Examples with Permission org.apache.shiro.authz.Permission used on opensource projects

Search in sources :

Example 26 with Permission

use of org.apache.shiro.authz.Permission in project ddf by codice.

the class WorkspacePolicyExtensionTest method testShouldRemoveRolesAndEmailsWhenEmailImplied.

@Test
public void testShouldRemoveRolesAndEmailsWhenEmailImplied() {
    List<Permission> before = ImmutableList.of(RANDOM, ROLES, EMAILS);
    doReturn(before).when(match).getPermissionList();
    CollectionPermission subject = subjectFrom(makePermission(Constants.EMAIL_ADDRESS_CLAIM_URI, VALUES));
    List<Permission> after = extension.isPermittedMatchAll(subject, match).getPermissionList();
    assertThat(after, is(ImmutableList.of(RANDOM)));
}
Also used : CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) Test(org.junit.Test)

Example 27 with Permission

use of org.apache.shiro.authz.Permission in project ddf by codice.

the class PolicyManagerTest method testAllPolicies.

private void testAllPolicies() {
    //check search policy
    ContextPolicy policy = manager.getContextPolicy("/search");
    assertThat("/search", is(policy.getContextPath()));
    Iterator<String> authIter = policy.getAuthenticationMethods().iterator();
    int i = 0;
    while (authIter.hasNext()) {
        if (i == 0) {
            assertThat("SAML", is(authIter.next()));
        } else if (i == 1) {
            assertThat("BASIC", is(authIter.next()));
        } else if (i == 2) {
            assertThat("GUEST", is(authIter.next()));
        }
        i++;
    }
    List<Permission> permissionList = policy.getAllowedAttributePermissions().getPermissionList();
    assertThat("role : user", is(permissionList.get(0).toString()));
    assertThat("control : foo", is(permissionList.get(1).toString()));
    assertThat("control : bar", is(permissionList.get(2).toString()));
    //check admin policy
    policy = manager.getContextPolicy("/admin");
    assertThat("/admin", is(policy.getContextPath()));
    authIter = policy.getAuthenticationMethods().iterator();
    i = 0;
    while (authIter.hasNext()) {
        if (i == 0) {
            assertThat("SAML", is(authIter.next()));
        } else if (i == 1) {
            assertThat("BASIC", is(authIter.next()));
        }
        i++;
    }
    //check foo policy
    policy = manager.getContextPolicy("/foo");
    assertThat("/foo", is(policy.getContextPath()));
    authIter = policy.getAuthenticationMethods().iterator();
    i = 0;
    while (authIter.hasNext()) {
        if (i == 0) {
            assertThat("BASIC", is(authIter.next()));
        }
        i++;
    }
    //make sure some random context points to /
    policy = manager.getContextPolicy("/random");
    assertThat("/", is(policy.getContextPath()));
    authIter = policy.getAuthenticationMethods().iterator();
    i = 0;
    while (authIter.hasNext()) {
        if (i == 0) {
            assertThat("SAML", is(authIter.next()));
        } else if (i == 1) {
            assertThat("BASIC", is(authIter.next()));
        }
        i++;
    }
    //check unprotected contexts
    policy = manager.getContextPolicy("/unprotected");
    assertThat("/unprotected", is(policy.getContextPath()));
    authIter = policy.getAuthenticationMethods().iterator();
    assertThat(false, is(authIter.hasNext()));
    policy = manager.getContextPolicy("/unprotected2");
    assertThat("/unprotected2", is(policy.getContextPath()));
    authIter = policy.getAuthenticationMethods().iterator();
    assertThat(authIter.hasNext(), is(false));
}
Also used : CollectionPermission(ddf.security.permission.CollectionPermission) Permission(org.apache.shiro.authz.Permission) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy)

Example 28 with Permission

use of org.apache.shiro.authz.Permission in project ddf by codice.

the class OperationPluginTest method makeDecision.

