@Test
public void testDataRoleMapping() throws Exception {
admin.deploy("bqt2.vdb", new FileInputStream(UnitTestUtil.getTestDataFile("bqt2.vdb")));
VDB vdb = admin.getVDB("bqt", 2);
Model model = vdb.getModels().get(0);
admin.assignToModel(
"bqt", 2, model.getName(), "Source", "h2", "java:jboss/datasources/ExampleDS");
vdb = admin.getVDB("bqt", 2);
assertTrue(vdb.isValid());
List<DataPolicy> policies = vdb.getDataPolicies();
assertEquals(1, policies.size());
DataPolicy dp = policies.get(0);
assertEquals("roleOne", dp.getName());
assertEquals(2, dp.getPermissions().size());
assertTrue(dp.isAllowCreateTemporaryTables());
assertTrue(dp.isAnyAuthenticated());
List<String> roleNames = dp.getMappedRoleNames();
assertArrayEquals(new String[] {"ROLE1", "ROLE2"}, roleNames.toArray());
admin.removeDataRoleMapping("bqt", 2, "roleOne", "ROLE1");
vdb = admin.getVDB("bqt", 2);
policies = vdb.getDataPolicies();
dp = policies.get(0);
roleNames = dp.getMappedRoleNames();
assertArrayEquals(new String[] {"ROLE2"}, roleNames.toArray());
admin.addDataRoleMapping("bqt", 2, "roleOne", "ROLE3");
vdb = admin.getVDB("bqt", 2);
policies = vdb.getDataPolicies();
dp = policies.get(0);
roleNames = dp.getMappedRoleNames();
assertArrayEquals(new String[] {"ROLE2", "ROLE3"}, roleNames.toArray());
admin.setAnyAuthenticatedForDataRole("bqt", 2, "roleOne", false);
vdb = admin.getVDB("bqt", 2);
policies = vdb.getDataPolicies();
dp = policies.get(0);
assertFalse(dp.isAnyAuthenticated());
}
private static void writeDataPolicy(XMLStreamWriter writer, DataPolicy dp)
throws XMLStreamException {
writer.writeStartElement(Element.DATA_ROLE.getLocalName());
writeAttribute(writer, Element.NAME.getLocalName(), dp.getName());
writeAttribute(
writer,
Element.DATA_ROLE_ANY_ATHENTICATED_ATTR.getLocalName(),
String.valueOf(dp.isAnyAuthenticated()));
writeAttribute(
writer,
Element.DATA_ROLE_ALLOW_TEMP_TABLES_ATTR.getLocalName(),
String.valueOf(dp.isAllowCreateTemporaryTables()));
writeElement(writer, Element.DESCRIPTION, dp.getDescription());
// permission
for (DataPolicy.DataPermission permission : dp.getPermissions()) {
writer.writeStartElement(Element.PERMISSION.getLocalName());
writeElement(writer, Element.RESOURCE_NAME, permission.getResourceName());
if (permission.getAllowCreate() != null) {
writeElement(writer, Element.ALLOW_CREATE, permission.getAllowCreate().toString());
}
if (permission.getAllowRead() != null) {
writeElement(writer, Element.ALLOW_READ, permission.getAllowRead().toString());
}
if (permission.getAllowUpdate() != null) {
writeElement(writer, Element.ALLOW_UPADTE, permission.getAllowUpdate().toString());
}
if (permission.getAllowDelete() != null) {
writeElement(writer, Element.ALLOW_DELETE, permission.getAllowDelete().toString());
}
if (permission.getAllowExecute() != null) {
writeElement(writer, Element.ALLOW_EXECUTE, permission.getAllowExecute().toString());
}
if (permission.getAllowAlter() != null) {
writeElement(writer, Element.ALLOW_ALTER, permission.getAllowAlter().toString());
}
if (permission.getAllowLanguage() != null) {
writeElement(writer, Element.ALLOW_LANGUAGE, permission.getAllowLanguage().toString());
}
if (permission.getCondition() != null) {
writeElement(writer, Element.CONDITION, permission.getCondition());
}
writer.writeEndElement();
}
// mapped role names
for (String roleName : dp.getMappedRoleNames()) {
writeElement(writer, Element.MAPPED_ROLE_NAME, roleName);
}
writer.writeEndElement();
}
/**
* This method is required by the Management framework to write the mappings to the persistent
* form. The actual assignment is done in the VDBMetaDataClassInstancefactory
*
* @param policies
*/
public void setDataPolicies(List<DataPolicy> policies) {
this.dataPolicies.clear();
for (DataPolicy policy : policies) {
this.dataPolicies.put(policy.getName(), (DataPolicyMetadata) policy);
}
}
