Examples with ITenant org.pentaho.platform.api.mt.ITenant used on opensource projects

Search in sources :

Example 56 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testGetFileAccessDenied.

@Test
public void testGetFileAccessDenied() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    ITenant tenantDuff = tenantManager.createTenant(systemTenant, TENANT_ID_DUFF, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantDuff, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", null);
    login(USERNAME_ADMIN, tenantDuff, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantDuff, USERNAME_PAT, PASSWORD, "", null);
    login(USERNAME_TIFFANY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile tiffanyHomeFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(USERNAME_TIFFANY));
    assertNotNull(tiffanyHomeFolder);
    assertNotNull(repo.createFolder(tiffanyHomeFolder.getId(), new RepositoryFile.Builder("test").folder(true).build(), null));
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    final String acmeTenantRootFolderPath = ClientRepositoryPaths.getRootFolderPath();
    final String homeFolderPath = ClientRepositoryPaths.getHomeFolderPath();
    final String tiffanyFolderPath = homeFolderPath + "/" + USERNAME_TIFFANY;
    JcrRepositoryDumpToFile dumpToFile = new JcrRepositoryDumpToFile(testJcrTemplate, jcrTransactionTemplate, repositoryAdminUsername, "c:/build/testrepo_7", JcrRepositoryDumpToFile.Mode.CUSTOM);
    // dumpToFile.execute();
    // read access for suzy on home
    assertNotNull(repo.getFile(homeFolderPath));
    // no read access for suzy on tiffany's folder
    assertNull(repo.getFile(tiffanyFolderPath));
    // no read access for suzy on subfolder of tiffany's folder
    final String tiffanySubFolderPath = tiffanyFolderPath + "/test";
    assertNull(repo.getFile(tiffanySubFolderPath));
    // make sure Pat can't see acme folder (pat is in the duff tenant)
    login(USERNAME_PAT, tenantDuff, new String[] { tenantAuthenticatedRoleName });
    assertNull(SimpleJcrTestUtils.getItem(testJcrTemplate, ServerRepositoryPaths.getTenantRootFolderPath(tenantAcme)));
    assertFalse(SimpleJcrTestUtils.hasPrivileges(testJcrTemplate, ServerRepositoryPaths.getTenantRootFolderPath(tenantAcme), Privilege.JCR_READ));
    assertFalse(SimpleJcrTestUtils.hasPrivileges(testJcrTemplate, ServerRepositoryPaths.getTenantRootFolderPath(tenantAcme), Privilege.JCR_READ_ACCESS_CONTROL));
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) JcrRepositoryDumpToFile(org.pentaho.platform.repository2.unified.jcr.JcrRepositoryDumpToFile) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 57 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testDeleteInheritingFile2.

@Test
public void testDeleteInheritingFile2() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    final String parentFolderPath = ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName());
    RepositoryFile parentFolder = repo.getFile(parentFolderPath);
    final String dataString = "Hello World!";
    final String encoding = "UTF-8";
    byte[] data = dataString.getBytes(encoding);
    ByteArrayInputStream dataStream = new ByteArrayInputStream(data);
    final String mimeType = "text/plain";
    final String fileName = "helloworld.xaction";
    final SimpleRepositoryFileData content = new SimpleRepositoryFileData(dataStream, encoding, mimeType);
    RepositoryFile newFolder = null;
    // Try an inheriting file delete
    // CHECKSTYLE IGNORE AvoidNestedBlocks FOR NEXT 3 LINES
    {
        newFolder = repo.createFolder(parentFolder.getId(), new RepositoryFile.Builder("testFolder").folder(true).build(), null, null);
        RepositoryFile newFile = repo.createFile(newFolder.getId(), new RepositoryFile.Builder("testFile").folder(false).build(), content, null);
        RepositoryFileAcl acl = repo.getAcl(newFile.getId());
        RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER, RepositoryFilePermission.ALL).entriesInheriting(true).build();
        repo.updateAcl(newAcl);
        login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
        try {
            repo.deleteFile(newFile.getId(), null);
        } catch (Exception e) {
            e.printStackTrace();
            fail();
        }
    }
    // Now try one not inheriting
    // CHECKSTYLE IGNORE AvoidNestedBlocks FOR NEXT 3 LINES
    {
        RepositoryFile newFile = repo.createFile(newFolder.getId(), new RepositoryFile.Builder("testFile").folder(false).build(), content, null);
        RepositoryFileAcl acl = repo.getAcl(newFile.getId());
        RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER, RepositoryFilePermission.ALL).entriesInheriting(false).build();
        repo.updateAcl(newAcl);
        login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
        try {
            repo.deleteFile(newFile.getId(), null);
        } catch (Exception e) {
            e.printStackTrace();
            fail();
        }
    }
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) ByteArrayInputStream(java.io.ByteArrayInputStream) SimpleRepositoryFileData(org.pentaho.platform.api.repository2.unified.data.simple.SimpleRepositoryFileData) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Matchers.anyString(org.mockito.Matchers.anyString) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException) UnifiedRepositoryAccessDeniedException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryAccessDeniedException) AccessDeniedException(org.springframework.security.access.AccessDeniedException) Test(org.junit.Test)

Example 58 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testDeleteInheritingFolder.

@Test
public void testDeleteInheritingFolder() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    final String parentFolderPath = ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName());
    RepositoryFile parentFolder = repo.getFile(parentFolderPath);
    final String dataString = "Hello World!";
    final String encoding = "UTF-8";
    byte[] data = dataString.getBytes(encoding);
    ByteArrayInputStream dataStream = new ByteArrayInputStream(data);
    final String mimeType = "text/plain";
    final String fileName = "helloworld.xaction";
    final SimpleRepositoryFileData content = new SimpleRepositoryFileData(dataStream, encoding, mimeType);
    // Try an inheriting folder delete
    // CHECKSTYLE IGNORE AvoidNestedBlocks FOR NEXT 3 LINES
    {
        RepositoryFile newFolder = repo.createFolder(parentFolder.getId(), new RepositoryFile.Builder("testFolder").folder(true).build(), null, null);
        RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
        RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER, RepositoryFilePermission.ALL).entriesInheriting(true).build();
        repo.updateAcl(newAcl);
        login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
        try {
            repo.deleteFile(newFolder.getId(), null);
        } catch (Exception e) {
            e.printStackTrace();
            fail();
        }
    }
    // Now try one not inheriting
    // CHECKSTYLE IGNORE AvoidNestedBlocks FOR NEXT 3 LINES
    {
        RepositoryFile newFolder = repo.createFolder(parentFolder.getId(), new RepositoryFile.Builder("testFolder2").folder(true).build(), null, null);
        RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
        RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).clearAces().ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER, RepositoryFilePermission.ALL).entriesInheriting(false).build();
        repo.updateAcl(newAcl);
        login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
        try {
            repo.deleteFile(newFolder.getId(), null);
        } catch (Exception e) {
            e.printStackTrace();
            fail();
        }
    }
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) ByteArrayInputStream(java.io.ByteArrayInputStream) SimpleRepositoryFileData(org.pentaho.platform.api.repository2.unified.data.simple.SimpleRepositoryFileData) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Matchers.anyString(org.mockito.Matchers.anyString) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException) UnifiedRepositoryAccessDeniedException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryAccessDeniedException) AccessDeniedException(org.springframework.security.access.AccessDeniedException) Test(org.junit.Test)

Example 59 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testUpdateAcl.

@Test
public void testUpdateAcl() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    defaultBackingRepositoryLifecycleManager.newTenant();
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile parentFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    newFolder = repo.createFolder(parentFolder.getId(), newFolder, null);
    RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
    RepositoryFileAcl.Builder newAclBuilder = new RepositoryFileAcl.Builder(acl);
    RepositoryFileSid tiffanySid = new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY));
    newAclBuilder.owner(tiffanySid);
    repo.updateAcl(newAclBuilder.build());
    RepositoryFileAcl fetchedAcl = repo.getAcl(newFolder.getId());
    assertEquals(new RepositoryFileSid(USERNAME_TIFFANY), fetchedAcl.getOwner());
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 60 with ITenant

use of org.pentaho.platform.api.mt.ITenant in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testRoleAuthorizationPolicyAdministerSecurityAccessDenied.

@Test(expected = AccessDeniedException.class)
public void testRoleAuthorizationPolicyAdministerSecurityAccessDenied() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    roleBindingDao.setRoleBindings(AUTHENTICATED_ROLE_NAME, Arrays.asList(RepositoryReadAction.NAME));
}
Also used : ITenant(org.pentaho.platform.api.mt.ITenant) Test(org.junit.Test)

Aggregations

ITenant (org.pentaho.platform.api.mt.ITenant)174 Test (org.junit.Test)120 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)86 Matchers.anyString (org.mockito.Matchers.anyString)47 RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)27 ArrayList (java.util.ArrayList)21 Tenant (org.pentaho.platform.core.mt.Tenant)21 ByteArrayInputStream (java.io.ByteArrayInputStream)17 SimpleRepositoryFileData (org.pentaho.platform.api.repository2.unified.data.simple.SimpleRepositoryFileData)17 RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)15 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)14 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)14 IPentahoUser (org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)12 WebResource (com.sun.jersey.api.client.WebResource)11 JerseyTest (com.sun.jersey.test.framework.JerseyTest)11 ITenantedPrincipleNameResolver (org.pentaho.platform.api.mt.ITenantedPrincipleNameResolver)10 SampleRepositoryFileData (org.pentaho.platform.api.repository2.unified.data.sample.SampleRepositoryFileData)10 Serializable (java.io.Serializable)9 Date (java.util.Date)9 HashMap (java.util.HashMap)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial