Example 6 with Group
use of org.molgenis.data.security.auth.Group in project molgenis by molgenis.
the class PermissionRegistryImplTest method testGetPermissions.
@Test
public void testGetPermissions() {
@SuppressWarnings("unchecked") Query<Group> query = mock(Query.class);
when(query.eq("name", "All Users")).thenReturn(query);
when(dataService.query("sys_sec_Group", Group.class)).thenReturn(query);
Group group = when(mock(Group.class).getId()).thenReturn("group0").getMock();
when(query.findOne()).thenReturn(group);
Multimap<ObjectIdentity, Pair<Permission, Sid>> expectedPermissions = ImmutableListMultimap.of(new PluginIdentity("useraccount"), new Pair<>(PluginPermission.READ, new GrantedAuthoritySid("ROLE_group0")));
assertEquals(permissionRegistryImpl.getPermissions(), expectedPermissions);
}
Also used :
Group(org.molgenis.data.security.auth.Group)
ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity)
PluginIdentity(org.molgenis.data.plugin.model.PluginIdentity)
GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid)
Pair(org.molgenis.util.Pair)
Test(org.testng.annotations.Test)
AbstractMockitoTest(org.molgenis.test.AbstractMockitoTest)
Example 7 with Group
use of org.molgenis.data.security.auth.Group in project molgenis by molgenis.
the class AccountServiceImplTest method setUp.
@BeforeMethod
public void setUp() {
when(appSettings.getTitle()).thenReturn("Molgenis title");
when(authenticationSettings.getSignUpModeration()).thenReturn(false);
Group allUsersGroup = mock(Group.class);
@SuppressWarnings("unchecked") Query<Group> q = mock(Query.class);
when(q.eq(NAME, ALL_USER_GROUP)).thenReturn(q);
when(q.findOne()).thenReturn(allUsersGroup);
when(dataService.query(GROUP, Group.class)).thenReturn(q);
when(user.getUsername()).thenReturn("jansenj");
when(user.getFirstName()).thenReturn("Jan");
when(user.getMiddleNames()).thenReturn("Piet Hein");
when(user.getLastName()).thenReturn("Jansen");
when(user.getEmail()).thenReturn("jan.jansen@activation.nl");
when(user.getPassword()).thenReturn("password");
}
Also used :
Group(org.molgenis.data.security.auth.Group)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 8 with Group
use of org.molgenis.data.security.auth.Group in project molgenis by molgenis.
the class SidUtilsTest method testCreateGroupAuthority.
@Test
public void testCreateGroupAuthority() {
Group group = when(mock(Group.class).getId()).thenReturn("groupId").getMock();
assertEquals("ROLE_groupId", SidUtils.createGroupAuthority(group));
}Example 9 with Group
use of org.molgenis.data.security.auth.Group in project molgenis by molgenis.
the class AccountServiceImpl method createUser.
@Override
@RunAsSystem
@Transactional
public void createUser(User user, String baseActivationUri) throws UsernameAlreadyExistsException, EmailAlreadyExistsException {
// Check if username already exists
if (userService.getUser(user.getUsername()) != null) {
throw new UsernameAlreadyExistsException("Username '" + user.getUsername() + "' already exists.");
}
// Check if email already exists
if (userService.getUserByEmail(user.getEmail()) != null) {
throw new EmailAlreadyExistsException("Email '" + user.getEmail() + "' is already registered.");
}
// collect activation info
String activationCode = idGenerator.generateId(SECURE_RANDOM);
List<String> activationEmailAddresses;
if (authenticationSettings.getSignUpModeration()) {
activationEmailAddresses = userService.getSuEmailAddresses();
if (activationEmailAddresses == null || activationEmailAddresses.isEmpty())
throw new MolgenisDataException("Administrator account is missing required email address");
} else {
String activationEmailAddress = user.getEmail();
if (activationEmailAddress == null || activationEmailAddress.isEmpty())
throw new MolgenisDataException("User '" + user.getUsername() + "' is missing required email address");
activationEmailAddresses = asList(activationEmailAddress);
}
// create user
user.setActivationCode(activationCode);
user.setActive(false);
dataService.add(USER, user);
LOG.debug("created user " + user.getUsername());
// add user to group
Group group = dataService.query(GROUP, Group.class).eq(NAME, ALL_USER_GROUP).findOne();
GroupMember groupMember = null;
if (group != null) {
groupMember = groupMemberFactory.create();
groupMember.setGroup(group);
groupMember.setUser(user);
dataService.add(GROUP_MEMBER, groupMember);
}
// send activation email
URI activationUri = URI.create(baseActivationUri + '/' + activationCode);
try {
SimpleMailMessage mailMessage = new SimpleMailMessage();
mailMessage.setTo(activationEmailAddresses.toArray(new String[] {}));
mailMessage.setSubject("User registration for " + appSettings.getTitle());
mailMessage.setText(createActivationEmailText(user, activationUri));
mailSender.send(mailMessage);
} catch (MailException mce) {
LOG.error("Could not send signup mail", mce);
if (groupMember != null) {
dataService.delete(GROUP_MEMBER, groupMember);
}
dataService.delete(USER, user);
throw new MolgenisUserException("An error occurred. Please contact the administrator. You are not signed up!");
}
LOG.debug("send activation email for user " + user.getUsername() + " to " + StringUtils.join(activationEmailAddresses, ','));
}
Also used :
Group(org.molgenis.data.security.auth.Group)
GroupMember(org.molgenis.data.security.auth.GroupMember)
MolgenisDataException(org.molgenis.data.MolgenisDataException)
SimpleMailMessage(org.springframework.mail.SimpleMailMessage)
MolgenisUserException(org.molgenis.security.user.MolgenisUserException)
MailException(org.springframework.mail.MailException)
URI(java.net.URI)
RunAsSystem(org.molgenis.security.core.runas.RunAsSystem)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with Group
use of org.molgenis.data.security.auth.Group in project molgenis by molgenis.
the class WebAppPermissionRegistry method getPermissions.
@Override
public Multimap<ObjectIdentity, Pair<Permission, Sid>> getPermissions() {
User anonymousUser = dataService.query(USER, User.class).eq(USERNAME, ANONYMOUS_USERNAME).findOne();
Group allUsersGroup = dataService.query(GROUP, Group.class).eq(NAME, ALL_USER_GROUP).findOne();
ObjectIdentity pluginIdentity = new PluginIdentity(HomeController.ID);
return new ImmutableMultimap.Builder<ObjectIdentity, Pair<Permission, Sid>>().putAll(pluginIdentity, new Pair<>(PluginPermission.READ, createSid(anonymousUser)), new Pair<>(PluginPermission.READ, createSid(allUsersGroup))).build();
}
Also used :
Group(org.molgenis.data.security.auth.Group)
User(org.molgenis.data.security.auth.User)
ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity)
PluginIdentity(org.molgenis.data.plugin.model.PluginIdentity)
Permission(org.springframework.security.acls.model.Permission)
PluginPermission(org.molgenis.data.plugin.model.PluginPermission)
Sid(org.springframework.security.acls.model.Sid)
SidUtils.createSid(org.molgenis.security.acl.SidUtils.createSid)
Pair(org.molgenis.util.Pair)
Aggregations
Group (org.molgenis.data.security.auth.Group)10
PluginIdentity (org.molgenis.data.plugin.model.PluginIdentity)5
User (org.molgenis.data.security.auth.User)4
GrantedAuthoritySid (org.springframework.security.acls.domain.GrantedAuthoritySid)4
EntityType (org.molgenis.data.meta.model.EntityType)3
PluginPermission (org.molgenis.data.plugin.model.PluginPermission)3
Pair (org.molgenis.util.Pair)3
PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)3
ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)3
Transactional (org.springframework.transaction.annotation.Transactional)3
Test (org.testng.annotations.Test)3
Package (org.molgenis.data.meta.model.Package)2
Plugin (org.molgenis.data.plugin.model.Plugin)2
EntityTypeIdentity (org.molgenis.data.security.EntityTypeIdentity)2
Sid (org.springframework.security.acls.model.Sid)2
BeforeMethod (org.testng.annotations.BeforeMethod)2
ImmutableMultimap (com.google.common.collect.ImmutableMultimap)1
Lists (com.google.common.collect.Lists)1
String.format (java.lang.String.format)1
URI (java.net.URI)1
