Example 1 with URLRule
use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.
the class AuthorizationServiceImpl method isURLRuleAllowed.
private PolicyDecision isURLRuleAllowed(String username, String url, URLOperationType operationType) {
AuthorizationRequestContext context = new AuthorizationRequestContext(username);
Collection<URLRule> rules = ruleRepository.findURLRules(username);
PolicyDecision decision = null;
for (URLRule rule : rules) {
if (FilenameUtils.wildcardMatch(url, rule.getResourceName())) {
boolean allowed = rule.getPolicy().applies(context) && rule.isAllowed(operationType);
long newTimestamp = rule.getPolicy().getExpirationTimestamp(context);
decision = determineDecisionBasedOn(decision, allowed, newTimestamp);
}
}
if (decision == null) {
decision = NEVER_ALLOWED;
}
logAuthorizationDecision(username, URL_RESOURCE_LABEL + url + LOG_DELIM + operationType.name() + LOG_DELIM + decision.toString());
return decision;
}
Also used :
PolicyDecision(org.simbasecurity.api.service.thrift.PolicyDecision)
AuthorizationRequestContext(org.simbasecurity.core.service.AuthorizationRequestContext)
URLRule(org.simbasecurity.core.domain.URLRule)
Example 2 with URLRule
use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.
the class RuleDatabaseRepository method findURLRules.
@SuppressWarnings("unchecked")
public Collection<URLRule> findURLRules(String username) {
Query query1 = entityManager.createQuery(QUERY_URL_RULES_FOR_USER).setParameter(USERNAME, username);
Collection<URLRule> result = query1.getResultList();
Query query = entityManager.createQuery(QUERY_URL_RULES_FOR_GROUPUSER).setParameter(USERNAME, username);
result.addAll(query.getResultList());
return result;
}Example 3 with URLRule
use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.
the class RuleDTOAssemblerTest method testAssembleSingleRule_UrlRule.
@Test
public void testAssembleSingleRule_UrlRule() {
URLRule urlRule = createUrlRule();
URLRuleDTO ruleData = (URLRuleDTO) RuleDTOAssembler.assemble(urlRule);
assertNotNull(ruleData);
assertEquals(urlRule.getName(), ruleData.getName());
assertEquals(urlRule.getResourceName(), ruleData.getResourceName());
assertEquals(true, ruleData.isGetAllowed());
assertEquals(true, ruleData.isPostAllowed());
assertEquals(0, ruleData.getId());
assertEquals(0, ruleData.getVersion());
}
Also used :
URLRuleDTO(org.simbasecurity.core.service.manager.dto.URLRuleDTO)
URLRule(org.simbasecurity.core.domain.URLRule)
Test(org.junit.Test)
Example 4 with URLRule
use of org.simbasecurity.core.domain.URLRule in project simba-os by cegeka.
the class RuleDTOAssemblerTest method testAssembleMultipleRules.
@Test
public void testAssembleMultipleRules() {
Rule resourceRule = createResourceRule();
Rule urlRule = createUrlRule();
Collection<RuleDTO> ruleDataList = RuleDTOAssembler.assemble(Arrays.asList(resourceRule, urlRule));
assertNotNull(ruleDataList);
assertEquals(2, ruleDataList.size());
}
Also used :
URLRuleDTO(org.simbasecurity.core.service.manager.dto.URLRuleDTO)
RuleDTO(org.simbasecurity.core.service.manager.dto.RuleDTO)
ResourceRuleDTO(org.simbasecurity.core.service.manager.dto.ResourceRuleDTO)
ResourceRule(org.simbasecurity.core.domain.ResourceRule)
URLRule(org.simbasecurity.core.domain.URLRule)
Rule(org.simbasecurity.core.domain.Rule)
Test(org.junit.Test)
Aggregations
URLRule (org.simbasecurity.core.domain.URLRule)4
Test (org.junit.Test)2
URLRuleDTO (org.simbasecurity.core.service.manager.dto.URLRuleDTO)2
Query (javax.persistence.Query)1
PolicyDecision (org.simbasecurity.api.service.thrift.PolicyDecision)1
ResourceRule (org.simbasecurity.core.domain.ResourceRule)1
Rule (org.simbasecurity.core.domain.Rule)1
AuthorizationRequestContext (org.simbasecurity.core.service.AuthorizationRequestContext)1
ResourceRuleDTO (org.simbasecurity.core.service.manager.dto.ResourceRuleDTO)1
RuleDTO (org.simbasecurity.core.service.manager.dto.RuleDTO)1
