use of org.graylog2.shared.users.UserService in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method testSyncFromLdapEntry.
@Test
@UsingDataSet(loadStrategy = LoadStrategyEnum.DELETE_ALL)
public void testSyncFromLdapEntry() {
final LdapUserAuthenticator authenticator = spy(new LdapUserAuthenticator(ldapConnector, ldapSettingsService, userService, mock(RoleService.class), DateTimeZone.UTC));
final LdapEntry userEntry = new LdapEntry();
final LdapSettings ldapSettings = mock(LdapSettings.class);
when(ldapSettings.getDisplayNameAttribute()).thenReturn("displayName");
when(ldapSettings.getDefaultGroupId()).thenReturn("54e3deadbeefdeadbeef0001");
when(ldapSettings.getAdditionalDefaultGroupIds()).thenReturn(Collections.emptySet());
when(userService.create()).thenReturn(new UserImpl(null, new Permissions(Collections.emptySet()), Maps.newHashMap()));
final User ldapUser = authenticator.syncFromLdapEntry(userEntry, ldapSettings, "user");
assertThat(ldapUser).isNotNull();
assertThat(ldapUser.isExternalUser()).isTrue();
assertThat(ldapUser.getName()).isEqualTo("user");
assertThat(ldapUser.getEmail()).isEqualTo("user@localhost");
assertThat(ldapUser.getHashedPassword()).isEqualTo("User synced from LDAP.");
assertThat(ldapUser.getTimeZone()).isEqualTo(DateTimeZone.UTC);
assertThat(ldapUser.getRoleIds()).containsOnly("54e3deadbeefdeadbeef0001");
assertThat(ldapUser.getPermissions()).isNotEmpty();
}
use of org.graylog2.shared.users.UserService in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method setUp.
@Before
public void setUp() throws Exception {
server = getLdapServer();
final LdapConnectionConfig ldapConfig = new LdapConnectionConfig();
ldapConfig.setLdapHost("localHost");
ldapConfig.setLdapPort(server.getPort());
ldapConfig.setName(ADMIN_DN);
ldapConfig.setCredentials(ADMIN_PASSWORD);
configuration = mock(Configuration.class);
when(configuration.getPasswordSecret()).thenReturn(PASSWORD_SECRET);
ldapConnector = new LdapConnector(10000);
ldapSettingsService = mock(LdapSettingsService.class);
userService = mock(UserService.class);
ldapSettings = new LdapSettingsImpl(configuration, mock(RoleService.class));
ldapSettings.setEnabled(true);
ldapSettings.setUri(URI.create("ldap://localhost:" + server.getPort()));
ldapSettings.setUseStartTls(false);
ldapSettings.setSystemUsername(ADMIN_DN);
ldapSettings.setSystemPassword(ADMIN_PASSWORD);
ldapSettings.setSearchBase("ou=users,dc=example,dc=com");
ldapSettings.setSearchPattern("(&(objectClass=posixAccount)(uid={0}))");
ldapSettings.setDisplayNameAttribute("cn");
ldapSettings.setActiveDirectory(false);
ldapSettings.setGroupSearchBase("ou=groups,dc=example,dc=com");
ldapSettings.setGroupIdAttribute("cn");
ldapSettings.setGroupSearchPattern("(|(objectClass=groupOfNames)(objectClass=posixGroup))");
}
use of org.graylog2.shared.users.UserService in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method testDoGetAuthenticationInfoDeniesEmptyPassword.
@Test
public void testDoGetAuthenticationInfoDeniesEmptyPassword() throws Exception {
final LdapUserAuthenticator authenticator = new LdapUserAuthenticator(ldapConnector, ldapSettingsService, userService, mock(RoleService.class), DateTimeZone.UTC);
when(ldapSettingsService.load()).thenReturn(ldapSettings);
assertThat(authenticator.doGetAuthenticationInfo(new UsernamePasswordToken("john", (char[]) null))).isNull();
assertThat(authenticator.doGetAuthenticationInfo(new UsernamePasswordToken("john", new char[0]))).isNull();
}
use of org.graylog2.shared.users.UserService in project graylog2-server by Graylog2.
the class DashboardV1FacadeTest method setUp.
@Before
public void setUp() throws IOException {
objectMapper.registerSubtypes(new NamedType(AggregationConfigDTO.class, AggregationConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(MessageListConfigDTO.class, MessageListConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(LineVisualizationConfigDTO.class, LineVisualizationConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(BarVisualizationConfigDTO.class, BarVisualizationConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(NumberVisualizationConfigDTO.class, NumberVisualizationConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(TimeHistogramConfigDTO.class, TimeHistogramConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(ValueConfigDTO.class, ValueConfigDTO.NAME));
objectMapper.registerSubtypes(new NamedType(PivotSortConfig.class, PivotSortConfig.Type));
objectMapper.registerSubtypes(new NamedType(PivotEntity.class, PivotEntity.NAME));
objectMapper.registerSubtypes(new NamedType(PivotSort.class, PivotSort.Type));
objectMapper.registerSubtypes(new NamedType(OrFilter.class, OrFilter.NAME));
objectMapper.registerSubtypes(new NamedType(StreamFilter.class, StreamFilter.NAME));
objectMapper.registerSubtypes(new NamedType(QueryStringFilter.class, QueryStringFilter.NAME));
objectMapper.registerSubtypes(new NamedType(AutoIntervalDTO.class, AutoIntervalDTO.type));
final MongoConnection mongoConnection = mongodb.mongoConnection();
final MongoJackObjectMapperProvider mapper = new MongoJackObjectMapperProvider(objectMapper);
searchDbService = new ViewFacadeTest.TestSearchDBService(mongoConnection, mapper);
viewService = new ViewFacadeTest.TestViewService(mongoConnection, mapper, null);
viewSummaryService = new ViewFacadeTest.TestViewSummaryService(mongoConnection, mapper);
userService = mock(UserService.class);
final UserImpl fakeUser = new UserImpl(mock(PasswordAlgorithmFactory.class), new Permissions(ImmutableSet.of()), ImmutableMap.of("username", "testuser"));
when(userService.load("testuser")).thenReturn(fakeUser);
final DashboardWidgetConverter dashboardWidgetConverter = new DashboardWidgetConverter();
final EntityConverter entityConverter = new EntityConverter(dashboardWidgetConverter);
facade = new DashboardV1Facade(objectMapper, searchDbService, entityConverter, viewService, viewSummaryService, userService);
final URL resourceUrl = Resources.getResource(DashboardV1Facade.class, "content-pack-dashboard-v1.json");
final ContentPack contentPack = objectMapper.readValue(resourceUrl, ContentPack.class);
assertThat(contentPack).isInstanceOf(ContentPackV1.class);
final ContentPackV1 contentPackV1 = (ContentPackV1) contentPack;
final Entity entity = contentPackV1.entities().iterator().next();
final StreamImpl stream = new StreamImpl(Collections.emptyMap());
final Map<EntityDescriptor, Object> nativeEntities = new HashMap<>(1);
nativeEntities.put(EntityDescriptor.create("58b3d55a-51ad-4b3e-865c-85776016a151", ModelTypes.STREAM_V1), stream);
final NativeEntity<ViewDTO> nativeEntity = facade.createNativeEntity(entity, ImmutableMap.of(), nativeEntities, "testuser");
assertThat(nativeEntity).isNotNull();
viewDTO = nativeEntity.entity();
}
use of org.graylog2.shared.users.UserService in project graylog2-server by Graylog2.
the class UserServiceImplTest method testGetPermissionsForUser.
@Test
public void testGetPermissionsForUser() throws Exception {
final InMemoryRolePermissionResolver permissionResolver = mock(InMemoryRolePermissionResolver.class);
final GRNRegistry grnRegistry = GRNRegistry.createWithBuiltinTypes();
final UserService userService = new UserServiceImpl(mongoConnection, configuration, roleService, accessTokenService, userFactory, permissionResolver, serverEventBus, grnRegistry, permissionAndRoleResolver);
final UserImplFactory factory = new UserImplFactory(new Configuration(), permissions);
final UserImpl user = factory.create(new HashMap<>());
user.setName("user");
final Role role = createRole("Foo");
user.setRoleIds(Collections.singleton(role.getId()));
user.setPermissions(Collections.singletonList("hello:world"));
when(permissionResolver.resolveStringPermission(role.getId())).thenReturn(Collections.singleton("foo:bar"));
final GRNPermission ownerShipPermission = GRNPermission.create(RestPermissions.ENTITY_OWN, grnRegistry.newGRN(GRNTypes.DASHBOARD, "1234"));
final GRN userGRN = grnRegistry.ofUser(user);
when(permissionAndRoleResolver.resolvePermissionsForPrincipal(userGRN)).thenReturn(ImmutableSet.of(new CaseSensitiveWildcardPermission("perm:from:grant"), ownerShipPermission));
final String roleId = "12345";
when(permissionAndRoleResolver.resolveRolesForPrincipal(userGRN)).thenReturn(ImmutableSet.of(roleId));
when(permissionResolver.resolveStringPermission(roleId)).thenReturn(ImmutableSet.of("perm:from:role"));
assertThat(userService.getPermissionsForUser(user).stream().map(p -> p instanceof CaseSensitiveWildcardPermission ? p.toString() : p).collect(Collectors.toSet())).containsExactlyInAnyOrder("users:passwordchange:user", "users:edit:user", "foo:bar", "hello:world", "users:tokenlist:user", "users:tokencreate:user", "users:tokenremove:user", "perm:from:grant", ownerShipPermission, "perm:from:role");
}
Aggregations