use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.
the class PermissionDataService method getAllowedOperations.
public List<PermissionOperation> getAllowedOperations(String name, String actor) {
List<PermissionOperation> operations = newArrayList();
Credential credential = credentialDataService.find(name);
PermissionData permissionData = permissionRepository.findByCredentialAndActor(credential, actor);
if (permissionData != null) {
if (permissionData.hasReadPermission()) {
operations.add(PermissionOperation.READ);
}
if (permissionData.hasWritePermission()) {
operations.add(PermissionOperation.WRITE);
}
if (permissionData.hasDeletePermission()) {
operations.add(PermissionOperation.DELETE);
}
if (permissionData.hasReadAclPermission()) {
operations.add(PermissionOperation.READ_ACL);
}
if (permissionData.hasWriteAclPermission()) {
operations.add(PermissionOperation.WRITE_ACL);
}
}
return operations;
}
use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.
the class PermissionsHandlerTest method setPermissions_setsAndReturnsThePermissions.
@Test
public void setPermissions_setsAndReturnsThePermissions() {
when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.WRITE_ACL))).thenReturn(true);
when(permissionCheckingService.userAllowedToOperateOnActor(ACTOR_NAME)).thenReturn(true);
ArrayList<PermissionOperation> operations = newArrayList(PermissionOperation.READ, PermissionOperation.WRITE);
PermissionEntry permissionEntry = new PermissionEntry(ACTOR_NAME, operations);
List<PermissionEntry> accessControlList = newArrayList(permissionEntry);
PermissionEntry preexistingPermissionEntry = new PermissionEntry(ACTOR_NAME2, Lists.newArrayList(PermissionOperation.READ));
List<PermissionEntry> expectedControlList = newArrayList(permissionEntry, preexistingPermissionEntry);
when(permissionService.getPermissions(credentialVersion, auditRecordParameters, CREDENTIAL_NAME)).thenReturn(expectedControlList);
when(permissionsRequest.getCredentialName()).thenReturn(CREDENTIAL_NAME);
when(permissionsRequest.getPermissions()).thenReturn(accessControlList);
subject.setPermissions(permissionsRequest, auditRecordParameters);
ArgumentCaptor<List> permissionsListCaptor = ArgumentCaptor.forClass(List.class);
verify(permissionService).savePermissions(eq(credentialVersion), permissionsListCaptor.capture(), eq(auditRecordParameters), eq(false), eq(CREDENTIAL_NAME));
List<PermissionEntry> accessControlEntries = permissionsListCaptor.getValue();
PermissionEntry entry = accessControlEntries.get(0);
assertThat(entry.getActor(), equalTo(ACTOR_NAME));
assertThat(entry.getAllowedOperations(), contains(equalTo(PermissionOperation.READ), equalTo(PermissionOperation.WRITE)));
}
use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.
the class PermissionDataService method createViewFor.
private PermissionEntry createViewFor(PermissionData data) {
if (data == null) {
return null;
}
PermissionEntry entry = new PermissionEntry();
List<PermissionOperation> operations = data.generateAccessControlOperations();
entry.setAllowedOperations(operations);
entry.setActor(data.getActor());
return entry;
}
use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.
the class PermissionsHandlerTest method getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse.
@Test
public void getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse() {
ArrayList<PermissionOperation> operations = newArrayList(PermissionOperation.READ, PermissionOperation.WRITE);
when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.READ_ACL))).thenReturn(true);
PermissionEntry permissionEntry = new PermissionEntry(ACTOR_NAME, operations);
List<PermissionEntry> accessControlList = newArrayList(permissionEntry);
when(permissionService.getPermissions(credentialVersion, auditRecordParameters, CREDENTIAL_NAME)).thenReturn(accessControlList);
PermissionsView response = subject.getPermissions(CREDENTIAL_NAME, auditRecordParameters);
List<PermissionEntry> accessControlEntries = response.getPermissions();
assertThat(response.getCredentialName(), equalTo(CREDENTIAL_NAME));
assertThat(accessControlEntries, hasSize(1));
PermissionEntry entry = accessControlEntries.get(0);
assertThat(entry.getActor(), equalTo(ACTOR_NAME));
List<PermissionOperation> allowedOperations = entry.getAllowedOperations();
assertThat(allowedOperations, contains(equalTo(PermissionOperation.READ), equalTo(PermissionOperation.WRITE)));
}
Aggregations