Examples with UserSession io.vertigo.persona.security.UserSession used on opensource projects

Search in sources :

Example 11 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntityOverride.

@Test
public void testAuthorizedOnEntityOverride() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Authorization recordRead = getAuthorization(RecordAuthorizations.ATZ_RECORD$READ_HP);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordRead);
        final boolean canReadRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$READ_HP);
        Assert.assertTrue(canReadRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 12 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntityTreeAxes.

@Test
public void testAuthorizedOnEntityTreeAxes() {
    final Record record = createRecord();
    record.setEtaCd("PUB");
    final Record recordOtherType = createRecord();
    recordOtherType.setEtaCd("PUB");
    recordOtherType.setTypId(11L);
    final Record recordOtherEtat = createRecord();
    recordOtherEtat.setEtaCd("CRE");
    final Record recordOtherUser = createRecord();
    recordOtherUser.setEtaCd("PUB");
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setEtaCd("PUB");
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Record recordOtherCommune = createRecord();
    recordOtherCommune.setEtaCd("PUB");
    recordOtherCommune.setComId(3L);
    final Record recordDepartement = createRecord();
    recordDepartement.setEtaCd("PUB");
    recordDepartement.setComId(null);
    final Record recordOtherDepartement = createRecord();
    recordOtherDepartement.setEtaCd("PUB");
    recordOtherDepartement.setDepId(10L);
    recordOtherDepartement.setComId(null);
    final Record recordRegion = createRecord();
    recordRegion.setEtaCd("PUB");
    recordRegion.setDepId(null);
    recordRegion.setComId(null);
    final Record recordNational = createRecord();
    recordNational.setEtaCd("PUB");
    recordNational.setRegId(null);
    recordNational.setDepId(null);
    recordNational.setComId(null);
    final Authorization recordNotify = getAuthorization(RecordAuthorizations.ATZ_RECORD$NOTIFY);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).withSecurityKeys("geo", // droit sur tout un département
        new Long[] { DEFAULT_REG_ID, DEFAULT_DEP_ID, null }).addAuthorization(recordNotify);
        Assert.assertTrue(authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$NOTIFY));
        // grant read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
        // grant read2 -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ2));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ2));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ2));
        // notify -> TYP_ID=${typId} and ETA_CD=PUB and GEO<=${geo}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.NOTIFY));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherType, RecordOperations.NOTIFY));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherEtat, RecordOperations.NOTIFY));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.NOTIFY));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.NOTIFY));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherCommune, RecordOperations.NOTIFY));
        Assert.assertTrue(authorizationManager.isAuthorized(recordDepartement, RecordOperations.NOTIFY));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherDepartement, RecordOperations.NOTIFY));
        Assert.assertFalse(authorizationManager.isAuthorized(recordRegion, RecordOperations.NOTIFY));
        Assert.assertFalse(authorizationManager.isAuthorized(recordNational, RecordOperations.NOTIFY));
        // override write -> TYP_ID=${typId} and ETA_CD=PUB and GEO<=${geo}
        // default write don't apply : (UTI_ID_OWNER=${utiId} and ETA_CD<ARC) or (TYP_ID=${typId} and MONTANT<=${montantMax} and ETA_CD<ARC)
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherType, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherEtat, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherCommune, RecordOperations.WRITE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordDepartement, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherDepartement, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordRegion, RecordOperations.WRITE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordNational, RecordOperations.WRITE));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 13 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testCreateUserSession.

@Test
public void testCreateUserSession() {
    final UserSession userSession = securityManager.createUserSession();
    Assert.assertEquals(Locale.FRANCE, userSession.getLocale());
    Assert.assertEquals(TestUserSession.class, userSession.getClass());
}
Also used : TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Test(org.junit.Test)

Example 14 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntity.

@Test
public void testAuthorizedOnEntity() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Authorization recordRead = getAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordRead);
        final boolean canReadRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$READ);
        Assert.assertTrue(canReadRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Example 15 with UserSession

use of io.vertigo.persona.security.UserSession in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedOnEntityGrant.

@Test
public void testAuthorizedOnEntityGrant() {
    final Record record = createRecord();
    final Record recordTooExpensive = createRecord();
    recordTooExpensive.setAmount(10000d);
    final Record recordOtherUser = createRecord();
    recordOtherUser.setUtiIdOwner(2000L);
    final Record recordOtherUserAndTooExpensive = createRecord();
    recordOtherUserAndTooExpensive.setUtiIdOwner(2000L);
    recordOtherUserAndTooExpensive.setAmount(10000d);
    final Record recordArchivedNotWriteable = createRecord();
    recordArchivedNotWriteable.setEtaCd("ARC");
    final Authorization recordCreate = getAuthorization(RecordAuthorizations.ATZ_RECORD$CREATE);
    final UserSession userSession = securityManager.<TestUserSession>createUserSession();
    try {
        securityManager.startCurrentUserSession(userSession);
        authorizationManager.obtainUserAuthorizations().withSecurityKeys("utiId", DEFAULT_UTI_ID).withSecurityKeys("typId", DEFAULT_TYPE_ID).withSecurityKeys("montantMax", DEFAULT_MONTANT_MAX).addAuthorization(recordCreate);
        final boolean canCreateRecord = authorizationManager.hasAuthorization(RecordAuthorizations.ATZ_RECORD$CREATE);
        Assert.assertTrue(canCreateRecord);
        // read -> MONTANT<=${montantMax} or UTI_ID_OWNER=${utiId}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.READ));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.READ));
        Assert.assertTrue(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.READ));
        // create -> TYP_ID=${typId} and MONTANT<=${montantMax}
        Assert.assertTrue(authorizationManager.isAuthorized(record, RecordOperations.CREATE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordTooExpensive, RecordOperations.CREATE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordOtherUser, RecordOperations.CREATE));
        Assert.assertFalse(authorizationManager.isAuthorized(recordOtherUserAndTooExpensive, RecordOperations.CREATE));
        Assert.assertTrue(authorizationManager.isAuthorized(recordArchivedNotWriteable, RecordOperations.CREATE));
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) TestUserSession(io.vertigo.account.data.TestUserSession) UserSession(io.vertigo.persona.security.UserSession) Record(io.vertigo.account.authorization.model.Record) TestUserSession(io.vertigo.account.data.TestUserSession) Test(org.junit.Test)

Aggregations

UserSession (io.vertigo.persona.security.UserSession)21 Test (org.junit.Test)14 TestUserSession (io.vertigo.account.data.TestUserSession)13 Authorization (io.vertigo.account.authorization.metamodel.Authorization)9 Record (io.vertigo.account.authorization.model.Record)8 Account (io.vertigo.account.account.Account)2 AuthenticationToken (io.vertigo.account.authentication.AuthenticationToken)2 UsernamePasswordAuthenticationToken (io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)2 SessionException (io.vertigo.vega.webservice.exception.SessionException)2 UserAuthorizations (io.vertigo.account.authorization.UserAuthorizations)1 PostgreSqlDataBase (io.vertigo.database.impl.sql.vendor.postgresql.PostgreSqlDataBase)1 SqlDialect (io.vertigo.database.sql.vendor.SqlDialect)1 CriteriaCtx (io.vertigo.dynamo.criteria.CriteriaCtx)1 VSecurityException (io.vertigo.vega.webservice.exception.VSecurityException)1 Locale (java.util.Locale)1 ServletException (javax.servlet.ServletException)1 HttpSession (javax.servlet.http.HttpSession)1 Session (spark.Session)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial