Examples with SecurityAuthorizationHandler org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler used on opensource projects

Search in sources :

Example 1 with SecurityAuthorizationHandler

use of org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler in project neo4j by neo4j.

the class PlainOperationsTest method shouldAcquireTxStateBeforeAllocatingRelationshipId.

@Test
void shouldAcquireTxStateBeforeAllocatingRelationshipId() throws EntityNotFoundException {
    // given
    KernelTransactionImplementation ktx = mock(KernelTransactionImplementation.class);
    when(ktx.txState()).thenReturn(mock(TransactionState.class));
    Locks.Client lockClient = mock(Locks.Client.class);
    when(ktx.lockClient()).thenReturn(lockClient);
    when(ktx.securityContext()).thenReturn(SecurityContext.AUTH_DISABLED);
    when(ktx.securityAuthorizationHandler()).thenReturn(new SecurityAuthorizationHandler(CommunitySecurityLog.NULL_LOG));
    CommandCreationContext commandCreationContext = mock(CommandCreationContext.class);
    AllStoreHolder allStoreHolder = mock(AllStoreHolder.class);
    when(allStoreHolder.nodeExists(anyLong())).thenReturn(true);
    Operations operations = new Operations(allStoreHolder, mock(StorageReader.class), mock(IndexTxStateUpdater.class), commandCreationContext, ktx, mock(KernelToken.class), mock(DefaultPooledCursors.class), mock(ConstraintIndexCreator.class), mock(ConstraintSemantics.class), mock(IndexingProvidersService.class), Config.defaults(), INSTANCE, () -> KernelVersion.LATEST, mock(DbmsRuntimeRepository.class));
    // when
    operations.relationshipCreate(0, 1, 2);
    // then
    InOrder inOrder = inOrder(ktx, commandCreationContext);
    inOrder.verify(ktx).txState();
    inOrder.verify(commandCreationContext).reserveRelationship();
    inOrder.verifyNoMoreInteractions();
}
Also used : StorageReader(org.neo4j.storageengine.api.StorageReader) TransactionState(org.neo4j.kernel.api.txstate.TransactionState) ConstraintSemantics(org.neo4j.kernel.impl.constraints.ConstraintSemantics) IndexingProvidersService(org.neo4j.kernel.impl.api.index.IndexingProvidersService) InOrder(org.mockito.InOrder) DbmsRuntimeRepository(org.neo4j.dbms.database.DbmsRuntimeRepository) Locks(org.neo4j.kernel.impl.locking.Locks) SecurityAuthorizationHandler(org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler) CommandCreationContext(org.neo4j.storageengine.api.CommandCreationContext) ConstraintIndexCreator(org.neo4j.kernel.impl.api.state.ConstraintIndexCreator) KernelTransactionImplementation(org.neo4j.kernel.impl.api.KernelTransactionImplementation) Test(org.junit.jupiter.api.Test)

Example 2 with SecurityAuthorizationHandler

use of org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler in project neo4j by neo4j.

the class PlainOperationsTest method shouldAcquireTxStateBeforeAllocatingNodeIdInBareCreateMethod.

@Test
void shouldAcquireTxStateBeforeAllocatingNodeIdInBareCreateMethod() {
    // given
    KernelTransactionImplementation ktx = mock(KernelTransactionImplementation.class);
    when(ktx.txState()).thenReturn(mock(TransactionState.class));
    when(ktx.securityContext()).thenReturn(SecurityContext.AUTH_DISABLED);
    when(ktx.securityAuthorizationHandler()).thenReturn(new SecurityAuthorizationHandler(CommunitySecurityLog.NULL_LOG));
    CommandCreationContext commandCreationContext = mock(CommandCreationContext.class);
    Operations operations = new Operations(mock(AllStoreHolder.class), mock(StorageReader.class), mock(IndexTxStateUpdater.class), commandCreationContext, ktx, mock(KernelToken.class), mock(DefaultPooledCursors.class), mock(ConstraintIndexCreator.class), mock(ConstraintSemantics.class), mock(IndexingProvidersService.class), Config.defaults(), INSTANCE, () -> KernelVersion.LATEST, mock(DbmsRuntimeRepository.class));
    // when
    operations.nodeCreate();
    // then
    InOrder inOrder = inOrder(ktx, commandCreationContext);
    inOrder.verify(ktx).txState();
    inOrder.verify(commandCreationContext).reserveNode();
    inOrder.verifyNoMoreInteractions();
}
Also used : StorageReader(org.neo4j.storageengine.api.StorageReader) TransactionState(org.neo4j.kernel.api.txstate.TransactionState) ConstraintSemantics(org.neo4j.kernel.impl.constraints.ConstraintSemantics) IndexingProvidersService(org.neo4j.kernel.impl.api.index.IndexingProvidersService) InOrder(org.mockito.InOrder) DbmsRuntimeRepository(org.neo4j.dbms.database.DbmsRuntimeRepository) SecurityAuthorizationHandler(org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler) CommandCreationContext(org.neo4j.storageengine.api.CommandCreationContext) ConstraintIndexCreator(org.neo4j.kernel.impl.api.state.ConstraintIndexCreator) KernelTransactionImplementation(org.neo4j.kernel.impl.api.KernelTransactionImplementation) Test(org.junit.jupiter.api.Test)

Example 3 with SecurityAuthorizationHandler

use of org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler in project neo4j by neo4j.

the class PlainOperationsTest method shouldAcquireTxStateBeforeAllocatingNodeIdInCreateWithLabelsMethod.

@Test
void shouldAcquireTxStateBeforeAllocatingNodeIdInCreateWithLabelsMethod() throws ConstraintValidationException {
    // given
    KernelTransactionImplementation ktx = mock(KernelTransactionImplementation.class);
    when(ktx.txState()).thenReturn(mock(TransactionState.class));
    when(ktx.securityAuthorizationHandler()).thenReturn(new SecurityAuthorizationHandler(CommunitySecurityLog.NULL_LOG));
    Locks.Client lockClient = mock(Locks.Client.class);
    when(ktx.lockClient()).thenReturn(lockClient);
    when(ktx.securityContext()).thenReturn(SecurityContext.AUTH_DISABLED);
    CommandCreationContext commandCreationContext = mock(CommandCreationContext.class);
    DefaultPooledCursors cursors = mock(DefaultPooledCursors.class);
    when(cursors.allocateFullAccessNodeCursor(NULL)).thenReturn(mock(FullAccessNodeCursor.class));
    when(cursors.allocateFullAccessPropertyCursor(NULL, INSTANCE)).thenReturn(mock(FullAccessPropertyCursor.class));
    Operations operations = new Operations(mock(AllStoreHolder.class), mock(StorageReader.class), mock(IndexTxStateUpdater.class), commandCreationContext, ktx, mock(KernelToken.class), cursors, mock(ConstraintIndexCreator.class), mock(ConstraintSemantics.class), mock(IndexingProvidersService.class), Config.defaults(), INSTANCE, () -> KernelVersion.LATEST, mock(DbmsRuntimeRepository.class));
    operations.initialize(NULL);
    // when
    operations.nodeCreateWithLabels(new int[] { 1 });
    // then
    InOrder inOrder = inOrder(ktx, commandCreationContext);
    inOrder.verify(ktx).txState();
    inOrder.verify(commandCreationContext).reserveNode();
    // for the constraints check for the label
    inOrder.verify(ktx).txState();
    inOrder.verifyNoMoreInteractions();
}
Also used : StorageReader(org.neo4j.storageengine.api.StorageReader) TransactionState(org.neo4j.kernel.api.txstate.TransactionState) ConstraintSemantics(org.neo4j.kernel.impl.constraints.ConstraintSemantics) IndexingProvidersService(org.neo4j.kernel.impl.api.index.IndexingProvidersService) InOrder(org.mockito.InOrder) DbmsRuntimeRepository(org.neo4j.dbms.database.DbmsRuntimeRepository) Locks(org.neo4j.kernel.impl.locking.Locks) SecurityAuthorizationHandler(org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler) CommandCreationContext(org.neo4j.storageengine.api.CommandCreationContext) ConstraintIndexCreator(org.neo4j.kernel.impl.api.state.ConstraintIndexCreator) KernelTransactionImplementation(org.neo4j.kernel.impl.api.KernelTransactionImplementation) Test(org.junit.jupiter.api.Test)

Example 4 with SecurityAuthorizationHandler

use of org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler in project neo4j by neo4j.

the class OperationsTest method setUp.

@BeforeEach
void setUp() throws Exception {
    TxState realTxState = new TxState();
    txState = Mockito.spy(realTxState);
    when(transaction.getReasonIfTerminated()).thenReturn(Optional.empty());
    when(transaction.lockClient()).thenReturn(locks);
    when(transaction.dataWrite()).thenReturn(write);
    when(transaction.isOpen()).thenReturn(true);
    when(transaction.lockTracer()).thenReturn(LockTracer.NONE);
    when(transaction.txState()).thenReturn(txState);
    when(transaction.securityContext()).thenReturn(SecurityContext.authDisabled(AccessMode.Static.FULL, EMBEDDED_CONNECTION, DB_NAME));
    logHelper = new SecurityLogHelper(getFormat());
    securityLog = new CommunitySecurityLog((LogExtended) logHelper.getLogProvider().getLog(this.getClass()));
    when(transaction.securityAuthorizationHandler()).thenReturn(new SecurityAuthorizationHandler(securityLog));
    DefaultPooledCursors cursors = mock(DefaultPooledCursors.class);
    nodeCursor = mock(FullAccessNodeCursor.class);
    propertyCursor = mock(FullAccessPropertyCursor.class);
    relationshipCursor = mock(DefaultRelationshipScanCursor.class);
    when(cursors.allocateFullAccessNodeCursor(NULL)).thenReturn(nodeCursor);
    when(cursors.allocateFullAccessPropertyCursor(NULL, INSTANCE)).thenReturn(propertyCursor);
    when(cursors.allocateRelationshipScanCursor(NULL)).thenReturn(relationshipCursor);
    StorageEngine engine = mock(StorageEngine.class);
    storageReader = mock(StorageReader.class);
    storageReaderSnapshot = mock(StorageSchemaReader.class);
    when(storageReader.nodeExists(anyLong(), any())).thenReturn(true);
    when(storageReader.constraintsGetForLabel(anyInt())).thenReturn(Collections.emptyIterator());
    when(storageReader.constraintsGetAll()).thenReturn(Collections.emptyIterator());
    when(storageReader.schemaSnapshot()).thenReturn(storageReaderSnapshot);
    when(engine.newReader()).thenReturn(storageReader);
    indexingService = mock(IndexingService.class);
    Dependencies dependencies = new Dependencies();
    var facade = mock(GraphDatabaseFacade.class);
    dependencies.satisfyDependency(facade);
    allStoreHolder = new AllStoreHolder(storageReader, transaction, cursors, mock(GlobalProcedures.class), mock(SchemaState.class), indexingService, mock(IndexStatisticsStore.class), dependencies, Config.defaults(), INSTANCE);
    constraintIndexCreator = mock(ConstraintIndexCreator.class);
    tokenHolders = mockedTokenHolders();
    creationContext = mock(CommandCreationContext.class);
    IndexingProvidersService indexingProvidersService = mock(IndexingProvidersService.class);
    when(indexingProvidersService.indexProviderByName("native-btree-1.0")).thenReturn(GenericNativeIndexProvider.DESCRIPTOR);
    when(indexingProvidersService.getDefaultProvider()).thenReturn(GenericNativeIndexProvider.DESCRIPTOR);
    when(indexingProvidersService.indexProviderByName("fulltext-1.0")).thenReturn(FulltextIndexProviderFactory.DESCRIPTOR);
    when(indexingProvidersService.getFulltextProvider()).thenReturn(FulltextIndexProviderFactory.DESCRIPTOR);
    when(indexingProvidersService.indexProviderByName("provider-1.0")).thenReturn(new IndexProviderDescriptor("provider", "1.0"));
    when(indexingProvidersService.completeConfiguration(any())).thenAnswer(inv -> inv.getArgument(0));
    operations = new Operations(allStoreHolder, storageReader, mock(IndexTxStateUpdater.class), creationContext, transaction, new KernelToken(storageReader, creationContext, transaction, tokenHolders), cursors, constraintIndexCreator, mock(ConstraintSemantics.class), indexingProvidersService, Config.defaults(), INSTANCE, () -> KernelVersion.LATEST, mock(DbmsRuntimeRepository.class));
    operations.initialize(NULL);
    this.order = inOrder(locks, txState, storageReader, storageReaderSnapshot, creationContext);
}
Also used : StorageReader(org.neo4j.storageengine.api.StorageReader) CommunitySecurityLog(org.neo4j.internal.kernel.api.security.CommunitySecurityLog) IndexingProvidersService(org.neo4j.kernel.impl.api.index.IndexingProvidersService) IndexProviderDescriptor(org.neo4j.internal.schema.IndexProviderDescriptor) SecurityLogHelper(org.neo4j.logging.SecurityLogHelper) LogExtended(org.neo4j.logging.log4j.LogExtended) StorageEngine(org.neo4j.storageengine.api.StorageEngine) SecurityAuthorizationHandler(org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler) CommandCreationContext(org.neo4j.storageengine.api.CommandCreationContext) ConstraintIndexCreator(org.neo4j.kernel.impl.api.state.ConstraintIndexCreator) StorageSchemaReader(org.neo4j.storageengine.api.StorageSchemaReader) TxState(org.neo4j.kernel.impl.api.state.TxState) IndexingService(org.neo4j.kernel.impl.api.index.IndexingService) Dependencies(org.neo4j.collection.Dependencies) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 5 with SecurityAuthorizationHandler

