Example 1 with RepositoryFileAclAceDto
use of org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto in project pentaho-platform by pentaho.
the class FileServiceTest method doSetMetadata.
@Test
public void doSetMetadata() {
String pathId = "path:to:file:file1.ext";
List<StringKeyStringValueDto> stringKeyStringValueDtos = new ArrayList<StringKeyStringValueDto>();
StringKeyStringValueDto stringKeyStringValueDto1 = mock(StringKeyStringValueDto.class);
doReturn("key1").when(stringKeyStringValueDto1).getKey();
doReturn("value1").when(stringKeyStringValueDto1).getValue();
StringKeyStringValueDto stringKeyStringValueDto2 = mock(StringKeyStringValueDto.class);
doReturn("key2").when(stringKeyStringValueDto2).getKey();
doReturn("value2").when(stringKeyStringValueDto2).getValue();
stringKeyStringValueDtos.add(stringKeyStringValueDto1);
stringKeyStringValueDtos.add(stringKeyStringValueDto2);
doReturn("/path/to/file/file1.ext").when(fileService).idToPath(pathId);
doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
RepositoryFileDto file = mock(RepositoryFileDto.class);
doReturn(false).when(file).isFolder();
doReturn(true).when(file).isHidden();
doReturn(file).when(fileService.defaultUnifiedRepositoryWebService).getFile(anyString());
List<RepositoryFileAclAceDto> repositoryFileAclAceDtos = new ArrayList<RepositoryFileAclAceDto>();
RepositoryFileAclDto repositoryFileAclDto = mock(RepositoryFileAclDto.class);
doReturn("sessionName").when(repositoryFileAclDto).getOwner();
doReturn(true).when(repositoryFileAclDto).isEntriesInheriting();
doReturn(repositoryFileAclAceDtos).when(repositoryFileAclDto).getAces();
doReturn(repositoryFileAclDto).when(fileService.defaultUnifiedRepositoryWebService).getAcl(anyString());
IPentahoSession pentahoSession = mock(IPentahoSession.class);
doReturn(pentahoSession).when(fileService).getSession();
doReturn("sessionName").when(pentahoSession).getName();
RepositoryFileAclAceDto repositoryFileAclAceDto = mock(RepositoryFileAclAceDto.class);
List<Integer> permissions = new ArrayList<Integer>();
permissions.add(RepositoryFilePermission.ACL_MANAGEMENT.ordinal());
doReturn(permissions).when(repositoryFileAclAceDto).getPermissions();
doReturn("sessionName").when(repositoryFileAclAceDto).getRecipient();
repositoryFileAclAceDtos.add(repositoryFileAclAceDto);
doReturn(repositoryFileAclAceDtos).when(fileService.defaultUnifiedRepositoryWebService).getEffectiveAces(anyString());
Map<String, Serializable> metadata = new HashMap<String, Serializable>();
doReturn(metadata).when(fileService.repository).getFileMetadata(anyString());
RepositoryFile sourceFile = mock(RepositoryFile.class);
doReturn(sourceFile).when(fileService.repository).getFileById(anyString());
RepositoryFileDto destFileDto = mock(RepositoryFileDto.class);
doReturn(destFileDto).when(fileService).toFileDto(sourceFile, null, false);
RepositoryFile destFile = mock(RepositoryFile.class);
doReturn(destFile).when(fileService).toFile(destFileDto);
RepositoryFileAcl acl = mock(RepositoryFileAcl.class);
doReturn(acl).when(fileService.repository).getAcl(acl);
// Test 1 - canManage should be true at start
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 2 - canManage should be false at start
doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 3 - canManage should be false at start
doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 4 - canManage should be false at start
doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 5 - canManage should be false at start
doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 6 - canManage should be false at start
doReturn(true).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(false).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 7 - canManage should be false at start
doReturn(false).when(fileService.policy).isAllowed(RepositoryReadAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(RepositoryCreateAction.NAME);
doReturn(true).when(fileService.policy).isAllowed(AdministerSecurityAction.NAME);
doReturn("sessionName1").when(repositoryFileAclDto).getOwner();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 8 - canManage should be false at start
doReturn(true).when(file).isFolder();
doReturn(true).when(file).isHidden();
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
// Test 9
StringKeyStringValueDto stringKeyStringValueDto3 = mock(StringKeyStringValueDto.class);
doReturn("_PERM_HIDDEN").when(stringKeyStringValueDto3).getKey();
doReturn("true").when(stringKeyStringValueDto3).getValue();
stringKeyStringValueDtos.add(stringKeyStringValueDto3);
try {
fileService.doSetMetadata(pathId, stringKeyStringValueDtos);
} catch (GeneralSecurityException e) {
fail();
}
verify(fileService.defaultUnifiedRepositoryWebService, times(9)).getFile(anyString());
verify(fileService.defaultUnifiedRepositoryWebService, times(9)).getAcl(anyString());
verify(repositoryFileAclDto, times(9)).getOwner();
verify(fileService.policy, times(11)).isAllowed(anyString());
verify(fileService.repository, times(9)).getFileMetadata(anyString());
verify(fileService.repository, times(7)).setFileMetadata(anyString(), any(Map.class));
verify(file, times(8)).setHidden(anyBoolean());
verify(fileService.repository, times(8)).getFileById(anyString());
verify(fileService, times(8)).toFileDto(any(RepositoryFile.class), anySet(), anyBoolean());
verify(fileService, times(8)).toFile(any(RepositoryFileDto.class));
verify(destFileDto, times(8)).setHidden(anyBoolean());
verify(fileService.repository, times(8)).getAcl(anyString());
verify(fileService.repository, times(7)).updateFile(any(RepositoryFile.class), any(IRepositoryFileData.class), anyString());
verify(fileService.repository, times(7)).updateAcl(any(RepositoryFileAcl.class));
verify(fileService.repository).updateFolder(any(RepositoryFile.class), anyString());
}
Also used :
StringKeyStringValueDto(org.pentaho.platform.repository2.unified.webservices.StringKeyStringValueDto)
RepositoryFileDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto)
IRepositoryFileData(org.pentaho.platform.api.repository2.unified.IRepositoryFileData)
Serializable(java.io.Serializable)
HashMap(java.util.HashMap)
RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)
IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)
RepositoryFileAclDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclDto)
GeneralSecurityException(java.security.GeneralSecurityException)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Map(java.util.Map)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 2 with RepositoryFileAclAceDto
use of org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto in project pentaho-platform by pentaho.
the class FileService method setFileAcls.
/**
* Save the acls of the selected file to the repository
*
* This method is used to update and save the acls of the selected file to the repository
*
* @param pathId @param pathId colon separated path for the repository file
* <pre function="syntax.xml">
* :path:to:file:id
* </pre>
* @param acl Acl of the repository file <code> RepositoryFileAclDto </code>
* @throws FileNotFoundException
*/
public void setFileAcls(String pathId, RepositoryFileAclDto acl) throws FileNotFoundException {
RepositoryFileDto file = getRepoWs().getFile(idToPath(pathId));
if (file == null) {
// file does not exist or is not readable but we can't tell at this point
throw new FileNotFoundException();
}
acl.setId(file.getId());
// here we remove fake admin role added for display purpose only
List<RepositoryFileAclAceDto> aces = acl.getAces();
if (aces != null) {
Iterator<RepositoryFileAclAceDto> it = aces.iterator();
while (it.hasNext()) {
RepositoryFileAclAceDto ace = it.next();
if (!ace.isModifiable()) {
it.remove();
}
}
}
getRepoWs().updateAcl(acl);
}
Also used :
RepositoryFileDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto)
RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)
FileNotFoundException(java.io.FileNotFoundException)
Example 3 with RepositoryFileAclAceDto
use of org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto in project pentaho-platform by pentaho.
the class FileService method doGetFileAcl.
/**
* Retrieves the acls of the selected repository file
*
* @param pathId (colon separated path for the repository file)
* @return <code> RepositoryFileAclDto </code>
*/
public RepositoryFileAclDto doGetFileAcl(String pathId) {
RepositoryFileDto file = getRepoWs().getFile(FileUtils.idToPath(pathId));
RepositoryFileAclDto fileAcl = getRepoWs().getAcl(file.getId());
if (fileAcl.isEntriesInheriting()) {
List<RepositoryFileAclAceDto> aces = getRepoWs().getEffectiveAcesWithForceFlag(file.getId(), fileAcl.isEntriesInheriting());
fileAcl.setAces(aces, fileAcl.isEntriesInheriting());
}
addAdminRole(fileAcl);
return fileAcl;
}
Also used :
RepositoryFileDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto)
RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)
RepositoryFileAclDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclDto)
Example 4 with RepositoryFileAclAceDto
use of org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto in project pentaho-platform by pentaho.
the class FileService method doSetMetadata.
/**
* Set the metadata on a file
*
* @param pathId
* @param metadata
* @throws GeneralSecurityException
*/
public void doSetMetadata(String pathId, List<StringKeyStringValueDto> metadata) throws GeneralSecurityException {
RepositoryFileDto file = getRepoWs().getFile(idToPath(pathId));
RepositoryFileAclDto fileAcl = getRepoWs().getAcl(file.getId());
boolean canManage = getSession().getName().equals(fileAcl.getOwner()) || (getPolicy().isAllowed(RepositoryReadAction.NAME) && getPolicy().isAllowed(RepositoryCreateAction.NAME) && getPolicy().isAllowed(AdministerSecurityAction.NAME));
if (!canManage) {
if (fileAcl.isEntriesInheriting()) {
List<RepositoryFileAclAceDto> aces = getRepoWs().getEffectiveAces(file.getId());
fileAcl.setAces(aces, fileAcl.isEntriesInheriting());
}
for (int i = 0; i < fileAcl.getAces().size(); i++) {
RepositoryFileAclAceDto acl = fileAcl.getAces().get(i);
if (acl.getRecipient().equals(getSession().getName())) {
if (acl.getPermissions().contains(RepositoryFilePermission.ACL_MANAGEMENT.ordinal()) || acl.getPermissions().contains(RepositoryFilePermission.ALL.ordinal())) {
canManage = true;
break;
}
}
}
}
if (canManage) {
Map<String, Serializable> fileMetadata = getRepository().getFileMetadata(file.getId());
boolean isHidden = RepositoryFile.HIDDEN_BY_DEFAULT;
boolean isSchedulable = RepositoryFile.SCHEDULABLE_BY_DEFAULT;
fileMetadata.remove(RepositoryFile.HIDDEN_KEY);
for (StringKeyStringValueDto nv : metadata) {
// don't add hidden to the list because it is not actually part of the metadata node
String key = nv.getKey();
if (RepositoryFile.HIDDEN_KEY.equalsIgnoreCase(key)) {
isHidden = BooleanUtils.toBoolean(nv.getValue());
continue;
}
if (RepositoryFile.SCHEDULABLE_KEY.equalsIgnoreCase(key)) {
isSchedulable = BooleanUtils.toBoolean(nv.getValue());
}
fileMetadata.put(key, nv.getValue());
}
// now update the rest of the metadata
if (!file.isFolder()) {
getRepository().setFileMetadata(file.getId(), fileMetadata);
}
// handle hidden flag if it is different
if (file.isHidden() != isHidden) {
file.setHidden(isHidden);
file.setNotSchedulable(!isSchedulable);
/*
* Since we cannot simply set the new value, use the RepositoryFileAdapter to create a new instance and then
* update the original.
*/
RepositoryFile sourceFile = getRepository().getFileById(file.getId());
RepositoryFileDto destFileDto = toFileDto(sourceFile, null, false);
destFileDto.setHidden(isHidden);
destFileDto.setNotSchedulable(!isSchedulable);
RepositoryFile destFile = toFile(destFileDto);
// add the existing acls and file data
RepositoryFileAcl acl = getRepository().getAcl(sourceFile.getId());
if (!file.isFolder()) {
IRepositoryFileData data = RepositoryFileHelper.getFileData(sourceFile);
getRepository().updateFile(destFile, data, null);
getRepository().updateAcl(acl);
} else {
getRepository().updateFolder(destFile, null);
}
}
} else {
throw new GeneralSecurityException();
}
}
Also used :
RepositoryFileDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto)
StringKeyStringValueDto(org.pentaho.platform.repository2.unified.webservices.StringKeyStringValueDto)
IRepositoryFileData(org.pentaho.platform.api.repository2.unified.IRepositoryFileData)
Serializable(java.io.Serializable)
RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)
RepositoryFileAclDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclDto)
GeneralSecurityException(java.security.GeneralSecurityException)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Example 5 with RepositoryFileAclAceDto
use of org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto in project pentaho-platform by pentaho.
the class FileService method addAdminRole.
protected void addAdminRole(RepositoryFileAclDto fileAcl) {
String adminRoleName = PentahoSystem.get(String.class, "singleTenantAdminAuthorityName", PentahoSessionHolder.getSession());
if (fileAcl.getAces() == null) {
fileAcl.setAces(new LinkedList<RepositoryFileAclAceDto>());
}
for (RepositoryFileAclAceDto facl : fileAcl.getAces()) {
if (facl.getRecipient().equals(adminRoleName) && facl.getRecipientType() == 1) {
return;
}
}
RepositoryFileAclAceDto adminGroup = new RepositoryFileAclAceDto();
adminGroup.setRecipient(adminRoleName);
adminGroup.setRecipientType(1);
adminGroup.setModifiable(false);
List<Integer> perms = new LinkedList<Integer>();
perms.add(4);
adminGroup.setPermissions(perms);
fileAcl.getAces().add(adminGroup);
}
Also used :
RepositoryFileAclAceDto(org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)
LinkedList(java.util.LinkedList)
Aggregations
RepositoryFileAclAceDto (org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclAceDto)7
RepositoryFileAclDto (org.pentaho.platform.repository2.unified.webservices.RepositoryFileAclDto)5
RepositoryFileDto (org.pentaho.platform.repository2.unified.webservices.RepositoryFileDto)4
Serializable (java.io.Serializable)2
GeneralSecurityException (java.security.GeneralSecurityException)2
ArrayList (java.util.ArrayList)2
Test (org.junit.Test)2
IRepositoryFileData (org.pentaho.platform.api.repository2.unified.IRepositoryFileData)2
RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)2
RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)2
StringKeyStringValueDto (org.pentaho.platform.repository2.unified.webservices.StringKeyStringValueDto)2
ClientResponse (com.sun.jersey.api.client.ClientResponse)1
WebResource (com.sun.jersey.api.client.WebResource)1
JerseyTest (com.sun.jersey.test.framework.JerseyTest)1
FileNotFoundException (java.io.FileNotFoundException)1
HashMap (java.util.HashMap)1
LinkedList (java.util.LinkedList)1
Map (java.util.Map)1
Matchers.anyString (org.mockito.Matchers.anyString)1
IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)1
