Examples with UserSecurityReference org.xwiki.security.UserSecurityReference used on opensource projects

Search in sources :

Example 11 with UserSecurityReference

use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.

the class DefaultSecurityCacheLoaderTest method loadWithConflictingInsertionException.

@Test
public void loadWithConflictingInsertionException() throws Exception {
    DocumentReference userReference = new DocumentReference("wiki", "Users", "mflorea");
    UserSecurityReference user = securityReferenceFactory.newUserReference(userReference);
    DocumentReference documentReference = new DocumentReference("wiki", "Space", "Document");
    SecurityReference entity = securityReferenceFactory.newEntityReference(documentReference);
    SecurityRuleEntry documentEntry = mock(SecurityRuleEntry.class, "document");
    when(documentEntry.getReference()).thenReturn(entity);
    when(documentEntry.isEmpty()).thenReturn(true);
    SecurityRuleEntry spaceEntry = mock(SecurityRuleEntry.class, "space");
    when(spaceEntry.getReference()).thenReturn(entity.getParentSecurityReference());
    when(spaceEntry.isEmpty()).thenReturn(true);
    SecurityRuleEntry wikiEntry = mock(SecurityRuleEntry.class, "wiki");
    when(wikiEntry.getReference()).thenReturn(entity.getParentSecurityReference().getParentSecurityReference());
    when(wikiEntry.isEmpty()).thenReturn(true);
    SecurityCache securityCache = mocker.getInstance(SecurityCache.class);
    when(securityCache.get(entity)).thenReturn(documentEntry);
    when(securityCache.get(entity.getParentSecurityReference())).thenReturn(spaceEntry);
    when(securityCache.get(entity.getParentSecurityReference().getParentSecurityReference())).thenReturn(wikiEntry);
    when(securityCache.getGroupsFor(user, null)).thenReturn(null);
    UserBridge userBridge = mocker.getInstance(UserBridge.class);
    DocumentReference groupReference = new DocumentReference("wiki", "Groups", "AllGroup");
    Set<GroupSecurityReference> groups = Collections.singleton(securityReferenceFactory.newGroupReference(groupReference));
    when(userBridge.getAllGroupsFor(user, userReference.getWikiReference())).thenReturn(groups);
    SecurityAccessEntry securityAccessEntry = mock(SecurityAccessEntry.class);
    AuthorizationSettler authorizationSettler = mocker.getInstance(AuthorizationSettler.class);
    Deque<SecurityRuleEntry> securityRuleEntries = new LinkedList<SecurityRuleEntry>(Arrays.asList(documentEntry, spaceEntry, wikiEntry));
    when(authorizationSettler.settle(user, groups, securityRuleEntries)).thenReturn(securityAccessEntry);
    doThrow(ConflictingInsertionException.class).when(securityCache).add(securityAccessEntry);
    doThrow(ConflictingInsertionException.class).when(securityCache).add(securityAccessEntry, null);
    try {
        securityCacheLoader.load(user, entity);
        fail();
    } catch (AuthorizationException e) {
        assertEquals("Failed to load the cache in 5 attempts. Giving up. when checking  " + "access to [wiki:Space.Document] for user [wiki:Users.mflorea]", e.getMessage());
        assertTrue(ExceptionUtils.getRootCauseMessage(e).contains("ConflictingInsertionException"));
    }
    // Assert that we've also emitted a log
    assertEquals(1, this.logRule.size());
    assertEquals("Failed to load the cache in 5 attempts. Giving up.", this.logRule.getMessage(0));
}
Also used : UserBridge(org.xwiki.security.internal.UserBridge) SecurityRuleEntry(org.xwiki.security.authorization.SecurityRuleEntry) AuthorizationException(org.xwiki.security.authorization.AuthorizationException) AuthorizationSettler(org.xwiki.security.authorization.AuthorizationSettler) GroupSecurityReference(org.xwiki.security.GroupSecurityReference) LinkedList(java.util.LinkedList) SecurityAccessEntry(org.xwiki.security.authorization.SecurityAccessEntry) GroupSecurityReference(org.xwiki.security.GroupSecurityReference) SecurityReference(org.xwiki.security.SecurityReference) UserSecurityReference(org.xwiki.security.UserSecurityReference) UserSecurityReference(org.xwiki.security.UserSecurityReference) DocumentReference(org.xwiki.model.reference.DocumentReference) Test(org.junit.Test)

Example 12 with UserSecurityReference

use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.

the class AbstractAuthorizationSettler method settle.

@Override
public SecurityAccessEntry settle(UserSecurityReference user, Collection<GroupSecurityReference> groups, Deque<SecurityRuleEntry> ruleEntries) {
    XWikiSecurityAccess access = new XWikiSecurityAccess();
    SecurityReference reference = null;
    Policies policies = new Policies();
    for (SecurityRuleEntry entry : ruleEntries) {
        if (!entry.isEmpty()) {
            // Chose the highest possible level to store the resulting access
            if (reference == null) {
                reference = entry.getReference();
            }
            // Compute access of this level and merge it with previous access result
            merge(settle(user, groups, entry, policies), access, entry.getReference(), policies);
        }
        if (reference == null && entry.getReference().getType() == EntityType.WIKI) {
            reference = entry.getReference();
        }
    }
    // Apply defaults and return the resulting access entry
    return new InternalSecurityAccessEntry(user, reference, applyDefaults(user, reference, access));
}
Also used : SecurityRuleEntry(org.xwiki.security.authorization.SecurityRuleEntry) GroupSecurityReference(org.xwiki.security.GroupSecurityReference) SecurityReference(org.xwiki.security.SecurityReference) UserSecurityReference(org.xwiki.security.UserSecurityReference)

Example 13 with UserSecurityReference

use of org.xwiki.security.UserSecurityReference in project xwiki-platform by xwiki.

the class DefaultAuthorizationSettlerTest method getMockedSecurityRule.

private SecurityRule getMockedSecurityRule(String name, Iterable<UserSecurityReference> users, Iterable<GroupSecurityReference> groups, Iterable<Right> rights, final RuleState state) {
    final SecurityRule rule = mock(SecurityRule.class, name);
    final List<Matcher<? super UserSecurityReference>> userMatchers = new ArrayList<Matcher<? super UserSecurityReference>>();
    final List<Matcher<? super GroupSecurityReference>> groupMatchers = new ArrayList<Matcher<? super GroupSecurityReference>>();
    final List<Matcher<? super Right>> rightMatchers = new ArrayList<Matcher<? super Right>>();
    for (UserSecurityReference user : users) {
        userMatchers.add(is(user));
    }
    for (GroupSecurityReference group : groups) {
        groupMatchers.add(is(group));
    }
    for (Right right : rights) {
        rightMatchers.add(is(right));
    }
    when(rule.match(argThat(anyOf(userMatchers)))).thenReturn(true);
    when(rule.match(argThat(anyOf(groupMatchers)))).thenReturn(true);
    when(rule.match(argThat(anyOf(rightMatchers)))).thenReturn(true);
    when(rule.match(argThat(not(anyOf(userMatchers))))).thenReturn(false);
    when(rule.match(argThat(not(anyOf(groupMatchers))))).thenReturn(false);
    when(rule.match(argThat(not(anyOf(rightMatchers))))).thenReturn(false);
    when(rule.getState()).thenReturn(state);
    return rule;
}
Also used : Matcher(org.hamcrest.Matcher) ArrayList(java.util.ArrayList) Right(org.xwiki.security.authorization.Right) SecurityRule(org.xwiki.security.authorization.SecurityRule) UserSecurityReference(org.xwiki.security.UserSecurityReference) GroupSecurityReference(org.xwiki.security.GroupSecurityReference)

Aggregations

UserSecurityReference (org.xwiki.security.UserSecurityReference)13 GroupSecurityReference (org.xwiki.security.GroupSecurityReference)12 SecurityReference (org.xwiki.security.SecurityReference)12 SecurityAccessEntry (org.xwiki.security.authorization.SecurityAccessEntry)4 ArrayList (java.util.ArrayList)3 Test (org.junit.Test)3 SecurityEntry (org.xwiki.security.authorization.SecurityEntry)3 SecurityRuleEntry (org.xwiki.security.authorization.SecurityRuleEntry)3 Right (org.xwiki.security.authorization.Right)2 SecurityRule (org.xwiki.security.authorization.SecurityRule)2 ConflictingInsertionException (org.xwiki.security.authorization.cache.ConflictingInsertionException)2 ParentEntryEvictedException (org.xwiki.security.authorization.cache.ParentEntryEvictedException)2 SecurityShadowEntry (org.xwiki.security.authorization.cache.SecurityShadowEntry)2 AbstractSecurityRuleEntry (org.xwiki.security.authorization.internal.AbstractSecurityRuleEntry)2 Collection (java.util.Collection)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 Matcher (org.hamcrest.Matcher)1 InvocationOnMock (org.mockito.invocation.InvocationOnMock)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial