private static void writeDataPolicy(XMLStreamWriter writer, DataPolicy dp) throws XMLStreamException { writer.writeStartElement(Element.DATA_ROLE.getLocalName()); writeAttribute(writer, Element.NAME.getLocalName(), dp.getName()); writeAttribute( writer, Element.DATA_ROLE_ANY_ATHENTICATED_ATTR.getLocalName(), String.valueOf(dp.isAnyAuthenticated())); writeAttribute( writer, Element.DATA_ROLE_ALLOW_TEMP_TABLES_ATTR.getLocalName(), String.valueOf(dp.isAllowCreateTemporaryTables())); writeElement(writer, Element.DESCRIPTION, dp.getDescription()); // permission for (DataPolicy.DataPermission permission : dp.getPermissions()) { writer.writeStartElement(Element.PERMISSION.getLocalName()); writeElement(writer, Element.RESOURCE_NAME, permission.getResourceName()); if (permission.getAllowCreate() != null) { writeElement(writer, Element.ALLOW_CREATE, permission.getAllowCreate().toString()); } if (permission.getAllowRead() != null) { writeElement(writer, Element.ALLOW_READ, permission.getAllowRead().toString()); } if (permission.getAllowUpdate() != null) { writeElement(writer, Element.ALLOW_UPADTE, permission.getAllowUpdate().toString()); } if (permission.getAllowDelete() != null) { writeElement(writer, Element.ALLOW_DELETE, permission.getAllowDelete().toString()); } if (permission.getAllowExecute() != null) { writeElement(writer, Element.ALLOW_EXECUTE, permission.getAllowExecute().toString()); } if (permission.getAllowAlter() != null) { writeElement(writer, Element.ALLOW_ALTER, permission.getAllowAlter().toString()); } if (permission.getAllowLanguage() != null) { writeElement(writer, Element.ALLOW_LANGUAGE, permission.getAllowLanguage().toString()); } if (permission.getCondition() != null) { writeElement(writer, Element.CONDITION, permission.getCondition()); } writer.writeEndElement(); } // mapped role names for (String roleName : dp.getMappedRoleNames()) { writeElement(writer, Element.MAPPED_ROLE_NAME, roleName); } writer.writeEndElement(); }
@Test public void testDataRoleMapping() throws Exception { admin.deploy("bqt2.vdb", new FileInputStream(UnitTestUtil.getTestDataFile("bqt2.vdb"))); VDB vdb = admin.getVDB("bqt", 2); Model model = vdb.getModels().get(0); admin.assignToModel( "bqt", 2, model.getName(), "Source", "h2", "java:jboss/datasources/ExampleDS"); vdb = admin.getVDB("bqt", 2); assertTrue(vdb.isValid()); List<DataPolicy> policies = vdb.getDataPolicies(); assertEquals(1, policies.size()); DataPolicy dp = policies.get(0); assertEquals("roleOne", dp.getName()); assertEquals(2, dp.getPermissions().size()); assertTrue(dp.isAllowCreateTemporaryTables()); assertTrue(dp.isAnyAuthenticated()); List<String> roleNames = dp.getMappedRoleNames(); assertArrayEquals(new String[] {"ROLE1", "ROLE2"}, roleNames.toArray()); admin.removeDataRoleMapping("bqt", 2, "roleOne", "ROLE1"); vdb = admin.getVDB("bqt", 2); policies = vdb.getDataPolicies(); dp = policies.get(0); roleNames = dp.getMappedRoleNames(); assertArrayEquals(new String[] {"ROLE2"}, roleNames.toArray()); admin.addDataRoleMapping("bqt", 2, "roleOne", "ROLE3"); vdb = admin.getVDB("bqt", 2); policies = vdb.getDataPolicies(); dp = policies.get(0); roleNames = dp.getMappedRoleNames(); assertArrayEquals(new String[] {"ROLE2", "ROLE3"}, roleNames.toArray()); admin.setAnyAuthenticatedForDataRole("bqt", 2, "roleOne", false); vdb = admin.getVDB("bqt", 2); policies = vdb.getDataPolicies(); dp = policies.get(0); assertFalse(dp.isAnyAuthenticated()); }