Search in sources :

Example 1 with UserInfo

use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.

the class JDONodeQueryAuthorizationTest method createUser.

/**
 * Helper for creating a new user.
 * @param name
 * @param isAdmin
 * @return
 * @throws DatastoreException
 * @throws InvalidModelException
 * @throws NotFoundException
 */
private UserInfo createUser(String name, boolean isAdmin) throws DatastoreException, InvalidModelException, NotFoundException {
    User user = new User();
    user.setUserId(name);
    // Create a group for this user
    String userGroupName = name + "group";
    // new UserGroup();
    UserGroup group = userGroupDAO.findGroup(userGroupName, true);
    String id = null;
    if (group == null) {
        group = new UserGroup();
        group.setName(userGroupName);
        group.setIsIndividual(true);
        id = userGroupDAO.create(group);
    } else {
        id = group.getId();
    }
    groupsToDelete.add(id);
    group = userGroupDAO.get(id);
    UserInfo info = new UserInfo(isAdmin);
    info.setUser(user);
    info.setIndividualGroup(group);
    info.setGroups(new ArrayList<UserGroup>());
    info.getGroups().add(group);
    return info;
}
Also used : User(org.sagebionetworks.repo.model.User) UserInfo(org.sagebionetworks.repo.model.UserInfo) UserGroup(org.sagebionetworks.repo.model.UserGroup)

Example 2 with UserInfo

use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.

the class JDONodeQueryAuthorizationTest method afterPropertiesSet.

/**
 * The setup for this test is expensive so we only do it once after all of the
 * beans are ready.
 */
@Override
public void afterPropertiesSet() throws Exception {
    Long creatorUserGroupId = Long.parseLong(userGroupDAO.findGroup(AuthorizationConstants.BOOTSTRAP_USER_GROUP_NAME, false).getId());
    if (instance != null) {
        return;
    }
    instance = this;
    // Keeps track of the users to delete
    nodesToDelete = new ArrayList<String>();
    groupsToDelete = new ArrayList<String>();
    // Create some users
    adminUser = createUser("admin@JDONodeQueryAuthorizationTest.org", true);
    // Create two groups
    groupA = createGroup("groupA@JDONodeQueryAuthorizationTest.org");
    groupB = createGroup("groupB@JDONodeQueryAuthorizationTest.org");
    // Create users in each group
    usersInGroupA = new HashMap<String, UserInfo>();
    for (int i = 0; i < 10; i++) {
        // Create all of the users
        String userId = "userInA" + i + "@JDONodeQueryAuthorizationTest.org";
        UserInfo info = createUser(userId, false);
        info.getGroups().add(groupA);
        usersInGroupA.put(userId, info);
    }
    // Create group b users
    usersInGroupB = new HashMap<String, UserInfo>();
    for (int i = 0; i < 7; i++) {
        // Create all of the users
        String userId = "userInB" + i + "@JDONodeQueryAuthorizationTest.org";
        UserInfo info = createUser(userId, false);
        info.getGroups().add(groupB);
        usersInGroupB.put(userId, info);
    }
    // Create users in both groups
    usersInBothGroups = new HashMap<String, UserInfo>();
    for (int i = 0; i < 7; i++) {
        // Create all of the users
        String userId = "userInBothA&B" + i + "@JDONodeQueryAuthorizationTest.org";
        UserInfo info = createUser(userId, false);
        info.getGroups().add(groupB);
        info.getGroups().add(groupA);
        usersInBothGroups.put(userId, info);
    }
    // Now create the two projects
    // Project A
    projectA = NodeTestUtils.createNew("projectA", creatorUserGroupId);
    projectA.setNodeType(EntityType.project.name());
    String id = nodeDao.createNew(projectA);
    nodesToDelete.add(id);
    projectA = nodeDao.getNode(id);
    // Create the ACL for this node.
    AccessControlList acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
    // Make sure group A can read from this node
    ResourceAccess access = new ResourceAccess();
    access.setPrincipalId(Long.parseLong(groupA.getId()));
    access.setAccessType(new HashSet<ACCESS_TYPE>());
    access.getAccessType().add(ACCESS_TYPE.READ);
    acl.getResourceAccess().add(access);
    accessControlListDAO.create(acl);
    // Project B
    projectB = NodeTestUtils.createNew("projectB", creatorUserGroupId);
    projectB.setNodeType(EntityType.project.name());
    id = nodeDao.createNew(projectB);
    nodesToDelete.add(id);
    projectB = nodeDao.getNode(id);
    // Create the ACL for this node.
    acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
    // Make sure group B can read from this node
    access = new ResourceAccess();
    access.setPrincipalId(Long.parseLong(groupB.getId()));
    access.setAccessType(new HashSet<ACCESS_TYPE>());
    access.getAccessType().add(ACCESS_TYPE.READ);
    acl.getResourceAccess().add(access);
    accessControlListDAO.create(acl);
    // Now add some nodes to each project.
    nodesInProjectA = new HashMap<String, Node>();
    for (int i = 0; i < 25; i++) {
        Node node = NodeTestUtils.createNew("nodeInProjectA" + i, creatorUserGroupId);
        node.setNodeType(EntityType.dataset.name());
        node.setParentId(projectA.getId());
        id = nodeDao.createNew(node);
        // nodesToDelete.add(id);
        node = nodeDao.getNode(id);
        nodesInProjectA.put(node.getId(), node);
    }
    // Now add some nodes to each project.
    nodesInProjectB = new HashMap<String, Node>();
    for (int i = 0; i < 25; i++) {
        Node node = NodeTestUtils.createNew("nodeInProjectB" + i, creatorUserGroupId);
        node.setNodeType(EntityType.dataset.name());
        node.setParentId(projectB.getId());
        id = nodeDao.createNew(node);
        // nodesToDelete.add(id);
        node = nodeDao.getNode(id);
        nodesInProjectB.put(node.getId(), node);
        // Add an attribute to nodes in group B
        NamedAnnotations annos = nodeDao.getAnnotations(id);
        assertNotNull(annos);
        // fieldTypeDao.addNewType(attributeName, FieldType.LONG_ATTRIBUTE);
        annos.getAdditionalAnnotations().addAnnotation(attributeName, new Long(i));
        nodeDao.updateAnnotations(id, annos);
    }
}
Also used : AccessControlList(org.sagebionetworks.repo.model.AccessControlList) ResourceAccess(org.sagebionetworks.repo.model.ResourceAccess) Node(org.sagebionetworks.repo.model.Node) UserInfo(org.sagebionetworks.repo.model.UserInfo) ACCESS_TYPE(org.sagebionetworks.repo.model.ACCESS_TYPE) NamedAnnotations(org.sagebionetworks.repo.model.NamedAnnotations)

Example 3 with UserInfo

use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.

the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserNullGroups.

@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserNullGroups() throws Exception {
    UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
    when(nonAdminUserInfo.isAdmin()).thenReturn(false);
    when(nonAdminUserInfo.getGroups()).thenReturn(null);
    HashMap<String, Object> params = new HashMap<String, Object>();
    // should throw an exception
    String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}
Also used : HashMap(java.util.HashMap) UserInfo(org.sagebionetworks.repo.model.UserInfo) Test(org.junit.Test)

Example 4 with UserInfo

use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.

the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminWithGroups.

@Test
public void testAuthorizationSqlNonAdminWithGroups() throws Exception {
    HashMap<String, Object> params = new HashMap<String, Object>();
    UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
    when(nonAdminUserInfo.isAdmin()).thenReturn(false);
    ArrayList<UserGroup> groups = new ArrayList<UserGroup>();
    UserGroup group = Mockito.mock(UserGroup.class);
    when(group.getId()).thenReturn("123");
    groups.add(group);
    group = Mockito.mock(UserGroup.class);
    when(group.getId()).thenReturn("124");
    groups.add(group);
    when(nonAdminUserInfo.getGroups()).thenReturn(groups);
    // This should build a query with two groups
    String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
    assertNotNull(sql);
    // It should not be an empty string.
    assertFalse("".equals(sql.trim()));
    log.info(sql);
    log.info(params);
    // Check the bind variables.
    assertEquals(ACCESS_TYPE.READ.name(), params.get(AuthorizationSqlUtil.ACCESS_TYPE_BIND_VAR));
    Long groupBindValue0 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "0");
    assertNotNull(groupBindValue0);
    Long groupBindValue1 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "1");
    assertNotNull(groupBindValue1);
    assertTrue(123L == groupBindValue0.longValue() || 123L == groupBindValue1.longValue());
    assertTrue(124L == groupBindValue0.longValue() || 124L == groupBindValue1.longValue());
    System.out.print(sql);
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) UserInfo(org.sagebionetworks.repo.model.UserInfo) UserGroup(org.sagebionetworks.repo.model.UserGroup) Test(org.junit.Test)

Example 5 with UserInfo

use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.

the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserEmptyGroups.

@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserEmptyGroups() throws Exception {
    UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
    when(nonAdminUserInfo.isAdmin()).thenReturn(false);
    when(nonAdminUserInfo.getGroups()).thenReturn(new ArrayList<UserGroup>());
    HashMap<String, Object> params = new HashMap<String, Object>();
    // Should throw an exception.
    String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}
Also used : HashMap(java.util.HashMap) UserInfo(org.sagebionetworks.repo.model.UserInfo) UserGroup(org.sagebionetworks.repo.model.UserGroup) Test(org.junit.Test)

Aggregations

UserInfo (org.sagebionetworks.repo.model.UserInfo)128 Test (org.junit.Test)72 UserGroup (org.sagebionetworks.repo.model.UserGroup)28 AccessControlList (org.sagebionetworks.repo.model.AccessControlList)26 Node (org.sagebionetworks.repo.model.Node)18 Transactional (org.springframework.transaction.annotation.Transactional)16 HashSet (java.util.HashSet)15 EntityType (org.sagebionetworks.repo.model.EntityType)13 Annotations (org.sagebionetworks.repo.model.Annotations)11 NamedAnnotations (org.sagebionetworks.repo.model.NamedAnnotations)10 PaginatedResults (org.sagebionetworks.repo.model.PaginatedResults)9 HashMap (java.util.HashMap)8 BasicQuery (org.sagebionetworks.repo.model.query.BasicQuery)8 ArrayList (java.util.ArrayList)7 NodeQueryResults (org.sagebionetworks.repo.model.NodeQueryResults)7 User (org.sagebionetworks.repo.model.User)7 UserProfile (org.sagebionetworks.repo.model.UserProfile)7 Before (org.junit.Before)6 ACCESS_TYPE (org.sagebionetworks.repo.model.ACCESS_TYPE)6 ResourceAccess (org.sagebionetworks.repo.model.ResourceAccess)6