Examples with Authorization io.vertigo.account.authorization.metamodel.Authorization used on opensource projects

Search in sources :

Example 11 with Authorization

use of io.vertigo.account.authorization.metamodel.Authorization in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntityGrant.

@Test
public void testAuthorizedOnEntityGrant() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Record recordArchivedNotWriteable = createRecord();
    recordArchivedNotWriteable.setEtaCd("ARC");
    final Authorization recordCreate = getAuthorization(RecordAuthorizations.ATZ_RECORD$CREATE);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordCreate);
        final boolean canCreateRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$CREATE);
        Assert.assertTrue(canCreateRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.READ));
        // create -> TYP_ID=${typId} and MONTANT<=${montantMax}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.CREATE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.CREATE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.CREATE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.CREATE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.CREATE));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 12 with Authorization

use of io.vertigo.account.authorization.metamodel.Authorization in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorized.

@Test
public void testAuthorized() {
    final Authorization admUsr = getAuthorization(GlobalAuthorizations.ATZ_ADMUSR);
    final Authorization admPro = getAuthorization(GlobalAuthorizations.ATZ_ADMPRO);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(admUsr).addAuthorization(admPro);
        Assert.assertTrue(authorizationManager.hasAuthorization(GlobalAuthorizations.ATZ_ADMUSR));
        Assert.assertTrue(authorizationManager.hasAuthorization(GlobalAuthorizations.ATZ_ADMPRO));
        Assert.assertFalse(authorizationManager.hasAuthorization(GlobalAuthorizations.ATZ_ADMAPP));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 13 with Authorization

use of io.vertigo.account.authorization.metamodel.Authorization in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntityEnumAxes.

@Test
public void testAuthorizedOnEntityEnumAxes() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Record recordArchivedNotWriteable = createRecord();
    recordArchivedNotWriteable.setEtaCd("ARC");
    final Authorization recordWrite = getAuthorization(RecordAuthorizations.ATZ_RECORD$WRITE);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordWrite);
        final boolean canReadRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$WRITE);
        Assert.assertTrue(canReadRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.READ));
        // write -> (UTI_ID_OWNER=${utiId} and ETA_CD<ARC) or (TYP_ID=${typId} and MONTANT<=${montantMax} and ETA_CD<ARC)
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.WRITE));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 14 with Authorization

use of io.vertigo.account.authorization.metamodel.Authorization in project vertigo by KleeGroup.

the class VSecurityManagerTest method testPredicateOnEntity.

@Test
public void testPredicateOnEntity() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Authorization recordRead = getAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordRead);
        final boolean canReadRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
        Assert.assertTrue(canReadRecord);
        final Predicate<Record> readRecordPredicate = authorizationManager.getCriteriaSecurity(Record.class, RecordOperations.READ).toPredicate();
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(readRecordPredicate.test(record));
        Assert.assertTrue(readRecordPredicate.test(recordTooExpensive));
        Assert.assertTrue(readRecordPredicate.test(recordOtherUser));
        Assert.assertFalse(readRecordPredicate.test(recordOtherUserAndTooExpensive));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Aggregations

Authorization (io.vertigo.account.authorization.metamodel.Authorization)14 UserSession (io.vertigo.persona.security.UserSession)10 Test (org.junit.Test)10 TestUserSession (io.vertigo.account.data.TestUserSession)9 Record (io.vertigo.account.authorization.model.Record)8 DtDefinition (io.vertigo.dynamo.domain.metamodel.DtDefinition)3 JsonElement (com.google.gson.JsonElement)2 JsonObject (com.google.gson.JsonObject)2 AuthorizationName (io.vertigo.account.authorization.metamodel.AuthorizationName)2 SecuredEntity (io.vertigo.account.authorization.metamodel.SecuredEntity)2 Assertion (io.vertigo.lang.Assertion)2 ArrayList (java.util.ArrayList)2 Collections (java.util.Collections)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 AuthorizationManager (io.vertigo.account.authorization.AuthorizationManager)1 UserAuthorizations (io.vertigo.account.authorization.UserAuthorizations)1 OperationName (io.vertigo.account.authorization.metamodel.OperationName)1 Role (io.vertigo.account.authorization.metamodel.Role)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial