--- /dev/null
+/*
+ * Copyright 2005-2010 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wamblee.security.authorization;
+
+import junit.framework.TestCase;
+import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
+import static org.wamblee.security.authorization.AuthorizationResult.UNDECIDED;
+import static org.wamblee.security.authorization.AuthorizationResult.UNSUPPORTED_RESOURCE;
+
+import org.wamblee.usermgt.User;
+
+/**
+ * Tests for the {@link org.wamblee.security.authorization.UrlAuthorizationRule}
+ * .
+ *
+ * @author Erik Brakkee
+ */
+public class UrlAuthorizationRuleTest extends TestCase {
+ /**
+ * Constructs the rule with a result of UNDECIDED. Verifies that an
+ * IllegalArgumentException is thrown.
+ */
+ public void testConstructWithUndecidedResult() {
+ try {
+ new TestAuthorizationRule(UNDECIDED, "users", "/path",
+ ReadOperation.class);
+ fail();
+ } catch (IllegalArgumentException e) {
+ // ok
+ }
+ }
+
+ /**
+ * Constructs the rule with a result of UNSUPPORTED_RESOURCE. Verifies that
+ * an IllegalArgumentException is thrown.
+ */
+ public void testConstructWithUnsupportedResult() {
+ try {
+ new TestAuthorizationRule(UNSUPPORTED_RESOURCE, "users", "/path",
+ ReadOperation.class);
+ fail();
+ } catch (IllegalArgumentException e) {
+ // ok
+ }
+ }
+
+ /**
+ * Constructs the authorization rule and applies it to an unsupported object
+ * type. Verifies that the result is UNSUPPORTED_RESOURCE.
+ */
+ public void testUnsupportedObject() {
+ AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users",
+ "/path", ReadOperation.class);
+ assertEquals(UNSUPPORTED_RESOURCE, rule.isAllowed("hello",
+ new ReadOperation(), new TestUserAccessor().getCurrentUser()));
+ }
+
+ public void testMatchingScenarios() {
+ AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users",
+ "/path/", ReadOperation.class);
+ User user = new TestUserAccessor().getCurrentUser();
+
+ // everything matches
+ assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/a"),
+ new ReadOperation(), user));
+ assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/"),
+ new ReadOperation(), user));
+
+ // path does not match.
+ assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path"),
+ new ReadOperation(), user));
+
+ // operation does not match.
+ assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path/"),
+ new WriteOperation(), user));
+
+ // group does not match.
+ AuthorizationRule rule2 = new TestAuthorizationRule(GRANTED, "users2",
+ "/path/", ReadOperation.class);
+ assertEquals(UNDECIDED, rule2.isAllowed(new TestResource("/path/a"),
+ new ReadOperation(), user));
+ }
+}