Examples with RepositoryFileAcl org.pentaho.platform.api.repository2.unified.RepositoryFileAcl used on opensource projects

Search in sources :

Example 11 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class MockUnifiedRepository method hasAccess.

private boolean hasAccess(final Serializable fileId, final EnumSet<RepositoryFilePermission> permissions) {
    String username = currentUserProvider.getUser();
    List<String> roles = currentUserProvider.getRoles();
    RepositoryFileAcl acl = idManager.getFileById(fileId).getAcl();
    if (acl.getOwner().getType() == USER && acl.getOwner().getName().equals(username)) {
        // owner can do anything
        return true;
    }
    List<RepositoryFileAce> aces = internalGetEffectiveAces(fileId);
    for (RepositoryFileAce ace : aces) {
        if (ace.getSid().equals(everyone()) && ace.getPermissions().containsAll(permissions)) {
            // match special everyone role
            return true;
        } else if (ace.getSid().getType() == USER && ace.getSid().getName().equals(username) && ace.getPermissions().containsAll(permissions)) {
            // match on user
            return true;
        }
        for (String role : roles) {
            if (ace.getSid().getType() == ROLE && ace.getSid().getName().equals(role) && ace.getPermissions().containsAll(permissions)) {
                // match on role
                return true;
            }
        }
    }
    return false;
}
Also used : RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 12 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class MockUnifiedRepository method init.

protected void init() {
    RepositoryFile rootFolder = new RepositoryFile.Builder("").path(RepositoryFile.SEPARATOR).folder(true).build();
    RepositoryFileAcl rootFolderAcl = new RepositoryFileAcl.Builder(root()).entriesInheriting(false).ace(everyone(), READ).build();
    root = new FileRecord(rootFolder, rootFolderAcl);
    idManager.register(root);
    RepositoryFile publicFolder = new RepositoryFile.Builder("public").path(RepositoryFile.SEPARATOR + "public").folder(true).build();
    RepositoryFileAcl publicFolderAcl = new RepositoryFileAcl.Builder(root()).entriesInheriting(false).ace(everyone(), READ, WRITE).build();
    FileRecord pub = new FileRecord(publicFolder, publicFolderAcl);
    root.addChild(pub);
    idManager.register(pub);
    RepositoryFile etcFolder = new RepositoryFile.Builder("etc").path(RepositoryFile.SEPARATOR + "etc").folder(true).build();
    RepositoryFileAcl etcFolderAcl = new RepositoryFileAcl.Builder(root()).entriesInheriting(true).build();
    FileRecord etc = new FileRecord(etcFolder, etcFolderAcl);
    root.addChild(etc);
    idManager.register(etc);
}
Also used : RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 13 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class FileServiceTest method doSetMetadata.

@Test
public void doSetMetadata() {
    String pathId = "path:to:file:file1.ext";
    List<StringKeyStringValueDto> stringKeyStringValueDtos = new ArrayList<StringKeyStringValueDto>();
    StringKeyStringValueDto stringKeyStringValueDto1 = mock(StringKeyStringValueDto.class);
    doReturn("key1").when(stringKeyStringValueDto1).getKey();
    doReturn("value1").when(stringKeyStringValueDto1).getValue();
    StringKeyStringValueDto stringKeyStringValueDto2 = mock(StringKeyStringValueDto.class);
    doReturn("key2").when(stringKeyStringValueDto2).getKey();
    doReturn("value2").when(stringKeyStringValueDto2).getValue();
    stringKeyStringValueDtos.add(stringKeyStringValueDto1);
    stringKeyStringValueDtos.add(stringKeyStringValueDto2);
    doReturn("/path/to/file/file1.ext").when(fileService).idToPath(pathId);
    doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    RepositoryFileDto file = mock(RepositoryFileDto.class);
    doReturn(false).when(file).isFolder();
    doReturn(true).when(file).isHidden();
    doReturn(file).when(fileService.defaultUnifiedRepositoryWebService).getFile(anyString());
    List<RepositoryFileAclAceDto> repositoryFileAclAceDtos = new ArrayList<RepositoryFileAclAceDto>();
    RepositoryFileAclDto repositoryFileAclDto = mock(RepositoryFileAclDto.class);
    doReturn("sessionName").when(repositoryFileAclDto).getOwner();
    doReturn(true).when(repositoryFileAclDto).isEntriesInheriting();
    doReturn(repositoryFileAclAceDtos).when(repositoryFileAclDto).getAces();
    doReturn(repositoryFileAclDto).when(fileService.defaultUnifiedRepositoryWebService).getAcl(anyString());
    IPentahoSession pentahoSession = mock(IPentahoSession.class);
    doReturn(pentahoSession).when(fileService).getSession();
    doReturn("sessionName").when(pentahoSession).getName();
    RepositoryFileAclAceDto repositoryFileAclAceDto = mock(RepositoryFileAclAceDto.class);
    List<Integer> permissions = new ArrayList<Integer>();
    permissions.add(RepositoryFilePermission.ACL_MANAGEMENT.ordinal());
    doReturn(permissions).when(repositoryFileAclAceDto).getPermissions();
    doReturn("sessionName").when(repositoryFileAclAceDto).getRecipient();
    repositoryFileAclAceDtos.add(repositoryFileAclAceDto);
    doReturn(repositoryFileAclAceDtos).when(fileService.defaultUnifiedRepositoryWebService).getEffectiveAces(anyString());
    Map<String, Serializable> metadata = new HashMap<String, Serializable>();
    doReturn(metadata).when(fileService.repository).getFileMetadata(anyString());
    RepositoryFile sourceFile = mock(RepositoryFile.class);
    doReturn(sourceFile).when(fileService.repository).getFileById(anyString());
    RepositoryFileDto destFileDto = mock(RepositoryFileDto.class);
    doReturn(destFileDto).when(fileService).toFileDto(sourceFile, null, false);
    RepositoryFile destFile = mock(RepositoryFile.class);
    doReturn(destFile).when(fileService).toFile(destFileDto);
    RepositoryFileAcl acl = mock(RepositoryFileAcl.class);
    doReturn(acl).when(fileService.repository).getAcl(acl);
    // Test 1 - canManage should be true at start
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 2 - canManage should be false at start
    doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 3 - canManage should be false at start
    doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 4 - canManage should be false at start
    doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 5 - canManage should be false at start
    doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 6 - canManage should be false at start
    doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 7 - canManage should be false at start
    doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
    doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
    doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 8 - canManage should be false at start
    doReturn(true).when(file).isFolder();
    doReturn(true).when(file).isHidden();
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    // Test 9
    StringKeyStringValueDto stringKeyStringValueDto3 = mock(StringKeyStringValueDto.class);
    doReturn("_PERM_HIDDEN").when(stringKeyStringValueDto3).getKey();
    doReturn("true").when(stringKeyStringValueDto3).getValue();
    stringKeyStringValueDtos.add(stringKeyStringValueDto3);
    try {
        fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
    } catch (GeneralSecurityException e) {
        fail();
    }
    verify(fileService.defaultUnifiedRepositoryWebService, times(9)).getFile(anyString());
    verify(fileService.defaultUnifiedRepositoryWebService, times(9)).getAcl(anyString());
    verify(repositoryFileAclDto, times(9)).getOwner();
    verify(fileService.policy, times(11)).isAllowed(anyString());
    verify(fileService.repository, times(9)).getFileMetadata(anyString());
    verify(fileService.repository, times(7)).setFileMetadata(anyString(), any(Map.class));
    verify(file, times(8)).setHidden(anyBoolean());
    verify(fileService.repository, times(8)).getFileById(anyString());
    verify(fileService, times(8)).toFileDto(any(RepositoryFile.class), anySet(), anyBoolean());
    verify(fileService, times(8)).toFile(any(RepositoryFileDto.class));
    verify(destFileDto, times(8)).setHidden(anyBoolean());
    verify(fileService.repository, times(8)).getAcl(anyString());
    verify(fileService.repository, times(7)).updateFile(any(RepositoryFile.class), any(IRepositoryFileData.class), anyString());
    verify(fileService.repository, times(7)).updateAcl(any(RepositoryFileAcl.class));
    verify(fileService.repository).updateFolder(any(RepositoryFile.class), anyString());
}
Also used : StringKeyStringValueDto(org.pentaho.platform.repository2.unified.webservices.StringKeyStringValueDto) RepositoryFileDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto) IRepositoryFileData(org.pentaho.platform.api.repository2.unified.IRepositoryFileData) Serializable(java.io.Serializable) HashMap(java.util.HashMap) RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto) IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) RepositoryFileAclDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclDto) GeneralSecurityException(java.security.GeneralSecurityException) ArrayList(java.util.ArrayList) Matchers.anyString(org.mockito.Matchers.anyString) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Map(java.util.Map) HashMap(java.util.HashMap) Test(org.junit.Test)

Example 14 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class RepositoryFileImportFileHandlerTest method testImportExistingFileWithManifestApplied.

@Test
public void testImportExistingFileWithManifestApplied() throws Exception {
    ImportTestBuilder importTesterBuilder = new ImportTestBuilder();
    importTesterBuilder.fileExists(true).hasManifest(true).overwriteFileIfExists(true).applyAclSettings(true).overwriteAclSettings(true).build().initialSetup().execute();
    RepositoryFile repositoryFile = mockRepository.getFile(PATH + "/" + TARGET_RESOURCE_NAME);
    assertNotNull(repositoryFile);
    RepositoryFileAcl acl = mockRepository.getAcl(repositoryFile.getId());
    assertHasManifestPermissions(acl);
    assertHasManifestOwner(acl);
}
Also used : RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 15 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class RepositoryFileImportFileHandlerTest method testImportExistingFolderWithManifestApplied.

@Test
public void testImportExistingFolderWithManifestApplied() throws Exception {
    ImportTestBuilder importTesterBuilder = new ImportTestBuilder();
    importTesterBuilder.folder(true).path("/public").targetName(TARGET_RESOURCE_NAME).fileExists(true).hasManifest(true).overwriteFileIfExists(true).applyAclSettings(true).overwriteAclSettings(true).build().initialSetup().execute();
    RepositoryFile repositoryFile = mockRepository.getFile("/public/" + TARGET_RESOURCE_NAME);
    assertNotNull(repositoryFile);
    assertTrue(repositoryFile.isFolder());
    RepositoryFileAcl acl = mockRepository.getAcl(repositoryFile.getId());
    assertHasManifestPermissions(acl);
    assertHasManifestOwner(acl);
}
Also used : RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Aggregations

RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)99 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)73 Test (org.junit.Test)50 ITenant (org.pentaho.platform.api.mt.ITenant)25 RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)23 RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)15 Node (javax.jcr.Node)13 Matchers.anyString (org.mockito.Matchers.anyString)13 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)13 Serializable (java.io.Serializable)12 Session (javax.jcr.Session)12 JcrCallback (org.springframework.extensions.jcr.JcrCallback)12 ArrayList (java.util.ArrayList)11 RepositoryException (javax.jcr.RepositoryException)10 ByteArrayInputStream (java.io.ByteArrayInputStream)9 IOException (java.io.IOException)9 DataNode (org.pentaho.platform.api.repository2.unified.data.node.DataNode)9 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)8 RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)8 InputStream (java.io.InputStream)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial