

the class IronTestApplication method createSystemResources.

private void createSystemResources(IronTestConfiguration configuration, Environment environment) {
    final DBIFactory dbiFactory = new DBIFactory();
    final DBI jdbi = dbiFactory.build(environment, configuration.getSystemDatabase(), "systemDatabase");
    // create DAO objects
    final FolderDAO folderDAO = jdbi.onDemand(FolderDAO.class);
    final EnvironmentDAO environmentDAO = jdbi.onDemand(EnvironmentDAO.class);
    final EndpointDAO endpointDAO = jdbi.onDemand(EndpointDAO.class);
    final TestcaseDAO testcaseDAO = jdbi.onDemand(TestcaseDAO.class);
    final TeststepDAO teststepDAO = jdbi.onDemand(TeststepDAO.class);
    final AssertionDAO assertionDAO = jdbi.onDemand(AssertionDAO.class);
    final UtilsDAO utilsDAO = jdbi.onDemand(UtilsDAO.class);
    final FolderTreeNodeDAO folderTreeNodeDAO = jdbi.onDemand(FolderTreeNodeDAO.class);
    final UserDefinedPropertyDAO udpDAO = jdbi.onDemand(UserDefinedPropertyDAO.class);
    final DataTableColumnDAO dataTableColumnDAO = jdbi.onDemand(DataTableColumnDAO.class);
    final DataTableCellDAO dataTableCellDAO = jdbi.onDemand(DataTableCellDAO.class);
    final TestcaseRunDAO testcaseRunDAO = jdbi.onDemand(TestcaseRunDAO.class);
    final TestcaseIndividualRunDAO testcaseIndividualRunDAO = jdbi.onDemand(TestcaseIndividualRunDAO.class);
    final TeststepRunDAO teststepRunDAO = jdbi.onDemand(TeststepRunDAO.class);
    UserDAO userDAO = null;
    if (isInTeamMode(configuration)) {
        userDAO = jdbi.onDemand(UserDAO.class);
    }
    AppInfo appInfo = new AppInfo();
    if (isInTeamMode(configuration)) {
        appInfo.setAppMode(AppMode.TEAM);
        // ignore bindHost
        DefaultServerFactory server = (DefaultServerFactory) configuration.getServerFactory();
        List<ConnectorFactory> applicationConnectors = server.getApplicationConnectors();
        HttpConnectorFactory httpConnectorFactory = (HttpConnectorFactory) applicationConnectors.get(0);
        httpConnectorFactory.setBindHost(null);
        // turn on user authentication and authorization
        environment.jersey().register(new AuthDynamicFeature(new BasicCredentialAuthFilter.Builder<SimplePrincipal>().setAuthenticator(new ResourceAuthenticator(userDAO)).setAuthorizer(new ResourceAuthorizer()).buildAuthFilter()));
        environment.jersey().register(RolesAllowedDynamicFeature.class);
        environment.jersey().register(new AuthResponseFilter());
    }
    // create database tables
    // order is important!!! (there are foreign keys linking them)
    folderDAO.createSequenceIfNotExists();
    folderDAO.createTableIfNotExists();
    folderDAO.insertARootNodeIfNotExists();
    environmentDAO.createSequenceIfNotExists();
    environmentDAO.createTableIfNotExists();
    endpointDAO.createSequenceIfNotExists();
    endpointDAO.createTableIfNotExists();
    testcaseDAO.createSequenceIfNotExists();
    testcaseDAO.createTableIfNotExists();
    teststepDAO.createSequenceIfNotExists();
    teststepDAO.createTableIfNotExists();
    assertionDAO.createSequenceIfNotExists();
    assertionDAO.createTableIfNotExists();
    udpDAO.createSequenceIfNotExists();
    udpDAO.createTableIfNotExists();
    dataTableColumnDAO.createSequenceIfNotExists();
    dataTableColumnDAO.createTableIfNotExists();
    dataTableCellDAO.createSequenceIfNotExists();
    dataTableCellDAO.createTableIfNotExists();
    testcaseRunDAO.createSequenceIfNotExists();
    testcaseRunDAO.createTableIfNotExists();
    testcaseIndividualRunDAO.createSequenceIfNotExists();
    testcaseIndividualRunDAO.createTableIfNotExists();
    teststepRunDAO.createSequenceIfNotExists();
    teststepRunDAO.createTableIfNotExists();
    if (isInTeamMode(configuration)) {
        userDAO.createSequenceIfNotExists();
        userDAO.createTableIfNotExists();
        userDAO.insertBuiltinAdminUserIfNotExists();
    }
    // register APIs
    environment.jersey().register(new SystemResource(appInfo));
    environment.jersey().register(new ManagedEndpointResource(appInfo, endpointDAO));
    environment.jersey().register(new TestcaseResource(testcaseDAO, teststepDAO));
    environment.jersey().register(new FolderResource(folderDAO));
    environment.jersey().register(new FolderTreeNodeResource(folderTreeNodeDAO));
    environment.jersey().register(new TeststepResource(appInfo, teststepDAO, udpDAO, utilsDAO));
    environment.jersey().register(new WSDLResource());
    environment.jersey().register(new EnvironmentResource(environmentDAO));
    environment.jersey().register(new TestcaseRunResource(testcaseDAO, udpDAO, teststepDAO, utilsDAO, testcaseRunDAO, teststepRunDAO));
    environment.jersey().register(new AssertionResource(udpDAO, teststepDAO, utilsDAO));
    environment.jersey().register(new UDPResource(udpDAO));
    environment.jersey().register(new DataTableResource(utilsDAO));
    if (isInTeamMode(configuration)) {
        environment.jersey().register(new UserResource(userDAO));
    }
    // if turned on in config.yml, register jersey LoggingFilter (used for logging Iron Test resource oriented HTTP API requests and responses)
    DefaultLoggingFactory defaultLoggingFactory = (DefaultLoggingFactory) configuration.getLoggingFactory();
    if (defaultLoggingFactory.getLoggers().containsKey(LoggingFilter.class.getName())) {
        environment.jersey().register(new LoggingFilter(Logger.getLogger(LoggingFilter.class.getName()), true));
    }
    // register exception mappers
    environment.jersey().register(new IronTestLoggingExceptionMapper());
}
Also used : ResourceAuthenticator(io.irontest.auth.ResourceAuthenticator) LoggingFilter(org.glassfish.jersey.filter.LoggingFilter) DefaultLoggingFactory(io.dropwizard.logging.DefaultLoggingFactory) DBI(org.skife.jdbi.v2.DBI) HttpConnectorFactory(io.dropwizard.jetty.HttpConnectorFactory) ConnectorFactory(io.dropwizard.jetty.ConnectorFactory) BasicCredentialAuthFilter(io.dropwizard.auth.basic.BasicCredentialAuthFilter) AuthDynamicFeature(io.dropwizard.auth.AuthDynamicFeature) ResourceAuthorizer(io.irontest.auth.ResourceAuthorizer) AuthResponseFilter(io.irontest.auth.AuthResponseFilter) AppInfo(io.irontest.models.AppInfo) HttpConnectorFactory(io.dropwizard.jetty.HttpConnectorFactory) SimplePrincipal(io.irontest.auth.SimplePrincipal) DBIFactory(io.dropwizard.jdbi.DBIFactory) DefaultServerFactory(io.dropwizard.server.DefaultServerFactory)

