@Override public Sid getSid() { if (sid == null) { if (sidOfPrincipal != null) sid = new PrincipalSid(sidOfPrincipal); else if (sidOfAuthority != null) sid = new GrantedAuthoritySid(sidOfAuthority); else throw new IllegalStateException(); } return sid; }
@Override public boolean equals(Object object) { if ((object == null) || !(object instanceof GrantedAuthoritySid)) { return false; } // Delegate to getGrantedAuthority() to perform actual comparison (both should be // identical) return ((GrantedAuthoritySid) object).getGrantedAuthority().equals( this.getGrantedAuthority()); }
@Test public void testGrantedAuthoritySidHashCode() throws Exception { GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); Sid gaSid = new GrantedAuthoritySid(ga); assertThat(gaSid.hashCode()).isEqualTo("ROLE_TEST".hashCode()); assertThat(gaSid.hashCode()).isEqualTo( new GrantedAuthoritySid("ROLE_TEST").hashCode()); assertThat(gaSid.hashCode()).isNotEqualTo( new GrantedAuthoritySid("ROLE_TEST_2").hashCode()); assertThat(gaSid.hashCode()).isNotEqualTo(new GrantedAuthoritySid( new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode()); }
@Test public void testGetters() throws Exception { Authentication authentication = new TestingAuthenticationToken("johndoe", "password"); PrincipalSid principalSid = new PrincipalSid(authentication); GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga); assertThat("johndoe".equals(principalSid.getPrincipal())).isTrue(); assertThat("scott".equals(principalSid.getPrincipal())).isFalse(); assertThat("ROLE_TEST".equals(gaSid.getGrantedAuthority())).isTrue(); assertThat("ROLE_TEST2".equals(gaSid.getGrantedAuthority())).isFalse(); } }
public Sid getSid(String sid, boolean isPrincepal) { if (isPrincepal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
@Override public int hashCode() { return this.getGrantedAuthority().hashCode(); }
public Sid getSidObj() { if (sidObj == null) { sidObj = isPrincipal ? new PrincipalSid(sid) : new GrantedAuthoritySid(sid); } return sidObj; } }
private Set<String> getAuthoritiesInPrj(List<Sid> allSids) { Set<String> allAuthorities = new TreeSet<>(); for (Sid sid : allSids) { if (sid instanceof GrantedAuthoritySid) { allAuthorities.add(((GrantedAuthoritySid) sid).getGrantedAuthority()); } } return allAuthorities; }
public List<Sid> getSids(Authentication authentication) { Collection<? extends GrantedAuthority> authorities = roleHierarchy .getReachableGrantedAuthorities(authentication.getAuthorities()); List<Sid> sids = new ArrayList<>(authorities.size() + 1); sids.add(new PrincipalSid(authentication)); for (GrantedAuthority authority : authorities) { sids.add(new GrantedAuthoritySid(authority)); } return sids; } }
private static String getName(Sid sid) { if (sid instanceof PrincipalSid) { return ((PrincipalSid) sid).getPrincipal(); } else { return ((GrantedAuthoritySid) sid).getGrantedAuthority(); } }
/** * Creates a particular implementation of {@link Sid} depending on the arguments. * * @param sid the name of the sid representing its unique identifier. In typical ACL * database schema it's located in table {@code acl_sid} table, {@code sid} column. * @param isPrincipal whether it's a user or granted authority like role * @return the instance of Sid with the {@code sidName} as an identifier */ protected Sid createSid(boolean isPrincipal, String sid) { if (isPrincipal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
public SidInfo(Sid sid) { if (sid instanceof PrincipalSid) { this.sid = ((PrincipalSid) sid).getPrincipal(); this.isPrincipal = true; } else if (sid instanceof GrantedAuthoritySid) { this.sid = ((GrantedAuthoritySid) sid).getGrantedAuthority(); this.isPrincipal = false; } else throw new IllegalStateException(); }
@Test public void testGrantedAuthoritySidEquals() throws Exception { GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); Sid gaSid = new GrantedAuthoritySid(ga); assertThat(gaSid.equals(null)).isFalse(); assertThat(gaSid.equals("DIFFERENT_TYPE_OBJECT")).isFalse(); assertThat(gaSid.equals(gaSid)).isTrue(); assertThat(gaSid.equals(new GrantedAuthoritySid(ga))).isTrue(); assertThat(gaSid.equals(new GrantedAuthoritySid( new SimpleGrantedAuthority("ROLE_TEST")))).isTrue(); assertThat(gaSid.equals(new GrantedAuthoritySid( new SimpleGrantedAuthority("ROLE_NOT_EQUAL")))).isFalse(); assertThat(gaSid.equals(new GrantedAuthoritySid("ROLE_TEST"))).isTrue(); assertThat(gaSid.equals(new GrantedAuthoritySid("ROLE_NOT_EQUAL"))).isFalse(); }
/** * Retrieves the primary key from acl_sid, creating a new row if needed and the * allowCreate property is true. * * @param sid to find or create * @param allowCreate true if creation is permitted if not found * * @return the primary key or null if not found * * @throws IllegalArgumentException if the <tt>Sid</tt> is not a recognized * implementation. */ protected Long createOrRetrieveSidPrimaryKey(Sid sid, boolean allowCreate) { Assert.notNull(sid, "Sid required"); String sidName; boolean sidIsPrincipal = true; if (sid instanceof PrincipalSid) { sidName = ((PrincipalSid) sid).getPrincipal(); } else if (sid instanceof GrantedAuthoritySid) { sidName = ((GrantedAuthoritySid) sid).getGrantedAuthority(); sidIsPrincipal = false; } else { throw new IllegalArgumentException("Unsupported implementation of Sid"); } return createOrRetrieveSidPrimaryKey(sidName, sidIsPrincipal, allowCreate); }
@Test public void isSidLoadedBehavesAsExpected() throws Exception { List<Sid> loadedSids = Arrays.asList(new PrincipalSid("ben"), new GrantedAuthoritySid("ROLE_IGNORED")); MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, loadedSids, true, new PrincipalSid("joe")); assertThat(acl.isSidLoaded(loadedSids)).isTrue(); assertThat(acl.isSidLoaded(Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new PrincipalSid("ben")))) .isTrue(); assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_IGNORED")))) .isTrue(); assertThat(acl.isSidLoaded(BEN)).isTrue(); assertThat(acl.isSidLoaded(null)).isTrue(); assertThat(acl.isSidLoaded(new ArrayList<>(0))).isTrue(); assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_IGNORED"), new GrantedAuthoritySid("ROLE_IGNORED")))) .isTrue(); assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_GENERAL"), new GrantedAuthoritySid("ROLE_IGNORED")))) .isFalse(); assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_IGNORED"), new GrantedAuthoritySid("ROLE_GENERAL")))) .isFalse(); }
public List<String> getAllAclSids(Acl acl, String type) { if (null == acl) { return Collections.emptyList(); } List<String> result = new ArrayList<>(); for (AccessControlEntry ace : acl.getEntries()) { String name = null; if (type.equalsIgnoreCase(MetadataConstants.TYPE_USER) && ace.getSid() instanceof PrincipalSid) { name = ((PrincipalSid) ace.getSid()).getPrincipal(); } if (type.equalsIgnoreCase(MetadataConstants.TYPE_GROUP) && ace.getSid() instanceof GrantedAuthoritySid) { name = ((GrantedAuthoritySid) ace.getSid()).getGrantedAuthority(); } if (!StringUtils.isBlank(name)) { result.add(name); } } return result; }
new GrantedAuthoritySid(string); fail("It should have thrown IllegalArgumentException"); new GrantedAuthoritySid(""); fail("It should have thrown IllegalArgumentException"); new GrantedAuthoritySid("ROLE_TEST"); new GrantedAuthoritySid(ga); fail("It should have thrown IllegalArgumentException"); new GrantedAuthoritySid(ga); fail("It should have thrown IllegalArgumentException"); new GrantedAuthoritySid(ga);
@Test public void correctSidsAreRetrieved() throws Exception { SidRetrievalStrategy retrStrategy = new SidRetrievalStrategyImpl(); List<Sid> sids = retrStrategy.getSids(authentication); assertThat(sids).isNotNull(); assertThat(sids).hasSize(4); assertThat(sids.get(0)).isNotNull(); assertThat(sids.get(0) instanceof PrincipalSid).isTrue(); for (int i = 1; i < sids.size(); i++) { assertThat(sids.get(i) instanceof GrantedAuthoritySid).isTrue(); } assertThat(((PrincipalSid) sids.get(0)).getPrincipal()).isEqualTo("scott"); assertThat(((GrantedAuthoritySid) sids.get(1)).getGrantedAuthority()).isEqualTo("A"); assertThat(((GrantedAuthoritySid) sids.get(2)).getGrantedAuthority()).isEqualTo("B"); assertThat(((GrantedAuthoritySid) sids.get(3)).getGrantedAuthority()).isEqualTo("C"); }
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true); acl.insertAce(1, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true); acl.insertAce(2, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST3"), true); service.updateAcl(acl); assertThat(acl.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid( "ROLE_TEST2")); assertThat(acl.getEntries().get(1).getSid()).isEqualTo(new GrantedAuthoritySid( "ROLE_TEST3")); acl.insertAce(2, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST4"), true); service.updateAcl(acl); acl.deleteAce(1); assertThat(acl.getEntries()).hasSize(2); assertThat(acl.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid( "ROLE_TEST2")); assertThat(acl.getEntries().get(1).getSid()).isEqualTo(new GrantedAuthoritySid( "ROLE_TEST4"));
@Test public void testCreateGrantedAuthority() { Sid result = strategy.createSid(false, "sid"); assertThat(result.getClass()).isEqualTo(GrantedAuthoritySid.class); assertThat(((GrantedAuthoritySid) result).getGrantedAuthority()).isEqualTo("sid"); }