Example 1 with InMemoryRolePermissionResolver
use of org.graylog2.security.InMemoryRolePermissionResolver in project graylog2-server by Graylog2.
the class UserServiceImplTest method testGetPermissionsForUser.
@Test
public void testGetPermissionsForUser() throws Exception {
final InMemoryRolePermissionResolver permissionResolver = mock(InMemoryRolePermissionResolver.class);
final GRNRegistry grnRegistry = GRNRegistry.createWithBuiltinTypes();
final UserService userService = new UserServiceImpl(mongoConnection, configuration, roleService, accessTokenService, userFactory, permissionResolver, serverEventBus, grnRegistry, permissionAndRoleResolver);
final UserImplFactory factory = new UserImplFactory(new Configuration(), permissions);
final UserImpl user = factory.create(new HashMap<>());
user.setName("user");
final Role role = createRole("Foo");
user.setRoleIds(Collections.singleton(role.getId()));
user.setPermissions(Collections.singletonList("hello:world"));
when(permissionResolver.resolveStringPermission(role.getId())).thenReturn(Collections.singleton("foo:bar"));
final GRNPermission ownerShipPermission = GRNPermission.create(RestPermissions.ENTITY_OWN, grnRegistry.newGRN(GRNTypes.DASHBOARD, "1234"));
final GRN userGRN = grnRegistry.ofUser(user);
when(permissionAndRoleResolver.resolvePermissionsForPrincipal(userGRN)).thenReturn(ImmutableSet.of(new CaseSensitiveWildcardPermission("perm:from:grant"), ownerShipPermission));
final String roleId = "12345";
when(permissionAndRoleResolver.resolveRolesForPrincipal(userGRN)).thenReturn(ImmutableSet.of(roleId));
when(permissionResolver.resolveStringPermission(roleId)).thenReturn(ImmutableSet.of("perm:from:role"));
assertThat(userService.getPermissionsForUser(user).stream().map(p -> p instanceof CaseSensitiveWildcardPermission ? p.toString() : p).collect(Collectors.toSet())).containsExactlyInAnyOrder("users:passwordchange:user", "users:edit:user", "foo:bar", "hello:world", "users:tokenlist:user", "users:tokencreate:user", "users:tokenremove:user", "perm:from:grant", ownerShipPermission, "perm:from:role");
}
Also used :
DateTimeZone(org.joda.time.DateTimeZone)
InMemoryRolePermissionResolver(org.graylog2.security.InMemoryRolePermissionResolver)
Mock(org.mockito.Mock)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
HashMap(java.util.HashMap)
GRNRegistry(org.graylog.grn.GRNRegistry)
EventBus(com.google.common.eventbus.EventBus)
DBObject(com.mongodb.DBObject)
Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy)
AccessTokenService(org.graylog2.security.AccessTokenService)
MongoDBInstance(org.graylog.testing.mongodb.MongoDBInstance)
Map(java.util.Map)
MockitoJUnit(org.mockito.junit.MockitoJUnit)
Before(org.junit.Before)
ImmutableSet(com.google.common.collect.ImmutableSet)
ImmutableMap(com.google.common.collect.ImmutableMap)
BasicDBObjectBuilder(com.mongodb.BasicDBObjectBuilder)
PasswordAlgorithmFactory(org.graylog2.security.PasswordAlgorithmFactory)
GRNTypes(org.graylog.grn.GRNTypes)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
GRN(org.graylog.grn.GRN)
List(java.util.List)
Rule(org.junit.Rule)
Configuration(org.graylog2.Configuration)
UserService(org.graylog2.shared.users.UserService)
RestPermissions(org.graylog2.shared.security.RestPermissions)
ObjectId(org.bson.types.ObjectId)
PasswordAlgorithm(org.graylog2.plugin.security.PasswordAlgorithm)
Optional(java.util.Optional)
SHA1HashPasswordAlgorithm(org.graylog2.security.hashing.SHA1HashPasswordAlgorithm)
MockitoRule(org.mockito.junit.MockitoRule)
MongoDBFixtures(org.graylog.testing.mongodb.MongoDBFixtures)
MongoConnection(org.graylog2.database.MongoConnection)
User(org.graylog2.plugin.database.users.User)
Role(org.graylog2.shared.users.Role)
GRNPermission(org.graylog.security.permissions.GRNPermission)
Permissions(org.graylog2.shared.security.Permissions)
Collections(java.util.Collections)
PermissionAndRoleResolver(org.graylog.security.PermissionAndRoleResolver)
CaseSensitiveWildcardPermission(org.graylog.security.permissions.CaseSensitiveWildcardPermission)
Mockito.mock(org.mockito.Mockito.mock)
GRN(org.graylog.grn.GRN)
GRNRegistry(org.graylog.grn.GRNRegistry)
Configuration(org.graylog2.Configuration)
UserService(org.graylog2.shared.users.UserService)
InMemoryRolePermissionResolver(org.graylog2.security.InMemoryRolePermissionResolver)
CaseSensitiveWildcardPermission(org.graylog.security.permissions.CaseSensitiveWildcardPermission)
Role(org.graylog2.shared.users.Role)
GRNPermission(org.graylog.security.permissions.GRNPermission)
Test(org.junit.Test)
Aggregations
ImmutableMap (com.google.common.collect.ImmutableMap)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
Sets (com.google.common.collect.Sets)1
EventBus (com.google.common.eventbus.EventBus)1
BasicDBObjectBuilder (com.mongodb.BasicDBObjectBuilder)1
DBObject (com.mongodb.DBObject)1
Collections (java.util.Collections)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
Optional (java.util.Optional)1
Collectors (java.util.stream.Collectors)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)1
ObjectId (org.bson.types.ObjectId)1
GRN (org.graylog.grn.GRN)1
GRNRegistry (org.graylog.grn.GRNRegistry)1
GRNTypes (org.graylog.grn.GRNTypes)1
PermissionAndRoleResolver (org.graylog.security.PermissionAndRoleResolver)1
CaseSensitiveWildcardPermission (org.graylog.security.permissions.CaseSensitiveWildcardPermission)1
