Examples with SecurityContext org.neo4j.internal.kernel.api.security.SecurityContext used on opensource projects

Search in sources :

Example 11 with SecurityContext

use of org.neo4j.internal.kernel.api.security.SecurityContext in project neo4j by neo4j.

the class AllStoreHolder method createAggregationFunction.

private UserAggregator createAggregationFunction(int id) throws ProcedureException {
    ktx.assertOpen();
    AccessMode mode = ktx.securityContext().mode();
    if (!globalProcedures.isBuiltInAggregatingFunction(id) && !mode.allowsExecuteAggregatingFunction(id)) {
        String message = format("Executing a user defined aggregating function is not allowed for %s.", ktx.securityContext().description());
        throw ktx.securityAuthorizationHandler().logAndGetAuthorizationException(ktx.securityContext(), message);
    }
    final SecurityContext securityContext = mode.shouldBoostAggregatingFunction(id) ? ktx.securityContext().withMode(new OverriddenAccessMode(mode, AccessMode.Static.READ)) : ktx.securityContext().withMode(new RestrictedAccessMode(mode, AccessMode.Static.READ));
    try (KernelTransaction.Revertable ignore = ktx.overrideWith(securityContext)) {
        UserAggregator aggregator = globalProcedures.createAggregationFunction(prepareContext(securityContext, ProcedureCallContext.EMPTY), id);
        return new UserAggregator() {

            @Override
            public void update(AnyValue[] input) throws ProcedureException {
                try (KernelTransaction.Revertable ignore = ktx.overrideWith(securityContext)) {
                    aggregator.update(input);
                }
            }

            @Override
            public AnyValue result() throws ProcedureException {
                try (KernelTransaction.Revertable ignore = ktx.overrideWith(securityContext)) {
                    return aggregator.result();
                }
            }
        };
    }
}
Also used : KernelTransaction(org.neo4j.kernel.api.KernelTransaction) OverriddenAccessMode(org.neo4j.kernel.impl.api.security.OverriddenAccessMode) RestrictedAccessMode(org.neo4j.kernel.impl.api.security.RestrictedAccessMode) SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) UserAggregator(org.neo4j.internal.kernel.api.procs.UserAggregator) AdminAccessMode(org.neo4j.internal.kernel.api.security.AdminAccessMode) AccessMode(org.neo4j.internal.kernel.api.security.AccessMode) RestrictedAccessMode(org.neo4j.kernel.impl.api.security.RestrictedAccessMode) OverriddenAccessMode(org.neo4j.kernel.impl.api.security.OverriddenAccessMode)

Example 12 with SecurityContext

use of org.neo4j.internal.kernel.api.security.SecurityContext in project neo4j by neo4j.

the class TxStateTransactionDataViewTest method shouldAccessUsernameFromAuthSubject.

@Test
void shouldAccessUsernameFromAuthSubject() {
    AuthSubject authSubject = mock(AuthSubject.class);
    when(authSubject.username()).thenReturn("Christof");
    when(transaction.securityContext()).thenReturn(new SecurityContext(authSubject, AccessMode.Static.FULL, EMBEDDED_CONNECTION, null));
    TxStateTransactionDataSnapshot transactionDataSnapshot = snapshot();
    assertEquals("Christof", transactionDataSnapshot.username());
}
Also used : AuthSubject(org.neo4j.internal.kernel.api.security.AuthSubject) SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) Test(org.junit.jupiter.api.Test)

Example 13 with SecurityContext

use of org.neo4j.internal.kernel.api.security.SecurityContext in project neo4j by neo4j.

the class RelationshipTransactionStateTestBase method shouldIncludeAddedRelationshipsByTypeAndDirection.

@Test
void shouldIncludeAddedRelationshipsByTypeAndDirection() throws Exception {
    int typeId1;
    int typeId2;
    long relationship1;
    long relationship2;
    long sourceNode;
    long targetNode;
    try (KernelTransaction tx = beginTransaction()) {
        Write write = tx.dataWrite();
        typeId1 = tx.tokenWrite().relationshipTypeGetOrCreateForName("R");
        typeId2 = tx.tokenWrite().relationshipTypeGetOrCreateForName("R2");
        sourceNode = write.nodeCreate();
        relationship1 = write.relationshipCreate(sourceNode, typeId1, write.nodeCreate());
        relationship2 = write.relationshipCreate(sourceNode, typeId2, write.nodeCreate());
        targetNode = write.nodeCreate();
        tx.commit();
    }
    SecurityContext loginContext = new SecurityContext(AuthSubject.AUTH_DISABLED, new TestAccessMode(true, false, true, false), EMBEDDED_CONNECTION, null);
    try (KernelTransaction tx = beginTransaction(loginContext);
        NodeCursor node = tx.cursors().allocateNodeCursor(NULL);
        RelationshipTraversalCursor traversal = tx.cursors().allocateRelationshipTraversalCursor(NULL)) {
        Write write = tx.dataWrite();
        // OUTGOING :R
        long r1 = write.relationshipCreate(sourceNode, typeId1, targetNode);
        // INCOMING :R
        long r2 = write.relationshipCreate(targetNode, typeId1, sourceNode);
        // LOOP :R
        long r3 = write.relationshipCreate(sourceNode, typeId1, sourceNode);
        // OUTGOING :R2
        long r4 = write.relationshipCreate(sourceNode, typeId2, targetNode);
        // INCOMING :R2
        long r5 = write.relationshipCreate(targetNode, typeId2, sourceNode);
        // LOOP :R2
        long r6 = write.relationshipCreate(sourceNode, typeId2, sourceNode);
        org.neo4j.internal.kernel.api.Read read = tx.dataRead();
        read.singleNode(sourceNode, node);
        assertTrue(node.next());
        assertRelationships(node, traversal, ALL_RELATIONSHIPS, relationship1, relationship2, r1, r2, r3, r4, r5, r6);
        assertRelationships(node, traversal, selection(OUTGOING), relationship1, relationship2, r1, r3, r4, r6);
        assertRelationships(node, traversal, selection(typeId1, BOTH), relationship1, r1, r2, r3);
        assertRelationships(node, traversal, selection(typeId1, OUTGOING), relationship1, r1, r3);
        assertRelationships(node, traversal, selection(typeId1, INCOMING), r2, r3);
        assertRelationships(node, traversal, selection(typeId2, BOTH), relationship2, r4, r5, r6);
        assertRelationships(node, traversal, selection(typeId2, OUTGOING), relationship2, r4, r6);
        assertRelationships(node, traversal, selection(typeId2, INCOMING), r5, r6);
        assertRelationships(node, traversal, selection(new int[] { typeId1, typeId2 }, BOTH), relationship1, relationship2, r1, r2, r3, r4, r5, r6);
        assertRelationships(node, traversal, selection(new int[] { typeId1, typeId2 }, OUTGOING), relationship1, relationship2, r1, r3, r4, r6);
        assertRelationships(node, traversal, selection(new int[] { typeId1, typeId2 }, INCOMING), r2, r3, r5, r6);
    }
}
Also used : Write(org.neo4j.internal.kernel.api.Write) RelationshipTraversalCursor(org.neo4j.internal.kernel.api.RelationshipTraversalCursor) KernelTransaction(org.neo4j.kernel.api.KernelTransaction) Read(org.neo4j.internal.kernel.api.Read) SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) NodeCursor(org.neo4j.internal.kernel.api.NodeCursor) TestAccessMode(org.neo4j.internal.kernel.api.security.TestAccessMode) Test(org.junit.jupiter.api.Test)

Example 14 with SecurityContext

use of org.neo4j.internal.kernel.api.security.SecurityContext in project neo4j by neo4j.

the class RelationshipTransactionStateTestBase method shouldCountNewRelationshipsRestrictedUser.