Example 2 with SimplePrincipal

use of io.irontest.auth.SimplePrincipal in project irontest by zheng-wang.

the class IronTestApplication method createSystemResources.

private void createSystemResources(IronTestConfiguration configuration, Environment environment, Jdbi systemDBJdbi, WireMockServer wireMockServer) {
    systemDBJdbi.registerArgument(new PropertiesArgumentFactory());
    systemDBJdbi.registerArgument(new EndpointPropertiesArgumentFactory());
    // create DAO objects
    final VersionDAO versionDAO = systemDBJdbi.onDemand(VersionDAO.class);
    final FolderDAO folderDAO = systemDBJdbi.onDemand(FolderDAO.class);
    final EnvironmentDAO environmentDAO = systemDBJdbi.onDemand(EnvironmentDAO.class);
    final EndpointDAO endpointDAO = systemDBJdbi.onDemand(EndpointDAO.class);
    final TestcaseDAO testcaseDAO = systemDBJdbi.onDemand(TestcaseDAO.class);
    final TeststepDAO teststepDAO = systemDBJdbi.onDemand(TeststepDAO.class);
    final AssertionDAO assertionDAO = systemDBJdbi.onDemand(AssertionDAO.class);
    final PropertyExtractorDAO propertyExtractorDAO = systemDBJdbi.onDemand(PropertyExtractorDAO.class);
    final UtilsDAO utilsDAO = systemDBJdbi.onDemand(UtilsDAO.class);
    final FolderTreeNodeDAO folderTreeNodeDAO = systemDBJdbi.onDemand(FolderTreeNodeDAO.class);
    final UserDefinedPropertyDAO udpDAO = systemDBJdbi.onDemand(UserDefinedPropertyDAO.class);
    final DataTableDAO dataTableDAO = systemDBJdbi.onDemand(DataTableDAO.class);
    final DataTableColumnDAO dataTableColumnDAO = systemDBJdbi.onDemand(DataTableColumnDAO.class);
    final DataTableCellDAO dataTableCellDAO = systemDBJdbi.onDemand(DataTableCellDAO.class);
    final TestcaseRunDAO testcaseRunDAO = systemDBJdbi.onDemand(TestcaseRunDAO.class);
    final TestcaseIndividualRunDAO testcaseIndividualRunDAO = systemDBJdbi.onDemand(TestcaseIndividualRunDAO.class);
    final TeststepRunDAO teststepRunDAO = systemDBJdbi.onDemand(TeststepRunDAO.class);
    final HTTPStubMappingDAO httpStubMappingDAO = systemDBJdbi.onDemand(HTTPStubMappingDAO.class);
    UserDAO userDAO = null;
    if (isInTeamMode(configuration)) {
        userDAO = systemDBJdbi.onDemand(UserDAO.class);
    }
    AppInfo appInfo = new AppInfo();
    if (isInTeamMode(configuration)) {
        appInfo.setAppMode(AppMode.TEAM);
        // ignore bindHost
        DefaultServerFactory server = (DefaultServerFactory) configuration.getServerFactory();
        List<ConnectorFactory> applicationConnectors = server.getApplicationConnectors();
        HttpConnectorFactory httpConnectorFactory = (HttpConnectorFactory) applicationConnectors.get(0);
        httpConnectorFactory.setBindHost(null);
        // turn on user authentication and authorization
        environment.jersey().register(new AuthDynamicFeature(new BasicCredentialAuthFilter.Builder<SimplePrincipal>().setAuthenticator(new ResourceAuthenticator(userDAO)).setAuthorizer(new ResourceAuthorizer()).buildAuthFilter()));
        environment.jersey().register(RolesAllowedDynamicFeature.class);
        environment.jersey().register(new AuthResponseFilter());
    }
    // create database tables
    // keep the order!!! (there are foreign keys linking some of them)
    versionDAO.createTableIfNotExists();
    versionDAO.insertVersionIfNotExists();
    folderDAO.createSequenceIfNotExists();
    folderDAO.createTableIfNotExists();
    folderDAO.insertARootNodeIfNotExists();
    environmentDAO.createSequenceIfNotExists();
    environmentDAO.createTableIfNotExists();
    endpointDAO.createSequenceIfNotExists();
    endpointDAO.createTableIfNotExists();
    testcaseDAO.createSequenceIfNotExists();
    testcaseDAO.createTableIfNotExists();
    teststepDAO.createSequenceIfNotExists();
    teststepDAO.createTableIfNotExists();
    assertionDAO.createSequenceIfNotExists();
    assertionDAO.createTableIfNotExists();
