Search in sources :

Example 1 with ManagedAclImpl

use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.

the class AbstractAclServiceRestEndpoint method updateAcl.

@PUT
@Path("/acl/{aclId}")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "updateacl", description = "Update an ACL", returnDescription = "Update an ACL", pathParameters = { @RestParameter(name = "aclId", isRequired = true, description = "The ACL identifier", type = INTEGER) }, restParameters = { @RestParameter(name = "name", isRequired = true, description = "The ACL name", type = STRING), @RestParameter(name = "acl", isRequired = true, description = "The access control list", type = STRING) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The ACL has successfully been updated"), @RestResponse(responseCode = SC_NOT_FOUND, description = "The ACL has not been found"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Unable to parse the ACL"), @RestResponse(responseCode = SC_INTERNAL_SERVER_ERROR, description = "Error during updating the ACL") })
public String updateAcl(@PathParam("aclId") long aclId, @FormParam("name") String name, @FormParam("acl") String accessControlList) throws NotFoundException {
    final Organization org = getSecurityService().getOrganization();
    final AccessControlList acl = parseAcl.apply(accessControlList);
    final ManagedAclImpl managedAcl = new ManagedAclImpl(aclId, name, org.getId(), acl);
    if (!aclService().updateAcl(managedAcl)) {
        logger.info("No ACL with id '{}' could be found under organization '{}'", aclId, org.getId());
        throw new NotFoundException();
    }
    return JsonConv.full(managedAcl).toJson();
}
Also used : JsonConv.fullAccessControlList(org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList) AccessControlList(org.opencastproject.security.api.AccessControlList) Organization(org.opencastproject.security.api.Organization) ManagedAclImpl(org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl) NotFoundException(org.opencastproject.util.NotFoundException) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) RestQuery(org.opencastproject.util.doc.rest.RestQuery) PUT(javax.ws.rs.PUT)

Example 2 with ManagedAclImpl

use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.

the class JpaAclDbTest method testProvider.

@Test
public void testProvider() {
    // 
    // add ACL to org1
    final AccessControlList publicAcl = acl(entry("anonymous", "read", true));
    final Option<ManagedAcl> acl = p.createAcl(org1, publicAcl, "public");
    assertTrue(acl.isSome());
    assertTrue(p.getAcl(org1, acl.get().getId()).isSome());
    // ACL should not be visible for org2
    assertTrue(p.getAcl(org2, acl.get().getId()).isNone());
    // create duplicate which should be denied
    assertTrue(p.createAcl(org1, publicAcl, "public").isNone());
    // 
    // add another ACL to org1
    p.createAcl(org1, acl(entries("instructor", tuple("read", true), tuple("write", true))), "instructor");
    assertEquals(2, p.getAcls(org1).size());
    // org2 should still have no ACLs
    assertEquals(0, p.getAcls(org2).size());
    // 
    // add same ACL to org2
    p.createAcl(org2, publicAcl, "public");
    assertEquals(1, p.getAcls(org2).size());
    assertEquals(2, p.getAcls(org1).size());
    // 
    // update
    final ManagedAcl org1Acl = acl.get();
    // update with new ACL
    assertTrue(p.updateAcl(new ManagedAclImpl(org1Acl.getId(), org1Acl.getName(), org1Acl.getOrganizationId(), acl(entry("anonymous", "write", true)))));
    assertEquals("write", p.getAcl(org1, org1Acl.getId()).get().getAcl().getEntries().get(0).getAction());
    // update with new name
    final ManagedAcl org1AclUpdated = new ManagedAclImpl(org1Acl.getId(), "public2", org1Acl.getOrganizationId(), org1Acl.getAcl());
    assertTrue(p.updateAcl(org1AclUpdated));
    assertEquals("public2", p.getAcl(org1, org1AclUpdated.getId()).get().getName());
    // try to update a non-existing ACL
    assertFalse(p.updateAcl(new ManagedAclImpl(27427492384723L, "public2", org1.getId(), org1Acl.getAcl())));
    assertEquals(2, p.getAcls(org1).size());
    // update without any update
    assertTrue(p.updateAcl(org1AclUpdated));
    assertEquals(2, p.getAcls(org1).size());
    // try to update an ACL of a different org
    assertFalse(p.updateAcl(new ManagedAclImpl(org1Acl.getId(), "bla", org2.getId(), org1Acl.getAcl())));
    // 
    // delete
    assertTrue(p.deleteAcl(org1, org1Acl.getId()));
    assertEquals(1, p.getAcls(org1).size());
    // try to delete a non-existing ACL
    assertFalse(p.deleteAcl(org1, 894892374923L));
    // try to delete an ACL of a different org
    assertFalse(p.deleteAcl(org2, org1Acl.getId()));
    assertEquals(1, p.getAcls(org2).size());
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) ManagedAclImpl(org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl) Test(org.junit.Test)

Example 3 with ManagedAclImpl

use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.

the class AccessInformationUtilTest method testSerializeManagedAcl.

/**
 * Test method for {@link AccessInformationUtil#serializeManagedAcl(ManagedAcl)}
 */
@Test
public void testSerializeManagedAcl() throws Exception {
    AccessControlList acl = new AccessControlList();
    acl.getEntries().add(ACE_ROLE_ADMIN_ALLOW_ACTION_READ);
    ManagedAcl manAcl = new ManagedAclImpl(1L, MANAGED_ACL_1_NAME, ORGANISATION_1_ID, acl);
    JSONObject aclJson = AccessInformationUtil.serializeManagedAcl(manAcl);
    assertEquals(1L, aclJson.getLong("id"));
    assertEquals(MANAGED_ACL_1_NAME, aclJson.getString("name"));
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) JSONObject(org.codehaus.jettison.json.JSONObject) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) ManagedAclImpl(org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl) Test(org.junit.Test)

Example 4 with ManagedAclImpl

use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.

the class AclEndpoint method updateAcl.

@PUT
@Path("{id}")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "updateacl", description = "Update an ACL", returnDescription = "Update an ACL", pathParameters = { @RestParameter(name = "id", isRequired = true, description = "The ACL identifier", type = INTEGER) }, restParameters = { @RestParameter(name = "name", isRequired = true, description = "The ACL name", type = STRING), @RestParameter(name = "acl", isRequired = true, description = "The access control list", type = STRING) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The ACL has successfully been updated"), @RestResponse(responseCode = SC_NOT_FOUND, description = "The ACL has not been found"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Unable to parse the ACL") })
public Response updateAcl(@PathParam("id") long aclId, @FormParam("name") String name, @FormParam("acl") String accessControlList) throws NotFoundException {
    final Organization org = securityService.getOrganization();
    final AccessControlList acl = parseAcl.apply(accessControlList);
    final ManagedAclImpl managedAcl = new ManagedAclImpl(aclId, name, org.getId(), acl);
    if (!aclService().updateAcl(managedAcl)) {
        logger.info("No ACL with id '{}' could be found under organization '{}'", aclId, org.getId());
        throw new NotFoundException();
    }
    return RestUtils.okJson(full(managedAcl));
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) Organization(org.opencastproject.security.api.Organization) ManagedAclImpl(org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl) NotFoundException(org.opencastproject.util.NotFoundException) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) RestQuery(org.opencastproject.util.doc.rest.RestQuery) PUT(javax.ws.rs.PUT)

Example 5 with ManagedAclImpl

use of org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl in project opencast by opencast.

the class TestAclEndpoint method setupServices.

private void setupServices() {
    final DefaultOrganization org = new DefaultOrganization();
    AccessControlEntry ace1 = new AccessControlEntry("ROLE_ADMIN", "read", true);
    AccessControlEntry ace2 = new AccessControlEntry("ROLE_ANONYMOUS", "read", true);
    AccessControlEntry ace3 = new AccessControlEntry("ROLE_ADMIN", "read", false);
    AccessControlEntry ace4 = new AccessControlEntry("ROLE_ANONYMOUS", "read", false);
    AccessControlList publicAcl = new AccessControlList(ace1, ace2);
    AccessControlList privateAcl = new AccessControlList(ace3, ace4);
    List<ManagedAcl> managedAcls = new ArrayList<ManagedAcl>();
    managedAcls.add(new ManagedAclImpl(1L, "public", org.getId(), publicAcl));
    managedAcls.add(new ManagedAclImpl(2L, "private", org.getId(), privateAcl));
    AclService aclService = EasyMock.createNiceMock(AclService.class);
    EasyMock.expect(aclService.getAcls()).andReturn(managedAcls).anyTimes();
    EasyMock.expect(aclService.getAcl(EasyMock.anyLong())).andReturn(Option.some(managedAcls.get(0))).anyTimes();
    EasyMock.replay(aclService);
    AclServiceFactory aclServiceFactory = EasyMock.createNiceMock(AclServiceFactory.class);
    EasyMock.expect(aclServiceFactory.serviceFor(EasyMock.anyObject(Organization.class))).andReturn(aclService).anyTimes();
    EasyMock.replay(aclServiceFactory);
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getOrganization()).andReturn(org).anyTimes();
    EasyMock.replay(securityService);
    this.setAclServiceFactory(aclServiceFactory);
    this.setSecurityService(securityService);
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) AclServiceFactory(org.opencastproject.authorization.xacml.manager.api.AclServiceFactory) SecurityService(org.opencastproject.security.api.SecurityService) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) ArrayList(java.util.ArrayList) ManagedAclImpl(org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl) AccessControlEntry(org.opencastproject.security.api.AccessControlEntry) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)

Aggregations

ManagedAclImpl (org.opencastproject.authorization.xacml.manager.impl.ManagedAclImpl)5 AccessControlList (org.opencastproject.security.api.AccessControlList)5 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)3 PUT (javax.ws.rs.PUT)2 Path (javax.ws.rs.Path)2 Produces (javax.ws.rs.Produces)2 Test (org.junit.Test)2 Organization (org.opencastproject.security.api.Organization)2 NotFoundException (org.opencastproject.util.NotFoundException)2 RestQuery (org.opencastproject.util.doc.rest.RestQuery)2 ArrayList (java.util.ArrayList)1 JSONObject (org.codehaus.jettison.json.JSONObject)1 AclService (org.opencastproject.authorization.xacml.manager.api.AclService)1 AclServiceFactory (org.opencastproject.authorization.xacml.manager.api.AclServiceFactory)1 JsonConv.fullAccessControlList (org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList)1 AccessControlEntry (org.opencastproject.security.api.AccessControlEntry)1 DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)1 SecurityService (org.opencastproject.security.api.SecurityService)1