Example 6 with Role
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testAuthorizedSessionPropertyWithResourceNameFactory.
@Test
public void testAuthorizedSessionPropertyWithResourceNameFactory() {
securityManager.registerResourceNameFactory(Famille.class.getSimpleName(), new BeanResourceNameFactory("/famille/${famId}"));
final Famille famille12 = new Famille();
famille12.setFamId(12L);
final Famille famille13 = new Famille();
famille13.setFamId(13L);
// Test ma famille
final Role readMyFamilly = getRole("R_MY_FAMILLE");
final UserSession userSession = securityManager.<TestUserSession>createUserSession().withSecurityKeys("famId", String.valueOf(famille12.id)).addRole(readMyFamilly);
try {
securityManager.startCurrentUserSession(userSession);
final boolean canRead12 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille12, "READ");
Assert.assertTrue(canRead12);
final boolean canRead13 = securityManager.isAuthorized(Famille.class.getSimpleName(), famille13, "READ");
Assert.assertFalse(canRead13);
} finally {
securityManager.stopCurrentUserSession();
}
}
Also used :
Role(io.vertigo.persona.security.metamodel.Role)
BeanResourceNameFactory(io.vertigo.persona.impl.security.BeanResourceNameFactory)
Test(org.junit.Test)
Example 7 with Role
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testNoWriterRole.
@Test
public void testNoWriterRole() {
final Role reader = getRole("R_READER");
final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(reader);
try {
securityManager.startCurrentUserSession(userSession);
final boolean canread = securityManager.isAuthorized("/products/12", "READ");
Assert.assertTrue(canread);
final boolean cannotwrite = securityManager.isAuthorized("/products/12", "WRITE");
Assert.assertFalse(cannotwrite);
} finally {
securityManager.stopCurrentUserSession();
}
}Example 8 with Role
use of io.vertigo.persona.security.metamodel.Role in project vertigo by KleeGroup.
the class VSecurityManagerTest method testAccess.
@Test
public void testAccess() {
final DefinitionSpace definitionSpace = getApp().getDefinitionSpace();
final Role admin = definitionSpace.resolve("R_ADMIN", Role.class);
final Role manager = definitionSpace.resolve("R_MANAGER", Role.class);
final Role secretary = definitionSpace.resolve("R_SECRETARY", Role.class);
final UserSession userSession = securityManager.<PersonaUserSession>createUserSession().addRole(admin).addRole(manager);
try {
securityManager.startCurrentUserSession(userSession);
final Set<Role> roles = new HashSet<>();
roles.add(admin);
roles.add(secretary);
Assert.assertTrue(securityManager.hasRole(roles));
roles.clear();
roles.add(secretary);
Assert.assertFalse(securityManager.hasRole(roles));
// Si aucun droit necessaire alors c'est bon
roles.clear();
Assert.assertTrue(securityManager.hasRole(roles));
} finally {
securityManager.stopCurrentUserSession();
}
}
Also used :
Role(io.vertigo.persona.security.metamodel.Role)
DefinitionSpace(io.vertigo.core.definition.DefinitionSpace)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Aggregations
Role (io.vertigo.persona.security.metamodel.Role)8
Test (org.junit.Test)7
DefinitionSpace (io.vertigo.core.definition.DefinitionSpace)2
BeanResourceNameFactory (io.vertigo.persona.impl.security.BeanResourceNameFactory)2
PersonaUserSession (io.vertigo.persona.security.PersonaUserSession)1
HashSet (java.util.HashSet)1
