Examples with UserRole org.apache.directory.fortress.core.model.UserRole used on opensource projects

Example 61 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class ReviewMgrImplTest method assignedRoles.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void assignedRoles(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        ReviewMgr reviewMgr = getManagedReviewMgr();
        for (String[] usr : uArray) {
            User user = reviewMgr.readUser(new User(UserTestData.getUserId(usr)));
            assertNotNull(user);
            List<UserRole> uRoles = reviewMgr.assignedRoles(user);
            assertTrue(CLS_NM + "assignedRoles list size check", rArray.length == uRoles.size());
            for (String[] url : rArray) {
                int indx = uRoles.indexOf(RoleTestData.getUserRole(UserTestData.getUserId(usr), url));
                if (indx != -1) {
                    UserRole uRole = uRoles.get(indx);
                    assertNotNull(uRole);
                    RoleTestData.assertEquals(UserTestData.getUserId(usr), uRole, url);
                    LOG.debug("assignedRoles userId [" + uRole.getUserId() + "] role [" + uRole.getName() + "] successful");
                } else {
                    msg = "assignedRoles userId [" + user.getUserId() + "] role [" + RoleTestData.getName(url) + "] failed list search";
                    LogUtil.logIt(msg);
                    fail(msg);
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("assignedRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 62 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class RoleTestData method getUserRole.

/**
 * @param userId
 * @param urle
 * @return
 */
public static UserRole getUserRole(String userId, String[] urle) {
    UserRole uRole = (UserRole) getUserRoleConstraint(urle);
    uRole.setName(getName(urle));
    uRole.setUserId(userId);
    return uRole;
}

Example 63 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class CreateSessionSample method createSession.

/**
 * Calls AccessMgr createSession API.  Will check to ensure the RBAC Session contains the expected number of Roles
 * activated.
 *
 * @param userId  Case insensitive userId.
 * @param password Password is case sensitive, clear text but is stored in directory as hashed value.
 * @param expectedRoles integer contains the expected number of Roles in the Session.
 */
public static void createSession(String userId, String password, int expectedRoles) {
    String szLocation = ".createSession";
    try {
        // Instantiate the AccessMgr implementation which perform runtime RBAC operations.
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        // The User entity is used to pass data into the createSession API.
        User user = new User(userId, password);
        // This API will return a Session object that contains the User's activated Roles and other info.
        Session session = accessMgr.createSession(user, false);
        // createSession will throw SecurityException if fails thus the Session should never be null.
        assertNotNull(session);
        // Pull the userId from the Session.
        String sessUserId = accessMgr.getUserId(session);
        assertTrue(szLocation + " failed compare found userId in session [" + sessUserId + "] valid userId [" + userId + "]", userId.equalsIgnoreCase(sessUserId));
        // Get the User's activated Roles.
        List<UserRole> uRoles = session.getRoles();
        // do some validations
        assertNotNull(uRoles);
        assertEquals(szLocation + " user role check failed list size user [" + user.getUserId() + "]", expectedRoles, uRoles.size());
        // now try negative test case:
        try {
            // this better fail
            User userBad = new User(user.getUserId(), "badpw");
            // The API will authenticate the User password, evaluate password policies and perform Role activations.
            accessMgr.createSession(userBad, false);
            fail(szLocation + " userId [" + userId + "]  failed negative test");
        } catch (PasswordException pe) {
            assertTrue(szLocation + " userId [" + userId + "]  excep id check", pe.getErrorId() == GlobalErrIds.USER_PW_INVLD);
        // pass
        } catch (SecurityException se) {
            fail(szLocation + " userId [" + userId + "]  failed with unexpected errorId" + se.getErrorId() + " msg=" + se.getMessage());
        // pass
        }
        LOG.info(szLocation + " userId [" + userId + "] successful");
    } catch (SecurityException ex) {
        LOG.error(szLocation + " userId [" + userId + "]  caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 64 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class LoadTestUserSample method testAssignUser.

/**
 * Demonstrate how to create a simple user and assign to a single RBAC Role in one API call.  The example will
 * also read the User back from LDAP after creation but this is not required for real world examples.
 */
public static void testAssignUser() {
    String szLocation = ".testCreateUser";
    try {
        // Instantiate the AdminMgr implementation.  All AdminMgr APIs can throw a SecurityException in the event
        // of rule violation or system error.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // You do not have to assign a Role to User when calling 'addUser'.  Role assignment may be done using the 'assignUser' API.
        /**
         * Create new User entity:
         *   {@link org.apache.directory.fortress.core.model.User#userId}="sampleUser1"
         *   {@link User#password}="password1"
         *   {@link User#setRole(String)}="sampleRole1"
         *   {@link User#ou}="sampleUserOU1"
         */
        // User inUser = new User(TEST_USERID, TEST_PASSWORD, CreateRoleSample.TEST_SIMPLE_ROLE, CreateUserOrgSample.TEST_USER_OU_NM);
        // User inUser = new User(TEST_USERID, TEST_PASSWORD, CreateRoleSample.TEST_SIMPLE_ROLE, CreateUserOrgSample.TEST_USER_OU_NM);
        LOG.info(szLocation + "ASSIGNING [" + NUMBER_TEST_USERS + "] users to [" + NUMBER_TEST_ROLES + "] roles (every '@' is 1000 users)");
        for (int i = 1; i <= NUMBER_TEST_USERS; i++) {
            for (int j = 1; j <= NUMBER_TEST_ROLES; j++) {
                try {
                    UserRole inUserRole = new UserRole(TEST_USERID + i, TEST_ROLE + j);
                    // Now call the assignUser API.  The API will assign user to specified role.
                    adminMgr.assignUser(inUserRole);
                } catch (SecurityException ex) {
                    LOG.error(szLocation + "testAssignUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
                // fail(ex.getMessage());
                }
                if (i % 1000 == 0) {
                    System.out.print("@");
                }
            }
        }
        System.out.println("");
        LOG.info(szLocation + " users assignment success");
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 65 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class TestAccelerator method testCombinedCalls.

@Test
public void testCombinedCalls() {
    LOG.info("testCombinedCalls...");
    try {
        AccelMgr accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
        Session session;
        User user = new User();
        // positive test case:
        user.setUserId("rbacuser1");
        user.setPassword("secret");
        session = accelMgr.createSession(user, false);
        // positive test case:
        Permission perm = new Permission();
        perm.setObjName("/impl/cal2.jsp");
        perm.setOpName("8am");
        boolean result = accelMgr.checkAccess(session, perm);
        assertTrue(result);
        // drop role1:
        UserRole userRole = new UserRole(user.getUserId(), "rbacrole1");
        accelMgr.dropActiveRole(session, userRole);
        // this should return false:
        result = accelMgr.checkAccess(session, perm);
        assertTrue(!result);
        // now add role1 back again:
        userRole = new UserRole(user.getUserId(), "rbacrole1");
        accelMgr.addActiveRole(session, userRole);
        // this should return true:
        result = accelMgr.checkAccess(session, perm);
        assertTrue(result);
    } catch (SecurityException se) {
        se.printStackTrace();
        fail();
    }
}