Examples with RepositoryFileAcl org.pentaho.platform.api.repository2.unified.RepositoryFileAcl used on opensource projects

Search in sources :

Example 86 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testDeleteWhenNoDeletePermissionOnFile.

/**
 * Tests deleting a file when no delete permission is given to the role
 */
@Test
public void testDeleteWhenNoDeletePermissionOnFile() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    defaultBackingRepositoryLifecycleManager.newTenant();
    RepositoryFile publicFolderFile = createSampleFile(repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName())).getPath(), "helloworld.sample", "ddfdf", false, 83);
    RepositoryFileAcl publicFolderFileAcl = new RepositoryFileAcl.Builder(publicFolderFile.getId(), userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER).entriesInheriting(false).ace(new RepositoryFileSid(roleNameUtils.getPrincipleId(tenantAcme, tenantAuthenticatedRoleName), RepositoryFileSid.Type.ROLE), RepositoryFilePermission.READ, RepositoryFilePermission.WRITE).build();
    repo.updateAcl(publicFolderFileAcl);
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", new String[] { tenantAuthenticatedRoleName });
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    try {
        repo.deleteFile(publicFolderFile.getId(), null);
        fail();
    } catch (UnifiedRepositoryException e) {
        assertNotNull(e);
    }
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    try {
        repo.deleteFile(publicFolderFile.getId(), null);
        assertTrue(true);
    } catch (UnifiedRepositoryException e) {
        fail();
    }
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 87 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method assertLocalAceExists.

private void assertLocalAceExists(final RepositoryFile file, final RepositoryFileSid sid, final EnumSet<RepositoryFilePermission> permissions) {
    RepositoryFileAcl acl = repo.getAcl(file.getId());
    List<RepositoryFileAce> aces = acl.getAces();
    for (RepositoryFileAce ace : aces) {
        if (sid.equals(ace.getSid()) && permissions.equals(ace.getPermissions())) {
            return;
        }
    }
    fail();
}
Also used : RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 88 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testOwnership.

@Test
public void testOwnership() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    // Suzy gives Tiffany all rights to her home folder
    final String parentFolderPath = ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName());
    RepositoryFile parentFolder = repo.getFile(parentFolderPath);
    RepositoryFileAcl parentAcl = repo.getAcl(parentFolder.getId());
    RepositoryFileAcl newParentAcl = new RepositoryFileAcl.Builder(parentAcl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY), RepositoryFileSid.Type.USER, RepositoryFilePermission.ALL).build();
    repo.updateAcl(newParentAcl);
    // suzy now creates a new folder inside of her home folder
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    final String testFolderPath = parentFolderPath + RepositoryFile.SEPARATOR + "test";
    newFolder = repo.createFolder(parentFolder.getId(), newFolder, null);
    assertEquals(new RepositoryFileSid(USERNAME_SUZY), repo.getAcl(newFolder.getId()).getOwner());
    // tiffany will set acl removing suzy's rights to this folder
    login(USERNAME_TIFFANY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFileAcl testFolderAcl = repo.getAcl(newFolder.getId());
    // do a new Ace List filtering suzy's rights out
    List<RepositoryFileAce> newAceList = new ArrayList<RepositoryFileAce>();
    for (RepositoryFileAce ace : newParentAcl.getAces()) {
        if (!ace.getSid().getName().equals(USERNAME_SUZY)) {
            newAceList.add(ace);
        }
    }
    RepositoryFileAcl newTestAcl = new RepositoryFileAcl.Builder(testFolderAcl).aces(newAceList).build();
    repo.updateAcl(newTestAcl);
    // but suzy is still the owner--she should be able to "acl" herself back into the folder
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    assertNotNull(repo.getFile(testFolderPath));
    // tiffany still have permissions
    login(USERNAME_TIFFANY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    assertNotNull(repo.getFile(testFolderPath));
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) ArrayList(java.util.ArrayList) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Matchers.anyString(org.mockito.Matchers.anyString) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 89 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method assertLocalAclEmpty.

private void assertLocalAclEmpty(final RepositoryFile file) {
    RepositoryFileAcl acl = repo.getAcl(file.getId());
    assertTrue(acl.getAces().size() == 0);
}
Also used : RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 90 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testGetAcl.

@Test
public void testGetAcl() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", null);
    defaultBackingRepositoryLifecycleManager.newTenant();
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile parentFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    newFolder = repo.createFolder(parentFolder.getId(), newFolder, null);
    RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
    assertEquals(true, acl.isEntriesInheriting());
    assertEquals(new RepositoryFileSid(USERNAME_SUZY), acl.getOwner());
    assertEquals(newFolder.getId(), acl.getId());
    assertTrue(acl.getAces().isEmpty());
    RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY), RepositoryFileSid.Type.USER, RepositoryFilePermission.READ).entriesInheriting(true).build();
    RepositoryFileAcl fetchedAcl = repo.updateAcl(newAcl);
    // since isEntriesInheriting is true, ace addition should not have taken
    assertTrue(fetchedAcl.getAces().isEmpty());
    newAcl = new RepositoryFileAcl.Builder(acl).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY), RepositoryFileSid.Type.USER, RepositoryFilePermission.READ).build();
    // entriesInheriting to false
    fetchedAcl = repo.updateAcl(newAcl);
    // since isEntriesInheriting is false, ace addition should have taken
    assertFalse(fetchedAcl.getAces().isEmpty());
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Aggregations

RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)99 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)73 Test (org.junit.Test)50 ITenant (org.pentaho.platform.api.mt.ITenant)25 RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)23 RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)15 Node (javax.jcr.Node)13 Matchers.anyString (org.mockito.Matchers.anyString)13 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)13 Serializable (java.io.Serializable)12 Session (javax.jcr.Session)12 JcrCallback (org.springframework.extensions.jcr.JcrCallback)12 ArrayList (java.util.ArrayList)11 RepositoryException (javax.jcr.RepositoryException)10 ByteArrayInputStream (java.io.ByteArrayInputStream)9 IOException (java.io.IOException)9 DataNode (org.pentaho.platform.api.repository2.unified.data.node.DataNode)9 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)8 RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)8 InputStream (java.io.InputStream)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial