Examples with Group org.apache.wiki.auth.authorize.Group used on opensource projects

Search in sources :

Example 11 with Group

use of org.apache.wiki.auth.authorize.Group in project jspwiki by apache.

the class AclImplTest method inGroup.

private boolean inGroup(Object[] array, Principal key) {
    for (int i = 0; i < array.length; i++) {
        if (array[i] instanceof GroupPrincipal) {
            String groupName = ((GroupPrincipal) array[i]).getName();
            Group group = m_groups.get(groupName);
            if (group != null && group.isMember(key)) {
                return true;
            }
        }
    }
    return false;
}
Also used : Group(org.apache.wiki.auth.authorize.Group) GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)

Example 12 with Group

use of org.apache.wiki.auth.authorize.Group in project jspwiki by apache.

the class AuthorizationManagerTest method testGetRoles.

@Test
public void testGetRoles() throws Exception {
    WikiSession session;
    Principal[] principals;
    // Create a new "asserted" session for Bob
    session = WikiSessionTest.assertedSession(m_engine, Users.BOB);
    // Set up a group without Bob in it
    Group test = m_groupMgr.parseGroup("Test", "Alice \n Charlie", true);
    m_groupMgr.setGroup(m_session, test);
    // Bob should have two roles: ASSERTED and ALL
    principals = session.getRoles();
    Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
    Assert.assertTrue("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
    Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
    Assert.assertFalse("Bob not in Test", ArrayUtils.contains(principals, test.getPrincipal()));
    // Re-save group "Test" with Bob as a member
    test = m_groupMgr.parseGroup("Test", "Alice \n Bob \nCharlie", true);
    m_groupMgr.setGroup(m_session, test);
    // Bob not authenticated: should still have only two romes
    principals = session.getRoles();
    Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
    Assert.assertTrue("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
    Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
    Assert.assertFalse("Bob in Test", ArrayUtils.contains(principals, test.getPrincipal()));
    // Elevate Bob to "authenticated" status
    session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
    // Re-save the group; Bob should possess the role now
    test = m_groupMgr.parseGroup("Test", "Alice \n Bob \n Charlie", true);
    m_groupMgr.setGroup(m_session, test);
    principals = session.getRoles();
    Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
    Assert.assertFalse("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
    Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
    Assert.assertTrue("Bob in Test", ArrayUtils.contains(principals, test.getPrincipal()));
    // Cleanup
    m_groupMgr.removeGroup("Test");
}
Also used : WikiSession(org.apache.wiki.WikiSession) Group(org.apache.wiki.auth.authorize.Group) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.Test)

Example 13 with Group

use of org.apache.wiki.auth.authorize.Group in project jspwiki by apache.

the class AuthorizationManagerTest method testIsUserInRole.

