Example 6 with MotechURLSecurityRule
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechProxyManagerTest method buildRule.
private MotechURLSecurityRule buildRule(String pattern, int priority) {
MotechURLSecurityRule rule = new MotechURLSecurityRule();
rule.setPattern(pattern);
rule.setPriority(priority);
rule.setActive(true);
rule.setMethodsRequired(Arrays.asList(GET));
return rule;
}
Also used :
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
Example 7 with MotechURLSecurityRule
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechProxyManagerTest method shouldOrderRulesByPriority.
@Test
public void shouldOrderRulesByPriority() {
List<MotechURLSecurityRule> rules = new ArrayList<>();
rules.add(buildRule("priority-3", 3));
rules.add(buildRule("catchall", 0));
rules.add(buildRule("priority-1", 1));
when(allSecurityRules.getRules()).thenReturn(rules);
motechProxyManager.rebuildProxyChain();
// we test on the security rule builder for simplicity
InOrder inOrder = inOrder(securityRuleBuilder);
inOrder.verify(securityRuleBuilder).buildSecurityChain(argThat(ruleMatcher("priority-3")), eq(GET));
inOrder.verify(securityRuleBuilder).buildSecurityChain(argThat(ruleMatcher("priority-1")), eq(GET));
inOrder.verify(securityRuleBuilder).buildSecurityChain(argThat(ruleMatcher("catchall")), eq(GET));
}
Also used :
InOrder(org.mockito.InOrder)
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
ArrayList(java.util.ArrayList)
Test(org.junit.Test)
Example 8 with MotechURLSecurityRule
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechURLSecurityServiceImpl method toMotechURLSecurityRuleList.
private List<MotechURLSecurityRule> toMotechURLSecurityRuleList(List<SecurityRuleDto> dtos) {
List<MotechURLSecurityRule> list = new ArrayList<>();
if (null != dtos) {
for (SecurityRuleDto dto : dtos) {
Long id = dto.getId();
MotechURLSecurityRule rule = null == id ? new MotechURLSecurityRule() : allSecurityRules.getRuleById(id);
rule.setActive(dto.isActive());
rule.setDeleted(dto.isDeleted());
rule.setOrigin(dto.getOrigin());
rule.setPattern(dto.getPattern());
rule.setPriority(dto.getPriority());
if (null != dto.getProtocol()) {
rule.setProtocol(Protocol.valueOf(dto.getProtocol()));
}
rule.setRest(dto.isRest());
rule.setVersion(dto.getVersion());
rule.setPermissionAccess(dto.getPermissionAccess());
rule.setUserAccess(dto.getUserAccess());
if (null != dto.getMethodsRequired()) {
rule.setMethodsRequired(new ArrayList<HTTPMethod>());
for (String method : dto.getMethodsRequired()) {
rule.getMethodsRequired().add(HTTPMethod.valueOf(method));
}
}
if (null != dto.getSupportedSchemes()) {
rule.setSupportedSchemes(new ArrayList<Scheme>());
for (String scheme : dto.getSupportedSchemes()) {
rule.getSupportedSchemes().add(Scheme.valueOf(scheme));
}
}
list.add(rule);
}
}
return list;
}
Also used :
Scheme(org.motechproject.security.constants.Scheme)
HTTPMethod(org.motechproject.security.constants.HTTPMethod)
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
ArrayList(java.util.ArrayList)
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
Example 9 with MotechURLSecurityRule
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechURLSecurityServiceImpl method updateSecurityConfiguration.
@Override
@Transactional
public void updateSecurityConfiguration(SecurityConfigDto configuration) {
LOGGER.info("Updating security configuration");
List<MotechURLSecurityRule> newRules = toMotechURLSecurityRuleList(configuration.getSecurityRules());
Collection newRulesIDs = CollectionUtils.collect(newRules, IDTransformer.INSTANCE);
for (MotechURLSecurityRule rule : proxyManager.getDefaultSecurityConfiguration().getSecurityRules()) {
if (!newRulesIDs.contains(rule.getId())) {
rule.setDeleted(true);
newRules.add(rule);
}
}
allSecurityRules.addOrUpdate(new MotechSecurityConfiguration(newRules));
proxyManager.rebuildProxyChain();
LOGGER.info("Updated security configuration");
}
Also used :
MotechSecurityConfiguration(org.motechproject.security.domain.MotechSecurityConfiguration)
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
Collection(java.util.Collection)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with MotechURLSecurityRule
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechURLSecurityServiceImpl method findAllSecurityRules.
@Override
@Transactional
public List<SecurityRuleDto> findAllSecurityRules() {
List<MotechURLSecurityRule> rules = allSecurityRules.getRules();
Collections.sort(rules, new SecurityRuleComparator());
return toSecurityRuleDtoList(rules);
}
Also used :
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
SecurityRuleComparator(org.motechproject.security.domain.SecurityRuleComparator)
Transactional(org.springframework.transaction.annotation.Transactional)
Aggregations
MotechURLSecurityRule (org.motechproject.security.domain.MotechURLSecurityRule)18
ArrayList (java.util.ArrayList)7
Test (org.junit.Test)6
Transactional (org.springframework.transaction.annotation.Transactional)6
HTTPMethod (org.motechproject.security.constants.HTTPMethod)4
MotechSecurityConfiguration (org.motechproject.security.domain.MotechSecurityConfiguration)4
Scheme (org.motechproject.security.constants.Scheme)3
Collection (java.util.Collection)2
SecurityRuleComparator (org.motechproject.security.domain.SecurityRuleComparator)2
SecurityRuleDto (org.motechproject.security.model.SecurityRuleDto)2
SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)2
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
List (java.util.List)1
TreeSet (java.util.TreeSet)1
InOrder (org.mockito.InOrder)1
Resource (org.springframework.core.io.Resource)1
FilterChainProxy (org.springframework.security.web.FilterChainProxy)1
