Example 31 with Role
use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.
the class DelegatedMgrImplTest method canAssignUsers.
/**
* @param msg
* @param op
* @param uraArray
* @param uaArray
* @param uArray
* @param rArray
*/
public static void canAssignUsers(String msg, ASSIGN_OP op, String[][] uraArray, String[][] uaArray, String[][] uArray, String[][] rArray) {
LogUtil.logIt(msg);
Role role;
Map<URA, URA> uraTestResults = URATestData.getURAs(uraArray);
try {
DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance(TestUtils.getContext());
AccessMgr accessMgr = (AccessMgr) delAccessMgr;
int i = 0;
for (String[] aUsr : uaArray) {
User aUser = UserTestData.getUser(aUsr);
Session session = accessMgr.createSession(aUser, false);
assertNotNull(session);
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
i++;
for (String[] rle : rArray) {
role = RoleTestData.getRole(rle);
String methodName;
boolean result;
if (op == ASSIGN_OP.ASSIGN) {
result = delAccessMgr.canAssign(session, user, role);
methodName = ".canAssignUsers";
} else {
result = delAccessMgr.canDeassign(session, user, role);
methodName = ".canDeassignUsers";
}
List<UserAdminRole> aRoles = session.getAdminRoles();
assertNotNull(aRoles);
assertTrue(CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1);
// since this user should only have one admin role, get the first one from list:
UserAdminRole aRole = aRoles.get(0);
URA sourceUra = new URA(aRole.getName(), user.getOu(), role.getName(), result);
URA targetUra = uraTestResults.get(sourceUra);
assertTrue(CLS_NM + methodName + " cannot find target URA admin role [" + sourceUra.getArole() + " uou [" + sourceUra.getUou() + "] role [" + sourceUra.getUrole() + "] Result [" + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null);
LOG.debug(methodName + " User [" + user.getUserId() + "] success URA using admin role [" + targetUra.getArole() + " uou [" + targetUra.getUou() + "] role [" + targetUra.getUrole() + "] target result [" + targetUra.isCanAssign() + "] actual result [" + result + "]");
}
}
}
} catch (SecurityException ex) {
LOG.error("canAssignUsers op [" + op + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
DelAccessMgr(org.apache.directory.fortress.core.DelAccessMgr)
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
DelAccessMgr(org.apache.directory.fortress.core.DelAccessMgr)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
Session(org.apache.directory.fortress.core.model.Session)
Example 32 with Role
use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.
the class DelegatedMgrImplTest method canGrantPerms.
/**
* @param msg
* @param op
* @param uraArray
* @param uaArray
* @param pArray
* @param rArray
*/
public static void canGrantPerms(String msg, GRANT_OP op, String[][] uraArray, String[][] uaArray, String[][] pArray, String[][] rArray) {
LogUtil.logIt(msg);
Role role;
Map<PRA, PRA> praTestResults = PRATestData.getPRAs(uraArray);
try {
DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance(TestUtils.getContext());
AccessMgr accessMgr = (AccessMgr) delAccessMgr;
int i = 0;
for (String[] aUsr : uaArray) {
User aUser = UserTestData.getUser(aUsr);
Session session = accessMgr.createSession(aUser, false);
assertNotNull(session);
for (String[] prm : pArray) {
PermObj pObj = PermTestData.getObj(prm);
i++;
for (String[] rle : rArray) {
role = RoleTestData.getRole(rle);
String methodName;
boolean result;
if (op == GRANT_OP.GRANT) {
result = delAccessMgr.canGrant(session, role, new Permission(pObj.getObjName(), ""));
methodName = ".canGrantPerms";
} else {
result = delAccessMgr.canRevoke(session, role, new Permission(pObj.getObjName(), ""));
methodName = ".canRevokePerms";
}
List<UserAdminRole> aRoles = session.getAdminRoles();
assertNotNull(aRoles);
assertTrue(CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1);
UserAdminRole aRole = aRoles.get(0);
PRA sourceUra = new PRA(aRole.getName(), pObj.getOu(), role.getName(), result);
PRA targetUra = praTestResults.get(sourceUra);
assertTrue(CLS_NM + methodName + " cannot find target PRA admin role [" + sourceUra.getArole() + " pou [" + sourceUra.getPou() + "] role [" + sourceUra.getUrole() + "] Result [" + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null);
LOG.debug(methodName + " failed target PRA admin role [" + targetUra.getArole() + " pou [" + targetUra.getPou() + "] role [" + targetUra.getUrole() + "] target result [" + targetUra.isCanAssign() + "] actual result [" + result + "]");
}
}
}
} catch (SecurityException ex) {
LOG.error("canGrantPerms op [" + op + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
PermObj(org.apache.directory.fortress.core.model.PermObj)
User(org.apache.directory.fortress.core.model.User)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
DelAccessMgr(org.apache.directory.fortress.core.DelAccessMgr)
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
DelAccessMgr(org.apache.directory.fortress.core.DelAccessMgr)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
Permission(org.apache.directory.fortress.core.model.Permission)
Session(org.apache.directory.fortress.core.model.Session)
Example 33 with Role
use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.