@Test
public void testIsUserInRole() throws Exception {
    // Create new user Alice and 2 sample roles
    Principal alice = new WikiPrincipal(Users.ALICE);
    Role it = new Role("IT");
    Role finance = new Role("Finance");
    // Create Group1 with Alice in it, Group2 without
    WikiSession session = WikiSessionTest.adminSession(m_engine);
    Group g1 = m_groupMgr.parseGroup("Group1", "Alice", true);
    m_groupMgr.setGroup(session, g1);
    Principal group1 = g1.getPrincipal();
    Group g2 = m_groupMgr.parseGroup("Group2", "Bob", true);
    m_groupMgr.setGroup(session, g2);
    Principal group2 = g2.getPrincipal();
    // Create anonymous session; not in ANY custom roles or groups
    session = WikiSessionTest.anonymousSession(m_engine);
    Assert.assertTrue("Anon anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
    Assert.assertFalse("Anon not asserted", m_auth.isUserInRole(session, Role.ASSERTED));
    Assert.assertFalse("Anon not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
    Assert.assertFalse("Anon not in Ernie", m_auth.isUserInRole(session, alice));
    Assert.assertFalse("Anon not in IT", m_auth.isUserInRole(session, it));
    Assert.assertFalse("Anon not in Finance", m_auth.isUserInRole(session, finance));
    Assert.assertFalse("Anon not in Group1", m_auth.isUserInRole(session, group1));
    Assert.assertFalse("Anon not in Group2", m_auth.isUserInRole(session, group2));
    // Create asserted session with 1 GroupPrincipal & 1 custom Role
    // Alice is asserted, and thus not in ANY custom roles or groups
    session = WikiSessionTest.assertedSession(m_engine, Users.ALICE, new Principal[] { it });
    Assert.assertFalse("Alice not anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
    Assert.assertTrue("Alice asserted", m_auth.isUserInRole(session, Role.ASSERTED));
    Assert.assertFalse("Alice not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
    Assert.assertFalse("Alice not in Alice", m_auth.isUserInRole(session, alice));
    Assert.assertFalse("Alice not in IT", m_auth.isUserInRole(session, it));
    Assert.assertFalse("Alice not in Finance", m_auth.isUserInRole(session, finance));
    Assert.assertFalse("Alice not in Group1", m_auth.isUserInRole(session, group1));
    Assert.assertFalse("Alice not in Group2", m_auth.isUserInRole(session, group2));
    // Create authenticated session with 1 GroupPrincipal & 1 custom Role
    // Ernie is authenticated, and thus part of custom roles and groups
    session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it });
    Assert.assertFalse("Alice not anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
    Assert.assertFalse("Alice not asserted", m_auth.isUserInRole(session, Role.ASSERTED));
    Assert.assertTrue("Alice not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
    Assert.assertFalse("Alice not in Alice", m_auth.isUserInRole(session, alice));
    Assert.assertTrue("Alice in IT", m_auth.isUserInRole(session, it));
    Assert.assertFalse("Alice not in Finance", m_auth.isUserInRole(session, finance));
    Assert.assertTrue("Alice in Group1", m_auth.isUserInRole(session, group1));
    Assert.assertFalse("Alice not in Group2", m_auth.isUserInRole(session, group2));
    // Clean up
    m_groupMgr.removeGroup("Group1");
    m_groupMgr.removeGroup("Group2");
}
Also used : Role(org.apache.wiki.auth.authorize.Role) WikiSession(org.apache.wiki.WikiSession) Group(org.apache.wiki.auth.authorize.Group) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.Test)

Example 14 with Group

use of org.apache.wiki.auth.authorize.Group in project jspwiki by apache.

the class AuthorizationManagerTest method testResolveUsers.

@Test
public void testResolveUsers() throws WikiException {
    // We should be able to resolve a user by login, user, or wiki name
    UserProfile profile = m_engine.getUserManager().getUserDatabase().newProfile();
    profile.setEmail("authmanagertest@tester.net");
    profile.setFullname("AuthorizationManagerTest User");
    profile.setLoginName("authmanagertest");
    try {
        m_engine.getUserManager().getUserDatabase().save(profile);
    } catch (WikiSecurityException e) {
        Assert.fail("Failed save: " + e.getLocalizedMessage());
    }
    Assert.assertEquals(new WikiPrincipal("authmanagertest", WikiPrincipal.LOGIN_NAME), m_auth.resolvePrincipal("authmanagertest"));
    Assert.assertEquals(new WikiPrincipal("AuthorizationManagerTest User", WikiPrincipal.FULL_NAME), m_auth.resolvePrincipal("AuthorizationManagerTest User"));
    Assert.assertEquals(new WikiPrincipal("AuthorizationManagerTestUser", WikiPrincipal.WIKI_NAME), m_auth.resolvePrincipal("AuthorizationManagerTestUser"));
    try {
        m_engine.getUserManager().getUserDatabase().deleteByLoginName("authmanagertest");
    } catch (WikiSecurityException e) {
        Assert.fail("Failed delete: " + e.getLocalizedMessage());
    }
    // A wiki group should resolve to itself
    Group group1 = m_groupMgr.parseGroup("SampleGroup", "", true);
    m_groupMgr.setGroup(m_session, group1);
    Assert.assertEquals(group1.getPrincipal(), m_auth.resolvePrincipal("SampleGroup"));
    m_groupMgr.removeGroup("SampleGroup");
    // A built-in role should resolve to itself
    Assert.assertEquals(Role.AUTHENTICATED, m_auth.resolvePrincipal("Authenticated"));
    // We shouldn't be able to spoof a built-in role
    Assert.assertNotSame(new WikiPrincipal("Authenticated"), m_auth.resolvePrincipal("Authenticated"));
    // An unknown user should resolve to a generic UnresolvedPrincipal
    Principal principal = new UnresolvedPrincipal("Bart Simpson");
    Assert.assertEquals(principal, m_auth.resolvePrincipal("Bart Simpson"));
}
Also used : Group(org.apache.wiki.auth.authorize.Group) UserProfile(org.apache.wiki.auth.user.UserProfile) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.Test)

Example 15 with Group

use of org.apache.wiki.auth.authorize.Group in project jspwiki by apache.

the class AuthorizationManagerTest method testAuthenticatedSession.

