use of org.structr.core.Result in project structr by structr.
the class AccessControlTest method test03PublicAccessToProtectedNode.
@Test
public void test03PublicAccessToProtectedNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 1);
Principal user = (Principal) users.get(0);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user);
props = new PropertyMap();
props.put(AbstractNode.visibleToAuthenticatedUsers, true);
TestOne t2 = createTestNode(TestOne.class, props, user);
SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
assertEquals(1, result.size());
assertEquals(t1.getUuid(), result.get(0).getUuid());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.Result in project structr by structr.
the class AccessControlTest method test04BackendUserAccessToProtectedNode.
@Test
public void test04BackendUserAccessToProtectedNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 2);
Principal user1 = (Principal) users.get(0);
Principal user2 = (Principal) users.get(1);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user1);
props = new PropertyMap();
props.put(AbstractNode.visibleToAuthenticatedUsers, true);
TestOne t2 = createTestNode(TestOne.class, props, user1);
// Let another user search
SecurityContext user2Context = SecurityContext.getInstance(user2, AccessMode.Backend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(user2Context).nodeQuery(type).getResult();
assertEquals(2, result.size());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.Result in project structr by structr.
the class AccessControlTest method test02PublicAccessToPublicNode.
@Test
public void test02PublicAccessToPublicNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 1);
Principal user = (Principal) users.get(0);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user);
TestOne t2 = createTestNode(TestOne.class, user);
SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
assertEquals(1, result.size());
assertEquals(t1.getUuid(), result.get(0).getUuid());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.Result in project structr by structr.
the class AccessControlTest method test06GrantReadPermission.
@Test
public void test06GrantReadPermission() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 2);
Principal user1 = (Principal) users.get(0);
Principal user2 = (Principal) users.get(1);
Result result = null;
// Let user 1 create a node
Class type = TestOne.class;
final TestOne t1 = createTestNode(TestOne.class, user1);
try (final Tx tx = app.tx()) {
// Grant read permission to user 2
t1.grant(Permission.read, user2);
tx.success();
}
// Let user 2 search
SecurityContext user2Context = SecurityContext.getInstance(user2, AccessMode.Backend);
try (final Tx tx = app.tx()) {
result = StructrApp.getInstance(user2Context).nodeQuery(type).getResult();
assertEquals(1, result.size());
assertEquals(t1.getUuid(), result.get(0).getUuid());
}
try (final Tx tx = app.tx()) {
// Revoke permission again
t1.revoke(Permission.read, user2);
tx.success();
}
try (final Tx tx = app.tx()) {
result = StructrApp.getInstance(user2Context).nodeQuery(type).getResult();
assertTrue(result.isEmpty());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.Result in project structr by structr.
the class RestMethodResult method commitResponse.
public void commitResponse(final Gson gson, final HttpServletResponse response) {
// set headers
for (Entry<String, String> header : headers.entrySet()) {
response.setHeader(header.getKey(), header.getValue());
}
// set response code
response.setStatus(responseCode);
try {
Writer writer = response.getWriter();
if (content != null) {
// serialize result set
gson.toJson(new Result(this.content, this.content.size(), this.content.size() > 1 || serializeSingleObjectAsCollection, serializeAsPrimitiveArray), writer);
}
if (content == null) {
if (message != null) {
writer.append(jsonMessage(responseCode, message));
} else {
// serialize result set
gson.toJson(new Result(nonGraphObjectResult), writer);
}
}
// add newline
writer.append("\n");
// writer.flush();
// writer.close();
} catch (JsonIOException | IOException t) {
logger.warn("Unable to commit HttpServletResponse", t);
}
}
Aggregations