Example 6 with IUserRoleListService
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class CompositeUserRoleListServiceTest method testGetAllUsers3.
/**
* Tests that if the sources lists are empty/null we still get back an empty list
*/
@Test
public void testGetAllUsers3() throws Exception {
IUserRoleListService badService = mock(IUserRoleListService.class);
CompositeUserRoleListService badCompositeService = new CompositeUserRoleListService(Arrays.asList(badService, badService));
List<String> allUsers = badCompositeService.getAllUsers(null);
assertNotNull(allUsers);
assertTrue(allUsers instanceof List);
assertEquals(0, allUsers.size());
}
Also used :
List(java.util.List)
IUserRoleListService(org.pentaho.platform.api.engine.IUserRoleListService)
Test(org.junit.Test)
Example 7 with IUserRoleListService
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class SpringSecurityLoginModuleTest method testExceptions.
@Test
public void testExceptions() throws Exception {
// clear any authentication
SecurityContextHolder.getContext().setAuthentication(null);
Subject subject = new Subject();
TestCallbackHandler testCallbackHandler = new TestCallbackHandler("joe");
SpringSecurityLoginModule loginModule = new SpringSecurityLoginModule();
AuthenticationManager authenticationManager = mock(AuthenticationManager.class);
IUserRoleListService userRoleListService = mock(IUserRoleListService.class);
IAuthorizationPolicy authorizationPolicy = mock(IAuthorizationPolicy.class);
Authentication authentication = mock(Authentication.class);
Collection authorities = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("Administrator") });
Authentication authentication2 = mock(Authentication.class);
Collection authorities2 = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("ceo") });
PentahoSystem.registerObject(userRoleListService, IUserRoleListService.class);
when(authorizationPolicy.isAllowed(AdministerSecurityAction.NAME)).thenReturn(true).thenReturn(true).thenReturn(false);
when(authentication.getAuthorities()).thenReturn(authorities);
when(authentication.getName()).thenReturn("joe");
when(authentication.isAuthenticated()).thenReturn(true);
when(authentication2.getAuthorities()).thenReturn(authorities2);
when(authentication2.getName()).thenReturn("pat");
when(authentication2.isAuthenticated()).thenReturn(true);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("joe")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("pat")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("suzy")))).thenThrow(new UsernameNotFoundException("Error"));
when(userRoleListService.getRolesForUser(null, "joe")).thenReturn(Arrays.<String>asList("Authenticated", "Administrator"));
when(userRoleListService.getRolesForUser(null, "pat")).thenReturn(Arrays.<String>asList("Authenticated", "ceo"));
loginModule.setAuthenticationManager(authenticationManager);
loginModule.setAuthorizationPolicy(authorizationPolicy);
// test a successful run
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.login();
loginModule.commit();
verify(authenticationManager).authenticate(argThat(new AuthenticationManagerMatcher("joe")));
assertEquals(4, subject.getPrincipals().size());
subject.getPrincipals().toArray()[3].equals("karaf_admin");
// now test exceptions
// Test with Authentication bound to thread
testCallbackHandler = new TestCallbackHandler("ioe");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown IOException");
} catch (LoginException ioe) {
/* No-op */
}
// UnsupportedCallbackException thrown by underlying system
testCallbackHandler = new TestCallbackHandler("unsupported");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown UnsupportedCallbackException");
} catch (LoginException ioe) {
/* No-op */
}
SecurityContextHolder.getContext().setAuthentication(null);
// IOException thrown by underlying system
testCallbackHandler = new TestCallbackHandler("ioe");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown IOException");
} catch (LoginException ioe) {
/* No-op */
}
testCallbackHandler = new TestCallbackHandler("unsupported");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown UnsupportedCallbackException");
} catch (LoginException ioe) {
/* No-op */
}
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
IAuthorizationPolicy(org.pentaho.platform.api.engine.IAuthorizationPolicy)
Authentication(org.springframework.security.core.Authentication)
Collection(java.util.Collection)
LoginException(javax.security.auth.login.LoginException)
IUserRoleListService(org.pentaho.platform.api.engine.IUserRoleListService)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Example 8 with IUserRoleListService
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class SpringSecurityLoginModuleTest method testLogin.
