<groupId>de.jpdigital</groupId>
<artifactId>hibernate52-ddl-maven-plugin</artifactId>
<version>2.2.0</version>
+ <dependencies>
+ <dependency>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ <version>2.3.0</version>
+ </dependency>
+ </dependencies>
<executions>
<execution>
<phase>process-classes</phase>
</configuration>
</execution>
</executions>
-
+
</plugin>
<!-- Read the swagger.json file and the definition from SwaggerConfig.java;
generate a list of .adoc files containing the APIs info in more structured
<plugin>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctor-maven-plugin</artifactId>
- <version>1.5.6</version>
+ <version>1.5.7.1</version>
<dependencies>
<dependency>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctorj-pdf</artifactId>
<version>1.5.0-alpha.10.1</version>
</dependency>
- <dependency>
- <groupId>org.jruby</groupId>
- <artifactId>jruby-complete</artifactId>
- <version>1.7.21</version>
- </dependency>
</dependencies>
<configuration>
<sourceDirectory>${project.basedir}/src/main/resources/asciidoc</sourceDirectory>
--- /dev/null
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP CLAMP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights
+ * reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END============================================
+ * ===================================================================
+ *
+ */
+
+package org.onap.clamp.authorization;
+
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
+import java.util.Date;
+
+import javax.ws.rs.NotAuthorizedException;
+
+import org.apache.camel.Exchange;
+import org.onap.clamp.clds.config.ClampProperties;
+import org.onap.clamp.clds.service.SecureServiceBase;
+import org.onap.clamp.clds.service.SecureServicePermission;
+import org.onap.clamp.clds.util.LoggingUtils;
+import org.onap.clamp.util.PrincipalUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+
+/**
+ * Create CLDS Event.
+ */
+@Component
+public class AuthorizationController {
+
+ protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SecureServiceBase.class);
+ protected static final EELFLogger auditLogger = EELFManager.getInstance().getMetricsLogger();
+ protected static final EELFLogger securityLogger = EELFManager.getInstance().getSecurityLogger();
+
+ // By default we'll set it to a default handler
+ @Autowired
+ private ClampProperties refProp;
+
+ private SecurityContext securityContext = SecurityContextHolder.getContext();
+ private final static String permPrefix = "security.permission.type.";
+ private final static String permInstance = "security.permission.instance";
+
+ public AuthorizationController() {
+ }
+ /**
+ * Insert event using process variables.
+ *
+ * @param camelExchange
+ * The Camel Exchange object containing the properties
+ * @param actionState
+ * The action state that is used instead of the one in exchange property
+ */
+
+ public void authorize (Exchange camelExchange, String typeVar, String instanceVar, String action) {
+ String type = refProp.getStringValue(permPrefix + typeVar);
+ String instance = refProp.getStringValue(permInstance);
+
+ if (null == type || type.isEmpty()) {
+ //authorization is turned off, since the permission is not defined
+ return;
+ }
+ if (null != instanceVar && !instanceVar.isEmpty()) {
+ instance = instanceVar;
+ }
+ String principalName = PrincipalUtils.getPrincipalName();
+ SecureServicePermission perm = SecureServicePermission.create(type, instance, action);
+ Date startTime = new Date();
+ LoggingUtils.setTargetContext("Clamp", "authorize");
+ LoggingUtils.setTimeContext(startTime, new Date());
+ securityLogger.debug("checking if {} has permission: {}", principalName, perm);
+ try {
+ isUserPermitted(perm);
+ } catch (NotAuthorizedException nae) {
+ String msg = principalName + " does not have permission: " + perm;
+ LoggingUtils.setErrorContext("100", "Authorization Error");
+ securityLogger.warn(msg);
+ throw new NotAuthorizedException(msg);
+ }
+ }
+
+ private boolean isUserPermitted(SecureServicePermission inPermission) {
+ boolean authorized = false;
+ String principalName = PrincipalUtils.getPrincipalName();
+ // check if the user has the permission key or the permission key with a
+ // combination of all instance and/or all action.
+ if (hasRole(inPermission.getKey())) {
+ auditLogger.info("{} authorized because user has permission with * for instance: {}", principalName, inPermission.getKey());
+ authorized = true;
+ // the rest of these don't seem to be required - isUserInRole method
+ // appears to take * as a wildcard
+ } else if (hasRole(inPermission.getKeyAllInstance())) {
+ auditLogger.info("{} authorized because user has permission with * for instance: {}", principalName, inPermission.getKey());
+ authorized = true;
+ } else if (hasRole(inPermission.getKeyAllInstanceAction())) {
+ auditLogger.info("{} authorized because user has permission with * for instance and * for action: {}", principalName, inPermission.getKey());
+ authorized = true;
+ } else if (hasRole(inPermission.getKeyAllAction())) {
+ auditLogger.info("{} authorized because user has permission with * for action: {}", principalName, inPermission.getKey());
+ authorized = true;
+ } else {
+ throw new NotAuthorizedException("");
+ }
+ return authorized;
+ }
+
+ public boolean isUserPermittedNoException(SecureServicePermission inPermission) {
+ try {
+ return isUserPermitted (inPermission);
+ } catch (NotAuthorizedException e) {
+ return false;
+ }
+ }
+
+ protected boolean hasRole(String role) {
+ Authentication authentication = PrincipalUtils.getSecurityContext().getAuthentication();
+ if (authentication == null) {
+ return false;
+ }
+ for (GrantedAuthority auth : authentication.getAuthorities()) {
+ if (role.equals(auth.getAuthority()))
+ return true;
+ }
+ return false;
+ }
+
+}
package org.onap.clamp.loop;
import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
import com.google.gson.reflect.TypeToken;
import java.lang.reflect.Type;
public Loop updateOperationalPolicies(String loopName, JsonArray operationalPoliciesJson) {
List<OperationalPolicy> operationalPolicies = JsonUtils.GSON
.fromJson(operationalPoliciesJson, OPERATIONAL_POLICY_TYPE);
- return loopService.updateOperationalPolicies(loopName, operationalPolicies);
+ return loopService.updateAndSaveOperationalPolicies(loopName, operationalPolicies);
}
public Loop updateMicroservicePolicies(String loopName, JsonArray microServicePoliciesJson) {
List<MicroServicePolicy> microservicePolicies = JsonUtils.GSON
.fromJson(microServicePoliciesJson, MICROSERVICE_POLICY_TYPE);
- return loopService.updateMicroservicePolicies(loopName, microservicePolicies);
+ return loopService.updateAndSaveMicroservicePolicies(loopName, microservicePolicies);
+ }
+
+ public Loop updateGlobalPropertiesJson(String loopName, JsonObject globalProperties){
+ return loopService.updateAndSaveGlobalPropertiesJson(loopName, globalProperties);
}
public String getSVGRepresentation(String loopName) {
import java.util.List;
import java.util.Set;
import javax.persistence.EntityNotFoundException;
+
+import com.google.gson.JsonObject;
import org.onap.clamp.policy.microservice.MicroservicePolicyService;
import org.onap.clamp.policy.operational.OperationalPolicyService;
import org.onap.clamp.policy.microservice.MicroServicePolicy;
return closedLoopByName.getSvgRepresentation();
}
- Loop updateOperationalPolicies(String loopName, List<OperationalPolicy> newOperationalPolicies) {
+ Loop updateAndSaveOperationalPolicies(String loopName, List<OperationalPolicy> newOperationalPolicies) {
Loop loop = findClosedLoopByName(loopName);
- Set<OperationalPolicy> newPolicies = operationalPolicyService
- .updatePolicies(loop, newOperationalPolicies);
+ updateOperationalPolicies(loop, newOperationalPolicies);
+ return loopsRepository.save(loop);
+ }
- loop.setOperationalPolicies(newPolicies);
+ Loop updateAndSaveMicroservicePolicies(String loopName, List<MicroServicePolicy> newMicroservicePolicies) {
+ Loop loop = findClosedLoopByName(loopName);
+ updateMicroservicePolicies(loop, newMicroservicePolicies);
return loopsRepository.save(loop);
}
- Loop updateMicroservicePolicies(String loopName, List<MicroServicePolicy> newMicroservicePolicies) {
+ Loop updateAndSaveGlobalPropertiesJson(String loopName, JsonObject newGlobalPropertiesJson) {
Loop loop = findClosedLoopByName(loopName);
- Set<MicroServicePolicy> newPolicies = microservicePolicyService
- .updatePolicies(loop, newMicroservicePolicies);
+ updateGlobalPropertiesJson(loop, newGlobalPropertiesJson);
+ return loopsRepository.save(loop);
+ }
+ private Loop updateOperationalPolicies(Loop loop, List<OperationalPolicy> newOperationalPolicies) {
+ Set<OperationalPolicy> newPolicies = operationalPolicyService
+ .updatePolicies(loop, newOperationalPolicies);
+
+ loop.setOperationalPolicies(newPolicies);
+ return loop;
+ }
+
