@Test public void testQuotedUserName() { database.open("admin", "admin"); OSecurity security = database.getMetadata().getSecurity(); ORole adminRole = security.getRole("admin"); OUser newUser = security.createUser("user'quoted", "foobar", adminRole); database.close(); database.open("user'quoted", "foobar"); database.close(); database.open("admin", "admin"); security = database.getMetadata().getSecurity(); OUser user = security.getUser("user'quoted"); Assert.assertNotNull(user); security.dropUser(user.getName()); database.close(); try { database.open("user'quoted", "foobar"); Assert.fail(); } catch (Exception e) { } }
public void testParentRole() { database.open("admin", "admin"); final OSecurity security = database.getMetadata().getSecurity(); ORole writer = security.getRole("writer"); ORole writerChild = security.createRole("writerChild", writer, OSecurityRole.ALLOW_MODES.ALLOW_ALL_BUT); writerChild.save(); ORole writerGrandChild = security.createRole( "writerGrandChild", writerChild, OSecurityRole.ALLOW_MODES.ALLOW_ALL_BUT); writerGrandChild.save(); OUser child = security.createUser("writerChild", "writerChild", writerGrandChild); child.save(); Assert.assertTrue(child.hasRole("writer", true)); Assert.assertFalse(child.hasRole("wrter", true)); database.close(); if (!(database.getStorage() instanceof OStorageProxy)) { database.open("writerChild", "writerChild"); OSecurityUser user = database.getUser(); Assert.assertTrue(user.hasRole("writer", true)); Assert.assertFalse(user.hasRole("wrter", true)); database.close(); } }
public String getRoleProperty(String roleName, String key, String def) { OSecurity security = graph.getRawGraph().getMetadata().getSecurity(); ORole role = security.getRole(roleName); if (role == null) return def; String ret = role.getDocument().field("properties." + key); if (ret == null) ret = def; return ret; }
public void createRole(String roleName) { OSecurity security = graph.getRawGraph().getMetadata().getSecurity(); if (security.getRole(roleName) == null) { ORole role = security.createRole(roleName, ALLOW_MODES.ALLOW_ALL_BUT); // role.addRule(ORule.ResourceGeneric.DATABASE, null, ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.SCHEMA, null, ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.CLUSTER, OMetadataDefault.CLUSTER_INTERNAL_NAME, // ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.CLUSTER, "orole", ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.CLUSTER, "ouser", ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.CLUSTER, null, ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.COMMAND, null, ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.RECORD_HOOK, null, ORole.PERMISSION_ALL); // role.addRule(ORule.ResourceGeneric.FUNCTION, null, ORole.PERMISSION_ALL); role.getDocument().field("type", "template"); role.save(); } }
public void setRoleProperty(String roleName, String key, String value) { OSecurity security = graph.getRawGraph().getMetadata().getSecurity(); ORole role = security.getRole(roleName); if (role == null) return; role.getDocument().field("properties." + key, value); }