use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AdminMgrImplTest method assertRoleConstraintSize.
private void assertRoleConstraintSize(String userId, String roleName, int size) throws SecurityException {
boolean roleFound = false;
ReviewMgr reviewMgr = ReviewMgrImplTest.getManagedReviewMgr();
List<UserRole> userRoles = reviewMgr.readUser(new User(userId)).getRoles();
for (UserRole ur : userRoles) {
if (ur.getName().equals(roleName)) {
assertEquals(size, ur.getRoleConstraints().size());
roleFound = true;
}
}
if (!roleFound) {
fail("Role with name " + roleName + " not found");
}
}
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AdminMgrImplTest method testRemoveUserRoleConstraint.
public void testRemoveUserRoleConstraint() throws SecurityException {
this.assertRoleConstraintSize(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0], 1);
RoleConstraint rc1 = assignUserRoleConstraint("ASGN-URC-VALID TU1 TR1", UserTestData.USERS_TU1[0], RoleTestData.ROLES_TR1[1], URATestData.getRC(URATestData.URC_T2));
RoleConstraint rc2 = assignUserRoleConstraint("ASGN-URC-VALID TU1 TR1", UserTestData.USERS_TU1[0], RoleTestData.ROLES_TR1[1], URATestData.getRC(URATestData.URC_T3));
this.assertRoleConstraintSize(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0], 3);
AdminMgr adminMgr = getManagedAdminMgr();
adminMgr.removeRoleConstraint(new UserRole(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0]), rc1);
this.assertRoleConstraintSize(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0], 2);
adminMgr.removeRoleConstraint(new UserRole(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0]), rc2.getId());
this.assertRoleConstraintSize(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0], 1);
}
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class FortressAntLoadTest method assignedRoles.
private static void assignedRoles(String msg, List<UserRole> userroles) {
LogUtil.logIt(msg);
try {
ReviewMgr reviewMgr = ReviewMgrImplTest.getManagedReviewMgr();
for (UserRole userrole : userroles) {
List<UserRole> assignedRoles = reviewMgr.assignedRoles(new User(userrole.getUserId()));
assertNotNull(assignedRoles);
int indx = assignedRoles.indexOf(userrole);
assertTrue("Failed userrole name", indx != -1);
UserRole assignedRole = assignedRoles.get(indx);
TestUtils.assertTemporal(CLS_NM + ".assertEquals", userrole, assignedRole);
}
} catch (SecurityException ex) {
LOG.error("assignedRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class FortressAntLoadTest method checkPermissions.
/**
* @param msg
* @param permissions
*/
private void checkPermissions(String msg, List<UserAnt> users, List<PermAnt> permissions) {
String DATE_FORMAT = "E yyyy.MM.dd 'at' hh:mm:ss a zzz";
SimpleDateFormat format = new SimpleDateFormat(DATE_FORMAT);
Date now = new Date();
String szTimestamp = format.format(now);
AccessMgr accessMgr = null;
CSVWriter writer = null;
LogUtil.logIt(msg);
try {
accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
writer = new CSVWriter(new FileWriter(fileName + ".csv"), '\t');
String[] entries = "user#resource#operation#result#assigned roles#activated roles#timestamp#warnings".split("#");
writer.writeNext(entries);
} catch (SecurityException ex) {
LOG.error("checkPermissions caught SecurityException creating AccessMgr rc=" + ex.getErrorId() + ", " + "msg=" + ex.getMessage() + ex);
// Can't continue without AccessMgr
fail(ex.getMessage());
} catch (IOException ioe) {
String error = "File IO Exception=" + ioe;
LOG.warn(error);
// Can't continue without output file to write the results in
fail(ioe.getMessage());
}
for (UserAnt user : users) {
try {
List<String> warnings = null;
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
if (session.getWarnings() != null) {
warnings = new ArrayList();
for (Warning warning : session.getWarnings()) {
warnings.add(warning.getMsg());
}
}
ReviewMgr reviewMgr = ReviewMgrImplTest.getManagedReviewMgr();
List<UserRole> assignedRoles = reviewMgr.assignedRoles(user);
for (PermAnt permAnt : permissions) {
Boolean result = accessMgr.checkAccess(session, permAnt);
// TODO: send this message as CSV output file:
LOG.info("User: " + user.getUserId() + " Perm Obj: " + permAnt.getObjName() + " Perm " + "Operation: " + permAnt.getOpName() + " RESULT: " + result);
String[] entries = (user.getUserId() + "#" + permAnt.getObjName() + "#" + permAnt.getOpName() + "#" + result + "#" + assignedRoles + "#" + session.getUser().getRoles() + "#" + szTimestamp + "#" + warnings).split("#");
writer.writeNext(entries);
}
} catch (SecurityException ex) {
// Log but don't fail test so entire permission matrix can be evaluated.
LOG.error("checkPermissions caught SecurityException rc=" + ex.getErrorId() + ", " + "msg=" + ex.getMessage() + ex);
}
}
try {
writer.close();
} catch (IOException ioe) {
// ignore
}
}
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class ReviewMgrImplTest method testDeassignRoleWithRoleConstraint.
public void testDeassignRoleWithRoleConstraint() throws SecurityException {
AdminMgr adminMgr = AdminMgrImplTest.getManagedAdminMgr();
adminMgr.deassignUser(new UserRole(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0]));
ReviewMgr reviewMgr = getManagedReviewMgr();
reviewMgr.assignedRoles(new User(UserTestData.USERS_TU1[0][0]));
adminMgr.assignUser(new UserRole(UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0]));
}
Aggregations