Examples with UserPermissionCheck nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck used on opensource projects

Search in sources :

Example 6 with UserPermissionCheck

use of nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck in project timbuctoo by HuygensING.

the class MutationHelpers method checkAdminPermissions.

public static void checkAdminPermissions(DataFetchingEnvironment env, DataSetMetaData dataSetMetaData) throws RuntimeException {
    ContextData contextData = env.getContext();
    UserPermissionCheck userPermissionCheck = contextData.getUserPermissionCheck();
    if (!userPermissionCheck.getPermissions(dataSetMetaData).contains(Permission.ADMIN)) {
        throw new RuntimeException("You are not admin of this dataset");
    }
}
Also used : ContextData(nl.knaw.huygens.timbuctoo.v5.graphql.datafetchers.dto.ContextData) UserPermissionCheck(nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck)

Example 7 with UserPermissionCheck

use of nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck in project timbuctoo by HuygensING.

the class PermissionBasedFieldVisibilityTest method getFieldDefinitionReturnsFieldDefinitionIfUserHasPermission.

@Test
public void getFieldDefinitionReturnsFieldDefinitionIfUserHasPermission() throws Exception {
    final DataSetRepository dataSetRepository = mock(DataSetRepository.class);
    DataSet dataSet = createDataSetWithUserPermissions("user__dataSetUserHasAccessTo", Sets.newHashSet(Permission.READ));
    DataSet dataSet2 = createDataSetWithUserPermissions("user__dataSetUserDoesNotHasAccessTo", Sets.newHashSet());
    Collection<DataSet> dataSetCollection = Sets.newHashSet(dataSet, dataSet2);
    given(dataSetRepository.getDataSets()).willReturn(dataSetCollection);
    final PermissionBasedFieldVisibility permissionBasedFieldVisibility = new PermissionBasedFieldVisibility(userPermissionCheck, dataSetRepository);
    final GraphQLFieldsContainer graphQlFieldsContainer = createGraphQlFieldsContainer("user__dataSetUserHasAccessTo", "user__dataSetUserDoesNotHasAccessTo");
    GraphQLFieldDefinition retrievedGraphQlFieldDefinition = permissionBasedFieldVisibility.getFieldDefinition(graphQlFieldsContainer, "user__dataSetUserHasAccessTo");
    assertThat(retrievedGraphQlFieldDefinition, hasProperty("name", is("user__dataSetUserHasAccessTo")));
}
Also used : DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) DataSetRepository(nl.knaw.huygens.timbuctoo.v5.dataset.DataSetRepository) GraphQLFieldDefinition(graphql.schema.GraphQLFieldDefinition) GraphQLFieldsContainer(graphql.schema.GraphQLFieldsContainer) Test(org.junit.Test)

Example 8 with UserPermissionCheck

use of nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck in project timbuctoo by HuygensING.

the class PermissionBasedFieldVisibilityTest method getFieldDefinitionReturnsNullIfUserHasNoPermission.

@Test
public void getFieldDefinitionReturnsNullIfUserHasNoPermission() throws Exception {
    final DataSetRepository dataSetRepository = mock(DataSetRepository.class);
    DataSet dataSet = createDataSetWithUserPermissions("user__dataSetUserHasAccessTo", Sets.newHashSet(Permission.READ));
    DataSet dataSet2 = createDataSetWithUserPermissions("user__dataSetUserDoesNotHasAccessTo", Sets.newHashSet());
    Collection<DataSet> dataSetCollection = Sets.newHashSet(dataSet, dataSet2);
    given(dataSetRepository.getDataSets()).willReturn(dataSetCollection);
    final PermissionBasedFieldVisibility permissionBasedFieldVisibility = new PermissionBasedFieldVisibility(userPermissionCheck, dataSetRepository);
    final GraphQLFieldsContainer graphQlFieldsContainer = createGraphQlFieldsContainer("user__dataSetUserHasAccessTo", "user__dataSetUserDoesNotHasAccessTo");
    GraphQLFieldDefinition retrievedGraphQlFieldDefinition = permissionBasedFieldVisibility.getFieldDefinition(graphQlFieldsContainer, "user__dataSetUserDoesNotHasAccessTo");
    assertThat(retrievedGraphQlFieldDefinition, is(nullValue()));
}
Also used : DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) DataSetRepository(nl.knaw.huygens.timbuctoo.v5.dataset.DataSetRepository) GraphQLFieldDefinition(graphql.schema.GraphQLFieldDefinition) GraphQLFieldsContainer(graphql.schema.GraphQLFieldsContainer) Test(org.junit.Test)

Example 9 with UserPermissionCheck

use of nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck in project timbuctoo by HuygensING.

the class PermissionBasedFieldVisibilityTest method getFieldDefinitionsShowsOnlyDataSetsThatUserHasAccessTo.

