Search in sources :

Example 76 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AccessControlTest method test00CreatePrincipal.

@Test
public void test00CreatePrincipal() {
    final Class type = StructrApp.getConfiguration().getNodeEntityClass("Principal");
    final PropertyKey<String> eMail = StructrApp.key(type, "eMail");
    Principal user1 = null;
    try (final Tx tx = app.tx()) {
        List<Principal> users = createTestNodes(type, 1);
        user1 = (Principal) users.get(0);
        user1.setProperty(AbstractNode.name, "user1");
        tx.success();
    } catch (FrameworkException ex) {
        logger.error(ex.toString());
    }
    try (final Tx tx = app.tx()) {
        List<Principal> users = createTestNodes(type, 1);
        final Principal invalidUser = (Principal) users.get(0);
        invalidUser.setProperty(Principal.name, "tester");
        invalidUser.setProperty(eMail, "invalid");
        tx.success();
        fail("Invalid e-mail address should have thrown an exception.");
    } catch (FrameworkException ex) {
        final ErrorToken token = ex.getErrorBuffer().getErrorTokens().get(0);
        assertEquals("Invalid error code", 422, ex.getStatus());
        assertEquals("Invalid error code", "Principal", token.getType());
        assertEquals("Invalid error code", "eMail", token.getProperty());
        assertEquals("Invalid error code", "must_contain_at_character", token.getToken());
        assertEquals("Invalid error code", "invalid", token.getDetail());
    }
    // Switch user context to user1
    final App user1App = StructrApp.getInstance(SecurityContext.getInstance(user1, AccessMode.Frontend));
    try (final Tx tx = user1App.tx()) {
        final Principal user2 = user1App.create(Principal.class);
        assertNotNull(user2);
    } catch (FrameworkException ex) {
        logger.error(ex.toString());
        fail("Unexpected exception: " + ex.toString());
    }
}
Also used : StructrApp(org.structr.core.app.StructrApp) App(org.structr.core.app.App) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) ErrorToken(org.structr.common.error.ErrorToken) Principal(org.structr.core.entity.Principal) Test(org.junit.Test)

Example 77 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AccessControlTest method test01SetOwner.

@Test
public void test01SetOwner() {
    try {
        Principal user1 = null;
        Principal user2 = null;
        TestOne t1 = null;
        Class type = TestOne.class;
        try (final Tx tx = app.tx()) {
            List<Principal> users = createTestNodes(Principal.class, 2);
            user1 = (Principal) users.get(0);
            user1.setProperty(AbstractNode.name, "user1");
            user2 = (Principal) users.get(1);
            user2.setProperty(AbstractNode.name, "user2");
            t1 = createTestNode(TestOne.class);
            t1.setProperty(AbstractNode.owner, user1);
            tx.success();
        } catch (FrameworkException ex) {
            logger.error(ex.toString());
        }
        try (final Tx tx = app.tx()) {
            assertEquals(user1, t1.getProperty(AbstractNode.owner));
            // Switch user context to user1
            final App user1App = StructrApp.getInstance(SecurityContext.getInstance(user1, AccessMode.Backend));
            // Check if user1 can see t1
            assertEquals(t1, user1App.nodeQuery(type).getFirst());
        }
        try (final Tx tx = app.tx()) {
            // As superuser, make another user the owner
            t1.setProperty(AbstractNode.owner, user2);
            tx.success();
        } catch (FrameworkException ex) {
            logger.error(ex.toString());
        }
        try (final Tx tx = app.tx()) {
            // Switch user context to user2
            final App user2App = StructrApp.getInstance(SecurityContext.getInstance(user2, AccessMode.Backend));
            // Check if user2 can see t1
            assertEquals(t1, user2App.nodeQuery(type).getFirst());
            // Check if user2 is owner of t1
            assertEquals(user2, t1.getProperty(AbstractNode.owner));
        }
    } catch (FrameworkException ex) {
        logger.error(ex.toString());
        fail("Unexpected exception");
    }
}
Also used : StructrApp(org.structr.core.app.StructrApp) App(org.structr.core.app.App) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) TestOne(org.structr.core.entity.TestOne) Principal(org.structr.core.entity.Principal) Test(org.junit.Test)

Example 78 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AccessControlTest method test04BackendUserAccessToProtectedNode.

