Example 6 with SecurityContext
use of org.neo4j.kernel.api.security.SecurityContext in project neo4j by neo4j.
the class KernelTransactionsTest method exceptionWhenStartingNewTransactionOnStoppedKernelTransactions.
@Test
public void exceptionWhenStartingNewTransactionOnStoppedKernelTransactions() throws Throwable {
KernelTransactions kernelTransactions = newKernelTransactions();
SecurityContext securityContext = mock(SecurityContext.class);
t2.execute((OtherThreadExecutor.WorkerCommand<Void, Void>) state -> {
stopKernelTransactions(kernelTransactions);
return null;
}).get();
expectedException.expect(IllegalStateException.class);
kernelTransactions.newInstance(KernelTransaction.Type.explicit, securityContext, 0L);
}
Also used :
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
Test(org.junit.Test)
Example 7 with SecurityContext
use of org.neo4j.kernel.api.security.SecurityContext in project neo4j by neo4j.
the class KernelTransactionsTest method shouldNotLeakTransactionOnSecurityContextFreezeFailure.
@Test
public void shouldNotLeakTransactionOnSecurityContextFreezeFailure() throws Throwable {
KernelTransactions kernelTransactions = newKernelTransactions();
SecurityContext securityContext = mock(SecurityContext.class);
when(securityContext.freeze()).thenThrow(new AuthorizationExpiredException("Freeze failed."));
assertException(() -> kernelTransactions.newInstance(KernelTransaction.Type.explicit, securityContext, 0L), AuthorizationExpiredException.class, "Freeze failed.");
assertThat("We should not have any transaction", kernelTransactions.activeTransactions(), is(empty()));
}
Also used :
AuthorizationExpiredException(org.neo4j.graphdb.security.AuthorizationExpiredException)
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
Test(org.junit.Test)
Example 8 with SecurityContext
use of org.neo4j.kernel.api.security.SecurityContext in project neo4j by neo4j.
the class TransactionalRequestDispatcher method dispatch.
@Override
public void dispatch(Object o, final HttpContext httpContext) {
RepresentationWriteHandler representationWriteHandler = DO_NOTHING;
SecurityContext securityContext = AuthorizedRequestWrapper.getSecurityContextFromHttpContext(httpContext);
final GraphDatabaseFacade graph = database.getGraph();
if (o instanceof RestfulGraphDatabase) {
RestfulGraphDatabase restfulGraphDatabase = (RestfulGraphDatabase) o;
final Transaction transaction = graph.beginTransaction(KernelTransaction.Type.implicit, securityContext);
restfulGraphDatabase.getOutputFormat().setRepresentationWriteHandler(representationWriteHandler = new CommitOnSuccessfulStatusCodeRepresentationWriteHandler(httpContext, transaction));
} else if (o instanceof BatchOperationService) {
BatchOperationService batchOperationService = (BatchOperationService) o;
final Transaction transaction = graph.beginTransaction(KernelTransaction.Type.explicit, securityContext);
batchOperationService.setRepresentationWriteHandler(representationWriteHandler = new CommitOnSuccessfulStatusCodeRepresentationWriteHandler(httpContext, transaction));
} else if (o instanceof CypherService) {
CypherService cypherService = (CypherService) o;
final Transaction transaction = graph.beginTransaction(KernelTransaction.Type.explicit, securityContext);
cypherService.getOutputFormat().setRepresentationWriteHandler(representationWriteHandler = new CommitOnSuccessfulStatusCodeRepresentationWriteHandler(httpContext, transaction));
} else if (o instanceof DatabaseMetadataService) {
DatabaseMetadataService databaseMetadataService = (DatabaseMetadataService) o;
final Transaction transaction = graph.beginTransaction(KernelTransaction.Type.implicit, securityContext);
databaseMetadataService.setRepresentationWriteHandler(representationWriteHandler = new RepresentationWriteHandler() {
@Override
public void onRepresentationStartWriting() {
// do nothing
}
@Override
public void onRepresentationWritten() {
// doesn't need to commit
}
@Override
public void onRepresentationFinal() {
transaction.close();
}
});
} else if (o instanceof ExtensionService) {
ExtensionService extensionService = (ExtensionService) o;
extensionService.getOutputFormat().setRepresentationWriteHandler(representationWriteHandler = new RepresentationWriteHandler() {
Transaction transaction;
@Override
public void onRepresentationStartWriting() {
transaction = graph.beginTransaction(KernelTransaction.Type.implicit, securityContext);
}
@Override
public void onRepresentationWritten() {
// doesn't need to commit
}
@Override
public void onRepresentationFinal() {
if (transaction != null) {
transaction.close();
}
}
});
}
try {
requestDispatcher.dispatch(o, httpContext);
} catch (RuntimeException e) {
representationWriteHandler.onRepresentationFinal();
throw e;
}
}
Also used :
ExtensionService(org.neo4j.server.rest.web.ExtensionService)
CypherService(org.neo4j.server.rest.web.CypherService)
RestfulGraphDatabase(org.neo4j.server.rest.web.RestfulGraphDatabase)
KernelTransaction(org.neo4j.kernel.api.KernelTransaction)
Transaction(org.neo4j.graphdb.Transaction)
DatabaseMetadataService(org.neo4j.server.rest.web.DatabaseMetadataService)
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
RepresentationWriteHandler(org.neo4j.server.rest.repr.RepresentationWriteHandler)
GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade)
BatchOperationService(org.neo4j.server.rest.web.BatchOperationService)
Example 9 with SecurityContext
use of org.neo4j.kernel.api.security.SecurityContext in project neo4j by neo4j.
the class MultiRealmAuthManagerTest method shouldHaveNoPermissionsAfterLogout.
@Test
public void shouldHaveNoPermissionsAfterLogout() throws Throwable {
// Given
createTestUsers();
manager.start();
// When
SecurityContext securityContext = manager.login(authToken("morpheus", "abc123"));
assertTrue(securityContext.mode().allowsReads());
assertTrue(securityContext.mode().allowsWrites());
assertTrue(securityContext.mode().allowsSchemaWrites());
securityContext.subject().logout();
// Then
assertFalse(securityContext.mode().allowsReads());
assertFalse(securityContext.mode().allowsWrites());
assertFalse(securityContext.mode().allowsSchemaWrites());
}
Also used :
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
Test(org.junit.Test)
Example 10 with SecurityContext
use of org.neo4j.kernel.api.security.SecurityContext in project neo4j by neo4j.
the class MultiRealmAuthManagerTest method userWithPublisherRoleShouldHaveCorrectPermissions.
@Test
public void userWithPublisherRoleShouldHaveCorrectPermissions() throws Throwable {
// Given
createTestUsers();
manager.start();
// When
SecurityContext securityContext = manager.login(authToken("tank", "abc123"));
// Then
assertTrue("should allow reads", securityContext.mode().allowsReads());
assertTrue("should allow writes", securityContext.mode().allowsWrites());
assertFalse("should _not_ allow schema writes", securityContext.mode().allowsSchemaWrites());
}
Also used :
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
Test(org.junit.Test)
Aggregations
SecurityContext (org.neo4j.kernel.api.security.SecurityContext)33
Test (org.junit.Test)20
KernelTransaction (org.neo4j.kernel.api.KernelTransaction)6
ThreadToStatementContextBridge (org.neo4j.kernel.impl.core.ThreadToStatementContextBridge)4
POST (javax.ws.rs.POST)3
Path (javax.ws.rs.Path)3
IOException (java.io.IOException)2
Principal (java.security.Principal)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
Consumes (javax.ws.rs.Consumes)2
Produces (javax.ws.rs.Produces)2
InOrder (org.mockito.InOrder)2
ReturnsDeepStubs (org.mockito.internal.stubbing.defaultanswers.ReturnsDeepStubs)2
Transaction (org.neo4j.graphdb.Transaction)2
QueryRegistryOperations (org.neo4j.kernel.api.QueryRegistryOperations)2
Statement (org.neo4j.kernel.api.Statement)2
InvalidArgumentsException (org.neo4j.kernel.api.exceptions.InvalidArgumentsException)2
ExecutingQuery (org.neo4j.kernel.api.query.ExecutingQuery)2
KernelStatement (org.neo4j.kernel.impl.api.KernelStatement)2
InternalTransaction (org.neo4j.kernel.impl.coreapi.InternalTransaction)2
