use of org.osgi.service.useradmin.Group in project felix by apache.
the class RoleRepository method removeRoleFromAllGroups.
/**
* Removes a given role as (required)member from any groups it is member of.
*
* @param removedRole the role that is removed from the store already, cannot be <code>null</code>.
* @throws BackendException in case of problems accessing the store.
*/
private void removeRoleFromAllGroups(Role removedRole) {
try {
Role[] roles = m_store.getRoles(null);
for (int i = 0; i < roles.length; i++) {
if (roles[i].getType() == Role.GROUP) {
Group group = (Group) roles[i];
// Don't check whether the given role is actually a member
// of the group, but let the group itself figure this out...
group.removeMember(removedRole);
}
}
} catch (Exception e) {
throw new BackendException("Failed to get all roles!", e);
}
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class AuthorizationImplTest method testAuthorizationExampleOk.
/**
* Test for example presented in section 107.3.2 of OSGi compendium v4.2.
*/
public void testAuthorizationExampleOk() {
// Action groups...
Group alarmSystemControl = createGroup("AlarmSystemControl");
Group internetAccess = createGroup("InternetAccess");
Group temperatureControl = createGroup("TemperatureControl");
Group photoAlbumEdit = createGroup("PhotoAlbumEdit");
Group photoAlbumView = createGroup("PhotoAlbumView");
Group portForwarding = createGroup("PortForwarding");
// System user groups...
Group administrators = createGroup("Administrators");
Group buddies = createGroup("Buddies");
Group children = createGroup("Children");
Group adults = createGroup("Adults");
Group residents = createGroup("Residents");
// Users
User elmer = RoleFactory.createUser("Elmer");
User fudd = RoleFactory.createUser("Fudd");
User marvin = RoleFactory.createUser("Marvin");
User pepe = RoleFactory.createUser("Pepe");
User daffy = RoleFactory.createUser("Daffy");
User foghorn = RoleFactory.createUser("Foghorn");
// Not explicitly mentioned; but needed to comply with the semantics
alarmSystemControl.addRequiredMember(m_anyone);
internetAccess.addRequiredMember(m_anyone);
temperatureControl.addRequiredMember(m_anyone);
photoAlbumEdit.addRequiredMember(m_anyone);
photoAlbumView.addRequiredMember(m_anyone);
portForwarding.addRequiredMember(m_anyone);
administrators.addRequiredMember(m_anyone);
buddies.addRequiredMember(m_anyone);
children.addRequiredMember(m_anyone);
adults.addRequiredMember(m_anyone);
residents.addRequiredMember(m_anyone);
// Table 107.1
residents.addMember(elmer);
residents.addMember(fudd);
residents.addMember(marvin);
residents.addMember(pepe);
buddies.addMember(daffy);
buddies.addMember(foghorn);
children.addMember(marvin);
children.addMember(pepe);
adults.addMember(elmer);
adults.addMember(fudd);
administrators.addMember(elmer);
// Table 107.2
alarmSystemControl.addMember(residents);
alarmSystemControl.addRequiredMember(administrators);
internetAccess.addMember(residents);
internetAccess.addRequiredMember(adults);
temperatureControl.addMember(residents);
temperatureControl.addRequiredMember(adults);
photoAlbumEdit.addMember(residents);
photoAlbumEdit.addMember(children);
photoAlbumEdit.addMember(adults);
photoAlbumView.addMember(residents);
photoAlbumView.addMember(buddies);
portForwarding.addMember(residents);
portForwarding.addRequiredMember(administrators);
// Test with the user "foghorn"...
AuthorizationImpl auth = new AuthorizationImpl(foghorn, m_roleRepository);
assertFalse(auth.hasRole(alarmSystemControl.getName()));
assertFalse(auth.hasRole(internetAccess.getName()));
assertFalse(auth.hasRole(temperatureControl.getName()));
assertFalse(auth.hasRole(photoAlbumEdit.getName()));
assertTrue(auth.hasRole(photoAlbumView.getName()));
assertFalse(auth.hasRole(portForwarding.getName()));
// Test with the user "fudd"...
auth = new AuthorizationImpl(fudd, m_roleRepository);
assertFalse(auth.hasRole(alarmSystemControl.getName()));
assertTrue(auth.hasRole(internetAccess.getName()));
assertTrue(auth.hasRole(temperatureControl.getName()));
assertTrue(auth.hasRole(photoAlbumEdit.getName()));
assertTrue(auth.hasRole(photoAlbumView.getName()));
assertFalse(auth.hasRole(portForwarding.getName()));
// Test with the user "elmer"...
auth = new AuthorizationImpl(elmer, m_roleRepository);
assertTrue(auth.hasRole(alarmSystemControl.getName()));
assertTrue(auth.hasRole(internetAccess.getName()));
assertTrue(auth.hasRole(temperatureControl.getName()));
assertTrue(auth.hasRole(photoAlbumEdit.getName()));
assertTrue(auth.hasRole(photoAlbumView.getName()));
assertTrue(auth.hasRole(portForwarding.getName()));
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class CustomRoleImplTest method testAddRequiredGroupMemberYieldsEvent.
/**
* Tests that adding a required member to a group-role yields an event.
*/
public void testAddRequiredGroupMemberYieldsEvent() throws Exception {
final Group role = (Group) m_repository.addRole("testGroup", Role.GROUP);
assertNotNull(role);
m_latch = new CountDownLatch(1);
new Thread(new Runnable() {
public void run() {
Role anyone = m_repository.getRoleByName(Role.USER_ANYONE);
assertTrue(role.addRequiredMember(anyone));
}
}).start();
assertTrue(m_latch.await(100, TimeUnit.SECONDS));
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class RoleCheckerTest method testVotersRequiredMembersOk.
/**
* Test that a membership can be implied for users belonging to multiple non-required groups.
*/
public void testVotersRequiredMembersOk() {
Group citizens = RoleFactory.createGroup("citizen");
citizens.addRequiredMember(m_anyone);
Group adults = RoleFactory.createGroup("adult");
adults.addRequiredMember(m_anyone);
Group voters = RoleFactory.createGroup("voter");
voters.addRequiredMember(citizens);
voters.addRequiredMember(adults);
voters.addMember(m_anyone);
// Elmer belongs to the citizens and adults...
User elmer = RoleFactory.createUser("elmer");
citizens.addMember(elmer);
adults.addMember(elmer);
// Pepe belongs to the citizens, but is not an adult...
User pepe = RoleFactory.createUser("pepe");
citizens.addMember(pepe);
// Bugs is an adult, but is not a citizen...
User bugs = RoleFactory.createUser("bugs");
adults.addMember(bugs);
// Daffy is not an adult, neither a citizen...
User daffy = RoleFactory.createUser("daffy");
assertTrue(m_roleChecker.isImpliedBy(voters, elmer));
assertFalse(m_roleChecker.isImpliedBy(voters, pepe));
assertFalse(m_roleChecker.isImpliedBy(voters, bugs));
assertFalse(m_roleChecker.isImpliedBy(voters, daffy));
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class RoleCheckerTest method testGroupDoesNotImplySameRequiredGroup.
/**
* Test that a group does never imply a group to which it is a required member.
*/
public void testGroupDoesNotImplySameRequiredGroup() {
User user = RoleFactory.createUser("foo");
Group group = RoleFactory.createGroup("bar");
group.addRequiredMember(group);
group.addMember(user);
assertFalse(m_roleChecker.isImpliedBy(group, group));
}
Aggregations