Search in sources :

Example 56 with RealmContext

use of org.forgerock.openam.rest.RealmContext in project OpenAM by OpenRock.

the class SmsRealmProvider method handleUpdate.

@Override
public Promise<ResourceResponse, ResourceException> handleUpdate(Context context, UpdateRequest request) {
    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();
    try {
        checkValues(request.getContent());
    } catch (BadRequestException e) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + realmPath, e);
        return new BadRequestException("Invalid attribute values").asPromise();
    }
    // protect against attempts to change a realm that does not exist as this results in unexpected behaviour
    try {
        String requestPath = getExpectedPathFromRequestContext(request);
        if (!realmPath.equals(requestPath)) {
            return new BadRequestException(BAD_REQUEST_REALM_NAME_ERROR_MESSAGE).asPromise();
        }
    } catch (org.forgerock.oauth2.core.exceptions.NotFoundException e) {
        return new BadRequestException(BAD_REQUEST_REALM_NAME_ERROR_MESSAGE).asPromise();
    }
    final JsonValue realmDetails = request.getContent();
    try {
        hasPermission(context);
        OrganizationConfigManager realmManager = new OrganizationConfigManager(getSSOToken(), realmPath);
        realmManager.setAttributes(IdConstants.REPO_SERVICE, getAttributeMap(realmDetails));
        final List<Object> newServiceNames = realmDetails.get(SERVICE_NAMES).asList();
        if (newServiceNames != null) {
            assignServices(realmManager, newServiceNames);
        }
        debug.message("RealmResource.updateInstance :: UPDATE of realm " + realmPath + " performed by " + PrincipalRestUtils.getPrincipalNameFromServerContext(context));
        return newResultPromise(getResource(getJsonValue(realmPath)));
    } catch (SMSException e) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + realmPath, e);
        return configureErrorMessage(e).asPromise();
    } catch (SSOException | ForbiddenException | IdRepoException e) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + realmPath, e);
        return new PermanentException(401, "Access Denied", null).asPromise();
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) RealmContext(org.forgerock.openam.rest.RealmContext) SMSException(com.sun.identity.sm.SMSException) JsonValue(org.forgerock.json.JsonValue) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) PermanentException(org.forgerock.json.resource.PermanentException) BadRequestException(org.forgerock.json.resource.BadRequestException)

Example 57 with RealmContext

use of org.forgerock.openam.rest.RealmContext in project OpenAM by OpenRock.

the class PrivilegePolicyStoreProviderTest method shouldUseRealmAndSubjectFromContext.

@Test
public void shouldUseRealmAndSubjectFromContext() {
    // Given
    SubjectContext subjectContext = mock(SubjectContext.class);
    Subject subject = new Subject();
    String realm = "/test realm";
    given(subjectContext.getCallerSubject()).willReturn(subject);
    RealmContext context = new RealmContext(subjectContext);
    context.setSubRealm(realm, realm);
    PrivilegeManager manager = mock(PrivilegeManager.class);
    given(mockFactory.get(realm, subject)).willReturn(manager);
    // When
    PolicyStore store = testProvider.getPolicyStore(context);
    // Then
    verify(mockFactory).get(realm, subject);
    assertThat(store).isNotNull().isInstanceOf(PrivilegePolicyStore.class);
}
Also used : RealmContext(org.forgerock.openam.rest.RealmContext) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) Subject(javax.security.auth.Subject) Test(org.testng.annotations.Test)

Example 58 with RealmContext

use of org.forgerock.openam.rest.RealmContext in project OpenAM by OpenRock.

the class PolicyResourceWithCopyMoveSupport method copyPolicy.

private ActionResponse copyPolicy(Context context, String resourceId, ActionRequest request) throws ResourceException {
    String sourceRealm = RealmContext.getRealm(context);
    JsonValue payload = request.getContent().get("to");
    if (payload.isNull()) {
        throw new BadRequestException("to definition is missing");
    }
    String destinationRealm = payload.get("realm").defaultTo(sourceRealm).asString();
    ReadRequest readRequest = Requests.newReadRequest("policies", resourceId);
    JsonValue policy = router.handleRead(context, readRequest).getOrThrowUninterruptibly().getContent();
    String sourceApplication = policy.get("applicationName").asString();
    String sourceResourceType = policy.get("resourceTypeUuid").asString();
    String destinationApplication = payload.get("application").defaultTo(sourceApplication).asString();
    String destinationResourceTypeId = payload.get("resourceType").defaultTo(sourceResourceType).asString();
    String copiedName = payload.get("name").defaultTo(resourceId).asString();
    if (sourceRealm.equals(destinationRealm) && resourceId.equals(copiedName)) {
        throw new BadRequestException("policy name already exists within the realm");
    }
    policy.put("name", copiedName);
    policy.put("applicationName", destinationApplication);
    policy.put("resourceTypeUuid", destinationResourceTypeId);
    RealmContext updatedContext = new RealmContext(context);
    updatedContext.setOverrideRealm(destinationRealm);
    CreateRequest createRequest = Requests.newCreateRequest("policies", policy);
    JsonValue copiedPolicy = router.handleCreate(updatedContext, createRequest).getOrThrowUninterruptibly().getContent();
    return Responses.newActionResponse(copiedPolicy);
}
Also used : RealmContext(org.forgerock.openam.rest.RealmContext) CreateRequest(org.forgerock.json.resource.CreateRequest) JsonValue(org.forgerock.json.JsonValue) BadRequestException(org.forgerock.json.resource.BadRequestException) ReadRequest(org.forgerock.json.resource.ReadRequest)

Example 59 with RealmContext

use of org.forgerock.openam.rest.RealmContext in project OpenAM by OpenRock.

the class ApplicationTypesResourceTest method undefinedSubjectShouldFail.

@Test(expectedExceptions = InternalServerErrorException.class)
public void undefinedSubjectShouldFail() throws ResourceException {
    //given
    SSOTokenContext mockSubjectContext = mock(SSOTokenContext.class);
    RealmContext realmContext = new RealmContext(mockSubjectContext);
    Context mockServerContext = ClientContext.newInternalClientContext(realmContext);
    Subject subject = null;
    given(mockSubjectContext.getCallerSubject()).willReturn(subject);
    ReadRequest request = mock(ReadRequest.class);
    //when
    Promise<ResourceResponse, ResourceException> result = testResource.readInstance(mockServerContext, "test", request);
    result.getOrThrowUninterruptibly();
}
Also used : Context(org.forgerock.services.context.Context) ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) RealmContext(org.forgerock.openam.rest.RealmContext) ResourceResponse(org.forgerock.json.resource.ResourceResponse) ResourceException(org.forgerock.json.resource.ResourceException) Subject(javax.security.auth.Subject) ReadRequest(org.forgerock.json.resource.ReadRequest) Test(org.testng.annotations.Test)

Example 60 with RealmContext

use of org.forgerock.openam.rest.RealmContext in project OpenAM by OpenRock.

the class ApplicationTypesResourceTest method readShouldFailOnInvalidApplicationType.

@Test(expectedExceptions = NotFoundException.class)
public void readShouldFailOnInvalidApplicationType() throws ResourceException {
    //given
    SSOTokenContext mockSubjectContext = mock(SSOTokenContext.class);
    RealmContext realmContext = new RealmContext(mockSubjectContext);
    Context mockServerContext = ClientContext.newInternalClientContext(realmContext);
    Subject subject = new Subject();
    given(mockSubjectContext.getCallerSubject()).willReturn(subject);
    ReadRequest request = mock(ReadRequest.class);
    //when
    Promise<ResourceResponse, ResourceException> result = testResource.readInstance(mockServerContext, "test", request);
    //then
    result.getOrThrowUninterruptibly();
}
Also used : Context(org.forgerock.services.context.Context) ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) RealmContext(org.forgerock.openam.rest.RealmContext) ResourceResponse(org.forgerock.json.resource.ResourceResponse) ResourceException(org.forgerock.json.resource.ResourceException) Subject(javax.security.auth.Subject) ReadRequest(org.forgerock.json.resource.ReadRequest) Test(org.testng.annotations.Test)

Aggregations

RealmContext (org.forgerock.openam.rest.RealmContext)94 ResourceException (org.forgerock.json.resource.ResourceException)63 ResourceResponse (org.forgerock.json.resource.ResourceResponse)58 Context (org.forgerock.services.context.Context)53 Test (org.testng.annotations.Test)53 Subject (javax.security.auth.Subject)42 ClientContext (org.forgerock.services.context.ClientContext)41 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)40 JsonValue (org.forgerock.json.JsonValue)35 Matchers.anyString (org.mockito.Matchers.anyString)27 SubjectContext (org.forgerock.openam.rest.resource.SubjectContext)20 BadRequestException (org.forgerock.json.resource.BadRequestException)19 SSOException (com.iplanet.sso.SSOException)17 Application (com.sun.identity.entitlement.Application)16 ForbiddenException (org.forgerock.json.resource.ForbiddenException)16 NotFoundException (org.forgerock.json.resource.NotFoundException)15 PermanentException (org.forgerock.json.resource.PermanentException)15 QueryResourceHandler (org.forgerock.json.resource.QueryResourceHandler)15 ReadRequest (org.forgerock.json.resource.ReadRequest)15 SSOToken (com.iplanet.sso.SSOToken)14