use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test00CreatePrincipal.
@Test
public void test00CreatePrincipal() {
final Class type = StructrApp.getConfiguration().getNodeEntityClass("Principal");
final PropertyKey<String> eMail = StructrApp.key(type, "eMail");
Principal user1 = null;
try (final Tx tx = app.tx()) {
List<Principal> users = createTestNodes(type, 1);
user1 = (Principal) users.get(0);
user1.setProperty(AbstractNode.name, "user1");
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
}
try (final Tx tx = app.tx()) {
List<Principal> users = createTestNodes(type, 1);
final Principal invalidUser = (Principal) users.get(0);
invalidUser.setProperty(Principal.name, "tester");
invalidUser.setProperty(eMail, "invalid");
tx.success();
fail("Invalid e-mail address should have thrown an exception.");
} catch (FrameworkException ex) {
final ErrorToken token = ex.getErrorBuffer().getErrorTokens().get(0);
assertEquals("Invalid error code", 422, ex.getStatus());
assertEquals("Invalid error code", "Principal", token.getType());
assertEquals("Invalid error code", "eMail", token.getProperty());
assertEquals("Invalid error code", "must_contain_at_character", token.getToken());
assertEquals("Invalid error code", "invalid", token.getDetail());
}
// Switch user context to user1
final App user1App = StructrApp.getInstance(SecurityContext.getInstance(user1, AccessMode.Frontend));
try (final Tx tx = user1App.tx()) {
final Principal user2 = user1App.create(Principal.class);
assertNotNull(user2);
} catch (FrameworkException ex) {
logger.error(ex.toString());
fail("Unexpected exception: " + ex.toString());
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test01SetOwner.
@Test
public void test01SetOwner() {
try {
Principal user1 = null;
Principal user2 = null;
TestOne t1 = null;
Class type = TestOne.class;
try (final Tx tx = app.tx()) {
List<Principal> users = createTestNodes(Principal.class, 2);
user1 = (Principal) users.get(0);
user1.setProperty(AbstractNode.name, "user1");
user2 = (Principal) users.get(1);
user2.setProperty(AbstractNode.name, "user2");
t1 = createTestNode(TestOne.class);
t1.setProperty(AbstractNode.owner, user1);
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
}
try (final Tx tx = app.tx()) {
assertEquals(user1, t1.getProperty(AbstractNode.owner));
// Switch user context to user1
final App user1App = StructrApp.getInstance(SecurityContext.getInstance(user1, AccessMode.Backend));
// Check if user1 can see t1
assertEquals(t1, user1App.nodeQuery(type).getFirst());
}
try (final Tx tx = app.tx()) {
// As superuser, make another user the owner
t1.setProperty(AbstractNode.owner, user2);
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
}
try (final Tx tx = app.tx()) {
// Switch user context to user2
final App user2App = StructrApp.getInstance(SecurityContext.getInstance(user2, AccessMode.Backend));
// Check if user2 can see t1
assertEquals(t1, user2App.nodeQuery(type).getFirst());
// Check if user2 is owner of t1
assertEquals(user2, t1.getProperty(AbstractNode.owner));
}
} catch (FrameworkException ex) {
logger.error(ex.toString());
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test04BackendUserAccessToProtectedNode.
@Test
public void test04BackendUserAccessToProtectedNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 2);
Principal user1 = (Principal) users.get(0);
Principal user2 = (Principal) users.get(1);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user1);
props = new PropertyMap();
props.put(AbstractNode.visibleToAuthenticatedUsers, true);
TestOne t2 = createTestNode(TestOne.class, props, user1);
// Let another user search
SecurityContext user2Context = SecurityContext.getInstance(user2, AccessMode.Backend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(user2Context).nodeQuery(type).getResult();
assertEquals(2, result.size());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test02PublicAccessToPublicNode.
@Test
public void test02PublicAccessToPublicNode() {
// remove auto-generated resource access objects
clearResourceAccess();
try {
List<Principal> users = createTestNodes(Principal.class, 1);
Principal user = (Principal) users.get(0);
PropertyMap props = new PropertyMap();
props.put(AbstractNode.visibleToPublicUsers, true);
// Create two nodes with user context, one of them is visible to public users
Class type = TestOne.class;
TestOne t1 = createTestNode(TestOne.class, props, user);
TestOne t2 = createTestNode(TestOne.class, user);
SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
try (final Tx tx = app.tx()) {
Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
assertEquals(1, result.size());
assertEquals(t1.getUuid(), result.get(0).getUuid());
}
} catch (FrameworkException ex) {
logger.warn("", ex);
fail("Unexpected exception");
}
}
use of org.structr.core.entity.Principal in project structr by structr.
the class AccessControlTest method test10LowercaseEMail.
@Test
public void test10LowercaseEMail() {
final Class type = StructrApp.getConfiguration().getNodeEntityClass("Principal");
final PropertyKey<String> eMail = StructrApp.key(type, "eMail");
Principal user1 = null;
try (final Tx tx = app.tx()) {
user1 = (Principal) createTestNode(type);
user1.setProperty(AbstractNode.name, "user1");
user1.setProperty(eMail, "LOWERCASE@TEST.com");
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
}
try (final Tx tx = app.tx()) {
assertEquals("EMail address was not converted to lowercase", "lowercase@test.com", user1.getProperty(eMail));
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
}
}
Aggregations