use of org.codice.ddf.parser.xml.XmlParser in project ddf by codice.
the class XacmlClientTest method testEvaluateroleuseractionquerycitizenshipCA.
@Test
public void testEvaluateroleuseractionquerycitizenshipCA() throws Exception {
LOGGER.debug("\n\n\n##### testEvaluate_role_user_action_query_citizenship_CA");
final String country = "CA";
testSetup();
RequestType xacmlRequestType = new RequestType();
xacmlRequestType.setCombinedDecision(false);
xacmlRequestType.setReturnPolicyIdList(false);
AttributesType actionAttributes = new AttributesType();
actionAttributes.setCategory(ACTION_CATEGORY);
AttributeType actionAttribute = new AttributeType();
actionAttribute.setAttributeId(ACTION_ID);
actionAttribute.setIncludeInResult(false);
AttributeValueType actionValue = new AttributeValueType();
actionValue.setDataType(STRING_DATA_TYPE);
actionValue.getContent().add(QUERY_ACTION);
actionAttribute.getAttributeValue().add(actionValue);
actionAttributes.getAttribute().add(actionAttribute);
AttributesType subjectAttributes = new AttributesType();
subjectAttributes.setCategory(SUBJECT_CATEGORY);
AttributeType subjectAttribute = new AttributeType();
subjectAttribute.setAttributeId(SUBJECT_ID);
subjectAttribute.setIncludeInResult(false);
AttributeValueType subjectValue = new AttributeValueType();
subjectValue.setDataType(STRING_DATA_TYPE);
subjectValue.getContent().add(TEST_USER_2);
subjectAttribute.getAttributeValue().add(subjectValue);
subjectAttributes.getAttribute().add(subjectAttribute);
AttributeType roleAttribute = new AttributeType();
roleAttribute.setAttributeId(ROLE_CLAIM);
roleAttribute.setIncludeInResult(false);
AttributeValueType roleValue = new AttributeValueType();
roleValue.setDataType(STRING_DATA_TYPE);
roleValue.getContent().add(ROLE);
roleAttribute.getAttributeValue().add(roleValue);
subjectAttributes.getAttribute().add(roleAttribute);
AttributesType categoryAttributes = new AttributesType();
categoryAttributes.setCategory(PERMISSIONS_CATEGORY);
AttributeType citizenshipAttribute = new AttributeType();
citizenshipAttribute.setAttributeId(CITIZENSHIP_ATTRIBUTE);
citizenshipAttribute.setIncludeInResult(false);
AttributeValueType citizenshipValue = new AttributeValueType();
citizenshipValue.setDataType(STRING_DATA_TYPE);
citizenshipValue.getContent().add(country);
citizenshipAttribute.getAttributeValue().add(citizenshipValue);
categoryAttributes.getAttribute().add(citizenshipAttribute);
xacmlRequestType.getAttributes().add(actionAttributes);
xacmlRequestType.getAttributes().add(subjectAttributes);
xacmlRequestType.getAttributes().add(categoryAttributes);
XacmlClient pdp = new XacmlClient(tempDir.getCanonicalPath(), new XmlParser(), mock(SecurityLogger.class));
// Perform Test
ResponseType xacmlResponse = pdp.evaluate(xacmlRequestType);
// Verify
JAXBContext jaxbContext = JAXBContext.newInstance(ResponseType.class);
Marshaller marshaller = jaxbContext.createMarshaller();
ObjectFactory objectFactory = new ObjectFactory();
Writer writer = new StringWriter();
marshaller.marshal(objectFactory.createResponse(xacmlResponse), writer);
LOGGER.debug("\nXACML 3.0 Response:\n{}", writer.toString());
assertEquals(xacmlResponse.getResult().get(0).getDecision(), DecisionType.DENY);
}
use of org.codice.ddf.parser.xml.XmlParser in project ddf by codice.
the class XacmlClientTest method testWrapperpoliciesdirectoryexistsandisempty.
