Examples with Builder org.apache.qpid.server.security.access.config.Rule.Builder used on opensource projects

Search in sources :

Example 6 with Builder

use of org.apache.qpid.server.security.access.config.Rule.Builder in project qpid-broker-j by apache.

the class RuleSetTest method testPublishToExchange.

@Test
public void testPublishToExchange() {
    _ruleCollector.addRule(1, new Builder().withPredicate(Property.NAME, "broadcast").withPredicate(Property.ROUTING_KEY, "broadcast.*").withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.PUBLISH).withObject(ObjectType.EXCHANGE).build());
    _ruleCollector.addRule(3, new Builder().withPredicate(Property.NAME, "broadcast").withPredicate(Property.ROUTING_KEY, "rs.broadcast.*").withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.PUBLISH).withObject(ObjectType.EXCHANGE).build());
    _ruleCollector.addRule(7, new Builder().withPredicate(Property.NAME, "rs.broadcast").withPredicate(Property.ROUTING_KEY, "rs.broadcast.*").withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.PUBLISH).withObject(ObjectType.EXCHANGE).build());
    _ruleCollector.addRule(17, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.DENY).withOperation(LegacyOperation.ALL).withObject(ObjectType.ALL).build());
    final RuleSet ruleSet = createRuleSet();
    assertEquals(4, ruleSet.size());
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, new ObjectProperties()));
    ObjectProperties object = new ObjectProperties("broadcast");
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    object = new ObjectProperties("broadcast");
    object.put(Property.ROUTING_KEY, "broadcast.public");
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    object = new ObjectProperties("broadcast");
    object.put(Property.ROUTING_KEY, "rs.broadcast.public");
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    object = new ObjectProperties("rs.broadcast");
    object.put(Property.ROUTING_KEY, "rs.broadcast.public");
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    object = new ObjectProperties("broadcast");
    object.put(Property.ROUTING_KEY, "queue");
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    object = new ObjectProperties("brs");
    object.put(Property.ROUTING_KEY, "rs.broadcast.public");
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
    // Another user
    final Subject testSubject = TestPrincipalUtils.createTestSubject("Java");
    object = new ObjectProperties("rs.broadcast");
    object.put(Property.ROUTING_KEY, "rs.broadcast.public");
    assertEquals(Result.DEFER, ruleSet.check(testSubject, LegacyOperation.PUBLISH, ObjectType.EXCHANGE, object));
}
Also used : Builder(org.apache.qpid.server.security.access.config.Rule.Builder) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 7 with Builder

use of org.apache.qpid.server.security.access.config.Rule.Builder in project qpid-broker-j by apache.

the class RuleSetTest method testVirtualHostAccessAllowDenyPermissions.

@Test
public void testVirtualHostAccessAllowDenyPermissions() {
    _ruleCollector.addRule(0, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.DENY).withOperation(LegacyOperation.ACCESS).withObject(ObjectType.VIRTUALHOST).withPredicate(Property.NAME, DENIED_VH).build());
    _ruleCollector.addRule(1, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.ACCESS).withObject(ObjectType.VIRTUALHOST).withPredicate(Property.NAME, ALLOWED_VH).build());
    final RuleSet ruleSet = createRuleSet();
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.ACCESS, ObjectType.VIRTUALHOST, new ObjectProperties(ALLOWED_VH)));
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.ACCESS, ObjectType.VIRTUALHOST, new ObjectProperties(DENIED_VH)));
}
Also used : Builder(org.apache.qpid.server.security.access.config.Rule.Builder) Test(org.junit.Test)

Example 8 with Builder

use of org.apache.qpid.server.security.access.config.Rule.Builder in project qpid-broker-j by apache.

the class RuleSetTest method testVirtualHostAccessAllowPermissionWithVirtualHostNameOtherPredicate.

@Test
public void testVirtualHostAccessAllowPermissionWithVirtualHostNameOtherPredicate() {
    final ObjectProperties properties = new ObjectProperties();
    properties.put(Property.VIRTUALHOST_NAME, ALLOWED_VH);
    _ruleCollector.addRule(0, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.ACCESS).withObject(ObjectType.VIRTUALHOST).withPredicates(properties).build());
    final RuleSet ruleSet = createRuleSet();
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.ACCESS, ObjectType.VIRTUALHOST, properties));
    assertEquals(Result.DEFER, ruleSet.check(_testSubject, LegacyOperation.ACCESS, ObjectType.VIRTUALHOST, new ObjectProperties(DENIED_VH)));
}
Also used : Builder(org.apache.qpid.server.security.access.config.Rule.Builder) Test(org.junit.Test)

Example 9 with Builder

use of org.apache.qpid.server.security.access.config.Rule.Builder in project qpid-broker-j by apache.

the class RuleSetTest method testList_Iterators.

@Test
public void testList_Iterators() {
    _ruleCollector.addRule(1, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.PUBLISH).withObject(ObjectType.EXCHANGE).withPredicate(Property.NAME, "broadcast").build());
    _ruleCollector.addRule(3, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.ACCESS).withObject(ObjectType.VIRTUALHOST).build());
    _ruleCollector.addRule(17, new Builder().withIdentity(Rule.ALL).withOutcome(RuleOutcome.DENY).withOperation(LegacyOperation.ALL).withObject(ObjectType.ALL).build());
    final RuleSet ruleSet = createRuleSet();
    assertNotNull(ruleSet);
    int j = 0;
    for (Rule r : ruleSet) {
        assertEquals(ruleSet.get(j++), r);
    }
    ListIterator<Rule> iterator = ruleSet.listIterator();
    assertNotNull(iterator);
    while (iterator.hasNext()) {
        assertEquals(ruleSet.get(iterator.nextIndex()), iterator.next());
        try {
            iterator.remove();
            fail("An exception is expected!");
        } catch (RuntimeException e) {
        // 
        }
    }
    iterator = ruleSet.listIterator(1);
    assertNotNull(iterator);
    while (iterator.hasNext()) {
        assertEquals(ruleSet.get(iterator.nextIndex()), iterator.next());
        try {
            iterator.remove();
            fail("An exception is expected!");
        } catch (RuntimeException e) {
        // 
        }
    }
}
Also used : Builder(org.apache.qpid.server.security.access.config.Rule.Builder) Test(org.junit.Test)

Example 10 with Builder

use of org.apache.qpid.server.security.access.config.Rule.Builder in project qpid-broker-j by apache.

the class RuleSetTest method testNamedTemporaryQueueDeniedAllowed.

@Test
public void testNamedTemporaryQueueDeniedAllowed() {
    final ObjectProperties named = new ObjectProperties(_queueName);
    final ObjectProperties namedTemporary = new ObjectProperties(_queueName);
    namedTemporary.put(Property.AUTO_DELETE, Boolean.TRUE);
    RuleSet ruleSet = createRuleSet();
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.CREATE, ObjectType.QUEUE, named));
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.CREATE, ObjectType.QUEUE, namedTemporary));
    _ruleCollector.addRule(1, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.ALLOW).withOperation(LegacyOperation.CREATE).withObject(ObjectType.QUEUE).withPredicates(namedTemporary).build());
    _ruleCollector.addRule(2, new Builder().withIdentity(TEST_USER).withOutcome(RuleOutcome.DENY).withOperation(LegacyOperation.CREATE).withObject(ObjectType.QUEUE).withPredicates(named).build());
    ruleSet = createRuleSet();
    assertEquals(2, ruleSet.size());
    assertEquals(Result.DENIED, ruleSet.check(_testSubject, LegacyOperation.CREATE, ObjectType.QUEUE, named));
    assertEquals(Result.ALLOWED, ruleSet.check(_testSubject, LegacyOperation.CREATE, ObjectType.QUEUE, namedTemporary));
}
Also used : Builder(org.apache.qpid.server.security.access.config.Rule.Builder) Test(org.junit.Test)

Aggregations

Builder (org.apache.qpid.server.security.access.config.Rule.Builder)30 Test (org.junit.Test)28 Subject (javax.security.auth.Subject)5 IllegalConfigurationException (org.apache.qpid.server.configuration.IllegalConfigurationException)1 EventLogger (org.apache.qpid.server.logging.EventLogger)1 EventLoggerProvider (org.apache.qpid.server.logging.EventLoggerProvider)1 AuthenticationProvider (org.apache.qpid.server.model.AuthenticationProvider)1 UsernamePrincipal (org.apache.qpid.server.security.auth.UsernamePrincipal)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial