Example 11 with Session
use of oap.http.Session in project oap by oaplatform.
the class WsServiceSessionTest method testShouldVerifySessionPropagation.
@Test
public void testShouldVerifySessionPropagation() {
final Session session = new Session();
LinkedHashMap<Integer, Integer> map = Maps.of(__(1, 2));
session.set("map", map);
session.set(Interceptor.AUTHORIZATION, "987654321");
sessionManager.put("123456", session);
assertGet(HttpAsserts.HTTP_URL("/test/"), Maps.empty(), Maps.of(__("Cookie", "Authorization=987654321; SID=123456"))).hasCode(200).hasBody(Binder.json.marshal(map));
}Example 12 with Session
use of oap.http.Session in project oap by oaplatform.
the class SecurityInterceptor2 method postProcessing.
@Override
public Object postProcessing(Object value, Session session, Reflection.Method method) {
val annotation = method.findAnnotation(WsSecurityWithPermissions.class).orElse(null);
if (annotation == null)
return value;
if (value instanceof List<?>) {
return ((List<?>) value).stream().map(v -> postProcessing(v, session, method)).collect(toList());
}
val userId = (String) session.get(USER_ID).orElse(null);
val id = IdFactory.getId(value);
List<String> res = aclService.checkAll(id, userId);
if (annotation.includeRootPermissions()) {
res = new ArrayList<>(res);
res.addAll(aclService.checkAll(AclService.ROOT, userId));
}
return new ObjectWithPermissions<>(res, value);
}
Also used :
lombok.val(lombok.val)
Reflection(oap.reflect.Reflection)
lombok.val(lombok.val)
IdFactory(oap.util.IdFactory)
Function(java.util.function.Function)
Request(oap.http.Request)
String.format(java.lang.String.format)
ArrayList(java.util.ArrayList)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Collectors.toList(java.util.stream.Collectors.toList)
lombok.experimental.var(lombok.experimental.var)
Interceptor(oap.ws.Interceptor)
Session(oap.http.Session)
AclService(oap.security.acl.AclService)
Optional(java.util.Optional)
HttpResponse(oap.http.HttpResponse)
ArrayList(java.util.ArrayList)
List(java.util.List)
Collectors.toList(java.util.stream.Collectors.toList)
Example 13 with Session
use of oap.http.Session in project oap by oaplatform.
the class SecurityInterceptor2Test method testShouldNotCheckMethodWithoutAnnotation.
@Test
public void testShouldNotCheckMethodWithoutAnnotation() {
val methodWithAnnotation = REFLECTION.method(method -> method.name().equals("methodWithoutAnnotation")).get();
val httpResponse = securityInterceptor.intercept(new MockRequest(), new Session(), methodWithAnnotation, p -> null);
assertThat(httpResponse).isEmpty();
}
Also used :
lombok.val(lombok.val)
DateTimeUtils(org.joda.time.DateTimeUtils)
Reflection(oap.reflect.Reflection)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Test(org.testng.annotations.Test)
Collections.singletonList(java.util.Collections.singletonList)
Reflect(oap.reflect.Reflect)
InetAddress(java.net.InetAddress)
Arrays.asList(java.util.Arrays.asList)
USER_ID(oap.ws.Interceptor.USER_ID)
Session(oap.http.Session)
MockRequest(oap.http.testng.MockRequest)
AclService(oap.security.acl.AclService)
Id(oap.util.Id)
Context(oap.http.Context)
WsParam(oap.ws.WsParam)
lombok.val(lombok.val)
UUID(java.util.UUID)
Mockito.when(org.mockito.Mockito.when)
UnknownHostException(java.net.UnknownHostException)
Request(oap.http.Request)
List(java.util.List)
HttpGet(org.apache.http.client.methods.HttpGet)
Optional(java.util.Optional)
Protocol(oap.http.Protocol)
Mockito.mock(org.mockito.Mockito.mock)
MockRequest(oap.http.testng.MockRequest)
Session(oap.http.Session)
Test(org.testng.annotations.Test)
Example 14 with Session
use of oap.http.Session in project oap by oaplatform.
the class SecurityInterceptor2Test method testPostProcessing.
@Test
public void testPostProcessing() {
when(mockAclService.checkAll("1", "testUser")).thenReturn(asList("test1.read"));
final Session session = new Session();
session.set(USER_ID, "testUser");
val methodWithAnnotation = REFLECTION.method(method -> method.name().equals("methodWithAnnotation")).get();
val op = (ObjectWithPermissions) securityInterceptor.postProcessing(new TestAPI.Res("1"), session, methodWithAnnotation);
assertThat(op.permissions).containsExactlyInAnyOrder("test1.read");
}
Also used :
lombok.val(lombok.val)
DateTimeUtils(org.joda.time.DateTimeUtils)
Reflection(oap.reflect.Reflection)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Test(org.testng.annotations.Test)
Collections.singletonList(java.util.Collections.singletonList)
Reflect(oap.reflect.Reflect)
InetAddress(java.net.InetAddress)
Arrays.asList(java.util.Arrays.asList)
USER_ID(oap.ws.Interceptor.USER_ID)
Session(oap.http.Session)
MockRequest(oap.http.testng.MockRequest)
AclService(oap.security.acl.AclService)
Id(oap.util.Id)
Context(oap.http.Context)
WsParam(oap.ws.WsParam)
lombok.val(lombok.val)
UUID(java.util.UUID)
Mockito.when(org.mockito.Mockito.when)
UnknownHostException(java.net.UnknownHostException)
Request(oap.http.Request)
List(java.util.List)
HttpGet(org.apache.http.client.methods.HttpGet)
Optional(java.util.Optional)
Protocol(oap.http.Protocol)
Mockito.mock(org.mockito.Mockito.mock)
Session(oap.http.Session)
Test(org.testng.annotations.Test)
Aggregations
Session (oap.http.Session)14
Optional (java.util.Optional)12
Request (oap.http.Request)12
Reflection (oap.reflect.Reflection)12
UUID (java.util.UUID)11
Reflect (oap.reflect.Reflect)11
Test (org.testng.annotations.Test)11
List (java.util.List)10
lombok.val (lombok.val)10
InetAddress (java.net.InetAddress)9
UnknownHostException (java.net.UnknownHostException)9
Context (oap.http.Context)9
Protocol (oap.http.Protocol)9
HttpGet (org.apache.http.client.methods.HttpGet)9
Mockito.mock (org.mockito.Mockito.mock)9
Mockito.when (org.mockito.Mockito.when)9
AclService (oap.security.acl.AclService)8
Arrays.asList (java.util.Arrays.asList)7
Collections.singletonList (java.util.Collections.singletonList)7
MockRequest (oap.http.testng.MockRequest)7
