*/
package org.wamblee.security.authorization;
+import static org.wamblee.security.authorization.AuthorizationResult.*;
import junit.framework.TestCase;
-import static org.wamblee.security.authorization.AuthorizationResult.DENIED;
-import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
-import org.wamblee.usermgt.UserAccessor;
+import org.wamblee.security.authentication.UserAccessor;
+import org.wamblee.security.authentication.UserAdministration;
/**
* Tests the authorization service.
* @author Erik Brakkee
*/
public class AuthorizationServiceTest extends TestCase {
- private AuthorizationRule rule1;
+ private AbstractAuthorizationRule rule1;
- private AuthorizationRule rule2;
+ private AbstractAuthorizationRule rule2;
- private AuthorizationRule rule3;
+ private AbstractAuthorizationRule rule3;
private AuthorizationService service;
+ private TestUserAccessor userAccessor;
+
+
protected AuthorizationService getService() {
return service;
}
protected void setUp() throws Exception {
super.setUp();
+ userAccessor = new TestUserAccessor();
+
rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
service.appendRule(rule1);
service.appendRule(rule2);
service.appendRule(rule3);
+ checkRuleCount(3);
}
protected void resetTestRules() {
((TestAuthorizationRule) rule3).reset();
}
- protected UserAccessor createUserAccessor() {
- return new TestUserAccessor();
+ protected UserAccessor getUserAccessor() {
+ return userAccessor;
+ }
+
+ protected UserAdministration getUserAdministration() {
+ return userAccessor.getUserAdmin();
}
/**
* @return Authorization service.
*/
protected AuthorizationService createService() {
- DefaultAuthorizationService service = new DefaultAuthorizationService();
- service.setUserAccessor(createUserAccessor());
-
- return service;
+ DefaultAuthorizationService svc = new DefaultAuthorizationService();
+ svc.setUserAccessor(getUserAccessor());
+ svc.setUserAdministration(getUserAdministration());
+ return svc;
}
- protected AuthorizationRule createRule(AuthorizationResult aResult,
+ protected AbstractAuthorizationRule createRule(AuthorizationResult aResult,
String aGroup, String aPath, Class<? extends Operation> aOperation) {
return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation);
}
protected void checkMatchCount(int aCount, AuthorizationRule aRule) {
- assertEquals(aCount, ((TestAuthorizationRule) aRule).getMatchCount());
+ TestAuthorizationRule testRule = (TestAuthorizationRule) aRule;
+ assertEquals(aCount, testRule.getMatchCount());
+ testRule.reset();
}
protected Object createResource(String aPath) {
public void testFirstRuleGrants() {
assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
new ReadOperation()));
- checkMatchCount(1, rule1);
+ checkMatchCount(1, service.getRules()[0]);
assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
new WriteOperation()));
- checkMatchCount(2, rule1);
+ checkMatchCount(1, service.getRules()[0]);
assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
new DeleteOperation()));
- checkMatchCount(3, rule1);
+ checkMatchCount(1, service.getRules()[0]);
assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
new CreateOperation()));
- checkMatchCount(4, rule1);
- checkMatchCount(0, rule2);
- checkMatchCount(0, rule3);
+ checkMatchCount(1, service.getRules()[0]);
+ checkMatchCount(0, service.getRules()[1]);
+ checkMatchCount(0, service.getRules()[2]);
}
/**
public void testSecondRuleDenies() {
assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"),
new ReadOperation()));
- checkMatchCount(0, rule1);
- checkMatchCount(1, rule2);
- checkMatchCount(0, rule3);
+ checkMatchCount(0, service.getRules()[0]);
+ checkMatchCount(1, service.getRules()[1]);
+ checkMatchCount(0, service.getRules()[2]);
}
/**
public void testThirdRuleGrants() {
assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"),
new WriteOperation()));
- checkMatchCount(0, rule1);
- checkMatchCount(0, rule2);
- checkMatchCount(1, rule3);
+ checkMatchCount(0, service.getRules()[0]);
+ checkMatchCount(0, service.getRules()[1]);
+ checkMatchCount(1, service.getRules()[2]);
}
/**
public void testNoRulesSupportResource() {
assertFalse(service.isAllowed(createResource("/xyxyxyxy"),
new ReadOperation()));
- checkMatchCount(0, rule1);
- checkMatchCount(0, rule2);
- checkMatchCount(0, rule3);
+ checkMatchCount(0, service.getRules()[0]);
+ checkMatchCount(0, service.getRules()[1]);
+ checkMatchCount(0, service.getRules()[2]);
}
}