Search in sources :

Example 6 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class MessagesResourceTest method appliesDefaultStreamsToRequestIfOmitted.

@Test
void appliesDefaultStreamsToRequestIfOmitted() {
    MessagesRequest request = validRequest();
    final SearchUser searchUser = TestSearchUser.builder().allowStream("stream-1").allowStream("stream-2").build();
    ArgumentCaptor<MessagesRequest> captor = ArgumentCaptor.forClass(MessagesRequest.class);
    when(commandFactory.buildFromRequest(captor.capture())).thenReturn(ExportMessagesCommand.withDefaults());
    sut.retrieve(request, searchUser);
    MessagesRequest value = captor.getValue();
    assertThat(value.streams()).containsExactly("stream-1", "stream-2");
}
Also used : MessagesRequest(org.graylog.plugins.views.search.export.MessagesRequest) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.jupiter.api.Test)

Example 7 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class MessagesResourceTest method passesOnlyUserNameToAuditingExporterIfExportBasedOnRequest.

@Test
void passesOnlyUserNameToAuditingExporterIfExportBasedOnRequest() {
    final SearchUser searchUser = TestSearchUser.builder().withUser(currentUser).build();
    AtomicReference<AuditContext> context = captureAuditContext();
    sut.retrieve(validRequest(), searchUser);
    assertAll(() -> assertThat(context.get().userName()).isEqualTo(currentUser.getName()), () -> assertThat(context.get().searchId()).isEmpty(), () -> assertThat(context.get().searchTypeId()).isEmpty());
}
Also used : SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) AuditContext(org.graylog.plugins.views.search.export.AuditContext) Test(org.junit.jupiter.api.Test)

Example 8 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchDomainTest method throwsPermissionExceptionIfNeitherOwnedNorPermittedFromViews.

@Test
public void throwsPermissionExceptionIfNeitherOwnedNorPermittedFromViews() {
    final Search search = mockSearchWithOwner("someone else");
    final SearchUser searchUser = mock(SearchUser.class);
    when(viewService.forSearch(anyString())).thenReturn(ImmutableList.of());
    assertThatExceptionOfType(PermissionException.class).isThrownBy(() -> sut.getForUser(search.id(), searchUser));
}
Also used : PermissionException(org.graylog.plugins.views.search.errors.PermissionException) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.Test)

Example 9 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchDomainTest method includesSearchesPermittedViaViewsInList.

@Test
public void includesSearchesPermittedViaViewsInList() {
    final Search permittedSearch = mockSearchWithOwner("someone else");
    mockSearchWithOwner("someone else");
    final SearchUser searchUser = mock(SearchUser.class);
    final ViewDTO viewDTO = mock(ViewDTO.class);
    when(viewService.forSearch(permittedSearch.id())).thenReturn(ImmutableList.of(viewDTO));
    when(searchUser.canReadView(viewDTO)).thenReturn(true);
    List<Search> result = sut.getAllForUser(searchUser, searchUser::canReadView);
    assertThat(result).containsExactly(permittedSearch);
}
Also used : ViewDTO(org.graylog.plugins.views.search.views.ViewDTO) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.Test)

Example 10 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchDomainTest method loadsSearchIfUserIsOwner.

@Test
public void loadsSearchIfUserIsOwner() {
    final String userName = "boeser-willi";
    final Search search = mockSearchWithOwner(userName);
    final SearchUser searchUser = mock(SearchUser.class);
    when(searchUser.owns(search)).thenReturn(true);
    final Optional<Search> result = sut.getForUser(search.id(), searchUser);
    assertThat(result).isEqualTo(Optional.of(search));
}
Also used : SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Aggregations

SearchUser (org.graylog.plugins.views.search.permissions.SearchUser)26 Test (org.junit.Test)19 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 ForbiddenException (javax.ws.rs.ForbiddenException)4 Search (org.graylog.plugins.views.search.Search)4 RestResourceBaseTest (org.graylog2.rest.resources.RestResourceBaseTest)4 ImmutableSet (com.google.common.collect.ImmutableSet)3 ApiOperation (io.swagger.annotations.ApiOperation)3 Collection (java.util.Collection)3 POST (javax.ws.rs.POST)3 ViewDTO (org.graylog.plugins.views.search.views.ViewDTO)3 RelativeRange (org.graylog2.plugin.indexer.searches.timeranges.RelativeRange)3 Test (org.junit.jupiter.api.Test)3 Api (io.swagger.annotations.Api)2 ApiParam (io.swagger.annotations.ApiParam)2 Collections (java.util.Collections)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)2 AuditEvent (org.graylog2.audit.jersey.AuditEvent)2