Examples with Account net.nemerosa.ontrack.model.security.Account used on opensource projects

Example 1 with Account

use of net.nemerosa.ontrack.model.security.Account in project ontrack by nemerosa.

the class BuildFilterServiceImpl method getBuildFilters.

@Override
public Collection<BuildFilterResource<?>> getBuildFilters(ID branchId) {
    Branch branch = structureService.getBranch(branchId);
    // Are we logged?
    Account account = securityService.getCurrentAccount();
    if (account != null) {
        // Gets the filters for this account and the branch
        return buildFilterRepository.findForBranch(OptionalInt.of(account.id()), branchId.getValue()).stream().map(t -> loadBuildFilterResource(branch, t)).filter(Optional::isPresent).map(Optional::get).collect(Collectors.toList());
    } else // Not logged, no filter
    {
        // Gets the filters for the branch
        return buildFilterRepository.findForBranch(OptionalInt.empty(), branchId.get()).stream().map(t -> loadBuildFilterResource(branch, t)).filter(Optional::isPresent).map(Optional::get).collect(Collectors.toList());
    }
}

Example 2 with Account

use of net.nemerosa.ontrack.model.security.Account in project ontrack by nemerosa.

the class BuildFilterServiceImpl method saveFilter.

@Override
public Ack saveFilter(ID branchId, boolean shared, String name, String type, JsonNode parameters) {
    // Checks the account
    if (shared) {
        Account account = securityService.getCurrentAccount();
        // Gets the branch
        Branch branch = structureService.getBranch(branchId);
        // Checks access rights
        securityService.checkProjectFunction(branch, BranchFilterMgt.class);
        // Deletes any previous filter
        int currentAccountId = account.id();
        buildFilterRepository.findByBranchAndName(currentAccountId, branchId.get(), name).ifPresent((filter) -> buildFilterRepository.delete(currentAccountId, branchId.get(), name, true));
        // No account to be used
        return doSaveFilter(OptionalInt.empty(), branchId, name, type, parameters);
    } else {
        Account account = securityService.getCurrentAccount();
        if (account == null) {
            return Ack.NOK;
        } else {
            // Saves it for this account
            return doSaveFilter(OptionalInt.of(account.id()), branchId, name, type, parameters);
        }
    }
}

Example 3 with Account

use of net.nemerosa.ontrack.model.security.Account in project ontrack by nemerosa.

the class SecurityServiceIT method read_only_on_all_projects.

@Test
public void read_only_on_all_projects() throws Exception {
    withNoGrantViewToAll(() -> {
        // Creates two projects
        Project p1 = doCreateProject();
        Project p2 = doCreateProject();
        // Creates an account authorised to access all projects
        Account account = doCreateAccountWithGlobalRole("READ_ONLY");
        return asAccount(account).call(() -> {
            // With this account, gets the list of projects
            List<Project> list = structureService.getProjectList();
            // Checks we only have the two projects (among all others)
            assertTrue(list.size() >= 2);
            assertTrue(list.stream().anyMatch(project -> StringUtils.equals(p1.getName(), project.getName())));
            assertTrue(list.stream().anyMatch(project -> StringUtils.equals(p2.getName(), project.getName())));
            // Access to the projects
            assertTrue(structureService.findProjectByName(p1.getName()).isPresent());
            assertNotNull(structureService.getProject(p1.getId()));
            assertTrue(structureService.findProjectByName(p2.getName()).isPresent());
            assertNotNull(structureService.getProject(p2.getId()));
            // OK
            return true;
        });
    });
}

Example 4 with Account

use of net.nemerosa.ontrack.model.security.Account in project ontrack by nemerosa.

the class SecurityServiceIT method read_only_on_one_project.

@Test
public void read_only_on_one_project() throws Exception {
    withNoGrantViewToAll(() -> {
        // Creates two projects
        Project p1 = doCreateProject();
        Project p2 = doCreateProject();
        // Creates an account authorised to access only one project
        Account account = doCreateAccountWithProjectRole(p2, "READ_ONLY");
        return asAccount(account).call(() -> {
            // With this account, gets the list of projects
            List<Project> list = structureService.getProjectList();
            // Checks we only have one project
            assertEquals(1, list.size());
            assertEquals(p2.getName(), list.get(0).getName());
            // Access to the authorised project
            assertTrue(structureService.findProjectByName(p2.getName()).isPresent());
            assertNotNull(structureService.getProject(p2.getId()));
            // No access to the other project
            assertFalse(structureService.findProjectByName(p1.getName()).isPresent());
            try {
                structureService.getProject(p1.getId());
                fail("Project is not authorised");
            } catch (AccessDeniedException ignored) {
                assertTrue("Project cannot be found", true);
            }
            // OK
            return true;
        });
    });
}

Example 5 with Account

use of net.nemerosa.ontrack.model.security.Account in project ontrack by nemerosa.

the class SecurityServiceIT method getCurrentAccount_none.

@Test
public void getCurrentAccount_none() throws Exception {
    Account account = securityService.getCurrentAccount();
    assertNull(account);
}