Examples with SecurityUserWrapper org.finra.herd.model.dto.SecurityUserWrapper used on opensource projects

Search in sources :

Example 31 with SecurityUserWrapper

use of org.finra.herd.model.dto.SecurityUserWrapper in project herd by FINRAOS.

the class CurrentUserServiceImpl method getCurrentUser.

@Override
public UserAuthorizations getCurrentUser() {
    // Create the user authorizations.
    UserAuthorizations userAuthorizations = new UserAuthorizations();
    // Get the application user.
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null) {
        SecurityUserWrapper securityUserWrapper = (SecurityUserWrapper) authentication.getPrincipal();
        ApplicationUser applicationUser = securityUserWrapper.getApplicationUser();
        userAuthorizations.setUserId(applicationUser.getUserId());
        // If roles are present on the application user then filter the herd-specific security roles and add that information to the Current user.
        if (CollectionUtils.isNotEmpty(applicationUser.getRoles())) {
            userAuthorizations.setSecurityRoles(new ArrayList<>(getValidSecurityRoles(applicationUser.getRoles())));
        }
        // Get all granted authorities for this user.
        Collection<GrantedAuthority> grantedAuthorities = securityUserWrapper.getAuthorities();
        // Add relative security functions as per granted authorities, if any are present.
        if (CollectionUtils.isNotEmpty(grantedAuthorities)) {
            userAuthorizations.setSecurityFunctions(grantedAuthorities.stream().map(grantedAuthority -> new String(grantedAuthority.getAuthority())).collect(Collectors.toList()));
        }
        userAuthorizations.setNamespaceAuthorizations(new ArrayList<>(applicationUser.getNamespaceAuthorizations()));
    }
    return userAuthorizations;
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) Authentication(org.springframework.security.core.Authentication) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UserAuthorizations(org.finra.herd.model.api.xml.UserAuthorizations)

Example 32 with SecurityUserWrapper

use of org.finra.herd.model.dto.SecurityUserWrapper in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertNoExceptionWhenComplexCaseAndUserHasAllPermissions.

@Test
public void checkPermissionAssertNoExceptionWhenComplexCaseAndUserHasAllPermissions() throws Exception {
    // Mock a join point of the method call
    // mockMethod(request);
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", BusinessObjectDataNotificationRegistrationCreateRequest.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "request" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    BusinessObjectDataNotificationRegistrationCreateRequest request = new BusinessObjectDataNotificationRegistrationCreateRequest();
    request.setBusinessObjectDataNotificationRegistrationKey(new NotificationRegistrationKey("ns1", null));
    request.setBusinessObjectDataNotificationFilter(new BusinessObjectDataNotificationFilter("ns2", null, null, null, null, null, null, null));
    request.setJobActions(Arrays.asList(new JobAction("ns3", null, null), new JobAction("ns4", null, null)));
    when(joinPoint.getArgs()).thenReturn(new Object[] { request });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("ns1", Arrays.asList(NamespacePermissionEnum.WRITE)));
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("ns2", Arrays.asList(NamespacePermissionEnum.READ)));
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("ns3", Arrays.asList(NamespacePermissionEnum.EXECUTE)));
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("ns4", Arrays.asList(NamespacePermissionEnum.EXECUTE)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
    } catch (AccessDeniedException e) {
        fail();
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) BusinessObjectDataNotificationRegistrationCreateRequest(org.finra.herd.model.api.xml.BusinessObjectDataNotificationRegistrationCreateRequest) BusinessObjectDataNotificationFilter(org.finra.herd.model.api.xml.BusinessObjectDataNotificationFilter) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) JoinPoint(org.aspectj.lang.JoinPoint) JobAction(org.finra.herd.model.api.xml.JobAction) NotificationRegistrationKey(org.finra.herd.model.api.xml.NotificationRegistrationKey) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 33 with SecurityUserWrapper

use of org.finra.herd.model.dto.SecurityUserWrapper in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertAccessDeniedWhenNoPermissionsNamespaceTrimmed.