use of org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler in project neo4j by neo4j.

the class OperationsTest method runForSecurityLevel.

protected String runForSecurityLevel(Executable executable, AccessMode mode, boolean shoudldBeAuthorized) throws Exception {
    SecurityContext securityContext = SecurityContext.authDisabled(mode, ClientConnectionInfo.EMBEDDED_CONNECTION, DB_NAME);
    when(transaction.securityContext()).thenReturn(securityContext);
    when(transaction.securityAuthorizationHandler()).thenReturn(new SecurityAuthorizationHandler(securityLog));
    when(nodeCursor.next()).thenReturn(true);
    when(nodeCursor.hasLabel(2)).thenReturn(false);
    when(nodeCursor.hasLabel(3)).thenReturn(true);
    when(tokenHolders.labelTokens().getTokenById(anyInt())).thenReturn(new NamedToken("Label", 2));
    if (shoudldBeAuthorized) {
        assertAuthorized(executable);
        return null;
    } else {
        AuthorizationViolationException exception = assertThrows(AuthorizationViolationException.class, executable);
        return exception.getMessage();
    }
}
Also used : SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) NamedToken(org.neo4j.token.api.NamedToken) AuthorizationViolationException(org.neo4j.graphdb.security.AuthorizationViolationException) SecurityAuthorizationHandler(org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler)

Aggregations

SecurityAuthorizationHandler (org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler)5 IndexingProvidersService (org.neo4j.kernel.impl.api.index.IndexingProvidersService)4 ConstraintIndexCreator (org.neo4j.kernel.impl.api.state.ConstraintIndexCreator)4 CommandCreationContext (org.neo4j.storageengine.api.CommandCreationContext)4 StorageReader (org.neo4j.storageengine.api.StorageReader)4 Test (org.junit.jupiter.api.Test)3 InOrder (org.mockito.InOrder)3 DbmsRuntimeRepository (org.neo4j.dbms.database.DbmsRuntimeRepository)3 TransactionState (org.neo4j.kernel.api.txstate.TransactionState)3 KernelTransactionImplementation (org.neo4j.kernel.impl.api.KernelTransactionImplementation)3 ConstraintSemantics (org.neo4j.kernel.impl.constraints.ConstraintSemantics)3 Locks (org.neo4j.kernel.impl.locking.Locks)2 BeforeEach (org.junit.jupiter.api.BeforeEach)1 Dependencies (org.neo4j.collection.Dependencies)1 AuthorizationViolationException (org.neo4j.graphdb.security.AuthorizationViolationException)1 CommunitySecurityLog (org.neo4j.internal.kernel.api.security.CommunitySecurityLog)1 SecurityContext (org.neo4j.internal.kernel.api.security.SecurityContext)1 IndexProviderDescriptor (org.neo4j.internal.schema.IndexProviderDescriptor)1 IndexingService (org.neo4j.kernel.impl.api.index.IndexingService)1 TxState (org.neo4j.kernel.impl.api.state.TxState)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial