Search in sources :

Example 26 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProviderTest method testRolesForUser.

@Test
public void testRolesForUser() throws UnauthorizedException {
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_109_SPRING_2012_STUDENT", org1));
    Set<String> members = new HashSet<String>();
    members.add("admin");
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
    provider.addGroup(group);
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_122_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_124_SPRING_2012_STUDENT", org1));
    JpaGroup group2 = new JpaGroup("test2", org1, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group2);
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_134_SPRING_2011_STUDENT", org2));
    authorities.add(new JpaRole("ROLE_ASTRO_144_SPRING_2012_STUDENT", org2));
    JpaGroup group3 = new JpaGroup("test2", org2, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group3);
    List<Role> rolesForUser = provider.getRolesForUser("admin");
    Assert.assertEquals("There should be four roles", 6, rolesForUser.size());
    rolesForUser.contains(new JpaRole(group.getRole(), org1));
    rolesForUser.contains(new JpaRole(group2.getRole(), org1));
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) Role(org.opencastproject.security.api.Role) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 27 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProviderTest method testRemoveGroupNotAllowedAsNonAdminUser.

@Test
public void testRemoveGroupNotAllowedAsNonAdminUser() throws UnauthorizedException {
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
    try {
        provider.addGroup(group);
        Group loadGroup = provider.loadGroup(group.getGroupId(), group.getOrganization().getId());
        assertNotNull(loadGroup);
        assertEquals(group.getGroupId(), loadGroup.getGroupId());
    } catch (Exception e) {
        fail("The group should be added");
    }
    JpaUser user = new JpaUser("user", "pass1", org1, "User", "user@localhost", "opencast", true, Collections.set(new JpaRole("ROLE_USER", org1)));
    // Set the security sevice
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
    EasyMock.replay(securityService);
    provider.setSecurityService(securityService);
    Response removeGroupResponse = provider.removeGroup(group.getGroupId());
    assertNotNull(removeGroupResponse);
    assertEquals(HttpStatus.SC_FORBIDDEN, removeGroupResponse.getStatus());
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) Response(javax.ws.rs.core.Response) JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) Group(org.opencastproject.security.api.Group) SecurityService(org.opencastproject.security.api.SecurityService) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) JpaUser(org.opencastproject.security.impl.jpa.JpaUser) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) Test(org.junit.Test)

Example 28 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProviderTest method testAddAndGetGroup.

@Test
public void testAddAndGetGroup() throws Exception {
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    Set<String> members = new HashSet<String>();
    members.add("admin");
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
    provider.addGroup(group);
    Group loadGroup = provider.loadGroup("test", org1.getId());
    Assert.assertNotNull(loadGroup);
    Assert.assertEquals(loadGroup.getGroupId(), loadGroup.getGroupId());
    Assert.assertEquals(loadGroup.getName(), loadGroup.getName());
    Assert.assertEquals(loadGroup.getDescription(), loadGroup.getDescription());
    Assert.assertEquals(loadGroup.getOrganization(), loadGroup.getOrganization());
    Assert.assertEquals(loadGroup.getRole(), loadGroup.getRole());
    Assert.assertEquals(loadGroup.getRoles(), loadGroup.getRoles());
    Assert.assertEquals(loadGroup.getMembers(), loadGroup.getMembers());
    Assert.assertNull("Loading 'does not exist' should return null", provider.loadGroup("does not exist", org1.getId()));
    Assert.assertNull("Loading 'does not exist' should return null", provider.loadGroup("user1", org2.getId()));
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) Group(org.opencastproject.security.api.Group) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 29 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProviderTest method testFindRoles.

@Test
public void testFindRoles() throws UnauthorizedException {
    // findRoles() should return a role per group, not the included roles for each group
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_109_SPRING_2012_STUDENT", org1));
    Set<String> members = new HashSet<String>();
    members.add("admin");
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
    provider.addGroup(group);
    Role role = provider.findRoles("%test%", Role.Target.ALL, 0, 0).next();
    Assert.assertEquals("ROLE_GROUP_TEST", role.getName());
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_122_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_124_SPRING_2012_STUDENT", org1));
    JpaGroup group2 = new JpaGroup("test2", org1, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group2);
    authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_134_SPRING_2011_STUDENT", org2));
    authorities.add(new JpaRole("ROLE_ASTRO_144_SPRING_2012_STUDENT", org2));
    JpaGroup group3 = new JpaGroup("test2", org2, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group3);
    Assert.assertEquals(0, IteratorUtils.toList(provider.findRoles("%PrIn%", Role.Target.ALL, 0, 0)).size());
    Assert.assertEquals(0, IteratorUtils.toList(provider.findRoles("%PrIn%", Role.Target.ALL, 0, 1)).size());
    Assert.assertEquals(2, IteratorUtils.toList(provider.findRoles("%test%", Role.Target.ALL, 0, 2)).size());
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) Role(org.opencastproject.security.api.Role) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 30 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProviderTest method testAddGroupNotAllowedAsNonAdminUser.

@Test(expected = UnauthorizedException.class)
public void testAddGroupNotAllowedAsNonAdminUser() throws UnauthorizedException {
    JpaUser user = new JpaUser("user", "pass1", org1, "User", "user@localhost", "opencast", true, Collections.set(new JpaRole("ROLE_USER", org1)));
    // Set the security sevice
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
    EasyMock.replay(securityService);
    provider.setSecurityService(securityService);
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
    provider.addGroup(group);
    fail("The group with admin role should not be created by an non admin user");
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) SecurityService(org.opencastproject.security.api.SecurityService) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) JpaUser(org.opencastproject.security.impl.jpa.JpaUser) Test(org.junit.Test)

Aggregations

JpaRole (org.opencastproject.security.impl.jpa.JpaRole)37 HashSet (java.util.HashSet)18 UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)18 JpaUser (org.opencastproject.security.impl.jpa.JpaUser)18 Test (org.junit.Test)16 JpaOrganization (org.opencastproject.security.impl.jpa.JpaOrganization)14 JpaGroup (org.opencastproject.security.impl.jpa.JpaGroup)12 NotFoundException (org.opencastproject.util.NotFoundException)11 Role (org.opencastproject.security.api.Role)9 Path (javax.ws.rs.Path)6 RestQuery (org.opencastproject.util.doc.rest.RestQuery)6 EntityManager (javax.persistence.EntityManager)5 EntityTransaction (javax.persistence.EntityTransaction)4 Group (org.opencastproject.security.api.Group)4 SecurityService (org.opencastproject.security.api.SecurityService)4 User (org.opencastproject.security.api.User)4 Date (java.util.Date)3 POST (javax.ws.rs.POST)3 PUT (javax.ws.rs.PUT)3 JSONArray (org.json.simple.JSONArray)3