@Test
public void test04BackendUserAccessToProtectedNode() {
    // remove auto-generated resource access objects
    clearResourceAccess();
    try {
        List<Principal> users = createTestNodes(Principal.class, 2);
        Principal user1 = (Principal) users.get(0);
        Principal user2 = (Principal) users.get(1);
        PropertyMap props = new PropertyMap();
        props.put(AbstractNode.visibleToPublicUsers, true);
        // Create two nodes with user context, one of them is visible to public users
        Class type = TestOne.class;
        TestOne t1 = createTestNode(TestOne.class, props, user1);
        props = new PropertyMap();
        props.put(AbstractNode.visibleToAuthenticatedUsers, true);
        TestOne t2 = createTestNode(TestOne.class, props, user1);
        // Let another user search
        SecurityContext user2Context = SecurityContext.getInstance(user2, AccessMode.Backend);
        try (final Tx tx = app.tx()) {
            Result result = StructrApp.getInstance(user2Context).nodeQuery(type).getResult();
            assertEquals(2, result.size());
        }
    } catch (FrameworkException ex) {
        logger.warn("", ex);
        fail("Unexpected exception");
    }
}
Also used : PropertyMap(org.structr.core.property.PropertyMap) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) TestOne(org.structr.core.entity.TestOne) Principal(org.structr.core.entity.Principal) Result(org.structr.core.Result) Test(org.junit.Test)

Example 79 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AccessControlTest method test02PublicAccessToPublicNode.

@Test
public void test02PublicAccessToPublicNode() {
    // remove auto-generated resource access objects
    clearResourceAccess();
    try {
        List<Principal> users = createTestNodes(Principal.class, 1);
        Principal user = (Principal) users.get(0);
        PropertyMap props = new PropertyMap();
        props.put(AbstractNode.visibleToPublicUsers, true);
        // Create two nodes with user context, one of them is visible to public users
        Class type = TestOne.class;
        TestOne t1 = createTestNode(TestOne.class, props, user);
        TestOne t2 = createTestNode(TestOne.class, user);
        SecurityContext publicContext = SecurityContext.getInstance(null, AccessMode.Frontend);
        try (final Tx tx = app.tx()) {
            Result result = StructrApp.getInstance(publicContext).nodeQuery(type).getResult();
            assertEquals(1, result.size());
            assertEquals(t1.getUuid(), result.get(0).getUuid());
        }
    } catch (FrameworkException ex) {
        logger.warn("", ex);
        fail("Unexpected exception");
    }
}
Also used : PropertyMap(org.structr.core.property.PropertyMap) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) TestOne(org.structr.core.entity.TestOne) Principal(org.structr.core.entity.Principal) Result(org.structr.core.Result) Test(org.junit.Test)

Example 80 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AccessControlTest method test10LowercaseEMail.

@Test
public void test10LowercaseEMail() {
    final Class type = StructrApp.getConfiguration().getNodeEntityClass("Principal");
    final PropertyKey<String> eMail = StructrApp.key(type, "eMail");
    Principal user1 = null;
    try (final Tx tx = app.tx()) {
        user1 = (Principal) createTestNode(type);
        user1.setProperty(AbstractNode.name, "user1");
        user1.setProperty(eMail, "LOWERCASE@TEST.com");
        tx.success();
    } catch (FrameworkException ex) {
        logger.error(ex.toString());
    }
    try (final Tx tx = app.tx()) {
        assertEquals("EMail address was not converted to lowercase", "lowercase@test.com", user1.getProperty(eMail));
        tx.success();
    } catch (FrameworkException ex) {
        logger.error(ex.toString());
    }
}
Also used : Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) Principal(org.structr.core.entity.Principal) Test(org.junit.Test)

Aggregations

Principal (org.structr.core.entity.Principal)112 FrameworkException (org.structr.common.error.FrameworkException)68 Tx (org.structr.core.graph.Tx)65 Test (org.junit.Test)41 App (org.structr.core.app.App)31 StructrApp (org.structr.core.app.StructrApp)31 TestOne (org.structr.core.entity.TestOne)16 Group (org.structr.core.entity.Group)14 NodeAttribute (org.structr.core.graph.NodeAttribute)13 PropertyMap (org.structr.core.property.PropertyMap)13 SecurityContext (org.structr.common.SecurityContext)10 LinkedList (java.util.LinkedList)9 Result (org.structr.core.Result)8 User (org.structr.web.entity.User)8 AbstractNode (org.structr.core.entity.AbstractNode)7 SuperUser (org.structr.core.entity.SuperUser)7 StructrUiTest (org.structr.web.StructrUiTest)7 Page (org.structr.web.entity.dom.Page)7 IOException (java.io.IOException)6 List (java.util.List)6