This is an automated email from the ASF dual-hosted git repository. rcordier pushed a commit to branch postgresql in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 553d0f0c5ecf6bac0976bf1ee0777cbda10fc734 Author: Benoit TELLIER <[email protected]> AuthorDate: Fri Nov 10 11:13:30 2023 +0100 JAMES-2586 Implement (failing) tests for Row Level Security applied on Subscriptions --- ...gresSubscriptionMapperRowLevelSecurityTest.java | 86 ++++++++++++++++++++++ 1 file changed, 86 insertions(+) diff --git a/mailbox/postgres/src/test/java/org/apache/james/mailbox/postgres/user/PostgresSubscriptionMapperRowLevelSecurityTest.java b/mailbox/postgres/src/test/java/org/apache/james/mailbox/postgres/user/PostgresSubscriptionMapperRowLevelSecurityTest.java new file mode 100644 index 0000000000..7f6618933c --- /dev/null +++ b/mailbox/postgres/src/test/java/org/apache/james/mailbox/postgres/user/PostgresSubscriptionMapperRowLevelSecurityTest.java @@ -0,0 +1,86 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.mailbox.postgres.user; + +import static org.assertj.core.api.Assertions.assertThat; + +import org.apache.james.backends.postgres.PostgresExtension; +import org.apache.james.backends.postgres.utils.JamesPostgresConnectionFactory; +import org.apache.james.backends.postgres.utils.PostgresExecutor; +import org.apache.james.backends.postgres.utils.SimpleJamesPostgresConnectionFactory; +import org.apache.james.core.Username; +import org.apache.james.mailbox.MailboxSession; +import org.apache.james.mailbox.MailboxSessionUtil; +import org.apache.james.mailbox.exception.SubscriptionException; +import org.apache.james.mailbox.store.user.SubscriptionMapper; +import org.apache.james.mailbox.store.user.SubscriptionMapperFactory; +import org.apache.james.mailbox.store.user.SubscriptionMapperTest; +import org.apache.james.mailbox.store.user.model.Subscription; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Disabled; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; + +public class PostgresSubscriptionMapperRowLevelSecurityTest { + @RegisterExtension + static PostgresExtension postgresExtension = new PostgresExtension(PostgresSubscriptionModule.MODULE, true); + + private SubscriptionMapperFactory subscriptionMapperFactory; + + @BeforeEach + public void setUp() { + subscriptionMapperFactory = session -> new PostgresSubscriptionMapper(new PostgresSubscriptionDAO(new PostgresExecutor( + new SimpleJamesPostgresConnectionFactory(postgresExtension.getConnectionFactory()) + .getConnection(session.getUser().getDomainPart())))); + } + + @Test + void subscriptionsCanBeAccessedAtTheDataLevelByMembersOfTheSameDomain() throws Exception { + Username username = Username.of("bob@domain1"); + Username username2 = Username.of("alice@domain1"); + MailboxSession session = MailboxSessionUtil.create(username); + MailboxSession session2 = MailboxSessionUtil.create(username2); + + Subscription subscription = new Subscription(username, "mailbox1"); + subscriptionMapperFactory.getSubscriptionMapper(session) + .save(subscription); + + assertThat(subscriptionMapperFactory.getSubscriptionMapper(session2) + .findSubscriptionsForUser(username)) + .containsOnly(subscription); + } + + @Disabled("Row level security for subscriptions is not implemented correctly") + @Test + void subscriptionsShouldBeIsolatedByDomain() throws Exception { + Username username = Username.of("bob@domain1"); + Username username2 = Username.of("alice@domain2"); + MailboxSession session = MailboxSessionUtil.create(username); + MailboxSession session2 = MailboxSessionUtil.create(username2); + + Subscription subscription = new Subscription(username, "mailbox1"); + subscriptionMapperFactory.getSubscriptionMapper(session) + .save(subscription); + + assertThat(subscriptionMapperFactory.getSubscriptionMapper(session2) + .findSubscriptionsForUser(username)) + .isEmpty(); + } +} --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
