use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerImpl method hasRole.
/**
* {@inheritDoc}
*/
@Override
public boolean hasRole(final Set<Role> authorizedRoleSet) {
Assertion.checkNotNull(authorizedRoleSet);
// -----
if (authorizedRoleSet.isEmpty()) {
return true;
}
// Si il existe au moins un role parmi la liste des roles autorises
// il faut alors regarder si l'utilisateur possede un role de la liste.
final Optional<PersonaUserSession> userSessionOpt = getCurrentUserSession();
Assertion.checkState(userSessionOpt.isPresent(), "User not logged");
final Set<Role> userProfiles = userSessionOpt.get().getRoles();
for (final Role role : authorizedRoleSet) {
Assertion.checkArgument(Home.getApp().getDefinitionSpace().contains(role.getName()), "Le role {0} n est pas defini dans RoleRegistry.", role);
if (userProfiles.contains(role)) {
return true;
}
}
// Si on a trouve aucun des roles autorises alors l'acces est interdit
return false;
}
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testAuthorized.
@Test
public void testAuthorized() {
final Role reader = getRole("R_READER");
final Role writer = getRole("R_WRITER");
final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(reader).addRole(writer);
try {
securityManager.startCurrentUserSession(userSession);
final boolean canread = securityManager.isAuthorized("/products/12", "READ");
Assert.assertTrue(canread);
final boolean canwrite = securityManager.isAuthorized("/products/12", "WRITE");
Assert.assertTrue(canwrite);
} finally {
securityManager.stopCurrentUserSession();
}
}
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testNotAuthorized.
@Test
public void testNotAuthorized() {
final Role reader = getRole("R_READER");
final Role writer = getRole("R_WRITER");
final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(reader).addRole(writer);
try {
securityManager.startCurrentUserSession(userSession);
final boolean authorized = securityManager.isAuthorized("not", "authorized");
Assert.assertFalse(authorized);
} finally {
securityManager.stopCurrentUserSession();
}
}
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testRole.
@Test
public void testRole() {
final DefinitionSpace definitionSpace = getApp().getDefinitionSpace();
final Role admin = definitionSpace.resolve("R_ADMIN", Role.class);
Assert.assertTrue("R_ADMIN".equals(admin.getName()));
final Role secretary = definitionSpace.resolve("R_SECRETARY", Role.class);
Assert.assertTrue("R_SECRETARY".equals(secretary.getName()));
}
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testAuthorizedAllWithResourceNameFactory.
@Test
public void testAuthorizedAllWithResourceNameFactory() {
securityManager.registerResourceNameFactory(Famille.class.getSimpleName(), new BeanResourceNameFactory("/famille/${famId}"));
final Famille famille12 = new Famille();
famille12.setFamId(12L);
final Famille famille13 = new Famille();
famille13.setFamId(13L);
// Test toutes familles
final Role readAllFamillies = getRole("R_ALL_FAMILLES");
final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(readAllFamillies);
try {
securityManager.startCurrentUserSession(userSession);
final boolean canRead12 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille12, "READ");
Assert.assertTrue(canRead12);
final boolean canRead13 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille13, "READ");
Assert.assertTrue(canRead13);
} finally {
securityManager.stopCurrentUserSession();
}
}
Aggregations