Search in sources :

Example 1 with PermissionOperation

use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.

the class PermissionDataService method getAllowedOperations.

public List<PermissionOperation> getAllowedOperations(String name, String actor) {
    List<PermissionOperation> operations = newArrayList();
    Credential credential = credentialDataService.find(name);
    PermissionData permissionData = permissionRepository.findByCredentialAndActor(credential, actor);
    if (permissionData != null) {
        if (permissionData.hasReadPermission()) {
            operations.add(PermissionOperation.READ);
        }
        if (permissionData.hasWritePermission()) {
            operations.add(PermissionOperation.WRITE);
        }
        if (permissionData.hasDeletePermission()) {
            operations.add(PermissionOperation.DELETE);
        }
        if (permissionData.hasReadAclPermission()) {
            operations.add(PermissionOperation.READ_ACL);
        }
        if (permissionData.hasWriteAclPermission()) {
            operations.add(PermissionOperation.WRITE_ACL);
        }
    }
    return operations;
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) PermissionData(org.cloudfoundry.credhub.entity.PermissionData)

Example 2 with PermissionOperation

use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.

the class PermissionsHandlerTest method setPermissions_setsAndReturnsThePermissions.

@Test
public void setPermissions_setsAndReturnsThePermissions() {
    when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.WRITE_ACL))).thenReturn(true);
    when(permissionCheckingService.userAllowedToOperateOnActor(ACTOR_NAME)).thenReturn(true);
    ArrayList<PermissionOperation> operations = newArrayList(PermissionOperation.READ, PermissionOperation.WRITE);
    PermissionEntry permissionEntry = new PermissionEntry(ACTOR_NAME, operations);
    List<PermissionEntry> accessControlList = newArrayList(permissionEntry);
    PermissionEntry preexistingPermissionEntry = new PermissionEntry(ACTOR_NAME2, Lists.newArrayList(PermissionOperation.READ));
    List<PermissionEntry> expectedControlList = newArrayList(permissionEntry, preexistingPermissionEntry);
    when(permissionService.getPermissions(credentialVersion, auditRecordParameters, CREDENTIAL_NAME)).thenReturn(expectedControlList);
    when(permissionsRequest.getCredentialName()).thenReturn(CREDENTIAL_NAME);
    when(permissionsRequest.getPermissions()).thenReturn(accessControlList);
    subject.setPermissions(permissionsRequest, auditRecordParameters);
    ArgumentCaptor<List> permissionsListCaptor = ArgumentCaptor.forClass(List.class);
    verify(permissionService).savePermissions(eq(credentialVersion), permissionsListCaptor.capture(), eq(auditRecordParameters), eq(false), eq(CREDENTIAL_NAME));
    List<PermissionEntry> accessControlEntries = permissionsListCaptor.getValue();
    PermissionEntry entry = accessControlEntries.get(0);
    assertThat(entry.getActor(), equalTo(ACTOR_NAME));
    assertThat(entry.getAllowedOperations(), contains(equalTo(PermissionOperation.READ), equalTo(PermissionOperation.WRITE)));
}
Also used : PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) ArrayList(java.util.ArrayList) List(java.util.List) Lists.newArrayList(com.google.common.collect.Lists.newArrayList) Test(org.junit.Test)

Example 3 with PermissionOperation

use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.

the class PermissionDataService method createViewFor.

private PermissionEntry createViewFor(PermissionData data) {
    if (data == null) {
        return null;
    }
    PermissionEntry entry = new PermissionEntry();
    List<PermissionOperation> operations = data.generateAccessControlOperations();
    entry.setAllowedOperations(operations);
    entry.setActor(data.getActor());
    return entry;
}
Also used : PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry)

Example 4 with PermissionOperation

use of org.cloudfoundry.credhub.request.PermissionOperation in project credhub by cloudfoundry-incubator.

the class PermissionsHandlerTest method getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse.

@Test
public void getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse() {
    ArrayList<PermissionOperation> operations = newArrayList(PermissionOperation.READ, PermissionOperation.WRITE);
    when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.READ_ACL))).thenReturn(true);
    PermissionEntry permissionEntry = new PermissionEntry(ACTOR_NAME, operations);
    List<PermissionEntry> accessControlList = newArrayList(permissionEntry);
    when(permissionService.getPermissions(credentialVersion, auditRecordParameters, CREDENTIAL_NAME)).thenReturn(accessControlList);
    PermissionsView response = subject.getPermissions(CREDENTIAL_NAME, auditRecordParameters);
    List<PermissionEntry> accessControlEntries = response.getPermissions();
    assertThat(response.getCredentialName(), equalTo(CREDENTIAL_NAME));
    assertThat(accessControlEntries, hasSize(1));
    PermissionEntry entry = accessControlEntries.get(0);
    assertThat(entry.getActor(), equalTo(ACTOR_NAME));
    List<PermissionOperation> allowedOperations = entry.getAllowedOperations();
    assertThat(allowedOperations, contains(equalTo(PermissionOperation.READ), equalTo(PermissionOperation.WRITE)));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) Test(org.junit.Test)

Aggregations

PermissionOperation (org.cloudfoundry.credhub.request.PermissionOperation)4 PermissionEntry (org.cloudfoundry.credhub.request.PermissionEntry)3 Test (org.junit.Test)2 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 Credential (org.cloudfoundry.credhub.entity.Credential)1 PermissionData (org.cloudfoundry.credhub.entity.PermissionData)1 PermissionsView (org.cloudfoundry.credhub.view.PermissionsView)1