Package org.jboss.security.acl

Examples of org.jboss.security.acl.CompositeACLPermission

140
141
142
143
144
145
146
               logger.debug("No BasicACLPermission named " + element + " found", re);
            }
         }
      }

      return new CompositeACLPermission(permissions.toArray(new BasicACLPermission[permissions.size()]));
   }
View Full Code Here
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
      Set<EntitlementEntry> entitled = holder.getEntitled();
      assertNotNull("Unexpected null set of entitlement entries", entitled);
      assertEquals("Unexpected number of entitlement entries", 2, entitled.size());
      // Administrator should have all permissions on both resources.
      Map<Integer, EntitlementEntry> entriesMap = this.getEntriesByResourceID(entitled);
      CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
      assertTrue("Entry for ACLTestResource with id 10 missing", entriesMap.containsKey(10));
      assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(10).getPermission());
      assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
      assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());

      // now check the permissions entitled to Regular_User.
      holder = jam.getEntitlements(EntitlementEntry.class, resource1, IdentityFactory.createIdentity("Regular_User"));
      assertNotNull("Unexpected null EntitlementHolder", holder);
      entitled = holder.getEntitled();
      assertNotNull("Unexpected null set of entitlement entries", entitled);
      // Regular_User should get an empty set when calling getEntitlements with resource1.
      assertEquals("Unexpected number of entitlement entries", 0, entitled.size());
      holder = jam.getEntitlements(EntitlementEntry.class, resource2, IdentityFactory.createIdentity("Regular_User"));
      assertNotNull("Unexpected null EntitlementHolder", holder);
      entitled = holder.getEntitled();
      assertNotNull("Unexpected null set of entitlement entries", entitled);
      assertEquals("Unexpected number of entitlement entries", 1, entitled.size());
      // Regular_User should have READ and UPDATE permissions on resource 2.
      entriesMap = this.getEntriesByResourceID(entitled);
      expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
      assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
      assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
   }
View Full Code Here
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
      // using the authorization manager, check if the identities have the expected permissions.
      JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");

      // check that Administrator has all permissions on both resources.
      Identity identity = IdentityFactory.createIdentity("Administrator");
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, new CompositeACLPermission(
            BasicACLPermission.values())));
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
            BasicACLPermission.values())));

      // check that Guest has only READ permission on resource1.
      identity = IdentityFactory.createIdentity("Guest");
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, BasicACLPermission.READ));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.CREATE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.UPDATE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.DELETE));

      // check that Guest has READ and UPDATE permissions on resource2.
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
            BasicACLPermission.READ, BasicACLPermission.UPDATE)));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
            BasicACLPermission.values())));
     
      // check that Regular_User doesn't have any permissions on resource1.
      identity = IdentityFactory.createIdentity("Regular_User");
      for(BasicACLPermission permission : BasicACLPermission.values())
         assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, permission));
     
      // check that Regular_User has READ and UPDATE permissions on resource2.
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
      assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
            BasicACLPermission.READ, BasicACLPermission.UPDATE)));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
      assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
            BasicACLPermission.values())));
   }
View Full Code Here
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
         {
            assertEquals("Invalid number of entries", 2, aclImpl.getEntries().size());
            // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
            ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
            assertNotNull("Unexpected null value for Administrator entry", entry);
            CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
            assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
            // the other entry should assign the READ permission to Guest.
            entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
            assertNotNull("Unexpected null value for Guest entry", entry);
            expectedPermission = new CompositeACLPermission(BasicACLPermission.READ);
            assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
            validatedJavaCompACL = true;
         }
         else if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:20"))
         {
            assertEquals("Invalid number of entries", 3, aclImpl.getEntries().size());
            // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
            ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
            assertNotNull("Unexpected null value for Administrator entry", entry);
            CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
            assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
            // one other entry should assign the READ,UPDATE permissions to Guest.
            entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
            assertNotNull("Unexpected null value for Guest entry", entry);
            expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
            assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
            // the final entry should assign the READ,UPDATE permissions to Regular_User.
            entry = aclImpl.getEntry(IdentityFactory.createIdentity("Regular_User"));
            assertNotNull("Unexpected null value for Regular_User entry", entry);
            expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
            assertEquals("Unexpected permissions assigned for Regular_User", expectedPermission, entry.getPermission());
            validatedJavaCompEnvACL = true;
         }
         else
            fail("Invalid ACL found: " + aclImpl.getResourceAsString());
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
97
      this.identities = new Identity[TOTAL_IDENTITIES];
      for (int i = 0; i < TOTAL_IDENTITIES; i++)
         this.identities[i] = IdentityFactory.createIdentity("Identity" + i);

      BitMaskPermission readPermission = BasicACLPermission.READ;
      BitMaskPermission noPermission = new CompositeACLPermission();
      BitMaskPermission allPermission = new CompositeACLPermission(BasicACLPermission.values());

      // register the ACLs for the resources used by the tests.
      for (int i = 0; i < TOTAL_RESOURCES; i++)
      {
         Collection<ACLEntry> entries = new ArrayList<ACLEntry>();
View Full Code Here
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
      // =================================== ACLs ============================= //

      // register an ACL with the resource 0 - identity has all permissions here.
      Collection<ACLEntry> entries = new ArrayList<ACLEntry>();
      entries.add(new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.values()), this.identity));
      registration.registerACL(this.resources[0], entries);

      // register an ACL with the resource 4 - identity has read and update permissions.
      entries = new ArrayList<ACLEntry>();
      entries.add(new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE),
            this.identity));
      registration.registerACL(this.resources[4], entries);

      // register an ACL with the resource 5 - identity has create, read and delete permissions.
      entries = new ArrayList<ACLEntry>();
      entries.add(new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.CREATE, BasicACLPermission.READ,
            BasicACLPermission.DELETE), this.identity));
      registration.registerACL(this.resources[5], entries);

      // register an ACL with the resource 7 - identity has no corresponding entry (no permissions).
      entries = new ArrayList<ACLEntry>();
      entries.add(new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.values()), IdentityFactory
            .createIdentity("Another Identity")));
      registration.registerACL(this.resources[7], entries);

      // register an ACL with the resource 9 - identity has only read permission.
      entries = new ArrayList<ACLEntry>();
      entries.add(new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.READ), this.identity));
      registration.registerACL(this.resources[9], entries);
   }
View Full Code Here
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
      }

      // identity should have create, update, read and delete permissions over resources 2 and 3.
      EntitlementEntry entry = entriesMap.get(2);
      assertNotNull(entry);
      CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());
      entry = entriesMap.get(3);
      assertNotNull(entry);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());

      // identity should have read and update permissions over resources 4 and 6.
      entry = entriesMap.get(4);
      assertNotNull(entry);
      expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());
      entry = entriesMap.get(6);
      assertNotNull(entry);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());

      // identity should have create, read and delete permissions over resources 5 and 8.
      entry = entriesMap.get(5);
      assertNotNull(entry);
      expectedPermission = new CompositeACLPermission(BasicACLPermission.CREATE, BasicACLPermission.READ,
            BasicACLPermission.DELETE);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());
      entry = entriesMap.get(8);
      assertNotNull(entry);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());

      // identity should have read permission over resource 9.
      entry = entriesMap.get(9);
      assertNotNull(entry);
      expectedPermission = new CompositeACLPermission(BasicACLPermission.READ);
      assertEquals("Found unexpected permissions", expectedPermission, entry.getPermission());

   }
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
      this.identity = IdentityFactory.createIdentityWithRole("john", roleGroup);

      // create the ACLs for the resources.
      ACLEntry entry1 = new ACLEntryImpl(BasicACLPermission.READ, "role1");
      ACLEntry entry2 = new ACLEntryImpl(
            new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE), "role2");
      ACLEntry entry3 = new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.values()), "role3");
      List<ACLEntry> entries = new ArrayList<ACLEntry>();
      entries.add(entry1);
      entries.add(entry2);
      entries.add(entry3);
      this.strategy.createACL(this.resources[0], entries);

      // the second ACL uses the identity name.
      entry1 = new ACLEntryImpl(BasicACLPermission.READ, "ritchie");
      entry2 = new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.values()), "john");
      entries = new ArrayList<ACLEntry>();
      entries.add(entry1);
      entries.add(entry2);
      this.strategy.createACL(this.resources[1], entries);
   }
View Full Code Here
114
115
116
117
118
119
120
121
122
123
      assertFalse(provider.isAccessGranted(this.resources[0], this.identity, BasicACLPermission.DELETE));

      // now create a new identity for john that has no roles. The role-based provider should now use the
      // identity name (default impl) when checking for permissions.
      Identity identity = IdentityFactory.createIdentity("john");
      assertTrue(provider.isAccessGranted(this.resources[1], identity, new CompositeACLPermission(BasicACLPermission
            .values())));
      // access should be denied to resource 0, as that one has an ACL based on the roles.
      assertFalse(provider.isAccessGranted(this.resources[0], identity, BasicACLPermission.READ));
   }
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
         this.identities[i] = IdentityFactory.createIdentity("Identity" + i);
      // create an entry with a basic permission.
      this.entries = new ACLEntryImpl[ACL_SIZE];
      this.entries[0] = new ACLEntryImpl(BasicACLPermission.READ, this.identities[0]);
      // build the remaining entries with composite permissions.
      this.entries[1] = new ACLEntryImpl(new CompositeACLPermission(), this.identities[1]);
      this.entries[2] = new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.READ), this.identities[2]);
      this.entries[3] = new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.CREATE,
            BasicACLPermission.UPDATE, BasicACLPermission.DELETE), this.identities[3]);
      this.entries[4] = new ACLEntryImpl(new CompositeACLPermission(BasicACLPermission.values()), this.identities[4]);
   }
View Full Code Here
TOP

Related Classes of org.jboss.security.acl.CompositeACLPermission

  • org.drools.repository.security.DroolsRepositoryACLManager
  • org.jboss.security.acl.config.ACLEntryHolder
  • org.jboss.test.acl.config.JBossACLSchemaBindingUnitTestCase
  • org.jboss.test.authorization.acl.JBossAuthorizationManagerACLUnitTestCase
  • org.jboss.test.security.acl.ACLProviderUnitTestCase
  • org.jboss.test.security.acl.ACLUnitTestCase
  • org.jboss.test.security.acl.ACLUseTestCase
  • org.jboss.test.security.acl.PersistenceTestCase
  • org.jboss.test.security.acl.RoleBasedACLProviderUnitTestCase
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.