Example 1 with UserSecurityReference
use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method testAddSecurityAccessEntry.
@Test
public void testAddSecurityAccessEntry() throws Exception {
InsertUsers();
InsertEntities();
final List<SecurityAccessEntry> allEntries = new ArrayList<SecurityAccessEntry>();
// Insert and check insertion individually for simple users
for (UserSecurityReference user : userRefs) {
for (SecurityReference ref : entityRefs) {
assertThat(securityCache.get(user, ref), is(nullValue()));
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
if (AddAccessEntry(entry) != null) {
assertThat(securityCache.get(user, ref), sameInstance(entry));
allEntries.add(entry);
}
}
}
// Insert and check insertion individually for group users
for (UserSecurityReference user : groupUserRefs) {
for (SecurityReference ref : entityRefs) {
assertThat(securityCache.get(user, ref), is(nullValue()));
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
if (AddAccessEntry(entry) != null) {
assertThat(securityCache.get(user, ref), sameInstance(entry));
allEntries.add(entry);
}
}
}
// Check all insertions
for (SecurityAccessEntry entry : allEntries) {
assertThat(securityCache.get(entry.getUserReference(), entry.getReference()), sameInstance(entry));
}
// Check a non-conflicting duplicate insertion
try {
AddAccessEntry(allEntries.get(0));
} catch (ConflictingInsertionException e) {
fail("Inserting the same access entry twice should NOT throw a ConflictingInsertionException.");
}
// Check a conflicting duplicate insertion
try {
final SecurityReference ref = allEntries.get(0).getReference();
final UserSecurityReference user = allEntries.get(0).getUserReference();
SecurityAccessEntry entry = mock(SecurityAccessEntry.class, "Another access for " + allEntries.get(0).getUserReference().toString() + " on " + allEntries.get(0).getReference().toString());
when(entry.getUserReference()).thenReturn(user);
when(entry.getReference()).thenReturn(ref);
AddAccessEntry(entry);
fail("Inserting a different access entry for the same reference should throw" + " a ConflictingInsertionException.");
} catch (ConflictingInsertionException ignore) {
// Expected.
}
// Check insertion of entries without inserting either the entity or the user first
try {
AddAccessEntry(mockSecurityAccessEntry(aMissingEntityRef, xuserRef));
fail("Inserting a access entry without inserting its entity first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
try {
AddAccessEntry(mockSecurityAccessEntry(xdocRef, aMissingUserRef));
fail("Inserting a access entry without inserting its user first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
}
Also used :
SecurityAccessEntry(org.xwiki.security.authorization.SecurityAccessEntry)
ArrayList(java.util.ArrayList)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
Test(org.junit.Test)
Example 2 with UserSecurityReference
use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method InsertUsers.
private Map<String, SecurityEntry> InsertUsers() throws ConflictingInsertionException, ParentEntryEvictedException {
Map<String, SecurityEntry> entries = InsertUsersWithouShadow();
// Check inserting shadow users
for (UserSecurityReference ref : userRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
entries.put(AddUserEntry(entry), entry);
}
}
}
// Insert some groups
for (GroupSecurityReference ref : groupRefs.keySet()) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
entries.put(AddUserEntry(entry), entry);
}
}
}
// Insert shadow users in shadow groups
for (UserSecurityReference ref : groupUserRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
entries.put(AddUserEntry(entry), entry);
}
}
}
return entries;
}
Also used :
SecurityEntry(org.xwiki.security.authorization.SecurityEntry)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
SecurityShadowEntry(org.xwiki.security.authorization.cache.SecurityShadowEntry)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
Example 3 with UserSecurityReference
use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method testAddSecurityShadowEntry.
