Example 1 with UserInfo
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryAuthorizationTest method createUser.
/**
* Helper for creating a new user.
* @param name
* @param isAdmin
* @return
* @throws DatastoreException
* @throws InvalidModelException
* @throws NotFoundException
*/
private UserInfo createUser(String name, boolean isAdmin) throws DatastoreException, InvalidModelException, NotFoundException {
User user = new User();
user.setUserId(name);
// Create a group for this user
String userGroupName = name + "group";
// new UserGroup();
UserGroup group = userGroupDAO.findGroup(userGroupName, true);
String id = null;
if (group == null) {
group = new UserGroup();
group.setName(userGroupName);
group.setIsIndividual(true);
id = userGroupDAO.create(group);
} else {
id = group.getId();
}
groupsToDelete.add(id);
group = userGroupDAO.get(id);
UserInfo info = new UserInfo(isAdmin);
info.setUser(user);
info.setIndividualGroup(group);
info.setGroups(new ArrayList<UserGroup>());
info.getGroups().add(group);
return info;
}Example 2 with UserInfo
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryAuthorizationTest method afterPropertiesSet.
/**
* The setup for this test is expensive so we only do it once after all of the
* beans are ready.
*/
@Override
public void afterPropertiesSet() throws Exception {
Long creatorUserGroupId = Long.parseLong(userGroupDAO.findGroup(AuthorizationConstants.BOOTSTRAP_USER_GROUP_NAME, false).getId());
if (instance != null) {
return;
}
instance = this;
// Keeps track of the users to delete
nodesToDelete = new ArrayList<String>();
groupsToDelete = new ArrayList<String>();
// Create some users
adminUser = createUser("admin@JDONodeQueryAuthorizationTest.org", true);
// Create two groups
groupA = createGroup("groupA@JDONodeQueryAuthorizationTest.org");
groupB = createGroup("groupB@JDONodeQueryAuthorizationTest.org");
// Create users in each group
usersInGroupA = new HashMap<String, UserInfo>();
for (int i = 0; i < 10; i++) {
// Create all of the users
String userId = "userInA" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupA);
usersInGroupA.put(userId, info);
}
// Create group b users
usersInGroupB = new HashMap<String, UserInfo>();
for (int i = 0; i < 7; i++) {
// Create all of the users
String userId = "userInB" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupB);
usersInGroupB.put(userId, info);
}
// Create users in both groups
usersInBothGroups = new HashMap<String, UserInfo>();
for (int i = 0; i < 7; i++) {
// Create all of the users
String userId = "userInBothA&B" + i + "@JDONodeQueryAuthorizationTest.org";
UserInfo info = createUser(userId, false);
info.getGroups().add(groupB);
info.getGroups().add(groupA);
usersInBothGroups.put(userId, info);
}
// Now create the two projects
// Project A
projectA = NodeTestUtils.createNew("projectA", creatorUserGroupId);
projectA.setNodeType(EntityType.project.name());
String id = nodeDao.createNew(projectA);
nodesToDelete.add(id);
projectA = nodeDao.getNode(id);
// Create the ACL for this node.
AccessControlList acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
// Make sure group A can read from this node
ResourceAccess access = new ResourceAccess();
access.setPrincipalId(Long.parseLong(groupA.getId()));
access.setAccessType(new HashSet<ACCESS_TYPE>());
access.getAccessType().add(ACCESS_TYPE.READ);
acl.getResourceAccess().add(access);
accessControlListDAO.create(acl);
// Project B
projectB = NodeTestUtils.createNew("projectB", creatorUserGroupId);
projectB.setNodeType(EntityType.project.name());
id = nodeDao.createNew(projectB);
nodesToDelete.add(id);
projectB = nodeDao.getNode(id);
// Create the ACL for this node.
acl = AccessControlListUtil.createACLToGrantAll(id, adminUser);
// Make sure group B can read from this node
access = new ResourceAccess();
access.setPrincipalId(Long.parseLong(groupB.getId()));
access.setAccessType(new HashSet<ACCESS_TYPE>());
access.getAccessType().add(ACCESS_TYPE.READ);
acl.getResourceAccess().add(access);
accessControlListDAO.create(acl);
// Now add some nodes to each project.
nodesInProjectA = new HashMap<String, Node>();
for (int i = 0; i < 25; i++) {
Node node = NodeTestUtils.createNew("nodeInProjectA" + i, creatorUserGroupId);
node.setNodeType(EntityType.dataset.name());
node.setParentId(projectA.getId());
id = nodeDao.createNew(node);
// nodesToDelete.add(id);
node = nodeDao.getNode(id);
nodesInProjectA.put(node.getId(), node);
}
// Now add some nodes to each project.
nodesInProjectB = new HashMap<String, Node>();
for (int i = 0; i < 25; i++) {
Node node = NodeTestUtils.createNew("nodeInProjectB" + i, creatorUserGroupId);
node.setNodeType(EntityType.dataset.name());
node.setParentId(projectB.getId());
id = nodeDao.createNew(node);
// nodesToDelete.add(id);
node = nodeDao.getNode(id);
nodesInProjectB.put(node.getId(), node);
// Add an attribute to nodes in group B
NamedAnnotations annos = nodeDao.getAnnotations(id);
assertNotNull(annos);
// fieldTypeDao.addNewType(attributeName, FieldType.LONG_ATTRIBUTE);
annos.getAdditionalAnnotations().addAnnotation(attributeName, new Long(i));
nodeDao.updateAnnotations(id, annos);
}
}
Also used :
AccessControlList(org.sagebionetworks.repo.model.AccessControlList)
ResourceAccess(org.sagebionetworks.repo.model.ResourceAccess)
Node(org.sagebionetworks.repo.model.Node)
UserInfo(org.sagebionetworks.repo.model.UserInfo)
ACCESS_TYPE(org.sagebionetworks.repo.model.ACCESS_TYPE)
NamedAnnotations(org.sagebionetworks.repo.model.NamedAnnotations)
Example 3 with UserInfo
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserNullGroups.
@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserNullGroups() throws Exception {
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
when(nonAdminUserInfo.getGroups()).thenReturn(null);
HashMap<String, Object> params = new HashMap<String, Object>();
// should throw an exception
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}Example 4 with UserInfo
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminWithGroups.
@Test
public void testAuthorizationSqlNonAdminWithGroups() throws Exception {
HashMap<String, Object> params = new HashMap<String, Object>();
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
ArrayList<UserGroup> groups = new ArrayList<UserGroup>();
UserGroup group = Mockito.mock(UserGroup.class);
when(group.getId()).thenReturn("123");
groups.add(group);
group = Mockito.mock(UserGroup.class);
when(group.getId()).thenReturn("124");
groups.add(group);
when(nonAdminUserInfo.getGroups()).thenReturn(groups);
// This should build a query with two groups
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
assertNotNull(sql);
// It should not be an empty string.
assertFalse("".equals(sql.trim()));
log.info(sql);
log.info(params);
// Check the bind variables.
assertEquals(ACCESS_TYPE.READ.name(), params.get(AuthorizationSqlUtil.ACCESS_TYPE_BIND_VAR));
Long groupBindValue0 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "0");
assertNotNull(groupBindValue0);
Long groupBindValue1 = (Long) params.get(AuthorizationSqlUtil.BIND_VAR_PREFIX + "1");
assertNotNull(groupBindValue1);
assertTrue(123L == groupBindValue0.longValue() || 123L == groupBindValue1.longValue());
assertTrue(124L == groupBindValue0.longValue() || 124L == groupBindValue1.longValue());
System.out.print(sql);
}Example 5 with UserInfo
use of org.sagebionetworks.repo.model.UserInfo in project Synapse-Repository-Services by Sage-Bionetworks.
the class JDONodeQueryUnitTest method testAuthorizationSqlNonAdminuserEmptyGroups.
@Test(expected = IllegalArgumentException.class)
public void testAuthorizationSqlNonAdminuserEmptyGroups() throws Exception {
UserInfo nonAdminUserInfo = Mockito.mock(UserInfo.class);
when(nonAdminUserInfo.isAdmin()).thenReturn(false);
when(nonAdminUserInfo.getGroups()).thenReturn(new ArrayList<UserGroup>());
HashMap<String, Object> params = new HashMap<String, Object>();
// Should throw an exception.
String sql = QueryUtils.buildAuthorizationFilter(nonAdminUserInfo, params);
}Aggregations
UserInfo (org.sagebionetworks.repo.model.UserInfo)128
Test (org.junit.Test)72
UserGroup (org.sagebionetworks.repo.model.UserGroup)28
AccessControlList (org.sagebionetworks.repo.model.AccessControlList)26
Node (org.sagebionetworks.repo.model.Node)18
Transactional (org.springframework.transaction.annotation.Transactional)16
HashSet (java.util.HashSet)15
EntityType (org.sagebionetworks.repo.model.EntityType)13
Annotations (org.sagebionetworks.repo.model.Annotations)11
NamedAnnotations (org.sagebionetworks.repo.model.NamedAnnotations)10
PaginatedResults (org.sagebionetworks.repo.model.PaginatedResults)9
HashMap (java.util.HashMap)8
BasicQuery (org.sagebionetworks.repo.model.query.BasicQuery)8
ArrayList (java.util.ArrayList)7
NodeQueryResults (org.sagebionetworks.repo.model.NodeQueryResults)7
User (org.sagebionetworks.repo.model.User)7
UserProfile (org.sagebionetworks.repo.model.UserProfile)7
Before (org.junit.Before)6
ACCESS_TYPE (org.sagebionetworks.repo.model.ACCESS_TYPE)6
ResourceAccess (org.sagebionetworks.repo.model.ResourceAccess)6
