Package org.springframework.security.acls.model

Examples of org.springframework.security.acls.model.MutableAcl

122
123
124
125
126
127
128
129
130
131
132
        catch (IllegalArgumentException expected) {
            assertTrue(true);
        }

        try {
            MutableAcl acl = null;
            myCache.putInCache(acl);
            fail("It should have thrown IllegalArgumentException");
        }
        catch (IllegalArgumentException expected) {
            assertTrue(true);
View Full Code Here
143
144
145
146
147
148
149
150
151
152
153
        oos.writeObject(acl);
        oos.close();

        FileInputStream fis = new FileInputStream(file);
        ObjectInputStream ois = new ObjectInputStream(fis);
        MutableAcl retrieved = (MutableAcl) ois.readObject();
        ois.close();

        assertEquals(acl, retrieved);

        Object retrieved1 = FieldUtils.getProtectedFieldValue("aclAuthorizationStrategy", retrieved);
View Full Code Here
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
        ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2));
        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
                new SimpleGrantedAuthority("ROLE_GENERAL"));
        MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
        acl.setParent(parentAcl);

        myCache.putInCache(acl);

        verify(cache, times(4)).put(element.capture());

        List<Element> allValues = element.getAllValues();

        assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity());
        assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl);

        assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId());
        assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl);


        assertThat(allValues.get(2).getKey()).isEqualTo(acl.getObjectIdentity());
        assertThat(allValues.get(2).getObjectValue()).isEqualTo(acl);
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
                new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
                new SimpleGrantedAuthority("ROLE_GENERAL"));

        // Let's give the principal the ADMINISTRATION permission, without
        // granting access
        MutableAcl aclFirstDeny = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
        aclFirstDeny.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), false);

        // The CHANGE_GENERAL test should pass as the principal has ROLE_GENERAL
        aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_GENERAL);

        // The CHANGE_AUDITING and CHANGE_OWNERSHIP should fail since the
        // principal doesn't have these authorities,
        // nor granting access
        try {
            aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_AUDITING);
            fail("It should have thrown AccessDeniedException");
        }
        catch (AccessDeniedException expected) {
        }
        try {
            aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
            fail("It should have thrown AccessDeniedException");
        }
        catch (AccessDeniedException expected) {
        }

        // Add granting access to this principal
        aclFirstDeny.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
        // and try again for CHANGE_AUDITING - the first ACE's granting flag
        // (false) will deny this access
        try {
            aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_AUDITING);
            fail("It should have thrown AccessDeniedException");
        }
        catch (AccessDeniedException expected) {
        }

        // Create another ACL and give the principal the ADMINISTRATION
        // permission, with granting access
        MutableAcl aclFirstAllow = new AclImpl(identity, new Long(1), aclAuthorizationStrategy,
                new ConsoleAuditLogger());
        aclFirstAllow.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);

        // The CHANGE_AUDITING test should pass as there is one ACE with
        // granting access

        aclAuthorizationStrategy.securityCheck(aclFirstAllow, AclAuthorizationStrategy.CHANGE_AUDITING);

        // Add a deny ACE and test again for CHANGE_AUDITING
        aclFirstAllow.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(auth), false);
        try {
            aclAuthorizationStrategy.securityCheck(aclFirstAllow, AclAuthorizationStrategy.CHANGE_AUDITING);
            assertTrue(true);
        }
        catch (AccessDeniedException notExpected) {
            fail("It shouldn't have thrown AccessDeniedException");
        }

        // Create an ACL with no ACE
        MutableAcl aclNoACE = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
        try {
            aclAuthorizationStrategy.securityCheck(aclNoACE, AclAuthorizationStrategy.CHANGE_AUDITING);
            fail("It should have thrown NotFoundException");
        }
        catch (NotFoundException expected) {
View Full Code Here
222
223
224
225
226
227
228
229
230
231
        myCache.putInCache(acl);

        ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null);
        ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null);

        MutableAcl fromCache = myCache.getFromCache(acl.getId());

        assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
        assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
    }
View Full Code Here
244
245
246
247
248
249
250
251
252
253
        myCache.putInCache(acl);

        ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null);
        ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null);

        MutableAcl fromCache = myCache.getFromCache(acl.getObjectIdentity());

        assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
        assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
    }
View Full Code Here
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
                new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"),
                new SimpleGrantedAuthority("ROLE_GENERAL"));

        // Let's give the principal an ADMINISTRATION permission, with granting
        // access
        MutableAcl parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
        parentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
        MutableAcl childAcl = new AclImpl(identity, 2, aclAuthorizationStrategy, new ConsoleAuditLogger());

        // Check against the 'child' acl, which doesn't offer any authorization
        // rights on CHANGE_OWNERSHIP
        try {
            aclAuthorizationStrategy.securityCheck(childAcl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
            fail("It should have thrown NotFoundException");
        }
        catch (NotFoundException expected) {
            assertTrue(true);
        }

        // Link the child with its parent and test again against the
        // CHANGE_OWNERSHIP right
        childAcl.setParent(parentAcl);
        childAcl.setEntriesInheriting(true);
        try {
            aclAuthorizationStrategy.securityCheck(childAcl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
            assertTrue(true);
        }
        catch (NotFoundException expected) {
            fail("It shouldn't have thrown NotFoundException");
        }

        // Create a root parent and link it to the middle parent
        MutableAcl rootParentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy,
                new ConsoleAuditLogger());
        parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
        rootParentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
        parentAcl.setEntriesInheriting(true);
        parentAcl.setParent(rootParentAcl);
        childAcl.setParent(parentAcl);
        try {
            aclAuthorizationStrategy.securityCheck(childAcl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
                new SimpleGrantedAuthority("ROLE_GENERAL"));
        AuditLogger auditLogger = new ConsoleAuditLogger();

        PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
        SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy, aclAuthorizationStrategy);
        MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, auditLogger);

        assertEquals(0, realCache.size());
        myCache.putInCache(acl);

        // Check we can get from cache the same objects we put in
        assertEquals(myCache.getFromCache(Long.valueOf(1)), acl);
        assertEquals(myCache.getFromCache(identity), acl);

        // Put another object in cache
        ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101));
        MutableAcl acl2 = new AclImpl(identity2, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());

        myCache.putInCache(acl2);

        // Try to evict an entry that doesn't exist
        myCache.evictFromCache(Long.valueOf(3));
View Full Code Here
115
116
117
118
119
120
121
122
123
124
125
126
        AuditLogger auditLogger = new ConsoleAuditLogger();

        PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
        SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy, aclAuthorizationStrategy);

        MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, auditLogger);
        MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, auditLogger);

        acl.setParent(parentAcl);

        assertEquals(0, realCache.size());
        myCache.putInCache(acl);
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
    //~ Methods ========================================================================================================

    public void evictFromCache(Serializable pk) {
        Assert.notNull(pk, "Primary key (identifier) required");

        MutableAcl acl = getFromCache(pk);

        if (acl != null) {
            cache.remove(acl.getId());
            cache.remove(acl.getObjectIdentity());
        }
    }
View Full Code Here
TOP

Related Classes of org.springframework.security.acls.model.MutableAcl

  • org.springframework.security.acls.domain.AclImplementationSecurityCheckTests
  • org.springframework.security.acls.domain.EhCacheBasedAclCache
  • org.springframework.security.acls.domain.SpringCacheBasedAclCache
  • org.springframework.security.acls.jdbc.BasicLookupStrategy$ProcessResultSet
  • org.springframework.security.acls.jdbc.BasicLookupStrategyTests
  • org.springframework.security.acls.jdbc.EhCacheBasedAclCacheTests
  • org.springframework.security.acls.jdbc.JdbcMutableAclServiceTests
  • org.springframework.security.acls.jdbc.SpringCacheBasedAclCacheTests
  • sample.contact.ContactManagerBackend
  • sample.dms.secured.SecureDataSourcePopulator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.