use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryAuthorizationTest method createUser.
/**
* Helper for creating a new user.
* @param name
* @param isAdmin
* @return
* @throws DatastoreException
* @throws InvalidModelException
* @throws NotFoundException
*/
private UserInfo createUser(String name, boolean isAdmin) throws DatastoreException, InvalidModelException, NotFoundException {
User user = new User();
user.setUserId(name);
// Create a group for this user
String userGroupName = name + "group";
// new UserGroup();
UserGroup group = userGroupDAO.findGroup(userGroupName, true);
String id = null;
if (group == null) {
group = new UserGroup();
group.setName(userGroupName);
group.setIsIndividual(true);
id = userGroupDAO.create(group);
} else {
id = group.getId();
}
groupsToDelete.add(id);
group = userGroupDAO.get(id);
UserInfo info = new UserInfo(isAdmin);
info.setUser(user);
info.setIndividualGroup(group);
info.setGroups(new ArrayList<UserGroup>());
info.getGroups().add(group);
return info;
}
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryAuthorizationTest method afterPropertiesSet.
/**
* The setup for this test is expensive so we only do it once after all of the
* beans are ready.
*/
@Override
public void afterPropertiesSet() throws Exception {
Long creatorUserGroupId = Long.parseLong(userGroupDAO.findGroup(AuthorizationConstants.BOOTSTRAP_USER_GROUP_NAME, false).getId());
if (instance != null) {
return;
}
instance = this;
// Keeps track of the users to delete
nodesToDelete = new ArrayList<String>();
groupsToDelete = new ArrayList<String>();
// Create some users
adminUser = createUser("admin@JDONodeQueryAuthorizationTest.org", true);
// Create two groups
groupA = createGroup("groupA@JDONodeQueryAuthorizationTest.org");
groupB = createGroup("groupB@JDONodeQueryAuthorizationTest.org");
// Create users in each group
usersInGroupA = new HashMap<String, UserInfo>();
for (int i = 0; i < 10; i++) {
// Create all of the users
String userId = "userInA" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupA);
usersInGroupA.put(userId, info);
}
// Create group b users
usersInGroupB = new HashMap<String, UserInfo>();
for (int i = 0; i < 7; i++) {
// Create all of the users
String userId = "userInB" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupB);
usersInGroupB.put(userId, info);
}
// Create users in both groups
usersInBothGroups = new HashMap<String, UserInfo>();
for (int i = 0; i < 7; i++) {
// Create all of the users
String userId = "userInBothA&B" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupB);
info.getGroups().add(groupA);
usersInBothGroups.put(userId, info);
}
// Now create the two projects
// Project A
projectA = NodeTestUtils.createNew("projectA", creatorUserGroupId);
projectA.setNodeType(EntityType.project.name());
String id = nodeDao.createNew(projectA);
nodesToDelete.add(id);
projectA = nodeDao.getNode(id);
// Create the ACL for this node.
AccessControlList acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
// Make sure group A can read from this node
ResourceAccess access = new ResourceAccess();
access.setPrincipalId(Long.parseLong(groupA.getId()));
access.setAccessType(new HashSet<ACCESS_TYPE>());
access.getAccessType().add(ACCESS_TYPE.READ);
acl.getResourceAccess().add(access);
accessControlListDAO.create(acl);
// Project B
projectB = NodeTestUtils.createNew("projectB", creatorUserGroupId);
projectB.setNodeType(EntityType.project.name());
id = nodeDao.createNew(projectB);
nodesToDelete.add(id);
projectB = nodeDao.getNode(id);
// Create the ACL for this node.
acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
// Make sure group B can read from this node
access = new ResourceAccess();
access.setPrincipalId(Long.parseLong(groupB.getId()));
access.setAccessType(new HashSet<ACCESS_TYPE>());
access.getAccessType().add(ACCESS_TYPE.READ);
acl.getResourceAccess().add(access);
accessControlListDAO.create(acl);
// Now add some nodes to each project.
nodesInProjectA = new HashMap<String, Node>();
for (int i = 0; i < 25; i++) {
Node node = NodeTestUtils.createNew("nodeInProjectA" + i, creatorUserGroupId);
node.setNodeType(EntityType.dataset.name());
node.setParentId(projectA.getId());
id = nodeDao.createNew(node);
// nodesToDelete.add(id);
node = nodeDao.getNode(id);
nodesInProjectA.put(node.getId(), node);
}
// Now add some nodes to each project.
nodesInProjectB = new HashMap<String, Node>();
for (int i = 0; i < 25; i++) {
Node node = NodeTestUtils.createNew("nodeInProjectB" + i, creatorUserGroupId);
node.setNodeType(EntityType.dataset.name());
node.setParentId(projectB.getId());
id = nodeDao.createNew(node);
// nodesToDelete.add(id);
node = nodeDao.getNode(id);
nodesInProjectB.put(node.getId(), node);
// Add an attribute to nodes in group B
NamedAnnotations annos = nodeDao.getAnnotations(id);
assertNotNull(annos);
// fieldTypeDao.addNewType(attributeName, FieldType.LONG_ATTRIBUTE);
annos.getAdditionalAnnotations().addAnnotation(attributeName, new Long(i));
nodeDao.updateAnnotations(id, annos);
}
}
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserNullGroups.
@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserNullGroups() throws Exception {
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
when(nonAdminUserInfo.getGroups()).thenReturn(null);
HashMap<String, Object> params = new HashMap<String, Object>();
// should throw an exception
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminWithGroups.
@Test
public void testAuthorizationSqlNonAdminWithGroups() throws Exception {
HashMap<String, Object> params = new HashMap<String, Object>();
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
ArrayList<UserGroup> groups = new ArrayList<UserGroup>();
UserGroup group = Mockito.mock(UserGroup.class);
when(group.getId()).thenReturn("123");
groups.add(group);
group = Mockito.mock(UserGroup.class);
when(group.getId()).thenReturn("124");
groups.add(group);
when(nonAdminUserInfo.getGroups()).thenReturn(groups);
// This should build a query with two groups
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
assertNotNull(sql);
// It should not be an empty string.
assertFalse("".equals(sql.trim()));
log.info(sql);
log.info(params);
// Check the bind variables.
assertEquals(ACCESS_TYPE.READ.name(), params.get(AuthorizationSqlUtil.ACCESS_TYPE_BIND_VAR));
Long groupBindValue0 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "0");
assertNotNull(groupBindValue0);
Long groupBindValue1 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "1");
assertNotNull(groupBindValue1);
assertTrue(123L == groupBindValue0.longValue() || 123L == groupBindValue1.longValue());
assertTrue(124L == groupBindValue0.longValue() || 124L == groupBindValue1.longValue());
System.out.print(sql);
}
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserEmptyGroups.
@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserEmptyGroups() throws Exception {
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
when(nonAdminUserInfo.getGroups()).thenReturn(new ArrayList<UserGroup>());
HashMap<String, Object> params = new HashMap<String, Object>();
// Should throw an exception.
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}
Aggregations