+ private Loop updateMicroservicePolicies(Loop loop, List<MicroServicePolicy> newMicroservicePolicies) {
+ Set<MicroServicePolicy> newPolicies = microservicePolicyService
+ .updatePolicies(loop, newMicroservicePolicies);
loop.setMicroServicePolicies(newPolicies);
- return loopsRepository.save(loop);
+ return loop;
+ }
+
+ private Loop updateGlobalPropertiesJson(Loop loop, JsonObject newGlobalPropertiesJson) {
+ loop.setGlobalPropertiesJson(newGlobalPropertiesJson);
+ return loop;
}
private Loop findClosedLoopByName(String loopName) {
--- /dev/null
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP CLAMP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights
+ * reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END============================================
+ * Modifications copyright (c) 2018 Nokia
+ * ===================================================================
+ *
+ */
+
+package org.onap.clamp.util;
+
+import java.util.Date;
+
+import org.onap.clamp.clds.service.DefaultUserNameHandler;
+import org.onap.clamp.clds.service.UserNameHandler;
+import org.onap.clamp.clds.util.LoggingUtils;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+
+public class PrincipalUtils {
+ private static UserNameHandler userNameHandler = new DefaultUserNameHandler();
+ private static SecurityContext securityContext = SecurityContextHolder.getContext();
+
+ /**
+ * Get the Full name.
+ *
+ * @return
+ */
+ public static String getUserName() {
+ String name = userNameHandler.retrieveUserName(securityContext);
+ Date startTime = new Date();
+ LoggingUtils.setTargetContext("CLDS", "getUserName");
+ LoggingUtils.setTimeContext(startTime, new Date());
+ return name;
+ }
+
+ /**
+ * Get the userId from AAF/CSP.
+ *
+ * @return
+ */
+ public static String getUserId() {
+ return getUserName();
+ }
+
+ /**
+ * Get the principal name.
+ *
+ * @return
+ */
+ public static String getPrincipalName() {
+ String principal = ((UserDetails)securityContext.getAuthentication().getPrincipal()).getUsername();
+ String name = "Not found";
+ if (principal != null) {
+ name = principal;
+ }
+ return name;
+ }
+ public static void setSecurityContext(SecurityContext securityContext) {
+ PrincipalUtils.securityContext = securityContext;
+ }
+
+ public static SecurityContext getSecurityContext() {
+ return securityContext;
+ }
+}
<script src="scripts/ExtraUserInfoCtrl.js"></script>
<script src="scripts/ExtraUserInfoService.js"></script>
<script src="scripts/saveConfirmationModalPopUpCtrl.js"></script>
- <script src="scripts/CldsTemplateService.js"></script>
<script src="scripts/GlobalPropertiesCtrl.js"></script>
<script src="scripts/AlertService.js"></script>
<script src="scripts/ToscaModelCtrl.js"></script>
'cldsModelService',
'$location',
'dialogs',
-'cldsTemplateService',
function($scope, $rootScope, $modalInstance, $window, $uibModalInstance, cldsModelService, $location,
- dialogs, cldsTemplateService) {
+ dialogs) {
$scope.typeModel = 'template';
$scope.error = {
flag : false,
$scope.close();
}
}
- cldsTemplateService.getSavedTemplate().then(function(pars) {
- $scope.templateNamel = []
- for (var i = 0; i < pars.length; i++) {
- $scope.templateNamel.push(pars[i].value);
- }
- setTimeout(function() {
- setMultiSelect();
- }, 100);
- });
function contains(a, obj) {
var i = a && a.length > 0 ? a.length : 0;
while (i--) {
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
- * reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- *
- */
-
-app.service('cldsTemplateService', ['alertService', '$http', '$q', function (alertService, $http, $q) {
- this.getTemplate = function(templateName){
-
-
- var def = $q.defer();
- var sets = [];
-
- var svcUrl = "/restservices/clds/v1/cldsTempate/template/" + templateName;
-
- $http.get(svcUrl)
- .success(function(data){
-
- def.resolve(data);
-
- })
- .error(function(data){
-
- def.reject("Open Model not successful");
- });
-
- return def.promise;
- };
- this.getSavedTemplate=function(){
-
- var def = $q.defer();
- var sets = [];
-
- var svcUrl = "/restservices/clds/v1/cldsTempate/template-names";
-
- $http.get(svcUrl)
- .success(function(data){
-
- def.resolve(data);
-
- })
- .error(function(data){
-
- def.reject("Open Model not successful");
- });
-
- return def.promise;
- };
-
- }]);
'cldsModelService',
'$location',
'dialogs',
-'cldsTemplateService',
function($scope, $rootScope, $uibModalInstance, cldsModelService, $location,
- dialogs, cldsTemplateService) {
+ dialogs) {
$scope.$watch('name', function(newValue, oldValue) {
var el = getGlobalProperty();
#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case !
clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
-clamp.config.security.permission.type.cl.event=org.onap.clds.cl.event
+clamp.config.security.permission.type.cl.event=org.onap.clamp.clds.cl.event
clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
clamp.config.security.permission.type.template=org.onap.clamp.clds.template
clamp.config.security.permission.type.tosca=org.onap.clamp.clds.tosca
#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case !
clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
-clamp.config.security.permission.type.cl.event=org.onap.clds.cl.event
+clamp.config.security.permission.type.cl.event=org.onap.clamp.clds.cl.event
clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
clamp.config.security.permission.type.template=org.onap.clamp.clds.template
clamp.config.security.permission.type.tosca=org.onap.clamp.clds.tosca
<get uri="/v2/loop/getAllNames"
outType="java.lang.String[]"
produces="application/json">
- <to
- uri="bean:org.onap.clamp.loop.LoopController?method=getLoopNames()" />
+ <route>
+ <to uri="bean:org.onap.clamp.authorization.AuthorizationController?method=authorize(*,'cl','','read')" />
+ <to uri="bean:org.onap.clamp.loop.LoopController?method=getLoopNames()" />
+ </route>
</get>
<get uri="/v2/loop/{loopName}"
outType="org.onap.clamp.loop.Loop"
produces="application/json">
- <to
- uri="bean:org.onap.clamp.loop.LoopController?method=getLoop(${header.loopName})" />
+ <route>
+ <to uri="bean:org.onap.clamp.authorization.AuthorizationController?method=authorize(*,'cl','','read')" />
+ <to uri="bean:org.onap.clamp.loop.LoopController?method=getLoop(${header.loopName})" />
+ </route>
</get>
<get uri="/v2/loop/svgRepresentation/{loopName}"
outType="java.lang.String"
<to
uri="bean:org.onap.clamp.loop.LoopController?method=getSVGRepresentation(${header.loopName})" />
</get>
- <post uri="/v2/loop/globalProperties/{loopName}"
- type="com.google.gson.JsonArray"
- consumes="application/json"
- outType="org.onap.clamp.loop.Loop"
- produces="application/json">
+
+ <post uri="/v2/loop/updateGlobalProperties/{loopName}"
+ type="com.google.gson.JsonObject"
+ consumes="application/json"
+ outType="org.onap.clamp.loop.Loop"
+ produces="application/json">
<to
- uri="bean:org.onap.clamp.loop.LoopController?method=updateOperationalPolicies(${header.loopName},${body})" />
+ uri="bean:org.onap.clamp.loop.LoopController?method=updateGlobalPropertiesJson(${header.loopName},${body})" />
</post>
<post uri="/v2/loop/updateOperationalPolicies/{loopName}"
type="com.google.gson.JsonArray"
consumes="application/json"
outType="org.onap.clamp.loop.Loop"
produces="application/json">
- <to
- uri="bean:org.onap.clamp.loop.LoopController?method=updateOperationalPolicies(${header.loopName},${body})" />
+ <route>
+ <to uri="bean:org.onap.clamp.authorization.AuthorizationController?method=authorize(*,'cl','','update')" />
+ <to uri="bean:org.onap.clamp.loop.LoopController?method=updateOperationalPolicies(${header.loopName},${body})" />
+ </route>
</post>
<post uri="/v2/loop/updateMicroservicePolicies/{loopName}"
type="com.google.gson.JsonArray"
consumes="application/json"
outType="org.onap.clamp.loop.Loop"
produces="application/json">
- <to
- uri="bean:org.onap.clamp.loop.LoopController?method=updateMicroservicePolicies(${header.loopName},${body})" />
+ <route>
+ <to uri="bean:org.onap.clamp.authorization.AuthorizationController?method=authorize(*,'cl','','update')" />
+ <to uri="bean:org.onap.clamp.loop.LoopController?method=updateMicroservicePolicies(${header.loopName},${body})" />
+ </route>
</post>
</rest>
</rests>
"org.onap.clamp.clds.cl|dev|read",
"org.onap.clamp.clds.cl|dev|update",
"org.onap.clamp.clds.cl.manage|dev|*",
+ "org.onap.clamp.clds.cl.event|dev|*",
"org.onap.clamp.clds.filter.vf|dev|*",
"org.onap.clamp.clds.template|dev|read",
