Search in sources :

Example 91 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class DeploymentTest method hash.

private void hash(final NodeInterface node, final StringBuilder buf) {
    // AbstractNode
    buf.append(valueOrEmpty(node, AbstractNode.type));
    buf.append(valueOrEmpty(node, AbstractNode.name));
    buf.append(valueOrEmpty(node, AbstractNode.visibleToPublicUsers));
    buf.append(valueOrEmpty(node, AbstractNode.visibleToAuthenticatedUsers));
    // include owner in content hash generation!
    final Principal owner = node.getOwnerNode();
    if (owner != null) {
        buf.append(valueOrEmpty(owner, AbstractNode.name));
    }
    // include grants in content hash generation!
    for (final Security r : node.getSecurityRelationships()) {
        if (r != null) {
            buf.append(r.getSourceNode().getName());
            buf.append(r.getPermissions());
        }
    }
    // DOMNode
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "showConditions")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "hideConditions")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "showForLocales")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "hideForLocales")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "hideOnIndex")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "hideOnDetail")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "renderDetails")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMNode.class, "sharedComponentConfiguration")));
    if (node instanceof DOMNode) {
        final Page ownerDocument = ((DOMNode) node).getOwnerDocument();
        if (ownerDocument != null) {
            buf.append(valueOrEmpty(ownerDocument, AbstractNode.name));
        }
    }
    // DOMElement
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "dataKey")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "restQuery")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "cypherQuery")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "xpathQuery")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "functionQuery")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-reload")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-confirm")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-action")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-attributes")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-attr")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-name")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-hide")));
    buf.append(valueOrEmpty(node, StructrApp.key(DOMElement.class, "data-structr-raw-value")));
    // Content
    buf.append(valueOrEmpty(node, StructrApp.key(Content.class, "contentType")));
    buf.append(valueOrEmpty(node, StructrApp.key(Content.class, "content")));
    // Page
    buf.append(valueOrEmpty(node, StructrApp.key(Page.class, "cacheForSeconds")));
    buf.append(valueOrEmpty(node, StructrApp.key(Page.class, "dontCache")));
    buf.append(valueOrEmpty(node, StructrApp.key(Page.class, "pageCreatesRawData")));
    buf.append(valueOrEmpty(node, StructrApp.key(Page.class, "position")));
    buf.append(valueOrEmpty(node, StructrApp.key(Page.class, "showOnErrorCodes")));
    // HTML attributes
    if (node instanceof DOMElement) {
        for (final PropertyKey key : ((DOMElement) node).getHtmlAttributes()) {
            buf.append(valueOrEmpty(node, key));
        }
    }
    for (final PropertyKey key : node.getPropertyKeys(PropertyView.All)) {
        if (!key.isPartOfBuiltInSchema()) {
            buf.append(valueOrEmpty(node, key));
        }
    }
}
Also used : Page(org.structr.web.entity.dom.Page) Security(org.structr.core.entity.Security) DOMNode(org.structr.web.entity.dom.DOMNode) DOMElement(org.structr.web.entity.dom.DOMElement) Principal(org.structr.core.entity.Principal) PropertyKey(org.structr.core.property.PropertyKey)

Example 92 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class SetPermissionCommand method processMessage.

// ~--- methods --------------------------------------------------------
@Override
public void processMessage(final WebSocketMessage webSocketData) {
    AbstractNode obj = getNode(webSocketData.getId());
    boolean rec = (Boolean) webSocketData.getNodeData().get("recursive");
    String principalId = (String) webSocketData.getNodeData().get("principalId");
    String permission = (String) webSocketData.getNodeData().get("permission");
    String action = (String) webSocketData.getNodeData().get("action");
    if (principalId == null) {
        logger.error("This command needs a principalId");
        getWebSocket().send(MessageBuilder.status().code(400).build(), true);
    }
    Principal principal = (Principal) getNode(principalId);
    if (principal == null) {
        logger.error("No principal found with id {}", new Object[] { principalId });
        getWebSocket().send(MessageBuilder.status().code(400).build(), true);
    }
    webSocketData.getNodeData().remove("recursive");
    if (obj != null) {
        final App app = StructrApp.getInstance(getWebSocket().getSecurityContext());
        try (final Tx nestedTx = app.tx()) {
            if (!((AbstractNode) obj).isGranted(Permission.accessControl, getWebSocket().getSecurityContext())) {
                logger.warn("No access control permission for {} on {}", new Object[] { getWebSocket().getCurrentUser().toString(), obj.toString() });
                getWebSocket().send(MessageBuilder.status().message("No access control permission").code(400).build(), true);
                nestedTx.success();
                return;
            }
            nestedTx.success();
        } catch (FrameworkException ex) {
            logger.warn("", ex);
        }
        try {
            final Value<Tx> value = new StaticValue<>(null);
            setPermission(value, app, obj, principal, action, Permissions.valueOf(permission), rec);
            // commit and close transaction
            final Tx tx = value.get(null);
            if (tx != null) {
                tx.success();
                tx.close();
                value.set(null, null);
            }
            webSocketData.setResult(Arrays.asList(principal));
            // send only over local connection (no broadcast)
            getWebSocket().send(webSocketData, true);
        } catch (FrameworkException ex) {
            logger.error("Unable to set permissions: {}", ((FrameworkException) ex).toString());
            getWebSocket().send(MessageBuilder.status().code(400).build(), true);
        }
    } else {
        logger.warn("Graph object with uuid {} not found.", webSocketData.getId());
        getWebSocket().send(MessageBuilder.status().code(404).build(), true);
    }
}
Also used : StructrApp(org.structr.core.app.StructrApp) App(org.structr.core.app.App) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) AbstractNode(org.structr.core.entity.AbstractNode) StaticValue(org.structr.core.StaticValue) Principal(org.structr.core.entity.Principal)

Example 93 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class ConsoleTest method testUserCommand.

@Test
public void testUserCommand() {
    final Console console = new Console(securityContext, ConsoleMode.JavaScript, Collections.emptyMap());
    Principal admin = null;
    try {
        assertEquals("Invalid console execution result", "Mode set to 'AdminShell'. Type 'help' to get a list of commands.\r\n", console.runForTest("Console.setMode('" + ConsoleMode.AdminShell.name() + "')"));
        assertEquals("Invalid console execution result", "\r\n", console.runForTest("user list"));
        // create a user
        assertEquals("Invalid console execution result", "User created.\r\n", console.runForTest("user add tester tester@test.de"));
        assertEquals("Invalid console execution result", "User created.\r\n", console.runForTest("user add admin admin@localhost isAdmin"));
        assertEquals("Invalid console execution result", "User created.\r\n", console.runForTest("user add root isAdmin"));
        // check success
        try (final Tx tx = app.tx()) {
            final User user = app.nodeQuery(User.class).andName("tester").getFirst();
            assertNotNull("Invalid console execution result", user);
            assertEquals("Invalid console execution result", "tester", user.getProperty(User.name));
            assertEquals("Invalid console execution result", "tester@test.de", user.getEMail());
            assertEquals("Invalid console execution result", Boolean.FALSE, user.isAdmin());
            tx.success();
        }
        // check list
        assertEquals("Invalid console execution result", "admin, root, tester\r\n", console.runForTest("user list"));
        // delete user
        assertEquals("Invalid console execution result", "User deleted.\r\n", console.runForTest("user delete tester"));
        // check list
        assertEquals("Invalid console execution result", "admin, root\r\n", console.runForTest("user list"));
        // check "root" user
        try (final Tx tx = app.tx()) {
            final User root = app.nodeQuery(User.class).andName("root").getFirst();
            assertNotNull("Invalid console execution result", root);
            assertEquals("Invalid console execution result", "root", root.getProperty(User.name));
            assertEquals("Invalid console execution result", Boolean.TRUE, root.isAdmin());
            tx.success();
        }
        // make check "admin" user
        try (final Tx tx = app.tx()) {
            admin = app.nodeQuery(User.class).andName("admin").getFirst();
            assertNotNull("Invalid console execution result", admin);
            assertEquals("Invalid console execution result", "admin", admin.getProperty(User.name));
            assertEquals("Invalid console execution result", "admin@localhost", admin.getEMail());
            assertEquals("Invalid console execution result", Boolean.TRUE, admin.isAdmin());
            final Folder folder = app.create(Folder.class, "folder");
            folder.setProperties(folder.getSecurityContext(), new PropertyMap(Folder.owner, admin));
            tx.success();
        }
        final String idHash = admin.getUuid().substring(7, 11);
        // delete user without confirmation
        assertEquals("Invalid console execution result", "User 'admin' has owned nodes, please confirm deletion with 'user delete admin " + idHash + "'.\r\n", console.runForTest("user delete admin"));
        // delete user with confirmation
        assertEquals("Invalid console execution result", "User deleted.\r\n", console.runForTest("user delete admin " + idHash));
        // check list
        assertEquals("Invalid console execution result", "root\r\n", console.runForTest("user list"));
    } catch (FrameworkException fex) {
        logger.warn("", fex);
        fail("Unexpected exception.");
    }
}
Also used : User(org.structr.web.entity.User) PropertyMap(org.structr.core.property.PropertyMap) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) Folder(org.structr.web.entity.Folder) Principal(org.structr.core.entity.Principal) Test(org.junit.Test) StructrUiTest(org.structr.web.StructrUiTest)

Example 94 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class ScriptingTest method testCollectionOperations.

