use of org.structr.core.entity.Principal in project structr by structr.
the class PermissionResolutionTest method test01SimplePermissionResolution.
@Test
public void test01SimplePermissionResolution() {
SchemaRelationshipNode rel = null;
PropertyKey key = null;
Principal user1 = null;
Class type1 = null;
Class type2 = null;
try (final Tx tx = app.tx()) {
// create a test user
user1 = app.create(Principal.class, "user1");
// create schema setup with permission propagation
final SchemaNode t1 = app.create(SchemaNode.class, "Type1");
final SchemaNode t2 = app.create(SchemaNode.class, "Type2");
rel = app.create(SchemaRelationshipNode.class, new NodeAttribute<>(SchemaRelationshipNode.sourceNode, t1), new NodeAttribute<>(SchemaRelationshipNode.targetNode, t2), new NodeAttribute<>(SchemaRelationshipNode.relationshipType, "RELATED"), new NodeAttribute<>(SchemaRelationshipNode.sourceMultiplicity, "1"), new NodeAttribute<>(SchemaRelationshipNode.targetMultiplicity, "1"), new NodeAttribute<>(SchemaRelationshipNode.sourceJsonName, "source"), new NodeAttribute<>(SchemaRelationshipNode.targetJsonName, "target"));
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
Assert.assertNotNull("User should have been created", user1);
// expect object of type 2 to be visible as well
try (final Tx tx = app.tx()) {
type1 = StructrApp.getConfiguration().getNodeEntityClass("Type1");
type2 = StructrApp.getConfiguration().getNodeEntityClass("Type2");
key = StructrApp.key(type1, "target");
Assert.assertNotNull("Node type Type1 should exist.", type1);
Assert.assertNotNull("Node type Type2 should exist.", type2);
Assert.assertNotNull("Property key \"target\" should exist.", key);
final NodeInterface instance1 = app.create(type1, "instance1OfType1");
final NodeInterface instance2 = app.create(type2, "instance1OfType2");
Assert.assertNotNull("Instance of type Type1 should exist", instance1);
Assert.assertNotNull("Instance of type Type2 should exist", instance2);
instance1.setProperty(key, instance2);
// make instance1 visible to user1
instance1.grant(Permission.read, user1);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// check access for user1 on instance1
final App userApp = StructrApp.getInstance(SecurityContext.getInstance(user1, AccessMode.Backend));
try (final Tx tx = userApp.tx()) {
Assert.assertNotNull("User1 should be able to find instance of type Type1", userApp.nodeQuery(type1).getFirst());
Assert.assertNull("User1 should NOT be able to find instance of type Type2", userApp.nodeQuery(type2).getFirst());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// because the resolution direction is wrong.
try (final Tx tx = app.tx()) {
rel.setProperty(SchemaRelationshipNode.permissionPropagation, Direction.In);
rel.setProperty(SchemaRelationshipNode.readPropagation, Propagation.Add);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// check access for user1 on instance1
try (final Tx tx = userApp.tx()) {
Assert.assertNotNull("User1 should be able to find instance of type Type1", userApp.nodeQuery(type1).getFirst());
Assert.assertNull("User1 should NOT be able to find instance of type Type2", userApp.nodeQuery(type2).getFirst());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// because the resolution direction is correct
try (final Tx tx = app.tx()) {
rel.setProperty(SchemaRelationshipNode.permissionPropagation, Direction.Out);
rel.setProperty(SchemaRelationshipNode.readPropagation, Propagation.Add);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// check access for user1 on instance1
try (final Tx tx = userApp.tx()) {
Assert.assertNotNull("User1 should be able to find instance of type Type1", userApp.nodeQuery(type1).getFirst());
Assert.assertNotNull("User1 should be able to find instance of type Type2", userApp.nodeQuery(type2).getFirst());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// because both resolution directions are enabled
try (final Tx tx = app.tx()) {
rel.setProperty(SchemaRelationshipNode.permissionPropagation, Direction.Both);
rel.setProperty(SchemaRelationshipNode.readPropagation, Propagation.Add);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// check access for user1 on instance1
try (final Tx tx = userApp.tx()) {
Assert.assertNotNull("User1 should be able to find instance of type Type1", userApp.nodeQuery(type1).getFirst());
Assert.assertNotNull("User1 should be able to find instance of type Type2", userApp.nodeQuery(type2).getFirst());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// object invisible again.
try (final Tx tx = app.tx()) {
rel.setProperty(SchemaRelationshipNode.permissionPropagation, Direction.None);
rel.setProperty(SchemaRelationshipNode.readPropagation, Propagation.Add);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
// check access for user1 on instance1
try (final Tx tx = userApp.tx()) {
Assert.assertNotNull("User1 should be able to find instance of type Type1", userApp.nodeQuery(type1).getFirst());
Assert.assertNull("User1 should NOT be able to find instance of type Type2", userApp.nodeQuery(type2).getFirst());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class SearchAndSortingTest method test06PagingVisibility.
