Example 1 with SecurityRuleDto
use of org.motechproject.security.model.SecurityRuleDto in project motech by motech.
the class MotechURLSecurityServiceImpl method toMotechURLSecurityRuleList.
private List<MotechURLSecurityRule> toMotechURLSecurityRuleList(List<SecurityRuleDto> dtos) {
List<MotechURLSecurityRule> list = new ArrayList<>();
if (null != dtos) {
for (SecurityRuleDto dto : dtos) {
Long id = dto.getId();
MotechURLSecurityRule rule = null == id ? new MotechURLSecurityRule() : allSecurityRules.getRuleById(id);
rule.setActive(dto.isActive());
rule.setDeleted(dto.isDeleted());
rule.setOrigin(dto.getOrigin());
rule.setPattern(dto.getPattern());
rule.setPriority(dto.getPriority());
if (null != dto.getProtocol()) {
rule.setProtocol(Protocol.valueOf(dto.getProtocol()));
}
rule.setRest(dto.isRest());
rule.setVersion(dto.getVersion());
rule.setPermissionAccess(dto.getPermissionAccess());
rule.setUserAccess(dto.getUserAccess());
if (null != dto.getMethodsRequired()) {
rule.setMethodsRequired(new ArrayList<HTTPMethod>());
for (String method : dto.getMethodsRequired()) {
rule.getMethodsRequired().add(HTTPMethod.valueOf(method));
}
}
if (null != dto.getSupportedSchemes()) {
rule.setSupportedSchemes(new ArrayList<Scheme>());
for (String scheme : dto.getSupportedSchemes()) {
rule.getSupportedSchemes().add(Scheme.valueOf(scheme));
}
}
list.add(rule);
}
}
return list;
}
Also used :
Scheme(org.motechproject.security.constants.Scheme)
HTTPMethod(org.motechproject.security.constants.HTTPMethod)
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
ArrayList(java.util.ArrayList)
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
Example 2 with SecurityRuleDto
use of org.motechproject.security.model.SecurityRuleDto in project motech by motech.
the class MotechURLSecurityServiceBundleIT method addRules.
private void addRules(List<SecurityRuleDto> securityRules) {
SecurityRuleDto rule1 = new SecurityRuleDto();
SecurityRuleDto rule2 = new SecurityRuleDto();
SecurityRuleDto rule3 = new SecurityRuleDto();
SecurityRuleDto rule4 = new SecurityRuleDto();
List<String> methodsRequired = Arrays.asList(ANY.toString());
rule1.setPattern("/**");
rule2.setPattern("/web-api/**");
rule3.setPattern("/anything");
rule4.setPattern("/unimportant/**");
rule1.setProtocol(HTTPS.toString());
rule2.setProtocol(HTTPS.toString());
rule3.setProtocol(HTTP.toString());
rule4.setProtocol(HTTP.toString());
rule1.setMethodsRequired(methodsRequired);
rule2.setMethodsRequired(methodsRequired);
rule3.setMethodsRequired(Arrays.asList(GET.toString(), POST.toString()));
rule4.setMethodsRequired(methodsRequired);
rule1.setSupportedSchemes(Arrays.asList(BASIC.toString()));
rule2.setSupportedSchemes(Arrays.asList(OATH.toString()));
rule3.setSupportedSchemes(Arrays.asList(NO_SECURITY.toString()));
rule4.setSupportedSchemes(Arrays.asList(NO_SECURITY.toString()));
rule4.setDeleted(true);
securityRules.add(rule1);
securityRules.add(rule2);
securityRules.add(rule3);
securityRules.add(rule4);
}
Also used :
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
Example 3 with SecurityRuleDto
use of org.motechproject.security.model.SecurityRuleDto in project motech by motech.
the class MotechURLSecurityServiceBundleIT method testUpdateSecurity.
@Test
public void testUpdateSecurity() {
motechUserService.register("admin", "admin", "admin@mail.com", "", asList(SECURITY_MANAGE_ADMIN), Locale.ENGLISH);
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("admin", "admin");
Authentication auth = authenticationManager.authenticate(authRequest);
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(auth);
List<SecurityRuleDto> rules = new ArrayList<>();
addRules(rules);
SecurityConfigDto configuration = new SecurityConfigDto();
configuration.setSecurityRules(rules);
securityService.updateSecurityConfiguration(configuration);
// Shouldn't return rule marked as deleted.
assertEquals(3, securityService.findAllSecurityRules().size());
}
Also used :
Authentication(org.springframework.security.core.Authentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
ArrayList(java.util.ArrayList)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
SecurityConfigDto(org.motechproject.security.model.SecurityConfigDto)
Test(org.junit.Test)
Example 4 with SecurityRuleDto
use of org.motechproject.security.model.SecurityRuleDto in project motech by motech.
the class SecurityRulesController method getSecurityRules.
/**
* Returns security config
*
* @return security config
*/
@RequestMapping(value = "/web-api/securityRules", method = RequestMethod.GET)
@ResponseBody
public SecurityConfigDto getSecurityRules() {
SecurityConfigDto security = new SecurityConfigDto();
List<SecurityRuleDto> rules = urlSecurityService.findAllSecurityRules();
security.setSecurityRules(rules);
return security;
}
Also used :
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
SecurityConfigDto(org.motechproject.security.model.SecurityConfigDto)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 5 with SecurityRuleDto
use of org.motechproject.security.model.SecurityRuleDto in project motech by motech.
the class MotechURLSecurityServiceImpl method toSecurityRuleDtoList.
private List<SecurityRuleDto> toSecurityRuleDtoList(List<MotechURLSecurityRule> rules) {
List<SecurityRuleDto> list = new ArrayList<>();
if (null != rules) {
for (MotechURLSecurityRule rule : rules) {
SecurityRuleDto dto = new SecurityRuleDto();
dto.setId(rule.getId());
dto.setActive(rule.isActive());
dto.setDeleted(rule.isDeleted());
dto.setOrigin(rule.getOrigin());
dto.setPattern(rule.getPattern());
dto.setPriority(rule.getPriority());
if (null != rule.getProtocol()) {
dto.setProtocol(rule.getProtocol().toString());
}
dto.setRest(rule.isRest());
dto.setVersion(rule.getVersion());
dto.setPermissionAccess(rule.getPermissionAccess());
dto.setUserAccess(rule.getUserAccess());
if (null != rule.getMethodsRequired()) {
dto.setMethodsRequired(new ArrayList<String>());
for (HTTPMethod method : rule.getMethodsRequired()) {
dto.getMethodsRequired().add(method.toString());
}
}
if (null != rule.getSupportedSchemes()) {
dto.setSupportedSchemes(new ArrayList<String>());
for (Scheme scheme : rule.getSupportedSchemes()) {
dto.getSupportedSchemes().add(scheme.toString());
}
}
list.add(dto);
}
}
return list;
}
Also used :
Scheme(org.motechproject.security.constants.Scheme)
HTTPMethod(org.motechproject.security.constants.HTTPMethod)
MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule)
ArrayList(java.util.ArrayList)
SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)
Aggregations
SecurityRuleDto (org.motechproject.security.model.SecurityRuleDto)5
ArrayList (java.util.ArrayList)3
HTTPMethod (org.motechproject.security.constants.HTTPMethod)2
Scheme (org.motechproject.security.constants.Scheme)2
MotechURLSecurityRule (org.motechproject.security.domain.MotechURLSecurityRule)2
SecurityConfigDto (org.motechproject.security.model.SecurityConfigDto)2
Test (org.junit.Test)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
Authentication (org.springframework.security.core.Authentication)1
SecurityContext (org.springframework.security.core.context.SecurityContext)1
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1