private Answer<Boolean> makeDecision() {
    Map<String, List<String>> testRoleMap = new HashMap<String, List<String>>();
    List<String> testRoles = new ArrayList<String>();
    testRoles.add("A");
    testRoles.add("B");
    testRoleMap.put("Roles", testRoles);
    final KeyValueCollectionPermission testUserPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION, testRoleMap);
    return new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) {
            Object[] args = invocation.getArguments();
            Permission incomingPermission = (Permission) args[1];
            return testUserPermission.implies(incomingPermission);
        }
    };
}
Also used : Answer(org.mockito.stubbing.Answer) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) HashMap(java.util.HashMap) InvocationOnMock(org.mockito.invocation.InvocationOnMock) ArrayList(java.util.ArrayList) CollectionPermission(ddf.security.permission.CollectionPermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) ArrayList(java.util.ArrayList) List(java.util.List)

Example 29 with Permission

use of org.apache.shiro.authz.Permission in project ddf by codice.

the class XacmlPdpTest method generateSubjectInfo.

private AuthorizationInfo generateSubjectInfo(String country) {
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<Permission> permissions = new HashSet<Permission>();
    Set<String> roles = new HashSet<String>();
    // add roles
    roles.add("users");
    roles.add("admin");
    // add permissions
    KeyValuePermission citizenshipPermission = new KeyValuePermission(COUNTRY);
    citizenshipPermission.addValue(country);
    permissions.add(citizenshipPermission);
    KeyValuePermission typePermission = new KeyValuePermission(SUBJECT_ACCESS);
    typePermission.addValue(ACCESS_TYPE_A);
    typePermission.addValue(ACCESS_TYPE_B);
    KeyValuePermission nameIdentPermission = new KeyValuePermission(NAME_IDENTIFIER);
    nameIdentPermission.addValue("testuser1");
    KeyValuePermission givenNamePermission = new KeyValuePermission(GIVEN_NAME);
    givenNamePermission.addValue("Test User");
    permissions.add(typePermission);
    permissions.add(nameIdentPermission);
    permissions.add(givenNamePermission);
    info.setRoles(roles);
    info.setObjectPermissions(permissions);
    return info;
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) HashSet(java.util.HashSet)

Example 30 with Permission

use of org.apache.shiro.authz.Permission in project ddf by codice.

the class XacmlPdpTest method testActionGoodSiteName.

@Test
public void testActionGoodSiteName() {
    SimpleAuthorizationInfo blankUserInfo = new SimpleAuthorizationInfo(new HashSet<String>());
    blankUserInfo.setObjectPermissions(new HashSet<Permission>());
    RequestType request = testRealm.createXACMLRequest(USER_NAME, blankUserInfo, new KeyValueCollectionPermission(SITE_NAME_ACTION));
    assertTrue(testRealm.isPermitted(request));
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType) Test(org.junit.Test)

Aggregations

Permission (org.apache.shiro.authz.Permission)32 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)22 CollectionPermission (ddf.security.permission.CollectionPermission)21 KeyValuePermission (ddf.security.permission.KeyValuePermission)20 Test (org.junit.Test)11 ArrayList (java.util.ArrayList)8 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)7 MatchOneCollectionPermission (ddf.security.permission.MatchOneCollectionPermission)4 List (java.util.List)4 AuthorizationException (org.apache.shiro.authz.AuthorizationException)4 WildcardPermission (org.apache.shiro.authz.permission.WildcardPermission)4 HashMap (java.util.HashMap)3 HashSet (java.util.HashSet)3 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)3 Expansion (ddf.security.expansion.Expansion)2 AuthzRealm (ddf.security.pdp.realm.AuthzRealm)2 Map (java.util.Map)2 CamelAuthorizationException (org.apache.camel.CamelAuthorizationException)2 RolePermissionResolver (org.apache.shiro.authz.permission.RolePermissionResolver)2 XSString (org.opensaml.core.xml.schema.XSString)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial