nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TSK-65: Update CurrentUserContext and unit tests 

- Throw the respective exception instead of throwable in unit test
- Return an empty list instead of null in getGroupIds
- Remove TaskanaInterface and add single groups to subject
- Create Principals for tests and REST service
- Throw exceptions in tests
This commit is contained in:
Konstantin Kläger 2017-12-06 11:47:01 +01:00
parent 7135973bb3
commit 176fed5895
7 changed files with 166 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
lib/taskana-core/src/main/java/pro/taskana/security/CurrentUserContext.java
View File

@ -7,6 +7,7 @@ import javax.security.auth.Subject;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
@ -89,45 +90,44 @@ public final class CurrentUserContext {
private static String getUseridFromJAASSubject() {
Subject subject = Subject.getSubject(AccessController.getContext());
LOGGER.debug("Subject of caller: {}", subject);
LOGGER.trace("Subject of caller: {}", subject);
if (subject != null) {
Set<Principal> principals = subject.getPrincipals();
LOGGER.debug("Public principals of caller: {}", principals);
LOGGER.trace("Public principals of caller: {}", principals);
for (Principal pC : principals) {
LOGGER.debug("Returning the first public principal: {}", pC.getName());
return pC.getName();
if (!(pC instanceof Group)) {
LOGGER.trace("Returning the first principal that is no group: {}", pC.getName());
return pC.getName();
}
}
}
LOGGER.debug("No userid found in subject!");
LOGGER.trace("No userid found in subject!");
return null;
}
public static List<String> getGroupIds() {
Subject subject = Subject.getSubject(AccessController.getContext());
LOGGER.debug("Subject of caller: {}", subject);
LOGGER.trace("Subject of caller: {}", subject);
List<String> groupIds = new ArrayList<>();
if (subject != null) {
Set<Principal> principals = subject.getPrincipals();
LOGGER.debug("Public principals of caller: {}", principals);
for (Principal pC : principals) {
if (pC instanceof TaskanaPrincipal) {
TaskanaPrincipal sP = (TaskanaPrincipal) pC;
LOGGER.debug("Returning the groupIds: {}", sP.getGroupNames());
return sP.getGroupNames();
}
Set<Group> groups = subject.getPrincipals(Group.class);
LOGGER.trace("Public groups of caller: {}", groups);
for (Principal group : groups) {
LOGGER.trace("Returning the groupId: {}", group.getName());
groupIds.add(group.getName());
}
return groupIds;
}
LOGGER.debug("No groupids found in subject!");
return null;
LOGGER.trace("No groupids found in subject!");
return groupIds;
}
public static List<String> getAccessIds() {
List<String> accessIds = new ArrayList<>();
List<String> groupIds = getGroupIds();
accessIds.add(getUserid());
if (getGroupIds() != null) {
accessIds.addAll(getGroupIds());
}
if (accessIds.isEmpty()) {
return null;
if (!groupIds.isEmpty()) {
accessIds.addAll(groupIds);
}
return accessIds;
}

46
lib/taskana-core/src/main/java/pro/taskana/security/GroupPrincipal.java Normal file
View File

@ -0,0 +1,46 @@
package pro.taskana.security;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Set;
/**
* Represents a group with a name and a set of members.
*/
public class GroupPrincipal implements Group {
private String name;
private Set<Principal> members;
public GroupPrincipal(String name) {
this.name = name;
}
@Override
public String getName() {
return this.name;
}
@Override
public boolean addMember(Principal user) {
return this.members.add(user);
}
@Override
public boolean removeMember(Principal user) {
return this.members.remove(user);
}
@Override
public boolean isMember(Principal member) {
return this.members.contains(member);
}
@Override
public Enumeration<? extends Principal> members() {
return Collections.enumeration(this.members);
}
}

13
lib/taskana-core/src/main/java/pro/taskana/security/TaskanaPrincipal.java
View File

