Example 1 with NamespaceAuthorization
use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.
the class UserNamespaceAuthorizationHelperTest method testBuildNamespaceAuthorizationsAssertAuthLookupByUserId.
@Test
public void testBuildNamespaceAuthorizationsAssertAuthLookupByUserId() {
ApplicationUser applicationUser = new ApplicationUser(getClass());
String userId = "userId";
applicationUser.setUserId(userId);
when(configurationHelper.getBooleanProperty(any())).thenReturn(true);
List<UserNamespaceAuthorizationEntity> userNamespaceAuthorizationEntities = new ArrayList<>();
UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity = new UserNamespaceAuthorizationEntity();
userNamespaceAuthorizationEntity.setUserId("userNamespaceAuthorizationEntityUserId");
NamespaceEntity namespaceEntity = new NamespaceEntity();
namespaceEntity.setCode("namespace");
userNamespaceAuthorizationEntity.setNamespace(namespaceEntity);
userNamespaceAuthorizationEntities.add(userNamespaceAuthorizationEntity);
when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserId(any())).thenReturn(userNamespaceAuthorizationEntities);
userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
assertEquals(1, applicationUser.getNamespaceAuthorizations().size());
NamespaceAuthorization namespaceAuthorization = IterableUtils.get(applicationUser.getNamespaceAuthorizations(), 0);
assertEquals(namespaceEntity.getCode(), namespaceAuthorization.getNamespace());
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId));
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN));
verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper);
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity)
ArrayList(java.util.ArrayList)
UserNamespaceAuthorizationEntity(org.finra.herd.model.jpa.UserNamespaceAuthorizationEntity)
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
Test(org.junit.Test)
Example 2 with NamespaceAuthorization
use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.
the class UserNamespaceAuthorizationHelper method getAllNamespaceAuthorizations.
/**
* Returns a list of namespace authorizations for all namespaces registered in the system and with all permissions enabled.
*
* @return namespacePermissions the list of namespace authorizations
*/
public Set<NamespaceAuthorization> getAllNamespaceAuthorizations() {
Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>();
List<NamespaceKey> namespaceKeys = namespaceDao.getNamespaces();
for (NamespaceKey namespaceKey : namespaceKeys) {
NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization();
namespaceAuthorizations.add(namespaceAuthorization);
namespaceAuthorization.setNamespace(namespaceKey.getNamespaceCode());
namespaceAuthorization.setNamespacePermissions(getAllNamespacePermissions());
}
return namespaceAuthorizations;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
NamespaceKey(org.finra.herd.model.api.xml.NamespaceKey)
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
Example 3 with NamespaceAuthorization
use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.
the class UserNamespaceAuthorizationHelper method toNamespaceAuthorization.
/**
* Converts the given UserNamespaceAuthorizationEntity to NamespaceAuthorization.
*
* @param userNamespaceAuthorizationEntity The UserNamespaceAuthorizationEntity
*
* @return The NamespaceAuthorization
*/
private NamespaceAuthorization toNamespaceAuthorization(UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity) {
NamespaceAuthorization namespaceAuthorization = new NamespaceAuthorization();
namespaceAuthorization.setNamespace(userNamespaceAuthorizationEntity.getNamespace().getCode());
namespaceAuthorization.setNamespacePermissions(getNamespacePermissions(userNamespaceAuthorizationEntity));
return namespaceAuthorization;
}
Also used :
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
Example 4 with NamespaceAuthorization
use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.
the class HttpHeaderAuthenticationFilterTest method testHttpHeaderAuthenticationFilterAdminUser.
@Test
public void testHttpHeaderAuthenticationFilterAdminUser() throws Exception {
// Create and persist the relative database entities.
userDaoTestHelper.createUserEntity(USER_ID, true);
namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE);
namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE_2);
// Create an ordered set of expected namespace authorizations.
Set<NamespaceAuthorization> expectedNamespaceAuthorizations = new HashSet<>();
expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE, SUPPORTED_NAMESPACE_PERMISSIONS));
expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS));
setupTestFunctions("testRole");
modifyPropertySourceInEnvironment(getDefaultSecurityEnvironmentVariables());
try {
MockHttpServletRequest request = getRequestWithHeaders(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09");
// Invalidate user session if exists.
invalidateApplicationUser(request);
httpHeaderAuthenticationFilter.init(new MockFilterConfig());
httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
// retry with same request.
httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
validateHttpHeaderApplicationUser(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09", TEST_FUNCTIONS, expectedNamespaceAuthorizations);
} finally {
restorePropertySourceInEnvironment();
}
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HashSet(java.util.HashSet)
MockFilterConfig(org.springframework.mock.web.MockFilterConfig)
Test(org.junit.Test)
AbstractAppTest(org.finra.herd.app.AbstractAppTest)
Example 5 with NamespaceAuthorization
use of org.finra.herd.model.api.xml.NamespaceAuthorization in project herd by FINRAOS.
the class HttpHeaderAuthenticationFilterTest method testHttpHeaderAuthenticationFilterUserAuthorizationInvalidConfigurationValue.
@Test
public void testHttpHeaderAuthenticationFilterUserAuthorizationInvalidConfigurationValue() throws Exception {
// Create and persist the relative database entities.
userDaoTestHelper.createUserEntity(USER_ID, true);
namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE);
namespaceDaoTestHelper.createNamespaceEntity(NAMESPACE_2);
// Create an ordered set of expected namespace authorizations.
Set<NamespaceAuthorization> expectedNamespaceAuthorizations = new HashSet<>();
expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE, SUPPORTED_NAMESPACE_PERMISSIONS));
expectedNamespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS));
setupTestFunctions("testRole");
Map<String, Object> overrideMap = getDefaultSecurityEnvironmentVariables();
overrideMap.put(ConfigurationValue.USER_NAMESPACE_AUTHORIZATION_ENABLED.getKey(), "NOT_A_BOOLEAN");
modifyPropertySourceInEnvironment(overrideMap);
try {
MockHttpServletRequest request = getRequestWithHeaders(USER_ID, "testFirstName", "testLastName", "testEmail", "testRole", "Wed, 11 Mar 2015 10:24:09");
// Invalidate user session if exists.
invalidateApplicationUser(request);
httpHeaderAuthenticationFilter.init(new MockFilterConfig());
httpHeaderAuthenticationFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
// Validate that there is no authentication.
assertNull(SecurityContextHolder.getContext().getAuthentication());
} finally {
restorePropertySourceInEnvironment();
}
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HashSet(java.util.HashSet)
MockFilterConfig(org.springframework.mock.web.MockFilterConfig)
Test(org.junit.Test)
AbstractAppTest(org.finra.herd.app.AbstractAppTest)
Aggregations
NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)33
Test (org.junit.Test)29
ApplicationUser (org.finra.herd.model.dto.ApplicationUser)25
SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)22
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)20
AccessDeniedException (org.springframework.security.access.AccessDeniedException)17
Method (java.lang.reflect.Method)14
JoinPoint (org.aspectj.lang.JoinPoint)14
MethodSignature (org.aspectj.lang.reflect.MethodSignature)14
AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)14
LinkedHashSet (java.util.LinkedHashSet)7
ArrayList (java.util.ArrayList)5
HashSet (java.util.HashSet)5
AbstractAppTest (org.finra.herd.app.AbstractAppTest)5
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5
MockFilterChain (org.springframework.mock.web.MockFilterChain)4
MockFilterConfig (org.springframework.mock.web.MockFilterConfig)4
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4
Job (org.finra.herd.model.api.xml.Job)3
UserAuthorizations (org.finra.herd.model.api.xml.UserAuthorizations)3
