Examples with Permission org.candlepin.auth.permissions.Permission used on opensource projects

Example 6 with Permission

use of org.candlepin.auth.permissions.Permission in project candlepin by candlepin.

the class ConsumerResourceIntegrationTest method setUp.

@Before
public void setUp() {
    standardSystemType = consumerTypeCurator.create(new ConsumerType("standard-system"));
    standardSystemTypeDTO = modelTranslator.translate(standardSystemType, ConsumerTypeDTO.class);
    personType = consumerTypeCurator.create(new ConsumerType(ConsumerTypeEnum.PERSON));
    personTypeDTO = modelTranslator.translate(personType, ConsumerTypeDTO.class);
    owner = ownerCurator.create(new Owner("test-owner"));
    ownerDTO = modelTranslator.translate(owner, OwnerDTO.class);
    owner.setDefaultServiceLevel(DEFAULT_SERVICE_LEVEL);
    ownerCurator.create(owner);
    someuser = userCurator.create(new User(USER_NAME, "dontcare"));
    ownerAdminRole = createAdminRole(owner);
    ownerAdminRole.addUser(someuser);
    roleCurator.create(ownerAdminRole);
    List<Permission> perms = permFactory.createPermissions(someuser, ownerAdminRole.getPermissions());
    principal = new UserPrincipal(USER_NAME, perms, false);
    setupPrincipal(principal);
    consumer = TestUtil.createConsumer(standardSystemType, owner);
    consumerCurator.create(consumer);
    product = TestUtil.createProduct();
    product.setAttribute(Product.Attributes.SUPPORT_LEVEL, DEFAULT_SERVICE_LEVEL);
    productCurator.create(product);
    pool = createPool(owner, product, 10L, TestDateUtil.date(2010, 1, 1), TestDateUtil.date(2020, 12, 31));
}

Example 7 with Permission

use of org.candlepin.auth.permissions.Permission in project candlepin by candlepin.

the class OwnerInfoCuratorTest method setupOnlyMyConsumersPrincipal.

private User setupOnlyMyConsumersPrincipal() {
    Set<Permission> perms = new HashSet<>();
    User u = new User("MySystemsAdmin", "passwd");
    perms.add(new UsernameConsumersPermission(u, owner));
    Principal p = new UserPrincipal(u.getUsername(), perms, false);
    setupPrincipal(p);
    return u;
}

Example 8 with Permission

use of org.candlepin.auth.permissions.Permission in project candlepin by candlepin.

the class UserResourceTest method testListAllOwners.

@Test
public void testListAllOwners() {
    User user = new User();
    user.setUsername("dummyuser" + TestUtil.randomInt());
    user.setPassword("password");
    userResource.createUser(user);
    Owner owner1 = createOwner();
    Owner owner2 = createOwner();
    Role owner1Role = new Role(owner1.getKey() + " role");
    Role owner2Role = new Role(owner2.getKey() + " role");
    owner1Role.addPermission(new PermissionBlueprint(PermissionType.OWNER, owner1, Access.ALL));
    owner1Role.addPermission(new PermissionBlueprint(PermissionType.OWNER, owner2, Access.READ_ONLY));
    owner1Role.addUser(user);
    owner2Role.addUser(user);
    roleCurator.create(owner1Role);
    roleCurator.create(owner2Role);
    Set<Permission> perms = new HashSet<>();
    perms.add(new OwnerPermission(owner1, Access.ALL));
    perms.add(new OwnerPermission(owner2, Access.READ_ONLY));
    Principal userPrincipal = new UserPrincipal(user.getUsername(), perms, false);
    // Requesting the list of owners for this user should assume ALL, and not
    // return owner2:
    Iterable<Owner> response = userResource.listUsersOwners(user.getUsername(), userPrincipal);
    List<Owner> owners = new LinkedList<>();
    for (Object entity : response) {
        owners.add((Owner) entity);
    }
    assertEquals(1, owners.size());
    assertEquals(owner1.getKey(), owners.get(0).getKey());
}

Example 9 with Permission

use of org.candlepin.auth.permissions.Permission in project candlepin by candlepin.

the class PinsetterAsyncFilterTest method noJobMapPrincipal.

@Test
public void noJobMapPrincipal() {
    List<Permission> permissions = Arrays.asList(new Permission[] { new OwnerPermission(new Owner("test_owner"), Access.ALL) });
    Principal principal = new UserPrincipal("testing", permissions, false);
    when(this.principalProvider.get()).thenReturn(principal);
    JobDetail detail = newJob(RefreshPoolsJob.class).build();
    when(response.getEntity()).thenReturn(detail);
    this.interceptor.postProcess(response);
    Assert.assertEquals(principal, detail.getJobDataMap().get(PinsetterJobListener.PRINCIPAL_KEY));
}

Example 10 with Permission

use of org.candlepin.auth.permissions.Permission in project candlepin by candlepin.

the class AbstractHibernateCurator method getSecureCriteriaRestrictions.

/**
 * Builds the criteria restrictions for the given entity class. If the entity does not need any
 * restrictions or the current principal otherwise has full access, this method returns null.
 *
 * @param entityClass
 *  The entity class for which to build secure criteria restrictions
 *
 * @return
 *  the criteria restrictions for the given entity class, or null if no restrictions are
 *  necessary.
 */
protected Criterion getSecureCriteriaRestrictions(Class entityClass) {
    Principal principal = this.principalProvider.get();
    Criterion restrictions = null;
    // access, skip the restriction building
    if (principal != null && !principal.hasFullAccess()) {
        for (Permission permission : principal.getPermissions()) {
            Criterion restriction = permission.getCriteriaRestrictions(entityClass);
            if (restriction != null) {
                log.debug("Adding criteria restriction from permission {} for {}: {}", permission, entityClass, restriction);
                restrictions = (restrictions != null) ? Restrictions.or(restrictions, restriction) : restriction;
            }
        }
    }
    return restrictions;
}