public void testGetSigningBlessingNames() throws VException {
VContext context = V.init();
VPrincipal p = VSecurity.newPrincipal();
ECPublicKey pk = p.publicKey();
List<Caveat> passingCaveats =
ImmutableList.of(
VSecurity.newExpiryCaveat(DateTime.now().plusDays(1)),
VSecurity.newExpiryCaveat(DateTime.now().plusYears(1)));
List<Caveat> failingCaveats =
ImmutableList.of(
VSecurity.newMethodCaveat("MethodName"), VSecurity.newExpiryCaveat(DateTime.now()));
Blessings b1 = p.blessSelf("alice");
Blessings b2 = p.blessSelf("alice");
Blessings passing =
p.bless(
pk,
b1,
"passing",
passingCaveats.get(0),
passingCaveats.subList(1, passingCaveats.size()).toArray(new Caveat[0]));
Blessings failing =
p.bless(
pk,
b2,
"failing",
failingCaveats.get(0),
failingCaveats.subList(1, failingCaveats.size()).toArray(new Caveat[0]));
Blessings union = VSecurity.unionOfBlessings(new Blessings[] {passing, failing});
VSecurity.addToRoots(p, passing);
String[] signingBlessingNames = VSecurity.getSigningBlessingNames(context, p, union);
assertThat(Arrays.asList(signingBlessingNames)).containsExactly("alice:passing");
}
public void testGetLocalBlessingNames() throws Exception {
VContext context = V.init();
VPrincipal p1 = VSecurity.newPrincipal();
VPrincipal p2 = VSecurity.newPrincipal();
Blessings alice = p1.blessSelf("alice");
VSecurity.addToRoots(p2, alice);
Blessings aliceWorkFriend =
p1.bless(p2.publicKey(), alice, "work:friend", VSecurity.newUnconstrainedUseCaveat());
Call call =
VSecurity.newCall(
new CallParams().withLocalBlessings(aliceWorkFriend).withLocalPrincipal(p2));
String[] blessings = VSecurity.getLocalBlessingNames(context, call);
if (!Arrays.equals(new String[] {"alice:work:friend"}, blessings)) {
fail(
String.format(
"Expected blessings [\"alice:work:friend\"], got %s", Arrays.toString(blessings)));
}
blessings = VSecurity.getBlessingNames(p2, aliceWorkFriend);
if (!Arrays.equals(new String[] {"alice:work:friend"}, blessings)) {
fail(
String.format(
"Expected blessings [\"alice:work:friend\"], got %s", Arrays.toString(blessings)));
}
blessings = VSecurity.getBlessingNames(p1, aliceWorkFriend);
if (!Arrays.equals(new String[] {}, blessings)) {
fail(String.format("Expected blessings [], got %s", Arrays.toString(blessings)));
}
}
/**
* Returns a new {@link ListenableFuture} whose result are the relative names of all children of
* {@code parentFullName}.
*
* @param ctx Vanadium context
* @param parentFullName object name of parent component
*/
public static ListenableFuture<List<String>> listChildren(VContext ctx, String parentFullName) {
InputChannel<GlobReply> input =
V.getNamespace(ctx).glob(ctx, NamingUtil.join(parentFullName, "*"));
return Futures.transform(
InputChannels.asList(
InputChannels.transform(
input,
new InputChannels.TransformFunction<GlobReply, String>() {
@Override
public String apply(GlobReply from) throws VException {
return nameFromGlobReply(from);
}
})),
new Function<List<String>, List<String>>() {
@Override
public List<String> apply(List<String> input) {
return Ordering.from(Collator.getInstance()).immutableSortedCopy(input);
}
});
}
static {
try {
CONTEXT =
V.withListenSpec(
V.init(),
V.getListenSpec(V.init()).withAddress(new ListenSpec.Address("tcp", "localhost:0")));
AccessList acl =
new AccessList(ImmutableList.of(new BlessingPattern("...")), ImmutableList.<String>of());
Permissions allowAll =
new Permissions(
ImmutableMap.of(
io.v.v23.security.access.Constants.READ.getValue(), acl,
io.v.v23.security.access.Constants.WRITE.getValue(), acl,
io.v.v23.security.access.Constants.ADMIN.getValue(), acl));
CLIENT_PRINCIPAL = newPrincipal();
SERVER_PRINCIPAL = newPrincipal();
SERVER_BLESSINGS = SERVER_PRINCIPAL.blessSelf("server");
// Start group server.
GROUP_SERVER =
V.getServer(
GroupServer.withNewServer(
CONTEXT,
new GroupServer.Params().withStorageEngine(GroupServer.StorageEngine.MEMSTORE)));
assertThat(GROUP_SERVER).isNotNull();
assertThat(GROUP_SERVER.getStatus().getEndpoints()).isNotEmpty();
Endpoint groupServerEndpoint = GROUP_SERVER.getStatus().getEndpoints()[0];
String groupNameReaders = NamingUtil.join(groupServerEndpoint.name(), "readers");
String groupNameWriters = NamingUtil.join(groupServerEndpoint.name(), "writers");
// Populate the group server.
{
GroupClient client = GroupClientFactory.getGroupClient(groupNameReaders);
VFutures.sync(
client.create(
CONTEXT,
allowAll,
ImmutableList.of(
new BlessingPatternChunk("root:alice"), new BlessingPatternChunk("root:bob"))));
}
{
GroupClient client = GroupClientFactory.getGroupClient(groupNameWriters);
VFutures.sync(
client.create(
CONTEXT, allowAll, ImmutableList.of(new BlessingPatternChunk("root:alice"))));
}
AUTHORIZER =
PermissionsAuthorizer.create(
new Permissions(
ImmutableMap.of(
"Read",
new AccessList(
ImmutableList.of(
new BlessingPattern("<grp:" + groupNameReaders + ">")),
null),
"Write",
new AccessList(
ImmutableList.of(
new BlessingPattern("<grp:" + groupNameWriters + ">")),
null))),
Access.typicalTagType());
} catch (VException e) {
throw new RuntimeException(e);
} catch (GroupServer.StartException e) {
throw new RuntimeException(e);
}
}
