@Test
public void testQuotedUserName() {
database.open("admin", "admin");
OSecurity security = database.getMetadata().getSecurity();
ORole adminRole = security.getRole("admin");
OUser newUser = security.createUser("user'quoted", "foobar", adminRole);
database.close();
database.open("user'quoted", "foobar");
database.close();
database.open("admin", "admin");
security = database.getMetadata().getSecurity();
OUser user = security.getUser("user'quoted");
Assert.assertNotNull(user);
security.dropUser(user.getName());
database.close();
try {
database.open("user'quoted", "foobar");
Assert.fail();
} catch (Exception e) {
}
}
public void testParentRole() {
database.open("admin", "admin");
final OSecurity security = database.getMetadata().getSecurity();
ORole writer = security.getRole("writer");
ORole writerChild =
security.createRole("writerChild", writer, OSecurityRole.ALLOW_MODES.ALLOW_ALL_BUT);
writerChild.save();
ORole writerGrandChild =
security.createRole(
"writerGrandChild", writerChild, OSecurityRole.ALLOW_MODES.ALLOW_ALL_BUT);
writerGrandChild.save();
OUser child = security.createUser("writerChild", "writerChild", writerGrandChild);
child.save();
Assert.assertTrue(child.hasRole("writer", true));
Assert.assertFalse(child.hasRole("wrter", true));
database.close();
if (!(database.getStorage() instanceof OStorageProxy)) {
database.open("writerChild", "writerChild");
OSecurityUser user = database.getUser();
Assert.assertTrue(user.hasRole("writer", true));
Assert.assertFalse(user.hasRole("wrter", true));
database.close();
}
}
public String getRoleProperty(String roleName, String key, String def) {
OSecurity security = graph.getRawGraph().getMetadata().getSecurity();
ORole role = security.getRole(roleName);
if (role == null) return def;
String ret = role.getDocument().field("properties." + key);
if (ret == null) ret = def;
return ret;
}
public void createRole(String roleName) {
OSecurity security = graph.getRawGraph().getMetadata().getSecurity();
if (security.getRole(roleName) == null) {
ORole role = security.createRole(roleName, ALLOW_MODES.ALLOW_ALL_BUT);
// role.addRule(ORule.ResourceGeneric.DATABASE, null, ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.SCHEMA, null, ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.CLUSTER, OMetadataDefault.CLUSTER_INTERNAL_NAME,
// ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.CLUSTER, "orole", ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.CLUSTER, "ouser", ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.CLUSTER, null, ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.COMMAND, null, ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.RECORD_HOOK, null, ORole.PERMISSION_ALL);
// role.addRule(ORule.ResourceGeneric.FUNCTION, null, ORole.PERMISSION_ALL);
role.getDocument().field("type", "template");
role.save();
}
}
public void setRoleProperty(String roleName, String key, String value) {
OSecurity security = graph.getRawGraph().getMetadata().getSecurity();
ORole role = security.getRole(roleName);
if (role == null) return;
role.getDocument().field("properties." + key, value);
}