@Test
public void testAuthenticatedSession() throws Exception {
    // Create Alice and her roles
    Principal alice = new WikiPrincipal(Users.ALICE);
    Role it = new Role("IT");
    Role engineering = new Role("Engineering");
    Role finance = new Role("Finance");
    Principal admin = new GroupPrincipal("Admin");
    WikiSession session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it, engineering, admin });
    // Create two groups: Alice should be part of group Bar, but not Foo
    Group fooGroup = m_groupMgr.parseGroup("Foo", "", true);
    Group barGroup = m_groupMgr.parseGroup("Bar", "", true);
    barGroup.add(alice);
    m_groupMgr.setGroup(m_session, fooGroup);
    m_groupMgr.setGroup(m_session, barGroup);
    // Test user principal posession: user principals of different
    // types should still be "the same" if their names are equal
    Assert.assertTrue("Alice has Alice", m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.ALICE)));
    Assert.assertTrue("Alice has Alice", m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.ALICE)));
    Assert.assertFalse("Alice not has Bob", m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.BOB)));
    Assert.assertFalse("Alice not has Bob", m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.BOB)));
    // Built-in role membership
    Assert.assertTrue("Alice in ALL", m_auth.hasRoleOrPrincipal(session, Role.ALL));
    Assert.assertFalse("Alice not in ANONYMOUS", m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS));
    Assert.assertFalse("Alice not in ASSERTED", m_auth.hasRoleOrPrincipal(session, Role.ASSERTED));
    Assert.assertTrue("Alice in AUTHENTICATED", m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED));
    // Custom roles
    Assert.assertTrue("Alice in IT", m_auth.hasRoleOrPrincipal(session, it));
    Assert.assertTrue("Alice in Engineering", m_auth.hasRoleOrPrincipal(session, engineering));
    Assert.assertFalse("Alice not in Finance", m_auth.hasRoleOrPrincipal(session, finance));
    // Group memberships
    Assert.assertFalse("Alice not in Foo", m_auth.hasRoleOrPrincipal(session, fooGroup.getPrincipal()));
    Assert.assertTrue("Alice in Bar", m_auth.hasRoleOrPrincipal(session, barGroup.getPrincipal()));
    // Cleanup
    m_groupMgr.removeGroup("Foo");
    m_groupMgr.removeGroup("Bar");
}
Also used : Role(org.apache.wiki.auth.authorize.Role) WikiSession(org.apache.wiki.WikiSession) Group(org.apache.wiki.auth.authorize.Group) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.Test)

Aggregations

Group (org.apache.wiki.auth.authorize.Group)16 WikiSessionTest (org.apache.wiki.WikiSessionTest)11 Test (org.junit.Test)11 Principal (java.security.Principal)10 WikiSession (org.apache.wiki.WikiSession)7 UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)6 GroupManager (org.apache.wiki.auth.authorize.GroupManager)4 Role (org.apache.wiki.auth.authorize.Role)4 UserProfile (org.apache.wiki.auth.user.UserProfile)3 Properties (java.util.Properties)2 TestEngine (org.apache.wiki.TestEngine)2 GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)2 WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)2 Before (org.junit.Before)2 PageManager (org.apache.wiki.PageManager)1 WikiPage (org.apache.wiki.WikiPage)1 NoSuchPrincipalException (org.apache.wiki.auth.NoSuchPrincipalException)1 UserManager (org.apache.wiki.auth.UserManager)1 WikiSecurityException (org.apache.wiki.auth.WikiSecurityException)1 GroupDatabase (org.apache.wiki.auth.authorize.GroupDatabase)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial