use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.
the class AbstractAclServiceRestEndpoint method updateAcl.
@PUT
@Path("/acl/{aclId}")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "updateacl", description = "Update an ACL", returnDescription = "Update an ACL", pathParameters = { @RestParameter(name = "aclId", isRequired = true, description = "The ACL identifier", type = INTEGER) }, restParameters = { @RestParameter(name = "name", isRequired = true, description = "The ACL name", type = STRING), @RestParameter(name = "acl", isRequired = true, description = "The access control list", type = STRING) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The ACL has successfully been updated"), @RestResponse(responseCode = SC_NOT_FOUND, description = "The ACL has not been found"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Unable to parse the ACL"), @RestResponse(responseCode = SC_INTERNAL_SERVER_ERROR, description = "Error during updating the ACL") })
public String updateAcl(@PathParam("aclId") long aclId, @FormParam("name") String name, @FormParam("acl") String accessControlList) throws NotFoundException {
final Organization org = getSecurityService().getOrganization();
final AccessControlList acl = parseAcl.apply(accessControlList);
final ManagedAclImpl managedAcl = new ManagedAclImpl(aclId, name, org.getId(), acl);
if (!aclService().updateAcl(managedAcl)) {
logger.info("No ACL with id '{}' could be found under organization '{}'", aclId, org.getId());
throw new NotFoundException();
}
return JsonConv.full(managedAcl).toJson();
}
use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.
the class JpaAclDbTest method testProvider.
@Test
public void testProvider() {
//
// add ACL to org1
final AccessControlList publicAcl = acl(entry("anonymous", "read", true));
final Option<ManagedAcl> acl = p.createAcl(org1, publicAcl, "public");
assertTrue(acl.isSome());
assertTrue(p.getAcl(org1, acl.get().getId()).isSome());
// ACL should not be visible for org2
assertTrue(p.getAcl(org2, acl.get().getId()).isNone());
// create duplicate which should be denied
assertTrue(p.createAcl(org1, publicAcl, "public").isNone());
//
// add another ACL to org1
p.createAcl(org1, acl(entries("instructor", tuple("read", true), tuple("write", true))), "instructor");
assertEquals(2, p.getAcls(org1).size());
// org2 should still have no ACLs
assertEquals(0, p.getAcls(org2).size());
//
// add same ACL to org2
p.createAcl(org2, publicAcl, "public");
assertEquals(1, p.getAcls(org2).size());
assertEquals(2, p.getAcls(org1).size());
//
// update
final ManagedAcl org1Acl = acl.get();
// update with new ACL
assertTrue(p.updateAcl(new ManagedAclImpl(org1Acl.getId(), org1Acl.getName(), org1Acl.getOrganizationId(), acl(entry("anonymous", "write", true)))));
assertEquals("write", p.getAcl(org1, org1Acl.getId()).get().getAcl().getEntries().get(0).getAction());
// update with new name
final ManagedAcl org1AclUpdated = new ManagedAclImpl(org1Acl.getId(), "public2", org1Acl.getOrganizationId(), org1Acl.getAcl());
assertTrue(p.updateAcl(org1AclUpdated));
assertEquals("public2", p.getAcl(org1, org1AclUpdated.getId()).get().getName());
// try to update a non-existing ACL
assertFalse(p.updateAcl(new ManagedAclImpl(27427492384723L, "public2", org1.getId(), org1Acl.getAcl())));
assertEquals(2, p.getAcls(org1).size());
// update without any update
assertTrue(p.updateAcl(org1AclUpdated));
assertEquals(2, p.getAcls(org1).size());
// try to update an ACL of a different org
assertFalse(p.updateAcl(new ManagedAclImpl(org1Acl.getId(), "bla", org2.getId(), org1Acl.getAcl())));
//
// delete
assertTrue(p.deleteAcl(org1, org1Acl.getId()));
assertEquals(1, p.getAcls(org1).size());
// try to delete a non-existing ACL
assertFalse(p.deleteAcl(org1, 894892374923L));
// try to delete an ACL of a different org
assertFalse(p.deleteAcl(org2, org1Acl.getId()));
assertEquals(1, p.getAcls(org2).size());
}
use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.
the class AccessInformationUtilTest method testSerializeManagedAcl.
/**
* Test method for {@link AccessInformationUtil#serializeManagedAcl(ManagedAcl)}
*/
@Test
public void testSerializeManagedAcl() throws Exception {
AccessControlList acl = new AccessControlList();
acl.getEntries().add(ACE_ROLE_ADMIN_ALLOW_ACTION_READ);
ManagedAcl manAcl = new ManagedAclImpl(1L, MANAGED_ACL_1_NAME, ORGANISATION_1_ID, acl);
JSONObject aclJson = AccessInformationUtil.serializeManagedAcl(manAcl);
assertEquals(1L, aclJson.getLong("id"));
assertEquals(MANAGED_ACL_1_NAME, aclJson.getString("name"));
}
use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.
the class AclEndpoint method updateAcl.
@PUT
@Path("{id}")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "updateacl", description = "Update an ACL", returnDescription = "Update an ACL", pathParameters = { @RestParameter(name = "id", isRequired = true, description = "The ACL identifier", type = INTEGER) }, restParameters = { @RestParameter(name = "name", isRequired = true, description = "The ACL name", type = STRING), @RestParameter(name = "acl", isRequired = true, description = "The access control list", type = STRING) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The ACL has successfully been updated"), @RestResponse(responseCode = SC_NOT_FOUND, description = "The ACL has not been found"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Unable to parse the ACL") })
public Response updateAcl(@PathParam("id") long aclId, @FormParam("name") String name, @FormParam("acl") String accessControlList) throws NotFoundException {
final Organization org = securityService.getOrganization();
final AccessControlList acl = parseAcl.apply(accessControlList);
final ManagedAclImpl managedAcl = new ManagedAclImpl(aclId, name, org.getId(), acl);
if (!aclService().updateAcl(managedAcl)) {
logger.info("No ACL with id '{}' could be found under organization '{}'", aclId, org.getId());
throw new NotFoundException();
}
return RestUtils.okJson(full(managedAcl));
}
use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.
the class TestAclEndpoint method setupServices.
private void setupServices() {
final DefaultOrganization org = new DefaultOrganization();
AccessControlEntry ace1 = new AccessControlEntry("ROLE_ADMIN", "read", true);
AccessControlEntry ace2 = new AccessControlEntry("ROLE_ANONYMOUS", "read", true);
AccessControlEntry ace3 = new AccessControlEntry("ROLE_ADMIN", "read", false);
AccessControlEntry ace4 = new AccessControlEntry("ROLE_ANONYMOUS", "read", false);
AccessControlList publicAcl = new AccessControlList(ace1, ace2);
AccessControlList privateAcl = new AccessControlList(ace3, ace4);
List<ManagedAcl> managedAcls = new ArrayList<ManagedAcl>();
managedAcls.add(new ManagedAclImpl(1L, "public", org.getId(), publicAcl));
managedAcls.add(new ManagedAclImpl(2L, "private", org.getId(), privateAcl));
AclService aclService = EasyMock.createNiceMock(AclService.class);
EasyMock.expect(aclService.getAcls()).andReturn(managedAcls).anyTimes();
EasyMock.expect(aclService.getAcl(EasyMock.anyLong())).andReturn(Option.some(managedAcls.get(0))).anyTimes();
EasyMock.replay(aclService);
AclServiceFactory aclServiceFactory = EasyMock.createNiceMock(AclServiceFactory.class);
EasyMock.expect(aclServiceFactory.serviceFor(EasyMock.anyObject(Organization.class))).andReturn(aclService).anyTimes();
EasyMock.replay(aclServiceFactory);
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
EasyMock.expect(securityService.getOrganization()).andReturn(org).anyTimes();
EasyMock.replay(securityService);
this.setAclServiceFactory(aclServiceFactory);
this.setSecurityService(securityService);
}
Aggregations