Examples with UserRole org.apache.directory.fortress.core.model.UserRole used on opensource projects
Example 16 with UserRole
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AccelMgrImplTest method addActiveRoles.
/**
* @param msg
* @param uArray
* @param rPosArray
* @param rNegArray
*/
public static void addActiveRoles(String msg, String[][] uArray, String[][] rPosArray, String[][] rNegArray) {
LogUtil.logIt(msg);
try {
AccelMgr accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
Session session = accelMgr.createSession(user, false);
assertNotNull(session);
// Attempt to activate roles that aren't assigned to user:
for (String[] badRle : rNegArray) {
try {
// Add Role (this better fail):
accelMgr.addActiveRole(session, new UserRole(user.getUserId(), RoleTestData.getName(badRle)));
String error = "addActiveRoles failed negative test 1 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(badRle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ACTIVATE_FAILED);
// pass
}
}
// remove all roles from the user's session:
int ctr = rPosArray.length;
for (String[] rle : rPosArray) {
// Drop Role:
accelMgr.dropActiveRole(session, new UserRole(user.getUserId(), RoleTestData.getName(rle)));
// session)
try {
// Drop Role3 (this better fail):
accelMgr.dropActiveRole(session, new UserRole(user.getUserId(), RoleTestData.getName(rle)));
String error = "addActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
}
}
// Now activate the list of assigned roles:
ctr = 0;
for (String[] rle : rPosArray) {
// Activate Role(s):
accelMgr.addActiveRole(session, new UserRole(user.getUserId(), RoleTestData.getName(rle)));
// TODO: this does not work with RAO - fix me.
try {
// Activate Role again (this should throw SecurityException):
accelMgr.addActiveRole(session, new UserRole(user.getUserId(), RoleTestData.getName(rle)));
String error = "addActiveRoles failed test 3 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ALREADY_ACTIVE);
// this is good
}
}
accelMgr.deleteSession(session);
}
} catch (SecurityException ex) {
LOG.error("addActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", " + "msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccelMgr(org.apache.directory.fortress.core.AccelMgr)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Example 17 with UserRole
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AccessMgrImplTest method addActiveRoles.
/**
* @param msg
* @param uArray
* @param rPosArray
* @param rNegArray
*/
public static void addActiveRoles(String msg, String[][] uArray, String[][] rPosArray, String[][] rNegArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
List<UserRole> uRoles = session.getRoles();
assertNotNull(uRoles);
assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", rPosArray.length, uRoles.size());
for (String[] rle : rPosArray) {
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
}
// Attempt to activate roles that aren't assigned to user:
for (String[] badRle : rNegArray) {
try {
// Add Role (this better fail):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(badRle)));
String error = "addActiveRoles failed negative test 1 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(badRle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ACTIVATE_FAILED);
// pass
}
}
// remove all roles from the user's session:
int ctr = rPosArray.length;
for (String[] rle : rPosArray) {
// Drop Role:
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", (--ctr), session.getRoles().size());
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should not contain role", !session.getRoles().contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
// Drop Role again: (This better fail because role has already been deactivated from user's session)
try {
// Drop Role3 (this better fail):
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
String error = "addActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
}
}
// Now activate the list of assigned roles:
ctr = 0;
for (String[] rle : rPosArray) {
// Activate Role(s):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
uRoles = session.getRoles();
assertEquals(CLS_NM + ".addActiveRoles failed list size user [" + user.getUserId() + "]", ++ctr, uRoles.size());
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should contain role", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
try {
// Activate Role again (this should throw SecurityException):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
String error = "addActiveRoles failed test 3 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ALREADY_ACTIVE);
// this is good
}
}
}
} catch (SecurityException ex) {
LOG.error("addActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Example 18 with UserRole
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AccessMgrImplTest method createSessionsWithRolesTrusted.
/**
* @param msg
* @param uArray
* @param rArray
*/
public static void createSessionsWithRolesTrusted(String msg, String[][] uArray, String[][] rArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
List<UserRole> rlsRequested = new ArrayList<>();
int cnt = 0;
for (String[] rle : rArray) {
rlsRequested.add(RoleTestData.getUserRole(user.getUserId(), rle));
user.setRoles(rlsRequested);
Session session = accessMgr.createSession(user, true);
assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed role search USER [" + user.getUserId() + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles().size());
String userId = accessMgr.getUserId(session);
assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
UserTestData.assertEquals(user, usr);
}
}
LOG.debug("createSessionsWithRolesTrusted successful");
} catch (SecurityException ex) {
LOG.error("createSessionsWithRolesTrusted: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
UserRole(org.apache.directory.fortress.core.model.UserRole)
ArrayList(java.util.ArrayList)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Example 19 with UserRole
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AccessMgrImplTest method createSessionsDSD.
/**
* @param msg
* @param uArray
* @param dsdArray
*/
public static void createSessionsDSD(String msg, String[][] uArray, String[][] dsdArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
int i = 0;
for (String[] usr : uArray) {
SDSet dsd = RoleTestData.getSDSet(dsdArray[i++]);
User user = UserTestData.getUser(usr);
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
String userId = accessMgr.getUserId(session);
assertTrue(CLS_NM + ".createSessionsDSD failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
UserTestData.assertEquals(user, usr);
List<UserRole> uRoles = session.getRoles();
assertNotNull(uRoles);
// was the number of members in test DSD greater than the cardinality?
if (dsd.getMembers().size() < dsd.getCardinality()) {
assertEquals(CLS_NM + ".createSessionsDSD role list size check failed user-role user [" + user.getUserId() + "]", dsd.getMembers().size(), uRoles.size());
} else {
assertEquals(CLS_NM + ".createSessionsDSD role cardinality check failed user-role list size user [" + user.getUserId() + "] dsd set [" + dsd.getName() + "] card [" + dsd.getCardinality() + "] listsize [" + uRoles.size() + "]", dsd.getCardinality() - 1, uRoles.size());
}
}
LOG.debug("createSessionsDSD successful");
} catch (SecurityException ex) {
LOG.error("createSessionsDSD: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
SDSet(org.apache.directory.fortress.core.model.SDSet)
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Example 20 with UserRole
use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.
the class AccessMgrImplTest method dropActiveRoles.
/**
* @param msg
* @param uArray
* @param rArray
*/
public static void dropActiveRoles(String msg, String[][] uArray, String[][] rArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
List<UserRole> uRoles = session.getRoles();
assertNotNull(uRoles);
assertEquals(CLS_NM + ".dropActiveRoles failed list size user[" + user.getUserId() + "]", rArray.length, uRoles.size());
for (String[] rle : rArray) {
assertTrue(CLS_NM + ".dropActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
}
// remove all roles from the user's session:
int ctr = rArray.length;
for (String[] rle : rArray) {
// Drop Role:
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
assertEquals(CLS_NM + ".dropActiveRoles failed list size user[" + user.getUserId() + "]", (--ctr), session.getRoles().size());
assertTrue(CLS_NM + ".dropActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should not contain role", !session.getRoles().contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
// Drop Role again: (This better fail because role has already been deactivated from user's session)
try {
// Drop Role3 (this better fail):
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
String error = "dropActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue("dropActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
}
}
}
} catch (SecurityException ex) {
LOG.error("dropActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Aggregations
UserRole (org.apache.directory.fortress.core.model.UserRole)89
User (org.apache.directory.fortress.core.model.User)55
SecurityException (org.apache.directory.fortress.core.SecurityException)48
Session (org.apache.directory.fortress.core.model.Session)28
AccessMgr (org.apache.directory.fortress.core.AccessMgr)17
ArrayList (java.util.ArrayList)16
Role (org.apache.directory.fortress.core.model.Role)16
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)16
AdminMgr (org.apache.directory.fortress.core.AdminMgr)14
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)12
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)11
Constraint (org.apache.directory.fortress.core.model.Constraint)10
AdminRole (org.apache.directory.fortress.core.model.AdminRole)9
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)7
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)7
AccelMgr (org.apache.directory.fortress.core.AccelMgr)6
FinderException (org.apache.directory.fortress.core.FinderException)6
SDSet (org.apache.directory.fortress.core.model.SDSet)6
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)6
Enumeration (java.util.Enumeration)5
