Search in sources :

Example 31 with UmaPolicy

use of org.forgerock.openam.uma.UmaPolicy in project OpenAM by OpenRock.

the class UmaPolicyServiceImplDelegationTest method bobShouldBeAbleToReadPolicyForResourceSharedByAlice.

@Test
public void bobShouldBeAbleToReadPolicyForResourceSharedByAlice() throws Exception {
    //Given
    userIsLoggedIn("bob", "REALM");
    accessingUriForUser("bob");
    String resourceSetId = registerResourceSet("alice");
    createPolicyFor("bob", resourceSetId, "SCOPE_A", "SCOPE_B");
    createPolicyFor("charlie", resourceSetId, "SCOPE_A", "SCOPE_B");
    setResharingModeToImplicit();
    JsonValue policy = policyToUpdate(resourceSetId);
    Context context = getContext();
    //When
    Promise<UmaPolicy, ResourceException> promise = policyService.updatePolicy(context, resourceSetId, policy);
    //Then
    assertThat(promise).succeeded();
}
Also used : ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) Context(org.forgerock.services.context.Context) JsonValue(org.forgerock.json.JsonValue) ResourceException(org.forgerock.json.resource.ResourceException) Matchers.anyString(org.mockito.Matchers.anyString) UmaPolicy(org.forgerock.openam.uma.UmaPolicy) Test(org.testng.annotations.Test) UmaPolicyServiceImplTest(org.forgerock.openam.uma.rest.UmaPolicyServiceImplTest)

Example 32 with UmaPolicy

use of org.forgerock.openam.uma.UmaPolicy in project OpenAM by OpenRock.

the class UmaPolicyServiceImplDelegationTest method bobShouldNotBeAbleToCreatePolicyForResourceWithMoreScopesThanSharedByAlice.

@Test
public void bobShouldNotBeAbleToCreatePolicyForResourceWithMoreScopesThanSharedByAlice() throws Exception {
    //Given
    userIsLoggedIn("bob", "REALM");
    accessingUriForUser("bob");
    String resourceSetId = registerResourceSet("alice");
    createPolicyFor("bob", resourceSetId, "SCOPE_A");
    JsonValue policy = policyToCreate(resourceSetId);
    Context context = getContext();
    //When
    Promise<UmaPolicy, ResourceException> promise = policyService.createPolicy(context, policy);
    //Then
    assertThat(promise).failedWithException().isInstanceOf(ForbiddenException.class);
    verifyPolicyIsNotCreatedForLoggedInUser();
    verifyAuditLogNotCreatedForLoggedInUser(resourceSetId);
}
Also used : ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) Context(org.forgerock.services.context.Context) JsonValue(org.forgerock.json.JsonValue) ResourceException(org.forgerock.json.resource.ResourceException) Matchers.anyString(org.mockito.Matchers.anyString) UmaPolicy(org.forgerock.openam.uma.UmaPolicy) Test(org.testng.annotations.Test) UmaPolicyServiceImplTest(org.forgerock.openam.uma.rest.UmaPolicyServiceImplTest)

Example 33 with UmaPolicy

use of org.forgerock.openam.uma.UmaPolicy in project OpenAM by OpenRock.

the class UmaPolicyServiceImplDelegationTest method bobShouldBeAbleToCreatePolicyForResourceSharedByAlice.

@Test
public void bobShouldBeAbleToCreatePolicyForResourceSharedByAlice() throws Exception {
    //Given
    AMIdentity loggedInUser = userIsLoggedIn("bob", "REALM");
    accessingUriForUser("bob");
    String resourceSetId = registerResourceSet("alice");
    createPolicyFor("bob", resourceSetId, "SCOPE_A", "SCOPE_B");
    JsonValue policy = policyToCreate(resourceSetId);
    setResharingModeToImplicit();
    Context context = getContext();
    //When
    Promise<UmaPolicy, ResourceException> promise = policyService.createPolicy(context, policy);
    //Then
    assertThat(promise).succeeded();
    verifyPolicyIsCreatedForLoggedInUser();
    verifyAuditLogCreatedForLoggedInUser(resourceSetId, loggedInUser);
}
Also used : ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) Context(org.forgerock.services.context.Context) AMIdentity(com.sun.identity.idm.AMIdentity) JsonValue(org.forgerock.json.JsonValue) ResourceException(org.forgerock.json.resource.ResourceException) Matchers.anyString(org.mockito.Matchers.anyString) UmaPolicy(org.forgerock.openam.uma.UmaPolicy) Test(org.testng.annotations.Test) UmaPolicyServiceImplTest(org.forgerock.openam.uma.rest.UmaPolicyServiceImplTest)

Example 34 with UmaPolicy

use of org.forgerock.openam.uma.UmaPolicy in project OpenAM by OpenRock.

the class UmaPolicyServiceImplTest method shouldReadUmaPolicy.

@Test
@SuppressWarnings("unchecked")
public void shouldReadUmaPolicy() throws Exception {
    //Given
    Context context = createContext();
    QueryResponse queryResult = newQueryResponse();
    List<ResourceResponse> policies = new ArrayList<>();
    ResourceResponse readPolicy1 = newResourceResponse("ID_1", "REVISION_1", createBackendSubjectOnePolicyJson());
    ResourceResponse readPolicy2 = newResourceResponse("ID_1", "REVISION_1", createBackendSubjectTwoPolicyJson());
    policies.add(readPolicy1);
    policies.add(readPolicy2);
    UmaPolicy expectedUmaPolicy = UmaPolicy.fromUnderlyingPolicies(resourceSet, policies);
    Promise<Pair<QueryResponse, List<ResourceResponse>>, ResourceException> queryPromise = newResultPromise(Pair.of(queryResult, policies));
    given(policyResourceDelegate.queryPolicies(eq(context), Matchers.<QueryRequest>anyObject())).willReturn(queryPromise);
    //When
    UmaPolicy umaPolicy = policyService.readPolicy(context, "RESOURCE_SET_ID").getOrThrowUninterruptibly();
    //Then
    assertThat(umaPolicy).isEqualTo(expectedUmaPolicy);
}
Also used : ClientContext(org.forgerock.services.context.ClientContext) RealmContext(org.forgerock.openam.rest.RealmContext) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) Context(org.forgerock.services.context.Context) ResourceResponse(org.forgerock.json.resource.ResourceResponse) QueryResponse(org.forgerock.json.resource.QueryResponse) ArrayList(java.util.ArrayList) ResourceException(org.forgerock.json.resource.ResourceException) UmaPolicy(org.forgerock.openam.uma.UmaPolicy) Pair(org.forgerock.util.Pair) Test(org.testng.annotations.Test)

Aggregations

UmaPolicy (org.forgerock.openam.uma.UmaPolicy)34 ResourceException (org.forgerock.json.resource.ResourceException)33 Context (org.forgerock.services.context.Context)28 Test (org.testng.annotations.Test)28 RealmContext (org.forgerock.openam.rest.RealmContext)21 JsonValue (org.forgerock.json.JsonValue)17 QueryResponse (org.forgerock.json.resource.QueryResponse)15 ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)15 Pair (org.forgerock.util.Pair)15 ResourceResponse (org.forgerock.json.resource.ResourceResponse)13 HashSet (java.util.HashSet)12 Responses.newQueryResponse (org.forgerock.json.resource.Responses.newQueryResponse)12 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)11 SubjectContext (org.forgerock.openam.rest.resource.SubjectContext)11 ClientContext (org.forgerock.services.context.ClientContext)11 Collection (java.util.Collection)10 RootContext (org.forgerock.services.context.RootContext)9 UmaPolicyServiceImplTest (org.forgerock.openam.uma.rest.UmaPolicyServiceImplTest)8 Matchers.anyString (org.mockito.Matchers.anyString)8 ArrayList (java.util.ArrayList)7