Jenkins

Status

Changes

Console Output

View as plain text

View Build Information

Timings

Git Build Data

Coverage Report

Previous Build

Package: AclCreator

AclCreator

name

instruction

branch

complexity

line

method

AclCreator()

M: 59 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 12 C: 0
0%

M: 1 C: 0
0%

accessInfoCreatorCreator(List, User, Account)

M: 61 C: 0
0%

M: 4 C: 0
0%

M: 3 C: 0
0%

M: 15 C: 0
0%

M: 1 C: 0
0%

attachBrokerPermissions(Account, User)

M: 54 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 7 C: 0
0%

M: 1 C: 0
0%

attachDataManagePermissions(Account, User)

M: 32 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

attachDataViewPermissions(Account, User)

M: 32 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

attachDevicePermissions(Account, User)

M: 32 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

attachFullPermissions(Account, User)

M: 142 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 15 C: 0
0%

M: 1 C: 0
0%

attachUserCredentials(Account, User)

M: 7 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 2 C: 0
0%

M: 1 C: 0
0%

attachUserCredentials(Account, User, String)

M: 8 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 2 C: 0
0%

M: 1 C: 0
0%

configureAccountService(KapuaId, KapuaId)

M: 27 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 8 C: 0
0%

M: 1 C: 0
0%

configureUserService(KapuaId, KapuaId)

M: 51 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 12 C: 0
0%

M: 1 C: 0
0%

createAccount(String, String, String)

M: 22 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

createPermissions(List, User, Account)

M: 8 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 2 C: 0
0%

M: 1 C: 0
0%

createUser(Account, String)

M: 17 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 3 C: 0
0%

M: 1 C: 0
0%

lambda$attachUserCredentials$1(Account, User)

M: 21 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

lambda$attachUserCredentials$2(Account, User, String)

M: 21 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

lambda$createPermissions$0(List, User, Account)

M: 15 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 5 C: 0
0%

M: 1 C: 0
0%

static {...}

M: 11 C: 0
0%

M: 0 C: 0
100%

M: 1 C: 0
0%

M: 2 C: 0
0%

M: 1 C: 0
0%

Coverage

1: /*******************************************************************************
2:  * Copyright (c) 2017, 2020 Eurotech and/or its affiliates and others
3:  *
4:  * All rights reserved. This program and the accompanying materials
5:  * are made available under the terms of the Eclipse Public License v1.0
6:  * which accompanies this distribution, and is available at
7:  * http://www.eclipse.org/legal/epl-v10.html
8:  *
9:  * Contributors:
10:  *     Eurotech
11:  *     Red Hat Inc
12:  *******************************************************************************/
13: package org.eclipse.kapua.service.device.registry.steps;
14: 
15: import org.eclipse.kapua.KapuaException;
16: import org.eclipse.kapua.broker.BrokerDomains;
17: import org.eclipse.kapua.commons.model.id.KapuaEid;
18: import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
19: import org.eclipse.kapua.locator.KapuaLocator;
20: import org.eclipse.kapua.model.domain.Actions;
21: import org.eclipse.kapua.model.domain.Domain;
22: import org.eclipse.kapua.model.id.KapuaId;
23: import org.eclipse.kapua.service.account.Account;
24: import org.eclipse.kapua.service.account.AccountCreator;
25: import org.eclipse.kapua.service.account.AccountFactory;
26: import org.eclipse.kapua.service.account.AccountService;
27: import org.eclipse.kapua.service.authentication.credential.CredentialCreator;
28: import org.eclipse.kapua.service.authentication.credential.CredentialFactory;
29: import org.eclipse.kapua.service.authentication.credential.CredentialService;
30: import org.eclipse.kapua.service.authentication.credential.CredentialStatus;
31: import org.eclipse.kapua.service.authentication.credential.CredentialType;
32: import org.eclipse.kapua.service.authorization.access.AccessInfoCreator;
33: import org.eclipse.kapua.service.authorization.access.AccessInfoFactory;
34: import org.eclipse.kapua.service.authorization.access.AccessInfoService;
35: import org.eclipse.kapua.service.authorization.permission.Permission;
36: import org.eclipse.kapua.service.authorization.permission.PermissionFactory;
37: import org.eclipse.kapua.service.datastore.DatastoreDomains;
38: import org.eclipse.kapua.service.device.management.DeviceManagementDomains;
39: import org.eclipse.kapua.service.device.registry.DeviceDomains;
40: import org.eclipse.kapua.service.user.User;
41: import org.eclipse.kapua.service.user.UserCreator;
42: import org.eclipse.kapua.service.user.UserFactory;
43: import org.eclipse.kapua.service.user.UserService;
44: 
45: import java.math.BigInteger;
46: import java.util.ArrayList;
47: import java.util.HashMap;
48: import java.util.HashSet;
49: import java.util.List;
50: import java.util.Map;
51: import java.util.Set;
52: 
53: /**
54:  * Creator of Accounts, Users, Permissions that are used in ACL tests
55:  */
56: public class AclCreator {
57: 
58:     private static final KapuaId SYS_ID = new KapuaEid(BigInteger.ONE);
59: 
60:     private static final KapuaId ROOT_SCOPE_ID = new KapuaEid(BigInteger.ONE);
61: 
62:     /**
63:      * Credential service.
64:      */
65:     private CredentialService credentialService;
66:     private CredentialFactory credentialFactory;
67:     private PermissionFactory permissionFactory;
68: 
69:     /**
70:      * User service.
71:      */
72:     private UserService userService;
73:     private UserFactory userFactory;
74: 
75:     /**
76:      * Accessinfo service.
77:      */
78:     private AccessInfoService accessInfoService;
79:     private AccessInfoFactory accessInfoFactory;
80: 
81:     /**
82:      * Account service.
83:      */
84:     private AccountService accountService;
85: 
86:     /**
87:      * Account factory.
88:      */
89:     private AccountFactory accountFactory;
90: 
91: 
92:     /**
93:      * Constructor with all support services.
94:      */
95:     public AclCreator() {
96:         KapuaLocator locator = KapuaLocator.getInstance();
97: 
98:         accountService = locator.getService(AccountService.class);
99:         accountFactory = locator.getFactory(AccountFactory.class);
100: 
101:         userService = locator.getService(UserService.class);
102:         userFactory = locator.getFactory(UserFactory.class);
103: 
104:         accessInfoService = locator.getService(AccessInfoService.class);
105:         accessInfoFactory = locator.getFactory(AccessInfoFactory.class);
106: 
107:         credentialService = locator.getService(CredentialService.class);
108:         credentialFactory = locator.getFactory(CredentialFactory.class);
109:         permissionFactory = locator.getFactory(PermissionFactory.class);
110:     }
111: 
112:     /**
113:      * Configure user service with reasonable default values.
114:      *
115:      * @param accId   account id
116:      * @param scopeId scope id
117:      */
118:     private void configureUserService(KapuaId accId, KapuaId scopeId) {
119: 
120:         Map<String, Object> valueMap = new HashMap<>();
121:         valueMap.put("infiniteChildEntities", true);
122:         valueMap.put("maxNumberChildEntities", 5);
123:         valueMap.put("lockoutPolicy.enabled", false);
124:         valueMap.put("lockoutPolicy.maxFailures", 3);
125:         valueMap.put("lockoutPolicy.resetAfter", 300);
126:         valueMap.put("lockoutPolicy.lockDuration", 3);
127: 
128:         try {
129:             userService.setConfigValues(accId, scopeId, valueMap);
130:         } catch (KapuaException ex) {
131:             ex.printStackTrace();
132:         }
133:     }
134: 
135:     /**
136:      * Configure account service with reasonable default values.
137:      *
138:      * @param accId   account id
139:      * @param scopeId scope id
140:      */
141:     private void configureAccountService(KapuaId accId, KapuaId scopeId) {
142: 
143:         Map<String, Object> valueMap = new HashMap<>();
144:         valueMap.put("infiniteChildEntities", true);
145:         valueMap.put("maxNumberChildEntities", 5);
146: 
147:         try {
148:             userService.setConfigValues(accId, scopeId, valueMap);
149:         } catch (KapuaException ex) {
150:             ex.printStackTrace();
151:         }
152:     }
153: 
154:     /**
155:      * Creates permissions for user with specified account. Permissions are created in privileged mode.
156:      *
157:      * @param permissionList list of permissions for user, if targetScopeId is not set user scope that is
158:      *                       specified as account
159:      * @param user           user for whom permissions are set
160:      * @param account        account in which user is defined
161:      * @throws Exception
162:      */
163:     private void createPermissions(List<AclPermission> permissionList, User user, Account account)
164:             throws Exception {
165: 
166:         KapuaSecurityUtils.doPrivileged(() -> {
167:             try {
168:                 accessInfoService.create(accessInfoCreatorCreator(permissionList, user, account));
