Example 21 with IPentahoRole
use of org.pentaho.platform.api.engine.security.userroledao.IPentahoRole in project pentaho-platform by pentaho.
the class UserRoleDaoServiceTest method testRemoveRoleFromUser.
@Test
public void testRemoveRoleFromUser() {
String userName = "testUser";
String roleNames = "Power User\tBusiness User\t";
setupMockSessionUser(SESSION_USER_NAME, true);
// Create session that will generate tenant
IPentahoSession session = mock(IPentahoSession.class);
when(session.getAttribute(IPentahoSession.TENANT_ID_KEY)).thenReturn("testTenantPath");
PentahoSessionHolder.setSession(session);
IPentahoRole ceoRole = mock(IPentahoRole.class);
when(ceoRole.getName()).thenReturn("ceo");
IPentahoRole ctoRole = mock(IPentahoRole.class);
when(ctoRole.getName()).thenReturn("cto");
IPentahoRole powerUserRole = mock(IPentahoRole.class);
when(powerUserRole.getName()).thenReturn("Power User");
IPentahoRole businessUserRole = mock(IPentahoRole.class);
when(businessUserRole.getName()).thenReturn("Business User");
List<IPentahoRole> roleList = new ArrayList<>();
roleList.add(ceoRole);
roleList.add(ctoRole);
roleList.add(powerUserRole);
roleList.add(businessUserRole);
IUserRoleDao roleDao = mock(IUserRoleDao.class);
when(roleDao.getUserRoles(any(ITenant.class), anyString())).thenReturn(roleList);
PentahoSystem.registerObject(roleDao);
userRoleService.removeRolesFromUser(userName, roleNames);
verify(roleDao).setUserRoles(any(ITenant.class), anyString(), argThat(new UnorderedArrayMatcher(new String[] { "ceo", "cto" })));
}
Also used :
ITenant(org.pentaho.platform.api.mt.ITenant)
IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)
IUserRoleDao(org.pentaho.platform.api.engine.security.userroledao.IUserRoleDao)
Test(org.junit.Test)
Example 22 with IPentahoRole
use of org.pentaho.platform.api.engine.security.userroledao.IPentahoRole in project pentaho-platform by pentaho.
the class AbstractJcrBackedUserRoleDao method getUserRoles.
public List<IPentahoRole> getUserRoles(Session session, final ITenant theTenant, final String userName) throws RepositoryException {
ArrayList<IPentahoRole> roles = new ArrayList<IPentahoRole>();
User jackrabbitUser = getJackrabbitUser(theTenant, userName, session);
if ((jackrabbitUser != null) && TenantUtils.isAccessibleTenant(theTenant == null ? tenantedUserNameUtils.getTenant(jackrabbitUser.getID()) : theTenant)) {
Iterator<Group> groups = jackrabbitUser.memberOf();
while (groups.hasNext()) {
IPentahoRole role = convertToPentahoRole(groups.next());
// Exclude the extra role from the list of roles to be returned back
if (!extraRoles.contains(role.getName())) {
roles.add(role);
}
}
}
return roles;
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
IPentahoUser(org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)
User(org.apache.jackrabbit.api.security.user.User)
PentahoUser(org.pentaho.platform.security.userroledao.PentahoUser)
ArrayList(java.util.ArrayList)
IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)
Example 23 with IPentahoRole
use of org.pentaho.platform.api.engine.security.userroledao.IPentahoRole in project pentaho-platform by pentaho.
the class DefaultUserRepositoryLifecycleManager method configureRoles.
private void configureRoles() {
if (logger.isDebugEnabled()) {
logger.debug("Configuring default role mappings.");
}
for (final String roleName : roleMappings.keySet()) {
final IPentahoRole role = userRoleDao.getRole(DEFAULT_TENANT, roleName);
if (role == null) {
if (logger.isDebugEnabled()) {
logger.debug("Creating user role: " + roleName);
}
userRoleDao.createRole(DEFAULT_TENANT, roleName, "", EMPTY_STRING_ARRAY);
final List<String> logicalRoles = roleMappings.get(roleName);
if (logicalRoles.size() > 0) {
roleBindingDao.setRoleBindings(DEFAULT_TENANT, roleName, logicalRoles);
}
if (logger.isDebugEnabled()) {
StringBuffer buffer = new StringBuffer();
for (String logicalRole : logicalRoles) {
buffer.append(logicalRole + " ");
}
logger.debug("Create Role[" + roleName + "] with logical roles [ " + buffer + " ]");
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("Skipping config. Role[" + roleName + "] already registered.");
}
}
}
}
Also used :
IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)
Example 24 with IPentahoRole
use of org.pentaho.platform.api.engine.security.userroledao.IPentahoRole in project pentaho-platform by pentaho.
the class SolutionImportHandler method importRoles.
protected void importRoles(List<RoleExport> roles, Map<String, List<String>> roleToUserMap) {
IUserRoleDao roleDao = PentahoSystem.get(IUserRoleDao.class);
ITenant tenant = new Tenant("/pentaho/" + TenantUtils.getDefaultTenant(), true);
IRoleAuthorizationPolicyRoleBindingDao roleBindingDao = PentahoSystem.get(IRoleAuthorizationPolicyRoleBindingDao.class);
Set<String> existingRoles = new HashSet<>();
if (roles != null) {
for (RoleExport role : roles) {
log.debug("Importing role: " + role.getRolename());
try {
List<String> users = roleToUserMap.get(role.getRolename());
String[] userarray = users == null ? new String[] {} : users.toArray(new String[] {});
IPentahoRole role1 = roleDao.createRole(tenant, role.getRolename(), null, userarray);
} catch (AlreadyExistsException e) {
existingRoles.add(role.getRolename());
// it's ok if the role already exists, it is probably a default role
log.info(Messages.getInstance().getString("ROLE.Already.Exists", role.getRolename()));
}
try {
if (existingRoles.contains(role.getRolename())) {
// Only update an existing role if the overwrite flag is set
if (isOverwriteFile()) {
roleBindingDao.setRoleBindings(tenant, role.getRolename(), role.getPermissions());
}
} else {
// Always write a roles permissions that were not previously existing
roleBindingDao.setRoleBindings(tenant, role.getRolename(), role.getPermissions());
}
} catch (Exception e) {
log.info(Messages.getInstance().getString("ERROR.SettingRolePermissions", role.getRolename()), e);
}
}
}
}
Also used :
IRoleAuthorizationPolicyRoleBindingDao(org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao)
AlreadyExistsException(org.pentaho.platform.api.engine.security.userroledao.AlreadyExistsException)
DomainAlreadyExistsException(org.pentaho.metadata.repository.DomainAlreadyExistsException)
IUserRoleDao(org.pentaho.platform.api.engine.security.userroledao.IUserRoleDao)
AlreadyExistsException(org.pentaho.platform.api.engine.security.userroledao.AlreadyExistsException)
DomainStorageException(org.pentaho.metadata.repository.DomainStorageException)
DomainIdNullException(org.pentaho.metadata.repository.DomainIdNullException)
DomainAlreadyExistsException(org.pentaho.metadata.repository.DomainAlreadyExistsException)
IOException(java.io.IOException)
ITenant(org.pentaho.platform.api.mt.ITenant)
Tenant(org.pentaho.platform.core.mt.Tenant)
ITenant(org.pentaho.platform.api.mt.ITenant)
IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)
RoleExport(org.pentaho.platform.plugin.services.importexport.RoleExport)
HashSet(java.util.HashSet)
Example 25 with IPentahoRole
use of org.pentaho.platform.api.engine.security.userroledao.IPentahoRole in project pentaho-platform by pentaho.
the class UserRoleDaoService method assignRolesToUser.
public void assignRolesToUser(String userName, String roleNames) throws NotFoundException, UncategorizedUserRoleDaoException, SecurityException {
if (canAdminister()) {
StringTokenizer tokenizer = new StringTokenizer(roleNames, "\t");
Set<String> assignedRoles = new HashSet<>();
ITenant tenant = TenantUtils.getCurrentTenant();
// Build the set of roles the user already contians
for (IPentahoRole pentahoRole : getRoleDao().getUserRoles(tenant, userName)) {
assignedRoles.add(pentahoRole.getName());
}
// Append the parameter of roles
while (tokenizer.hasMoreTokens()) {
assignedRoles.add(tokenizer.nextToken());
}
getRoleDao().setUserRoles(tenant, userName, assignedRoles.toArray(new String[assignedRoles.size()]));
} else {
throw new SecurityException();
}
}
Also used :
StringTokenizer(java.util.StringTokenizer)
ITenant(org.pentaho.platform.api.mt.ITenant)
IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)
HashSet(java.util.HashSet)
Aggregations
IPentahoRole (org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)48
Test (org.junit.Test)19
ArrayList (java.util.ArrayList)16
IPentahoUser (org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)13
ITenant (org.pentaho.platform.api.mt.ITenant)12
IUserRoleDao (org.pentaho.platform.api.engine.security.userroledao.IUserRoleDao)10
AlreadyExistsException (org.pentaho.platform.api.engine.security.userroledao.AlreadyExistsException)8
HashSet (java.util.HashSet)7
Matchers.anyString (org.mockito.Matchers.anyString)6
NotFoundException (org.pentaho.platform.api.engine.security.userroledao.NotFoundException)6
DefaultTenantedPrincipleNameResolver (org.pentaho.platform.security.userroledao.DefaultTenantedPrincipleNameResolver)6
IOException (java.io.IOException)5
RepositoryException (javax.jcr.RepositoryException)5
AccessControlException (javax.jcr.security.AccessControlException)4
IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)4
PentahoRole (org.pentaho.platform.security.userroledao.PentahoRole)4
BeansException (org.springframework.beans.BeansException)4
StringTokenizer (java.util.StringTokenizer)2
Group (org.apache.jackrabbit.api.security.user.Group)2
UncategorizedUserRoleDaoException (org.pentaho.platform.api.engine.security.userroledao.UncategorizedUserRoleDaoException)2
