in hugegraph-test/src/main/java/org/apache/hugegraph/core/AuthTest.java [1202:1312]
public void testRolePermission() {
HugeGraph graph = graph();
AuthManager authManager = graph.authManager();
authManager.createUser(makeUser("admin", "pa"));
Id user0 = authManager.createUser(makeUser("hugegraph", "p0"));
Id user1 = authManager.createUser(makeUser("hugegraph1", "p1"));
Id group1 = authManager.createGroup(makeGroup("group1"));
Id group2 = authManager.createGroup(makeGroup("group2"));
Id graph1 = authManager.createTarget(makeTarget("hugegraph", "url1"));
Id graph2 = authManager.createTarget(makeTarget("hugegraph1", "url2"));
List<HugeResource> rv = HugeResource.parseResources(
"[{\"type\": \"VERTEX\", \"label\": \"person\", " +
"\"properties\":{\"city\": \"Beijing\", \"age\": \"P.gte(20)\"}}," +
" {\"type\": \"VERTEX_LABEL\", \"label\": \"*\"}," +
" {\"type\": \"PROPERTY_KEY\", \"label\": \"*\"}]");
List<HugeResource> re = HugeResource.parseResources(
"[{\"type\": \"EDGE\", \"label\": \"write\"}, " +
" {\"type\": \"PROPERTY_KEY\"}, {\"type\": \"VERTEX_LABEL\"}, " +
" {\"type\": \"EDGE_LABEL\"}, {\"type\": \"INDEX_LABEL\"}]");
List<HugeResource> rg = HugeResource.parseResources(
"[{\"type\": \"GREMLIN\"}]");
Id graph1v = authManager.createTarget(makeTarget("hugegraph-v", "hugegraph",
"url1", rv));
Id graph1e = authManager.createTarget(makeTarget("hugegraph-e", "hugegraph",
"url1", re));
Id graph1gremlin = authManager.createTarget(makeTarget("hugegraph-g", "hugegraph",
"url1", rg));
Id belong1 = authManager.createBelong(makeBelong(user0, group1));
Id belong2 = authManager.createBelong(makeBelong(user1, group2));
authManager.createAccess(makeAccess(group1, graph1,
HugePermission.READ));
authManager.createAccess(makeAccess(group1, graph1,
HugePermission.WRITE));
authManager.createAccess(makeAccess(group1, graph2,
HugePermission.READ));
authManager.createAccess(makeAccess(group2, graph2,
HugePermission.READ));
Id access1v = authManager.createAccess(makeAccess(group1, graph1v,
HugePermission.READ));
authManager.createAccess(makeAccess(group1, graph1v,
HugePermission.WRITE));
authManager.createAccess(makeAccess(group1, graph1e,
HugePermission.READ));
Id access1g = authManager.createAccess(makeAccess(group1, graph1gremlin,
HugePermission.EXECUTE));
RolePermission role;
role = authManager.rolePermission(authManager.getUser(user0));
String expected = "{\"roles\":" +
"{\"hugegraph\":{\"READ\":[" +
"{\"type\":\"EDGE\",\"label\":\"write\",\"properties\":null}," +
"{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"EDGE_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"INDEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" +
"{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," +
"{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"WRITE\":" +
"[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" +
"{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," +
"{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}],\"EXECUTE\":" +
"[{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}," +
"\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getBelong(belong1));
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getGroup(group1));
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getAccess(access1v));
expected = "{\"roles\":" +
"{\"hugegraph\":{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\"," +
"\"properties\":{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," +
"{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getAccess(access1g));
expected = "{\"roles\":{\"hugegraph\":{\"EXECUTE\":[" +
"{\"type\":\"GREMLIN\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getUser(user1));
expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getBelong(belong2));
expected = "{\"roles\":{\"hugegraph1\":{\"READ\":[]}}}";
Assert.assertEquals(expected, role.toJson());
role = authManager.rolePermission(authManager.getTarget(graph1v));
expected = "{\"roles\":" +
"{\"hugegraph\":" +
"{\"READ\":[{\"type\":\"VERTEX\",\"label\":\"person\",\"properties\":" +
"{\"city\":\"Beijing\",\"age\":\"P.gte(20)\"}}," +
"{\"type\":\"VERTEX_LABEL\",\"label\":\"*\",\"properties\":null}," +
"{\"type\":\"PROPERTY_KEY\",\"label\":\"*\",\"properties\":null}]}}}";
Assert.assertEquals(expected, role.toJson());
}