Examples with GRN org.graylog.grn.GRN used on opensource projects

Search in sources :

Example 16 with GRN

use of org.graylog.grn.GRN in project graylog2-server by Graylog2.

the class EntitySharesService method prepareShare.

/**
 * Prepares the sharing operation by running some checks and returning available capabilities and grantees
 * as well as active shares and information about missing dependencies.
 *
 * @param ownedEntity    the entity that should be shared and is owned by the sharing user
 * @param request        sharing request
 * @param sharingUser    the sharing user
 * @param sharingSubject the sharing subject
 * @return the response
 */
public EntityShareResponse prepareShare(GRN ownedEntity, EntityShareRequest request, User sharingUser, Subject sharingSubject) {
    requireNonNull(ownedEntity, "ownedEntity cannot be null");
    requireNonNull(request, "request cannot be null");
    requireNonNull(sharingUser, "sharingUser cannot be null");
    requireNonNull(sharingSubject, "sharingSubject cannot be null");
    final GRN sharingUserGRN = grnRegistry.ofUser(sharingUser);
    final Set<Grantee> availableGrantees = granteeService.getAvailableGrantees(sharingUser);
    final Set<GRN> availableGranteeGRNs = availableGrantees.stream().map(Grantee::grn).collect(Collectors.toSet());
    final ImmutableSet<ActiveShare> activeShares = getActiveShares(ownedEntity, sharingUser, availableGranteeGRNs);
    return EntityShareResponse.builder().entity(ownedEntity.toString()).sharingUser(sharingUserGRN).availableGrantees(availableGrantees).availableCapabilities(getAvailableCapabilities()).activeShares(activeShares).selectedGranteeCapabilities(getSelectedGranteeCapabilities(activeShares, request)).missingPermissionsOnDependencies(checkMissingPermissionsOnDependencies(ownedEntity, sharingUserGRN, activeShares, request)).validationResult(validateRequest(ownedEntity, request, sharingUser, availableGranteeGRNs)).build();
}
Also used : GRN(org.graylog.grn.GRN) ActiveShare(org.graylog.security.shares.EntityShareResponse.ActiveShare)

Example 17 with GRN

use of org.graylog.grn.GRN in project graylog2-server by Graylog2.

the class ViewOwnershipToGrantsMigrationTest method dontmigrateNonExistingOwner.

@Test
@DisplayName("don't migrate non-existing owner")
void dontmigrateNonExistingOwner() {
    final GRN testuserGRN = GRNTypes.USER.toGRN("olduser");
    final GRN dashboard = GRNTypes.DASHBOARD.toGRN("54e3deadbeefdeadbeef0003");
    when(userService.load(anyString())).thenReturn(null);
    migration.upgrade();
    assertThat(grantService.hasGrantFor(testuserGRN, Capability.OWN, dashboard)).isFalse();
}
Also used : GRN(org.graylog.grn.GRN) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 18 with GRN

use of org.graylog.grn.GRN in project graylog2-server by Graylog2.

the class ViewOwnershipToGrantsMigrationTest method dontMigrateAdminOwners.

@Test
@DisplayName("dont migrate admin owners")
void dontMigrateAdminOwners() {
    final GRN testuserGRN = GRNTypes.USER.toGRN("testuser");
    final GRN search = GRNTypes.SEARCH.toGRN("54e3deadbeefdeadbeef0001");
    final User testuser = mock(User.class);
    when(testuser.getName()).thenReturn("testuser");
    when(testuser.getId()).thenReturn("testuser");
    final User adminuser = mock(User.class);
    when(adminuser.isLocalAdmin()).thenReturn(true);
    when(userService.load("testuser")).thenReturn(testuser);
    when(userService.load("admin")).thenReturn(adminuser);
    migration.upgrade();
    assertThat(grantService.hasGrantFor(testuserGRN, Capability.OWN, search)).isFalse();
}
Also used : GRN(org.graylog.grn.GRN) User(org.graylog2.plugin.database.users.User) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 19 with GRN

use of org.graylog.grn.GRN in project graylog2-server by Graylog2.

the class UserServiceImplTest method testGetPermissionsForUser.