169:             } catch (KapuaException ke) {
170:                 ke.printStackTrace();
171:                 //skip
172:             }
173: 
174:             return null;
175:         });
176:     }
177: 
178:     /**
179:      * Create accessInfoCreator instance with data about user permissions.
180:      * If target scope is not defined in permission list use account scope.
181:      *
182:      * @param permissionList list of all permissions
183:      * @param user           user for which permissions are set
184:      * @param account        that user belongs to
185:      * @return AccessInfoCreator instance for creating user permissions
186:      */
187:     private AccessInfoCreator accessInfoCreatorCreator(List<AclPermission> permissionList,
188:             User user, Account account) {
189: 
190:         AccessInfoCreator accessInfoCreator = accessInfoFactory.newCreator(account.getId());
191:         accessInfoCreator.setUserId(user.getId());
192:         accessInfoCreator.setScopeId(user.getScopeId());
193:         Set<Permission> permissions = new HashSet<>();
194:•        for (AclPermission permissionData : permissionList) {
195:             Actions action = permissionData.getAction();
196:             KapuaEid targetScopeId = permissionData.getTargetScopeId();
197:•            if (targetScopeId == null) {
198:                 targetScopeId = (KapuaEid) account.getId();
199:             }
200:             Domain domain = permissionData.getDomain();
201:             Permission permission = permissionFactory.newPermission(domain, action, targetScopeId);
202:             permissions.add(permission);
203:         }
204:         accessInfoCreator.setPermissions(permissions);
205: 
206:         return accessInfoCreator;
207:     }
208: 
209:     public void attachUserCredentials(Account account, User user) throws KapuaException {
210:         KapuaSecurityUtils.doPrivileged(() -> {
211:             CredentialCreator credentialCreator;
212:             credentialCreator = credentialFactory.newCreator(account.getId(), user.getId(), CredentialType.PASSWORD, "KeepCalm123.", CredentialStatus.ENABLED, null);
213:             try {
214:                 credentialService.create(credentialCreator);
215:             } catch (KapuaException ke) {
216:                 // skip
217:             }
218: 
219:             return null;
220:         });
221:     }
222: 
223:     public void attachUserCredentials(Account account, User user, String password) throws KapuaException {
224:         KapuaSecurityUtils.doPrivileged(() -> {
225:             CredentialCreator credentialCreator;
226:             credentialCreator = credentialFactory.newCreator(account.getId(), user.getId(), CredentialType.PASSWORD, password, CredentialStatus.ENABLED, null);
227:             try {
228:                 credentialService.create(credentialCreator);
229:             } catch (KapuaException ke) {
230:                 // skip
231:             }
232: 
233:             return null;
234:         });
235:     }
236: 
237:     public User createUser(Account account, String name) throws KapuaException {
238:         configureUserService(account.getId(), SYS_ID);
239:         UserCreator userCreator = userFactory.newCreator(account.getId(), name);
240:         return userService.create(userCreator);
241:     }
242: 
243:     Account createAccount(String name, String orgName, String orgEmail) throws KapuaException {
244:         configureAccountService(ROOT_SCOPE_ID, SYS_ID);
245:         AccountCreator accountCreator = accountFactory.newCreator(ROOT_SCOPE_ID, name);
246:         accountCreator.setOrganizationName(orgName);
247:         accountCreator.setOrganizationEmail(orgEmail);
248: 
249:         return accountService.create(accountCreator);
250:     }
251: 
252:     void attachBrokerPermissions(Account account, User user) throws Exception {
253:         List<AclPermission> permissionList = new ArrayList<>();
254:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
255:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
256:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.read, (KapuaEid) user.getScopeId()));
257:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.delete, (KapuaEid) user.getScopeId()));
258:         createPermissions(permissionList, user, account);
259:     }
260: 
261:     void attachDevicePermissions(Account account, User user) throws Exception {
262:         List<AclPermission> permissionList = new ArrayList<>();
263:         permissionList.add(new AclPermission(DeviceManagementDomains.DEVICE_MANAGEMENT_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
264:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
265:         createPermissions(permissionList, user, account);
266:     }
267: 
268:     void attachDataViewPermissions(Account account, User user) throws Exception {
269:         List<AclPermission> permissionList = new ArrayList<>();
270:         permissionList.add(new AclPermission(DatastoreDomains.DATASTORE_DOMAIN, Actions.read, (KapuaEid) user.getScopeId()));
271:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
272:         createPermissions(permissionList, user, account);
273:     }
274: 
275:     void attachDataManagePermissions(Account account, User user) throws Exception {
276:         List<AclPermission> permissionList = new ArrayList<>();
277:         permissionList.add(new AclPermission(DatastoreDomains.DATASTORE_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
278:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
279:         createPermissions(permissionList, user, account);
280:     }
281: 
282:     public void attachFullPermissions(Account account, User user) throws Exception {
283:         List<AclPermission> permissionList = new ArrayList<>();
284:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
285:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
286:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.read, (KapuaEid) user.getScopeId()));
287:         permissionList.add(new AclPermission(BrokerDomains.BROKER_DOMAIN, Actions.delete, (KapuaEid) user.getScopeId()));
288: 
289:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_CONNECTION_DOMAIN, Actions.read, (KapuaEid) user.getScopeId()));
290:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_CONNECTION_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
291:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_CONNECTION_DOMAIN, Actions.delete, (KapuaEid) user.getScopeId()));
292:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_CONNECTION_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
293: 
294:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_DOMAIN, Actions.read, (KapuaEid) user.getScopeId()));
295:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_DOMAIN, Actions.write, (KapuaEid) user.getScopeId()));
296:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_DOMAIN, Actions.delete, (KapuaEid) user.getScopeId()));
297:         permissionList.add(new AclPermission(DeviceDomains.DEVICE_DOMAIN, Actions.connect, (KapuaEid) user.getScopeId()));
298: 
299:         createPermissions(permissionList, user, account);
300:     }
301: }