Removed SpringTestCase and SpringConfigFiles and subclasses.
[utils] / security / src / test / java / org / wamblee / security / authorization / AuthorizationServiceTest.java
1 /*
2  * Copyright 2005 the original author or authors.
3  * 
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  * 
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  * 
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */ 
16
17 package org.wamblee.security.authorization;
18
19 import static org.wamblee.security.authorization.AuthorizationResult.DENIED;
20 import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
21 import junit.framework.TestCase;
22
23 import org.wamblee.persistence.hibernate.HibernateMappingFiles;
24 import org.wamblee.test.spring.SpringTestCase;
25 import org.wamblee.test.spring.SpringConfigFiles;
26 import org.wamblee.usermgt.UserAccessor;
27
28 /**
29  * Tests the authorization service. 
30  *
31  * @author Erik Brakkee
32  */
33 public class AuthorizationServiceTest extends TestCase {
34     
35     private AuthorizationRule _rule1; 
36     private AuthorizationRule _rule2;  
37     private AuthorizationRule _rule3; 
38     private AuthorizationService _service; 
39     
40     protected AuthorizationService getService() { 
41         return _service; 
42     }
43     
44     /* (non-Javadoc)
45      * @see junit.framework.TestCase#setUp()
46      */
47     @Override
48     protected void setUp() throws Exception {
49         super.setUp();
50         
51         _rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); 
52         _rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); 
53         _rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
54         
55         _service = createService(); 
56         _service.appendRule(_rule1); 
57         _service.appendRule(_rule2);
58         _service.appendRule(_rule3);
59     }
60     
61     protected void resetTestRules() { 
62         ((TestAuthorizationRule)_rule1).reset(); 
63         ((TestAuthorizationRule)_rule2).reset(); 
64         ((TestAuthorizationRule)_rule3).reset(); 
65     }
66     
67     protected UserAccessor createUserAccessor() { 
68         return new TestUserAccessor(); 
69     }
70
71     /**
72      * Creates an authorization service with some rules for testing. . 
73      * @return Authorization service. 
74      */
75     protected AuthorizationService createService() {
76         DefaultAuthorizationService service = new DefaultAuthorizationService() ;
77         service.setUserAccessor(createUserAccessor());
78         return service;
79     }
80     
81     protected AuthorizationRule createRule(AuthorizationResult aResult, String aGroup, String aPath, Class<? extends Operation> aOperation) { 
82         return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation);
83     }
84     
85     protected void checkMatchCount(int aCount, AuthorizationRule aRule) { 
86         assertEquals( aCount,  ((TestAuthorizationRule)aRule).getMatchCount()); 
87     }
88     
89     protected Object createResource(String aPath) { 
90         return new TestResource(aPath);
91     }
92     
93     protected void checkRuleCount(int aCount) { 
94         // Empty
95     }
96     
97     /**
98      * Several checks to verify the outcome of matching against the first rule. 
99      *
100      */
101     public void testFirstRuleGrants() { 
102         assertTrue( _service.isAllowed(createResource("/oni/xyz.jpg"), new ReadOperation())); 
103         checkMatchCount(1, _rule1);
104         assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new WriteOperation())); 
105         checkMatchCount(2, _rule1);
106         assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new DeleteOperation())); 
107         checkMatchCount(3, _rule1);
108         assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new CreateOperation())); 
109         checkMatchCount(4, _rule1);
110         checkMatchCount(0, _rule2);
111         checkMatchCount(0, _rule3);
112     }
113     
114     /**
115      * Verify that a match with the second rule leads to a denial of authorization. 
116      *
117      */
118     public void testSecondRuleDenies() {
119         assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new ReadOperation())); 
120         checkMatchCount(0, _rule1);
121         checkMatchCount(1, _rule2);
122         checkMatchCount(0, _rule3);
123     }
124     
125     /**
126      * Verifies that the third rule is used when appropriate and that it grants access. 
127      *
128      */
129     public void testThirdRuleGrants() { 
130         assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); 
131         checkMatchCount(0, _rule1); 
132         checkMatchCount(0, _rule2);
133         checkMatchCount(1, _rule3); 
134     }
135     
136     /**
137      * Removes a rule and checks it is removed. 
138      *
139      */
140     public void testRemoveRule() { 
141         checkRuleCount(3);
142         assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); 
143         _service.removeRule(2); 
144         assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
145         checkRuleCount(2);
146     }
147     
148     /**
149      * Inserts a rule and checks it is inserted. 
150      *
151      */
152     public void testInsertRule() {
153         checkRuleCount(3);
154         assertFalse(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));     
155         _service.appendRule(createRule(GRANTED, "users", "/janse/", WriteOperation.class));
156         assertTrue(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));
157         checkRuleCount(4);
158             
159     }
160    
161     /**
162      * Gets the rules. Verifies that all rules are obtained. 
163      *
164      */
165     public void testGetRules() { 
166         AuthorizationRule[] rules = _service.getRules();
167         assertEquals(3, rules.length); 
168     }
169     
170     /**
171      * Verifies that when no rules match, access is denied. 
172      *
173      */
174     public void testNoRulesSupportResource() { 
175         assertFalse(_service.isAllowed(createResource("/xyxyxyxy"), new ReadOperation()));
176         checkMatchCount(0, _rule1); 
177         checkMatchCount(0, _rule2);
178         checkMatchCount(0, _rule3); 
179     }
180 }