@ -1,13 +0,0 @@
package pro.taskana.security;
import java.security.Principal;
import java.util.List;
/**
* This interface extends Principal by groupIds.
* @author KKL
*/
public interface TaskanaPrincipal extends Principal {
List<String> getGroupNames();
}

24
lib/taskana-core/src/main/java/pro/taskana/security/UserPrincipal.java Normal file
View File

@ -0,0 +1,24 @@
package pro.taskana.security;
import java.security.Principal;
/**
* Represents a user principal with a name.
*/
public class UserPrincipal implements Principal {
private String name;
public UserPrincipal(String name) {
this.name = name;
}
public void setName(String name) {
this.name = name;
}
public String getName() {
return this.name;
}
}

130
lib/taskana-core/src/test/java/pro/taskana/impl/integration/TaskServiceImplIntExplicitTest.java
View File

@ -2,7 +2,7 @@ package pro.taskana.impl.integration;
import java.io.FileNotFoundException;
import java.io.InputStreamReader;
import java.security.PrivilegedAction;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.sql.Connection;
@ -48,7 +48,8 @@ import pro.taskana.model.ObjectReference;
import pro.taskana.model.Task;
import pro.taskana.model.TaskState;
import pro.taskana.model.Workbasket;
import pro.taskana.security.SamplePrincipal;
import pro.taskana.security.GroupPrincipal;
import pro.taskana.security.UserPrincipal;
/**
* Integration Test for TaskServiceImpl transactions with connection management mode EXPLICIT.
@ -82,13 +83,13 @@ public class TaskServiceImplIntExplicitTest {
cleaner.clearDb(dataSource, false);
subject = new Subject();
SamplePrincipal samplePrincipal = new SamplePrincipal("Elena");
List<String> groups = new ArrayList<String>();
groups.add("group1");
groups.add("group2");
groups.add("group3");
samplePrincipal.setGroups(groups);
subject.getPrincipals().add(samplePrincipal);
List<Principal> principalList = new ArrayList<>();
principalList.add(new UserPrincipal("Elena"));
principalList.add(new GroupPrincipal("group1"));
principalList.add(new GroupPrincipal("group2"));
principalList.add(new GroupPrincipal("group3"));
subject.getPrincipals().addAll(principalList);
try {
Connection connection = dataSource.getConnection();
ScriptRunner runner = new ScriptRunner(connection);
@ -101,21 +102,21 @@ public class TaskServiceImplIntExplicitTest {
}
@Test
public void testStart() {
Subject.doAs(subject, new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
do_testStart();
} catch (TaskNotFoundException | FileNotFoundException | NotAuthorizedException | SQLException | WorkbasketNotFoundException e) {
e.printStackTrace();
public void testTaskService() throws Throwable {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws TaskNotFoundException, WorkbasketNotFoundException, FileNotFoundException, NotAuthorizedException, SQLException {
do_testTaskService();
return null;
}
return null;
}
});
});
} catch (PrivilegedActionException e) {
throw e.getCause();
}
}
public void do_testStart() throws FileNotFoundException, SQLException, TaskNotFoundException, NotAuthorizedException, WorkbasketNotFoundException {
public void do_testTaskService() throws FileNotFoundException, SQLException, TaskNotFoundException, NotAuthorizedException, WorkbasketNotFoundException {
Connection connection = dataSource.getConnection();
taskanaEngineImpl.setConnection(connection);
Task task = new Task();
@ -132,7 +133,7 @@ public class TaskServiceImplIntExplicitTest {
}
@Test(expected = TaskNotFoundException.class)
public void testStartTransactionFail() throws Throwable {
public void testStartTransactionFail() throws TaskNotFoundException {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
public Object run() throws TaskNotFoundException, FileNotFoundException, NotAuthorizedException, SQLException, WorkbasketNotFoundException {
@ -141,8 +142,10 @@ public class TaskServiceImplIntExplicitTest {
}
});
} catch (PrivilegedActionException e) {
if (e.getCause() != null) {
throw e.getCause();
Throwable cause = e.getCause();
if (cause != null) {
Assert.assertTrue(cause instanceof TaskNotFoundException);
throw (TaskNotFoundException) cause;
}
}
}
@ -168,18 +171,18 @@ public class TaskServiceImplIntExplicitTest {
}
@Test
public void testCreateTaskInTaskanaWithDefaultDb() {
Subject.doAs(subject, new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
public void testCreateTaskInTaskanaWithDefaultDb() throws Throwable {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws TaskNotFoundException, WorkbasketNotFoundException, FileNotFoundException, NotAuthorizedException, SQLException {
do_testCreateTaskInTaskanaWithDefaultDb();
} catch (TaskNotFoundException | FileNotFoundException | NotAuthorizedException | SQLException | WorkbasketNotFoundException e) {
e.printStackTrace();
return null;
}
return null;
}
});
});
} catch (PrivilegedActionException e) {
throw e.getCause();
}
}
public void do_testCreateTaskInTaskanaWithDefaultDb()
@ -193,7 +196,6 @@ public class TaskServiceImplIntExplicitTest {
Task task = new Task();
task.setName("Unit Test Task");
//String id1 = IdGenerator.generateWithPrefix("TWB");
task.setWorkbasketId("1");
task = taskServiceImpl.create(task);
@ -204,18 +206,18 @@ public class TaskServiceImplIntExplicitTest {
}
@Test
public void testCreateManualTask() {
Subject.doAs(subject, new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
public void testCreateManualTask() throws Throwable {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws WorkbasketNotFoundException, ClassificationNotFoundException, NotAuthorizedException, SQLException {
do_testCreateManualTask();
} catch (NotAuthorizedException | SQLException | WorkbasketNotFoundException | ClassificationNotFoundException e) {
e.printStackTrace();
return null;
}
return null;
}
});
});
} catch (PrivilegedActionException e) {
throw e.getCause();
}
}
public void do_testCreateManualTask() throws SQLException, NotAuthorizedException, WorkbasketNotFoundException, ClassificationNotFoundException {
@ -224,6 +226,7 @@ public class TaskServiceImplIntExplicitTest {
Workbasket workbasket = new Workbasket();
workbasket.setName("workbasket1");
workbasket.setId("1");
taskanaEngine.getWorkbasketService().createWorkbasket(workbasket);
Classification classification = new Classification();
@ -257,7 +260,7 @@ public class TaskServiceImplIntExplicitTest {
}
@Test(expected = WorkbasketNotFoundException.class)
public void createManualTaskShouldThrowWorkbasketNotFoundException() throws Throwable {
public void createManualTaskShouldThrowWorkbasketNotFoundException() throws WorkbasketNotFoundException {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
public Object run() throws NotAuthorizedException, SQLException, WorkbasketNotFoundException, ClassificationNotFoundException {
@ -266,8 +269,10 @@ public class TaskServiceImplIntExplicitTest {
}
});
} catch (PrivilegedActionException e) {
if (e.getCause() != null) {
throw e.getCause();
Throwable cause = e.getCause();
if (cause != null) {
Assert.assertTrue(cause instanceof WorkbasketNotFoundException);
throw (WorkbasketNotFoundException) cause;
}
}
}
@ -284,7 +289,7 @@ public class TaskServiceImplIntExplicitTest {
}
@Test(expected = ClassificationNotFoundException.class)
public void createManualTaskShouldThrowClassificationNotFoundException() throws Throwable {
public void createManualTaskShouldThrowClassificationNotFoundException() throws ClassificationNotFoundException {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
public Object run() throws NotAuthorizedException, SQLException, WorkbasketNotFoundException, ClassificationNotFoundException {
@ -293,8 +298,10 @@ public class TaskServiceImplIntExplicitTest {
}
});
} catch (PrivilegedActionException e) {
if (e.getCause() != null) {
throw e.getCause();
Throwable cause = e.getCause();
if (cause != null) {
Assert.assertTrue(cause instanceof ClassificationNotFoundException);
throw (ClassificationNotFoundException) cause;
}
}
}
@ -330,18 +337,18 @@ public class TaskServiceImplIntExplicitTest {
}
@Test
public void should_ReturnList_when_BuilderIsUsed() {
Subject.doAs(subject, new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
public void should_ReturnList_when_BuilderIsUsed() throws Throwable {
try {
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws WorkbasketNotFoundException, NotAuthorizedException, SQLException {
do_should_ReturnList_when_BuilderIsUsed();
} catch (NotAuthorizedException | SQLException | WorkbasketNotFoundException e) {
e.printStackTrace();
return null;
}
return null;
}
});
});
} catch (PrivilegedActionException e) {
throw e.getCause();
}
}
public void do_should_ReturnList_when_BuilderIsUsed() throws SQLException, NotAuthorizedException, WorkbasketNotFoundException {
@ -351,7 +358,6 @@ public class TaskServiceImplIntExplicitTest {
Task task = new Task();
task.setName("Unit Test Task");
//String id1 = IdGenerator.generateWithPrefix("TWB");
task.setWorkbasketId("1");
task = taskServiceImpl.create(task);

34
lib/taskana-core/src/test/java/pro/taskana/security/SamplePrincipal.java
View File

@ -1,34 +0,0 @@
package pro.taskana.security;
import java.util.List;
/**
* SamplePrincipal.
* @author KKL
*/
public class SamplePrincipal implements TaskanaPrincipal {
private String name;
private List<String> groups;
public SamplePrincipal(String name) {
this.name = name;
}
public void setName(String name) {
this.name = name;
}
public String getName() {
return this.name;
}
public List<String> getGroupNames() {
return groups;
}
public void setGroups(List<String> groups) {
this.groups = groups;
}
}

33
rest/src/main/java/pro/taskana/rest/security/CustomAutenticationProvider.java
View File

@ -1,13 +1,11 @@
package pro.taskana.rest.security;
import java.util.ArrayList;
import java.util.List;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
import org.springframework.security.core.Authentication;
import pro.taskana.security.TaskanaPrincipal;
import pro.taskana.security.GroupPrincipal;
import pro.taskana.security.UserPrincipal;
public class CustomAutenticationProvider implements AuthenticationProvider {
private AuthenticationProvider delegate;
@ -22,34 +20,17 @@ public class CustomAutenticationProvider implements AuthenticationProvider {
.authenticate(authentication);
if (jaasAuthenticationToken.isAuthenticated()) {
final String name = jaasAuthenticationToken.getPrincipal().toString();
final List<String> groupNames = getGroupNames(name);
TaskanaPrincipal tp = new TaskanaPrincipal() {
@Override
public String getName() {
return name;
}
@Override
public List<String> getGroupNames() {
return groupNames;
}
};
jaasAuthenticationToken.getLoginContext().getSubject().getPrincipals().add(tp);
String userName = jaasAuthenticationToken.getPrincipal().toString();
jaasAuthenticationToken.getLoginContext().getSubject().getPrincipals().add(new UserPrincipal(userName));
jaasAuthenticationToken.getLoginContext().getSubject().getPrincipals().add(new GroupPrincipal("group1"));
jaasAuthenticationToken.getLoginContext().getSubject().getPrincipals().add(new GroupPrincipal("group2"));
jaasAuthenticationToken.getLoginContext().getSubject().getPrincipals().add(new GroupPrincipal("group3"));
return jaasAuthenticationToken;
} else {
return null;
}
}
private List<String> getGroupNames(String name) {
List<String> groupNames = new ArrayList<String>();
groupNames.add("group1");
groupNames.add("group2");
return groupNames;
}
@Override
public boolean supports(Class<?> authentication) {
return delegate.supports(authentication);