@Test
public void test06PagingVisibility() {
Principal tester1 = null;
Principal tester2 = null;
try (final Tx tx = app.tx()) {
// create non-admin user
tester1 = app.create(Principal.class, "tester1");
tester2 = app.create(Principal.class, "tester2");
tx.success();
} catch (FrameworkException fex) {
logger.warn("", fex);
fail("Unexpected exception");
}
try {
final SecurityContext tester1Context = SecurityContext.getInstance(tester1, AccessMode.Backend);
final SecurityContext tester2Context = SecurityContext.getInstance(tester2, AccessMode.Backend);
final App tester1App = StructrApp.getInstance(tester1Context);
final App tester2App = StructrApp.getInstance(tester2Context);
final Class type = TestOne.class;
final int number = 1000;
final List<NodeInterface> allNodes = this.createTestNodes(type, number);
final List<NodeInterface> tester1Nodes = new LinkedList<>();
final List<NodeInterface> tester2Nodes = new LinkedList<>();
final int offset = 0;
try (final Tx tx = app.tx()) {
int i = offset;
for (NodeInterface node : allNodes) {
// System.out.println("Node ID: " + node.getNodeId());
String _name = "TestOne-" + StringUtils.leftPad(Integer.toString(i), 5, "0");
final double rand = Math.random();
if (rand < 0.3) {
node.setProperty(NodeInterface.owner, tester1);
tester1Nodes.add(node);
} else if (rand < 0.6) {
node.setProperty(NodeInterface.owner, tester2);
tester2Nodes.add(node);
}
i++;
node.setProperty(AbstractNode.name, _name);
}
tx.success();
}
final int tester1NodeCount = tester1Nodes.size();
final int tester2NodeCount = tester2Nodes.size();
try (final Tx tx = app.tx()) {
final PropertyKey sortKey = AbstractNode.name;
final boolean sortDesc = false;
final int pageSize = 10;
final int page = 22;
final Result result = tester1App.nodeQuery(type).sort(sortKey).order(sortDesc).pageSize(pageSize).page(page).getResult();
assertEquals("Invalid paging result count with non-superuser security context", tester1NodeCount, (int) result.getRawResultCount());
tx.success();
}
try (final Tx tx = app.tx()) {
final PropertyKey sortKey = AbstractNode.name;
final boolean sortDesc = false;
final int pageSize = 10;
final int page = 22;
final Result result = tester2App.nodeQuery(type).sort(sortKey).order(sortDesc).pageSize(pageSize).page(page).getResult();
assertEquals("Invalid paging result count with non-superuser security context", tester2NodeCount, (int) result.getRawResultCount());
tx.success();
}
} catch (FrameworkException ex) {
logger.error(ex.toString());
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class SystemTest method testPasswordAndHashSecurity.
@Test
public void testPasswordAndHashSecurity() {
final Class userType = StructrApp.getConfiguration().getNodeEntityClass("Principal");
final PropertyKey<String> passwordKey = StructrApp.key(userType, "password");
final PropertyKey<String> saltKey = StructrApp.key(userType, "salt");
// actual test: test performance of node association on supernode
try (final Tx tx = app.tx()) {
app.create(Principal.class, new NodeAttribute<>(Principal.name, "tester"), new NodeAttribute<>(passwordKey, "password"));
tx.success();
} catch (FrameworkException fex) {
fail("Unexpected exception");
}
// actual test: test performance of node association on supernode
try (final Tx tx = app.tx()) {
final Principal user = app.nodeQuery(Principal.class).getFirst();
assertEquals("Password hash IS NOT SECURE!", Principal.HIDDEN, user.getProperty(passwordKey));
assertEquals("Password salt IS NOT SECURE!", Principal.HIDDEN, user.getProperty(saltKey));
tx.success();
} catch (FrameworkException fex) {
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test01PublicAccessToNonPublicNode.
@Test
public void test01PublicAccessToNonPublicNode() {
final Class principalType = StructrApp.getConfiguration().getNodeEntityClass("Principal");
// remove auto-generated resource access objects
clearResourceAccess();
try {
Principal user = (Principal) createTestNode(principalType);
// Create node with user context
Class type = TestOne.class;
createTestNode(TestOne.class, user);
SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
// Node should not be visible in public context (no user logged in)
assertTrue(result.isEmpty());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test03PublicAccessToProtectedNode.
@Test
public void test03PublicAccessToProtectedNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 1);
Principal user = (Principal) users.get(0);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user);
props = new PropertyMap();
props.put(AbstractNode.visibleToAuthenticatedUsers, true);
TestOne t2 = createTestNode(TestOne.class, props, user);
SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
assertEquals(1, result.size());
assertEquals(t1.getUuid(), result.get(0).getUuid());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
Aggregations