use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.
the class UserServiceIntegrationTest method testAddAndRemoveUserAuthorities.
@Test
public void testAddAndRemoveUserAuthorities() throws Throwable {
try {
UserAuthoritiesRequest request = new UserAuthoritiesRequest();
UserAuthority auth = new UserAuthority();
auth.setGroup("management");
auth.setRole("pageManager");
request.add(auth);
List<UserAuthorityDto> resp = userService.addUserAuthorities("editorCustomers", request);
assertNotNull(resp);
assertEquals(1, resp.size());
assertEquals("management", resp.get(0).getGroup());
} finally {
UserAuthoritiesRequest request = new UserAuthoritiesRequest();
UserAuthority auth = new UserAuthority();
auth.setGroup("customers");
auth.setRole("editor");
request.add(auth);
List<UserAuthorityDto> resp = userService.addUserAuthorities("editorCustomers", request);
assertNotNull(resp);
assertEquals(1, resp.size());
assertEquals("customers", resp.get(0).getGroup());
}
}
use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.
the class UserControllerUnitTest method shouldAddUserAuthorities.
@Test
public void shouldAddUserAuthorities() throws Exception {
UserDetails user = new OAuth2TestUtils.UserBuilder("jack_bauer", "0x24").grantedToRoleAdmin().build();
String accessToken = mockOAuthInterceptor(user);
String mockJson = "[{\"group\":\"group1\", \"role\":\"role1\"},{\"group\":\"group2\", \"role\":\"role2\"}]";
List<UserAuthorityDto> authorities = (List<UserAuthorityDto>) this.createMetadata(mockJson, List.class);
when(this.controller.getUserValidator().getGroupManager().getGroup(any(String.class))).thenReturn(mockedGroup());
when(this.controller.getUserValidator().getRoleManager().getRole(any(String.class))).thenReturn(mockedRole());
when(this.controller.getUserService().addUserAuthorities(any(String.class), any(UserAuthoritiesRequest.class))).thenReturn(authorities);
ResultActions result = mockMvc.perform(put("/users/{target}/authorities", "mockuser").sessionAttr("user", user).content(mockJson).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + accessToken));
result.andExpect(status().isOk());
}
use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.
the class UserController method addUserAuthorities.
@RestAccessControl(permission = Permission.MANAGE_USERS)
@RequestMapping(value = "/{target}/authorities", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<RestResponse> addUserAuthorities(@ModelAttribute("user") UserDetails user, @PathVariable String target, @Valid @RequestBody UserAuthoritiesRequest authRequest, BindingResult bindingResult) throws ApsSystemException {
logger.debug("user {} requesting add authorities for username {} with req {}", user.getUsername(), target, authRequest);
// field validations
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
// business validations
getUserValidator().validate(authRequest, bindingResult);
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
getUserValidator().validateUpdateSelf(target, user.getUsername(), bindingResult);
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
List<UserAuthorityDto> authorities = this.getUserService().addUserAuthorities(target, authRequest);
return new ResponseEntity<>(new RestResponse(authorities), HttpStatus.OK);
}
use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.
the class UserController method updateUserAuthorities.
@RestAccessControl(permission = Permission.MANAGE_USERS)
@RequestMapping(value = "/{target}/authorities", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<RestResponse> updateUserAuthorities(@ModelAttribute("user") UserDetails user, @PathVariable String target, @Valid @RequestBody UserAuthoritiesRequest authRequest, BindingResult bindingResult) {
logger.debug("user {} requesting update authorities for username {} with req {}", user.getUsername(), target, authRequest);
// field validations
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
// business validations
getUserValidator().validate(authRequest, bindingResult);
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
getUserValidator().validateUpdateSelf(target, user.getUsername(), bindingResult);
if (bindingResult.hasErrors()) {
throw new ValidationGenericException(bindingResult);
}
List<UserAuthorityDto> authorities = this.getUserService().addUserAuthorities(target, authRequest);
return new ResponseEntity<>(new RestResponse(authorities), HttpStatus.OK);
}
use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.
the class UserService method addUserAuthorities.
@Override
public List<UserAuthorityDto> addUserAuthorities(String username, UserAuthoritiesRequest request) {
try {
List<UserAuthorityDto> authorizations = new ArrayList<>();
final UserDetails user = this.getUserManager().getUser(username);
;
request.forEach(authorization -> {
try {
if (!this.getAuthorizationManager().isAuthOnGroupAndRole(user, authorization.getGroup(), authorization.getRole(), true)) {
this.getAuthorizationManager().addUserAuthorization(username, authorization.getGroup(), authorization.getRole());
}
} catch (ApsSystemException ex) {
logger.error("Error in add authorities for {}", username, ex);
throw new RestServerError("Error in add authorities", ex);
}
authorizations.add(new UserAuthorityDto(authorization.getGroup(), authorization.getRole()));
});
return authorizations;
} catch (ApsSystemException ex) {
logger.error("Error in add authorities for {}", username, ex);
throw new RestServerError("Error in add authorities", ex);
}
}
Aggregations