Examples with UserSession io.vertigo.persona.security.UserSession used on opensource projects

Search in sources :

Example 6 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testInitCurrentUserSession.

@Test
public void testInitCurrentUserSession() {
    final UserSession userSession = securityManager.createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        Assert.assertTrue(securityManager.getCurrentUserSession().isPresent());
        Assert.assertEquals(userSession, securityManager.getCurrentUserSession().get());
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Test(org.junit.Test)

Example 7 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testSecuritySearchOnEntity.

@Test
public void testSecuritySearchOnEntity() {
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Authorization recordRead = getAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordRead).addAuthorization(getAuthorization(RecordAuthorizations.ATZ_RECORD$READ_HP)).addAuthorization(getAuthorization(RecordAuthorizations.ATZ_RECORD$WRITE)).addAuthorization(getAuthorization(RecordAuthorizations.ATZ_RECORD$CREATE)).addAuthorization(getAuthorization(RecordAuthorizations.ATZ_RECORD$DELETE));
        final boolean canReadRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
        Assert.assertTrue(canReadRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertEquals("(+AMOUNT:<=100.0) (+UTI_ID_OWNER:1000)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.READ));
        Assert.assertEquals("(AMOUNT:<=100.0 UTI_ID_OWNER:1000)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.READ2));
        Assert.assertEquals("(*:*)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.READ_HP));
        Assert.assertEquals("(+UTI_ID_OWNER:1000 +ETA_CD:<ARC) (+TYP_ID:10 +AMOUNT:<=100.0 +ETA_CD:<ARC)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.WRITE));
        Assert.assertEquals("(+TYP_ID:10 +AMOUNT:<=100.0)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.CREATE));
        Assert.assertEquals("(+TYP_ID:10) (+UTI_ID_OWNER:1000 +ETA_CD:<PUB)", authorizationManager.getSearchSecurity(Record.class, RecordOperations.DELETE));
        final boolean canReadNotify = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$NOTIFY);
        Assert.assertFalse(canReadNotify);
        Assert.assertEquals("", authorizationManager.getSearchSecurity(Record.class, RecordOperations.NOTIFY));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 8 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class AuthenticationManagerTest method loginSuccess.

private Optional<Account> loginSuccess() {
    final AuthenticationToken token = new UsernamePasswordAuthenticationToken("admin", "v3rt1g0");
    final Optional<Account> account = authenticationManager.login(token);
    Assert.assertTrue("Authent fail", account.isPresent());
    final Optional<UserSession> userSession = securityManager.getCurrentUserSession();
    Assert.assertTrue("No UserSession", userSession.isPresent());
    Assert.assertTrue("Not authenticated", userSession.get().isAuthenticated());
    return account;
}
Also used : Account(io.vertigo.account.account.Account) UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken) AuthenticationToken(io.vertigo.account.authentication.AuthenticationToken) UserSession(io.vertigo.persona.security.UserSession) UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)

Example 9 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthenticate.

public void testAuthenticate() {
    final UserSession userSession = securityManager.createUserSession();
    Assert.assertFalse(userSession.isAuthenticated());
    userSession.authenticate();
}
Also used : TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession)

Example 10 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testResetUserSession.

@Test
public void testResetUserSession() {
    final UserSession userSession = securityManager.createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        Assert.assertTrue(securityManager.getCurrentUserSession().isPresent());
        // 
        authorizationManager.obtainUserAuthorizations().clearSecurityKeys();
        authorizationManager.obtainUserAuthorizations().clearAuthorizations();
        authorizationManager.obtainUserAuthorizations().clearRoles();
    } finally {
        securityManager.stopCurrentUserSession();
    }
    Assert.assertFalse(securityManager.getCurrentUserSession().isPresent());
}
Also used : TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Test(org.junit.Test)

Aggregations

UserSession (io.vertigo.persona.security.UserSession)21 Test (org.junit.Test)14 TestUserSession (io.vertigo.account.data.TestUserSession)13 Authorization (io.vertigo.account.authorization.metamodel.Authorization)9 Record (io.vertigo.account.authorization.model.Record)8 Account (io.vertigo.account.account.Account)2 AuthenticationToken (io.vertigo.account.authentication.AuthenticationToken)2 UsernamePasswordAuthenticationToken (io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)2 SessionException (io.vertigo.vega.webservice.exception.SessionException)2 UserAuthorizations (io.vertigo.account.authorization.UserAuthorizations)1 PostgreSqlDataBase (io.vertigo.database.impl.sql.vendor.postgresql.PostgreSqlDataBase)1 SqlDialect (io.vertigo.database.sql.vendor.SqlDialect)1 CriteriaCtx (io.vertigo.dynamo.criteria.CriteriaCtx)1 VSecurityException (io.vertigo.vega.webservice.exception.VSecurityException)1 Locale (java.util.Locale)1 ServletException (javax.servlet.ServletException)1 HttpSession (javax.servlet.http.HttpSession)1 Session (spark.Session)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial