Examples with Collaborator org.eclipse.vorto.repository.web.api.v1.dto.Collaborator used on opensource projects

Example 21 with Collaborator

use of org.eclipse.vorto.repository.web.api.v1.dto.Collaborator in project vorto by eclipse.

the class NamespaceControllerIntegrationTest method updateCollaboratorAddTechnicalUser.

@Test
public void updateCollaboratorAddTechnicalUser() throws Exception {
    String namespaceName = "com.mycompany";
    Collaborator collaborator = new Collaborator("my-technical-user", GITHUB, "ProjectX", Lists.newArrayList("model_viewer", "model_creator"));
    collaborator.setTechnicalUser(true);
    createTechnicalUserAndAddToNamespace(namespaceName, collaborator);
    User technicalUser = userRepository.findByUsername("my-technical-user");
    assertNotNull(technicalUser);
    assertTrue(technicalUser.isTechnicalUser());
    checkCollaboratorRoles(namespaceName, "my-technical-user", "model_viewer", "model_creator");
    collaborator = new Collaborator("my-technical-user", GITHUB, "ProjectX", Lists.newArrayList("model_viewer"));
    // cannot re-create tech user so adding as collaborator since it already exists now
    addCollaboratorToNamespace(namespaceName, collaborator);
    checkCollaboratorRoles(namespaceName, "my-technical-user", "model_viewer");
}

Example 22 with Collaborator

use of org.eclipse.vorto.repository.web.api.v1.dto.Collaborator in project vorto by eclipse.

the class NamespaceControllerIntegrationTest method testRemoveExistingUserFromNamespaceWithNoPrivileges.

/**
 * Tests that removing an existing user from a namespace fails if the user performing the operation
 * has no "tenant admin" role for that namespace. <br/>
 * In this case, we're creating a third user with tenant admin authority, who is not added as
 * admin of that namespace, and will try to remove the simple user.<br/>
 * Note that it might be worth thinking of the edge case where a user simply wants to be removed
 * from a namespace they have been added to, regardless of their role in that namespace. <br/>
 * See {@link org.eclipse.vorto.repository.web.api.v1.NamespaceController#removeUserFromNamespace(String, String)}
 * for specifications on how authorization is enforced.
 *
 * @throws Exception
 */
@Test
public void testRemoveExistingUserFromNamespaceWithNoPrivileges() throws Exception {
    // first, creates the namespace for the admin user
    createNamespaceSuccessfully("myAdminNamespace", userSysadmin);
    Collaborator userModelCreatorCollaborator = new Collaborator();
    userModelCreatorCollaborator.setUserId(USER_MODEL_CREATOR_NAME);
    Set<String> roles = new HashSet<>();
    roles.add("model_viewer");
    userModelCreatorCollaborator.setRoles(roles);
    // adds the collaborator with "model_viewer" roles to the namespace
    repositoryServer.perform(put("/rest/namespaces/myAdminNamespace/users").contentType("application/json").content(objectMapper.writeValueAsString(userModelCreatorCollaborator)).with(userSysadmin)).andExpect(status().isOk()).andExpect(content().string("true"));
    // creates a user with tenant admin privileges but no access to the namespace in question
    SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor thirdUser = user("thirdPartyUser").password("pass");
    userRepository.save(new UserBuilder().withAuthenticationProviderID(GITHUB).withName("thirdPartyUser").build());
    // finally removes the user from the namespace but with the "thirdPartyUser" who is tenant admin
    // "somewhere else", which fails due to lack of tenant admin role on that given namespace
    repositoryServer.perform(delete(String.format("/rest/namespaces/myAdminNamespace/users/%s", USER_MODEL_CREATOR_NAME)).with(thirdUser)).andExpect(status().isForbidden());
}

Example 23 with Collaborator

use of org.eclipse.vorto.repository.web.api.v1.dto.Collaborator in project vorto by eclipse.

the class NamespaceControllerIntegrationTest method createTechnicalCollaboratorSubjectNotAlnum.

@Test
public void createTechnicalCollaboratorSubjectNotAlnum() throws Exception {
    Collaborator collaborator = new Collaborator("my-technical-user", BOSCH_IOT_SUITE_AUTH, "$%&/$", Lists.newArrayList("model_viewer", "model_creator"));
    collaborator.setTechnicalUser(true);
    repositoryServer.perform(post("/rest/namespaces/com.mycompany/users").content(objectMapper.writeValueAsString(collaborator)).contentType(MediaType.APPLICATION_JSON).with(userSysadmin)).andExpect(status().isBadRequest());
}

Example 24 with Collaborator

use of org.eclipse.vorto.repository.web.api.v1.dto.Collaborator in project vorto by eclipse.

the class NamespaceControllerIntegrationTest method createTechnicalCollaboratorSubjectTooShort.

@Test
public void createTechnicalCollaboratorSubjectTooShort() throws Exception {
    Collaborator collaborator = new Collaborator("my-technical-user", BOSCH_IOT_SUITE_AUTH, "abc", Lists.newArrayList("model_viewer", "model_creator"));
    collaborator.setTechnicalUser(true);
    repositoryServer.perform(post("/rest/namespaces/com.mycompany/users").content(objectMapper.writeValueAsString(collaborator)).contentType(MediaType.APPLICATION_JSON).with(userSysadmin)).andExpect(status().isBadRequest());
}

Example 25 with Collaborator

use of org.eclipse.vorto.repository.web.api.v1.dto.Collaborator in project vorto by eclipse.

the class NamespaceControllerIntegrationTest method testIsOnlyAdminOnAnyNamespace.

/**
 * Tests that checking whether the logged on user is the only admin on any of their namespaces
 * returns as expected. <br/>
 * The endpoint is a simplification of the former TenantService.js all deferred to the back-end,
 * and is used contextually to a user trying to delete their account.
 *
 * @throws Exception
 */
@Test
public void testIsOnlyAdminOnAnyNamespace() throws Exception {
    String namespaceName = "myAdminNamespace";
    // first, creates the namespace
    createNamespaceSuccessfully(namespaceName, userSysadmin);
    // now checks whether the creator user is the only admin user of any namespace - since they
    // only have one, this will return true
    repositoryServer.perform(get("/rest/namespaces/userIsOnlyAdmin").with(userSysadmin)).andExpect(status().isOk()).andExpect(content().string("true"));
    /*
    Now adds another user as tenant admin for the namespace.
    Note: this is done with the admin user here, because of the pre-authorization checks in the
    controller, that verify if a user has the Spring role at all.
    Since those users are mocked and their roles cannot be changed during tests, the userModelCreator
    user would fail to add a collaborator at this point (but not in real life, since they would be
    made tenant admin of the namespace they just created).
    */
    Collaborator userModelCreatorCollaborator = new Collaborator();
    userModelCreatorCollaborator.setUserId(USER_MODEL_VIEWER_NAME);
    Set<String> roles = new HashSet<>();
    roles.add("model_viewer");
    roles.add("namespace_admin");
    userModelCreatorCollaborator.setRoles(roles);
    repositoryServer.perform(put(String.format("/rest/namespaces/%s/users", namespaceName)).contentType("application/json").content(objectMapper.writeValueAsString(userModelCreatorCollaborator)).with(userSysadmin)).andExpect(status().isOk()).andExpect(content().string("true"));
    // finally, checks whether the original user is still only admin in any of their namespaces -
    // which they aren't now, since we've added another user with tenant admin privileges
    repositoryServer.perform(get("/rest/namespaces/userIsOnlyAdmin").with(userModelCreator)).andExpect(status().isOk()).andExpect(content().string("false"));
}