@Test
public void checkPermissionAssertAccessDeniedWhenNoPermissionsNamespaceTrimmed() throws Exception {
    // Mock a join point of the method call
    // mockMethod(" foo ");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { BLANK_TEXT + "foo" + BLANK_TEXT });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    // User has permission to "bar" but the actual namespace given is " foo "
    applicationUser.getNamespaceAuthorizations().add(new NamespaceAuthorization("bar", Arrays.asList(NamespacePermissionEnum.READ)));
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
        fail();
    } catch (Exception e) {
        assertEquals(AccessDeniedException.class, e.getClass());
        assertEquals(String.format("User \"%s\" does not have \"[READ]\" permission(s) to the namespace \"foo\"", userId), e.getMessage());
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) NamespaceAuthorization(org.finra.herd.model.api.xml.NamespaceAuthorization) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 34 with SecurityUserWrapper

use of org.finra.herd.model.dto.SecurityUserWrapper in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertNoExceptionWhenNamespaceBlank.

@Test
public void checkPermissionAssertNoExceptionWhenNamespaceBlank() throws Exception {
    // Mock a join point of the method call
    // mockMethod(" ");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { BLANK_TEXT });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(new HashSet<>());
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
    } catch (AccessDeniedException e) {
        fail();
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 35 with SecurityUserWrapper

use of org.finra.herd.model.dto.SecurityUserWrapper in project herd by FINRAOS.

the class NamespaceSecurityAdviceTest method checkPermissionAssertAccessDeniedWhenCurrentUserHasNullAuthorizations.

@Test
public void checkPermissionAssertAccessDeniedWhenCurrentUserHasNullAuthorizations() throws Exception {
    // Mock a join point of the method call
    // mockMethod("foo");
    JoinPoint joinPoint = mock(JoinPoint.class);
    MethodSignature methodSignature = mock(MethodSignature.class);
    Method method = NamespaceSecurityAdviceTest.class.getDeclaredMethod("mockMethod", String.class);
    when(methodSignature.getParameterNames()).thenReturn(new String[] { "namespace" });
    when(methodSignature.getMethod()).thenReturn(method);
    when(joinPoint.getSignature()).thenReturn(methodSignature);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "foo" });
    String userId = "userId";
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(userId);
    applicationUser.setNamespaceAuthorizations(null);
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(userId, "", false, false, false, false, Arrays.asList(), applicationUser), null));
    try {
        namespaceSecurityAdvice.checkPermission(joinPoint);
        fail();
    } catch (Exception e) {
        assertEquals(AccessDeniedException.class, e.getClass());
        assertEquals(String.format("User \"%s\" does not have \"[READ]\" permission(s) to the namespace \"foo\"", userId), e.getMessage());
    }
}
Also used : ApplicationUser(org.finra.herd.model.dto.ApplicationUser) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) SecurityUserWrapper(org.finra.herd.model.dto.SecurityUserWrapper) Method(java.lang.reflect.Method) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) JoinPoint(org.aspectj.lang.JoinPoint) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Aggregations

SecurityUserWrapper (org.finra.herd.model.dto.SecurityUserWrapper)43 ApplicationUser (org.finra.herd.model.dto.ApplicationUser)40 Test (org.junit.Test)34 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)33 AccessDeniedException (org.springframework.security.access.AccessDeniedException)29 AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)23 Method (java.lang.reflect.Method)22 JoinPoint (org.aspectj.lang.JoinPoint)22 MethodSignature (org.aspectj.lang.reflect.MethodSignature)22 NamespaceAuthorization (org.finra.herd.model.api.xml.NamespaceAuthorization)22 Job (org.finra.herd.model.api.xml.Job)6 Authentication (org.springframework.security.core.Authentication)6 GrantedAuthority (org.springframework.security.core.GrantedAuthority)5 ObjectNotFoundException (org.finra.herd.model.ObjectNotFoundException)4 LinkedHashSet (java.util.LinkedHashSet)3 UserAuthorizations (org.finra.herd.model.api.xml.UserAuthorizations)3 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2 HashSet (java.util.HashSet)2 List (java.util.List)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial