private static boolean hasResourceSpecific(InvocationContext context) { HasPermission permissionMethodAnnotation = getMethodPermissionAnnotation(context); return permissionMethodAnnotation != null && permissionMethodAnnotation.resourceSpecific(); }
@AroundInvoke public Object roleCall(InvocationContext context) throws Exception { List<Permission> permissions = getRequiredPermission(context); List<Action> actions = getRequiredAction(context); boolean resourceSpecific = hasResourceSpecific(context); ResourceGroupEntity resourceGroup = null;
@Test public void shouldCallPermissionServiceWithEveryAnnotatedPermissionAndEveryAnnotatedActions() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployOrCopyFromPermissionActionCreateOrUpdateNeeded")); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(4)).hasPermission(any(Permission.class), any(ContextEntity.class), any(Action.class), any(ResourceGroupEntity.class), any(ResourceTypeEntity.class)); verify(hasPermissionInterceptor.permissionService, times(1)).throwNotAuthorizedException(null); }
@Test public void shouldCallPermissionServiceWithPermissionAndEveryAnnotatedActions() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployPermissionActionCreateOrUpdateNeeded")); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(2)).hasPermission(any(Permission.class), any(ContextEntity.class), any(Action.class), any(ResourceGroupEntity.class), any(ResourceTypeEntity.class)); verify(hasPermissionInterceptor.permissionService, times(1)).throwNotAuthorizedException(null); }
@Test public void shouldNotCallPermissionService() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("noPermissionNeeded")); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, never()).hasPermission(any(Permission.class), any(ContextEntity.class), any(Action.class), any(ResourceGroupEntity.class), any(ResourceTypeEntity.class)); verify(hasPermissionInterceptor.permissionService, never()).throwNotAuthorizedException(null); }
private static List<Action> getRequiredAction(InvocationContext context) { HasPermission permissionMethodAnnotation = getMethodPermissionAnnotation(context); List<Action> actions = new ArrayList<>(); if (permissionMethodAnnotation != null) { if (!permissionMethodAnnotation.action().equals(Action.NULL)) { actions.add(permissionMethodAnnotation.action()); } if (permissionMethodAnnotation.oneOfAction().length > 0) { Collections.addAll(actions, permissionMethodAnnotation.oneOfAction()); } } return actions; }
@Test public void shouldCallPermissionServiceWithPermission() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployPermissionNeeded")); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.DEPLOYMENT, null, null ,null, null); verify(hasPermissionInterceptor.permissionService, times(1)).throwNotAuthorizedException(null); }
private static List<Permission> getRequiredPermission(InvocationContext context) { HasPermission permissionMethodAnnotation = getMethodPermissionAnnotation(context); List<Permission> permissions = new ArrayList<>(); if (permissionMethodAnnotation != null) { if (!permissionMethodAnnotation.permission().equals(Permission.DEFAULT)) { permissions.add(permissionMethodAnnotation.permission()); } if (permissionMethodAnnotation.oneOfPermission().length > 0) { Collections.addAll(permissions, permissionMethodAnnotation.oneOfPermission()); } } return permissions; }
@Test public void shouldCallPermissionServiceWithPermissionAndAction() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployPermissionActionCreateNeeded")); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, null, null); verify(hasPermissionInterceptor.permissionService, times(1)).throwNotAuthorizedException(null); }
@Test public void shouldCallPermissionServiceWithPermissionAndActionButSkipAsSoonAsACheckReturnsTrue() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployPermissionActionCreateOrUpdateNeeded")); when(hasPermissionInterceptor.permissionService.hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, null, null)).thenReturn(true); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, null, null); verify(hasPermissionInterceptor.permissionService, never()).hasPermission(Permission.DEPLOYMENT, null, Action.UPDATE, null, null); verify(hasPermissionInterceptor.permissionService, never()).throwNotAuthorizedException(null); }
@Test public void shouldCallPermissionServiceWithMultipleAnnotatedPermissionsAndActionsButSkipAsSoonACheckReturnsTrue() throws Exception { //given when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployOrCopyFromPermissionActionCreateOrUpdateNeeded")); when(hasPermissionInterceptor.permissionService.hasPermission(Permission.RESOURCE_RELEASE_COPY_FROM_RESOURCE, null, Action.UPDATE, null, null)).thenReturn(true); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.RESOURCE_RELEASE_COPY_FROM_RESOURCE, null, Action.CREATE, null, null); verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.RESOURCE_RELEASE_COPY_FROM_RESOURCE, null, Action.UPDATE, null, null); verify(hasPermissionInterceptor.permissionService, never()).hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, null, null); verify(hasPermissionInterceptor.permissionService, never()).hasPermission(Permission.DEPLOYMENT, null, Action.UPDATE, null, null); verify(hasPermissionInterceptor.permissionService, never()).throwNotAuthorizedException(null); }
@Test public void shouldCallPermissionServiceWithPermissionsAndResource() throws Exception { //given ResourceEntity resource = new ResourceEntity(); ResourceGroupEntity resGroup = new ResourceGroupEntity(); resource.setResourceGroup(resGroup); ResourceEntity[] resources = {resource}; context.setParameters(resources); when(context.getMethod()).thenReturn(TestBoundary.class.getMethod("deployPermissionActionCreateForSpecificResourceNeeded")); when(context.getParameters()).thenReturn(resources); when(hasPermissionInterceptor.permissionService.hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, resGroup, null)).thenReturn(true); //when hasPermissionInterceptor.roleCall(context); //then verify(hasPermissionInterceptor.permissionService, times(1)).hasPermission(Permission.DEPLOYMENT, null, Action.CREATE, resGroup, null); verify(hasPermissionInterceptor.permissionService, never()).throwNotAuthorizedException(null); }