Search in sources :

Example 16 with RepositoryFileSid

use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.

the class RepositoryFileAdapter method toFile.

public static RepositoryFile toFile(final RepositoryFileDto v) {
    if (v == null) {
        return null;
    }
    RepositoryFile.Builder builder = null;
    if (v.id != null) {
        builder = new RepositoryFile.Builder(v.id, v.name);
    } else {
        builder = new RepositoryFile.Builder(v.name);
    }
    if (v.ownerType != -1) {
        new RepositoryFileSid(v.owner, RepositoryFileSid.Type.values()[v.ownerType]);
    }
    if (v.localePropertiesMapEntries != null) {
        for (LocaleMapDto localeMapDto : v.localePropertiesMapEntries) {
            String locale = localeMapDto.getLocale();
            Properties localeProperties = new Properties();
            if (localeMapDto.getProperties() != null) {
                for (StringKeyStringValueDto keyValueDto : localeMapDto.getProperties()) {
                    localeProperties.put(keyValueDto.getKey(), keyValueDto.getValue());
                }
            }
            builder.localeProperties(locale, localeProperties);
        }
    }
    return builder.path(v.path).createdDate(v.createdDate).creatorId(v.creatorId).description(v.description).folder(v.folder).fileSize(v.fileSize).lastModificationDate(v.lastModifiedDate).locale(v.locale).lockDate(v.lockDate).locked(v.locked).lockMessage(v.lockMessage).lockOwner(v.lockOwner).title(v.title).versioned(v.versioned).versionId(v.versionId).originalParentFolderPath(v.originalParentFolderPath).deletedDate(v.deletedDate).hidden(v.hidden).schedulable(!v.isNotSchedulable()).aclNode(v.aclNode).build();
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Properties(java.util.Properties)

Example 17 with RepositoryFileSid

use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testUpdatingPermissionWhenNoGrantPermissionOnFile.

/**
 * Tests Updating the ACL when no GRANT_PERMISSION is assigned
 */
@Test
public void testUpdatingPermissionWhenNoGrantPermissionOnFile() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", new String[] { tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", new String[] { tenantAuthenticatedRoleName });
    defaultBackingRepositoryLifecycleManager.newTenant();
    RepositoryFile parentFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    newFolder = repo.createFolder(parentFolder.getId(), newFolder, null);
    RepositoryFileAcl acls = repo.getAcl(newFolder.getId());
    RepositoryFileAcl.Builder newAclBuilder = new RepositoryFileAcl.Builder(acls);
    newAclBuilder.entriesInheriting(false).ace(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY), RepositoryFileSid.Type.USER, RepositoryFilePermission.READ);
    repo.updateAcl(newAclBuilder.build());
    login(USERNAME_TIFFANY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFileAcl newAcl = repo.getAcl(newFolder.getId());
    RepositoryFileAcl.Builder anotherNewAclBuilder = new RepositoryFileAcl.Builder(newAcl);
    anotherNewAclBuilder.ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, tenantAuthenticatedRoleName), RepositoryFileSid.Type.ROLE), RepositoryFilePermission.READ, RepositoryFilePermission.WRITE, RepositoryFilePermission.DELETE);
    try {
        repo.updateAcl(anotherNewAclBuilder.build());
        fail();
    } catch (UnifiedRepositoryException e) {
        assertNotNull(e);
    }
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 18 with RepositoryFileSid

use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testCreateFolderWithAcl.

@Test
public void testCreateFolderWithAcl() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile parentFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    RepositoryFileSid tiffanySid = new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY));
    RepositoryFileSid suzySid = new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_SUZY));
    // tiffany owns it but suzy is creating it
    RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder(tiffanySid);
    // need this to be able to fetch acl as suzy
    aclBuilder.ace(suzySid, RepositoryFilePermission.READ);
    newFolder = repo.createFolder(parentFolder.getId(), newFolder, aclBuilder.build(), null);
    RepositoryFileAcl fetchedAcl = repo.getAcl(newFolder.getId());
    assertEquals(new RepositoryFileSid(USERNAME_TIFFANY), fetchedAcl.getOwner());
    assertLocalAceExists(newFolder, new RepositoryFileSid(USERNAME_SUZY), EnumSet.of(RepositoryFilePermission.READ));
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 19 with RepositoryFileSid

use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testWriteWhenNoWritePermissionOnFile.