    propertyExtractorDAO.createSequenceIfNotExists();
    propertyExtractorDAO.createTableIfNotExists();
    udpDAO.createSequenceIfNotExists();
    udpDAO.createTableIfNotExists();
    dataTableColumnDAO.createSequenceIfNotExists();
    dataTableColumnDAO.createTableIfNotExists();
    dataTableColumnDAO.insertCaptionColumnForTestcasesWithoutDataTableColumn();
    dataTableCellDAO.createSequenceIfNotExists();
    dataTableCellDAO.createTableIfNotExists();
    testcaseRunDAO.createSequenceIfNotExists();
    testcaseRunDAO.createTableIfNotExists();
    testcaseIndividualRunDAO.createSequenceIfNotExists();
    testcaseIndividualRunDAO.createTableIfNotExists();
    teststepRunDAO.createSequenceIfNotExists();
    teststepRunDAO.createTableIfNotExists();
    httpStubMappingDAO.createSequenceIfNotExists();
    httpStubMappingDAO.createTableIfNotExists();
    if (isInTeamMode(configuration)) {
        userDAO.createSequenceIfNotExists();
        userDAO.createTableIfNotExists();
        userDAO.insertBuiltinAdminUserIfNotExists();
    }
    // register APIs
    environment.jersey().register(new SystemResource(appInfo));
    environment.jersey().register(new ManagedEndpointResource(appInfo, endpointDAO));
    environment.jersey().register(new TestcaseResource(testcaseDAO, teststepDAO));
    environment.jersey().register(new FolderResource(folderDAO, testcaseDAO));
    environment.jersey().register(new FolderTreeNodeResource(folderTreeNodeDAO));
    environment.jersey().register(new TeststepResource(appInfo, teststepDAO, udpDAO, utilsDAO, dataTableDAO, assertionDAO));
    environment.jersey().register(new WSDLResource());
    environment.jersey().register(new EnvironmentResource(environmentDAO));
    environment.jersey().register(new TestcaseRunResource(testcaseDAO, utilsDAO, testcaseRunDAO, teststepRunDAO, wireMockServer));
    environment.jersey().register(new AssertionResource(udpDAO, teststepDAO, dataTableDAO, assertionDAO));
    environment.jersey().register(new UDPResource(udpDAO));
    environment.jersey().register(new DataTableResource(dataTableDAO, dataTableColumnDAO, dataTableCellDAO));
    environment.jersey().register(new HTTPStubResource(httpStubMappingDAO, wireMockServer, udpDAO, dataTableDAO));
    environment.jersey().register(new MockServerResource(wireMockServer));
    environment.jersey().register(new PropertyExtractorResource(udpDAO, dataTableDAO, propertyExtractorDAO));
    if (isInTeamMode(configuration)) {
        environment.jersey().register(new UserResource(userDAO));
    }
    // if turned on in config.yml, register jersey LoggingFilter (used for logging Iron Test resource oriented HTTP API requests and responses)
    DefaultLoggingFactory defaultLoggingFactory = (DefaultLoggingFactory) configuration.getLoggingFactory();
    if (defaultLoggingFactory.getLoggers().containsKey(LoggingFilter.class.getName())) {
        environment.jersey().register(new LoggingFilter(Logger.getLogger(LoggingFilter.class.getName()), true));
    }
    // register exception mappers
    environment.jersey().register(new IronTestLoggingExceptionMapper());
}
Also used : ResourceAuthenticator(io.irontest.auth.ResourceAuthenticator) DefaultLoggingFactory(io.dropwizard.logging.DefaultLoggingFactory) BasicCredentialAuthFilter(io.dropwizard.auth.basic.BasicCredentialAuthFilter) AuthDynamicFeature(io.dropwizard.auth.AuthDynamicFeature) ResourceAuthorizer(io.irontest.auth.ResourceAuthorizer) AuthResponseFilter(io.irontest.auth.AuthResponseFilter) AppInfo(io.irontest.models.AppInfo) HttpConnectorFactory(io.dropwizard.jetty.HttpConnectorFactory) DefaultServerFactory(io.dropwizard.server.DefaultServerFactory) LoggingFilter(org.glassfish.jersey.filter.LoggingFilter) HttpConnectorFactory(io.dropwizard.jetty.HttpConnectorFactory) ConnectorFactory(io.dropwizard.jetty.ConnectorFactory) SimplePrincipal(io.irontest.auth.SimplePrincipal)

Example 3 with SimplePrincipal

use of io.irontest.auth.SimplePrincipal in project irontest by zheng-wang.

the class UserResource method updatePassword.

@PUT
@Path("{userId}/password")
@PermitAll
public void updatePassword(@PathParam("userId") long userId, @QueryParam("newPassword") String newPassword, @Context SecurityContext context) {
    SimplePrincipal principal = (SimplePrincipal) context.getUserPrincipal();
    User user = userDAO.findByUsername(principal.getName());
    if (user.getId() == userId) {
        userDAO.updatePassword(userId, newPassword);
    } else {
        throw new RuntimeException("You can't change other user's password.");
    }
}
Also used : User(io.irontest.models.User) SimplePrincipal(io.irontest.auth.SimplePrincipal) PermitAll(javax.annotation.security.PermitAll)

Aggregations

SimplePrincipal (io.irontest.auth.SimplePrincipal)3 AuthDynamicFeature (io.dropwizard.auth.AuthDynamicFeature)2 BasicCredentialAuthFilter (io.dropwizard.auth.basic.BasicCredentialAuthFilter)2 ConnectorFactory (io.dropwizard.jetty.ConnectorFactory)2 HttpConnectorFactory (io.dropwizard.jetty.HttpConnectorFactory)2 DefaultLoggingFactory (io.dropwizard.logging.DefaultLoggingFactory)2 DefaultServerFactory (io.dropwizard.server.DefaultServerFactory)2 AuthResponseFilter (io.irontest.auth.AuthResponseFilter)2 ResourceAuthenticator (io.irontest.auth.ResourceAuthenticator)2 ResourceAuthorizer (io.irontest.auth.ResourceAuthorizer)2 AppInfo (io.irontest.models.AppInfo)2 LoggingFilter (org.glassfish.jersey.filter.LoggingFilter)2 DBIFactory (io.dropwizard.jdbi.DBIFactory)1 User (io.irontest.models.User)1 PermitAll (javax.annotation.security.PermitAll)1 DBI (org.skife.jdbi.v2.DBI)1