Search in sources :

Example 1 with UserAuthorityDto

use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.

the class UserServiceIntegrationTest method testAddAndRemoveUserAuthorities.

@Test
public void testAddAndRemoveUserAuthorities() throws Throwable {
    try {
        UserAuthoritiesRequest request = new UserAuthoritiesRequest();
        UserAuthority auth = new UserAuthority();
        auth.setGroup("management");
        auth.setRole("pageManager");
        request.add(auth);
        List<UserAuthorityDto> resp = userService.addUserAuthorities("editorCustomers", request);
        assertNotNull(resp);
        assertEquals(1, resp.size());
        assertEquals("management", resp.get(0).getGroup());
    } finally {
        UserAuthoritiesRequest request = new UserAuthoritiesRequest();
        UserAuthority auth = new UserAuthority();
        auth.setGroup("customers");
        auth.setRole("editor");
        request.add(auth);
        List<UserAuthorityDto> resp = userService.addUserAuthorities("editorCustomers", request);
        assertNotNull(resp);
        assertEquals(1, resp.size());
        assertEquals("customers", resp.get(0).getGroup());
    }
}
Also used : UserAuthoritiesRequest(org.entando.entando.web.user.model.UserAuthoritiesRequest) UserAuthorityDto(org.entando.entando.aps.system.services.user.model.UserAuthorityDto) UserAuthority(org.entando.entando.web.user.model.UserAuthority) Test(org.junit.Test)

Example 2 with UserAuthorityDto

use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.

the class UserControllerUnitTest method shouldAddUserAuthorities.

@Test
public void shouldAddUserAuthorities() throws Exception {
    UserDetails user = new OAuth2TestUtils.UserBuilder("jack_bauer", "0x24").grantedToRoleAdmin().build();
    String accessToken = mockOAuthInterceptor(user);
    String mockJson = "[{\"group\":\"group1\", \"role\":\"role1\"},{\"group\":\"group2\", \"role\":\"role2\"}]";
    List<UserAuthorityDto> authorities = (List<UserAuthorityDto>) this.createMetadata(mockJson, List.class);
    when(this.controller.getUserValidator().getGroupManager().getGroup(any(String.class))).thenReturn(mockedGroup());
    when(this.controller.getUserValidator().getRoleManager().getRole(any(String.class))).thenReturn(mockedRole());
    when(this.controller.getUserService().addUserAuthorities(any(String.class), any(UserAuthoritiesRequest.class))).thenReturn(authorities);
    ResultActions result = mockMvc.perform(put("/users/{target}/authorities", "mockuser").sessionAttr("user", user).content(mockJson).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + accessToken));
    result.andExpect(status().isOk());
}
Also used : UserDetails(com.agiletec.aps.system.services.user.UserDetails) UserAuthoritiesRequest(org.entando.entando.web.user.model.UserAuthoritiesRequest) UserAuthorityDto(org.entando.entando.aps.system.services.user.model.UserAuthorityDto) ArrayList(java.util.ArrayList) List(java.util.List) ResultActions(org.springframework.test.web.servlet.ResultActions) AbstractControllerTest(org.entando.entando.web.AbstractControllerTest) Test(org.junit.Test)

Example 3 with UserAuthorityDto

use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.

the class UserController method addUserAuthorities.

@RestAccessControl(permission = Permission.MANAGE_USERS)
@RequestMapping(value = "/{target}/authorities", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<RestResponse> addUserAuthorities(@ModelAttribute("user") UserDetails user, @PathVariable String target, @Valid @RequestBody UserAuthoritiesRequest authRequest, BindingResult bindingResult) throws ApsSystemException {
    logger.debug("user {} requesting add authorities for username {} with req {}", user.getUsername(), target, authRequest);
    // field validations
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    // business validations
    getUserValidator().validate(authRequest, bindingResult);
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    getUserValidator().validateUpdateSelf(target, user.getUsername(), bindingResult);
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    List<UserAuthorityDto> authorities = this.getUserService().addUserAuthorities(target, authRequest);
    return new ResponseEntity<>(new RestResponse(authorities), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) RestResponse(org.entando.entando.web.common.model.RestResponse) UserAuthorityDto(org.entando.entando.aps.system.services.user.model.UserAuthorityDto) ValidationGenericException(org.entando.entando.web.common.exceptions.ValidationGenericException) RestAccessControl(org.entando.entando.web.common.annotation.RestAccessControl) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with UserAuthorityDto

use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.

the class UserController method updateUserAuthorities.

@RestAccessControl(permission = Permission.MANAGE_USERS)
@RequestMapping(value = "/{target}/authorities", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<RestResponse> updateUserAuthorities(@ModelAttribute("user") UserDetails user, @PathVariable String target, @Valid @RequestBody UserAuthoritiesRequest authRequest, BindingResult bindingResult) {
    logger.debug("user {} requesting update authorities for username {} with req {}", user.getUsername(), target, authRequest);
    // field validations
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    // business validations
    getUserValidator().validate(authRequest, bindingResult);
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    getUserValidator().validateUpdateSelf(target, user.getUsername(), bindingResult);
    if (bindingResult.hasErrors()) {
        throw new ValidationGenericException(bindingResult);
    }
    List<UserAuthorityDto> authorities = this.getUserService().addUserAuthorities(target, authRequest);
    return new ResponseEntity<>(new RestResponse(authorities), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) RestResponse(org.entando.entando.web.common.model.RestResponse) UserAuthorityDto(org.entando.entando.aps.system.services.user.model.UserAuthorityDto) ValidationGenericException(org.entando.entando.web.common.exceptions.ValidationGenericException) RestAccessControl(org.entando.entando.web.common.annotation.RestAccessControl) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 5 with UserAuthorityDto

use of org.entando.entando.aps.system.services.user.model.UserAuthorityDto in project entando-core by entando.

the class UserService method addUserAuthorities.

@Override
public List<UserAuthorityDto> addUserAuthorities(String username, UserAuthoritiesRequest request) {
    try {
        List<UserAuthorityDto> authorizations = new ArrayList<>();
        final UserDetails user = this.getUserManager().getUser(username);
        ;
        request.forEach(authorization -> {
            try {
                if (!this.getAuthorizationManager().isAuthOnGroupAndRole(user, authorization.getGroup(), authorization.getRole(), true)) {
                    this.getAuthorizationManager().addUserAuthorization(username, authorization.getGroup(), authorization.getRole());
                }
            } catch (ApsSystemException ex) {
                logger.error("Error in add authorities for {}", username, ex);
                throw new RestServerError("Error in add authorities", ex);
            }
            authorizations.add(new UserAuthorityDto(authorization.getGroup(), authorization.getRole()));
        });
        return authorizations;
    } catch (ApsSystemException ex) {
        logger.error("Error in add authorities for {}", username, ex);
        throw new RestServerError("Error in add authorities", ex);
    }
}
Also used : UserDetails(com.agiletec.aps.system.services.user.UserDetails) RestServerError(org.entando.entando.aps.system.exception.RestServerError) ArrayList(java.util.ArrayList) UserAuthorityDto(org.entando.entando.aps.system.services.user.model.UserAuthorityDto) ApsSystemException(com.agiletec.aps.system.exception.ApsSystemException)

Aggregations

UserAuthorityDto (org.entando.entando.aps.system.services.user.model.UserAuthorityDto)5 UserDetails (com.agiletec.aps.system.services.user.UserDetails)2 ArrayList (java.util.ArrayList)2 RestAccessControl (org.entando.entando.web.common.annotation.RestAccessControl)2 ValidationGenericException (org.entando.entando.web.common.exceptions.ValidationGenericException)2 RestResponse (org.entando.entando.web.common.model.RestResponse)2 UserAuthoritiesRequest (org.entando.entando.web.user.model.UserAuthoritiesRequest)2 Test (org.junit.Test)2 ResponseEntity (org.springframework.http.ResponseEntity)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ApsSystemException (com.agiletec.aps.system.exception.ApsSystemException)1 List (java.util.List)1 RestServerError (org.entando.entando.aps.system.exception.RestServerError)1 AbstractControllerTest (org.entando.entando.web.AbstractControllerTest)1 UserAuthority (org.entando.entando.web.user.model.UserAuthority)1 ResultActions (org.springframework.test.web.servlet.ResultActions)1