@Test
public /**
* No longer expect an exception thrown here since we can start with an empty directory
*/
void testWrapperpoliciesdirectoryexistsandisempty() throws Exception {
LOGGER.debug("\n\n\n##### testXACMLWrapper_policies_directory_exists_and_is_empty");
// Setup
File dir = folder.newFolder(TEMP_DIR_NAME);
LOGGER.debug("Making directory: {}", dir.getPath());
if (dir.mkdir()) {
assertTrue(dir.isDirectory());
assertTrue(isDirEmpty(dir));
// Perform Test
new XacmlClient(dir.getCanonicalPath(), new XmlParser(), mock(SecurityLogger.class));
// Cleanup
LOGGER.debug("Deleting directory: {}", dir.getPath());
FileUtils.deleteDirectory(dir);
} else {
LOGGER.debug("Could not create directory: {}", dir.getPath());
}
}
use of org.codice.ddf.parser.xml.XmlParser in project ddf by codice.
the class XacmlClientTest method testEvaluateroleuseractionquerycitizenshipUS.
@Test
public void testEvaluateroleuseractionquerycitizenshipUS() throws Exception {
LOGGER.debug("\n\n\n##### testEvaluate_role_user_action_query_citizenship_US");
// Setup
File destDir = folder.newFolder(TEMP_DIR_NAME);
LOGGER.debug("Making directory: {}", destDir.getPath());
if (destDir.mkdir()) {
File srcFile = new File(projectHome + File.separator + RELATIVE_POLICIES_DIR + File.separator + POLICY_FILE);
FileUtils.copyFileToDirectory(srcFile, destDir);
RequestType xacmlRequestType = new RequestType();
xacmlRequestType.setCombinedDecision(false);
xacmlRequestType.setReturnPolicyIdList(false);
AttributesType actionAttributes = new AttributesType();
actionAttributes.setCategory(ACTION_CATEGORY);
AttributeType actionAttribute = new AttributeType();
actionAttribute.setAttributeId(ACTION_ID);
actionAttribute.setIncludeInResult(false);
AttributeValueType actionValue = new AttributeValueType();
actionValue.setDataType(STRING_DATA_TYPE);
actionValue.getContent().add(QUERY_ACTION);
actionAttribute.getAttributeValue().add(actionValue);
actionAttributes.getAttribute().add(actionAttribute);
AttributesType subjectAttributes = new AttributesType();
subjectAttributes.setCategory(SUBJECT_CATEGORY);
AttributeType subjectAttribute = new AttributeType();
subjectAttribute.setAttributeId(SUBJECT_ID);
subjectAttribute.setIncludeInResult(false);
AttributeValueType subjectValue = new AttributeValueType();
subjectValue.setDataType(STRING_DATA_TYPE);
subjectValue.getContent().add(TEST_USER_1);
subjectAttribute.getAttributeValue().add(subjectValue);
subjectAttributes.getAttribute().add(subjectAttribute);
AttributeType roleAttribute = new AttributeType();
roleAttribute.setAttributeId(ROLE_CLAIM);
roleAttribute.setIncludeInResult(false);
AttributeValueType roleValue = new AttributeValueType();
roleValue.setDataType(STRING_DATA_TYPE);
roleValue.getContent().add(ROLE);
roleAttribute.getAttributeValue().add(roleValue);
subjectAttributes.getAttribute().add(roleAttribute);
AttributesType categoryAttributes = new AttributesType();
categoryAttributes.setCategory(PERMISSIONS_CATEGORY);
AttributeType citizenshipAttribute = new AttributeType();
citizenshipAttribute.setAttributeId(CITIZENSHIP_ATTRIBUTE);
citizenshipAttribute.setIncludeInResult(false);
AttributeValueType citizenshipValue = new AttributeValueType();
citizenshipValue.setDataType(STRING_DATA_TYPE);
citizenshipValue.getContent().add(US_COUNTRY);
citizenshipAttribute.getAttributeValue().add(citizenshipValue);