@Test
public void testAddSecurityShadowEntry() throws Exception {
InsertUsersWithouShadow();
final List<SecurityShadowEntry> allEntries = new ArrayList<SecurityShadowEntry>();
// Check inserting shadow users
for (UserSecurityReference ref : userRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check inserting some shadow groups
for (GroupSecurityReference ref : groupRefs.keySet()) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check inserting shadow users in shadow groups
for (UserSecurityReference ref : groupUserRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check a duplicate insertion
try {
AddUserEntry(allEntries.get(0));
} catch (ConflictingInsertionException e) {
fail("Inserting the same shadow entry twice should NOT throw a ConflictingInsertionException.");
}
// Check inserting a shadow for a missing user in an existing wiki
try {
AddUserEntry(mockSecurityShadowEntry(aMissingUserRef, wikiRef));
fail("Inserting a shadow entry without inserting its global user first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
// Check inserting a shadow for a existing user in a missing wiki
try {
AddUserEntry(mockSecurityShadowEntry(xuserRef, aMissingWikiRef));
fail("Inserting a shadow entry without inserting its wiki first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
}
Also used :
SecurityEntry(org.xwiki.security.authorization.SecurityEntry)
ArrayList(java.util.ArrayList)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
SecurityShadowEntry(org.xwiki.security.authorization.cache.SecurityShadowEntry)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
Test(org.junit.Test)
Example 4 with UserSecurityReference
use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method InsertAccess.
private Map<String, SecurityEntry> InsertAccess() throws ConflictingInsertionException, ParentEntryEvictedException {
Map<String, SecurityEntry> entries = new HashMap<String, SecurityEntry>();
// Insert access for simple users
for (UserSecurityReference user : userRefs) {
for (SecurityReference ref : entityRefs) {
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
String key = AddAccessEntry(entry);
if (key != null)
entries.put(key, entry);
}
SecurityAccessEntry entry = mockSecurityAccessEntry(user, user);
String key = AddAccessEntry(entry);
if (key != null)
entries.put(key, entry);
}
// Insert access for group users
for (UserSecurityReference user : groupUserRefs) {
for (SecurityReference ref : entityRefs) {
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
String key = AddAccessEntry(entry);
if (key != null)
entries.put(key, entry);
}
SecurityAccessEntry entry = mockSecurityAccessEntry(user, user);
String key = AddAccessEntry(entry);
if (key != null)
entries.put(key, entry);
}
return entries;
}
Also used :
SecurityAccessEntry(org.xwiki.security.authorization.SecurityAccessEntry)
HashMap(java.util.HashMap)
SecurityEntry(org.xwiki.security.authorization.SecurityEntry)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
Example 5 with UserSecurityReference
use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.
the class DefaultSecurityCache method getImmediateGroupsFor.
@Override
public Collection<GroupSecurityReference> getImmediateGroupsFor(UserSecurityReference user) {
Collection<GroupSecurityReference> groups = new HashSet<>();
SecurityCacheEntry userEntry = getEntry(user);
// If the user is not in the cache, or if it is, but not as a user, but as a regular document
if (userEntry == null || !userEntry.isUser()) {
// In that case, the ancestors are not fully loaded
return null;
}
for (SecurityCacheEntry parent : userEntry.parents) {
// Add the parent group (if we have not already seen it)
SecurityReference parentRef = parent.getEntry().getReference();
if (parentRef instanceof GroupSecurityReference) {
groups.add((GroupSecurityReference) parentRef);
}
}
return groups;
}
Also used :
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
HashSet(java.util.HashSet)
Aggregations
UserSecurityReference (org.xwiki.security.UserSecurityReference)13
GroupSecurityReference (org.xwiki.security.GroupSecurityReference)12
SecurityReference (org.xwiki.security.SecurityReference)12
SecurityAccessEntry (org.xwiki.security.authorization.SecurityAccessEntry)4
ArrayList (java.util.ArrayList)3
Test (org.junit.Test)3
SecurityEntry (org.xwiki.security.authorization.SecurityEntry)3
SecurityRuleEntry (org.xwiki.security.authorization.SecurityRuleEntry)3
Right (org.xwiki.security.authorization.Right)2
SecurityRule (org.xwiki.security.authorization.SecurityRule)2
ConflictingInsertionException (org.xwiki.security.authorization.cache.ConflictingInsertionException)2
ParentEntryEvictedException (org.xwiki.security.authorization.cache.ParentEntryEvictedException)2
SecurityShadowEntry (org.xwiki.security.authorization.cache.SecurityShadowEntry)2
AbstractSecurityRuleEntry (org.xwiki.security.authorization.internal.AbstractSecurityRuleEntry)2
Collection (java.util.Collection)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
LinkedList (java.util.LinkedList)1
Matcher (org.hamcrest.Matcher)1
InvocationOnMock (org.mockito.invocation.InvocationOnMock)1