@Test
public void getFieldDefinitionsShowsOnlyDataSetsThatUserHasAccessTo() throws Exception {
    final DataSetRepository dataSetRepository = mock(DataSetRepository.class);
    DataSet dataSet = createDataSetWithUserPermissions("user__dataSetUserHasAccessTo", Sets.newHashSet(Permission.READ));
    DataSet dataSet2 = createDataSetWithUserPermissions("user__dataSetUserDoesNotHasAccessTo", Sets.newHashSet());
    Collection<DataSet> dataSetCollection = Sets.newHashSet(dataSet, dataSet2);
    given(dataSetRepository.getDataSets()).willReturn(dataSetCollection);
    final PermissionBasedFieldVisibility permissionBasedFieldVisibility = new PermissionBasedFieldVisibility(userPermissionCheck, dataSetRepository);
    final GraphQLFieldsContainer graphQlFieldsContainer = createGraphQlFieldsContainer("user__dataSetUserHasAccessTo", "user__dataSetUserDoesNotHasAccessTo");
    List<GraphQLFieldDefinition> retrievedGraphQlFieldDefinitions = permissionBasedFieldVisibility.getFieldDefinitions(graphQlFieldsContainer);
    assertThat(retrievedGraphQlFieldDefinitions, contains(hasProperty("name", is("user__dataSetUserHasAccessTo"))));
}
Also used : DataSet(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet) DataSetRepository(nl.knaw.huygens.timbuctoo.v5.dataset.DataSetRepository) GraphQLFieldDefinition(graphql.schema.GraphQLFieldDefinition) GraphQLFieldsContainer(graphql.schema.GraphQLFieldsContainer) Test(org.junit.Test)

Example 10 with UserPermissionCheck

use of nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck in project timbuctoo by HuygensING.

the class UserPermissionCheckTest method getPermissionsReturnsNoPermissionsForEmptyUserIfPublicDataSet.

@Test
public void getPermissionsReturnsNoPermissionsForEmptyUserIfPublicDataSet() {
    PermissionFetcher permissionFetcher = mock(PermissionFetcher.class);
    Set<Permission> defaultPermissions = Sets.newHashSet(Permission.READ);
    UserPermissionCheck userPermissionCheck = new UserPermissionCheck(Optional.empty(), permissionFetcher, defaultPermissions);
    DataSetMetaData dataSetMetaData = mock(BasicDataSetMetaData.class);
    given(dataSetMetaData.isPublished()).willReturn(true);
    Set<Permission> permissions = userPermissionCheck.getPermissions(dataSetMetaData);
    assertEquals(Sets.newHashSet(Permission.READ), permissions);
}
Also used : PermissionFetcher(nl.knaw.huygens.timbuctoo.v5.security.PermissionFetcher) Permission(nl.knaw.huygens.timbuctoo.v5.security.dto.Permission) DataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSetMetaData) BasicDataSetMetaData(nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 DataSetRepository (nl.knaw.huygens.timbuctoo.v5.dataset.DataSetRepository)6 DataSet (nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSet)6 GraphQLFieldDefinition (graphql.schema.GraphQLFieldDefinition)5 GraphQLFieldsContainer (graphql.schema.GraphQLFieldsContainer)5 DataSetMetaData (nl.knaw.huygens.timbuctoo.v5.dataset.dto.DataSetMetaData)3 UserPermissionCheck (nl.knaw.huygens.timbuctoo.v5.graphql.security.UserPermissionCheck)3 Permission (nl.knaw.huygens.timbuctoo.v5.security.dto.Permission)3 GraphQLSchema (graphql.schema.GraphQLSchema)2 BasicDataSetMetaData (nl.knaw.huygens.timbuctoo.v5.dataset.dto.BasicDataSetMetaData)2 RootData (nl.knaw.huygens.timbuctoo.v5.graphql.datafetchers.dto.RootData)2 User (nl.knaw.huygens.timbuctoo.v5.security.dto.User)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Charsets (com.google.common.base.Charsets)1 Resources (com.google.common.io.Resources)1 Resources.getResource (com.google.common.io.Resources.getResource)1 ExecutionResult (graphql.ExecutionResult)1 GraphQL (graphql.GraphQL)1 RuntimeWiring (graphql.schema.idl.RuntimeWiring)1 SchemaGenerator (graphql.schema.idl.SchemaGenerator)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial