public boolean isUserAuthorized(ComponentDto component) {
boolean authorized = userRoles.length == 0;
for (String userRole : getUserRoles()) {
- authorized |= (UserRole.VIEWER.equals(userRole)
- || UserRole.USER.equals(userRole)
- || UserSession.get().hasProjectPermissionByUuid(userRole, component.uuid()));
+ authorized |= UserSession.get().hasProjectPermissionByUuid(userRole, component.uuid());
}
return authorized;
}
MockUserSession.set().addProjectUuidPermissions("pilip", "abcd");
assertThat(proxy.isUserAuthorized(newProjectDto("abcd"))).isFalse();
}
-
- @Test
- public void is_authorized_on_component_viewer_bypass() {
-
- @NavigationSection(NavigationSection.RESOURCE)
- @UserRole(UserRole.VIEWER)
- class MyView extends FakeView {
- MyView() {
- super("fake");
- }
- }
-
- ViewProxy proxy = new ViewProxy<View>(new MyView());
-
- MockUserSession.set();
- assertThat(proxy.isUserAuthorized(newProjectDto("abcd"))).isTrue();
- }
-
- @Test
- public void is_authorized_on_component_user_bypass() {
-
- @NavigationSection(NavigationSection.RESOURCE)
- @UserRole(UserRole.USER)
- class MyView extends FakeView {
- MyView() {
- super("fake");
- }
- }
-
- ViewProxy proxy = new ViewProxy<View>(new MyView());
-
- MockUserSession.set();
- assertThat(proxy.isUserAuthorized(newProjectDto("abcd"))).isTrue();
- }
}
class FakeView implements View {
this.id = id;
}
+ @Override
public String getId() {
return id;
}
+ @Override
public String getTitle() {
return id;
}
@WidgetProperty(key = "third_prop", type = WidgetPropertyType.INTEGER)
})
class EditableWidget implements Widget {
+ @Override
public String getId() {
return "w1";
}
+ @Override
public String getTitle() {
return "W1";
}
@WidgetProperties(@WidgetProperty(key = "message", defaultValue = "", type = WidgetPropertyType.TEXT))
class TextWidget implements Widget {
+ @Override
public String getId() {
return "text";
}
+ @Override
public String getTitle() {
return "TEXT";
}
@WidgetScope("GLOBAL")
class GlobalWidget implements Widget {
+ @Override
public String getId() {
return "global";
}
+ @Override
public String getTitle() {
return "Global";
}
@WidgetScope("INVALID")
class WidgetWithInvalidScope implements Widget {
+ @Override
public String getId() {
return "invalidScope";
}
+ @Override
public String getTitle() {
return "InvalidScope";
}
@WidgetProperty(key = "bar")
})
class WidgetWithOptionalProperties implements Widget {
+ @Override
public String getId() {
return "w2";
}
+ @Override
public String getTitle() {
return "W2";
}