protected void importRoles(List<RoleExport> roles, Map<String, List<String>> roleToUserMap) {
IUserRoleDao roleDao = PentahoSystem.get(IUserRoleDao.class);
ITenant tenant = new Tenant("/pentaho/" + TenantUtils.getDefaultTenant(), true);
IRoleAuthorizationPolicyRoleBindingDao roleBindingDao =
PentahoSystem.get(IRoleAuthorizationPolicyRoleBindingDao.class);
Set<String> existingRoles = new HashSet<>();
if (roles != null) {
for (RoleExport role : roles) {
log.debug("Importing role: " + role.getRolename());
try {
List<String> users = roleToUserMap.get(role.getRolename());
String[] userarray = users == null ? new String[] {} : users.toArray(new String[] {});
IPentahoRole role1 = roleDao.createRole(tenant, role.getRolename(), null, userarray);
} catch (AlreadyExistsException e) {
existingRoles.add(role.getRolename());
// it's ok if the role already exists, it is probably a default role
log.info(Messages.getInstance().getString("ROLE.Already.Exists", role.getRolename()));
}
try {
if (existingRoles.contains(role.getRolename())) {
// Only update an existing role if the overwrite flag is set
if (isOverwriteFile()) {
roleBindingDao.setRoleBindings(tenant, role.getRolename(), role.getPermissions());
}
} else {
// Always write a roles permissions that were not previously existing
roleBindingDao.setRoleBindings(tenant, role.getRolename(), role.getPermissions());
}
} catch (Exception e) {
log.info(
Messages.getInstance().getString("ERROR.SettingRolePermissions", role.getRolename()),
e);
}
}
}
}
@Test
public void testGetUsernamesInRole() {
loginAsRepositoryAdmin();
ITenant systemTenant =
tenantManager.createTenant(
null,
ServerRepositoryPaths.getPentahoRootFolderName(),
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
systemTenant, sysAdminUserName, "password", "", new String[] {tenantAdminAuthorityName});
login(
sysAdminUserName,
systemTenant,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
ITenant mainTenant_1 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_1,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_1, "admin", "password", "", new String[] {tenantAdminAuthorityName});
ITenant mainTenant_2 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_2,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_2, "admin", "password", "", new String[] {tenantAdminAuthorityName});
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
IPentahoUser pentahoUser =
userRoleDao.createUser(mainTenant_1, USER_2, PASSWORD_2, USER_DESCRIPTION_2, null);
pentahoUser = userRoleDao.createUser(null, USER_3, PASSWORD_3, USER_DESCRIPTION_3, null);
pentahoUser =
userRoleDao.createUser(
null,
tenantedUserNameUtils.getPrincipleId(mainTenant_1, USER_4),
PASSWORD_4,
USER_DESCRIPTION_4,
null);
pentahoUser =
userRoleDao.createUser(mainTenant_1, USER_5, PASSWORD_5, USER_DESCRIPTION_5, null);
pentahoUser =
userRoleDao.createUser(mainTenant_1, USER_6, PASSWORD_6, USER_DESCRIPTION_6, null);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
pentahoUser =
userRoleDao.createUser(mainTenant_2, USER_7, PASSWORD_7, USER_DESCRIPTION_7, null);
pentahoUser =
userRoleDao.createUser(mainTenant_2, USER_8, PASSWORD_8, USER_DESCRIPTION_8, null);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
IPentahoRole pentahoRole =
userRoleDao.createRole(mainTenant_1, ROLE_1, ROLE_DESCRIPTION_1, null);
pentahoRole = userRoleDao.createRole(null, ROLE_2, ROLE_DESCRIPTION_2, null);
pentahoRole =
userRoleDao.createRole(
null,
tenantedRoleNameUtils.getPrincipleId(mainTenant_1, ROLE_3),
ROLE_DESCRIPTION_3,
null);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_4, ROLE_DESCRIPTION_4, null);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
userRoleDao.setRoleMembers(null, ROLE_1, new String[] {USER_2, USER_3, USER_4});
userRoleDao.setRoleMembers(mainTenant_1, ROLE_2, new String[] {USER_5, USER_6, USER_7});
userRoleDao.setRoleMembers(
null,
tenantedRoleNameUtils.getPrincipleId(mainTenant_1, ROLE_3),
new String[] {USER_2, USER_4, USER_6});
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
userRoleDao.setRoleMembers(null, ROLE_4, new String[] {USER_3, USER_5, USER_7});
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
UserRoleDaoUserDetailsService userDetailsService = new UserRoleDaoUserDetailsService();
userDetailsService.setUserRoleDao(userRoleDao);
userDetailsService.setDefaultRole(tenantAuthenticatedAuthorityName);
List<String> systemRoles = new ArrayList<String>();
systemRoles.add("Admin");
List<String> extraRoles = Arrays.asList(new String[] {"Authenticated", "Anonymous"});
String adminRole = "Admin";
UserRoleDaoUserRoleListService service =
new UserRoleDaoUserRoleListService(
userRoleDao,
userDetailsService,
tenantedUserNameUtils,
systemRoles,
extraRoles,
adminRole);
List<String> usersInRole_1 = service.getUsersInRole(mainTenant_1, ROLE_1);
List<String> usersInRole_2 = service.getUsersInRole(null, ROLE_2);
List<String> usersInRole_3 =
service.getUsersInRole(null, tenantedRoleNameUtils.getPrincipleId(mainTenant_1, ROLE_3));
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
List<String> usersInRole_4 = service.getUsersInRole(mainTenant_2, ROLE_4);
assertTrue(usersInRole_1.size() == 3);
assertTrue(usersInRole_2.size() == 2);
assertTrue(usersInRole_3.size() == 3);
assertTrue(usersInRole_4.size() == 1);
logout();
cleanupUserAndRoles("admin", mainTenant_1);
cleanupUserAndRoles("admin", mainTenant_2);
cleanupUserAndRoles(sysAdminUserName, systemTenant);
}
@Test
public void testGetAuthoritiesForUser() {
loginAsRepositoryAdmin();
ITenant systemTenant =
tenantManager.createTenant(
null,
ServerRepositoryPaths.getPentahoRootFolderName(),
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
systemTenant, sysAdminUserName, "password", "", new String[] {tenantAdminAuthorityName});
login(
sysAdminUserName,
systemTenant,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
ITenant mainTenant_1 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_1,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_1, "admin", "password", "", new String[] {tenantAdminAuthorityName});
ITenant mainTenant_2 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_2,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_2, "admin", "password", "", new String[] {tenantAdminAuthorityName});
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
IPentahoUser pentahoUser =
userRoleDao.createUser(mainTenant_1, USER_2, PASSWORD_2, USER_DESCRIPTION_2, null);
pentahoUser =
userRoleDao.createUser(
null,
tenantedUserNameUtils.getPrincipleId(mainTenant_1, USER_3),
PASSWORD_3,
USER_DESCRIPTION_3,
null);
pentahoUser = userRoleDao.createUser(null, USER_4, PASSWORD_4, USER_DESCRIPTION_4, null);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
pentahoUser =
userRoleDao.createUser(mainTenant_2, USER_5, PASSWORD_5, USER_DESCRIPTION_5, null);
pentahoUser =
userRoleDao.createUser(
null,
tenantedUserNameUtils.getPrincipleId(mainTenant_2, USER_6),
PASSWORD_6,
USER_DESCRIPTION_6,
null);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
IPentahoRole pentahoRole =
userRoleDao.createRole(mainTenant_1, ROLE_1, ROLE_DESCRIPTION_1, null);
pentahoRole =
userRoleDao.createRole(
null,
tenantedRoleNameUtils.getPrincipleId(mainTenant_1, ROLE_2),
ROLE_DESCRIPTION_2,
null);
pentahoRole = userRoleDao.createRole(null, ROLE_3, ROLE_DESCRIPTION_3, null);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_4, ROLE_DESCRIPTION_4, null);
userRoleDao.setUserRoles(null, USER_5, new String[] {ROLE_4});
userRoleDao.setUserRoles(
null, tenantedUserNameUtils.getPrincipleId(mainTenant_2, USER_6), new String[] {ROLE_4});
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
userRoleDao.setUserRoles(mainTenant_1, USER_2, new String[] {ROLE_1, ROLE_2, ROLE_3});
List<String> systemRoles = Arrays.asList(new String[] {"Admin"});
try {
userRoleDao.setUserRoles(mainTenant_1, USER_3, new String[] {ROLE_2, ROLE_3, ROLE_4});
fail("Exception should be thrown");
} catch (Throwable th) {
assertNotNull(th);
}
try {
userRoleDao.setUserRoles(mainTenant_1, USER_4, new String[] {ROLE_2, ROLE_4});
fail("Exception should be thrown");
} catch (Throwable th) {
assertNotNull(th);
}
UserRoleDaoUserDetailsService userDetailsService = new UserRoleDaoUserDetailsService();
userDetailsService.setUserRoleDao(userRoleDao);
userDetailsService.setDefaultRole(tenantAuthenticatedAuthorityName);
List<String> extraRoles = Arrays.asList(new String[] {"Authenticated", "Anonymous"});
String adminRole = "Admin";
UserRoleDaoUserRoleListService service =
new UserRoleDaoUserRoleListService(
userRoleDao,
userDetailsService,
tenantedUserNameUtils,
systemRoles,
extraRoles,
adminRole);
service.setUserDetailsService(userDetailsService);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
List<String> rolesForUser_2 = service.getRolesForUser(mainTenant_1, USER_2);
List<String> rolesForUser_2_1 = service.getRolesForUser(null, USER_2);
List<String> rolesForUser_2_1_1 =
service.getRolesForUser(null, tenantedUserNameUtils.getPrincipleId(mainTenant_1, USER_2));
List<String> rolesForUser_3 = service.getRolesForUser(mainTenant_1, USER_3);
List<String> rolesForUser_4 = service.getRolesForUser(mainTenant_1, USER_4);
assertTrue(rolesForUser_2.size() == 4);
assertTrue(rolesForUser_2_1.size() == 4);
assertTrue(rolesForUser_2_1_1.size() == 4);
assertTrue(rolesForUser_3.size() == 3);
assertTrue(rolesForUser_4.size() == 2);
cleanupUserAndRoles("admin", mainTenant_1);
cleanupUserAndRoles("admin", mainTenant_2);
cleanupUserAndRoles(sysAdminUserName, systemTenant);
}
@Test
public void testGetAllAuthorities() {
loginAsRepositoryAdmin();
ITenant systemTenant =
tenantManager.createTenant(
null,
ServerRepositoryPaths.getPentahoRootFolderName(),
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
systemTenant, sysAdminUserName, "password", "", new String[] {tenantAdminAuthorityName});
login(
sysAdminUserName,
systemTenant,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
ITenant mainTenant_1 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_1,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_1, "admin", "password", "", new String[] {tenantAdminAuthorityName});
ITenant mainTenant_2 =
tenantManager.createTenant(
systemTenant,
MAIN_TENANT_2,
tenantAdminAuthorityName,
tenantAuthenticatedAuthorityName,
"Anonymous");
userRoleDao.createUser(
mainTenant_2, "admin", "password", "", new String[] {tenantAdminAuthorityName});
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
IPentahoRole pentahoRole =
userRoleDao.createRole(mainTenant_1, ROLE_1, ROLE_DESCRIPTION_1, null);
pentahoRole = userRoleDao.createRole(mainTenant_1, ROLE_2, ROLE_DESCRIPTION_2, null);
pentahoRole = userRoleDao.createRole(mainTenant_1, ROLE_3, ROLE_DESCRIPTION_3, null);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_4, ROLE_DESCRIPTION_4, null);
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_5, ROLE_DESCRIPTION_5, null);
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_6, ROLE_DESCRIPTION_6, null);
pentahoRole = userRoleDao.createRole(mainTenant_2, ROLE_7, ROLE_DESCRIPTION_7, null);
List<String> systemRoles = Arrays.asList(new String[] {"Admin"});
List<String> extraRoles = Arrays.asList(new String[] {"Authenticated", "Anonymous"});
String adminRole = "Admin";
UserRoleDaoUserDetailsService userDetailsService = new UserRoleDaoUserDetailsService();
UserRoleDaoUserRoleListService service =
new UserRoleDaoUserRoleListService(
userRoleDao,
userDetailsService,
tenantedUserNameUtils,
systemRoles,
extraRoles,
adminRole);
userDetailsService.setUserRoleDao(userRoleDao);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
List<String> allRolesForDefaultTenant = service.getAllRoles();
List<String> allRolesForTenant = service.getAllRoles(mainTenant_2);
assertTrue(allRolesForDefaultTenant.size() == 3 + DEFAULT_ROLE_COUNT);
assertTrue(allRolesForTenant.size() == 2);
logout();
login(
"admin",
mainTenant_2,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
allRolesForDefaultTenant = service.getAllRoles();
allRolesForTenant = service.getAllRoles(mainTenant_1);
assertTrue(allRolesForDefaultTenant.size() == 4 + DEFAULT_ROLE_COUNT);
assertTrue(allRolesForTenant.size() == 2);
allRolesForTenant = service.getAllRoles(mainTenant_2);
assertTrue(allRolesForTenant.size() == 4 + DEFAULT_ROLE_COUNT);
allRolesForTenant = service.getAllRoles(mainTenant_1);
assertTrue(allRolesForTenant.size() == 2);
logout();
login(
"admin",
mainTenant_1,
new String[] {tenantAdminAuthorityName, tenantAuthenticatedAuthorityName});
allRolesForTenant = service.getAllRoles(mainTenant_1);
assertTrue(allRolesForTenant.size() == 3 + DEFAULT_ROLE_COUNT);
allRolesForTenant = service.getAllRoles(mainTenant_2);
assertTrue(allRolesForTenant.size() == 2);
cleanupUserAndRoles("admin", mainTenant_1);
cleanupUserAndRoles("admin", mainTenant_2);
cleanupUserAndRoles(sysAdminUserName, systemTenant);
// tenantManager.deleteTenant(mainTenant_1);
// tenantManager.deleteTenant(mainTenant_2);
// tenantManager.deleteTenant(systemTenant);
}