Examples with ApplicationUser org.finra.herd.model.dto.ApplicationUser used on opensource projects

Search in sources :

Example 46 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertAccessDeniedWhenCurrentUserHasNullPermissions.

@Test
public void checkPermissionAssertAccessDeniedWhenCurrentUserHasNullPermissions() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", null));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
        fail();
    } catch (Exception e) {
        assertEquals(AccessDeniedException.class, e.getClass());
        assertEquals(String.format("User \"%s\" does not have \"[READ]\" permission(s) to the namespace \"foo\"", userId), e.getMessage());
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 47 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertAccessDeniedWhenCurrentUserHasWrongPermissionType.

/**
 * Test the case where user has the namespace but does not have the permission
 */
@Test
public void checkPermissionAssertAccessDeniedWhenCurrentUserHasWrongPermissionType() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    // User has WRITE permissions, but the method requires READ
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("foo", Arrays.asList(NamespacePermissionEnum.WRITE)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
        fail();
    } catch (Exception e) {
        assertEquals(AccessDeniedException.class, e.getClass());
        assertEquals(String.format("User \"%s\" does not have \"[READ]\" permission(s) to the namespace \"foo\"", userId), e.getMessage());
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 48 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class NamespaceSecurityHelperTest method getAuthorizedNamespacesWhenUserHasPermissionAssertReturnNamespace.

@Test
public void getAuthorizedNamespacesWhenUserHasPermissionAssertReturnNamespace() {
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setNamespaceAuthorizations(new HashSet<>(Arrays.asList(new NamespaceAuthorization("namespace", Arrays.asList(NamespacePermissionEnum.READ)))));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper("username", "", true, true, true, true, Collections.emptyList(), applicationUser), null));
    Set<String> authorizedNamespaces = namespaceSecurityHelper.getAuthorizedNamespaces(NamespacePermissionEnum.READ);
    assertEquals(1, authorizedNamespaces.size());
    assertTrue(authorizedNamespaces.contains("namespace"));
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 49 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class NamespaceSecurityHelperTest method getAuthorizedNamespacesWhenUserHasNoPermissionAssertReturnEmpty.

@Test
public void getAuthorizedNamespacesWhenUserHasNoPermissionAssertReturnEmpty() {
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setNamespaceAuthorizations(new HashSet<>(Arrays.asList(new NamespaceAuthorization("namespace", Arrays.asList(NamespacePermissionEnum.WRITE)))));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper("username", "", true, true, true, true, Collections.emptyList(), applicationUser), null));
    Set<String> authorizedNamespaces = namespaceSecurityHelper.getAuthorizedNamespaces(NamespacePermissionEnum.READ);
    assertEquals(0, authorizedNamespaces.size());
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 50 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class UserNamespaceAuthorizationHelperTest method testBuildNamespaceAuthorizationsAssertWildcardQueryExecuted.

@Test
public void testBuildNamespaceAuthorizationsAssertWildcardQueryExecuted() {
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    String userId = "userId";
    applicationUser.setUserId(userId);
    when(configurationHelper.getBooleanProperty(any())).thenReturn(true);
    List<UserNamespaceAuthorizationEntity> wildcardEntities = new ArrayList<>();
    UserNamespaceAuthorizationEntity wildcardEntity = new UserNamespaceAuthorizationEntity();
    wildcardEntity.setUserId("wildcardEntityUserId");
    NamespaceEntity namespaceEntity = new NamespaceEntity();
    namespaceEntity.setCode("namespace");
    wildcardEntity.setNamespace(namespaceEntity);
    wildcardEntities.add(wildcardEntity);
    when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserIdStartsWith(any())).thenReturn(wildcardEntities);
    when(wildcardHelper.matches(any(), any())).thenReturn(true);
    userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser);
    assertEquals(1, applicationUser.getNamespaceAuthorizations().size());
    NamespaceAuthorization namespaceAuthorization = IterableUtils.get(applicationUser.getNamespaceAuthorizations(), 0);
    assertEquals(namespaceEntity.getCode(), namespaceAuthorization.getNamespace());
    verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId));
    verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN));
    verify(wildcardHelper).matches(eq(userId.toUpperCase()), eq(wildcardEntity.getUserId().toUpperCase()));
    verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper);
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity) ArrayList(java.util.ArrayList) UserNamespaceAuthorizationEntity(org.finra.herd.model.jpa.UserNamespaceAuthorizationEntity) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Test(org.junit.Test)

Aggregations

ApplicationUser (org.finra.herd.model.dto.ApplicationUser)50 SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)41 Test (org.junit.Test)36 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)31 AccessDeniedException (org.springframework.security.access.AccessDeniedException)29 NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)26 AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)22 Method (java.lang.reflect.Method)21 JoinPoint (org.aspectj.lang.JoinPoint)21 MethodSignature (org.aspectj.lang.reflect.MethodSignature)21 ArrayList (java.util.ArrayList)6 Job (org.finra.herd.model.api.xml.Job)6 Authentication (org.springframework.security.core.Authentication)6 GrantedAuthority (org.springframework.security.core.GrantedAuthority)5 HashSet (java.util.HashSet)4 LinkedHashSet (java.util.LinkedHashSet)4 ObjectNotFoundException (org.finra.herd.model.ObjectNotFoundException)4 Collection (java.util.Collection)3 List (java.util.List)3 UserAuthorizations (org.finra.herd.model.api.xml.UserAuthorizations)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial