/** * Utility method that communicates with the installed ACLVoter to determine administrator status * @deprecated use SystemUtils.canAdminister() instead * * @param session The users IPentahoSession object * @return true if the user is considered a Pentaho administrator */ @Override @Deprecated public boolean isPentahoAdministrator( final IPentahoSession session ) { IAuthorizationPolicy policy = getAuthorizationPolicy(); if ( policy == null ) { SecurityHelper.logger.warn( "No IAuthorizationPolicy set in PentahoSystem" ); return false; } // TODO externalize action names return policy.isAllowed( "org.pentaho.repository.read" ) && policy.isAllowed( "org.pentaho.repository.create" ) && ( policy.isAllowed( "org.pentaho.security.administerSecurity" ) ); }
@Test public void isPentahoAdministratorValidPolicyTest() { IAuthorizationPolicy policy = mock( IAuthorizationPolicy.class ); when( emptySecurityHelper.getAuthorizationPolicy() ).thenReturn( policy ); when( policy.isAllowed( anyString() ) ).thenReturn( true ); assertTrue( emptySecurityHelper.isPentahoAdministrator( any() ) ); }
@Test public void isPentahoAdministratorInvalidPolicyTest() { IAuthorizationPolicy policy = mock( IAuthorizationPolicy.class ); when( emptySecurityHelper.getAuthorizationPolicy() ).thenReturn( policy ); when( policy.isAllowed( anyString() ) ).thenReturn( false ); assertFalse( emptySecurityHelper.isPentahoAdministrator( any() ) ); }
@Test public void isPentahoAdministratorNullPolicyTest() { when( emptySecurityHelper.getAuthorizationPolicy() ).thenReturn( null ); assertFalse( emptySecurityHelper.isPentahoAdministrator( any() ) ); }