Examples with OrganizationDto org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto used on opensource projects

Search in sources :

Example 21 with OrganizationDto

use of org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto in project che-server by eclipse-che.

the class OrganizationServiceTest method shouldGetChildOrganizations.

@Test
public void shouldGetChildOrganizations() throws Exception {
    final OrganizationDto toFetch = createOrganization();
    doReturn(new Page<>(singletonList(toFetch), 0, 1, 1)).when(orgManager).getByParent(anyString(), anyInt(), anyLong());
    final Response response = given().auth().basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD).contentType("application/json").when().get(SECURE_PATH + "/organization/parentOrg123/organizations?skipCount=0&maxItems=1");
    assertEquals(response.statusCode(), 200);
    final List<OrganizationDto> organizationDtos = unwrapDtoList(response, OrganizationDto.class);
    assertEquals(organizationDtos.size(), 1);
    assertEquals(organizationDtos.get(0), toFetch);
    verify(orgManager).getByParent("parentOrg123", 1, 0);
    verify(linksInjector).injectLinks(any(), any());
}
Also used : Response(io.restassured.response.Response) OrganizationDto(org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto) Test(org.testng.annotations.Test)

Example 22 with OrganizationDto

use of org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto in project devspaces-images by redhat-developer.

the class OrganizationPermissionsFilter method filter.

@Override
protected void filter(GenericResourceMethod genericMethodResource, Object[] arguments) throws ApiException {
    final String methodName = genericMethodResource.getMethod().getName();
    final Subject currentSubject = EnvironmentContext.getCurrent().getSubject();
    String action;
    String organizationId;
    switch(methodName) {
        case CREATE_METHOD:
            final OrganizationDto organization = (OrganizationDto) arguments[0];
            if (organization.getParent() != null) {
                organizationId = organization.getParent();
                action = OrganizationDomain.MANAGE_SUBORGANIZATIONS;
                break;
            }
            // anybody can create root organization
            return;
        case UPDATE_METHOD:
            organizationId = ((String) arguments[0]);
            action = OrganizationDomain.UPDATE;
            break;
        case REMOVE_METHOD:
            organizationId = ((String) arguments[0]);
            action = OrganizationDomain.DELETE;
            break;
        case GET_BY_PARENT_METHOD:
            organizationId = ((String) arguments[0]);
            action = OrganizationDomain.MANAGE_SUBORGANIZATIONS;
            if (superPrivilegesChecker.hasSuperPrivileges()) {
                return;
            }
            break;
        case GET_ORGANIZATIONS_METHOD:
            final String userId = (String) arguments[0];
            if (userId != null && !userId.equals(currentSubject.getUserId()) && !superPrivilegesChecker.hasSuperPrivileges()) {
                throw new ForbiddenException("The user is able to specify only his own id");
            }
            // user specified his user id or has super privileges
            return;
        // methods accessible to every user
        case GET_BY_ID_METHOD:
        case FIND_METHOD:
            return;
        default:
            throw new ForbiddenException("The user does not have permission to perform this operation");
    }
    // user is not admin and it is need to check permissions on organization instance level
    final Organization organization = manager.getById(organizationId);
    final String parentOrganizationId = organization.getParent();
    // check permissions on parent organization level when updating or removing child organization
    if (parentOrganizationId != null && (OrganizationDomain.UPDATE.equals(action) || OrganizationDomain.DELETE.equals(action))) {
        if (currentSubject.hasPermission(OrganizationDomain.DOMAIN_ID, parentOrganizationId, MANAGE_SUBORGANIZATIONS)) {
            // user has permissions to manage organization on parent organization level
            return;
        }
    }
    if (!currentSubject.hasPermission(DOMAIN_ID, organizationId, action)) {
        throw new ForbiddenException("The user does not have permission to " + action + " organization with id '" + organizationId + "'");
    }
}
Also used : ForbiddenException(org.eclipse.che.api.core.ForbiddenException) Organization(org.eclipse.che.multiuser.organization.shared.model.Organization) Subject(org.eclipse.che.commons.subject.Subject) OrganizationDto(org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto)

Aggregations

OrganizationDto (org.eclipse.che.multiuser.organization.shared.dto.OrganizationDto)22 Test (org.testng.annotations.Test)20 Response (io.restassured.response.Response)18 Organization (org.eclipse.che.multiuser.organization.shared.model.Organization)6 BadRequestException (org.eclipse.che.api.core.BadRequestException)4 ServiceError (org.eclipse.che.api.core.rest.shared.dto.ServiceError)4 OrganizationImpl (org.eclipse.che.multiuser.organization.spi.impl.OrganizationImpl)4 ForbiddenException (org.eclipse.che.api.core.ForbiddenException)2 Subject (org.eclipse.che.commons.subject.Subject)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial