use of org.osgi.service.useradmin.Group in project felix by apache.
the class MongoSerializerHelper method serialize.
/**
* Serializes the given {@link Role} to a {@link DBObject} instance.
*
* @param role the {@link Role} to serialize, cannot be <code>null</code> (unchecked!).
* @return a {@link DBObject} representing the given {@link Role}, never <code>null</code>.
*/
public DBObject serialize(Role role) {
BasicDBObject data = new BasicDBObject();
int type = role.getType();
data.put(TYPE, type);
data.put(NAME, role.getName());
data.put(PROPERTIES, serializeDictionary(role.getProperties()));
if ((Role.GROUP == type) || (Role.USER == type)) {
data.put(CREDENTIALS, serializeDictionary(((User) role).getCredentials()));
if (Role.GROUP == type) {
data.put(MEMBERS, getRoleNames(((Group) role).getMembers()));
data.put(REQUIRED_MEMBERS, getRoleNames(((Group) role).getRequiredMembers()));
}
}
return data;
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class RoleChecker method isGroupImpliedBy.
/**
* Verifies whether the given group is implied by the given role.
*
* @param group the group to check, cannot be <code>null</code>;
* @param impliedRole the implied role to check for, cannot be <code>null</code>;
* @param seenGroups a list of all seen groups, used for detecting cycles in groups, cannot be <code>null</code>.
* @return <code>true</code> if the given group has the implied role, <code>false</code> otherwise.
*/
private boolean isGroupImpliedBy(Group group, Role impliedRole, List seenGroups) {
Role[] basicRoles = group.getMembers();
Role[] requiredRoles = group.getRequiredMembers();
boolean isImplied = true;
// Check whether all required roles are implied...
for (int i = 0; (requiredRoles != null) && isImplied && (i < requiredRoles.length); i++) {
Role requiredRole = requiredRoles[i];
if (seenGroups.contains(requiredRole)) {
// Found a cycle between groups; always yield false!
return false;
}
if (requiredRole instanceof Group) {
seenGroups.add(requiredRole);
isImplied = isGroupImpliedBy((Group) requiredRole, impliedRole, seenGroups);
} else /* if ((requiredRole instanceof User) || (requiredRole instanceof Role)) */
{
isImplied = isRoleImpliedBy(requiredRole, impliedRole);
}
}
// Required role is not implied by the given role; we can stop now...
if (!isImplied) {
return false;
}
// Ok; all required roles are implied, let's verify whether a least one basic role is implied...
isImplied = false;
// Check whether at least one basic role is implied...
for (int i = 0; (basicRoles != null) && !isImplied && (i < basicRoles.length); i++) {
Role basicRole = (Role) basicRoles[i];
if (seenGroups.contains(basicRole)) {
// Found a cycle between groups; always yield false!
return false;
}
if (basicRole instanceof Group) {
seenGroups.add(basicRole);
isImplied = isGroupImpliedBy((Group) basicRole, impliedRole, seenGroups);
} else /* if ((basicRole instanceof User) || (basicRole instanceof Role)) */
{
isImplied = isRoleImpliedBy(basicRole, impliedRole);
}
}
return isImplied;
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class AuthorizationImplTest method testHasRoleOk.
/**
* Test that the tests for membership work correctly.
*/
public void testHasRoleOk() {
Group citizens = createGroup("citizen");
citizens.addRequiredMember(m_anyone);
Group adults = createGroup("adult");
adults.addRequiredMember(m_anyone);
Group voters = createGroup("voter");
voters.addRequiredMember(citizens);
voters.addRequiredMember(adults);
voters.addMember(m_anyone);
// Elmer belongs to the citizens and adults...
User elmer = createUser("elmer");
citizens.addMember(elmer);
adults.addMember(elmer);
// Pepe belongs to the citizens, but is not an adult...
User pepe = createUser("pepe");
citizens.addMember(pepe);
// Bugs is an adult, but is not a citizen...
User bugs = createUser("bugs");
adults.addMember(bugs);
// Daffy is not an adult, neither a citizen...
User daffy = createUser("daffy");
AuthorizationImpl auth;
auth = new AuthorizationImpl(elmer, m_roleRepository);
assertTrue(auth.hasRole("adult"));
assertTrue(auth.hasRole("citizen"));
assertTrue(auth.hasRole("voter"));
assertFalse(auth.hasRole("non-existing-role"));
auth = new AuthorizationImpl(pepe, m_roleRepository);
assertFalse(auth.hasRole("adult"));
assertTrue(auth.hasRole("citizen"));
assertFalse(auth.hasRole("voter"));
assertFalse(auth.hasRole("non-existing-role"));
auth = new AuthorizationImpl(bugs, m_roleRepository);
assertTrue(auth.hasRole("adult"));
assertFalse(auth.hasRole("citizen"));
assertFalse(auth.hasRole("voter"));
assertFalse(auth.hasRole("non-existing-role"));
auth = new AuthorizationImpl(daffy, m_roleRepository);
assertFalse(auth.hasRole("adult"));
assertFalse(auth.hasRole("citizen"));
assertFalse(auth.hasRole("voter"));
assertFalse(auth.hasRole("non-existing-role"));
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class AuthorizationImplTest method testGetRolesOk.
/**
* Test that the tests for membership work correctly.
*/
public void testGetRolesOk() {
Group citizens = createGroup("citizen");
citizens.addRequiredMember(m_anyone);
Group adults = createGroup("adult");
adults.addRequiredMember(m_anyone);
Group voters = createGroup("voter");
voters.addRequiredMember(citizens);
voters.addRequiredMember(adults);
voters.addMember(m_anyone);
// Elmer belongs to the citizens and adults...
User elmer = createUser("elmer");
citizens.addMember(elmer);
adults.addMember(elmer);
// Pepe belongs to the citizens, but is not an adult...
User pepe = createUser("pepe");
citizens.addMember(pepe);
// Bugs is an adult, but is not a citizen...
User bugs = createUser("bugs");
adults.addMember(bugs);
// Daffy is not an adult, neither a citizen...
User daffy = createUser("daffy");
// Donald is not an adult, neither a citizen...
User donald = RoleFactory.createUser("donald");
AuthorizationImpl auth;
auth = new AuthorizationImpl(elmer, m_roleRepository);
assertSameRoles(new String[] { "elmer", "adult", "citizen", "voter" }, auth.getRoles());
auth = new AuthorizationImpl(pepe, m_roleRepository);
assertSameRoles(new String[] { "pepe", "citizen" }, auth.getRoles());
auth = new AuthorizationImpl(bugs, m_roleRepository);
assertSameRoles(new String[] { "bugs", "adult" }, auth.getRoles());
auth = new AuthorizationImpl(daffy, m_roleRepository);
assertSameRoles(new String[] { "daffy" }, auth.getRoles());
auth = new AuthorizationImpl(donald, m_roleRepository);
assertNull(auth.getRoles());
}
use of org.osgi.service.useradmin.Group in project felix by apache.
the class CustomRoleImplTest method testAddBasicGroupMemberYieldsEvent.
/**
* Tests that adding a basic member to a group-role yields an event.
*/
public void testAddBasicGroupMemberYieldsEvent() throws Exception {
final Group role = (Group) m_repository.addRole("testGroup", Role.GROUP);
assertNotNull(role);
m_latch = new CountDownLatch(1);
new Thread(new Runnable() {
public void run() {
Role anyone = m_repository.getRoleByName(Role.USER_ANYONE);
assertTrue(role.addMember(anyone));
}
}).start();
assertTrue(m_latch.await(1, TimeUnit.SECONDS));
}
Aggregations