/** * Gets all authorizations for the current user. * * @return the user authorizations */ @RequestMapping(value = CURRENT_USER_URI_PREFIX, method = RequestMethod.GET) @PreAuthorize("isAuthenticated()") public UserAuthorizations getCurrentUser() { return currentUserService.getCurrentUser(); } }
/** * Gets all authorizations for the current user. * * @return the user authorizations */ @RequestMapping(value = CURRENT_USER_URI_PREFIX, method = RequestMethod.GET) @PreAuthorize("isAuthenticated()") public UserAuthorizations getCurrentUser() { return currentUserService.getCurrentUser(); } }
@Test public void testGetCurrentUserNoAuthentication() throws Exception { // Override the security context to have no authentication. Authentication originalAuthentication = SecurityContextHolder.getContext().getAuthentication(); try { // Get the current user information. UserAuthorizations userAuthorizations = currentUserService.getCurrentUser(); // Validate the response object. assertEquals(new UserAuthorizations(null, null, NO_SECURITY_ROLES, NO_SECURITY_FUNCTIONS), userAuthorizations); } finally { // Restore the original authentication. SecurityContextHolder.getContext().setAuthentication(originalAuthentication); } }
@Test public void testGetCurrentUser() throws Exception { // Create a set of test namespace authorizations. Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>(); namespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE, SUPPORTED_NAMESPACE_PERMISSIONS)); namespaceAuthorizations.add(new NamespaceAuthorization(NAMESPACE_2, SUPPORTED_NAMESPACE_PERMISSIONS)); UserAuthorizations userAuthorizations = new UserAuthorizations(); userAuthorizations.setNamespaceAuthorizations(new ArrayList(namespaceAuthorizations)); when(currentUserService.getCurrentUser()).thenReturn(userAuthorizations); // Get the current user information. UserAuthorizations resultUserAuthorizations = currentUserRestController.getCurrentUser(); // Verify the external calls. verify(currentUserService).getCurrentUser(); verifyNoMoreInteractions(currentUserService); // Validate the returned object. assertEquals(userAuthorizations, resultUserAuthorizations); } }
UserAuthorizations userAuthorizations = currentUserService.getCurrentUser();
UserAuthorizations userAuthorizations = currentUserService.getCurrentUser();
@Test public void testUpdateUserNamespaceAuthorizationHappyPath() { when(alternateKeyHelper.validateStringParameter("namespace", NAMESPACE_VALUE)).thenReturn(NAMESPACE_VALUE); when(alternateKeyHelper.validateStringParameter("user id", USER_ID_VALUE)).thenReturn(USER_ID_VALUE); when(currentUserService.getCurrentUser()).thenReturn(USER_AUTHORIZATIONS); when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationByKey(USER_NAMESPACE_AUTHORIZATION_KEY)) .thenReturn(USER_NAMESPACE_AUTHORIZATION_ENTITY); when(userNamespaceAuthorizationHelper.getNamespacePermissions(USER_NAMESPACE_AUTHORIZATION_ENTITY)).thenReturn(NAMESPACE_PERMISSIONS); UserNamespaceAuthorization userNamespaceAuthorization = userNamespaceAuthorizationService.updateUserNamespaceAuthorization(USER_NAMESPACE_AUTHORIZATION_KEY, USER_NAMESPACE_AUTHORIZATION_UPDATE_REQUEST); assertEquals(USER_NAMESPACE_AUTHORIZATION_ID, userNamespaceAuthorization.getId()); assertEquals(USER_NAMESPACE_AUTHORIZATION_KEY, userNamespaceAuthorization.getUserNamespaceAuthorizationKey()); assertEquals(NAMESPACE_PERMISSIONS, userNamespaceAuthorization.getNamespacePermissions()); verify(alternateKeyHelper).validateStringParameter("namespace", NAMESPACE_VALUE); verify(alternateKeyHelper).validateStringParameter("user id", USER_ID_VALUE); verify(currentUserService).getCurrentUser(); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationByKey(USER_NAMESPACE_AUTHORIZATION_KEY); verify(userNamespaceAuthorizationDao).saveAndRefresh(any(UserNamespaceAuthorizationEntity.class)); verify(messageNotificationEventService).processUserNamespaceAuthorizationChangeNotificationEvent(USER_NAMESPACE_AUTHORIZATION_KEY); verify(userNamespaceAuthorizationHelper).getNamespacePermissions(USER_NAMESPACE_AUTHORIZATION_ENTITY); verifyNoMoreInteractionsHelper(); }
@PublishNotificationMessages @NamespacePermission(fields = "#key?.namespace", permissions = NamespacePermissionEnum.GRANT) @Override public UserNamespaceAuthorization updateUserNamespaceAuthorization(UserNamespaceAuthorizationKey key, UserNamespaceAuthorizationUpdateRequest request) { // Validate and trim the key. validateUserNamespaceAuthorizationKey(key); // Validate and trim the request parameters. validateUserNamespaceAuthorizationUpdateRequest(request); // Retrieve and ensure that a user namespace authorization exists with the specified key. UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity = getUserNamespaceAuthorizationEntity(key); // Get the current user UserAuthorizations userAuthorizations = currentUserService.getCurrentUser(); // If the current user id is equal to the user id in the namespace authorization key // and the user namespace authorization entity contains the grant permission if (userAuthorizations.getUserId().equalsIgnoreCase(key.getUserId()) && userNamespaceAuthorizationEntity.getGrantPermission()) { // Assert that the request contains the grant namespace permission Assert.isTrue(request.getNamespacePermissions().contains(NamespacePermissionEnum.GRANT), "Users are not allowed to remove their own GRANT namespace permission." + " Please include the GRANT namespace permission in this request, or have another user remove the GRANT permission."); } // Update the permissions. updateNamespacePermissions(userNamespaceAuthorizationEntity, request.getNamespacePermissions()); userNamespaceAuthorizationDao.saveAndRefresh(userNamespaceAuthorizationEntity); // Create a user namespace authorization change notification to be sent on update user namespace authorization event. messageNotificationEventService.processUserNamespaceAuthorizationChangeNotificationEvent(key); // Create and return the user namespace authorization object from the updated entity. return createUserNamespaceAuthorizationFromEntity(userNamespaceAuthorizationEntity); }
@PublishNotificationMessages @NamespacePermission(fields = "#key?.namespace", permissions = NamespacePermissionEnum.GRANT) @Override public UserNamespaceAuthorization updateUserNamespaceAuthorization(UserNamespaceAuthorizationKey key, UserNamespaceAuthorizationUpdateRequest request) { // Validate and trim the key. validateUserNamespaceAuthorizationKey(key); // Validate and trim the request parameters. validateUserNamespaceAuthorizationUpdateRequest(request); // Retrieve and ensure that a user namespace authorization exists with the specified key. UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity = getUserNamespaceAuthorizationEntity(key); // Get the current user UserAuthorizations userAuthorizations = currentUserService.getCurrentUser(); // If the current user id is equal to the user id in the namespace authorization key // and the user namespace authorization entity contains the grant permission if (userAuthorizations.getUserId().equalsIgnoreCase(key.getUserId()) && userNamespaceAuthorizationEntity.getGrantPermission()) { // Assert that the request contains the grant namespace permission Assert.isTrue(request.getNamespacePermissions().contains(NamespacePermissionEnum.GRANT), "Users are not allowed to remove their own GRANT namespace permission." + " Please include the GRANT namespace permission in this request, or have another user remove the GRANT permission."); } // Update the permissions. updateNamespacePermissions(userNamespaceAuthorizationEntity, request.getNamespacePermissions()); userNamespaceAuthorizationDao.saveAndRefresh(userNamespaceAuthorizationEntity); // Create a user namespace authorization change notification to be sent on update user namespace authorization event. messageNotificationEventService.processUserNamespaceAuthorizationChangeNotificationEvent(key); // Create and return the user namespace authorization object from the updated entity. return createUserNamespaceAuthorizationFromEntity(userNamespaceAuthorizationEntity); }