categoryAttributes.getAttribute().add(citizenshipAttribute);
xacmlRequestType.getAttributes().add(actionAttributes);
xacmlRequestType.getAttributes().add(subjectAttributes);
xacmlRequestType.getAttributes().add(categoryAttributes);
XacmlClient pdp = new XacmlClient(destDir.getCanonicalPath(), new XmlParser(), mock(SecurityLogger.class));
// Perform Test
ResponseType xacmlResponse = pdp.evaluate(xacmlRequestType);
// Verify
JAXBContext jaxbContext = JAXBContext.newInstance(ResponseType.class);
Marshaller marshaller = jaxbContext.createMarshaller();
ObjectFactory objectFactory = new ObjectFactory();
Writer writer = new StringWriter();
marshaller.marshal(objectFactory.createResponse(xacmlResponse), writer);
LOGGER.debug("\nXACML 3.0 Response:\n{}", writer.toString());
assertEquals(xacmlResponse.getResult().get(0).getDecision(), DecisionType.PERMIT);
// Cleanup
LOGGER.debug("Deleting directory: {}", destDir);
FileUtils.deleteDirectory(destDir);
} else {
LOGGER.debug("Could not create directory: {}", destDir);
}
}
use of org.codice.ddf.parser.xml.XmlParser in project ddf by codice.
the class XacmlClientTest method testWrapperpoliciesdirectorydoesnotexist.
@Test
public void testWrapperpoliciesdirectorydoesnotexist() throws PdpException, IOException {
LOGGER.debug("\n\n\n##### testXACMLWrapper_policies_directory_does_not_exist");
// Perform Test on new directory
// Expect directory to be created
new XacmlClient(TEST_CREATION_DIR, new XmlParser(), mock(SecurityLogger.class));
// Delete the directory that was just created
FileUtils.forceDelete(new File(TEST_CREATION_DIR));
}
use of org.codice.ddf.parser.xml.XmlParser in project ddf by codice.
the class AuthzRealmTest method testIsPermittedOneMultiple.
@Test
public void testIsPermittedOneMultiple() throws PdpException {
permissionList.clear();
KeyValuePermission kvp = new KeyValuePermissionImpl("country", Arrays.asList("AUS", "CAN", "GBR"));
permissionList.add(kvp);
String ruleClaim = "FineAccessControls";
String countryClaim = "CountryOfAffiliation";
// create a new user here with multiple country permissions to test
List<Permission> permissions = new ArrayList<Permission>();
KeyValuePermission rulePermission = new KeyValuePermissionImpl(ruleClaim);
rulePermission.addValue("A");
rulePermission.addValue("B");
permissions.add(rulePermission);
KeyValuePermission countryPermission = new KeyValuePermissionImpl(countryClaim);
countryPermission.addValue("USA");
countryPermission.addValue("AUS");
permissions.add(countryPermission);
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.addObjectPermission(rulePermission);
authorizationInfo.addObjectPermission(countryPermission);
authorizationInfo.addRole("admin");
AuthzRealm testRealm = new AuthzRealm("src/test/resources/policies", new XmlParser()) {
@Override
public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {
return authorizationInfo;
}
};
testRealm.setSecurityLogger(mock(SecurityLogger.class));
testRealm.setMatchOneMappings(Arrays.asList("CountryOfAffiliation=country"));
testRealm.setMatchAllMappings(Arrays.asList("FineAccessControls=rule"));
testRealm.setRolePermissionResolver(roleString -> Arrays.asList(new KeyValuePermissionImpl("role", Arrays.asList(roleString))));
boolean[] permittedArray = testRealm.isPermitted(mockSubjectPrincipal, permissionList);
for (boolean permitted : permittedArray) {
Assert.assertEquals(true, permitted);
}
}
Aggregations