@Test
public void testGetPermissionsForUser() throws Exception {
    final InMemoryRolePermissionResolver permissionResolver = mock(InMemoryRolePermissionResolver.class);
    final GRNRegistry grnRegistry = GRNRegistry.createWithBuiltinTypes();
    final UserService userService = new UserServiceImpl(mongoConnection, configuration, roleService, accessTokenService, userFactory, permissionResolver, serverEventBus, grnRegistry, permissionAndRoleResolver);
    final UserImplFactory factory = new UserImplFactory(new Configuration(), permissions);
    final UserImpl user = factory.create(new HashMap<>());
    user.setName("user");
    final Role role = createRole("Foo");
    user.setRoleIds(Collections.singleton(role.getId()));
    user.setPermissions(Collections.singletonList("hello:world"));
    when(permissionResolver.resolveStringPermission(role.getId())).thenReturn(Collections.singleton("foo:bar"));
    final GRNPermission ownerShipPermission = GRNPermission.create(RestPermissions.ENTITY_OWN, grnRegistry.newGRN(GRNTypes.DASHBOARD, "1234"));
    final GRN userGRN = grnRegistry.ofUser(user);
    when(permissionAndRoleResolver.resolvePermissionsForPrincipal(userGRN)).thenReturn(ImmutableSet.of(new CaseSensitiveWildcardPermission("perm:from:grant"), ownerShipPermission));
    final String roleId = "12345";
    when(permissionAndRoleResolver.resolveRolesForPrincipal(userGRN)).thenReturn(ImmutableSet.of(roleId));
    when(permissionResolver.resolveStringPermission(roleId)).thenReturn(ImmutableSet.of("perm:from:role"));
    assertThat(userService.getPermissionsForUser(user).stream().map(p -> p instanceof CaseSensitiveWildcardPermission ? p.toString() : p).collect(Collectors.toSet())).containsExactlyInAnyOrder("users:passwordchange:user", "users:edit:user", "foo:bar", "hello:world", "users:tokenlist:user", "users:tokencreate:user", "users:tokenremove:user", "perm:from:grant", ownerShipPermission, "perm:from:role");
}
Also used : DateTimeZone(org.joda.time.DateTimeZone) InMemoryRolePermissionResolver(org.graylog2.security.InMemoryRolePermissionResolver) Mock(org.mockito.Mock) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) HashMap(java.util.HashMap) GRNRegistry(org.graylog.grn.GRNRegistry) EventBus(com.google.common.eventbus.EventBus) DBObject(com.mongodb.DBObject) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) AccessTokenService(org.graylog2.security.AccessTokenService) MongoDBInstance(org.graylog.testing.mongodb.MongoDBInstance) Map(java.util.Map) MockitoJUnit(org.mockito.junit.MockitoJUnit) Before(org.junit.Before) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) BasicDBObjectBuilder(com.mongodb.BasicDBObjectBuilder) PasswordAlgorithmFactory(org.graylog2.security.PasswordAlgorithmFactory) GRNTypes(org.graylog.grn.GRNTypes) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) GRN(org.graylog.grn.GRN) List(java.util.List) Rule(org.junit.Rule) Configuration(org.graylog2.Configuration) UserService(org.graylog2.shared.users.UserService) RestPermissions(org.graylog2.shared.security.RestPermissions) ObjectId(org.bson.types.ObjectId) PasswordAlgorithm(org.graylog2.plugin.security.PasswordAlgorithm) Optional(java.util.Optional) SHA1HashPasswordAlgorithm(org.graylog2.security.hashing.SHA1HashPasswordAlgorithm) MockitoRule(org.mockito.junit.MockitoRule) MongoDBFixtures(org.graylog.testing.mongodb.MongoDBFixtures) MongoConnection(org.graylog2.database.MongoConnection) User(org.graylog2.plugin.database.users.User) Role(org.graylog2.shared.users.Role) GRNPermission(org.graylog.security.permissions.GRNPermission) Permissions(org.graylog2.shared.security.Permissions) Collections(java.util.Collections) PermissionAndRoleResolver(org.graylog.security.PermissionAndRoleResolver) CaseSensitiveWildcardPermission(org.graylog.security.permissions.CaseSensitiveWildcardPermission) Mockito.mock(org.mockito.Mockito.mock) GRN(org.graylog.grn.GRN) GRNRegistry(org.graylog.grn.GRNRegistry) Configuration(org.graylog2.Configuration) UserService(org.graylog2.shared.users.UserService) InMemoryRolePermissionResolver(org.graylog2.security.InMemoryRolePermissionResolver) CaseSensitiveWildcardPermission(org.graylog.security.permissions.CaseSensitiveWildcardPermission) Role(org.graylog2.shared.users.Role) GRNPermission(org.graylog.security.permissions.GRNPermission) Test(org.junit.Test)

Example 20 with GRN

use of org.graylog.grn.GRN in project graylog2-server by Graylog2.

the class EntityDependencyResolverTest method resolveWithInclompleteDependency.

@Test
@DisplayName("Try resolve with a broken dependency")
void resolveWithInclompleteDependency() {
    when(contentPackService.listAllEntityExcerpts()).thenReturn(ImmutableSet.of());
    final EntityDescriptor streamDescriptor = EntityDescriptor.builder().type(ModelTypes.STREAM_V1).id(ModelId.of("54e3deadbeefdeadbeefaffe")).build();
    when(contentPackService.resolveEntities(any())).thenReturn(ImmutableSet.of(streamDescriptor));
    when(grnDescriptorService.getDescriptor(any(GRN.class))).thenAnswer(a -> {
        GRN grnArg = a.getArgument(0);
        return GRNDescriptor.builder().grn(grnArg).title("dummy").build();
    });
    final GRN dashboard = grnRegistry.newGRN("dashboard", "33e3deadbeefdeadbeefaffe");
    final ImmutableSet<org.graylog.security.entities.EntityDescriptor> missingDependencies = entityDependencyResolver.resolve(dashboard);
    assertThat(missingDependencies).hasSize(1);
    assertThat(missingDependencies.asList().get(0)).satisfies(descriptor -> {
        assertThat(descriptor.id().toString()).isEqualTo("grn::::stream:54e3deadbeefdeadbeefaffe");
        assertThat(descriptor.title()).isEqualTo("unknown dependency: <grn::::stream:54e3deadbeefdeadbeefaffe>");
    });
}
Also used : EntityDescriptor(org.graylog2.contentpacks.model.entities.EntityDescriptor) GRN(org.graylog.grn.GRN) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Aggregations

GRN (org.graylog.grn.GRN)51 User (org.graylog2.plugin.database.users.User)19 DisplayName (org.junit.jupiter.api.DisplayName)16 Test (org.junit.jupiter.api.Test)16 Test (org.junit.Test)13 MongoDBFixtures (org.graylog.testing.mongodb.MongoDBFixtures)11 Subject (org.apache.shiro.subject.Subject)10 ImmutableSet (com.google.common.collect.ImmutableSet)7 Collectors (java.util.stream.Collectors)5 GRNRegistry (org.graylog.grn.GRNRegistry)5 Capability (org.graylog.security.Capability)5 ImmutableMap (com.google.common.collect.ImmutableMap)4 EventBus (com.google.common.eventbus.EventBus)4 Set (java.util.Set)4 DBGrantService (org.graylog.security.DBGrantService)4 ZonedDateTime (java.time.ZonedDateTime)3 Collection (java.util.Collection)3 List (java.util.List)3 Map (java.util.Map)3 Objects (java.util.Objects)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial