Example 26 with RepositoryFileSid
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class RepositoryFileImportFileHandlerTest method createRepositoryFileAcl2.
private RepositoryFileAcl createRepositoryFileAcl2() {
final RepositoryFileSid sid = new RepositoryFileSid(USER_NAME2);
final boolean inheriting = false;
final RepositoryFileAce ace1 = new RepositoryFileAce(sid, RepositoryFilePermission.READ, RepositoryFilePermission.WRITE, RepositoryFilePermission.DELETE);
final RepositoryFileAce ace2 = new RepositoryFileAce(new RepositoryFileSid(USER_NAME), RepositoryFilePermission.READ, RepositoryFilePermission.WRITE, RepositoryFilePermission.DELETE);
final List<RepositoryFileAce> aces = Arrays.asList(ace1, ace2);
return new RepositoryFileAcl("", sid, inheriting, aces);
}
Also used :
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Example 27 with RepositoryFileSid
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class DefaultUnifiedRepositoryAuthorizationIT method testGetAcl2.
@Test
public void testGetAcl2() throws Exception {
loginAsSysTenantAdmin();
ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
defaultBackingRepositoryLifecycleManager.newTenant();
login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
RepositoryFile parentFolder = repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName()));
RepositoryFile newFolder = new RepositoryFile.Builder("test").folder(true).versioned(true).build();
newFolder = repo.createFolder(parentFolder.getId(), newFolder, null);
RepositoryFileAcl acl = repo.getAcl(newFolder.getId());
RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).entriesInheriting(false).ace(new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_SUZY)), RepositoryFilePermission.ALL).build();
repo.updateAcl(newAcl);
RepositoryFileAcl fetchedAcl = repo.getAcl(newFolder.getId());
assertEquals(1, fetchedAcl.getAces().size());
}
Also used :
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
ITenant(org.pentaho.platform.api.mt.ITenant)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Test(org.junit.Test)
Example 28 with RepositoryFileSid
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class DefaultUnifiedRepositoryAuthorizationIT method testInheritingNodeRemoval.
@Test
public void testInheritingNodeRemoval() throws Exception {
loginAsSysTenantAdmin();
ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", null);
final String parentFolderPath = ClientRepositoryPaths.getPublicFolderPath();
RepositoryFile parentFolder = repo.getFile(parentFolderPath);
DataNode node = new DataNode("kdjd");
node.setProperty("ddf", "ljsdfkjsdkf");
DataNode newChild1 = node.addNode("herfkmdx");
NodeRepositoryFileData data = new NodeRepositoryFileData(node);
RepositoryFile repoFile = repo.createFile(parentFolder.getId(), new RepositoryFile.Builder("test").build(), data, null);
RepositoryFileAcl acl = repo.getAcl(repoFile.getId());
RepositoryFileSid suzySid = new RepositoryFileSid(userNameUtils.getPrincipleId(tenantAcme, USERNAME_SUZY));
RepositoryFileAcl.Builder newAclBuilder = new RepositoryFileAcl.Builder(acl).ace(suzySid, EnumSet.of(RepositoryFilePermission.READ, RepositoryFilePermission.WRITE));
repo.updateAcl(newAclBuilder.build());
login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
repoFile = repo.getFile(repoFile.getPath());
node = new DataNode("kdjd");
node.setProperty("foo", "bar");
newChild1 = node.addNode("sdfsdf");
data = new NodeRepositoryFileData(node);
repo.updateFile(repoFile, data, "testUpdate");
}
Also used :
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
ITenant(org.pentaho.platform.api.mt.ITenant)
DataNode(org.pentaho.platform.api.repository2.unified.data.node.DataNode)
NodeRepositoryFileData(org.pentaho.platform.api.repository2.unified.data.node.NodeRepositoryFileData)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
Matchers.anyString(org.mockito.Matchers.anyString)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Test(org.junit.Test)
Example 29 with RepositoryFileSid
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class DefaultUnifiedRepositoryAuthorizationIT method testDeleteWhenNoDeletePermissionOnFile.
/**
* Tests deleting a file when no delete permission is given to the role
*/
@Test
public void testDeleteWhenNoDeletePermissionOnFile() throws Exception {
loginAsSysTenantAdmin();
ITenant tenantAcme = tenantManager.createTenant(systemTenant, TENANT_ID_ACME, tenantAdminRoleName, tenantAuthenticatedRoleName, ANONYMOUS_ROLE_NAME);
userRoleDao.createUser(tenantAcme, USERNAME_ADMIN, PASSWORD, "", new String[] { tenantAdminRoleName });
login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
defaultBackingRepositoryLifecycleManager.newTenant();
RepositoryFile publicFolderFile = createSampleFile(repo.getFile(ClientRepositoryPaths.getUserHomeFolderPath(PentahoSessionHolder.getSession().getName())).getPath(), "helloworld.sample", "ddfdf", false, 83);
RepositoryFileAcl publicFolderFileAcl = new RepositoryFileAcl.Builder(publicFolderFile.getId(), userNameUtils.getPrincipleId(tenantAcme, USERNAME_ADMIN), RepositoryFileSid.Type.USER).entriesInheriting(false).ace(new RepositoryFileSid(roleNameUtils.getPrincipleId(tenantAcme, tenantAuthenticatedRoleName), RepositoryFileSid.Type.ROLE), RepositoryFilePermission.READ, RepositoryFilePermission.WRITE).build();
repo.updateAcl(publicFolderFileAcl);
userRoleDao.createUser(tenantAcme, USERNAME_SUZY, PASSWORD, "", new String[] { tenantAuthenticatedRoleName });
login(USERNAME_SUZY, tenantAcme, new String[] { tenantAuthenticatedRoleName });
try {
repo.deleteFile(publicFolderFile.getId(), null);
fail();
} catch (UnifiedRepositoryException e) {
assertNotNull(e);
}
login(USERNAME_ADMIN, tenantAcme, new String[] { tenantAdminRoleName, tenantAuthenticatedRoleName });
try {
repo.deleteFile(publicFolderFile.getId(), null);
assertTrue(true);
} catch (UnifiedRepositoryException e) {
fail();
}
}
Also used :
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
ITenant(org.pentaho.platform.api.mt.ITenant)
UnifiedRepositoryException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Test(org.junit.Test)
Example 30 with RepositoryFileSid
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class DefaultUnifiedRepositoryAuthorizationIT method assertLocalAceExists.
private void assertLocalAceExists(final RepositoryFile file, final RepositoryFileSid sid, final EnumSet<RepositoryFilePermission> permissions) {
RepositoryFileAcl acl = repo.getAcl(file.getId());
List<RepositoryFileAce> aces = acl.getAces();
for (RepositoryFileAce ace : aces) {
if (sid.equals(ace.getSid()) && permissions.equals(ace.getPermissions())) {
return;
}
}
fail();
}
Also used :
RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Aggregations
RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)37
RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)30
RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)25
ITenant (org.pentaho.platform.api.mt.ITenant)15
Test (org.junit.Test)12
RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)10
Builder (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl.Builder)7
Matchers.anyString (org.mockito.Matchers.anyString)5
ArrayList (java.util.ArrayList)4
UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)4
Serializable (java.io.Serializable)3
Node (javax.jcr.Node)3
RepositoryException (javax.jcr.RepositoryException)3
IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)3
RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)3
StandaloneSession (org.pentaho.platform.engine.core.system.StandaloneSession)3
SpringSecurityRolePrincipal (org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)3
Authentication (org.springframework.security.core.Authentication)3
TransactionStatus (org.springframework.transaction.TransactionStatus)3
TransactionCallbackWithoutResult (org.springframework.transaction.support.TransactionCallbackWithoutResult)3
