Example 11 with RolesAllowed
use of jakarta.annotation.security.RolesAllowed in project helidon by oracle.
the class RoleValidatorTest method testAllAccessAnnotationsOnTheSameLevel.
@Test
void testAllAccessAnnotationsOnTheSameLevel() {
RoleValidator validator = RoleValidator.create();
PermitAll permitAll = mock(PermitAll.class);
DenyAll denyAll = mock(DenyAll.class);
RolesAllowed rolesAllowed = mock(RolesAllowed.class);
String[] roleArray = new String[] { "admin" };
when(rolesAllowed.value()).thenReturn(roleArray);
SecurityLevel appSecurityLevel = mock(SecurityLevel.class);
SecurityLevel classSecurityLevel = mock(SecurityLevel.class);
List<SecurityLevel> securityLevels = new ArrayList<>();
securityLevels.add(appSecurityLevel);
securityLevels.add(classSecurityLevel);
EndpointConfig ep = mock(EndpointConfig.class);
when(ep.securityLevels()).thenReturn(securityLevels);
when(classSecurityLevel.filterAnnotations(PermitAll.class, EndpointConfig.AnnotationScope.METHOD)).thenReturn(List.of(permitAll));
when(classSecurityLevel.filterAnnotations(DenyAll.class, EndpointConfig.AnnotationScope.METHOD)).thenReturn(List.of(denyAll));
when(classSecurityLevel.filterAnnotations(RolesAllowed.class, EndpointConfig.AnnotationScope.METHOD)).thenReturn(List.of(rolesAllowed));
RoleValidator.RoleConfig rConfig = validator.fromAnnotations(ep);
Errors.Collector collector = Errors.collector();
ProviderRequest request = mock(ProviderRequest.class);
when(request.subject()).thenReturn(Optional.of(Subject.builder().principal(Principal.create("myAdmin")).addGrant(Role.create("admin")).build()));
when(request.service()).thenReturn(Optional.empty());
validator.validate(rConfig, collector, request);
if (collector.collect().isValid()) {
fail("DenyAll is set on this method, this should have failed");
}
}
Also used :
ArrayList(java.util.ArrayList)
ProviderRequest(io.helidon.security.ProviderRequest)
Errors(io.helidon.common.Errors)
DenyAll(jakarta.annotation.security.DenyAll)
RolesAllowed(jakarta.annotation.security.RolesAllowed)
SecurityLevel(io.helidon.security.SecurityLevel)
PermitAll(jakarta.annotation.security.PermitAll)
EndpointConfig(io.helidon.security.EndpointConfig)
Test(org.junit.jupiter.api.Test)
Example 12 with RolesAllowed
use of jakarta.annotation.security.RolesAllowed in project helidon by oracle.
the class RoleValidatorTest method testPermitAllAndRolesAndDenyAll.
@Test
void testPermitAllAndRolesAndDenyAll() {
RoleValidator validator = RoleValidator.create();
PermitAll permitAll = mock(PermitAll.class);
DenyAll denyAll = mock(DenyAll.class);
RolesAllowed rolesAllowed = mock(RolesAllowed.class);
String[] roleArray = new String[] { "admin" };
when(rolesAllowed.value()).thenReturn(roleArray);
SecurityLevel appSecurityLevel = mock(SecurityLevel.class);
SecurityLevel classSecurityLevel = mock(SecurityLevel.class);
List<SecurityLevel> securityLevels = new ArrayList<>();
securityLevels.add(appSecurityLevel);
securityLevels.add(classSecurityLevel);
EndpointConfig ep = mock(EndpointConfig.class);
when(ep.securityLevels()).thenReturn(securityLevels);
when(classSecurityLevel.filterAnnotations(PermitAll.class, EndpointConfig.AnnotationScope.CLASS)).thenReturn(List.of(permitAll));
when(classSecurityLevel.filterAnnotations(DenyAll.class, EndpointConfig.AnnotationScope.METHOD)).thenReturn(List.of(denyAll));
when(classSecurityLevel.filterAnnotations(RolesAllowed.class, EndpointConfig.AnnotationScope.METHOD)).thenReturn(List.of(rolesAllowed));
RoleValidator.RoleConfig rConfig = validator.fromAnnotations(ep);
Errors.Collector collector = Errors.collector();
ProviderRequest request = mock(ProviderRequest.class);
when(request.subject()).thenReturn(Optional.of(Subject.builder().principal(Principal.create("myAdmin")).addGrant(Role.create("admin")).build()));
when(request.service()).thenReturn(Optional.empty());
validator.validate(rConfig, collector, request);
if (collector.collect().isValid()) {
fail("DenyAll is set on this method, this should have failed");
}
}
Also used :
ArrayList(java.util.ArrayList)
ProviderRequest(io.helidon.security.ProviderRequest)
Errors(io.helidon.common.Errors)
DenyAll(jakarta.annotation.security.DenyAll)
RolesAllowed(jakarta.annotation.security.RolesAllowed)
SecurityLevel(io.helidon.security.SecurityLevel)
PermitAll(jakarta.annotation.security.PermitAll)
EndpointConfig(io.helidon.security.EndpointConfig)
Test(org.junit.jupiter.api.Test)
Aggregations
RolesAllowed (jakarta.annotation.security.RolesAllowed)12
EndpointConfig (io.helidon.security.EndpointConfig)7
SecurityLevel (io.helidon.security.SecurityLevel)7
ArrayList (java.util.ArrayList)7
ProviderRequest (io.helidon.security.ProviderRequest)6
DenyAll (jakarta.annotation.security.DenyAll)6
Test (org.junit.jupiter.api.Test)6
Errors (io.helidon.common.Errors)5
PermitAll (jakarta.annotation.security.PermitAll)5
SecurityContext (jakarta.ws.rs.core.SecurityContext)3
Annotation (java.lang.annotation.Annotation)3
Method (java.lang.reflect.Method)2
AuthorizationResponse (io.helidon.security.AuthorizationResponse)1
AbacAnnotation (io.helidon.security.providers.abac.AbacAnnotation)1
ForbiddenException (jakarta.ws.rs.ForbiddenException)1
NotAuthorizedException (jakarta.ws.rs.NotAuthorizedException)1
ConfigAttribute (org.springframework.security.access.ConfigAttribute)1
