use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class SpringSecurityLoginModuleTest method testExceptions.
@Test
public void testExceptions() throws Exception {
// clear any authentication
SecurityContextHolder.getContext().setAuthentication(null);
Subject subject = new Subject();
TestCallbackHandler testCallbackHandler = new TestCallbackHandler("joe");
SpringSecurityLoginModule loginModule = new SpringSecurityLoginModule();
AuthenticationManager authenticationManager = mock(AuthenticationManager.class);
IUserRoleListService userRoleListService = mock(IUserRoleListService.class);
IAuthorizationPolicy authorizationPolicy = mock(IAuthorizationPolicy.class);
Authentication authentication = mock(Authentication.class);
Collection authorities = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("Administrator") });
Authentication authentication2 = mock(Authentication.class);
Collection authorities2 = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("ceo") });
PentahoSystem.registerObject(userRoleListService, IUserRoleListService.class);
when(authorizationPolicy.isAllowed(AdministerSecurityAction.NAME)).thenReturn(true).thenReturn(true).thenReturn(false);
when(authentication.getAuthorities()).thenReturn(authorities);
when(authentication.getName()).thenReturn("joe");
when(authentication.isAuthenticated()).thenReturn(true);
when(authentication2.getAuthorities()).thenReturn(authorities2);
when(authentication2.getName()).thenReturn("pat");
when(authentication2.isAuthenticated()).thenReturn(true);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("joe")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("pat")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("suzy")))).thenThrow(new UsernameNotFoundException("Error"));
when(userRoleListService.getRolesForUser(null, "joe")).thenReturn(Arrays.<String>asList("Authenticated", "Administrator"));
when(userRoleListService.getRolesForUser(null, "pat")).thenReturn(Arrays.<String>asList("Authenticated", "ceo"));
loginModule.setAuthenticationManager(authenticationManager);
loginModule.setAuthorizationPolicy(authorizationPolicy);
// test a successful run
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.login();
loginModule.commit();
verify(authenticationManager).authenticate(argThat(new AuthenticationManagerMatcher("joe")));
assertEquals(4, subject.getPrincipals().size());
subject.getPrincipals().toArray()[3].equals("karaf_admin");
// now test exceptions
// Test with Authentication bound to thread
testCallbackHandler = new TestCallbackHandler("ioe");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown IOException");
} catch (LoginException ioe) {
/* No-op */
}
// UnsupportedCallbackException thrown by underlying system
testCallbackHandler = new TestCallbackHandler("unsupported");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown UnsupportedCallbackException");
} catch (LoginException ioe) {
/* No-op */
}
SecurityContextHolder.getContext().setAuthentication(null);
// IOException thrown by underlying system
testCallbackHandler = new TestCallbackHandler("ioe");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown IOException");
} catch (LoginException ioe) {
/* No-op */
}
testCallbackHandler = new TestCallbackHandler("unsupported");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown UnsupportedCallbackException");
} catch (LoginException ioe) {
/* No-op */
}
}
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class SpringSecurityLoginModuleTest method testLogin.
@Test
public void testLogin() throws Exception {
// instances and mocks
Subject subject = new Subject();
TestCallbackHandler testCallbackHandler = new TestCallbackHandler("joe");
SpringSecurityLoginModule loginModule = new SpringSecurityLoginModule();
AuthenticationManager authenticationManager = mock(AuthenticationManager.class);
IUserRoleListService userRoleListService = mock(IUserRoleListService.class);
IAuthorizationPolicy authorizationPolicy = mock(IAuthorizationPolicy.class);
Authentication authentication = mock(Authentication.class);
Collection authorities = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("Administrator") });
Authentication authentication2 = mock(Authentication.class);
Collection authorities2 = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("ceo") });
//
PentahoSystem.registerObject(userRoleListService, IUserRoleListService.class);
when(authorizationPolicy.isAllowed(AdministerSecurityAction.NAME)).thenReturn(true).thenReturn(true).thenReturn(false);
when(authentication.getAuthorities()).thenReturn(authorities);
when(authentication.getName()).thenReturn("joe");
when(authentication.isAuthenticated()).thenReturn(true);
when(authentication2.getAuthorities()).thenReturn(authorities2);
when(authentication2.getName()).thenReturn("pat");
when(authentication2.isAuthenticated()).thenReturn(true);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("joe")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("pat")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("suzy")))).thenThrow(new UsernameNotFoundException("Error"));
when(userRoleListService.getRolesForUser(null, "joe")).thenReturn(Arrays.<String>asList("Authenticated", "Administrator"));
when(userRoleListService.getRolesForUser(null, "pat")).thenReturn(Arrays.<String>asList("Authenticated", "ceo"));
loginModule.setAuthenticationManager(authenticationManager);
loginModule.setAuthorizationPolicy(authorizationPolicy);
// start tests
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.login();
loginModule.commit();
// joe should get the extra karaf_admin role
verify(authenticationManager).authenticate(argThat(new AuthenticationManagerMatcher("joe")));
assertEquals(4, subject.getPrincipals().size());
subject.getPrincipals().toArray()[3].equals("karaf_admin");
loginModule.logout();
assertEquals(0, subject.getPrincipals().size());
loginModule.login();
loginModule.commit();
assertEquals(4, subject.getPrincipals().size());
// Suzy is not found
testCallbackHandler = new TestCallbackHandler("suzy");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown a UsernameNotFoundException exception");
} catch (LoginException ex) {
/* No-op */
}
// pat is found, but not an admin
testCallbackHandler = new TestCallbackHandler("pat");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.logout();
loginModule.login();
loginModule.commit();
assertEquals(3, subject.getPrincipals().size());
assertTrue(loginModule.abort());
}
use of org.pentaho.platform.api.engine.IUserRoleListService in project data-access by pentaho.
the class DatasourceResourceIT method setUp.
@BeforeClass
public static void setUp() throws Exception {
// $NON-NLS-1$ //$NON-NLS-2$
System.setProperty("org.osjava.sj.root", "target/test-classes/solution1/system/simple-jndi");
mp = new MicroPlatform("target/test-classes/solution1");
IAuthorizationPolicy mockAuthorizationPolicy = mock(IAuthorizationPolicy.class);
when(mockAuthorizationPolicy.isAllowed(anyString())).thenReturn(true);
IUserRoleListService mockUserRoleListService = mock(IUserRoleListService.class);
IDataAccessPermissionHandler mockDataAccessPermHandler = mock(IDataAccessPermissionHandler.class);
when(mockDataAccessPermHandler.hasDataAccessPermission(any(IPentahoSession.class))).thenReturn(true);
mp.define(ISolutionEngine.class, SolutionEngine.class, IPentahoDefinableObjectFactory.Scope.GLOBAL);
mp.define(IUnifiedRepository.class, TestFileSystemBackedUnifiedRepository.class, IPentahoDefinableObjectFactory.Scope.GLOBAL);
mp.define(IMondrianCatalogService.class, MondrianCatalogHelper.class, IPentahoDefinableObjectFactory.Scope.GLOBAL);
mp.define("connection-SQL", SQLConnection.class);
mp.define("connection-MDX", MDXConnection.class);
mp.define("connection-MDXOlap4j", MDXOlap4jConnection.class);
mp.define(IDBDatasourceService.class, JndiDatasourceService.class, IPentahoDefinableObjectFactory.Scope.GLOBAL);
mp.define(MDXConnection.MDX_CONNECTION_MAPPER_KEY, MondrianOneToOneUserRoleListMapper.class, IPentahoDefinableObjectFactory.Scope.GLOBAL);
mp.define(IDatasourceMgmtService.class, MockDatasourceMgmtService.class);
mp.define(IClientRepositoryPathsStrategy.class, MockClientRepositoryPathsStrategy.class);
mp.define(ISecurityHelper.class, MockSecurityHelper.class);
mp.define(UserDetailsService.class, MockUserDetailService.class);
mp.define("singleTenantAdminUserName", "admin");
mp.defineInstance(IMetadataDomainRepository.class, createMetadataDomainRepository());
mp.defineInstance(IAuthorizationPolicy.class, mockAuthorizationPolicy);
mp.defineInstance(IPluginResourceLoader.class, new PluginResourceLoader() {
protected PluginClassLoader getOverrideClassloader() {
return new PluginClassLoader(new File(".", "target/test-classes/solution1/system/simple-jndi"), this);
}
});
mp.defineInstance(IUserRoleListService.class, mockUserRoleListService);
mp.defineInstance(IDataAccessPermissionHandler.class, mockDataAccessPermHandler);
mp.setSettingsProvider(new SystemSettings());
mp.start();
PentahoSessionHolder.setStrategyName(PentahoSessionHolder.MODE_GLOBAL);
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
}
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class CachingUserRoleListServiceDecoratorTest method testGetAllRoles1.
@Test
public void testGetAllRoles1() throws Exception {
IUserRoleListService mockService = mock(IUserRoleListService.class);
when(mockService.getAllRoles(tenant)).thenReturn(Arrays.asList("foo", "bar"));
CachingUserRoleListServiceDecorator decorator = new CachingUserRoleListServiceDecorator(mockService);
List<String> allRoles = decorator.getAllRoles(tenant);
assertArrayEquals("does not match", new String[] { "foo", "bar" }, allRoles.toArray());
// second call should be from cache
allRoles = decorator.getAllRoles(tenant);
assertArrayEquals("does not match", new String[] { "foo", "bar" }, allRoles.toArray());
verify(mockService, times(1)).getAllRoles(tenant);
}
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class CachingUserRoleListServiceDecoratorTest method testGetAllUsers.
@Test
public void testGetAllUsers() throws Exception {
IUserRoleListService mockService = mock(IUserRoleListService.class);
when(mockService.getAllUsers()).thenReturn(Arrays.asList("foo", "bar"));
CachingUserRoleListServiceDecorator decorator = new CachingUserRoleListServiceDecorator(mockService);
List<String> allRoles = decorator.getAllUsers();
assertArrayEquals("does not match", new String[] { "foo", "bar" }, allRoles.toArray());
// second call should be from cache
allRoles = decorator.getAllUsers();
assertArrayEquals("does not match", new String[] { "foo", "bar" }, allRoles.toArray());
verify(mockService, times(1)).getAllUsers();
}
Aggregations