Examples with ITenant org.pentaho.platform.api.mt.ITenant used on opensource projects

Search in sources :

Example 51 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testHasAccess.

@Test
public void testHasAccess() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    ITenant tenantDuff = tenantManager.createTenant(systemTenant, TENANT_ID_DUFF, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantDuff, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantDuff, USERNAME_PAT, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    assertTrue(repo.hasAccess(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()), EnumSet.of(RepositoryFilePermission.READ)));
    login(USERNAME_PAT, tenantDuff, new String[] { tenantAuthenticatedRoleName });
    assertFalse(SimpleJcrTestUtils.hasPrivileges(testJcrTemplate, ServerRepositoryPaths.getTenantPublicFolderPath(tenantAcme), Privilege.JCR_READ));
    // false is returned if path does not exist
    assertFalse(repo.hasAccess(ClientRepositoryPaths.getRootFolderPath() + "doesnotexist", EnumSet.of(RepositoryFilePermission.READ)));
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) Test(org.junit.Test)

Example 52 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testOnNewUser.

/**
 * This test method depends on {@code DefaultRepositoryEventHandler} behavior.
 */
@Test
public void testOnNewUser() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", new String[] { tenantAdminRoleName });
    logout();
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    RepositoryFile suzyHomeFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(USERNAME_SUZY));
    assertNotNull(suzyHomeFolder);
    assertNotNull(SimpleJcrTestUtils.getItem(testJcrTemplate, ServerRepositoryPaths.getTenantRootFolderPath()));
    assertNotNull(SimpleJcrTestUtils.getItem(testJcrTemplate, ServerRepositoryPaths.getTenantPublicFolderPath()));
    assertNotNull(SimpleJcrTestUtils.getItem(testJcrTemplate, ServerRepositoryPaths.getTenantHomeFolderPath()));
    final String suzyFolderPath = ServerRepositoryPaths.getUserHomeFolderPath(tenantAcme, USERNAME_SUZY);
    assertNotNull(SimpleJcrTestUtils.getItem(testJcrTemplate, suzyFolderPath));
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 53 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testGetEffectiveAces.

@Test
public void testGetEffectiveAces() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", null);
    defaultBackingRepositoryLifecycleManager.newTenant();
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile acmePublicFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    List<RepositoryFileAce> expectedEffectiveAces1 = repo.getEffectiveAces(acmePublicFolder.getId());
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    newFolder = repo.createFolder(acmePublicFolder.getId(), newFolder, null);
    assertEquals(expectedEffectiveAces1, repo.getEffectiveAces(newFolder.getId()));
    RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
    RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).entriesInheriting(false).ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_SUZY)), RepositoryFilePermission.ALL).ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY)), RepositoryFilePermission.READ).build();
    repo.updateAcl(newAcl);
    List<RepositoryFileAce> expectedEffectiveAces2 = new ArrayList<RepositoryFileAce>();
    expectedEffectiveAces2.add(new RepositoryFileAce(new RepositoryFileSid(USERNAME_SUZY), EnumSet.of(RepositoryFilePermission.ALL)));
    expectedEffectiveAces2.add(new RepositoryFileAce(new RepositoryFileSid(USERNAME_TIFFANY), EnumSet.of(RepositoryFilePermission.READ)));
    assertEquals(expectedEffectiveAces2, repo.getEffectiveAces(newFolder.getId()));
    assertEquals(expectedEffectiveAces2, repo.getEffectiveAces(newFolder.getId(), false));
    assertEquals(expectedEffectiveAces1, repo.getEffectiveAces(newFolder.getId(), true));
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) ArrayList(java.util.ArrayList) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 54 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testRoleAuthorizationPolicyNoBoundLogicalRoles.

@Test
public void testRoleAuthorizationPolicyNoBoundLogicalRoles() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    // List could come back in any order so check elements individually
    List<String> list = roleBindingDao.getBoundLogicalRoleNames(Arrays.asList(AUTHENTICATED_ROLE_NAME, "ceo"));
    assertEquals(3, list.size());
    findInList(RepositoryReadAction.NAME, list);
    findInList(SchedulerAction.NAME, list);
    findInList(RepositoryCreateAction.NAME, list);
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 55 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testRoleAuthorizationPolicyGetAllowedActions.

@Test
public void testRoleAuthorizationPolicyGetAllowedActions() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    ITenant tenantDuff = tenantManager.createTenant(systemTenant, TENANT_ID_DUFF, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantDuff, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantDuff, USERNAME_PAT, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    // test with null namespace
    List<String> allowedActions = authorizationPolicy.getAllowedActions(null);
    assertEquals(3, allowedActions.size());
    assertTrue(allowedActions.contains(RepositoryReadAction.NAME));
    assertTrue(allowedActions.contains(RepositoryCreateAction.NAME));
    assertTrue(allowedActions.contains(SchedulerAction.NAME));
    // test with explicit namespace
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_REPOSITORY);
    assertEquals(2, allowedActions.size());
    assertTrue(allowedActions.contains(RepositoryReadAction.NAME));
    assertTrue(allowedActions.contains(RepositoryCreateAction.NAME));
    // test with scheduler
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_SCHEDULER);
    assertEquals(1, allowedActions.size());
    assertTrue(allowedActions.contains(SchedulerAction.NAME));
    // test with bogus namespace
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_DOESNOTEXIST);
    assertEquals(0, allowedActions.size());
    // login with pat (in tenant duff); pat is granted "Authenticated" so he is allowed
    login(USERNAME_PAT, tenantDuff, new String[] { tenantAuthenticatedRoleName });
    allowedActions = authorizationPolicy.getAllowedActions(null);
    assertEquals(3, allowedActions.size());
    assertTrue(allowedActions.contains(RepositoryReadAction.NAME));
    assertTrue(allowedActions.contains(RepositoryCreateAction.NAME));
    assertTrue(allowedActions.contains(SchedulerAction.NAME));
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_REPOSITORY);
    assertEquals(2, allowedActions.size());
    assertTrue(allowedActions.contains(RepositoryReadAction.NAME));
    assertTrue(allowedActions.contains(RepositoryCreateAction.NAME));
    // test with scheduler
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_SCHEDULER);
    assertEquals(1, allowedActions.size());
    assertTrue(allowedActions.contains(SchedulerAction.NAME));
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_SECURITY);
    assertEquals(2, allowedActions.size());
    assertTrue(allowedActions.contains(AdministerSecurityAction.NAME));
    allowedActions = authorizationPolicy.getAllowedActions(NAMESPACE_PENTAHO);
    assertEquals(5, allowedActions.size());
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Aggregations

ITenant (org.pentaho.platform.api.mt.ITenant)174 Test (org.junit.Test)120 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)86 Matchers.anyString (org.mockito.Matchers.anyString)47 RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)27 ArrayList (java.util.ArrayList)21 Tenant (org.pentaho.platform.core.mt.Tenant)21 ByteArrayInputStream (java.io.ByteArrayInputStream)17 SimpleRepositoryFileData (org.pentaho.platform.api.repository2.unified.data.simple.SimpleRepositoryFileData)17 RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)15 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)14 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)14 IPentahoUser (org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)12 WebResource (com.sun.jersey.api.client.WebResource)11 JerseyTest (com.sun.jersey.test.framework.JerseyTest)11 ITenantedPrincipleNameResolver (org.pentaho.platform.api.mt.ITenantedPrincipleNameResolver)10 SampleRepositoryFileData (org.pentaho.platform.api.repository2.unified.data.sample.SampleRepositoryFileData)10 Serializable (java.io.Serializable)9 Date (java.util.Date)9 HashMap (java.util.HashMap)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial