Search in sources :

Example 1 with URLRule

use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.

the class AuthorizationServiceImpl method isURLRuleAllowed.

private PolicyDecision isURLRuleAllowed(String username, String url, URLOperationType operationType) {
    AuthorizationRequestContext context = new AuthorizationRequestContext(username);
    Collection<URLRule> rules = ruleRepository.findURLRules(username);
    PolicyDecision decision = null;
    for (URLRule rule : rules) {
        if (FilenameUtils.wildcardMatch(url, rule.getResourceName())) {
            boolean allowed = rule.getPolicy().applies(context) && rule.isAllowed(operationType);
            long newTimestamp = rule.getPolicy().getExpirationTimestamp(context);
            decision = determineDecisionBasedOn(decision, allowed, newTimestamp);
        }
    }
    if (decision == null) {
        decision = NEVER_ALLOWED;
    }
    logAuthorizationDecision(username, URL_RESOURCE_LABEL + url + LOG_DELIM + operationType.name() + LOG_DELIM + decision.toString());
    return decision;
}
Also used : PolicyDecision(org.simbasecurity.api.service.thrift.PolicyDecision) AuthorizationRequestContext(org.simbasecurity.core.service.AuthorizationRequestContext) URLRule(org.simbasecurity.core.domain.URLRule)

Example 2 with URLRule

use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.

the class RuleDatabaseRepository method findURLRules.

@SuppressWarnings("unchecked")
public Collection<URLRule> findURLRules(String username) {
    Query query1 = entityManager.createQuery(QUERY_URL_RULES_FOR_USER).setParameter(USERNAME, username);
    Collection<URLRule> result = query1.getResultList();
    Query query = entityManager.createQuery(QUERY_URL_RULES_FOR_GROUPUSER).setParameter(USERNAME, username);
    result.addAll(query.getResultList());
    return result;
}
Also used : Query(javax.persistence.Query) URLRule(org.simbasecurity.core.domain.URLRule)

Example 3 with URLRule

use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.

the class RuleDTOAssemblerTest method testAssembleSingleRule_UrlRule.

@Test
public void testAssembleSingleRule_UrlRule() {
    URLRule urlRule = createUrlRule();
    URLRuleDTO ruleData = (URLRuleDTO) RuleDTOAssembler.assemble(urlRule);
    assertNotNull(ruleData);
    assertEquals(urlRule.getName(), ruleData.getName());
    assertEquals(urlRule.getResourceName(), ruleData.getResourceName());
    assertEquals(true, ruleData.isGetAllowed());
    assertEquals(true, ruleData.isPostAllowed());
    assertEquals(0, ruleData.getId());
    assertEquals(0, ruleData.getVersion());
}
Also used : URLRuleDTO(org.simbasecurity.core.service.manager.dto.URLRuleDTO) URLRule(org.simbasecurity.core.domain.URLRule) Test(org.junit.Test)

Example 4 with URLRule

use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.

the class RuleDTOAssemblerTest method testAssembleMultipleRules.

@Test
public void testAssembleMultipleRules() {
    Rule resourceRule = createResourceRule();
    Rule urlRule = createUrlRule();
    Collection<RuleDTO> ruleDataList = RuleDTOAssembler.assemble(Arrays.asList(resourceRule, urlRule));
    assertNotNull(ruleDataList);
    assertEquals(2, ruleDataList.size());
}
Also used : URLRuleDTO(org.simbasecurity.core.service.manager.dto.URLRuleDTO) RuleDTO(org.simbasecurity.core.service.manager.dto.RuleDTO) ResourceRuleDTO(org.simbasecurity.core.service.manager.dto.ResourceRuleDTO) ResourceRule(org.simbasecurity.core.domain.ResourceRule) URLRule(org.simbasecurity.core.domain.URLRule) Rule(org.simbasecurity.core.domain.Rule) Test(org.junit.Test)

Aggregations

URLRule (org.simbasecurity.core.domain.URLRule)4 Test (org.junit.Test)2 URLRuleDTO (org.simbasecurity.core.service.manager.dto.URLRuleDTO)2 Query (javax.persistence.Query)1 PolicyDecision (org.simbasecurity.api.service.thrift.PolicyDecision)1 ResourceRule (org.simbasecurity.core.domain.ResourceRule)1 Rule (org.simbasecurity.core.domain.Rule)1 AuthorizationRequestContext (org.simbasecurity.core.service.AuthorizationRequestContext)1 ResourceRuleDTO (org.simbasecurity.core.service.manager.dto.ResourceRuleDTO)1 RuleDTO (org.simbasecurity.core.service.manager.dto.RuleDTO)1