/**
 * Tests deleting a file when no delete permission is given to the role
 */
@Test
public void testWriteWhenNoWritePermissionOnFile() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    defaultBackingRepositoryLifecycleManager.newTenant();
    RepositoryFile publicFolderFile = createSampleFile(repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName())).getPath(), "helloworld.sample", "ddfdf", false, 83);
    RepositoryFileAcl publicFolderFileAcl = new RepositoryFileAcl.Builder(publicFolderFile.getId(), userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER).entriesInheriting(false).ace(new RepositoryFileSid(roleNameUtils.getPrincipleId(tenantAcme, tenantAuthenticatedRoleName), RepositoryFileSid.Type.ROLE), RepositoryFilePermission.READ).build();
    repo.updateAcl(publicFolderFileAcl);
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", new String[] { tenantAuthenticatedRoleName });
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    final String modSampleString = "Ciao World!";
    final boolean modSampleBoolean = true;
    final int modSampleInteger = 99;
    final SampleRepositoryFileData modContent = new SampleRepositoryFileData(modSampleString, modSampleBoolean, modSampleInteger);
    try {
        repo.updateFile(publicFolderFile, modContent, null);
        fail();
    } catch (UnifiedRepositoryException e) {
        assertNotNull(e);
    }
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    try {
        repo.updateFile(publicFolderFile, modContent, null);
        assertTrue(true);
    } catch (UnifiedRepositoryException e) {
        fail();
    }
}
Also used : SampleRepositoryFileData(org.pentaho.platform.api.repository2.unified.data.sample.SampleRepositoryFileData) RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) Matchers.anyString(org.mockito.Matchers.anyString) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 20 with RepositoryFileSid

use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.

the class DefaultUnifiedRepositoryAuthorizationIT method testGetEffectiveAces.

@Test
public void testGetEffectiveAces() throws Exception {
    loginAsSysTenantAdmin();
    ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
    userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
    login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
    userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
    userRoleDao.createUser(tenantAcme, USERNAME_TIFFANY, PASSWORD, "", null);
    defaultBackingRepositoryLifecycleManager.newTenant();
    login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
    RepositoryFile acmePublicFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
    List<RepositoryFileAce> expectedEffectiveAces1 = repo.getEffectiveAces(acmePublicFolder.getId());
    RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
    newFolder = repo.createFolder(acmePublicFolder.getId(), newFolder, null);
    assertEquals(expectedEffectiveAces1, repo.getEffectiveAces(newFolder.getId()));
    RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
    RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).entriesInheriting(false).ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_SUZY)), RepositoryFilePermission.ALL).ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_TIFFANY)), RepositoryFilePermission.READ).build();
    repo.updateAcl(newAcl);
    List<RepositoryFileAce> expectedEffectiveAces2 = new ArrayList<RepositoryFileAce>();
    expectedEffectiveAces2.add(new RepositoryFileAce(new RepositoryFileSid(USERNAME_SUZY), EnumSet.of(RepositoryFilePermission.ALL)));
    expectedEffectiveAces2.add(new RepositoryFileAce(new RepositoryFileSid(USERNAME_TIFFANY), EnumSet.of(RepositoryFilePermission.READ)));
    assertEquals(expectedEffectiveAces2, repo.getEffectiveAces(newFolder.getId()));
    assertEquals(expectedEffectiveAces2, repo.getEffectiveAces(newFolder.getId(), false));
    assertEquals(expectedEffectiveAces1, repo.getEffectiveAces(newFolder.getId(), true));
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) ITenant(org.pentaho.platform.api.mt.ITenant) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) ArrayList(java.util.ArrayList) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Aggregations

RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)37 RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)30 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)25 ITenant (org.pentaho.platform.api.mt.ITenant)15 Test (org.junit.Test)12 RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)10 Builder (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl.Builder)7 Matchers.anyString (org.mockito.Matchers.anyString)5 ArrayList (java.util.ArrayList)4 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)4 Serializable (java.io.Serializable)3 Node (javax.jcr.Node)3 RepositoryException (javax.jcr.RepositoryException)3 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)3 RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)3 StandaloneSession (org.pentaho.platform.engine.core.system.StandaloneSession)3 SpringSecurityRolePrincipal (org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)3 Authentication (org.springframework.security.core.Authentication)3 TransactionStatus (org.springframework.transaction.TransactionStatus)3 TransactionCallbackWithoutResult (org.springframework.transaction.support.TransactionCallbackWithoutResult)3