Example 1 with ApplicationUser
use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.
the class UserNamespaceAuthorizationHelperTest method testBuildNamespaceAuthorizationsAssertAuthLookupByUserId.
@Test
public void testBuildNamespaceAuthorizationsAssertAuthLookupByUserId() {
ApplicationUser applicationUser = new ApplicationUser(getClass());
String userId = "userId";
applicationUser.setUserId(userId);
when(configurationHelper.getBooleanProperty(any())).thenReturn(true);
List<UserNamespaceAuthorizationEntity> userNamespaceAuthorizationEntities = new ArrayList<>();
UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity = new UserNamespaceAuthorizationEntity();
userNamespaceAuthorizationEntity.setUserId("userNamespaceAuthorizationEntityUserId");
NamespaceEntity namespaceEntity = new NamespaceEntity();
namespaceEntity.setCode("namespace");
userNamespaceAuthorizationEntity.setNamespace(namespaceEntity);
userNamespaceAuthorizationEntities.add(userNamespaceAuthorizationEntity);
when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserId(any())).thenReturn(userNamespaceAuthorizationEntities);
userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
assertEquals(1, applicationUser.getNamespaceAuthorizations().size());
NamespaceAuthorization namespaceAuthorization = IterableUtils.get(applicationUser.getNamespaceAuthorizations(), 0);
assertEquals(namespaceEntity.getCode(), namespaceAuthorization.getNamespace());
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId));
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN));
verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper);
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity)
ArrayList(java.util.ArrayList)
UserNamespaceAuthorizationEntity(org.finra.herd.model.jpa.UserNamespaceAuthorizationEntity)
NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization)
Test(org.junit.Test)
Example 2 with ApplicationUser
use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.
the class UserNamespaceAuthorizationHelperTest method testBuildNamespaceAuthorizationsAssertWildcardEntityNotAddedIfMatchFails.
@Test
public void testBuildNamespaceAuthorizationsAssertWildcardEntityNotAddedIfMatchFails() {
ApplicationUser applicationUser = new ApplicationUser(getClass());
String userId = "userId";
applicationUser.setUserId(userId);
when(configurationHelper.getBooleanProperty(any())).thenReturn(true);
List<UserNamespaceAuthorizationEntity> wildcardEntities = new ArrayList<>();
UserNamespaceAuthorizationEntity wildcardEntity = new UserNamespaceAuthorizationEntity();
wildcardEntity.setUserId("wildcardEntityUserId");
NamespaceEntity namespaceEntity = new NamespaceEntity();
namespaceEntity.setCode("namespace");
wildcardEntity.setNamespace(namespaceEntity);
wildcardEntities.add(wildcardEntity);
when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserIdStartsWith(any())).thenReturn(wildcardEntities);
when(wildcardHelper.matches(any(), any())).thenReturn(false);
userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
assertEquals(0, applicationUser.getNamespaceAuthorizations().size());
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId));
verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN));
verify(wildcardHelper).matches(eq(userId.toUpperCase()), eq(wildcardEntity.getUserId().toUpperCase()));
verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper);
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity)
ArrayList(java.util.ArrayList)
UserNamespaceAuthorizationEntity(org.finra.herd.model.jpa.UserNamespaceAuthorizationEntity)
Test(org.junit.Test)
Example 3 with ApplicationUser
use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.
the class BaseJavaDelegate method setSecurityContext.
/**
* Sets the security context per last updater of the current process instance's job definition.
*
* @param execution the current execution context
*/
protected void setSecurityContext(DelegateExecution execution) {
String processDefinitionId = execution.getProcessDefinitionId();
// Get process definition by process definition ID from Activiti.
ProcessDefinition processDefinition = activitiService.getProcessDefinitionById(processDefinitionId);
// Validate that we retrieved the process definition from Activiti.
if (processDefinition == null) {
throw new ObjectNotFoundException(String.format("Failed to find Activiti process definition for processDefinitionId=\"%s\".", processDefinitionId));
}
// Retrieve the process definition key.
String processDefinitionKey = processDefinition.getKey();
// Get the job definition key.
JobDefinitionAlternateKeyDto jobDefinitionKey = jobDefinitionHelper.getJobDefinitionKey(processDefinitionKey);
// Get the job definition from the Herd repository and validate that it exists.
JobDefinitionEntity jobDefinitionEntity = jobDefinitionDaoHelper.getJobDefinitionEntity(jobDefinitionKey.getNamespace(), jobDefinitionKey.getJobName());
// Set the security context per last updater of the job definition.
String updatedByUserId = jobDefinitionEntity.getUpdatedBy();
ApplicationUser applicationUser = new ApplicationUser(getClass());
applicationUser.setUserId(updatedByUserId);
userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
SecurityContextHolder.getContext().setAuthentication(new PreAuthenticatedAuthenticationToken(new SecurityUserWrapper(updatedByUserId, "", true, true, true, true, Collections.emptyList(), applicationUser), null));
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
JobDefinitionEntity(org.finra.herd.model.jpa.JobDefinitionEntity)
JobDefinitionAlternateKeyDto(org.finra.herd.model.dto.JobDefinitionAlternateKeyDto)
ObjectNotFoundException(org.finra.herd.model.ObjectNotFoundException)
SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper)
PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)
ProcessDefinition(org.activiti.engine.repository.ProcessDefinition)
Example 4 with ApplicationUser
use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.
the class HttpHeaderApplicationUserBuilder method buildUser.
/**
* Builds the application user from the header map.
*
* @param headerMap the map of headers.
* @param includeRoles If true, the user's roles will be included. Otherwise, not.
*
* @return the application user.
*/
protected ApplicationUser buildUser(Map<String, String> headerMap, boolean includeRoles) {
LOGGER.debug("Creating Application User From Headers");
Map<String, String> headerNames = getHeaderNames();
// Build the user in pieces.
ApplicationUser applicationUser = createNewApplicationUser();
buildUserId(applicationUser, headerMap, headerNames.get(HTTP_HEADER_USER_ID));
buildFirstName(applicationUser, headerMap, headerNames.get(HTTP_HEADER_FIRST_NAME));
buildLastName(applicationUser, headerMap, headerNames.get(HTTP_HEADER_LAST_NAME));
buildEmail(applicationUser, headerMap, headerNames.get(HTTP_HEADER_EMAIL));
buildSessionId(applicationUser, headerMap, HTTP_HEADER_SESSION_ID);
buildSessionInitTime(applicationUser, headerMap, headerNames.get(HTTP_HEADER_SESSION_INIT_TIME));
userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
if (includeRoles) {
buildRoles(applicationUser, headerMap, headerNames.get(HTTP_HEADER_ROLES));
}
LOGGER.debug("Application user created successfully: " + applicationUser);
return applicationUser;
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
Example 5 with ApplicationUser
use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.
the class HttpHeaderAuthenticationFilter method getExistingSessionInitTime.
/**
* Gets the existing session init time.
*
* @return the existing session init time or null if no existing user is present.
*/
protected Date getExistingSessionInitTime() {
Date existingSessionInitTime = null;
ApplicationUser applicationUser = getExistingUser();
if (applicationUser != null) {
existingSessionInitTime = applicationUser.getSessionInitTime();
}
return existingSessionInitTime;
}
Also used :
ApplicationUser(org.finra.herd.model.dto.ApplicationUser)
Date(java.util.Date)
Aggregations
ApplicationUser (org.finra.herd.model.dto.ApplicationUser)50
SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)41
Test (org.junit.Test)36
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)31
AccessDeniedException (org.springframework.security.access.AccessDeniedException)29
NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)26
AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)22
Method (java.lang.reflect.Method)21
JoinPoint (org.aspectj.lang.JoinPoint)21
MethodSignature (org.aspectj.lang.reflect.MethodSignature)21
ArrayList (java.util.ArrayList)6
Job (org.finra.herd.model.api.xml.Job)6
Authentication (org.springframework.security.core.Authentication)6
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
HashSet (java.util.HashSet)4
LinkedHashSet (java.util.LinkedHashSet)4
ObjectNotFoundException (org.finra.herd.model.ObjectNotFoundException)4
Collection (java.util.Collection)3
List (java.util.List)3
UserAuthorizations (org.finra.herd.model.api.xml.UserAuthorizations)3