@Test
public void testLogin() throws Exception {
// instances and mocks
Subject subject = new Subject();
TestCallbackHandler testCallbackHandler = new TestCallbackHandler("joe");
SpringSecurityLoginModule loginModule = new SpringSecurityLoginModule();
AuthenticationManager authenticationManager = mock(AuthenticationManager.class);
IUserRoleListService userRoleListService = mock(IUserRoleListService.class);
IAuthorizationPolicy authorizationPolicy = mock(IAuthorizationPolicy.class);
Authentication authentication = mock(Authentication.class);
Collection authorities = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("Administrator") });
Authentication authentication2 = mock(Authentication.class);
Collection authorities2 = Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("Authenticated"), new SimpleGrantedAuthority("ceo") });
//
PentahoSystem.registerObject(userRoleListService, IUserRoleListService.class);
when(authorizationPolicy.isAllowed(AdministerSecurityAction.NAME)).thenReturn(true).thenReturn(true).thenReturn(false);
when(authentication.getAuthorities()).thenReturn(authorities);
when(authentication.getName()).thenReturn("joe");
when(authentication.isAuthenticated()).thenReturn(true);
when(authentication2.getAuthorities()).thenReturn(authorities2);
when(authentication2.getName()).thenReturn("pat");
when(authentication2.isAuthenticated()).thenReturn(true);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("joe")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("pat")))).thenReturn(authentication);
when(authenticationManager.authenticate(argThat(new AuthenticationManagerMatcher("suzy")))).thenThrow(new UsernameNotFoundException("Error"));
when(userRoleListService.getRolesForUser(null, "joe")).thenReturn(Arrays.<String>asList("Authenticated", "Administrator"));
when(userRoleListService.getRolesForUser(null, "pat")).thenReturn(Arrays.<String>asList("Authenticated", "ceo"));
loginModule.setAuthenticationManager(authenticationManager);
loginModule.setAuthorizationPolicy(authorizationPolicy);
// start tests
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.login();
loginModule.commit();
// joe should get the extra karaf_admin role
verify(authenticationManager).authenticate(argThat(new AuthenticationManagerMatcher("joe")));
assertEquals(4, subject.getPrincipals().size());
subject.getPrincipals().toArray()[3].equals("karaf_admin");
loginModule.logout();
assertEquals(0, subject.getPrincipals().size());
loginModule.login();
loginModule.commit();
assertEquals(4, subject.getPrincipals().size());
// Suzy is not found
testCallbackHandler = new TestCallbackHandler("suzy");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
try {
loginModule.login();
fail("Should have thrown a UsernameNotFoundException exception");
} catch (LoginException ex) {
/* No-op */
}
// pat is found, but not an admin
testCallbackHandler = new TestCallbackHandler("pat");
loginModule.initialize(subject, testCallbackHandler, Collections.emptyMap(), Collections.emptyMap());
loginModule.logout();
loginModule.login();
loginModule.commit();
assertEquals(3, subject.getPrincipals().size());
assertTrue(loginModule.abort());
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
IAuthorizationPolicy(org.pentaho.platform.api.engine.IAuthorizationPolicy)
Authentication(org.springframework.security.core.Authentication)
Collection(java.util.Collection)
LoginException(javax.security.auth.login.LoginException)
IUserRoleListService(org.pentaho.platform.api.engine.IUserRoleListService)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Example 9 with IUserRoleListService
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class SecurityHelperTest method getAuthorizedSecurityHelper.
private SecurityHelper getAuthorizedSecurityHelper() {
SecurityHelper authorizedSecurityHelper = spy(new SecurityHelper());
IUserRoleListService userRoleListServiceMock = getUserRoleListServiceMock(DEF_USERNAME, ALL_ROLES_ARRAY);
doReturn(userRoleListServiceMock).when(authorizedSecurityHelper).getUserRoleListService();
return authorizedSecurityHelper;
}
Also used :
IUserRoleListService(org.pentaho.platform.api.engine.IUserRoleListService)
Example 10 with IUserRoleListService
use of org.pentaho.platform.api.engine.IUserRoleListService in project pentaho-platform by pentaho.
the class UserRoleListService method getUsers.
public UserListWrapper getUsers() {
IUserRoleListService service = getUserRoleListService();
List<String> allUsers = service.getAllUsers();
if (null != userComparator) {
Collections.sort(allUsers, userComparator);
}
return new UserListWrapper(allUsers);
}
Also used :
IUserRoleListService(org.pentaho.platform.api.engine.IUserRoleListService)
UserListWrapper(org.pentaho.platform.web.http.api.resources.UserListWrapper)
Aggregations
IUserRoleListService (org.pentaho.platform.api.engine.IUserRoleListService)34
Test (org.junit.Test)20
ArrayList (java.util.ArrayList)8
IAuthorizationPolicy (org.pentaho.platform.api.engine.IAuthorizationPolicy)5
List (java.util.List)4
Document (org.dom4j.Document)4
Element (org.dom4j.Element)4
DefaultElement (org.dom4j.tree.DefaultElement)4
RoleListWrapper (org.pentaho.platform.web.http.api.resources.RoleListWrapper)4
MicroPlatform (org.pentaho.test.platform.engine.core.MicroPlatform)4
File (java.io.File)3
Callable (java.util.concurrent.Callable)3
IPluginResourceLoader (org.pentaho.platform.api.engine.IPluginResourceLoader)3
ITenant (org.pentaho.platform.api.mt.ITenant)3
RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)3
SystemSettings (org.pentaho.platform.engine.core.system.SystemSettings)3
PluginClassLoader (org.pentaho.platform.plugin.services.pluginmgr.PluginClassLoader)3
PluginResourceLoader (org.pentaho.platform.plugin.services.pluginmgr.PluginResourceLoader)3
Collection (java.util.Collection)2
HashMap (java.util.HashMap)2