"org.onap.clamp.clds.template|dev|update",
--- /dev/null
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP CLAMP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights
+ * reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END============================================
+ * ===================================================================
+ *
+ */
+
+package org.onap.clamp.clds.it;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mockito;
+import org.onap.clamp.authorization.AuthorizationController;
+import org.onap.clamp.clds.service.SecureServicePermission;
+import org.onap.clamp.util.PrincipalUtils;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.test.context.junit4.SpringRunner;
+
+/**
+ * Test CldsDAO calls through CldsModel and CldsEvent. This really test the DB
+ * and stored procedures.
+ */
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class AuthorizationControllerItCase {
+
+ protected static final EELFLogger logger = EELFManager.getInstance().getLogger(AuthorizationControllerItCase.class);
+ private Authentication authentication;
+ private List<GrantedAuthority> authList = new LinkedList<GrantedAuthority>();
+
+ /**
+ * Setup the variable before the tests execution.
+ *
+ * @throws IOException
+ * In case of issues when opening the files
+ */
+ @Before
+ public void setupBefore() throws IOException {
+ authList.add(new SimpleGrantedAuthority("permission-type-cl-manage|dev|*"));
+ authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read"));
+ authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update"));
+ authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read"));
+ authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update"));
+ authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
+ authList.add(new SimpleGrantedAuthority("permission-type-cl-event|dev|*"));
+
+ authentication = new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList);
+ }
+
+ @Test
+ public void testIsUserPermittedNoException() {
+ SecurityContext securityContext = Mockito.mock(SecurityContext.class);
+ Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
+ PrincipalUtils.setSecurityContext(securityContext);
+
+ AuthorizationController auth = new AuthorizationController ();
+ assertTrue(auth.isUserPermittedNoException(new SecureServicePermission("permission-type-cl","dev","read")));
+ assertTrue(auth.isUserPermittedNoException(new SecureServicePermission("permission-type-cl-manage","dev","DEPLOY")));
+ assertTrue(auth.isUserPermittedNoException(new SecureServicePermission("permission-type-filter-vf","dev","12345-55555-55555-5555")));
+ assertFalse(auth.isUserPermittedNoException(new SecureServicePermission("permission-type-cl","test","read")));
+ }
+}
//when
Loop actualLoop = loopService
- .updateOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(operationalPolicy));
+ .updateAndSaveOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(operationalPolicy));
//then
assertThat(actualLoop).isNotNull();
//when
Loop actualLoop = loopService
- .updateMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(microServicePolicy));
+ .updateAndSaveMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(microServicePolicy));
//then
assertThat(actualLoop).isNotNull();
String secondPolicyTosca = "secondPolicyTosca";
MicroServicePolicy firstMicroServicePolicy = new MicroServicePolicy(firstPolicyName, "policyTosca",
false, JsonUtils.GSON.fromJson(EXAMPLE_JSON, JsonObject.class), null);
- loopService.updateMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstMicroServicePolicy));
+ loopService.updateAndSaveMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstMicroServicePolicy));
MicroServicePolicy secondMicroServicePolicy = new MicroServicePolicy(secondPolicyName, secondPolicyTosca, true,
newJsonRepresentation, null);
//when
firstMicroServicePolicy.setJsonRepresentation(newJsonRepresentation);
- Loop actualLoop = loopService.updateMicroservicePolicies(EXAMPLE_LOOP_NAME,
+ Loop actualLoop = loopService.updateAndSaveMicroservicePolicies(EXAMPLE_LOOP_NAME,
Lists.newArrayList(firstMicroServicePolicy, secondMicroServicePolicy));
//then
String secondPolicyTosca = "secondPolicyTosca";
MicroServicePolicy firstMicroServicePolicy = new MicroServicePolicy(firstPolicyName, "policyTosca",
false, JsonUtils.GSON.fromJson(EXAMPLE_JSON, JsonObject.class), null);
- loopService.updateMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstMicroServicePolicy));
+ loopService.updateAndSaveMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstMicroServicePolicy));
MicroServicePolicy secondMicroServicePolicy = new MicroServicePolicy(secondPolicyName, secondPolicyTosca, true,
jsonRepresentation, null);
//when
Loop actualLoop = loopService
- .updateMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(secondMicroServicePolicy));
+ .updateAndSaveMicroservicePolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(secondMicroServicePolicy));
//then
assertThat(actualLoop).isNotNull();
String secondPolicyName = "secondPolicyName";
OperationalPolicy firstOperationalPolicy = new OperationalPolicy(firstPolicyName, null,
JsonUtils.GSON.fromJson(EXAMPLE_JSON, JsonObject.class));
- loopService.updateOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstOperationalPolicy));
+ loopService.updateAndSaveOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstOperationalPolicy));
OperationalPolicy secondOperationalPolicy = new OperationalPolicy(secondPolicyName, null, newJsonConfiguration);
//when
firstOperationalPolicy.setConfigurationsJson(newJsonConfiguration);
- Loop actualLoop = loopService.updateOperationalPolicies(EXAMPLE_LOOP_NAME,
+ Loop actualLoop = loopService.updateAndSaveOperationalPolicies(EXAMPLE_LOOP_NAME,
Lists.newArrayList(firstOperationalPolicy, secondOperationalPolicy));
//then
String secondPolicyName = "policyName";
OperationalPolicy firstOperationalPolicy = new OperationalPolicy(firstPolicyName, null,
JsonUtils.GSON.fromJson(EXAMPLE_JSON, JsonObject.class));
- loopService.updateOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstOperationalPolicy));
+ loopService.updateAndSaveOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(firstOperationalPolicy));
OperationalPolicy secondOperationalPolicy = new OperationalPolicy(secondPolicyName, null, jsonRepresentation);
//when
Loop actualLoop = loopService
- .updateOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(secondOperationalPolicy));
+ .updateAndSaveOperationalPolicies(EXAMPLE_LOOP_NAME, Lists.newArrayList(secondOperationalPolicy));
//then
assertThat(actualLoop).isNotNull();
}
+ @Test
+ public void shouldCreateModelPropertiesAndUpdateJsonRepresentationOfOldOne() {
+ //given
+ saveTestLoopToDb();
+ String expectedJson = "{\"test\":\"test\"}";
+ JsonObject baseGlobalProperites = JsonUtils.GSON.fromJson("{}", JsonObject.class);
+ JsonObject updatedGlobalProperites = JsonUtils.GSON.fromJson(expectedJson, JsonObject.class);
+ loopService.updateAndSaveGlobalPropertiesJson(EXAMPLE_LOOP_NAME, baseGlobalProperites);
+
+ //when
+ Loop actualLoop = loopService
+ .updateAndSaveGlobalPropertiesJson(EXAMPLE_LOOP_NAME, updatedGlobalProperites);
+
+ //then
+ assertThat(actualLoop).isNotNull();
+ assertThat(actualLoop.getName()).isEqualTo(EXAMPLE_LOOP_NAME);
+ JsonObject returnedGlobalProperties = actualLoop.getGlobalPropertiesJson();
+ assertThat(returnedGlobalProperties.getAsJsonObject()).isEqualTo(updatedGlobalProperites);
+ }
+
private Loop createTestLoop(String loopName, String loopBlueprint, String loopSvg) {
return new Loop(loopName, loopBlueprint, loopSvg);
}
Code Review / clamp.git / commitdiff