Search in sources :

Example 1 with Role

use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.

the class VSecurityManagerImpl method hasRole.

/**
 * {@inheritDoc}
 */
@Override
public boolean hasRole(final Set<Role> authorizedRoleSet) {
    Assertion.checkNotNull(authorizedRoleSet);
    // -----
    if (authorizedRoleSet.isEmpty()) {
        return true;
    }
    // Si il existe au moins un role parmi la liste des roles autorises
    // il faut alors regarder si l'utilisateur possede un role de la liste.
    final Optional<PersonaUserSession> userSessionOpt = getCurrentUserSession();
    Assertion.checkState(userSessionOpt.isPresent(), "User not logged");
    final Set<Role> userProfiles = userSessionOpt.get().getRoles();
    for (final Role role : authorizedRoleSet) {
        Assertion.checkArgument(Home.getApp().getDefinitionSpace().contains(role.getName()), "Le role {0} n est pas defini dans RoleRegistry.", role);
        if (userProfiles.contains(role)) {
            return true;
        }
    }
    // Si on a trouve aucun des roles autorises alors l'acces est interdit
    return false;
}
Also used : Role(io.vertigo.persona.security.metamodel.Role) PersonaUserSession(io.vertigo.persona.security.PersonaUserSession)

Example 2 with Role

use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorized.

@Test
public void testAuthorized() {
    final Role reader = getRole("R_READER");
    final Role writer = getRole("R_WRITER");
    final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(reader).addRole(writer);
    try {
        securityManager.startCurrentUserSession(userSession);
        final boolean canread = securityManager.isAuthorized("/products/12", "READ");
        Assert.assertTrue(canread);
        final boolean canwrite = securityManager.isAuthorized("/products/12", "WRITE");
        Assert.assertTrue(canwrite);
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Role(io.vertigo.persona.security.metamodel.Role) Test(org.junit.Test)

Example 3 with Role

use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.

the class VSecurityManagerTest method testNotAuthorized.

@Test
public void testNotAuthorized() {
    final Role reader = getRole("R_READER");
    final Role writer = getRole("R_WRITER");
    final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(reader).addRole(writer);
    try {
        securityManager.startCurrentUserSession(userSession);
        final boolean authorized = securityManager.isAuthorized("not", "authorized");
        Assert.assertFalse(authorized);
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Role(io.vertigo.persona.security.metamodel.Role) Test(org.junit.Test)

Example 4 with Role

use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.

the class VSecurityManagerTest method testRole.

@Test
public void testRole() {
    final DefinitionSpace definitionSpace = getApp().getDefinitionSpace();
    final Role admin = definitionSpace.resolve("R_ADMIN", Role.class);
    Assert.assertTrue("R_ADMIN".equals(admin.getName()));
    final Role secretary = definitionSpace.resolve("R_SECRETARY", Role.class);
    Assert.assertTrue("R_SECRETARY".equals(secretary.getName()));
}
Also used : Role(io.vertigo.persona.security.metamodel.Role) DefinitionSpace(io.vertigo.core.definition.DefinitionSpace) Test(org.junit.Test)

Example 5 with Role

use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.

the class VSecurityManagerTest method testAuthorizedAllWithResourceNameFactory.

@Test
public void testAuthorizedAllWithResourceNameFactory() {
    securityManager.registerResourceNameFactory(Famille.class.getSimpleName(), new BeanResourceNameFactory("/famille/${famId}"));
    final Famille famille12 = new Famille();
    famille12.setFamId(12L);
    final Famille famille13 = new Famille();
    famille13.setFamId(13L);
    // Test toutes familles
    final Role readAllFamillies = getRole("R_ALL_FAMILLES");
    final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(readAllFamillies);
    try {
        securityManager.startCurrentUserSession(userSession);
        final boolean canRead12 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille12, "READ");
        Assert.assertTrue(canRead12);
        final boolean canRead13 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille13, "READ");
        Assert.assertTrue(canRead13);
    } finally {
        securityManager.stopCurrentUserSession();
    }
}
Also used : Role(io.vertigo.persona.security.metamodel.Role) BeanResourceNameFactory(io.vertigo.persona.impl.security.BeanResourceNameFactory) Test(org.junit.Test)

Aggregations

Role (io.vertigo.persona.security.metamodel.Role)8 Test (org.junit.Test)7 DefinitionSpace (io.vertigo.core.definition.DefinitionSpace)2 BeanResourceNameFactory (io.vertigo.persona.impl.security.BeanResourceNameFactory)2 PersonaUserSession (io.vertigo.persona.security.PersonaUserSession)1 HashSet (java.util.HashSet)1