Search in sources :

Example 26 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testUserSwitchingToAdminForbidden.

@Test
public void testUserSwitchingToAdminForbidden() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
    userResponder.setResponse(defaultUser);
    switchingUserResponder.setResponse(defaultUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("admin").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) JaxbUser(org.opencastproject.security.api.JaxbUser) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 27 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testUserSwitching.

@Test
public void testUserSwitching() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    securityService.setUser(EasyMock.anyObject(User.class));
    EasyMock.expectLastCall().times(2);
    EasyMock.replay(securityService);
    User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
    userResponder.setResponse(defaultUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("joe").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(securityService);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) JaxbUser(org.opencastproject.security.api.JaxbUser) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 28 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class ThemesServiceDatabaseTest method testStoreUpdateAndDelete.

@Test
public void testStoreUpdateAndDelete() throws Exception {
    JaxbOrganization org = new DefaultOrganization();
    JaxbUser creator = new JaxbUser("admin", "test", org);
    Theme theme = new Theme(Option.<Long>none(), new Date(), true, creator, "New");
    Theme updateTheme = themesDatabase.updateTheme(theme);
    Assert.assertEquals("New", updateTheme.getName());
    Assert.assertEquals(1, themesDatabase.countThemes());
    theme = new Theme(updateTheme.getId(), new Date(), true, creator, "Updated");
    updateTheme = themesDatabase.updateTheme(theme);
    Assert.assertEquals("Updated", updateTheme.getName());
    Assert.assertEquals(1, themesDatabase.countThemes());
    try {
        theme = themesDatabase.getTheme(updateTheme.getId().get());
        Assert.assertNotNull(theme);
    } catch (NotFoundException e) {
        Assert.fail("Existing theme has not been found");
    }
    themesDatabase.deleteTheme(updateTheme.getId().get());
    Assert.assertEquals(0, themesDatabase.countThemes());
    try {
        themesDatabase.getTheme(updateTheme.getId().get());
        Assert.fail("Deleted theme has been found");
    } catch (NotFoundException e) {
        Assert.assertNotNull(e);
    }
}
Also used : JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) NotFoundException(org.opencastproject.util.NotFoundException) JaxbUser(org.opencastproject.security.api.JaxbUser) Date(java.util.Date) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 29 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class ThemesServiceDatabaseTest method setUp.

/**
 * @throws java.lang.Exception
 */
@Before
public void setUp() throws Exception {
    // Mock up a security service
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    User user = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.replay(securityService);
    UserDirectoryService userDirectoryService = EasyMock.createNiceMock(UserDirectoryService.class);
    EasyMock.expect(userDirectoryService.loadUser(EasyMock.anyString())).andReturn(user).anyTimes();
    EasyMock.replay(userDirectoryService);
    MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
    messageSender.sendObjectMessage(EasyMock.anyObject(String.class), EasyMock.anyObject(MessageSender.DestinationType.class), EasyMock.anyObject(Serializable.class));
    EasyMock.expectLastCall().anyTimes();
    EasyMock.replay(messageSender);
    themesDatabase = new ThemesServiceDatabaseImpl();
    themesDatabase.setEntityManagerFactory(newTestEntityManagerFactory(ThemesServiceDatabaseImpl.PERSISTENCE_UNIT));
    themesDatabase.setSecurityService(securityService);
    themesDatabase.setUserDirectoryService(userDirectoryService);
    themesDatabase.setMessageSender(messageSender);
    themesDatabase.activate(null);
}
Also used : ThemesServiceDatabaseImpl(org.opencastproject.themes.persistence.ThemesServiceDatabaseImpl) Serializable(java.io.Serializable) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) SecurityService(org.opencastproject.security.api.SecurityService) MessageSender(org.opencastproject.message.broker.api.MessageSender) JaxbUser(org.opencastproject.security.api.JaxbUser) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) UserDirectoryService(org.opencastproject.security.api.UserDirectoryService) Before(org.junit.Before)

Example 30 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class CaptureAgentStateServiceImplTest method testAgentVisibility.

@Test
public void testAgentVisibility() throws Exception {
    // Create a new capture agent called "visibility"
    String agentName = "visibility";
    service.setAgentState(agentName, IDLE);
    // Ensure we can see it
    assertEquals(1, service.getKnownAgents().size());
    // Set the roles allowed to use this agent
    Set<String> roles = new HashSet<>();
    roles.add("a_role_we_do_not_have");
    AgentImpl agent = (AgentImpl) service.getAgent(agentName);
    agent.setSchedulerRoles(roles);
    service.updateAgentInDatabase(agent);
    // Since we are an organizational admin, we should still see the agent
    assertEquals(1, service.getKnownAgents().size());
    // Use a security service that identifies us as a non-administrative user
    DefaultOrganization organization = new DefaultOrganization();
    HashSet<JaxbRole> roleSet = new HashSet<>();
    roleSet.add(new JaxbRole("ROLE_NOT_ADMIN", organization, ""));
    User user = new JaxbUser("testuser", "test", organization, roleSet);
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.replay(securityService);
    service.setSecurityService(securityService);
    // Ensure we can no longer see the agent, since we don't have an administrative role
    assertEquals(0, service.getKnownAgents().size());
// TODO: Do we need to enforce access strictly? If someone asks for an agent by name, but they do not have the
// appropriate scheduler role, should we throw UnauthorizedException?
}
Also used : JaxbRole(org.opencastproject.security.api.JaxbRole) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) SecurityService(org.opencastproject.security.api.SecurityService) JaxbUser(org.opencastproject.security.api.JaxbUser) HashSet(java.util.HashSet) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Aggregations

DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)88 SecurityService (org.opencastproject.security.api.SecurityService)62 Before (org.junit.Before)47 JaxbUser (org.opencastproject.security.api.JaxbUser)45 JaxbRole (org.opencastproject.security.api.JaxbRole)39 User (org.opencastproject.security.api.User)38 Organization (org.opencastproject.security.api.Organization)31 OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)29 UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)26 Test (org.junit.Test)24 Workspace (org.opencastproject.workspace.api.Workspace)23 HashSet (java.util.HashSet)21 ArrayList (java.util.ArrayList)20 MediaPackage (org.opencastproject.mediapackage.MediaPackage)18 File (java.io.File)17 ServiceRegistryInMemoryImpl (org.opencastproject.serviceregistry.api.ServiceRegistryInMemoryImpl)17 IOException (java.io.IOException)16 MessageSender (org.opencastproject.message.broker.api.MessageSender)15 InputStream (java.io.InputStream)14 AuthorizationService (org.opencastproject.security.api.AuthorizationService)13