@Test
public void testCollectionOperations() {
    final Class groupType = StructrApp.getConfiguration().getNodeEntityClass("Group");
    final PropertyKey<List<Principal>> members = StructrApp.key(groupType, "members");
    Group group = null;
    Principal user1 = null;
    Principal user2 = null;
    TestOne testOne = null;
    // setup phase
    try (final Tx tx = app.tx()) {
        group = app.create(Group.class, "Group");
        user1 = app.create(Principal.class, "Tester1");
        user2 = app.create(Principal.class, "Tester2");
        group.setProperty(members, Arrays.asList(new Principal[] { user1 }));
        testOne = app.create(TestOne.class);
        createTestNodes(TestSix.class, 10);
        tx.success();
    } catch (FrameworkException fex) {
        logger.warn("", fex);
        fail("Unexpected exception.");
    }
    // test phase, find all the things using scripting
    try (final Tx tx = app.tx()) {
        final ActionContext actionContext = new ActionContext(securityContext);
        // test prerequisites
        assertEquals("Invalid prerequisite", 1, group.getProperty(members).size());
        assertEquals("Invalid prerequisite", user2, Scripting.evaluate(actionContext, group, "${{ return Structr.find('Principal', { name: 'Tester2' })[0]; }}", "test"));
        // test scripting association
        Scripting.evaluate(actionContext, group, "${{ var group = Structr.find('Group')[0]; var users = group.members; users.push(Structr.find('Principal', { name: 'Tester2' })[0]); }}", "test");
        assertEquals("Invalid scripted array operation result", 2, group.getProperty(members).size());
        // reset group
        group.setProperty(members, Arrays.asList(new Principal[] { user1 }));
        // test prerequisites
        assertEquals("Invalid prerequisite", 1, group.getProperty(members).size());
        // test direct push on member property
        Scripting.evaluate(actionContext, group, "${{ var group = Structr.find('Group')[0]; group.members.push(Structr.find('Principal', { name: 'Tester2' })[0]); }}", "test");
        assertEquals("Invalid scripted array operation result", 2, group.getProperty(members).size());
        // test scripting association
        Scripting.evaluate(actionContext, group, "${{ var test = Structr.find('TestOne')[0]; var testSixs = test.manyToManyTestSixs; testSixs.push(Structr.find('TestSix')[0]); }}", "test");
        assertEquals("Invalid scripted array operation result", 1, testOne.getProperty(TestOne.manyToManyTestSixs).size());
        // test direct push on member property
        Scripting.evaluate(actionContext, group, "${{ var test = Structr.find('TestOne')[0]; var testSixs = test.manyToManyTestSixs.push(Structr.find('TestSix')[1]); }}", "test");
        assertEquals("Invalid scripted array operation result", 2, testOne.getProperty(TestOne.manyToManyTestSixs).size());
        tx.success();
    } catch (UnlicensedException | FrameworkException fex) {
        logger.warn("", fex);
        fail("Unexpected exception.");
    }
}
Also used : Group(org.structr.core.entity.Group) UnlicensedException(org.structr.common.error.UnlicensedException) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) List(java.util.List) LinkedList(java.util.LinkedList) TestOne(org.structr.core.entity.TestOne) ActionContext(org.structr.schema.action.ActionContext) Principal(org.structr.core.entity.Principal) StructrTest(org.structr.common.StructrTest) Test(org.junit.Test)

Example 95 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class ScriptingTest method testPython.

@Test
public void testPython() {
    try (final Tx tx = app.tx()) {
        final Principal testUser = createTestNode(Principal.class, "testuser");
        final ActionContext ctx = new ActionContext(SecurityContext.getInstance(testUser, AccessMode.Backend));
        // assertEquals("Invalid python scripting evaluation result", "Hello World from Python!\n", Scripting.evaluate(ctx, null, "${python{print \"Hello World from Python!\"}}"));
        System.out.println(Scripting.evaluate(ctx, null, "${python{print(Structr.get('me').id)}}", "test"));
        tx.success();
    } catch (UnlicensedException | FrameworkException fex) {
        logger.warn("", fex);
        fail("Unexpected exception.");
    }
}
Also used : UnlicensedException(org.structr.common.error.UnlicensedException) Tx(org.structr.core.graph.Tx) FrameworkException(org.structr.common.error.FrameworkException) ActionContext(org.structr.schema.action.ActionContext) Principal(org.structr.core.entity.Principal) StructrTest(org.structr.common.StructrTest) Test(org.junit.Test)

Aggregations

Principal (org.structr.core.entity.Principal)112 FrameworkException (org.structr.common.error.FrameworkException)68 Tx (org.structr.core.graph.Tx)65 Test (org.junit.Test)41 App (org.structr.core.app.App)31 StructrApp (org.structr.core.app.StructrApp)31 TestOne (org.structr.core.entity.TestOne)16 Group (org.structr.core.entity.Group)14 NodeAttribute (org.structr.core.graph.NodeAttribute)13 PropertyMap (org.structr.core.property.PropertyMap)13 SecurityContext (org.structr.common.SecurityContext)10 LinkedList (java.util.LinkedList)9 Result (org.structr.core.Result)8 User (org.structr.web.entity.User)8 AbstractNode (org.structr.core.entity.AbstractNode)7 SuperUser (org.structr.core.entity.SuperUser)7 StructrUiTest (org.structr.web.StructrUiTest)7 Page (org.structr.web.entity.dom.Page)7 IOException (java.io.IOException)6 List (java.util.List)6