the class FortressAntLoadTest method testReadRole.
@Test
public void testReadRole() {
// gather role input data:
List<Addrole> addroles = fortressAntTask.getAddroles();
for (Addrole addrole : addroles) {
List<Role> roles = addrole.getRoles();
readRoles("RD-RLS", roles);
}
}Example 34 with Role
use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.
the class GroupMgrImplTest method roleGroups.
private void roleGroups(String message, String[][] roles, List<Group> expectedGroups) {
LogUtil.logIt(message);
try {
groupMgr = GroupMgrFactory.createInstance(TestUtils.getContext());
for (String[] roleArray : roles) {
Role role = RoleTestData.getRole(roleArray);
List<Group> actualGroups = groupMgr.roleGroups(role);
LOG.debug("roleGroups role [" + role.getName() + "] successful");
assertNotNull(actualGroups);
// The two list sizes better match or fail the test case.
assertTrue(CLS_NM + "roleGroups list size test case", actualGroups.size() == expectedGroups.size());
// For each actual group, check to see if it was in expected. If not fail the test case.
for (Group actualGroup : actualGroups) {
assertTrue(CLS_NM + ".roleGroups actual group name [" + actualGroup.getName() + "] not found", expectedGroups.contains(actualGroup));
// TODO : should compare members in expected groups to members in actual groups.
}
}
} catch (SecurityException ex) {
ex.printStackTrace();
LOG.error("groupRoles: caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
Role(org.apache.directory.fortress.core.model.Role)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Group(org.apache.directory.fortress.core.model.Group)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 35 with Role
use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.
the class AdminMgrConsole method updateRole.
void updateRole() {
Role re = new Role();
try {
ReaderUtil.clearScreen();
System.out.println("Enter role name:");
re.setName(ReaderUtil.readLn());
System.out.println("Enter Role's description field");
re.setDescription(ReaderUtil.readLn());
Role re2 = am.updateRole(re);
System.out.println("name [" + re2.getName() + "]");
System.out.println("internalId [" + re2.getId() + "]");
System.out.println("name description [" + re2.getDescription() + "]");
System.out.println("has been updated");
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("updateRole caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}Aggregations
Role (org.apache.directory.fortress.core.model.Role)117
UserRole (org.apache.directory.fortress.core.model.UserRole)83
SecurityException (org.apache.directory.fortress.core.SecurityException)66
AdminMgr (org.apache.directory.fortress.core.AdminMgr)40
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)30
User (org.apache.directory.fortress.core.model.User)30
AdminRole (org.apache.directory.fortress.core.model.AdminRole)25
Permission (org.apache.directory.fortress.core.model.Permission)24
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)17
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)15
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)15
Relationship (org.apache.directory.fortress.core.model.Relationship)7
SDSet (org.apache.directory.fortress.core.model.SDSet)7
FinderException (org.apache.directory.fortress.core.FinderException)6
PermObj (org.apache.directory.fortress.core.model.PermObj)6
ArrayList (java.util.ArrayList)5
Group (org.apache.directory.fortress.core.model.Group)5
Constraint (org.apache.directory.fortress.core.model.Constraint)4
FortRequest (org.apache.directory.fortress.core.model.FortRequest)4
FortResponse (org.apache.directory.fortress.core.model.FortResponse)4