@Test
void shouldCountNewRelationshipsRestrictedUser() throws Exception {
    int relationship;
    try (KernelTransaction tx = beginTransaction()) {
        Write write = tx.dataWrite();
        relationship = tx.tokenWrite().relationshipTypeGetOrCreateForName("R");
        write.relationshipCreate(write.nodeCreate(), relationship, write.nodeCreate());
        tx.commit();
    }
    SecurityContext loginContext = new SecurityContext(AuthSubject.AUTH_DISABLED, new TestAccessMode(true, false, true, false), EMBEDDED_CONNECTION, null);
    try (KernelTransaction tx = beginTransaction(loginContext)) {
        Write write = tx.dataWrite();
        write.relationshipCreate(write.nodeCreate(), relationship, write.nodeCreate());
        long countsTxState = tx.dataRead().countsForRelationship(-1, relationship, -1);
        long countsNoTxState = tx.dataRead().countsForRelationshipWithoutTxState(-1, relationship, -1);
        assertEquals(2, countsTxState);
        assertEquals(1, countsNoTxState);
    }
}
Also used : Write(org.neo4j.internal.kernel.api.Write) KernelTransaction(org.neo4j.kernel.api.KernelTransaction) SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) TestAccessMode(org.neo4j.internal.kernel.api.security.TestAccessMode) Test(org.junit.jupiter.api.Test)

Example 15 with SecurityContext

use of org.neo4j.internal.kernel.api.security.SecurityContext in project neo4j by neo4j.

the class RelationshipTransactionStateTestBase method shouldNotCountRemovedRelationshipsRestrictedUser.

@Test
void shouldNotCountRemovedRelationshipsRestrictedUser() throws Exception {
    int relationshipId;
    long relationship;
    try (KernelTransaction tx = beginTransaction()) {
        Write write = tx.dataWrite();
        relationshipId = tx.tokenWrite().relationshipTypeGetOrCreateForName("R");
        relationship = write.relationshipCreate(write.nodeCreate(), relationshipId, write.nodeCreate());
        tx.commit();
    }
    SecurityContext loginContext = new SecurityContext(AuthSubject.AUTH_DISABLED, new TestAccessMode(true, false, true, false), EMBEDDED_CONNECTION, null);
    try (KernelTransaction tx = beginTransaction(loginContext)) {
        Write write = tx.dataWrite();
        write.relationshipDelete(relationship);
        long countsTxState = tx.dataRead().countsForRelationship(-1, relationshipId, -1);
        long countsNoTxState = tx.dataRead().countsForRelationshipWithoutTxState(-1, relationshipId, -1);
        assertEquals(0, countsTxState);
        assertEquals(1, countsNoTxState);
    }
}
Also used : Write(org.neo4j.internal.kernel.api.Write) KernelTransaction(org.neo4j.kernel.api.KernelTransaction) SecurityContext(org.neo4j.internal.kernel.api.security.SecurityContext) TestAccessMode(org.neo4j.internal.kernel.api.security.TestAccessMode) Test(org.junit.jupiter.api.Test)

Aggregations

SecurityContext (org.neo4j.internal.kernel.api.security.SecurityContext)25 Test (org.junit.jupiter.api.Test)17 KernelTransaction (org.neo4j.kernel.api.KernelTransaction)15 TestAccessMode (org.neo4j.internal.kernel.api.security.TestAccessMode)7 RestrictedAccessMode (org.neo4j.kernel.impl.api.security.RestrictedAccessMode)5 AccessMode (org.neo4j.internal.kernel.api.security.AccessMode)4 OverriddenAccessMode (org.neo4j.kernel.impl.api.security.OverriddenAccessMode)3 InternalTransaction (org.neo4j.kernel.impl.coreapi.InternalTransaction)3 ArrayList (java.util.ArrayList)2 List (java.util.List)2 Map (java.util.Map)2 Consumer (java.util.function.Consumer)2 MutableObject (org.apache.commons.lang3.mutable.MutableObject)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 Assertions.assertThrows (org.junit.jupiter.api.Assertions.assertThrows)2 InOrder (org.mockito.InOrder)2 Mockito.mock (org.mockito.Mockito.mock)2 Mockito.when (org.mockito.Mockito.when)2 ReturnsDeepStubs (org.mockito.internal.stubbing.defaultanswers.ReturnsDeepStubs)2 DependencyResolver (org.neo4j.common.DependencyResolver)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial