Resource r = registry1.newResource();
registry1.put("/test2", r);
UserRealm userRealm1 = registry1.getUserRealm();
UserStoreManager userStoreManager1;
try {
userStoreManager1 = userRealm1.getUserStoreManager();
} catch (UserStoreException e) {
throw new RegistryException("Error in retrieving UserStoreManager.");
}
AuthorizationManager authorizationManager1;
try {
authorizationManager1 = userRealm1.getAuthorizationManager();
} catch (UserStoreException e) {
throw new RegistryException("Error in retrieving AuthorizationManager.");
}
// adding some users
try {
userStoreManager1.addUser("user1t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user1t0.");
}
try {
userStoreManager1.addUser("user2t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user2t0.");
}
try {
userStoreManager1.addUser("user3t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user3t0.");
}
// adding more users we are going to add roles with
try {
userStoreManager1.addUser("user4t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user4t0.");
}
try {
userStoreManager1.addUser("user5t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user5t0.");
}
try {
userStoreManager1.addUser("user6t0", "password", null, null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user6t0.");
}
// adding some roles
try {
userStoreManager1.addRole("role1t0", null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding role role1t0.");
}
try {
userStoreManager1.addRole("role2t0", null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding role role2t0.");
}
try {
userStoreManager1.addRole("role3t0", null, null);
} catch (UserStoreException e) {
throw new RegistryException("Error in adding role role3t0.");
}
//
// // now assign authorizations to first set of users.
// try {
// authorizationManager1.authorizeUser("user1t0", "/test2", ActionConstants.PUT);
// } catch (UserStoreException e) {
// throw new RegistryException("Error in authorizing user1t0.");
// }
// try {
// authorizationManager1.authorizeUser("user2t0", "/test2", ActionConstants.DELETE);
// } catch (UserStoreException e) {
// throw new RegistryException("Error in authorizing user2t0.");
// }
// try {
// authorizationManager1.authorizeUser("user2t0", "/test2", "authorize");
// } catch (UserStoreException e) {
// throw new RegistryException("Error in authorizing user3t0.");
// }
// then assign roles to the second set of users.
try {
userStoreManager1.updateRoleListOfUser("user4t0", null, new String[]{"role1t0"});
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user4t0 to role1t0 role.");
}
try {
userStoreManager1.updateRoleListOfUser("user5t0", null, new String[]{"role2t0"});
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user5t0 to role2t0 role.");
}
try {
userStoreManager1.updateRoleListOfUser("user6t0", null, new String[]{"role3t0"});
} catch (UserStoreException e) {
throw new RegistryException("Error in adding user user6t0 to role3t0 role.");
}
// now giving authorizations to the role.
try {
authorizationManager1.authorizeRole("role1t0", "/test2", ActionConstants.PUT);
} catch (UserStoreException e) {
throw new RegistryException("Error in authorizing role1t0.");
}
try {
authorizationManager1.authorizeRole("role2t0", "/test2", ActionConstants.DELETE);
} catch (UserStoreException e) {
throw new RegistryException("Error in authorizing role2t0.");
}
try {
authorizationManager1.authorizeRole("role3t0", "/test2", "authorize");
} catch (UserStoreException e) {
throw new RegistryException("Error in authorizing role3t0.");
}
// secondly we will check the user store from tenant 1 and verify no overlaps with tenant 0
UserRegistry registry2 =
embeddedRegistryService.getUserRegistry(realmConfig.getAdminUserName(), 1);
UserRealm userRealm2 = registry2.getUserRealm();
UserStoreManager userStoreManager2;
try {
userStoreManager2 = userRealm2.getUserStoreManager();
} catch (UserStoreException e) {
throw new RegistryException("Error in retrieving UserStoreManager.");
}
AuthorizationManager authorizationManager2;
try {
authorizationManager2 = userRealm2.getAuthorizationManager();
} catch (UserStoreException e) {
throw new RegistryException("Error in retrieving AuthorizationManager.");
}
String[] users;
try {
users = userStoreManager2.listUsers("*", 10);
} catch (UserStoreException e) {
throw new RegistryException("Error in retrieving UserStoreManager.");
}
// check the existence of the user
assertFalse("UserStore for tenant1 should not have user1t0",
Arrays.binarySearch(users, "user1t0") >= 0);
assertFalse("UserStore for tenant1 should not have user2t0",
Arrays.binarySearch(users, "user2t0") >= 0);
assertFalse("UserStore for tenant1 should not have user3t0",
Arrays.binarySearch(users, "user3t0") >= 0);
assertFalse("UserStore for tenant1 should not have user4t0",
Arrays.binarySearch(users, "user4t0") >= 0);
assertFalse("UserStore for tenant1 should not have user5t0",
Arrays.binarySearch(users, "user5t0") >= 0);
assertFalse("UserStore for tenant1 should not have user6t0",
Arrays.binarySearch(users, "user6t0") >= 0);
// check the existence of the role
assertFalse("UserStore for tenant1 should not have role1t0",
Arrays.binarySearch(users, "role1t0") >= 0);
assertFalse("UserStore for tenant1 should not have role2t0",
Arrays.binarySearch(users, "role2t0") >= 0);
assertFalse("UserStore for tenant1 should not have role3t0",
Arrays.binarySearch(users, "role3t0") >= 0);
// check the user authorizations
assertFalse("UserStore for tenant1 should not have user1t0",
Arrays.binarySearch(users, "user1t0") >= 0);
assertFalse("UserStore for tenant1 should not have user2t0",
Arrays.binarySearch(users, "user2t0") >= 0);
assertFalse("UserStore for tenant1 should not have user3t0",
Arrays.binarySearch(users, "user3t0") >= 0);
// check the authorization of the users.
try {
assertFalse("UserStore for tenant1 should not have authorizations for user1t0",
authorizationManager2
.isUserAuthorized("user1t0", "/test2", ActionConstants.PUT));
assertFalse("UserStore for tenant1 should not have authorizations for user2t0",
authorizationManager2
.isUserAuthorized("user2t0", "/test2", ActionConstants.DELETE));
assertFalse("UserStore for tenant1 should not have authorizations for user3t0",
authorizationManager2.isUserAuthorized("user3t0", "/test2", "authorize"));
} catch (UserStoreException e) {
throw new RegistryException("Error in checking authorizations.");
}
// check the user is added to the role
try {
assertFalse("UserStore for tenant1 should not have user4t0 user in role role1t0",
Arrays.binarySearch(userStoreManager2.getRoleListOfUser("user5t0"),
"role1t0") >= 0);
assertFalse("UserStore for tenant1 should not have user5t0 user in role role2t0",
Arrays.binarySearch(userStoreManager2.getRoleListOfUser("user5t0"),
"role2t0") >= 0);
assertFalse("UserStore for tenant1 should not have user6t0 user in role role3t0",
Arrays.binarySearch(userStoreManager2.getRoleListOfUser("user6t0"),
"role3t0") >= 0);
} catch (UserStoreException e) {
throw new RegistryException("Error in checking authorizations.");
}
}